SUSE: 2023:2287-1 Moderate: bci/python Denial of Service Security Update
suse
July 14, 2023
The container bci/python was updated
Summary
Advisory ID: SUSE-SU-2023:2620-1 Released: Fri Jun 23 13:41:36 2023 Summary: Security update for openssl-3 Type: security Severity: moderate Advisory ID: SUSE-RU-2023:2811-1 Released: Wed Jul 12 11:56:18 2023 Summary: Recommended update for libfido2, python-fido2, yubikey-manager, yubikey-manager-qt Type: recommended Severity: moderate
References
References : 1210714 1211430 CVE-2023-1255 CVE-2023-2650
1210714,1211430,CVE-2023-1255,CVE-2023-2650
This update for openssl-3 fixes the following issues:
- CVE-2023-1255: Fixed input buffer over-read in AES-XTS implementation on 64 bit ARM (bsc#1210714).
- CVE-2023-2650: Fixed possible DoS translating ASN.1 object identifiers (bsc#1211430).
This update for libfido2, python-fido2, yubikey-manager, yubikey-manager-qt fixes the following issues:
This update provides a feature update to the FIDO2 stack.
Changes in libfido2:
- Version 1.13.0 (2023-02-20)
* New API calls:
+ fido_assert_empty_allow_list;
+ fido_cred_empty_exclude_list.
* fido2-token: fix issue when listing large blobs.
- Version 1.12.0 (2022-09-22)
* Support for COSE_ES384.
* Improved support for FIDO 2.1 authenticators.
PREVIOUS
NEXT
Container Advisory ID : SUSE-CU-2023:2287-1
Container Tags : bci/python:3 , bci/python:3-10.8 , bci/python:3.6 , bci/python:3.6-10.8
Container Release : 10.8
Severity : moderate
Type : security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!