## This update for cloud-init fixes the following issues: Update to version 25.1.3 (bsc#1245401,bsc#1245403): * docs: provide example3 for PAM and ssh_pwauth behavior (#27) * fix: Make hotplug socket writable only by root (#25) (CVE-2024-11584) * fix: Don't attempt to identify non-x86 OpenStack instances (LP: #2069607) (CVE-2024-6174) From 25.1.2: * fix: ensure MAAS datasource retries on failure (#6167) Update to version 25.1.1 (bsc#1239715,jsc#PED-8680,bsc#1228414): * Drop hidesensitivedata in 16 & greater * test: pytestify cc_chef tests, add migration test * chef: migrate files in old config directories for backups and cache * fix: correct the path for Chef's backups (#5994) * fix(Azure): don't reraise FileNotFoundError during ephemeral setup (#6113)
* bsc#1035106
* bsc#1047363
* bsc#1116767
* bsc#1121878
* bsc#1170154
* bsc#1174443
* bsc#1174444
* bsc#1181283
* bsc#1186004
* bsc#1192343
* bsc#1210277
* bsc#1214169
* bsc#1228414
* bsc#1233649
* bsc#1236720
* bsc#1237764
* bsc#1239715
* bsc#1245401
* bsc#1245403
* bsc#918952
* bsc#919305
* bsc#998103
* jsc#PED-8680
* jsc#PM-2335
* jsc#PM-3175
* jsc#PM-3181
Cross-
* CVE-2023-1786
* CVE-2024-11584
* CVE-2024-6174
CVSS scores:
* CVE-2023-1786 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-1786 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-11584 ( SUSE ): 5.1
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2024-11584 ( SUSE ): 5.9 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Get the latest Linux and open source security news straight to your inbox.