

# Security update for google-oauth-java-client

Announcement ID: SUSE-SU-2024:0806-1  
Rating: important  
References:

  * bsc#1199188

  
Cross-References:

  * CVE-2021-22573

  
CVSS scores:

  * CVE-2021-22573 ( NVD ):  7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N

  
Affected Products:

  * openSUSE Leap 15.5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for google-oauth-java-client fixes the following issues:

  * CVE-2021-22573: Fixed token signature not verified (bsc#1199188).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch openSUSE-SLE-15.5-2024-806=1

## Package List:

  * openSUSE Leap 15.5 (noarch)
    * google-oauth-java-client-servlet-1.22.0-150200.3.7.1
    * google-oauth-java-client-parent-1.22.0-150200.3.7.1
    * google-oauth-java-client-1.22.0-150200.3.7.1
    * google-oauth-java-client-java6-1.22.0-150200.3.7.1
    * google-oauth-java-client-javadoc-1.22.0-150200.3.7.1

## References:

  * https://www.suse.com/security/cve/CVE-2021-22573.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1199188

SUSE: 2024:0806-1 important: google-oauth-java-client

March 7, 2024

* bsc#1199188 Cross-References: * CVE-2021-22573

Summary

## This update for google-oauth-java-client fixes the following issues: * CVE-2021-22573: Fixed token signature not verified (bsc#1199188). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-806=1 ## Package List: * openSUSE Leap 15.5 (noarch) * google-oauth-java-client-servlet-1.22.0-150200.3.7.1 * google-oauth-java-client-parent-1.22.0-150200.3.7.1 * google-oauth-java-client-1.22.0-150200.3.7.1 * google-oauth-java-client-java6-1.22.0-150200.3.7.1 * google-oauth-java-client-javadoc-1.22.0-150200.3.7.1

References

* bsc#1199188

Cross-

* CVE-2021-22573

CVSS scores:

* CVE-2021-22573 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N

Affected Products:

* openSUSE Leap 15.5

An update that solves one vulnerability can now be installed.

##

* https://www.suse.com/security/cve/CVE-2021-22573.html

* https://bugzilla.suse.com/show_bug.cgi?id=1199188

Severity

Announcement ID: SUSE-SU-2024:0806-1

Rating: important

Related News

34.Key AbstractDigital Esm H170

Mallox Ransomware: A Rising Threat to Linux Servers

2 - 4 min read

Jul 04, 2024

Security threats continue developing rapidly, with attackers finding new vulnerabilities daily. Recent findings from researchers at Uptycs indicate

32.Lock Code Circular Esm H170

Severe Linux Kernel Privilege Escalation Bugs Could Compromise Entire Systems

2 - 4 min read

Jul 03, 2024

The Cybersecurity and Infrastructure Security Agency (CISA) recently added a new Linux kernel privilege escalation bug ( CVE-2024-1086 ) to its

1.Penguin Landscape Esm H170

Embracing Digital Independence: The Case for Switching to Linux from Windows

2 - 3 min read

Jul 03, 2024

On Independence Day, there is a deep recognition of digital autonomy amidst the colorful fireworks displays and patriotic revelry. At LinuxSecurity,

20.Lock AbstractDigital Circular Esm H170

CISA Adds New Chromium Zero-Day Bug to its Known Exploited Vulnerability Catalog

2 - 3 min read

Jul 03, 2024

Google has released fixes for a high-severity Chromium security flaw ( CVE-2024-5274 ) impacting its widely used Chrome browser and other

11.Locks IsometricPattern Esm H170

Exploring Linux Mint 22 'Wilma': Key Updates and Security Improvements for Admins

2 - 4 min read

Jul 02, 2024

Linux Mint is a user-friendly GNU/Linux desktop distribution built upon Ubuntu and Debian for maximum reliability while offering an aesthetically

32.Lock Code Circular Esm H170

Recent OpenSSH RCE Bug Explained: Impact & Mitigations

2 - 4 min read

Jul 01, 2024

In an era where cybersecurity threats loom larger than ever, the discovery of a Remote Code Execution (RCE) vulnerability in OpenSSH by Qualys’

27.Tablet Connections Blocks Lock Esm H170

Debian 12.6 Released: Understanding the Security & Stability Enhancements

2 - 4 min read

Jul 01, 2024

Debian recently unveiled a significant update to its stable distribution, Debian 12.6 (codename "bookworm"). While not an entirely new release, this

8.Locks HexConnections CodeGlobe Esm H170

Canonical's Game-Changing Move: 12-Year LTS for Distroless Docker Images

2 - 4 min read

Jun 28, 2024

Canonical has made headlines with its groundbreaking long-term support (LTS) service offering to extend far beyond Ubuntu deb packages, promising 12

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

News

Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Advisories

Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
HOWTOs

Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Features

Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
About Us

Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Powered By

Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.

© 2024 Guardian Digital, Inc All Rights Reserved