SUSE: 2022:2764-1 bci/python Security Update | LinuxSecurity.com

What Are You Looking For?

Popular Tags

Contribute
SUSE Container Update Advisory: bci/python
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2022:2764-1
Container Tags        : bci/python:3 , bci/python:3.10 , bci/python:3.10-7.11 , bci/python:latest
Container Release     : 7.11
Severity              : critical
Type                  : security
References            : 1194047 1203911 1204383 1204386 1204690 CVE-2021-46848 CVE-2022-32221
                        CVE-2022-42916 
-----------------------------------------------------------------

The container bci/python was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3784-1
Released:    Wed Oct 26 18:03:28 2022
Summary:     Security update for libtasn1
Type:        security
Severity:    critical
References:  1204690,CVE-2021-46848
This update for libtasn1 fixes the following issues:

- CVE-2021-46848: Fixed off-by-one array size check that affects asn1_encode_simple_der (bsc#1204690)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3785-1
Released:    Wed Oct 26 20:20:19 2022
Summary:     Security update for curl
Type:        security
Severity:    important
References:  1204383,1204386,CVE-2022-32221,CVE-2022-42916
This update for curl fixes the following issues:

  - CVE-2022-32221: Fixed POST following PUT confusion (bsc#1204383).
  - CVE-2022-42916: Fixed HSTS bypass via IDN (bsc#1204386).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3787-1
Released:    Thu Oct 27 04:41:09 2022
Summary:     Recommended update for permissions
Type:        recommended
Severity:    important
References:  1194047,1203911
This update for permissions fixes the following issues:

- Fix regression introduced by backport of security fix (bsc#1203911)
- Add permissions for enlightenment helper on 32bit arches (bsc#1194047)


The following package changes have been done:

- libcurl4-7.79.1-150400.5.9.1 updated
- permissions-20201225-150400.5.16.1 updated
- libtasn1-6-4.13-150000.4.8.1 updated
- libtasn1-4.13-150000.4.8.1 updated
- curl-7.79.1-150400.5.9.1 updated
- container:sles15-image-15.0.0-27.14.8 updated

SUSE: 2022:2764-1 bci/python Security Update

October 28, 2022
The container bci/python was updated

Summary

Advisory ID: SUSE-SU-2022:3784-1 Released: Wed Oct 26 18:03:28 2022 Summary: Security update for libtasn1 Type: security Severity: critical Advisory ID: SUSE-SU-2022:3785-1 Released: Wed Oct 26 20:20:19 2022 Summary: Security update for curl Type: security Severity: important Advisory ID: SUSE-RU-2022:3787-1 Released: Thu Oct 27 04:41:09 2022 Summary: Recommended update for permissions Type: recommended Severity: important

References

References : 1194047 1203911 1204383 1204386 1204690 CVE-2021-46848 CVE-2022-32221

CVE-2022-42916

1204690,CVE-2021-46848

This update for libtasn1 fixes the following issues:

- CVE-2021-46848: Fixed off-by-one array size check that affects asn1_encode_simple_der (bsc#1204690)

1204383,1204386,CVE-2022-32221,CVE-2022-42916

This update for curl fixes the following issues:

- CVE-2022-32221: Fixed POST following PUT confusion (bsc#1204383).

- CVE-2022-42916: Fixed HSTS bypass via IDN (bsc#1204386).

1194047,1203911

This update for permissions fixes the following issues:

- Fix regression introduced by backport of security fix (bsc#1203911)

- Add permissions for enlightenment helper on 32bit arches (bsc#1194047)

The following package changes have been done:

- libcurl4-7.79.1-150400.5.9.1 updated

- permissions-20201225-150400.5.16.1 updated

- libtasn1-6-4.13-150000.4.8.1 updated

- libtasn1-4.13-150000.4.8.1 updated

- curl-7.79.1-150400.5.9.1 updated

- container:sles15-image-15.0.0-27.14.8 updated

Severity
Container Advisory ID : SUSE-CU-2022:2764-1
Container Tags : bci/python:3 , bci/python:3.10 , bci/python:3.10-7.11 , bci/python:latest
Container Release : 7.11
Severity : critical
Type : security

Related News

Iron Tiger Hackers Create Linux Version of Their Custom Malware

Linux Support Expands Cyber Spy Group's Arsenal

The Open Source Firewall – IPFire 2.27 – Core Update 173 Released: What’s New?

IPFire Hardened Linux Firewall Distro Is Now Powered by Linux Kernel 6.1 LTS

News

Advisories

HOWTOs

Features

Best Linux Backup Solutions to Prevent Data Loss in A Ransomware Attack
ManageEngine Vulnerability Manager Plus: How To Protect Your Enterprise from Security Vulnerabilities
High-Impact DoS, Arbitrary Code Execution, Spoofing Bugs Fixed in Thunderbird 102.9.0
A Guide to Business Cybersecurity: Common Digital Attacks and Precautions
New Linux IceFire Ransomware Variant Discovered: What You Need to Know to Secure Your Systems

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy