What Are You Looking For?

Sign Up
SUSE Container Update Advisory: suse/389-ds
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2023:3377-1
Container Tags        : suse/389-ds:2.2 , suse/389-ds:2.2-16.10 , suse/389-ds:latest
Container Release     : 16.10
Severity              : important
Type                  : security
References            : 1214806 1215888 1215889 CVE-2023-38545 CVE-2023-38546 CVE-2023-4641
-----------------------------------------------------------------

The container suse/389-ds was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:4024-1
Released:    Tue Oct 10 13:24:40 2023
Summary:     Security update for shadow
Type:        security
Severity:    low
References:  1214806,CVE-2023-4641
This update for shadow fixes the following issues:

- CVE-2023-4641: Fixed potential password leak (bsc#1214806).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:4044-1
Released:    Wed Oct 11 09:01:14 2023
Summary:     Security update for curl
Type:        security
Severity:    important
References:  1215888,1215889,CVE-2023-38545,CVE-2023-38546
This update for curl fixes the following issues:

- CVE-2023-38545: Fixed a heap buffer overflow in SOCKS5. (bsc#1215888)
- CVE-2023-38546: Fixed a cookie injection with none file. (bsc#1215889)


The following package changes have been done:

- login_defs-4.8.1-150400.10.12.1 updated
- libcurl4-8.0.1-150400.5.32.1 updated
- shadow-4.8.1-150400.10.12.1 updated
- container:sles15-image-15.0.0-36.5.41 updated

SUSE: 2023:3377-1 suse/389-ds Security Update

October 13, 2023
The container suse/389-ds was updated

Summary

Advisory ID: SUSE-SU-2023:4024-1 Released: Tue Oct 10 13:24:40 2023 Summary: Security update for shadow Type: security Severity: low Advisory ID: SUSE-SU-2023:4044-1 Released: Wed Oct 11 09:01:14 2023 Summary: Security update for curl Type: security Severity: important

References

References : 1214806 1215888 1215889 CVE-2023-38545 CVE-2023-38546 CVE-2023-4641

1214806,CVE-2023-4641

This update for shadow fixes the following issues:

- CVE-2023-4641: Fixed potential password leak (bsc#1214806).

1215888,1215889,CVE-2023-38545,CVE-2023-38546

This update for curl fixes the following issues:

- CVE-2023-38545: Fixed a heap buffer overflow in SOCKS5. (bsc#1215888)

- CVE-2023-38546: Fixed a cookie injection with none file. (bsc#1215889)

The following package changes have been done:

- login_defs-4.8.1-150400.10.12.1 updated

- libcurl4-8.0.1-150400.5.32.1 updated

- shadow-4.8.1-150400.10.12.1 updated

- container:sles15-image-15.0.0-36.5.41 updated

Severity
Container Advisory ID : SUSE-CU-2023:3377-1
Container Tags : suse/389-ds:2.2 , suse/389-ds:2.2-16.10 , suse/389-ds:latest
Container Release : 16.10
Severity : important
Type : security

Related News

Nitrux 3.2.0 Linux Distro Released with Enhanced Security and New Features

Nov 28, 2023

Linux 6.7 Introduces "make hardening.config" To Help Build A Hardened Kernel

Nov 5, 2023

Linux 6.6 Brings New Scheduler, File Sharing and Security

Nov 2, 2023

Ubuntu Linux 23.10 Is Adding an Important New Security Feature

Oct 11, 2023

News

Advisories

HOWTOs

Features

Password Guessing as an Attack Vector
Using Open Source to Ensure Compliance & Data Integrity through Data Governance
Critical Linux Kernel Bugs Lead to DoS, Privilege Escalation - Patch Now!
Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management

About Us

Powered By

Footer Logo