SUSE: 2023:2570-1 bci/rust Security Update
Summary
Advisory ID: SUSE-SU-2023:3242-1 Released: Tue Aug 8 18:19:40 2023 Summary: Security update for openssl-1_1 Type: security Severity: moderate Advisory ID: SUSE-SU-2023:3251-1 Released: Tue Aug 8 22:15:14 2023 Summary: Security update for rust1.71 Type: security Severity: important
References
References : 1213817 1213853 CVE-2023-3817 CVE-2023-38497
1213853,CVE-2023-3817
This update for openssl-1_1 fixes the following issues:
- CVE-2023-3817: Fixed a potential DoS due to excessive time spent checking DH q parameter value. (bsc#1213853)
1213817,CVE-2023-38497
This update for rust1.71 fixes the following issues:
Update to version 1.71.1:
- CVE-2023-38497: Fixed privilege escalation with Cargo not respecting umask when extracting dependencies (bsc#1213817).
The following package changes have been done:
- libopenssl1_1-1.1.1l-150500.17.15.1 updated
- libopenssl1_1-hmac-1.1.1l-150500.17.15.1 updated
- rust1.71-1.71.1-150400.9.6.1 updated
- cargo1.71-1.71.1-150400.9.6.1 updated
- container:sles15-image-15.0.0-36.5.22 updated
![Dist Suse](/images/distros/dist-suse.gif)