Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 536
Alerts This Week
Warning Icon 1 536

RHEL: 2022:4567-3 Critical: curl Command Injection Threat

suse
Calendar Grey June 17, 2022
Scroller Suse
The recent update for SUSE Container related to suse/sles12sp3 tackles critical security vulnerabilities, particularly a command injection flaw in openssl.
The container suse/sles12sp3 was updated

Summary

Advisory ID: SUSE-RU-2022:2048-1 Released: Mon Jun 13 09:21:27 2022 Summary: Recommended update for zypper Type: recommended Severity: moderate Advisory ID: SUSE-SU-2022:2098-1 Released: Thu Jun 16 11:16:52 2022 Summary: Security update for openssl Type: security Severity: important

References

References : 1196317 1198139 1199166 CVE-2022-1292

1196317,1198139

This update for zypper fixes the following issues:

- Improve return codes. (bsc#1198139)

- info: Fix SEGV with not installed PTFs. (bsc#1196317)

1199166,CVE-2022-1292

This update for openssl fixes the following issues:

- CVE-2022-1292: Fixed command injection in c_rehash (bsc#1199166).

The following package changes have been done:

- libopenssl1_0_0-1.0.2j-60.80.1 updated

- openssl-1.0.2j-60.80.1 updated

- zypper-1.13.62-21.46.5 updated

Severity
important
Lowest
Low
Medium
High
Critical

Container Advisory ID : SUSE-CU-2022:1329-1
Container Tags : suse/sles12sp3:2.0.2 , suse/sles12sp3:24.402 , suse/sles12sp3:latest
Container Release : 24.402
Severity : important
Type : security

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.