Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -5 articles for you...
100
security advisorysoftware updateopenSUSEopenSUSE 15.5: SUSE-SU-2023:4652-1 important: cdi update
Affected Products: * Containers Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 . # Security update for cdi-apiserver-container, cdi-cloner-container, cdi- controller-container, cdi-importer-container, cdi-operator-container, cdi- uploadproxy-container, cdi-uploadserver-container, cont Announcement ID: SUSE-SU-2023:4652-1 Rating: important References: Affected Products: * Containers Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that can now be installed. ## Description: This update for cdi-apiserver-container, cdi-cloner-container, cdi-controller- container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy- container, cdi-uploadserver-container, containerized-data-importer fixes the following issues: Update to version 1.58.0 * Release notes https://github.com/kubevirt/containerized-data-importer/releases/tag/v1.58.0 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2023-4652=1 openSUSE-SLE-15.5-2023-4652=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2023-4652=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2023-4652=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * containerized-data-importer-controller-debuginfo-1.58.0-150500.6.6.1 * containerized-data-importer-manifests-1.58.0-150500.6.6.1 * containerized-data-importer-uploadproxy-1.58.0-150500.6.6.1 * containerized-data-importer-operator-debuginfo-1.58.0-150500.6.6.1 * containerized-data-importer-uploadserver-debuginfo-1.58.0-150500.6.6.1 * containerized-data-importer-operator-1.58.0-150500.6.6.1 * containerized-data-importer-cloner-debuginfo-1.58.0-150500.6.6.1 * containerized-data-importer-controller-1.58.0-150500.6.6.1 * containerized-data-importer-uploadproxy-debuginfo-1.58.0-150500.6.6.1 * containerized-data-importer-api-debuginfo-1.58.0-150500.6.6.1 * containerized-data-importer-importer-debuginfo-1.58.0-150500.6.6.1 * containerized-data-importer-api-1.58.0-150500.6.6.1 * containerized-data-importer-cloner-1.58.0-150500.6.6.1 * obs-service-cdi_containers_meta-1.58.0-150500.6.6.1 * containerized-data-importer-uploadserver-1.58.0-150500.6.6.1 * containerized-data-importer-importer-1.58.0-150500.6.6.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * containerized-data-importer-manifests-1.58.0-150500.6.6.1 * Containers Module 15-SP5 (x86_64) * containerized-data-importer-manifests-1.58.0-150500.6.6.1 . Crucial security update for cdi-apiserver-image and associated platforms in openSUSE and SUSE Linux Enterprise.. Container Security, Important Patches, openSUSE Updates. . Severity: Important. LinuxSecurity.com Team
Dec 14, 2023
•Important
SuSE
100
security advisorysecurity issuesuseSUSE: 2023:2400-1 Critical: Security Patch for MySQL Environment
The container suse/postgres was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/postgres ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2023:2398-1 Container Tags : suse/postgres:14 , suse/postgres:14-12.13 , suse/postgres:14.8 , suse/postgres:14.8-12.13 Container Release : 12.13 Severity : important Type : security References : 1208721 1209229 1210999 1211828 1212126 1212613 1213237 CVE-2023-31484 CVE-2023-32001 CVE-2023-34969 ----------------------------------------------------------------- The container suse/postgres was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:2877-1 Released: Wed Jul 19 09:43:42 2023 Summary: Security update for dbus-1 Type: security Severity: moderate References: 1212126,CVE-2023-34969 This update for dbus-1 fixes the following issues: - CVE-2023-34969: Fixed a possible dbus-daemon crash by an unprivileged users (bsc#1212126). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:2882-1 Released: Wed Jul 19 11:49:39 2023 Summary: Security update for perl Type: security Severity: important References: 1210999,CVE-2023-31484 This update for perl fixes the following issues: - CVE-2023-31484: Enable TLS cert verification in CPAN (bsc#1210999). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:2885-1 Released: Wed Jul 19 16:58:43 2023 Summary: Recommended update for glibc Type: recommended Severity: moderate References: 1208721,1209229,1211828 This update for glibc fixes the following issues: - getlogin_r: fix missing fallback if loginuid is unset (bsc#1209229, BZ #30235) - Exclude static archives from preparation for live patching (bsc#1208721) -resolv_conf: release lock on allocation failure (bsc#1211828, BZ #30527) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:2891-1 Released: Wed Jul 19 21:14:33 2023 Summary: Security update for curl Type: security Severity: moderate References: 1213237,CVE-2023-32001 This update for curl fixes the following issues: - CVE-2023-32001: Fixed TOCTOU race condition (bsc#1213237). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:2901-1 Released: Thu Jul 20 09:49:16 2023 Summary: Recommended update for lvm2 Type: recommended Severity: important References: 1212613 This update for lvm2 fixes the following issues: - multipath_component_detection = 0 in lvm.conf does not have any effect (bsc#1212613) The following package changes have been done: - glibc-2.31-150300.52.2 updated - perl-base-5.26.1-150300.17.14.1 updated - libcurl4-8.0.1-150400.5.26.1 updated - glibc-locale-base-2.31-150300.52.2 updated - libdbus-1-3-1.12.2-150400.18.8.1 updated - libdevmapper1_03-2.03.16_1.02.185-150500.7.3.1 updated - glibc-locale-2.31-150300.52.2 updated - dbus-1-1.12.2-150400.18.8.1 updated - container:sles15-image-15.0.0-36.5.18 updated . Keep abreast of the newest developments from SUSE regarding the suse/postgres image, encompassing vital security fixes.. SUSE Update, Postgres Security, Container Advisory. . Severity: Important. LinuxSecurity.com Team
Jul 22, 2023
•Important
SuSE
100
security advisorysecurity issuenodejsSUSE: 2022:2372-1 Important: Bci/Nodejs Security Threat Mitigated
The container bci/nodejs was updated. The following patches have been included in this update:. SUSE Container Update Advisory: bci/nodejs ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2022:2372-1 Container Tags : bci/node:14 , bci/node:14-33.40 , bci/nodejs:14 , bci/nodejs:14-33.40 Container Release : 33.40 Severity : important Type : security References : 1047178 1199140 1201680 1203018 CVE-2017-6512 CVE-2021-46828 CVE-2022-31252 ----------------------------------------------------------------- The container bci/nodejs was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:3262-1 Released: Tue Sep 13 15:34:29 2022 Summary: Recommended update for gcc11 Type: recommended Severity: moderate References: 1199140 This update for gcc11 ships some missing 32bit libraries for s390x. (bsc#1199140) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:3271-1 Released: Wed Sep 14 06:45:39 2022 Summary: Security update for perl Type: security Severity: moderate References: 1047178,CVE-2017-6512 This update for perl fixes the following issues: - CVE-2017-6512: Fixed File::Path rmtree/remove_tree race condition (bsc#1047178). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:3305-1 Released: Mon Sep 19 11:45:57 2022 Summary: Security update for libtirpc Type: security Severity: important References: 1201680,CVE-2021-46828 This update for libtirpc fixes the following issues: - CVE-2021-46828: Fixed denial of service vulnerability with lots of connections (bsc#1201680). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:3353-1 Released: Fri Sep 23 15:23:40 2022 Summary: Security update for permissions Type: security Severity: moderate References: 1203018,CVE-2022-31252 This update for permissions fixes the following issues: - CVE-2022-31252: Fixed chkstat group controlled paths (bsc#1203018). The following package changes have been done: - libtirpc-netconfig-1.2.6-150300.3.14.1 updated - perl-base-5.26.1-150300.17.11.1 updated - libgcc_s1-11.3.0+git1637-150000.1.11.2 updated - libstdc++6-11.3.0+git1637-150000.1.11.2 updated - libtirpc3-1.2.6-150300.3.14.1 updated - permissions-20201225-150400.5.11.1 updated - container:sles15-image-15.0.0-27.11.27 updated . SUSE enhances bci/nodejs by implementing crucial patches to address various security vulnerabilities, improving overall container safety.. bci/nodejs update, security patches, container advisory, nodejs security. . Severity: Important. LinuxSecurity.com Team
Sep 28, 2022
•Important
SuSE
100
security advisorysecurity updatesoftware updateSUSE: 2023:1897-1 Urgent Patch for jpeg Buffer Overflow Vulnerability
An update that fixes 8 vulnerabilities is now available. . SUSE Security Update: Security update for tiff ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:1667-1 Rating: important References: #1195964 #1195965 #1197066 #1197068 #1197072 #1197073 #1197074 #1197631 Cross-References: CVE-2022-0561 CVE-2022-0562 CVE-2022-0865 CVE-2022-0891 CVE-2022-0908 CVE-2022-0909 CVE-2022-0924 CVE-2022-1056 CVSS scores: CVE-2022-0561 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2022-0561 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2022-0562 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2022-0562 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2022-0865 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2022-0865 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2022-0891 (NVD) : 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H CVE-2022-0891 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2022-0908 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2022-0908 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2022-0909 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2022-0909 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2022-0924 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2022-0924 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2022-1056 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2022-1056 (SUSE): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H Affected Products: SUSE Linux Enterprise Server 12-SP5 SUSE Linux Enterprise Server for SAP Applications 12-SP5 SUSE Linux Enterprise Software Development Kit 12-SP5 ______________________________________________________________________________ An update that fixes 8 vulnerabilities is now available. Description: This update for tiff fixes the following issues: - CVE-2022-0561: Fixed null source pointer passed as an argument to memcpy() within TIFFFetchStripThing() in tif_dirread.c (bsc#1195964). - CVE-2022-0562: Fixed null source pointer passed as an argument to memcpy() within TIFFReadDirectory() in tif_dirread.c (bsc#1195965). - CVE-2022-0865: Fixed assertion failure in TIFFReadAndRealloc (bsc#1197066). - CVE-2022-0909: Fixed divide by zero error in tiffcrop that could have led to a denial-of-service via a crafted tiff file (bsc#1197072). - CVE-2022-0924: Fixed out-of-bounds read error in tiffcp that could have led to a denial-of-service via a crafted tiff file (bsc#1197073). - CVE-2022-0908: Fixed null source pointer passed as an argument to memcpy in TIFFFetchNormalTag() (bsc#1197074). - CVE-2022-1056: Fixed out-of-bounds read error in tiffcrop that could have led to a denial-of-service via a crafted tiff file (bsc#1197631). - CVE-2022-0891: Fixed heap buffer overflow in extractImageSection (bsc#1197068). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP5: zypper in -t patch SUSE-SLE-SDK-12-SP5-2022-1667=1 - SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2022-1667=1 Package List: - SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le s390x x86_64): libtiff-devel-4.0.9-44.48.1 tiff-debuginfo-4.0.9-44.48.1 tiff-debugsource-4.0.9-44.48.1 - SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64): libtiff5-4.0.9-44.48.1 libtiff5-debuginfo-4.0.9-44.48.1 tiff-4.0.9-44.48.1 tiff-debuginfo-4.0.9-44.48.1 tiff-debugsource-4.0.9-44.48.1 - SUSE Linux Enterprise Server 12-SP5 (s390x x86_64): libtiff5-32bit-4.0.9-44.48.1 libtiff5-debuginfo-32bit-4.0.9-44.48.1 References: https://www.suse.com/security/cve/CVE-2022-0561.html https://www.suse.com/security/cve/CVE-2022-0562.html https://www.suse.com/security/cve/CVE-2022-0865.html https://www.suse.com/security/cve/CVE-2022-0891.html https://www.suse.com/security/cve/CVE-2022-0908.html https://www.suse.com/security/cve/CVE-2022-0909.html https://www.suse.com/security/cve/CVE-2022-0924.html https://www.suse.com/security/cve/CVE-2022-1056.html https://bugzilla.suse.com/1195964 https://bugzilla.suse.com/1195965 https://bugzilla.suse.com/1197066 https://bugzilla.suse.com/1197068 https://bugzilla.suse.com/1197072 https://bugzilla.suse.com/1197073 https://bugzilla.suse.com/1197074 https://bugzilla.suse.com/1197631 . SUSE Security Update for curl addresses 5 vulnerabilities, enhancing overall system stability. Crucial for network engineers.. SUSE Linux Update,tiff Security Fix,DoS Mitigation,Important Patches. . Severity: Important. LinuxSecurity.com Team
May 16, 2022
•Important
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!