SUSE: 2022:2776-1 suse/sle-micro/5.2/toolbox Security Update | Linu...

What Are You Looking For?

Popular Tags

Sign Up
SUSE Container Update Advisory: suse/sle-micro/5.2/toolbox
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2022:2776-1
Container Tags        : suse/sle-micro/5.2/toolbox:11.1 , suse/sle-micro/5.2/toolbox:11.1-6.2.124 , suse/sle-micro/5.2/toolbox:latest
Container Release     : 6.2.124
Severity              : important
Type                  : security
References            : 1087072 1204111 1204112 1204113 CVE-2022-42010 CVE-2022-42011
                        CVE-2022-42012 
-----------------------------------------------------------------

The container suse/sle-micro/5.2/toolbox was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3805-1
Released:    Thu Oct 27 17:19:46 2022
Summary:     Security update for dbus-1
Type:        security
Severity:    important
References:  1087072,1204111,1204112,1204113,CVE-2022-42010,CVE-2022-42011,CVE-2022-42012
This update for dbus-1 fixes the following issues:

  - CVE-2022-42010: Fixed potential crash that could be triggered by an invalid signature (bsc#1204111).
  - CVE-2022-42011: Fixed an out of bounds read caused by a fixed length array (bsc#1204112).
  - CVE-2022-42012: Fixed a use-after-free that could be trigged by a message in non-native endianness with out-of-band Unix file descriptor (bsc#1204113).

  Bugfixes:

  - Disable asserts (bsc#1087072).



The following package changes have been done:

- dbus-1-1.12.2-150100.8.14.1 updated
- libdbus-1-3-1.12.2-150100.8.14.1 updated

SUSE: 2022:2776-1 suse/sle-micro/5.2/toolbox Security Update

October 29, 2022
The container suse/sle-micro/5.2/toolbox was updated

Summary

Advisory ID: SUSE-SU-2022:3805-1 Released: Thu Oct 27 17:19:46 2022 Summary: Security update for dbus-1 Type: security Severity: important

References

References : 1087072 1204111 1204112 1204113 CVE-2022-42010 CVE-2022-42011

CVE-2022-42012

1087072,1204111,1204112,1204113,CVE-2022-42010,CVE-2022-42011,CVE-2022-42012

This update for dbus-1 fixes the following issues:

- CVE-2022-42010: Fixed potential crash that could be triggered by an invalid signature (bsc#1204111).

- CVE-2022-42011: Fixed an out of bounds read caused by a fixed length array (bsc#1204112).

- CVE-2022-42012: Fixed a use-after-free that could be trigged by a message in non-native endianness with out-of-band Unix file descriptor (bsc#1204113).

Bugfixes:

- Disable asserts (bsc#1087072).

The following package changes have been done:

- dbus-1-1.12.2-150100.8.14.1 updated

- libdbus-1-3-1.12.2-150100.8.14.1 updated

Severity
Container Advisory ID : SUSE-CU-2022:2776-1
Container Tags : suse/sle-micro/5.2/toolbox:11.1 , suse/sle-micro/5.2/toolbox:11.1-6.2.124 , suse/sle-micro/5.2/toolbox:latest
Container Release : 6.2.124
Severity : important
Type : security

Related News

Important runC Privilege Escalation Flaws Fixed

New Patches Aim To Tackle Linux x86_64 PIE Support

What eBPF Means for Container Threat Detection

Kubernetes Architecture and its Security

News

Advisories

HOWTOs

Features

Is Linux A More Secure Option Than Windows For Businesses?
How Secure Is Linux?
How To Secure Against WordPress Vulnerabilities with Predictive Analysis Detection & Automated Remediation
Best Practices for PHP Security
Why Cloud Linux Is Beneficial for E-Commerce Stores

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy