Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -2 articles for you...
202
security advisorysecurity updateimportantopenSUSE Leap 15.4/15.5 Advisory: Important Shell Code Injection Fix
This update for util-linux fixes the following issues: CVE-2018-7738: Fixed shell code injection in umount bash-completions (bsc#1213865).. # Security update for util-linux Announcement ID: SUSE-SU-2023:4372-1 Rating: important References: * bsc#1213865 Cross-References: * CVE-2018-7738 CVSS scores: * CVE-2018-7738 ( SUSE ): 8.2 CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H * CVE-2018-7738 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 An update that solves one vulnerability can now be installed. ## Description: This update for util-linux fixes the following issues: * CVE-2018-7738: Fixed shell code injection in umount bash-completions (bsc#1213865). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch openSUSE-SLE-15.4-2023-4372=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2023-4372=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * python-libmount-debugsource-2.31.1-150000.9.24.1 * python-libmount-debuginfo-2.31.1-150000.9.24.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python-libmount-debugsource-2.31.1-150000.9.24.1 * python-libmount-debuginfo-2.31.1-150000.9.24.1 ## References: * https://www.suse.com/security/cve/CVE-2018-7738.html * https://bugzilla.suse.com/show_bug.cgi?id=1213865 . Important security patch for util-linux addresses vulnerabilities related to command execution. Update instructions and impacted releases provided.. util-linux Security Update, openSUSE Advisory, Shell Injection Fix. . Severity: Important. LinuxSecurity.com Team
Nov 06, 2023
•Important
OpenSUSE
100
security advisorypatchimportantopenSUSE: 2023:4373-1 Critical: System Vulnerability Patch
* bsc#1213865 Cross-References: * CVE-2018-7738 . # Security update for util-linux Announcement ID: SUSE-SU-2023:4372-1 Rating: important References: * bsc#1213865 Cross-References: * CVE-2018-7738 CVSS scores: * CVE-2018-7738 ( SUSE ): 8.2 CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H * CVE-2018-7738 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 An update that solves one vulnerability can now be installed. ## Description: This update for util-linux fixes the following issues: * CVE-2018-7738: Fixed shell code injection in umount bash-completions (bsc#1213865). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch openSUSE-SLE-15.4-2023-4372=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2023-4372=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * python-libmount-debugsource-2.31.1-150000.9.24.1 * python-libmount-debuginfo-2.31.1-150000.9.24.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python-libmount-debugsource-2.31.1-150000.9.24.1 * python-libmount-debuginfo-2.31.1-150000.9.24.1 ## References: * https://www.suse.com/security/cve/CVE-2018-7738.html * https://bugzilla.suse.com/show_bug.cgi?id=1213865 . Important SUSE patch for util-linux resolves shell code execution vulnerability affecting several openSUSE iterations.. openSUSE Patch, Util-Linux Update, Shell Code Injection, Important Alert. . Severity: Important. LinuxSecurity.com Team
Nov 06, 2023
•Important
SuSE
100
security advisoryhigh severitybuffer overflowSUSE: 2022:2401-3 Critical: OpenSSL-3 Stack Overflow Vulnerability
An update that solves 6 vulnerabilities and has one errata is now available. . SUSE Security Update: Security update for openssl-3 ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:2306-1 Rating: important References: #1185637 #1199166 #1199167 #1199168 #1199169 #1200550 #1201099 Cross-References: CVE-2022-1292 CVE-2022-1343 CVE-2022-1434 CVE-2022-1473 CVE-2022-2068 CVE-2022-2097 CVSS scores: CVE-2022-1292 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2022-1292 (SUSE): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2022-1343 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVE-2022-1343 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N CVE-2022-1434 (NVD) : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N CVE-2022-1434 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2022-1473 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-1473 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-2068 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2022-2068 (SUSE): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2022-2097 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: SUSE Linux Enterprise Desktop 15-SP4 SUSE Linux Enterprise High Performance Computing 15-SP4 SUSE Linux Enterprise Module for Basesystem 15-SP4 SUSE Linux Enterprise Server 15-SP4 SUSE Linux Enterprise Server for SAP Applications 15-SP4 openSUSE Leap 15.4 ______________________________________________________________________________ An update thatsolves 6 vulnerabilities and has one errata is now available. Description: This update for openssl-3 fixes the following issues: - CVE-2022-2068: Fixed more shell code injection issues in c_rehash. (bsc#1200550) - CVE-2022-1292: Properly sanitise shell metacharacters in c_rehash script. (bsc#1199166) - CVE-2022-1343: Fixed incorrect signature verification in OCSP_basic_verify (bsc#1199167). - CVE-2022-2097: Fixed partial missing encryption in AES OCB mode (bsc#1201099). - CVE-2022-1434: Fixed incorrect MAC key used in the RC4-MD5 ciphersuite (bsc#1199168). - CVE-2022-1473: Fixed resource leakage when decoding certificates and keys (bsc#1199169). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.4: zypper in -t patch openSUSE-SLE-15.4-2022-2306=1 - SUSE Linux Enterprise Module for Basesystem 15-SP4: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-2306=1 Package List: - openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64): libopenssl-3-devel-3.0.1-150400.4.7.1 libopenssl3-3.0.1-150400.4.7.1 libopenssl3-debuginfo-3.0.1-150400.4.7.1 openssl-3-3.0.1-150400.4.7.1 openssl-3-debuginfo-3.0.1-150400.4.7.1 openssl-3-debugsource-3.0.1-150400.4.7.1 - openSUSE Leap 15.4 (noarch): openssl-3-doc-3.0.1-150400.4.7.1 - openSUSE Leap 15.4 (x86_64): libopenssl-3-devel-32bit-3.0.1-150400.4.7.1 libopenssl3-32bit-3.0.1-150400.4.7.1 libopenssl3-32bit-debuginfo-3.0.1-150400.4.7.1 - SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64): libopenssl-3-devel-3.0.1-150400.4.7.1 libopenssl3-3.0.1-150400.4.7.1 libopenssl3-debuginfo-3.0.1-150400.4.7.1 openssl-3-3.0.1-150400.4.7.1 openssl-3-debuginfo-3.0.1-150400.4.7.1 openssl-3-debugsource-3.0.1-150400.4.7.1 References: https://www.suse.com/security/cve/CVE-2022-1292.html https://www.suse.com/security/cve/CVE-2022-1343.html https://www.suse.com/security/cve/CVE-2022-1434.html https://www.suse.com/security/cve/CVE-2022-1473.html https://www.suse.com/security/cve/CVE-2022-2068.html https://www.suse.com/security/cve/CVE-2022-2097.html https://bugzilla.suse.com/1185637 https://bugzilla.suse.com/1199166 https://bugzilla.suse.com/1199167 https://bugzilla.suse.com/1199168 https://bugzilla.suse.com/1199169 https://bugzilla.suse.com/1200550 https://bugzilla.suse.com/1201099 . SUSE has released a significant update for openssl-3 which tackles a range of security concerns, addressing a total of six vulnerabilities.. SUSE, OpenSSL, Security Patch, Important Update, Shell Code Injection. . Severity: Critical. LinuxSecurity.com Team
Jul 06, 2022
•Critical
SuSE
100
security advisorymoderatecommand injectionSUSE bci/python Security Update Advisory: Moderate Threats Addressed
The container bci/python was updated. The following patches have been included in this update:. SUSE Container Update Advisory: bci/python ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2022:1405-1 Container Tags : bci/python:3 , bci/python:3.9 , bci/python:3.9-18.13 Container Release : 18.13 Severity : moderate Type : security References : 1185637 1199166 1200550 CVE-2022-1292 CVE-2022-2068 ----------------------------------------------------------------- The container bci/python was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:2251-1 Released: Mon Jul 4 09:52:25 2022 Summary: Security update for openssl-1_1 Type: security Severity: moderate References: 1185637,1199166,1200550,CVE-2022-1292,CVE-2022-2068 This update for openssl-1_1 fixes the following issues: - CVE-2022-1292: Fixed command injection in c_rehash (bsc#1199166). - CVE-2022-2068: Fixed more shell code injection issues in c_rehash. (bsc#1200550) The following package changes have been done: - libopenssl1_1-hmac-1.1.1d-150200.11.48.1 updated - libopenssl1_1-1.1.1d-150200.11.48.1 updated - openssl-1_1-1.1.1d-150200.11.48.1 updated - container:sles15-image-15.0.0-17.17.19 updated . The SUSE Container Update Notification for bci/python has released security fixes that address vulnerabilities related to command and shell code injection exploits.. bci/python security update, SUSE container advisory, command injection patch, shell code injection fix. . LinuxSecurity.com Team
Jul 05, 2022
SuSE
100
security advisorysecurity updatemoderate severitySUSE: 2022:1405-1 High: Bci/Python Security Update Notification
The container bci/nodejs was updated. The following patches have been included in this update:. SUSE Container Update Advisory: bci/nodejs ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2022:1404-1 Container Tags : bci/node:12 , bci/node:12-16.83 , bci/nodejs:12 , bci/nodejs:12-16.83 Container Release : 16.83 Severity : moderate Type : security References : 1185637 1199166 1200550 CVE-2022-1292 CVE-2022-2068 ----------------------------------------------------------------- The container bci/nodejs was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:2251-1 Released: Mon Jul 4 09:52:25 2022 Summary: Security update for openssl-1_1 Type: security Severity: moderate References: 1185637,1199166,1200550,CVE-2022-1292,CVE-2022-2068 This update for openssl-1_1 fixes the following issues: - CVE-2022-1292: Fixed command injection in c_rehash (bsc#1199166). - CVE-2022-2068: Fixed more shell code injection issues in c_rehash. (bsc#1200550) The following package changes have been done: - libopenssl1_1-hmac-1.1.1d-150200.11.48.1 updated - libopenssl1_1-1.1.1d-150200.11.48.1 updated - openssl-1_1-1.1.1d-150200.11.48.1 updated - container:sles15-image-15.0.0-17.17.19 updated . SUSE Container Update Advisory enhances bci/python with crucial updates addressing security flaws and critical bug resolutions.. Container Updates, Bci/Nodejs Patches, Security Updates, OpenSSL Issues, Moderate Severity. . LinuxSecurity.com Team
Jul 05, 2022
SuSE
100
security advisorysecurity updatemoderate severitySUSE: 2022:1397-1 Moderate: OpenSSL Shell Code Injection
The container suse/sles12sp4 was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/sles12sp4 ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2022:1397-1 Container Tags : suse/sles12sp4:26.473 , suse/sles12sp4:latest Container Release : 26.473 Severity : moderate Type : security References : 1200550 CVE-2022-2068 ----------------------------------------------------------------- The container suse/sles12sp4 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:2181-1 Released: Fri Jun 24 14:28:53 2022 Summary: Security update for openssl Type: security Severity: moderate References: 1200550,CVE-2022-2068 This update for openssl fixes the following issues: - CVE-2022-2068: Fixed more shell code injection issues in c_rehash. (bsc#1200550) The following package changes have been done: - base-container-licenses-3.0-1.299 updated - container-suseconnect-2.0.0-1.188 updated - libopenssl1_0_0-1.0.2p-3.56.1 updated - openssl-1_0_0-1.0.2p-3.56.1 updated . SUSE Container patch for libcurl tackles critical vulnerabilities including remote code execution threats. Ensure your systems are secure!. SUSE Container Updates, OpenSSL Security, SUSE Security Advisory. . LinuxSecurity.com Team
Jul 02, 2022
SuSE
100
security advisorymoderate severitysuseSUSE Container Update SUSE-CU-2022:1384-1 Moderate: OpenSSL Shell Injection
The container suse/sle15 was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/sle15 ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2022:1384-1 Container Tags : suse/sle15:15.1 , suse/sle15:15.1.6.2.635 Container Release : 6.2.635 Severity : moderate Type : security References : 1200550 CVE-2022-2068 ----------------------------------------------------------------- The container suse/sle15 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:2179-1 Released: Fri Jun 24 14:05:25 2022 Summary: Security update for openssl Type: security Severity: moderate References: 1200550,CVE-2022-2068 This update for openssl fixes the following issues: - CVE-2022-2068: Fixed more shell code injection issues in c_rehash. (bsc#1200550) The following package changes have been done: - libopenssl1_1-1.1.0i-150100.14.33.1 updated - openssl-1_1-1.1.0i-150100.14.33.1 updated . Timely patch release for SUSE Container suse/sle15 incorporates OpenSSL remedies that fix shell code vulnerabilities.. SUSE Container Update, Openssl Security, SUSE-CU-2022, Shell Injection Fix. . LinuxSecurity.com Team
Jun 25, 2022
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!