Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

SUSE: 2022:4607-1 Moderate: Conmon Service Security Update

suse
Calendar Grey December 22, 2022
Dist Suse Esm H88
SUSE has released a security update that addresses a significant vulnerability in conmon. Ensure your system is updated promptly!
An update that fixes one vulnerability is now available

Summary

This update for conmon fixes the following issues: conmon was updated to version 2.1.5: * don't leak syslog_identifier * logging: do not read more that the buf size * logging: fix error handling * Makefile: Fix install for FreeBSD * signal: Track changes to get_signal_descriptor in the FreeBSD version * Packit: initial enablement Update to version 2.1.4: * Fix a bug where conmon crashed when it got a SIGCHLD update to 2.1.3: * Stop using g_unix_signal_add() to avoid threads * Rename CLI optionlog-size-global-max to log-global-size-max Update to version 2.1.2: * add log-global-size-max option to limit the total output conmon processes (CVE-2022-1708 bsc#1200285) * journald: print tag and name if both are specified * drop some logs to debug level Update to version 2.1.0 * logging: buffer partial messages to journald

Topics%20covered

Topics Covered

security advisory software update moderate severity SUSE Linux Enterprise conmon service

References

#1200285

Cross- CVE-2022-1708

CVSS scores:

CVE-2022-1708 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVE-2022-1708 (SUSE): 6.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H

Affected Products:

SUSE Enterprise Storage 7.1

SUSE Linux Enterprise High Performance Computing 15-SP3

SUSE Linux Enterprise Micro 5.1

SUSE Linux Enterprise Micro 5.2

SUSE Linux Enterprise Module for Containers 15-SP3

SUSE Linux Enterprise Server 15-SP3

SUSE Linux Enterprise Server for SAP Applications 15-SP3

SUSE Manager Proxy 4.2

SUSE Manager Retail Branch Server 4.2

SUSE Manager Server 4.2

openSUSE Leap 15.3

openSUSE Leap Micro 5.2

https://www.suse.com/security/cve/CVE-2022-1708.html

https://bugzilla.suse.com/1200285

Announcement ID: SUSE-SU-2022:4607-1
Rating: moderate

Topics%20covered

Topics Covered

security advisory software update moderate severity SUSE Linux Enterprise conmon service

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here