Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 620
Alerts This Week
Warning Icon 1 620

SUSE: 2023:3393-1 Moderate: Curl And Shadow Security Update

suse
Calendar Grey October 13, 2023
Dist Suse Esm H88
SUSE Container Update Notification for suse/sle15 presents security patches for wget and useradd, resolving significant vulnerabilities.
The container suse/sle15 was updated

Summary

Advisory ID: SUSE-SU-2023:4027-1 Released: Tue Oct 10 13:59:02 2023 Summary: Security update for shadow Type: security Severity: low Advisory ID: SUSE-SU-2023:4045-1 Released: Wed Oct 11 09:10:43 2023 Summary: Security update for curl Type: security Severity: moderate

References

References : 1214806 1215889 CVE-2023-38546 CVE-2023-4641

1214806,CVE-2023-4641

This update for shadow fixes the following issues:

- CVE-2023-4641: Fixed potential password leak (bsc#1214806).

1215889,CVE-2023-38546

This update for curl fixes the following issues:

- CVE-2023-38546: Fixed a cookie injection with none file (bsc#1215889).

The following package changes have been done:

- curl-7.66.0-150200.4.60.1 updated

- libcurl4-7.66.0-150200.4.60.1 updated

- login_defs-4.8.1-150300.4.12.1 updated

- shadow-4.8.1-150300.4.12.1 updated

Container Advisory ID : SUSE-CU-2023:3393-1
Container Tags : bci/bci-base:15.3 , bci/bci-base:15.3.17.20.194 , suse/sle15:15.3 , suse/sle15:15.3.17.20.194
Container Release : 17.20.194
Severity : moderate
Type : security

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.