SUSE: 2020:705-1 Important: ses/7 csi-provisioner Denial of Service
suse
November 26, 2020
Summary
Advisory ID: SUSE-RU-2020:3290-1 Released: Wed Nov 11 12:25:32 2020 Summary: Recommended update for findutils Type: recommended Severity: moderate Advisory ID: SUSE-SU-2020:3313-1 Released: Thu Nov 12 16:07:37 2020 Summary: Security update for openldap2 Type: security Severity: important Advisory ID: SUSE-SU-2020:3377-1 Released: Thu Nov 19 09:29:32 2020
Topics Covered
References
References : 1174232 1174593 1177458 1177490 1177510 1177858 1178387 1178512
1178727 CVE-2020-25692 CVE-2020-28196
1174232
This update for findutils fixes the following issues:
- Do not unconditionally use leaf optimization for NFS. (bsc#1174232)
NFS st_nlink are not accurate on all implementations, leading to aborts() if that assumption is made.
1178387,CVE-2020-25692
This update for openldap2 fixes the following issues:
- CVE-2020-25692: Fixed an unauthenticated remote denial of service due to incorrect validation of modrdn equality rules (bsc#1178387).
1178512,CVE-2020-28196
This update for krb5 fixes the following security issue:
- CVE-2020-28196: Fixed an unbounded recursion via an ASN.1-encoded Kerberos message (bsc#1178512).
1177458,1177490,1177510
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Container Advisory ID : SUSE-CU-2020:705-1
Container Tags : ses/7/cephcsi/csi-provisioner:v1.6.0 , ses/7/cephcsi/csi-provisioner:v1.6.0-rev1 , ses/7/cephcsi/csi-provisioner:v1.6.0-rev1-build3.95
Container Release : 3.95
Severity : important
Type : security
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!