SUSE Container Update: Trento 0.9.0 Important Denial Of Service Fix
suse
March 1, 2022
The container trento/trento-web was updated
Summary
Advisory ID: SUSE-SU-2019:926-1 Released: Wed Apr 10 16:33:12 2019 Summary: Security update for tar Type: security Severity: moderate Advisory ID: SUSE-SU-2021:974-1 Released: Mon Mar 29 19:31:27 2021 Summary: Security update for tar Type: security Severity: low Advisory ID: SUSE-RU-2021:2193-1 Released: Mon Jun 28 18:38:43 2021 Summary: Recommended update for tar Type: recommended Severity: moderate
Topics Covered
References
References : 1120610 1130496 1181131 1184124 CVE-2018-20482 CVE-2019-9923
CVE-2021-20193
1120610,1130496,CVE-2018-20482,CVE-2019-9923
This update for tar fixes the following issues:
Security issues fixed:
- CVE-2019-9923: Fixed a denial of service while parsing certain archives with malformed extended headers in pax_decode_header() (bsc#1130496).
- CVE-2018-20482: Fixed a denial of service when the '--sparse' option mishandles file shrinkage during read access (bsc#1120610).
1181131,CVE-2021-20193
This update for tar fixes the following issues:
CVE-2021-20193: Memory leak in read_header() in list.c (bsc#1181131)
1184124
This update for tar fixes the following issues:
- Link '/var/lib/tests/tar/bin/genfile' as Position-Independent Executable (bsc#1184124)
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Container Advisory ID : SUSE-CU-2022:240-1
Container Tags : trento/trento-web:0.9.0 , trento/trento-web:0.9.0-rev1.0.1 , trento/trento-web:0.9.0-rev1.0.1-build3.2.2 , trento/trento-web:latest
Container Release : 3.2.2
Severity : important
Type : security
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!