SUSE: 2022:2759-1 bci/bci-init Security Update | LinuxSecurity.com

What Are You Looking For?

Popular Tags

Sign Up
SUSE Container Update Advisory: bci/bci-init
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2022:2759-1
Container Tags        : bci/bci-init:15.4 , bci/bci-init:15.4.24.14 , bci/bci-init:latest
Container Release     : 24.14
Severity              : important
Type                  : security
References            : 1087072 1204111 1204112 1204113 CVE-2022-42010 CVE-2022-42011
                        CVE-2022-42012 
-----------------------------------------------------------------

The container bci/bci-init was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3806-1
Released:    Thu Oct 27 17:21:11 2022
Summary:     Security update for dbus-1
Type:        security
Severity:    important
References:  1087072,1204111,1204112,1204113,CVE-2022-42010,CVE-2022-42011,CVE-2022-42012
This update for dbus-1 fixes the following issues:

  - CVE-2022-42010: Fixed potential crash that could be triggered by an invalid signature (bsc#1204111).
  - CVE-2022-42011: Fixed an out of bounds read caused by a fixed length array (bsc#1204112).
  - CVE-2022-42012: Fixed a use-after-free that could be trigged by a message in non-native endianness with out-of-band Unix file descriptor (bsc#1204113).

  Bugfixes:

  - Disable asserts (bsc#1087072).



The following package changes have been done:

- libdbus-1-3-1.12.2-150400.18.5.1 updated
- dbus-1-1.12.2-150400.18.5.1 updated

SUSE: 2022:2759-1 bci/bci-init Security Update

October 28, 2022
The container bci/bci-init was updated

Summary

Advisory ID: SUSE-SU-2022:3806-1 Released: Thu Oct 27 17:21:11 2022 Summary: Security update for dbus-1 Type: security Severity: important

References

References : 1087072 1204111 1204112 1204113 CVE-2022-42010 CVE-2022-42011

CVE-2022-42012

1087072,1204111,1204112,1204113,CVE-2022-42010,CVE-2022-42011,CVE-2022-42012

This update for dbus-1 fixes the following issues:

- CVE-2022-42010: Fixed potential crash that could be triggered by an invalid signature (bsc#1204111).

- CVE-2022-42011: Fixed an out of bounds read caused by a fixed length array (bsc#1204112).

- CVE-2022-42012: Fixed a use-after-free that could be trigged by a message in non-native endianness with out-of-band Unix file descriptor (bsc#1204113).

Bugfixes:

- Disable asserts (bsc#1087072).

The following package changes have been done:

- libdbus-1-3-1.12.2-150400.18.5.1 updated

- dbus-1-1.12.2-150400.18.5.1 updated

Severity
Container Advisory ID : SUSE-CU-2022:2759-1
Container Tags : bci/bci-init:15.4 , bci/bci-init:15.4.24.14 , bci/bci-init:latest
Container Release : 24.14
Severity : important
Type : security

Related News

GitHub Publishes RSA SSH Host Keys by Mistake, Issues Update

Tails 5.11 Amnesic Incognito Live System Switches to ZRam and Linux Kernel 6.1 LTS

Iron Tiger Hackers Create Linux Version of Their Custom Malware

Linux Support Expands Cyber Spy Group's Arsenal

News

Advisories

HOWTOs

Features

Interview with Guardian Digital CEO Dave Wreski: Open Source Utilization in Email Security Solutions & More
Verifying Linux Server Security: What Every Admin Needs to Know
What Linux, Windows & Mac OS Users Need to Know About VPNs
Complete Guide to Vulnerability Basics
How To Get Live Updates on Critical Linux Security Advisories

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy