SUSE: 2024:256-1 critical: python3/django web framework vulnerability patch
suse
January 19, 2024
The container bci/golang was updated
Summary
Advisory ID: SUSE-SU-2024:136-1 Released: Thu Jan 18 09:53:47 2024 Summary: Security update for pam Type: security Severity: moderate Advisory ID: SUSE-RU-2024:139-1 Released: Thu Jan 18 11:33:54 2024 Summary: Recommended update for go1.21 Type: recommended Severity: moderate Advisory ID: SUSE-SU-2024:140-1 Released: Thu Jan 18 11:34:58 2024 Summary: Security update for libssh Type: security
Topics Covered
References
References : 1211188 1211190 1212475 1217000 1218126 1218186 1218209 1218475
CVE-2023-1667 CVE-2023-2283 CVE-2023-48795 CVE-2023-6004 CVE-2023-6918
CVE-2024-22365
1217000,1218475,CVE-2024-22365
This update for pam fixes the following issues:
- CVE-2024-22365: Fixed a local denial of service during PAM login
due to a missing check during path manipulation (bsc#1218475).
- Check localtime_r() return value to fix crashing (bsc#1217000)
1212475
This update for go1.21 fixes the following issues:
go1.21.6 (released 2024-01-09) includes fixes to the compiler,
the runtime, and the crypto/tls, maps, and runtime/pprof
packages. (bsc#1212475)
* x/build,os/signal: TestDetectNohup and TestNohup fail on replacement darwin LUCI builders
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Container Advisory ID : SUSE-CU-2024:255-1
Container Tags : bci/golang:1.21 , bci/golang:1.21-1.7.4 , bci/golang:latest , bci/golang:stable , bci/golang:stable-1.7.4
Container Release : 7.4
Severity : important
Type : security
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!