Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 441
Alerts This Week
Warning Icon 1 441

SUSE: 2022:2441-1 Important: Bci/Python Use-After-Free Security Update

suse
Calendar Grey October 2, 2022
Dist Suse Esm H88
Crucial security enhancement for bci/python module tackling CVE-2022-40674, featuring necessary package modifications.
The container bci/python was updated

Summary

Advisory ID: SUSE-SU-2022:3489-1 Released: Sat Oct 1 13:35:24 2022 Summary: Security update for expat Type: security Severity: important

References

References : 1203438 CVE-2022-40674

1203438,CVE-2022-40674

This update for expat fixes the following issues:

- CVE-2022-40674: Fixed use-after-free in the doContent function in xmlparse.c (bsc#1203438).

The following package changes have been done:

- libexpat1-2.4.4-150400.3.9.1 updated

- aaa_base-84.87+git20180409.04c9dae-3.57.1 removed

- bash-4.4-150400.25.22 removed

- bash-sh-4.4-150400.25.22 removed

- ca-certificates-2+git20210309.21162a6-2.1 removed

- coreutils-8.32-150400.7.5 removed

- cpio-2.13-150400.1.98 removed

- cracklib-2.9.7-11.6.1 removed

- cracklib-dict-small-2.9.7-11.6.1 removed

- crypto-policies-20210917.c9d86d1-150400.1.7 removed

- curl-7.79.1-150400.5.6.1 removed

- diffutils-3.6-4.3.1 removed

- file-magic-5.32-7.14.1 removed

Severity
important
Lowest
Low
Medium
High
Critical

Container Advisory ID : SUSE-CU-2022:2441-1
Container Tags : bci/python:3 , bci/python:3.6 , bci/python:3.6-28.40
Container Release : 28.40
Severity : important
Type : security

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.