Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 0 articles for you...
202
security advisoryissueimportantopenSUSE 15.x: 2025:0751-1 important: azure-cli service management issue
An update that solves one vulnerability can now be installed.. # Security update for azure-cli Announcement ID: SUSE-SU-2025:0751-1 Release Date: 2025-02-28T16:26:27Z Rating: important References: * bsc#1231971 Cross-References: * CVE-2024-43591 CVSS scores: * CVE-2024-43591 ( SUSE ): 8.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H * CVE-2024-43591 ( NVD ): 8.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H * CVE-2024-43591 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.6 * Public Cloud Module 15-SP4 * Public Cloud Module 15-SP5 * Public Cloud Module 15-SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for azure-cli fixes the following issues: * CVE-2024-43591: improper neutralization of special elements could allow users to run Azure CLI commands that result in certain service management operations being performed with System level permissions in Azure Defender for Cloud (bsc#1231971). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-751=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-751=1 * Public Cloud Module 15-SP4 zypper in -t patchSUSE-SLE-Module-Public-Cloud-15-SP4-2025-751=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2025-751=1 * Public Cloud Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-751=1 ## Package List: * openSUSE Leap 15.4 (noarch) * azure-cli-2.58.0-150400.14.12.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * azure-cli-test-2.58.0-150400.14.12.1 * openSUSE Leap 15.6 (noarch) * azure-cli-2.58.0-150400.14.12.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * azure-cli-test-2.58.0-150400.14.12.1 * Public Cloud Module 15-SP4 (noarch) * azure-cli-2.58.0-150400.14.12.1 * Public Cloud Module 15-SP5 (noarch) * azure-cli-2.58.0-150400.14.12.1 * Public Cloud Module 15-SP6 (noarch) * azure-cli-2.58.0-150400.14.12.1 * Public Cloud Module 15-SP6 (aarch64 ppc64le s390x x86_64) * azure-cli-test-2.58.0-150400.14.12.1 ## References: * https://www.suse.com/security/cve/CVE-2024-43591.html * https://bugzilla.suse.com/show_bug.cgi?id=1231971 . Discover the vital security patch for azure-cli which tackles a significant vulnerability found within openSUSE environments and related cloud services.. azure-cli advisory, openSUSE important update, service management permissions. . Severity: Important. LinuxSecurity.com Team
Feb 28, 2025
•Important
OpenSUSE
100
security advisorycriticalprivilege escalationopenSUSE 15.4/15.6: 2025:0751-1 important: azure-cli privilege escalation
* bsc#1231971 Cross-References: * CVE-2024-43591 . # Security update for azure-cli Announcement ID: SUSE-SU-2025:0751-1 Release Date: 2025-02-28T16:26:27Z Rating: important References: * bsc#1231971 Cross-References: * CVE-2024-43591 CVSS scores: * CVE-2024-43591 ( SUSE ): 8.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H * CVE-2024-43591 ( NVD ): 8.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H * CVE-2024-43591 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.6 * Public Cloud Module 15-SP4 * Public Cloud Module 15-SP5 * Public Cloud Module 15-SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for azure-cli fixes the following issues: * CVE-2024-43591: improper neutralization of special elements could allow users to run Azure CLI commands that result in certain service management operations being performed with System level permissions in Azure Defender for Cloud (bsc#1231971). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-751=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-751=1 * Public Cloud Module 15-SP4 zypper in -t patchSUSE-SLE-Module-Public-Cloud-15-SP4-2025-751=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2025-751=1 * Public Cloud Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-751=1 ## Package List: * openSUSE Leap 15.4 (noarch) * azure-cli-2.58.0-150400.14.12.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * azure-cli-test-2.58.0-150400.14.12.1 * openSUSE Leap 15.6 (noarch) * azure-cli-2.58.0-150400.14.12.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * azure-cli-test-2.58.0-150400.14.12.1 * Public Cloud Module 15-SP4 (noarch) * azure-cli-2.58.0-150400.14.12.1 * Public Cloud Module 15-SP5 (noarch) * azure-cli-2.58.0-150400.14.12.1 * Public Cloud Module 15-SP6 (noarch) * azure-cli-2.58.0-150400.14.12.1 * Public Cloud Module 15-SP6 (aarch64 ppc64le s390x x86_64) * azure-cli-test-2.58.0-150400.14.12.1 ## References: * https://www.suse.com/security/cve/CVE-2024-43591.html * https://bugzilla.suse.com/show_bug.cgi?id=1231971 . Important announcement for azure-cli concerning significant vulnerabilities associated with access rights in Azure Defender. Find further information here.. Azure CLI, SUSE Security Update, Privilege Escalation, Service Management Issues. . Severity: Important. LinuxSecurity.com Team
Feb 28, 2025
•Important
SuSE
98
security advisorysecurity updatemoderate impactRed Hat OpenStack 16.1.9 RHSA-2022:8796-01 Moderate: Data Leak Threat
An update for openstack-tripleo-heat-templates is now available for Red Hat OpenStack Platform 16.1.9 (Train) for Red Hat Enterprise Linux (RHEL) 8.2. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: Red Hat OpenStack 16.1.9 (openstack-tripleo-heat-templates) security update Advisory ID: RHSA-2022:8796-01 Product: Red Hat OpenStack Platform Advisory URL: https://access.redhat.com/errata/RHSA-2022:8796 Issue date: 2022-12-07 CVE Names: CVE-2021-4180 ==================================================================== 1. Summary: An update for openstack-tripleo-heat-templates is now available for Red Hat OpenStack Platform 16.1.9 (Train) for Red Hat Enterprise Linux (RHEL) 8.2. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat OpenStack Platform 16.1 - noarch 3. Description: Heat templates for TripleO Security Fix(es): * data leak of internal URL through keystone_authtoken (CVE-2021-4180) Other fixes: * Before this update, NTP validation did not occur during deployments. Some users reported issues with cloud authentication failing with invalid tokens due to time not being synchronized between nodes. With this update, NTP synchronization validation during deployment has been re-enabled. Hosts must be able to connect to the defined NTP server list. If you previously performed a deployment with invalid or unreachable NTP servers, after update, the deployment might fail when NTP is validated. Ensure that you have valid andreachable NTP servers before updating. (BZ#2034095) * With this update, director supports specifying overrides for NVSv4 ID mapping when using a CephFS-NFS back end with the Shared File Systems service (manila). Ceph-NFS with the Shared File Systems service only allows client access through NFSv4.1+. With NFSv4.1, usernames and group names are sent over the wire and translated by both the server and the client. Deployers might want to customize their domain settings to better represent organization users who can access Shared File Systems service shares from multiple clients. Director supports customizing NFS ID mapping settings through these parameters: - - ManilaCephFSNFSIdmapOverrides: Allows specifying configuration objects for override with the default idmapd.conf file used by the NFS service - - ManilaCephFSNFSIdmapConf: Allows specifying a custom idmapd.conf file for the NFS service (BZ#1917356) * Before this update, the ceilometer-agent-compute container could not read the /var/run/libvirt directory because of an improper volume mount to /var/run/libvirt in the ceilometer-agent-compute container, resulting in the inability to poll for CPU metrics on Compute nodes. With this update, the appropriate global permissions have been applied to the /var/run/libvirt directory, and you can poll for CPU telemetry with the ceilometer-agent-compute container on the Compute nodes. CPU telemetry data is available through the Compute service (nova). (BZ#2103971) * Before this update, the libvirt service started after the ceilometer-agent-compute service and the ceilometer-agent-compute service did not communicate with libvirt, resulting in missing libvirt metrics. With this update, the ceilometer-agent-compute service starts after the libvirt service and can poll libvirt metrics without "Permission denied" errors. (BZ#2130078) * Before this update, a Telemetry service (ceilometer) user had insufficient privileges to poll objects from the Object Storage service (swift). The Object Storage service client did not allowthe Telemetry service user to fetch object details. With this update, the Telemetry service user is associated with the ResellerAdmin role. + Execute the following command to workaround this issue manually: + - ---- $ openstack role add --user ceilometer --project service ResellerAdmin - ---- + The associated Telemetry service user can poll Object Storage service object metrics successfully. (BZ#2130849) * Before this update, systemd stopped the Load-balancing services (octavia) during shutdown, leaving resources in the PENDING_UPDATE status. With this update, the graceful shutdown duration of the Load-balancing services is increased, preventing the services from being stopped by systemd. (BZ#2063031) * In Red Hat OpenStack Platform (RHOSP) 16.1.9, the collectd processes plugin is removed from the default list of plugins. Loading the plugin can cause flooding issues and does not provide value when running in a containerized environment because it only recognizes the collectd and sensubility processes rather than the expected system processes. Bug fixes and support will be provided through the end of the 16.1.9 lifecycle but no new feature enhancements will be made. (BZ#2101949) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1851467 - [OVN] Do not send geneve UDP traffic to conntrack for performance reasons 1910115 - OVNCMSOptions are not set correctly on controller nodes if OVN without DVR is deployed with minimum extra env files 1917356 - [RHOSP 16.1] manila with cephfs using nfs doesn't honor Squash = None provided in the ganesha export template during share creation 1936278 - Sensitive amphora values exposed in ansible.log during stack update. 2032295 - [RHOSP 16.1] [ipv6 undercloud] undercloud update fails when you have ipv6 undercloud with enable_routed_networks=false in undercloud.conf; during stack update router interface port is tried to bere-created with the same ip 2032518 - Bonding Rendered Templates have incorrect indentation 2034095 - Deployment fails while authenticating for nova and glance during TASK [tripleo-keystone-resources : Check Keystone public endpoint status] 2035793 - CVE-2021-4180 openstack-tripleo-heat-templates: data leak of internal URL through keystone_authtoken 2036195 - Provide mechanism to tune the sysctl param fs.aio-max-nr on the host 2039412 - after minor update to 16.1.7, libvirtd is enabled on the controllers2049452 - Killing dhcp sidecar container fails 2061845 - [RHOS 16.1] Fix InternalApi subnet for ControllerNovaStandalone role 2062764 - [RHOSP 16.1] ceilometer-ipmi-agent logs to /var/log/ceilometer inside the container 2063031 - Octavia services might be killed by systemd on update 2064383 - FFU OSP13-> 16.1 leapp fails with: Detected loaded kernel drivers which have been removed in RHEL 8 2065736 - RHOSP13-16.1 FFU - Use state file for workaround 1925078 2066852 - Overcloud deployment fails with error as 'overcloud_endpoint.pem' not found. 2069755 - [16.1] [Regression] Nova instance QEMU logs are not created under /var/log/libvirt/qemu/ 2073607 - Certificate DN is not expanding in the Octavia tenant flow logs 2100907 - Octavia fails when enabling TLS-e in existing setup 2101949 - [RHOSP 16.1] Remove processes plugin from list of default plugins for collectd deployments 2103971 - [RHOSP 16.1] Ceilometer can't read /run/libvirt resulting in no 'cpu' metrics 2109931 - Too frequent async task polling causes delay in timeout detection 2129031 - [RHOSP16.1.8] DHCP agent container is not removed after network deletion 2129882 - [OVN][16.1] VM status spawning and ERROR on CI jenkins job 2130078 - [RHOSP 16.1] Ceilometer-agent-compute could be started on compute nodes before libvirt which will cause ceilometer to fail to collect virt mertrics 2130140 - [13-> 16.1] Undercloud upgrade fails on nova_db_sync_stein 2130849 - [RHOSP 16.1] swiftclient forbids ceilometer from polling swift objects 2131961 - Overcloud containerimages not updated during minor update 2136171 - Predictable IP Deploy fails Storage Port cidr is incorrect 2136393 - overcloud update failed with error {"msg": "Failed to get information on remote file (/var/lib/mistral/overcloud/octavia-ansible/group_vars/octavia_vars.yaml): Permission denied"} 2141835 - [RHOSP16.1] DerivePciWhitelistEnabled Is Not Defined 6. Package List: Red Hat OpenStack Platform 16.1: Source: openstack-tripleo-heat-templates-11.3.2-1.20221013153262.el8ost.src.rpm noarch: openstack-tripleo-heat-templates-11.3.2-1.20221013153262.el8ost.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2021-4180 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBY5FphNzjgjWX9erEAQipSA/+OVCRPwVATGYE1VxmQWCkXtB4thYPtkxd WQ0vnNrepSAauvrQMo4YZwOHYF+5gyxZ5w9rEShY8l3YhcinhO8EDXVn8f61DsRA WBIE7i/bMOK1LZ0heYXZT8R1G2I+uldoB8D+vLSzINRfi0hibEkZGXOULlK85Avx PFzeO4887LYcJfrppf6WwdQ3lyma/8GWTQctnzEmyFXvIf6MKM5dTby75x6Yo2uC XC4pCcwPpdHvZT5BINBIvYenqNNgHh2S4Mk+ilyaslm51ZTa/PIpKyk9GD3R3JD6 lQIN3nHhZkrPw3AhchtOicrbi8C1djrvAOnc9DMCVD10vP5pPUzUs8VeyADext0g URx93mF24MH36ao89vTZPkinSnG5Y7DxhG1vn+49NtclXRiGUQo/XQ0eF+uvfEZM +Bpw3LKuxz/og5GJA2N4hu/UOl6G0xdeknzjEWne/DmTBDNHwho1Q8jDKPFlwTHO /ubCOT6HtdQM/tug2PHyfdf/73CsvCOcmhxByXm7TnwfLM9Dv87cp/Pb2Oqm0Pzp rE7W44uvkkuq507YPyRtZKEdGO973AY2sXtnfZMh/Y38oCPgvS0Fd9XixSifCn6/ ZxN6QsExd5Oi9pAMjmy/tlUEe294GcD6fOrtcoNtrbCW1Wg4XKL4T+dz2ky8um1j hy8gAdxaruw=ZoRF -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Dec 08, 2022
Red Hat
219
security advisorysystem updateservice managementRocky Linux 8: RLBA-2021:3059 Unknown Severity: Systemd Bug Fix Update
systemd bug fix and enhancement update. \{'type': 'BugFix', 'shortCode': 'RL', 'name': 'RLBA-2021:3059', 'synopsis': 'systemd bug fix and enhancement update', 'severity': 'UnknownSeverity', 'topic': 'An update for systemd is now available for Rocky Linux 8.', 'description': 'The systemd packages contain systemd, a system and service manager for\nLinux, compatible with the SysV and LSB init scripts. It provides\naggressive parallelism capabilities, uses socket and D-Bus activation for\nstarting services, offers on-demand starting of daemons, and keeps track of\nprocesses using Linux cgroups. In addition, it supports snapshotting and\nrestoring of the system state, maintains mount and automount points, and\nimplements an elaborate transactional dependency-based service control\nlogic. It can also work as a drop-in replacement for sysvinit.', 'solution': None, 'affectedProducts': ['Rocky Linux 8'], 'fixes': ['1984406'], 'cves': ['Red Hat:::https://access.redhat.com/errata/RHBA-2021:3059:::RHBA-2021:3059'], 'references': [], 'publishedAt': '2021-08-12T21:16:05.650064Z', 'rpms': ['systemd-239-45.el8_4.3.aarch64.rpm', 'systemd-239-45.el8_4.3.i686.rpm', 'systemd-239-45.el8_4.3.src.rpm', 'systemd-239-45.el8_4.3.x86_64.rpm', 'systemd-container-239-45.el8_4.3.aarch64.rpm', 'systemd-container-239-45.el8_4.3.i686.rpm', 'systemd-container-239-45.el8_4.3.x86_64.rpm', 'systemd-container-debuginfo-239-45.el8_4.3.aarch64.rpm', 'systemd-container-debuginfo-239-45.el8_4.3.i686.rpm', 'systemd-container-debuginfo-239-45.el8_4.3.x86_64.rpm', 'systemd-debuginfo-239-45.el8_4.3.aarch64.rpm', 'systemd-debuginfo-239-45.el8_4.3.i686.rpm', 'systemd-debuginfo-239-45.el8_4.3.x86_64.rpm', 'systemd-debugsource-239-45.el8_4.3.aarch64.rpm', 'systemd-debugsource-239-45.el8_4.3.i686.rpm', 'systemd-debugsource-239-45.el8_4.3.x86_64.rpm', 'systemd-devel-239-45.el8_4.3.aarch64.rpm', 'systemd-devel-239-45.el8_4.3.i686.rpm', 'systemd-devel-239-45.el8_4.3.x86_64.rpm', 'systemd-journal-remote-239-45.el8_4.3.aarch64.rpm','systemd-journal-remote-239-45.el8_4.3.x86_64.rpm', 'systemd-journal-remote-debuginfo-239-45.el8_4.3.aarch64.rpm', 'systemd-journal-remote-debuginfo-239-45.el8_4.3.x86_64.rpm', 'systemd-libs-239-45.el8_4.3.aarch64.rpm', 'systemd-libs-239-45.el8_4.3.i686.rpm', 'systemd-libs-239-45.el8_4.3.x86_64.rpm', 'systemd-libs-debuginfo-239-45.el8_4.3.aarch64.rpm', 'systemd-libs-debuginfo-239-45.el8_4.3.i686.rpm', 'systemd-libs-debuginfo-239-45.el8_4.3.x86_64.rpm', 'systemd-pam-239-45.el8_4.3.aarch64.rpm', 'systemd-pam-239-45.el8_4.3.x86_64.rpm', 'systemd-pam-debuginfo-239-45.el8_4.3.aarch64.rpm', 'systemd-pam-debuginfo-239-45.el8_4.3.x86_64.rpm', 'systemd-tests-239-45.el8_4.3.aarch64.rpm', 'systemd-tests-239-45.el8_4.3.x86_64.rpm', 'systemd-tests-debuginfo-239-45.el8_4.3.aarch64.rpm', 'systemd-tests-debuginfo-239-45.el8_4.3.x86_64.rpm', 'systemd-udev-239-45.el8_4.3.aarch64.rpm', 'systemd-udev-239-45.el8_4.3.x86_64.rpm', 'systemd-udev-debuginfo-239-45.el8_4.3.aarch64.rpm', 'systemd-udev-debuginfo-239-45.el8_4.3.x86_64.rpm']}\. A patch for OpenSSH on AlmaLinux resolves an issue and offers upgrades, optimizing secure shell functionalities.. systemd update,Rocky Linux 8,system update,bug fixes,service management. . LinuxSecurity.com Team
Sep 02, 2022
Rocky Linux
100
security advisoryimportantuser permissionsSUSE: 2020:2200-1 Critical: Google-Compute-Engine Update for Key Issues
An update that fixes three vulnerabilities is now available. . SUSE Security Update: Security update for google-compute-engine ______________________________________________________________________________ Announcement ID: SUSE-SU-2020:2200-1 Rating: important References: #1169978 #1173258 Cross-References: CVE-2020-8903 CVE-2020-8907 CVE-2020-8933 Affected Products: SUSE Linux Enterprise Module for Public Cloud 12 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This update for google-compute-engine fixes the following issues: - Do not add the created user to the adm (CVE-2020-8903), docker (CVE-2020-8907), or lxd (CVE-2020-8933) groups if they exist (bsc#1173258). - Don't enable and start google-network-daemon.service when it's already installed (bsc#1169978). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Public Cloud 12: zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2020-2200=1 Package List: - SUSE Linux Enterprise Module for Public Cloud 12 (aarch64 ppc64le s390x x86_64): google-compute-engine-oslogin-20190801-54.1 google-compute-engine-oslogin-debuginfo-20190801-54.1 - SUSE Linux Enterprise Module for Public Cloud 12 (noarch): google-compute-engine-init-20190801-54.1 References: https://www.suse.com/security/cve/CVE-2020-8903.html https://www.suse.com/security/cve/CVE-2020-8907.html https://www.suse.com/security/cve/CVE-2020-8933.html https://bugzilla.suse.com/1169978 https://bugzilla.suse.com/1173258 _______________________________________________ sle-security-updates mailinglist
Aug 11, 2020
•Important
SuSE
98
security advisoryRed Hat Enterprise Linuxmoderate severityRed Hat EL 7.1: RHSA-2017-0003-01 Moderate: Systemd Local DoS
An update for systemd is now available for Red Hat Enterprise Linux 7.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: systemd security update Advisory ID: RHSA-2017:0003-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:0003.html Issue date: 2017-01-03 CVE Names: CVE-2016-7796 ==================================================================== 1. Summary: An update for systemd is now available for Red Hat Enterprise Linux 7.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux ComputeNode EUS (v. 7.1) - x86_64 Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.1) - x86_64 Red Hat Enterprise Linux Server EUS (v. 7.1) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 7.1) - ppc64, ppc64le, s390x, x86_64 3. Description: The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. In addition, it supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can also work as a drop-in replacement forsysvinit. Security Fix(es): * A flaw was found in the way systemd handled empty notification messages. A local attacker could use this flaw to make systemd freeze its execution, preventing further management of system services, system shutdown, or zombie process collection via systemd. (CVE-2016-7796) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1381911 - CVE-2016-7796 systemd: freeze when PID 1 receives a zero-length message over notify socket 6. Package List: Red Hat Enterprise Linux ComputeNode EUS (v. 7.1): Source: systemd-208-20.el7_1.9.src.rpm x86_64: libgudev1-208-20.el7_1.9.i686.rpm libgudev1-208-20.el7_1.9.x86_64.rpm systemd-208-20.el7_1.9.x86_64.rpm systemd-debuginfo-208-20.el7_1.9.i686.rpm systemd-debuginfo-208-20.el7_1.9.x86_64.rpm systemd-libs-208-20.el7_1.9.i686.rpm systemd-libs-208-20.el7_1.9.x86_64.rpm systemd-python-208-20.el7_1.9.x86_64.rpm systemd-sysv-208-20.el7_1.9.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.1): x86_64: libgudev1-devel-208-20.el7_1.9.i686.rpm libgudev1-devel-208-20.el7_1.9.x86_64.rpm systemd-debuginfo-208-20.el7_1.9.i686.rpm systemd-debuginfo-208-20.el7_1.9.x86_64.rpm systemd-devel-208-20.el7_1.9.i686.rpm systemd-devel-208-20.el7_1.9.x86_64.rpm systemd-journal-gateway-208-20.el7_1.9.x86_64.rpm Red Hat Enterprise Linux Server EUS (v.7.1): Source: systemd-208-20.el7_1.9.src.rpm ppc64: libgudev1-208-20.el7_1.9.ppc.rpm libgudev1-208-20.el7_1.9.ppc64.rpm libgudev1-devel-208-20.el7_1.9.ppc.rpm libgudev1-devel-208-20.el7_1.9.ppc64.rpm systemd-208-20.el7_1.9.ppc64.rpm systemd-debuginfo-208-20.el7_1.9.ppc.rpm systemd-debuginfo-208-20.el7_1.9.ppc64.rpm systemd-devel-208-20.el7_1.9.ppc.rpm systemd-devel-208-20.el7_1.9.ppc64.rpm systemd-libs-208-20.el7_1.9.ppc.rpm systemd-libs-208-20.el7_1.9.ppc64.rpm systemd-python-208-20.el7_1.9.ppc64.rpm systemd-sysv-208-20.el7_1.9.ppc64.rpm s390x: libgudev1-208-20.el7_1.9.s390.rpm libgudev1-208-20.el7_1.9.s390x.rpm libgudev1-devel-208-20.el7_1.9.s390.rpm libgudev1-devel-208-20.el7_1.9.s390x.rpm systemd-208-20.el7_1.9.s390x.rpm systemd-debuginfo-208-20.el7_1.9.s390.rpm systemd-debuginfo-208-20.el7_1.9.s390x.rpm systemd-devel-208-20.el7_1.9.s390.rpm systemd-devel-208-20.el7_1.9.s390x.rpm systemd-libs-208-20.el7_1.9.s390.rpm systemd-libs-208-20.el7_1.9.s390x.rpm systemd-python-208-20.el7_1.9.s390x.rpm systemd-sysv-208-20.el7_1.9.s390x.rpm x86_64: libgudev1-208-20.el7_1.9.i686.rpm libgudev1-208-20.el7_1.9.x86_64.rpm libgudev1-devel-208-20.el7_1.9.i686.rpm libgudev1-devel-208-20.el7_1.9.x86_64.rpm systemd-208-20.el7_1.9.x86_64.rpm systemd-debuginfo-208-20.el7_1.9.i686.rpm systemd-debuginfo-208-20.el7_1.9.x86_64.rpm systemd-devel-208-20.el7_1.9.i686.rpm systemd-devel-208-20.el7_1.9.x86_64.rpm systemd-libs-208-20.el7_1.9.i686.rpm systemd-libs-208-20.el7_1.9.x86_64.rpm systemd-python-208-20.el7_1.9.x86_64.rpm systemd-sysv-208-20.el7_1.9.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 7.1): Source: systemd-208-20.ael7b_1.9.src.rpm ppc64le: libgudev1-208-20.ael7b_1.9.ppc64le.rpm libgudev1-devel-208-20.ael7b_1.9.ppc64le.rpm systemd-208-20.ael7b_1.9.ppc64le.rpm systemd-debuginfo-208-20.ael7b_1.9.ppc64le.rpm systemd-devel-208-20.ael7b_1.9.ppc64le.rpm systemd-libs-208-20.ael7b_1.9.ppc64le.rpm systemd-python-208-20.ael7b_1.9.ppc64le.rpm systemd-sysv-208-20.ael7b_1.9.ppc64le.rpm Red Hat Enterprise Linux Server OptionalEUS (v. 7.1): ppc64: systemd-debuginfo-208-20.el7_1.9.ppc64.rpm systemd-journal-gateway-208-20.el7_1.9.ppc64.rpm s390x: systemd-debuginfo-208-20.el7_1.9.s390x.rpm systemd-journal-gateway-208-20.el7_1.9.s390x.rpm x86_64: systemd-debuginfo-208-20.el7_1.9.x86_64.rpm systemd-journal-gateway-208-20.el7_1.9.x86_64.rpm Red Hat Enterprise Linux Server Optional EUS (v. 7.1): ppc64le: systemd-debuginfo-208-20.ael7b_1.9.ppc64le.rpm systemd-journal-gateway-208-20.ael7b_1.9.ppc64le.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-7796 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFYa/kTXlSAg2UNWIIRAibWAJ99vaCcOMil4uf9TKoDi26yEvxR1wCcDHYr oeHEj/3xRguMcdita/BfGGw=i6Qg -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list
Jan 03, 2017
Red Hat
89
security advisoryupdateFedora CoreFedora Core 3 FEDORA-2005-256 Moderate: System-Config-Services Update
Updated package.. ---------------------------------------------------------------------Fedora Update Notification FEDORA-2005-256 2005-03-30 ---------------------------------------------------------------------Product : Fedora Core 3 Name : system-config-services Version : 0.8.21 Release : 0.fc3.1 Summary : system-config-services is an initscript and xinetd configuration utility Description : system-config-services is a utility which allows you to configure which services should be enabled on your machine. ---------------------------------------------------------------------* Thu Mar 24 2005 Nils Philippsen 0.8.21-0.fc3.1 - connect toggled signals of service/runlevel checkboxes to enable saving again (#151982) - consolidate on_optRL*_toggled - connect delete_event of mainWindow to ask whether things should be saved before quitting - tab -> space indentation to avoid ambiguity - change some typos * Fri Mar 18 2005 Nils Philippsen 0.8.20-1 - don't read from /dev/null when restarting xinetd/services to prevent hangs - build toolbar in glade to avoid DeprecationWarnings (#134978) - dynamic, translated column titles for runlevel columns * Thu Feb 17 2005 Daniel J Walsh 0.8.19-1 - Added patch from Charlie Brej ---------------------------------------------------------------------This update can be downloaded from: bcc5c622f9f7092c0a2528a8753c19a2 SRPMS/system-config-services-0.8.21-0.fc3.1.src.rpm 3548ae3b649aa9fb0118a1afb60e51d3 x86_64/system-config-services-0.8.21-0.fc3.1.noarch.rpm 3548ae3b649aa9fb0118a1afb60e51d3 i386/system-config-services-0.8.21-0.fc3.1.noarch.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. -----------------------------------------------------------------------fedora-announce-list mailing list
Mar 30, 2005
•Important
Fedora
89
security advisoryFedora Core 3configuration utilityFedora Core 3 FIREBOARD-2004-593 Moderate Update to System Config Services
throw away stderr to not be confused by error messages (#142983). don't hardcode python 2.3 (#142246). remove some cruft from configure.in. ---------------------------------------------------------------------Fedora Update Notification FEDORA-2004-593 2005-01-06 ---------------------------------------------------------------------Product : Fedora Core 3 Name : system-config-services Version : 0.8.17 Release : 0.fc3.1 Summary : system-config-services is an initscript and xinetd configuration utility Description : system-config-services is a utility which allows you to configure which services should be enabled on your machine. ---------------------------------------------------------------------* Tue Jan 04 2005 Nils Philippsen 0.8.17-0.fc3.1 - throw away stderr to not be confused by error messages (#142983) * Wed Dec 08 2004 Nils Philippsen 0.8.16-1 - don't hardcode python 2.3 (#142246) - remove some cruft from configure.in ---------------------------------------------------------------------This update can be downloaded from: e0b12566a5cebd95b9113e316a54a026 SRPMS/system-config-services-0.8.17-0.fc3.1.src.rpm 93c5eaf991c476ad26886faee818319e x86_64/system-config-services-0.8.17-0.fc3.1.noarch.rpm 93c5eaf991c476ad26886faee818319e i386/system-config-services-0.8.17-0.fc3.1.noarch.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. ----------------------------------------------------------------------- . Update for Fedora Core 3: Resolved bugs in system-config-services. Access the newest features and performance boosts.. Fedora Core 3, System Config Services, Service Management, Update Notification. . LinuxSecurity.com Team
Jan 11, 2005
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!