Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 546
Alerts This Week
Warning Icon 1 546

SUSE: 2023:4287-1 moderate: ncurses & gnutls security fix

suse
Calendar Grey December 24, 2023
Scroller Suse Esm H88
SUSE Container Update includes security fixes for ncurses and gnutls vulnerabilities in suse/sle15 environment.
The container suse/sle15 was updated

Summary

Advisory ID: SUSE-SU-2023:4891-1 Released: Mon Dec 18 16:31:49 2023 Summary: Security update for ncurses Type: security Severity: moderate Advisory ID: SUSE-SU-2023:4952-1 Released: Thu Dec 21 15:08:30 2023 Summary: Security update for gnutls Type: security Severity: moderate

References

References : 1201384 1208143 1217277 1218014 CVE-2023-0361 CVE-2023-50495

CVE-2023-5981

1201384,1218014,CVE-2023-50495

This update for ncurses fixes the following issues:

- CVE-2023-50495: Fixed a segmentation fault via _nc_wrap_entry() (bsc#1218014)

- Modify reset command to avoid altering clocal if the terminal uses a modem (bsc#1201384)

1208143,1217277,CVE-2023-0361,CVE-2023-5981

This update for gnutls fixes the following issues:

- CVE-2023-0361: Fixed a Bleichenbacher oracle in the TLS RSA key exchange (bsc#1208143).

- CVE-2023-5981: Fixed timing side-channel inside RSA-PSK key exchange (bsc#1217277).

The following package changes have been done:

- libgnutls30-3.6.7-150000.6.50.1 updated

- libncurses6-6.1-150000.5.20.1 updated

- ncurses-utils-6.1-150000.5.20.1 updated

Container Advisory ID : SUSE-CU-2023:4287-1
Container Tags : suse/sle15:15.1 , suse/sle15:15.1.6.2.857
Container Release : 6.2.857
Severity : moderate
Type : security

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.