Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 568
Alerts This Week
Warning Icon 1 568

SUSE: 2021:555-1 Moderate Severity: Keyutils and aaa_base Security Update

suse
Calendar Grey December 4, 2021
Dist Suse Esm H88
Routine security enhancement for suse/sle15 tackling several vulnerabilities, with particular attention to keyutils and aaa_base package corrections.
The container suse/sle15 was updated

Summary

Advisory ID: SUSE-RU-2021:3891-1 Released: Fri Dec 3 10:21:49 2021 Summary: Recommended update for keyutils Type: recommended Severity: moderate Advisory ID: SUSE-SU-2021:3899-1 Released: Fri Dec 3 11:27:41 2021 Summary: Security update for aaa_base Type: security Severity: moderate

References

References : 1029961 1113013 1162581 1174504 1187654 1191563 1192248

1029961,1113013,1187654

This update for keyutils fixes the following issues:

- Add /etc/keys/ and /usr/etc/keys/ directory (bsc#1187654)

keyutils was updated to 1.6.3 (jsc#SLE-20016):

* Revert the change notifications that were using /dev/watch_queue.

* Apply the change notifications that use pipe2(O_NOTIFICATION_PIPE).

* Allow 'keyctl supports' to retrieve raw capability data.

* Allow 'keyctl id' to turn a symbolic key ID into a numeric ID.

* Allow 'keyctl new_session' to name the keyring.

* Allow 'keyctl add/padd/etc.' to take hex-encoded data.

* Add 'keyctl watch*' to expose kernel change notifications on keys.

* Add caps for namespacing and notifications.

* Set a default TTL on keys that upcall for name resolution.

Container Advisory ID : SUSE-CU-2021:555-1
Container Tags : suse/sle15:15.0 , suse/sle15:15.0.4.22.484
Container Release : 4.22.484
Severity : moderate
Type : security

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.