SUSE: 2022:2270-1 suse/sles/15.4/cdi-uploadserver Security Update |...

What Are You Looking For?

Popular Tags

Contribute
SUSE Container Update Advisory: suse/sles/15.4/cdi-uploadserver
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2022:2270-1
Container Tags        : suse/sles/15.4/cdi-uploadserver:1.43.0 , suse/sles/15.4/cdi-uploadserver:1.43.0-150400.2.4 , suse/sles/15.4/cdi-uploadserver:1.43.0.16.26
Container Release     : 16.26
Severity              : important
Type                  : security
References            : 1197178 1198731 1198752 1200800 1202011 1202175 1202310 1202593
                        CVE-2022-35252 CVE-2022-37434 
-----------------------------------------------------------------

The container suse/sles/15.4/cdi-uploadserver was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2929-1
Released:    Mon Aug 29 11:21:47 2022
Summary:     Recommended update for timezone
Type:        recommended
Severity:    important
References:  1202310
This update for timezone fixes the following issue:

- Reflect new Chile DST change (bsc#1202310)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2947-1
Released:    Wed Aug 31 09:16:21 2022
Summary:     Security update for zlib
Type:        security
Severity:    important
References:  1202175,CVE-2022-37434
This update for zlib fixes the following issues:

- CVE-2022-37434: Fixed heap-based buffer over-read or buffer overflow via large gzip header extra field (bsc#1202175).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2977-1
Released:    Thu Sep  1 12:30:19 2022
Summary:     Recommended update for util-linux
Type:        recommended
Severity:    moderate
References:  1197178,1198731
This update for util-linux fixes the following issues:

- agetty: Resolve tty name even if stdin is specified (bsc#1197178)
- libmount: When moving a mount point, update all sub mount entries in utab (bsc#1198731)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3003-1
Released:    Fri Sep  2 15:01:44 2022
Summary:     Security update for curl
Type:        security
Severity:    low
References:  1202593,CVE-2022-35252
This update for curl fixes the following issues:

- CVE-2022-35252: Fixed a potential injection of control characters
  into cookies, which could be exploited by sister sites to cause a
  denial of service (bsc#1202593).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3118-1
Released:    Tue Sep  6 15:43:53 2022
Summary:     Recommended update for lvm2
Type:        recommended
Severity:    moderate
References:  1202011
This update for lvm2 fixes the following issues:

- Do not use udev for device listing or device information (bsc#1202011)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3127-1
Released:    Wed Sep  7 04:36:10 2022
Summary:     Recommended update for libtirpc
Type:        recommended
Severity:    moderate
References:  1198752,1200800
This update for libtirpc fixes the following issues:

- Exclude ipv6 addresses in client protocol version 2 code (bsc#1200800)
- Fix memory leak in params.r_addr assignement (bsc#1198752)


The following package changes have been done:

- libtirpc-netconfig-1.2.6-150300.3.11.1 updated
- libuuid1-2.37.2-150400.8.3.1 updated
- libsmartcols1-2.37.2-150400.8.3.1 updated
- libblkid1-2.37.2-150400.8.3.1 updated
- libfdisk1-2.37.2-150400.8.3.1 updated
- libz1-1.2.11-150000.3.33.1 updated
- libmount1-2.37.2-150400.8.3.1 updated
- libtirpc3-1.2.6-150300.3.11.1 updated
- sles-release-15.5-150500.10.2 updated
- libcurl4-7.79.1-150400.5.6.1 updated
- util-linux-2.37.2-150400.8.3.1 updated
- timezone-2022a-150000.75.10.1 updated
- libdevmapper1_03-1.02.163-150400.17.3.1 updated
- libnettle8-3.8.1-150500.1.4 updated
- libhogweed6-3.8.1-150500.1.4 updated
- libmpath0-0.9.1+52+suse.be8809e-150500.1.1 updated
- container:sles15-image-15.0.0-31.13 updated

SUSE: 2022:2270-1 suse/sles/15.4/cdi-uploadserver Security Update

September 16, 2022
The container suse/sles/15.4/cdi-uploadserver was updated

Summary

Advisory ID: SUSE-RU-2022:2929-1 Released: Mon Aug 29 11:21:47 2022 Summary: Recommended update for timezone Type: recommended Severity: important Advisory ID: SUSE-SU-2022:2947-1 Released: Wed Aug 31 09:16:21 2022 Summary: Security update for zlib Type: security Severity: important Advisory ID: SUSE-RU-2022:2977-1 Released: Thu Sep 1 12:30:19 2022 Summary: Recommended update for util-linux Type: recommended Severity: moderate Advisory ID: SUSE-SU-2022:3003-1 Released: Fri Sep 2 15:01:44 2022 Summary: Security update for curl Type: security Severity: low Advisory ID: SUSE-RU-2022:3118-1 Released: Tue Sep 6 15:43:53 2022 Summary: Recommended update for lvm2 Type: recommended Severity: moderate Advisory ID: SUSE-RU-2022:3127-1 Released: Wed Sep 7 04:36:10 2022 Summary: Recommended update for libtirpc Type: recommended Severity: moderate

References

References : 1197178 1198731 1198752 1200800 1202011 1202175 1202310 1202593

CVE-2022-35252 CVE-2022-37434

1202310

This update for timezone fixes the following issue:

- Reflect new Chile DST change (bsc#1202310)

1202175,CVE-2022-37434

This update for zlib fixes the following issues:

- CVE-2022-37434: Fixed heap-based buffer over-read or buffer overflow via large gzip header extra field (bsc#1202175).

1197178,1198731

This update for util-linux fixes the following issues:

- agetty: Resolve tty name even if stdin is specified (bsc#1197178)

- libmount: When moving a mount point, update all sub mount entries in utab (bsc#1198731)

1202593,CVE-2022-35252

This update for curl fixes the following issues:

- CVE-2022-35252: Fixed a potential injection of control characters

into cookies, which could be exploited by sister sites to cause a

denial of service (bsc#1202593).

1202011

This update for lvm2 fixes the following issues:

- Do not use udev for device listing or device information (bsc#1202011)

1198752,1200800

This update for libtirpc fixes the following issues:

- Exclude ipv6 addresses in client protocol version 2 code (bsc#1200800)

- Fix memory leak in params.r_addr assignement (bsc#1198752)

The following package changes have been done:

- libtirpc-netconfig-1.2.6-150300.3.11.1 updated

- libuuid1-2.37.2-150400.8.3.1 updated

- libsmartcols1-2.37.2-150400.8.3.1 updated

- libblkid1-2.37.2-150400.8.3.1 updated

- libfdisk1-2.37.2-150400.8.3.1 updated

- libz1-1.2.11-150000.3.33.1 updated

- libmount1-2.37.2-150400.8.3.1 updated

- libtirpc3-1.2.6-150300.3.11.1 updated

- sles-release-15.5-150500.10.2 updated

- libcurl4-7.79.1-150400.5.6.1 updated

- util-linux-2.37.2-150400.8.3.1 updated

- timezone-2022a-150000.75.10.1 updated

- libdevmapper1_03-1.02.163-150400.17.3.1 updated

- libnettle8-3.8.1-150500.1.4 updated

- libhogweed6-3.8.1-150500.1.4 updated

- libmpath0-0.9.1+52+suse.be8809e-150500.1.1 updated

- container:sles15-image-15.0.0-31.13 updated

Severity
Container Advisory ID : SUSE-CU-2022:2270-1
Container Tags : suse/sles/15.4/cdi-uploadserver:1.43.0 , suse/sles/15.4/cdi-uploadserver:1.43.0-150400.2.4 , suse/sles/15.4/cdi-uploadserver:1.43.0.16.26
Container Release : 16.26
Severity : important
Type : security

News

Advisories

HOWTOs

Features

Rocky Linux Security Advisories Are Now on LinuxSecurity.com!
Official Guide on Rocky Linux & How to Install It
Business VPNs: Now More Important Than Ever
Linux Log Analysis
Does Linux Need a Firewall & How To Configure the Linux Firewall with firewall-cmd

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy