Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 4 articles for you...
100
security advisorysecurity fiximportantSUSE: 2023:4101-1 Important: Conmon Security Flaw and Fix
* bsc#1215806 Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 . # Security update for conmon Announcement ID: SUSE-SU-2023:4101-1 Rating: important References: * bsc#1215806 Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that has one security fix can now be installed. ## Description: This update for conmon fixes the following issues: conmon is rebuilt with the current stable release go1.21 (bsc#1215806) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2023-4101=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2023-4101=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2023-4101=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2023-4101=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-4101=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-4101=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-4101=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -tpatch SUSE-SLE-Product-SLES_SAP-15-SP3-2023-4101=1 ## Package List: * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * conmon-2.1.5-150300.8.14.1 * conmon-debuginfo-2.1.5-150300.8.14.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * conmon-2.1.5-150300.8.14.1 * conmon-debuginfo-2.1.5-150300.8.14.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * conmon-2.1.5-150300.8.14.1 * conmon-debuginfo-2.1.5-150300.8.14.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * conmon-2.1.5-150300.8.14.1 * conmon-debuginfo-2.1.5-150300.8.14.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (aarch64 x86_64) * conmon-2.1.5-150300.8.14.1 * conmon-debuginfo-2.1.5-150300.8.14.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * conmon-2.1.5-150300.8.14.1 * conmon-debuginfo-2.1.5-150300.8.14.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * conmon-2.1.5-150300.8.14.1 * conmon-debuginfo-2.1.5-150300.8.14.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * conmon-2.1.5-150300.8.14.1 * conmon-debuginfo-2.1.5-150300.8.14.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1215806 . Red Hat releases a critical patch for podman, addressing serious vulnerabilities affecting multiple applications. Keep informed!. SUSE, conmon update, enterprise storage, Linux performance, security fix. . Severity: Important. LinuxSecurity.com Team
Oct 17, 2023
•Important
SuSE
100
security advisorysystem integritySUSESUSE: 2023:4042-1 Important: Conmon Update for Containers Module
* #1215806 Affected Products: * Containers Module 15-SP4 * openSUSE Leap 15.4 . # Security update for conmon Announcement ID: SUSE-SU-2023:4042-1 Rating: important References: * #1215806 Affected Products: * Containers Module 15-SP4 * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has one security fix can now be installed. ## Description: This update for conmon fixes the following issues: conmon was rebuilt using go1.21 (bsc#1215806) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch openSUSE-SLE-15.4-2023-4042=1 SUSE-2023-4042=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2023-4042=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2023-4042=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2023-4042=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2023-4042=1 * Containers Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Containers-15-SP4-2023-4042=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * conmon-debuginfo-2.1.7-150400.3.14.1 * conmon-2.1.7-150400.3.14.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * conmon-debuginfo-2.1.7-150400.3.14.1 * conmon-2.1.7-150400.3.14.1 * SUSE LinuxEnterprise Micro 5.3 (aarch64 s390x x86_64) * conmon-debuginfo-2.1.7-150400.3.14.1 * conmon-2.1.7-150400.3.14.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * conmon-debuginfo-2.1.7-150400.3.14.1 * conmon-2.1.7-150400.3.14.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * conmon-debuginfo-2.1.7-150400.3.14.1 * conmon-2.1.7-150400.3.14.1 * Containers Module 15-SP4 (aarch64 ppc64le s390x x86_64) * conmon-debuginfo-2.1.7-150400.3.14.1 * conmon-2.1.7-150400.3.14.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1215806 . Significant safety enhancement for conmon in openSUSE platforms, tackling vulnerabilities and bolstering overall system resilience.. SUSE Security Update, conmon Patch, openSUSE 15.4 Fix, Linux Containers Security, System Vulnerability Management. . Severity: Important. LinuxSecurity.com Team
Oct 10, 2023
•Important
SuSE
100
security advisoryupdateimportantSUSE: 2023:4021-1 Important Conmon Update - Critical Security Fix
* #1215806 Affected Products: * SUSE CaaS Platform 4.0 * SUSE Linux Enterprise High Performance Computing 15 SP1 . # Security update for conmon Announcement ID: SUSE-SU-2023:4021-1 Rating: important References: * #1215806 Affected Products: * SUSE CaaS Platform 4.0 * SUSE Linux Enterprise High Performance Computing 15 SP1 * SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP1 * SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that has one security fix can now be installed. ## Description: This update for conmon fixes the following issues: conmon is rebuilt with go1.21. (bsc#1215806) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-4021=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-4021=1 * SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-4021=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-4021=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2023-4021=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2023-4021=1 *SUSE CaaS Platform 4.0 To install this update, use the SUSE CaaS Platform 'skuba' tool. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (aarch64 x86_64) * conmon-debuginfo-2.1.3-150100.3.12.1 * conmon-2.1.3-150100.3.12.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * conmon-debuginfo-2.1.3-150100.3.12.1 * conmon-2.1.3-150100.3.12.1 * SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (aarch64 ppc64le s390x x86_64) * conmon-debuginfo-2.1.3-150100.3.12.1 * conmon-2.1.3-150100.3.12.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * conmon-debuginfo-2.1.3-150100.3.12.1 * conmon-2.1.3-150100.3.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 (ppc64le x86_64) * conmon-debuginfo-2.1.3-150100.3.12.1 * conmon-2.1.3-150100.3.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * conmon-debuginfo-2.1.3-150100.3.12.1 * conmon-2.1.3-150100.3.12.1 * SUSE CaaS Platform 4.0 (x86_64) * conmon-debuginfo-2.1.3-150100.3.12.1 * conmon-2.1.3-150100.3.12.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1215806 . This report highlights essential security improvements for conmon that affect SUSE products including CaaS Platform and HPC.. SUSE Linux, Conmon Security, HPC Update, CaaS Platform Security. . Severity: Important. LinuxSecurity.com Team
Oct 10, 2023
•Important
SuSE
202
security advisorybug fiximportantopenSUSE 15.5: SUSE-SU-2023:4022-1 Important Conmon Security Update
This update for conmon fixes the following issues: conmon is rebuild with go1.21 to capture current stability, bug and security fixes. (bsc#1215806). # Security update for conmon Announcement ID: SUSE-SU-2023:4022-1 Rating: important References: * #1215806 Affected Products: * Containers Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has one security fix can now be installed. ## Description: This update for conmon fixes the following issues: conmon is rebuild with go1.21 to capture current stability, bug and security fixes. (bsc#1215806) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2023-4022=1 openSUSE-SLE-15.5-2023-4022=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2023-4022=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2023-4022=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * conmon-2.1.7-150500.9.6.1 * conmon-debuginfo-2.1.7-150500.9.6.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * conmon-2.1.7-150500.9.6.1 * conmon-debuginfo-2.1.7-150500.9.6.1 * Containers Module 15-SP5 (aarch64 ppc64le s390x x86_64) * conmon-2.1.7-150500.9.6.1 * conmon-debuginfo-2.1.7-150500.9.6.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1215806 . Address critical vulnerabilities with this security notice for openSUSE and associated systems.. conmon Security Update, openSUSE Advisory, bug fixes Conmon, security patch. . Severity: Important. LinuxSecurity.com Team
Oct 10, 2023
•Important
OpenSUSE
100
security advisorysoftware patchsecurity fixopenSUSE Leap 15.5 SUSE-SU-2023:4022-1 Important Conmon Security Fix
* #1215806 Affected Products: * Containers Module 15-SP5 * openSUSE Leap 15.5 . # Security update for conmon Announcement ID: SUSE-SU-2023:4022-1 Rating: important References: * #1215806 Affected Products: * Containers Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has one security fix can now be installed. ## Description: This update for conmon fixes the following issues: conmon is rebuild with go1.21 to capture current stability, bug and security fixes. (bsc#1215806) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2023-4022=1 openSUSE-SLE-15.5-2023-4022=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2023-4022=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2023-4022=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * conmon-2.1.7-150500.9.6.1 * conmon-debuginfo-2.1.7-150500.9.6.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * conmon-2.1.7-150500.9.6.1 * conmon-debuginfo-2.1.7-150500.9.6.1 * Containers Module 15-SP5 (aarch64 ppc64le s390x x86_64) * conmon-2.1.7-150500.9.6.1 * conmon-debuginfo-2.1.7-150500.9.6.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1215806 . Announcement regarding conmon, designated as high priority, now accessible for openSUSE and SUSE Linux Enterprise along with critical updates.. openSUSE Leap, Conmon Security, Important Updates, Patch Instructions. . Severity: Important. LinuxSecurity.com Team
Oct 10, 2023
•Important
SuSE
202
security advisorysoftware updatepatchopenSUSE 15.5: SUSE-SU-2023:2988-1 Important: Conmon Security Fix
This update for conmon fixes the following issues: conmon was updated to version 2.1.7:. # Security update for conmon Announcement ID: SUSE-SU-2023:2988-1 Rating: important References: * #1208737 * #1209307 Affected Products: * Containers Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has two fixes can now be installed. ## Description: This update for conmon fixes the following issues: conmon was updated to version 2.1.7: * Bumped go version to 1.19 (bsc#1209307). Bugfixes: * Fixed leaking symbolic links in the opt_socket_path directory * Fixed oom handling issues (bsc#1208737). * Fixed OOM watcher for cgroupv2 `oom_kill` events ## Patch Instructions: To install this SUSE Important update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2023-2988=1 openSUSE-SLE-15.5-2023-2988=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2023-2988=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * conmon-debuginfo-2.1.7-150500.9.3.1 * conmon-2.1.7-150500.9.3.1 * Containers Module 15-SP5 (aarch64 ppc64le s390x x86_64) * conmon-debuginfo-2.1.7-150500.9.3.1 * conmon-2.1.7-150500.9.3.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1208737 * https://bugzilla.suse.com/show_bug.cgi?id=1209307 . The latest conmon release tackles critical problems by enhancing memory management and resolving issues related to symbolic link leakage.. Conmon Update,SUSE Updates,Bug Fixes,Security Advisory. . Severity: Important. LinuxSecurity.com Team
Jul 26, 2023
•Important
OpenSUSE
202
security advisorysecurity updateimportant fixopenSUSE 15.4 Important: conmon Security Update 2023:2989-1
This update for conmon fixes the following issues: conmon was updated to version 2.1.7:. # Security update for conmon Announcement ID: SUSE-SU-2023:2989-1 Rating: important References: * #1208737 * #1209307 Affected Products: * Containers Module 15-SP4 * openSUSE Leap 15.4 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has two fixes can now be installed. ## Description: This update for conmon fixes the following issues: conmon was updated to version 2.1.7: * Bumped go version to 1.19 (bsc#1209307). Bugfixes: * Fixed leaking symbolic links in the opt_socket_path directory. * Fixed cgroup oom issues (bsc#1208737). * Fixed OOM watcher for cgroupv2 `oom_kill` events. ## Patch Instructions: To install this SUSE Important update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch openSUSE-SLE-15.4-2023-2989=1 SUSE-2023-2989=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2023-2989=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2023-2989=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2023-2989=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2023-2989=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2023-2989=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2023-2989=1 * Containers Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Containers-15-SP4-2023-2989=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * conmon-debuginfo-2.1.7-150400.3.11.1 * conmon-2.1.7-150400.3.11.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * conmon-debuginfo-2.1.7-150400.3.11.1 * conmon-2.1.7-150400.3.11.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * conmon-debuginfo-2.1.7-150400.3.11.1 * conmon-2.1.7-150400.3.11.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * conmon-debuginfo-2.1.7-150400.3.11.1 * conmon-2.1.7-150400.3.11.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * conmon-debuginfo-2.1.7-150400.3.11.1 * conmon-2.1.7-150400.3.11.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * conmon-debuginfo-2.1.7-150400.3.11.1 * conmon-2.1.7-150400.3.11.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * conmon-debuginfo-2.1.7-150400.3.11.1 * conmon-2.1.7-150400.3.11.1 * Containers Module 15-SP4 (aarch64 ppc64le s390x x86_64) * conmon-debuginfo-2.1.7-150400.3.11.1 * conmon-2.1.7-150400.3.11.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1208737 * https://bugzilla.suse.com/show_bug.cgi?id=1209307 . Crucial patch released for podman in Fedora addresses multiple stable editions and resolves significant vulnerabilities.. SUSE Conmon Update, OpenSUSE Security Advisories, Important Security Fixes. . Severity: Important. LinuxSecurity.com Team
Jul 26, 2023
•Important
OpenSUSE
98
security advisorysecurity updateRed Hat Enterprise LinuxRed Hat Enterprise Linux 9 RHSA-2023:2222-01 Moderate: Conmon Memory Impact
An update for conmon is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: conmon security and bug fix update Advisory ID: RHSA-2023:2222-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:2222 Issue date: 2023-05-09 CVE Names: CVE-2022-41717 ==================================================================== 1. Summary: An update for conmon is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64 3. Description: Conmon is an OCI container runtime monitor. Security Fix(es): * golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.2 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2129080 - conmon bug fixand enhancement update [rhel-9.2.0] 2154417 - podman gating test issues in RHEL9.0 (bump conmon-2.1.4) 2161274 - CVE-2022-41717 golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests 2173697 - Fails to run containers with kernel-rt and cgroups v1 6. Package List: Red Hat Enterprise Linux AppStream (v. 9): Source: conmon-2.1.7-1.el9_2.src.rpm aarch64: conmon-2.1.7-1.el9_2.aarch64.rpm conmon-debuginfo-2.1.7-1.el9_2.aarch64.rpm conmon-debugsource-2.1.7-1.el9_2.aarch64.rpm ppc64le: conmon-2.1.7-1.el9_2.ppc64le.rpm conmon-debuginfo-2.1.7-1.el9_2.ppc64le.rpm conmon-debugsource-2.1.7-1.el9_2.ppc64le.rpm s390x: conmon-2.1.7-1.el9_2.s390x.rpm conmon-debuginfo-2.1.7-1.el9_2.s390x.rpm conmon-debugsource-2.1.7-1.el9_2.s390x.rpm x86_64: conmon-2.1.7-1.el9_2.x86_64.rpm conmon-debuginfo-2.1.7-1.el9_2.x86_64.rpm conmon-debugsource-2.1.7-1.el9_2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2022-41717 https://access.redhat.com/security/updates/classification#moderate https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/9.2_release_notes/index 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBZFo0WNzjgjWX9erEAQiM9hAAn7KBwcV6tJGVHKSa3Cong1LrQ3gM/DDD pmt/FxQ29FcRexK9gUaSc/QOzPdIX2kmD0f2Lhau+Cw/6fotNYjoeXTISocTeBxV pNdSQq0dXHAZA3CTqFzrgJ1hRy6cv27pBd4OkVTfsTNgPnlindo9K0Z92bIIfH+c jCx77ZinWVTL/KgoN1OieXjfrTPNO3gy8etkDNfnlcG75qgzW0n663M0nxXdpkdS rzEzrxD98CYNIr4b/GNADDGMmUqbtr73EODjsOs1TZ6VqEfZkvYoJpd0lNB/rlIk yP3FnNbQbt9ZvgM80yg3T0ll8WW1mue8Gbo03FSGTXlOLlHNhcgQDgyMyfWazF3h WLWQyMCn9/+nzxhYTDJBvsXzVZWCrhHrh5zw8Ac96kpgB2cSpHVnAAu4JBmGFPTP mHBvBHue5ycvm59LDSVZnvPXS2Kf7kH4r23AESRMYY0a4GlCsVC4dNvNvo0k0K+U aHFpz2UcO8PxEhgVAU0C+oTk7pwmV44flRtPPfa7XAIaxqFcyRxjomBT8McREirl B0H7SHDGV0pjJFcUe34QSM4N3EsCRraOBKsTC6WD10CVA3AN+gHv8yKhlN1Qlytf e1oXwIt3tC/ETF1ljBr4lOg4Zc7AIBtxzl/V/0WN+8EMe1JPn7SvYiZL78KUWQhB YkR3P+oC3/Y=tSPS -----END PGP SIGNATURE----- -- RHSA-announce mailing list
May 09, 2023
Red Hat
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!