SUSE: 2023:1388-1 suse/sle-micro/5.2/toolbox Security Update | Linu...

What Are You Looking For?

Popular Tags

Sign Up
SUSE Container Update Advisory: suse/sle-micro/5.2/toolbox
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2023:1388-1
Container Tags        : suse/sle-micro/5.2/toolbox:12.1 , suse/sle-micro/5.2/toolbox:12.1-6.2.204 , suse/sle-micro/5.2/toolbox:latest
Container Release     : 6.2.204
Severity              : moderate
Type                  : security
References            : 1209533 1209713 1209714 1210135 1210507 CVE-2022-4899 CVE-2023-24593
                        CVE-2023-25180 CVE-2023-29383 
-----------------------------------------------------------------

The container suse/sle-micro/5.2/toolbox was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2070-1
Released:    Fri Apr 28 13:56:33 2023
Summary:     Security update for shadow
Type:        security
Severity:    moderate
References:  1210507,CVE-2023-29383
This update for shadow fixes the following issues:

- CVE-2023-29383: Fixed apparent /etc/shadow manipulation via chfn (bsc#1210507).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2074-1
Released:    Fri Apr 28 17:02:25 2023
Summary:     Security update for zstd
Type:        security
Severity:    moderate
References:  1209533,CVE-2022-4899
This update for zstd fixes the following issues:

- CVE-2022-4899: Fixed buffer overrun in util.c (bsc#1209533).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2076-1
Released:    Fri Apr 28 17:35:05 2023
Summary:     Security update for glib2
Type:        security
Severity:    moderate
References:  1209713,1209714,1210135,CVE-2023-24593,CVE-2023-25180
This update for glib2 fixes the following issues:

- CVE-2023-24593: Fixed a denial of service caused by handling a malicious text-form variant (bsc#1209714).
- CVE-2023-25180: Fixed a denial of service caused by malicious serialised variant (bsc#1209713).

The following non-security bug was fixed:

- Fixed regression on s390x (bsc#1210135, glgo#GNOME/glib!2978).


The following package changes have been done:

- libglib-2_0-0-2.62.6-150200.3.15.1 updated
- libgmodule-2_0-0-2.62.6-150200.3.15.1 updated
- libzstd1-1.4.4-150000.1.9.1 updated
- login_defs-4.8.1-150300.4.6.1 updated
- shadow-4.8.1-150300.4.6.1 updated
- container:sles15-image-15.0.0-17.20.130 updated

SUSE: 2023:1388-1 suse/sle-micro/5.2/toolbox Security Update

April 30, 2023
The container suse/sle-micro/5.2/toolbox was updated

Summary

Advisory ID: SUSE-SU-2023:2070-1 Released: Fri Apr 28 13:56:33 2023 Summary: Security update for shadow Type: security Severity: moderate Advisory ID: SUSE-SU-2023:2074-1 Released: Fri Apr 28 17:02:25 2023 Summary: Security update for zstd Type: security Severity: moderate Advisory ID: SUSE-SU-2023:2076-1 Released: Fri Apr 28 17:35:05 2023 Summary: Security update for glib2 Type: security Severity: moderate

References

References : 1209533 1209713 1209714 1210135 1210507 CVE-2022-4899 CVE-2023-24593

CVE-2023-25180 CVE-2023-29383

1210507,CVE-2023-29383

This update for shadow fixes the following issues:

- CVE-2023-29383: Fixed apparent /etc/shadow manipulation via chfn (bsc#1210507).

1209533,CVE-2022-4899

This update for zstd fixes the following issues:

- CVE-2022-4899: Fixed buffer overrun in util.c (bsc#1209533).

1209713,1209714,1210135,CVE-2023-24593,CVE-2023-25180

This update for glib2 fixes the following issues:

- CVE-2023-24593: Fixed a denial of service caused by handling a malicious text-form variant (bsc#1209714).

- CVE-2023-25180: Fixed a denial of service caused by malicious serialised variant (bsc#1209713).

The following non-security bug was fixed:

- Fixed regression on s390x (bsc#1210135, glgo#GNOME/glib!2978).

The following package changes have been done:

- libglib-2_0-0-2.62.6-150200.3.15.1 updated

- libgmodule-2_0-0-2.62.6-150200.3.15.1 updated

- libzstd1-1.4.4-150000.1.9.1 updated

- login_defs-4.8.1-150300.4.6.1 updated

- shadow-4.8.1-150300.4.6.1 updated

- container:sles15-image-15.0.0-17.20.130 updated

Severity
Container Advisory ID : SUSE-CU-2023:1388-1
Container Tags : suse/sle-micro/5.2/toolbox:12.1 , suse/sle-micro/5.2/toolbox:12.1-6.2.204 , suse/sle-micro/5.2/toolbox:latest
Container Release : 6.2.204
Severity : moderate
Type : security

Related News

Important runC Privilege Escalation Flaws Fixed

New Patches Aim To Tackle Linux x86_64 PIE Support

What eBPF Means for Container Threat Detection

Kubernetes Architecture and its Security

News

Advisories

HOWTOs

Features

Linux Container Security Primer
Email Phishing Using Kali Linux
Is Linux A More Secure Option Than Windows For Businesses?
How Secure Is Linux?
How To Secure Against WordPress Vulnerabilities with Predictive Analysis Detection & Automated Remediation

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy