SUSE Container Toolbox: 2023:1387-1 Moderate: Fixes for DoS Issues
suse
April 30, 2023
The container suse/sle-micro/5.1/toolbox was updated
Summary
Advisory ID: SUSE-SU-2023:2070-1 Released: Fri Apr 28 13:56:33 2023 Summary: Security update for shadow Type: security Severity: moderate Advisory ID: SUSE-SU-2023:2074-1 Released: Fri Apr 28 17:02:25 2023 Summary: Security update for zstd Type: security Severity: moderate Advisory ID: SUSE-SU-2023:2076-1 Released: Fri Apr 28 17:35:05 2023 Summary: Security update for glib2 Type: security
Topics Covered
References
References : 1209533 1209713 1209714 1210135 1210507 CVE-2022-4899 CVE-2023-24593
CVE-2023-25180 CVE-2023-29383
1210507,CVE-2023-29383
This update for shadow fixes the following issues:
- CVE-2023-29383: Fixed apparent /etc/shadow manipulation via chfn (bsc#1210507).
1209533,CVE-2022-4899
This update for zstd fixes the following issues:
- CVE-2022-4899: Fixed buffer overrun in util.c (bsc#1209533).
1209713,1209714,1210135,CVE-2023-24593,CVE-2023-25180
This update for glib2 fixes the following issues:
- CVE-2023-24593: Fixed a denial of service caused by handling a malicious text-form variant (bsc#1209714).
- CVE-2023-25180: Fixed a denial of service caused by malicious serialised variant (bsc#1209713).
The following non-security bug was fixed:
PREVIOUS
NEXT
Container Advisory ID : SUSE-CU-2023:1387-1
Container Tags : suse/sle-micro/5.1/toolbox:12.1 , suse/sle-micro/5.1/toolbox:12.1-2.2.382 , suse/sle-micro/5.1/toolbox:latest
Container Release : 2.2.382
Severity : moderate
Type : security
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!