SUSE: 2023:2570-1 Important Security Advisory for bci/rust
suse
August 10, 2023
The container bci/rust was updated
Summary
Advisory ID: SUSE-SU-2023:3242-1 Released: Tue Aug 8 18:19:40 2023 Summary: Security update for openssl-1_1 Type: security Severity: moderate Advisory ID: SUSE-SU-2023:3251-1 Released: Tue Aug 8 22:15:14 2023 Summary: Security update for rust1.71 Type: security Severity: important
Topics Covered
References
References : 1213817 1213853 CVE-2023-3817 CVE-2023-38497
1213853,CVE-2023-3817
This update for openssl-1_1 fixes the following issues:
- CVE-2023-3817: Fixed a potential DoS due to excessive time spent checking DH q parameter value. (bsc#1213853)
1213817,CVE-2023-38497
This update for rust1.71 fixes the following issues:
Update to version 1.71.1:
- CVE-2023-38497: Fixed privilege escalation with Cargo not respecting umask when extracting dependencies (bsc#1213817).
The following package changes have been done:
- libopenssl1_1-1.1.1l-150500.17.15.1 updated
- libopenssl1_1-hmac-1.1.1l-150500.17.15.1 updated
- rust1.71-1.71.1-150400.9.6.1 updated
- cargo1.71-1.71.1-150400.9.6.1 updated
- container:sles15-image-15.0.0-36.5.22 updated
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Container Advisory ID : SUSE-CU-2023:2570-1
Container Tags : bci/rust:1.71 , bci/rust:1.71-1.10.8 , bci/rust:latest , bci/rust:stable , bci/rust:stable-1.10.8
Container Release : 10.8
Severity : important
Type : security
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!