SUSE: 2023:2278-1 Moderate Advisory for bci/nodejs Security Fix
suse
July 14, 2023
The container bci/nodejs was updated
Summary
Advisory ID: SUSE-SU-2023:2620-1 Released: Fri Jun 23 13:41:36 2023 Summary: Security update for openssl-3 Type: security Severity: moderate Advisory ID: SUSE-RU-2023:2811-1 Released: Wed Jul 12 11:56:18 2023 Summary: Recommended update for libfido2, python-fido2, yubikey-manager, yubikey-manager-qt Type: recommended Severity: moderate
Topics Covered
References
References : 1210714 1211430 CVE-2023-1255 CVE-2023-2650
1210714,1211430,CVE-2023-1255,CVE-2023-2650
This update for openssl-3 fixes the following issues:
- CVE-2023-1255: Fixed input buffer over-read in AES-XTS implementation on 64 bit ARM (bsc#1210714).
- CVE-2023-2650: Fixed possible DoS translating ASN.1 object identifiers (bsc#1211430).
This update for libfido2, python-fido2, yubikey-manager, yubikey-manager-qt fixes the following issues:
This update provides a feature update to the FIDO2 stack.
Changes in libfido2:
- Version 1.13.0 (2023-02-20)
* New API calls:
+ fido_assert_empty_allow_list;
+ fido_cred_empty_exclude_list.
* fido2-token: fix issue when listing large blobs.
- Version 1.12.0 (2022-09-22)
* Support for COSE_ES384.
* Improved support for FIDO 2.1 authenticators.
PREVIOUS
NEXT
Container Advisory ID : SUSE-CU-2023:2278-1
Container Tags : bci/node:18 , bci/node:18-8.1 , bci/nodejs:18 , bci/nodejs:18-8.1
Container Release : 8.1
Severity : moderate
Type : security
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!