SUSE: 2023:888-1 suse/sle-micro/5.1/toolbox Security Update | Linux...

What Are You Looking For?

Popular Tags

Sign Up
SUSE Container Update Advisory: suse/sle-micro/5.1/toolbox
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2023:888-1
Container Tags        : suse/sle-micro/5.1/toolbox:11.1 , suse/sle-micro/5.1/toolbox:11.1-2.2.365 , suse/sle-micro/5.1/toolbox:latest
Container Release     : 2.2.365
Severity              : moderate
Type                  : security
References            : 1203201 1206483 1209361 1209362 CVE-2023-28486 CVE-2023-28487
-----------------------------------------------------------------

The container suse/sle-micro/5.1/toolbox was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1698-1
Released:    Thu Mar 30 12:16:57 2023
Summary:     Security update for sudo
Type:        security
Severity:    moderate
References:  1203201,1206483,1209361,1209362,CVE-2023-28486,CVE-2023-28487
This update for sudo fixes the following issue:

Security fixes:

- CVE-2023-28486: Fixed missing control characters escaping in log messages (bsc#1209362).
- CVE-2023-28487: Fixed missing control characters escaping in sudoreplay output (bsc#1209361).

Other fixes:

- Fix a situation where 'sudo -U otheruser -l' would dereference a NULL pointer (bsc#1206483).
- Do not re-enable the reader when flushing the buffers as part of pty_finish() (bsc#1203201).


The following package changes have been done:

- sudo-1.9.5p2-150300.3.24.1 updated

SUSE: 2023:888-1 suse/sle-micro/5.1/toolbox Security Update

March 31, 2023
The container suse/sle-micro/5.1/toolbox was updated

Summary

Advisory ID: SUSE-SU-2023:1698-1 Released: Thu Mar 30 12:16:57 2023 Summary: Security update for sudo Type: security Severity: moderate

References

References : 1203201 1206483 1209361 1209362 CVE-2023-28486 CVE-2023-28487

1203201,1206483,1209361,1209362,CVE-2023-28486,CVE-2023-28487

This update for sudo fixes the following issue:

Security fixes:

- CVE-2023-28486: Fixed missing control characters escaping in log messages (bsc#1209362).

- CVE-2023-28487: Fixed missing control characters escaping in sudoreplay output (bsc#1209361).

Other fixes:

- Fix a situation where 'sudo -U otheruser -l' would dereference a NULL pointer (bsc#1206483).

- Do not re-enable the reader when flushing the buffers as part of pty_finish() (bsc#1203201).

The following package changes have been done:

- sudo-1.9.5p2-150300.3.24.1 updated

Severity
Container Advisory ID : SUSE-CU-2023:888-1
Container Tags : suse/sle-micro/5.1/toolbox:11.1 , suse/sle-micro/5.1/toolbox:11.1-2.2.365 , suse/sle-micro/5.1/toolbox:latest
Container Release : 2.2.365
Severity : moderate
Type : security

Related News

Important runC Privilege Escalation Flaws Fixed

New Patches Aim To Tackle Linux x86_64 PIE Support

What eBPF Means for Container Threat Detection

Kubernetes Architecture and its Security

News

Advisories

HOWTOs

Features

Linux Container Security Primer
Email Phishing Using Kali Linux
Is Linux A More Secure Option Than Windows For Businesses?
How Secure Is Linux?
How To Secure Against WordPress Vulnerabilities with Predictive Analysis Detection & Automated Remediation

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy