Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

SUSE Security Advisory 2024:382-1 - Moderate cpio Path Traversal Issue

suse
Calendar Grey January 28, 2024
Dist Suse Esm H88
An important update has been rolled out for the suse/sle-micro/5.5/toolbox container image, addressing a critical vulnerability, CVE-2023-7208, that impacts the functionality of tar.
The container suse/sle-micro/5.5/toolbox was updated

Summary

Advisory ID: SUSE-SU-2024:238-1 Released: Fri Jan 26 10:56:41 2024 Summary: Security update for cpio Type: security Severity: moderate

Topics%20covered

Topics Covered

security advisory moderate patch cpio suse container update

References

References : 1218571 CVE-2023-7207

1218571,CVE-2023-7207

This update for cpio fixes the following issues:

- CVE-2023-7207: Fixed a path traversal issue that could lead to an

arbitrary file write during archive extraction (bsc#1218571).

The following package changes have been done:

- cpio-2.13-150400.3.3.1 updated

- libblkid1-2.37.4-150500.9.3.1 updated

- libfdisk1-2.37.4-150500.9.3.1 updated

- libmount1-2.37.4-150500.9.3.1 updated

- libsmartcols1-2.37.4-150500.9.3.1 updated

- libuuid1-2.37.4-150500.9.3.1 updated

- util-linux-systemd-2.37.4-150500.9.3.1 updated

- util-linux-2.37.4-150500.9.3.1 updated

- container:sles15-image-15.0.0-36.5.77 updated

Container Advisory ID : SUSE-CU-2024:382-1
Container Tags : suse/sle-micro/5.5/toolbox:12.1 , suse/sle-micro/5.5/toolbox:12.1-2.2.145 , suse/sle-micro/5.5/toolbox:latest
Container Release : 2.2.145
Severity : moderate
Type : security

Topics%20covered

Topics Covered

security advisory moderate patch cpio suse container update

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here