Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 488
Alerts This Week
Warning Icon 1 488

SUSE Security Update: 2023:2401-2 Addresses Critical Vulnerabilities

suse
Calendar Grey July 30, 2022
Scroller Suse
SUSE Software Maintenance Bulletin presents essential fixes for suse/pcp, providing crucial security enhancements for openssl and libcurl.
The container suse/pcp was updated

Summary

Advisory ID: SUSE-SU-2022:2552-1 Released: Tue Jul 26 14:55:40 2022 Summary: Security update for libxml2 Type: security Severity: important Advisory ID: SUSE-SU-2022:2595-1 Released: Fri Jul 29 16:00:42 2022 Summary: Security update for mozilla-nss Type: security Severity: important

References

References : 1192079 1192080 1192086 1192087 1192228 1196490 1198486 1199132

1200027 CVE-2022-23308 CVE-2022-29824 CVE-2022-31741

1196490,1199132,CVE-2022-23308,CVE-2022-29824

This update for libxml2 fixes the following issues:

Update to 2.9.14:

- CVE-2022-29824: Fixed integer overflow that could have led to an out-of-bounds write in buf.c (xmlBuf*) and tree.c (xmlBuffer*) (bsc#1199132).

Update to version 2.9.13:

- CVE-2022-23308: Fixed a use-after-free of ID and IDREF attributes. (bsc#1196490)

1192079,1192080,1192086,1192087,1192228,1198486,1200027,CVE-2022-31741

This update for mozilla-nss fixes the following issues:

Various FIPS 140-3 related fixes were backported from SUSE Linux Enterprise 15 SP4:

- Makes the PBKDF known answer test compliant with NIST SP800-132. (bsc#1192079).

Severity
important
Lowest
Low
Medium
High
Critical

Container Advisory ID : SUSE-CU-2022:1711-1
Container Tags : suse/pcp:5 , suse/pcp:5.2 , suse/pcp:5.2.2 , suse/pcp:5.2.2-8.6 , suse/pcp:latest
Container Release : 8.6
Severity : important
Type : security

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.