Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 555
Alerts This Week
Warning Icon 1 555

SUSE: 2023:2273-1 Moderate: BCI/Golang Container Security Patch

suse
Calendar Grey July 14, 2023
Dist Suse Esm H88
The SUSE Container Update Advisory for bci/golang delivers crucial updates to enhance security and performance within the containerized environment, ensuring users stay informed
The container bci/golang was updated

Summary

Advisory ID: SUSE-SU-2023:2620-1 Released: Fri Jun 23 13:41:36 2023 Summary: Security update for openssl-3 Type: security Severity: moderate Advisory ID: SUSE-RU-2023:2811-1 Released: Wed Jul 12 11:56:18 2023 Summary: Recommended update for libfido2, python-fido2, yubikey-manager, yubikey-manager-qt Type: recommended Severity: moderate

References

References : 1210714 1211430 CVE-2023-1255 CVE-2023-2650

1210714,1211430,CVE-2023-1255,CVE-2023-2650

This update for openssl-3 fixes the following issues:

- CVE-2023-1255: Fixed input buffer over-read in AES-XTS implementation on 64 bit ARM (bsc#1210714).

- CVE-2023-2650: Fixed possible DoS translating ASN.1 object identifiers (bsc#1211430).

This update for libfido2, python-fido2, yubikey-manager, yubikey-manager-qt fixes the following issues:

This update provides a feature update to the FIDO2 stack.

Changes in libfido2:

- Version 1.13.0 (2023-02-20)

* New API calls:

+ fido_assert_empty_allow_list;

+ fido_cred_empty_exclude_list.

* fido2-token: fix issue when listing large blobs.

- Version 1.12.0 (2022-09-22)

* Support for COSE_ES384.

* Improved support for FIDO 2.1 authenticators.

Container Advisory ID : SUSE-CU-2023:2273-1
Container Tags : bci/golang:1.19 , bci/golang:1.19-2.7.1 , bci/golang:oldstable , bci/golang:oldstable-2.7.1
Container Release : 7.1
Severity : moderate
Type : security

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.