Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

SUSE 15.5: 2023:689-2 Critical Patch Release for libguestfs-tools

suse
Calendar Grey March 16, 2023
Scroller Suse
SUSE Software Security Bulletin addressing critical vulnerabilities and enhancements for libguestfs-tools within SUSE 15.5 container environments.
The container suse/sles/15.5/libguestfs-tools was updated

Summary

Advisory ID: SUSE-SU-2023:463-1 Released: Mon Feb 20 16:33:39 2023 Summary: Security update for tar Type: security Severity: moderate Advisory ID: SUSE-RU-2023:464-1 Released: Mon Feb 20 18:11:37 2023 Summary: Recommended update for systemd Type: recommended Severity: moderate Advisory ID: SUSE-SU-2023:475-1 Released: Wed Feb 22 10:49:14 2023 Summary: Security update for gnutls

References

References : 1202436 1205244 1207183 1207753 1207789 1208143 1208146 1208443

1208574 CVE-2021-30560 CVE-2022-45061 CVE-2022-48303 CVE-2023-0361

1202436,1207753,CVE-2022-48303

This update for tar fixes the following issues:

- CVE-2022-48303: Fixed a one-byte out-of-bounds read that resulted in use of uninitialized memory for a conditional jump (bsc#1207753).

Bug fixes:

- Fix hang when unpacking test tarball (bsc#1202436).

This update for systemd fixes the following issues:

- Merge of v249.15

- Drop workaround related to systemd-timesyncd that addressed a Factory issue.

- Conditionalize the use of /lib/modprobe.d only on systems with split usr

support enabled (i.e. SLE).

- Make use of the %systemd_* rpm macros consistently. Using the upstream

Severity
important
Lowest
Low
Medium
High
Critical

Container Advisory ID : SUSE-CU-2023:688-1
Container Tags : suse/sles/15.5/libguestfs-tools:0.58.0 , suse/sles/15.5/libguestfs-tools:0.58.0-150500.4.15 , suse/sles/15.5/libguestfs-tools:0.58.0.17.187
Container Release : 17.187
Severity : important
Type : security

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.