Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -1 articles for you...
100
security advisorymoderateSUSESUSE: 2024:400-2 Moderate: BCI Driver Patch For CPIO Issue
The container bci/bci-sle15-kernel-module-devel was updated. The following patches have been included in this update:. SUSE Container Update Advisory: bci/bci-sle15-kernel-module-devel ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2024:400-1 Container Tags : bci/bci-sle15-kernel-module-devel:15.5 , bci/bci-sle15-kernel-module-devel:15.5.5.10 , bci/bci-sle15-kernel-module-devel:latest Container Release : 5.10 Severity : moderate Type : security References : 1218571 CVE-2023-7207 ----------------------------------------------------------------- The container bci/bci-sle15-kernel-module-devel was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:238-1 Released: Fri Jan 26 10:56:41 2024 Summary: Security update for cpio Type: security Severity: moderate References: 1218571,CVE-2023-7207 This update for cpio fixes the following issues: - CVE-2023-7207: Fixed a path traversal issue that could lead to an arbitrary file write during archive extraction (bsc#1218571). The following package changes have been done: - libuuid1-2.37.4-150500.9.3.1 updated - libsmartcols1-2.37.4-150500.9.3.1 updated - libblkid1-2.37.4-150500.9.3.1 updated - libfdisk1-2.37.4-150500.9.3.1 updated - cpio-2.13-150400.3.3.1 updated - libmount1-2.37.4-150500.9.3.1 updated - util-linux-2.37.4-150500.9.3.1 updated - container:sles15-image-15.0.0-36.5.76 updated . This release resolves a vulnerability related to directory traversal in cpio that could permit unauthorized file writing. Please examine the attached modifications.. bci kernel module, container update, security fixes. . LinuxSecurity.com Team
Jan 29, 2024
SuSE
100
security advisoryDoSimportantSUSE: 2023:2733-1 Important: bci/bci-init DoS Threat Mitigation
The container bci/bci-init was updated. The following patches have been included in this update:. SUSE Container Update Advisory: bci/bci-init ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2023:2733-1 Container Tags : bci/bci-init:15.4 , bci/bci-init:15.4.29.36 Container Release : 29.36 Severity : important Type : security References : 1214054 CVE-2023-36054 ----------------------------------------------------------------- The container bci/bci-init was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:3363-1 Released: Fri Aug 18 14:54:16 2023 Summary: Security update for krb5 Type: security Severity: important References: 1214054,CVE-2023-36054 This update for krb5 fixes the following issues: - CVE-2023-36054: Fixed a DoS that could be triggered by an authenticated remote user. (bsc#1214054) The following package changes have been done: - krb5-1.19.2-150400.3.6.1 updated - container:sles15-image-15.0.0-27.14.88 updated . Crucial security patch for bci/bci-init targeting DoS vulnerabilities associated with CVE-2023-36055 and fortifying container robustness.. SUSE Containers, BCI Updates, Security Patches. . Severity: Important. LinuxSecurity.com Team
Aug 21, 2023
•Important
SuSE
100
security advisorysecurity fixmoderate severitySUSE: 2023:2213-1 Moderate: bci/bci-minimal Security Update for libcap
The container bci/bci-minimal was updated. The following patches have been included in this update:. SUSE Container Update Advisory: bci/bci-minimal ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2023:2213-1 Container Tags : bci/bci-minimal:15.4 , bci/bci-minimal:15.4.21.8 Container Release : 21.8 Severity : moderate Type : security References : 1211418 1211419 CVE-2023-2602 CVE-2023-2603 ----------------------------------------------------------------- The container bci/bci-minimal was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:2765-1 Released: Mon Jul 3 20:28:14 2023 Summary: Security update for libcap Type: security Severity: moderate References: 1211418,1211419,CVE-2023-2602,CVE-2023-2603 This update for libcap fixes the following issues: - CVE-2023-2602: Fixed improper memory release in libcap/psx/psx.c:__wrap_pthread_create() (bsc#1211418). - CVE-2023-2603: Fixed an integer overflow or wraparound in libcap/cap_alloc.c:_libcap_strdup() (bsc#1211419). The following package changes have been done: - libcap2-2.63-150400.3.3.1 updated - container:micro-image-15.4.0-21.3 updated . Explore the latest SUSE Container release for bci/bci-minimal, which includes essential security patches for libcap that resolve memory vulnerabilities.. SUSE Container Update,Bci-Minimal,Libcap,Memory Issues. . LinuxSecurity.com Team
Jul 05, 2023
SuSE
100
security advisorymoderate severitypython updateSUSE: 2023:169-1 Moderate: BCI Python Update Addressing CPU Issue
The container bci/python was updated. The following patches have been included in this update:. SUSE Container Update Advisory: bci/python ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2023:169-1 Container Tags : bci/python:3 , bci/python:3-11.4 , bci/python:3.10 , bci/python:3.10-11.4 , bci/python:latest Container Release : 11.4 Severity : moderate Type : security References : 1206667 CVE-2022-40897 ----------------------------------------------------------------- The container bci/python was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:91-1 Released: Mon Jan 16 11:14:14 2023 Summary: Security update for python310-setuptools Type: security Severity: moderate References: 1206667,CVE-2022-40897 This update for python310-setuptools fixes the following issues: - CVE-2022-40897: Fixed an excessive CPU usage that could be triggered by fetching a malicious HTML document (bsc#1206667). The following package changes have been done: - python310-setuptools-57.4.0-150400.4.3.1 updated . The latest SUSE Container Update for bci/node introduces essential security enhancements and resolves memory optimization concerns within Node.js libraries.. SUSE Container, Python Security, Container Update, Moderate Severity, CPU Usage Fix. . LinuxSecurity.com Team
Jan 17, 2023
SuSE
100
security advisorysecurity updatepatchSUSE: 2022:2434-1 critical issue: bci/golang use-after-free vulnerability
The container bci/golang was updated. The following patches have been included in this update:. SUSE Container Update Advisory: bci/golang ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2022:2434-1 Container Tags : bci/golang:1.16 , bci/golang:1.16-30.46 Container Release : 30.46 Severity : important Type : security References : 1203438 CVE-2022-40674 ----------------------------------------------------------------- The container bci/golang was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:3489-1 Released: Sat Oct 1 13:35:24 2022 Summary: Security update for expat Type: security Severity: important References: 1203438,CVE-2022-40674 This update for expat fixes the following issues: - CVE-2022-40674: Fixed use-after-free in the doContent function in xmlparse.c (bsc#1203438). The following package changes have been done: - libexpat1-2.4.4-150400.3.9.1 updated - aaa_base-84.87+git20180409.04c9dae-3.57.1 removed - bash-4.4-150400.25.22 removed - bash-sh-4.4-150400.25.22 removed - coreutils-8.32-150400.7.5 removed - cpio-2.13-150400.1.98 removed - cracklib-2.9.7-11.6.1 removed - cracklib-dict-small-2.9.7-11.6.1 removed - diffutils-3.6-4.3.1 removed - file-magic-5.32-7.14.1 removed - filesystem-15.0-11.8.1 removed - fillup-1.42-2.18 removed - findutils-4.8.0-1.20 removed - glibc-2.31-150300.41.1 removed - grep-3.1-150000.4.6.1 removed - info-6.5-4.17 removed - krb5-1.19.2-150400.1.9 removed - libacl1-2.2.52-4.3.1 removed - libattr1-2.4.47-2.19 removed - libaudit1-3.0.6-150400.2.13 removed - libblkid1-2.37.2-150400.8.3.1 removed - libbrotlicommon1-1.0.7-3.3.1 removed - libbrotlidec1-1.0.7-3.3.1 removed - libbz2-1-1.0.8-150400.1.122 removed - libcap-ng0-0.7.9-4.37 removed - libcap2-2.63-150400.1.7 removed - libcom_err2-1.46.4-150400.3.3.1 removed - libcrack2-2.9.7-11.6.1 removed -libcrypt1-4.4.15-150300.4.4.3 removed - libcurl4-7.79.1-150400.5.6.1 removed - libdw1-0.185-150400.5.3.1 removed - libeconf0-0.4.4+git20220104.962774f-150400.1.38 removed - libelf1-0.185-150400.5.3.1 removed - libfdisk1-2.37.2-150400.8.3.1 removed - libgcc_s1-11.3.0+git1637-150000.1.11.2 removed - libgcrypt20-1.9.4-150400.4.6 removed - libgcrypt20-hmac-1.9.4-150400.4.6 removed - libgmp10-6.1.2-4.9.1 removed - libgpg-error0-1.42-150400.1.101 removed - libidn2-0-2.2.0-3.6.1 removed - libkeyutils1-1.6.3-5.6.1 removed - libldap-2_4-2-2.4.46-150200.14.11.2 removed - libldap-data-2.4.46-150200.14.11.2 removed - liblua5_3-5-5.3.6-3.6.1 removed - liblz4-1-1.9.3-150400.1.7 removed - liblzma5-5.2.3-150000.4.7.1 removed - libmagic1-5.32-7.14.1 removed - libmount1-2.37.2-150400.8.3.1 removed - libncurses6-6.1-150000.5.12.1 removed - libnghttp2-14-1.40.0-6.1 removed - libnsl2-1.2.0-2.44 removed - libopenssl1_1-1.1.1l-150400.7.7.1 removed - libopenssl1_1-hmac-1.1.1l-150400.7.7.1 removed - libpcre1-8.45-150000.20.13.1 removed - libpopt0-1.16-3.22 removed - libpsl5-0.20.1-150000.3.3.1 removed - libreadline7-7.0-150400.25.22 removed - libsasl2-3-2.1.27-150300.4.6.1 removed - libselinux1-3.1-150400.1.69 removed - libsemanage1-3.1-150400.1.65 removed - libsepol1-3.1-150400.1.70 removed - libsmartcols1-2.37.2-150400.8.3.1 removed - libssh-config-0.9.6-150400.1.5 removed - libssh4-0.9.6-150400.1.5 removed - libstdc++6-11.3.0+git1637-150000.1.11.2 removed - libsystemd0-249.12-150400.8.10.1 removed - libtirpc-netconfig-1.2.6-150300.3.14.1 removed - libtirpc3-1.2.6-150300.3.14.1 removed - libudev1-249.12-150400.8.10.1 removed - libunistring2-0.9.10-1.1 removed - libutempter0-1.1.6-3.42 removed - libuuid1-2.37.2-150400.8.3.1 removed - libverto1-0.2.6-3.20 removed - libxml2-2-2.9.14-150400.5.7.1 removed - libz1-1.2.11-150000.3.33.1 removed - libzio1-1.06-2.20 removed - libzstd1-1.5.0-150400.1.71 removed - login_defs-4.8.1-150400.8.57 removed - ncurses-utils-6.1-150000.5.12.1 removed - pam-1.3.0-150000.6.58.3 removed -patterns-base-fips-20200124-150400.18.4 removed - perl-base-5.26.1-150300.17.11.1 removed - permissions-20201225-150400.5.11.1 removed - rpm-config-SUSE-1-150400.14.3.1 removed - rpm-ndb-4.14.3-150300.49.1 removed - sed-4.4-11.6 removed - shadow-4.8.1-150400.8.57 removed - sles-release-15.4-150400.55.1 removed - system-group-hardware-20170617-150400.22.33 removed - system-user-root-20190513-3.3.1 removed - sysuser-shadow-3.1-150400.1.35 removed - terminfo-base-6.1-150000.5.12.1 removed - timezone-2022a-150000.75.10.1 removed - util-linux-2.37.2-150400.8.3.1 removed . Important SUSE Container Security Bulletin for bci/python addresses a buffer overflow vulnerability and enhances essential libraries.. bci/golang updates, container advisory, security issues fixes, important patches, SUSE advisory. . Severity: Important. LinuxSecurity.com Team
Oct 02, 2022
•Important
SuSE
100
security advisoryimportantlibxml2 updateSUSE: 2022:1130-1 Important: bci/dotnet-runtime Security Fix
The container bci/dotnet-runtime was updated. The following patches have been included in this update:. SUSE Container Update Advisory: bci/dotnet-runtime ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2022:1130-1 Container Tags : bci/dotnet-runtime:6.0 , bci/dotnet-runtime:6.0-17.11 , bci/dotnet-runtime:6.0.5 , bci/dotnet-runtime:6.0.5-17.11 , bci/dotnet-runtime:latest Container Release : 17.11 Severity : important Type : security References : 1196490 1199132 CVE-2022-23308 CVE-2022-29824 ----------------------------------------------------------------- The container bci/dotnet-runtime was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:1750-1 Released: Thu May 19 15:28:20 2022 Summary: Security update for libxml2 Type: security Severity: important References: 1196490,1199132,CVE-2022-23308,CVE-2022-29824 This update for libxml2 fixes the following issues: - CVE-2022-23308: Fixed a use-after-free of ID and IDREF attributes (bsc#1196490). - CVE-2022-29824: Fixed integer overflow that could have led to an out-of-bounds write in buf.c (xmlBuf*) and tree.c (xmlBuffer*) (bsc#1199132). The following package changes have been done: - libxml2-2-2.9.7-150000.3.46.1 updated - container:sles15-image-15.0.0-17.17.1 updated . SUSE releases critical security enhancements for the bci/dotnet-runtime container. Ensure your systems are secured and up to date.. SUSE Container Update, dotnet-runtime, security patches. . Severity: Important. LinuxSecurity.com Team
May 22, 2022
•Important
SuSE
100
security advisorysecurity updateimportantSUSE: 2022:1076-1 Important: bci/golang Security Update Advisory
The container bci/golang was updated. The following patches have been included in this update:. SUSE Container Update Advisory: bci/golang ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2022:1076-1 Container Tags : bci/golang:1.17 , bci/golang:1.17-17.19 Container Release : 17.19 Severity : important Type : security References : 1197443 1197743 1198446 1199240 CVE-2022-1304 CVE-2022-29155 ----------------------------------------------------------------- The container bci/golang was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:1670-1 Released: Mon May 16 10:06:30 2022 Summary: Security update for openldap2 Type: security Severity: important References: 1199240,CVE-2022-29155 This update for openldap2 fixes the following issues: - CVE-2022-29155: Fixed SQL injection in back-sql (bsc#1199240). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:1688-1 Released: Mon May 16 14:02:49 2022 Summary: Security update for e2fsprogs Type: security Severity: important References: 1198446,CVE-2022-1304 This update for e2fsprogs fixes the following issues: - CVE-2022-1304: Fixed out-of-bounds read/write leading to segmentation fault and possibly arbitrary code execution. (bsc#1198446) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:1691-1 Released: Mon May 16 15:13:39 2022 Summary: Recommended update for augeas Type: recommended Severity: moderate References: 1197443 This update for augeas fixes the following issue: - Sysctl keys can contain some more non-alphanumeric characters. (bsc#1197443) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:1709-1 Released: Tue May 17 17:35:47 2022 Summary: Recommended update forlibcbor Type: recommended Severity: important References: 1197743 This update for libcbor fixes the following issues: - Fix build errors occuring on SUSE Linux Enterprise 15 Service Pack 4 The following package changes have been done: - libaugeas0-1.10.1-150000.3.12.1 updated - libcbor0-0.5.0-150100.4.6.1 updated - libcom_err2-1.43.8-150000.4.33.1 updated - libldap-2_4-2-2.4.46-150200.14.8.1 updated - libldap-data-2.4.46-150200.14.8.1 updated - container:sles15-image-15.0.0-17.14.16 updated . SUSE has released a crucial patch for the bci/golang container, tackling significant security flaws and vulnerabilities.. container update,bci,golang,security advisory,SUSE update. . Severity: Important. LinuxSecurity.com Team
May 18, 2022
•Important
SuSE
100
security advisorysecurity issueimportantSUSE: 2022:1050-2 Critical: bci/php-devel Security Update Advisory
The container bci/openjdk-devel was updated. The following patches have been included in this update:. SUSE Container Update Advisory: bci/openjdk-devel ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2022:1048-1 Container Tags : bci/openjdk-devel:11 , bci/openjdk-devel:11-17.40 , bci/openjdk-devel:latest Container Release : 17.40 Severity : important Type : security References : 1199240 CVE-2022-29155 ----------------------------------------------------------------- The container bci/openjdk-devel was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:1670-1 Released: Mon May 16 10:06:30 2022 Summary: Security update for openldap2 Type: security Severity: important References: 1199240,CVE-2022-29155 This update for openldap2 fixes the following issues: - CVE-2022-29155: Fixed SQL injection in back-sql (bsc#1199240). The following package changes have been done: - libldap-2_4-2-2.4.46-150200.14.8.1 updated - libldap-data-2.4.46-150200.14.8.1 updated - container:openjdk-11-image-15.3.0-17.21 updated . SUSE Container Update Notification for bci/openjdk-devel tackles critical vulnerabilities such as potential SQL injection threats.. SUSE Container Security, OpenJDK Update, SQL Injection Fix, BCI Container Update. . Severity: Important. LinuxSecurity.com Team
May 17, 2022
•Important
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!