SUSE: 2023:2460-1 Important Security Update for Bci/Golang Container
suse
July 27, 2023
The container bci/golang was updated
Summary
Advisory ID: SUSE-RU-2023:2944-1 Released: Mon Jul 24 09:14:24 2023 Summary: Recommended update for linux-glibc-devel Type: recommended Severity: moderate Advisory ID: SUSE-SU-2023:2945-1 Released: Mon Jul 24 09:37:30 2023 Summary: Security update for openssh Type: security Severity: important Advisory ID: SUSE-SU-2023:2965-1 Released: Tue Jul 25 12:30:22 2023 Summary: Security update for openssl-1_1
Topics Covered
References
References : 1186673 1209536 1211096 1213004 1213008 1213487 1213504 CVE-2023-3446
CVE-2023-38408
1211096
This update for linux-glibc-devel fixes the following issues:
- Add linux/sev-guest.h (bsc#1211096)
1186673,1209536,1213004,1213008,1213504,CVE-2023-38408
This update for openssh fixes the following issues:
- CVE-2023-38408: Fixed a condition where specific libaries loaded via
ssh-agent(1)'s PKCS#11 support could be abused to achieve remote code
execution via a forwarded agent socket if those libraries were present on the
victim's system and if the agent was forwarded to an attacker-controlled
system. [bsc#1213504, CVE-2023-38408]
- Close the right filedescriptor and also close fdh in read_hmac to avoid file
descriptor leaks. [bsc#1209536]
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Container Advisory ID : SUSE-CU-2023:2460-1
Container Tags : bci/golang:1.19 , bci/golang:1.19-2.7.19 , bci/golang:oldstable , bci/golang:oldstable-2.7.19
Container Release : 7.19
Severity : important
Type : security
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!