SUSE: 2022:2972-1 Important: Expat Security Fix in SLE Micro Toolbox
suse
November 12, 2022
The container suse/sle-micro/5.2/toolbox was updated
Summary
Advisory ID: SUSE-RU-2022:3905-1 Released: Tue Nov 8 12:23:17 2022 Summary: Recommended update for aaa_base Type: recommended Severity: important Advisory ID: SUSE-SU-2022:3912-1 Released: Tue Nov 8 13:38:11 2022 Summary: Security update for expat Type: security Severity: important
Topics Covered
References
References : 1196840 1199492 1199918 1199926 1199927 1204708 CVE-2022-43680
1196840,1199492,1199918,1199926,1199927
This update for aaa_base and iputils fixes the following issues:
aaa_base:
- Failures in ping for SUSE Linux Enterprise 15 and 15 SP1 due to sysctl setting for ping_group_range (bsc#1199926, bsc#1199927)
- The wrapper rootsh is not a restricted shell (bsc#1199492)
iputils:
- Fix device binding on ping6 for ICMP datagram socket. (bsc#1196840, bsc#1199918, bsc#1199926, bsc#1199927)
1204708,CVE-2022-43680
This update for expat fixes the following issues:
- CVE-2022-43680: Fixed use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate (bsc#1204708).
The following package changes have been done:
- iputils-s20161105-150000.8.6.1 updated
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Container Advisory ID : SUSE-CU-2022:2972-1
Container Tags : suse/sle-micro/5.2/toolbox:11.1 , suse/sle-micro/5.2/toolbox:11.1-6.2.131 , suse/sle-micro/5.2/toolbox:latest
Container Release : 6.2.131
Severity : important
Type : security
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!