Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 1 articles for you...
100
security advisorysoftware updatesecurity fixSUSE: 2023:1640-1 Important: bci/php-fpm Security Fixes and Updates
The container bci/php-fpm was updated. The following patches have been included in this update:. SUSE Container Update Advisory: bci/php-fpm ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2023:1640-1 Container Tags : bci/php-fpm:8 , bci/php-fpm:8-2.53 Container Release : 2.53 Severity : important Type : security References : 1203141 1207410 1211230 1211231 1211232 1211233 CVE-2023-28319 CVE-2023-28320 CVE-2023-28321 CVE-2023-28322 ----------------------------------------------------------------- The container bci/php-fpm was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:2224-1 Released: Wed May 17 09:53:54 2023 Summary: Security update for curl Type: security Severity: important References: 1211230,1211231,1211232,1211233,CVE-2023-28319,CVE-2023-28320,CVE-2023-28321,CVE-2023-28322 This update for curl adds the following feature: Update to version 8.0.1 (jsc#PED-2580) - CVE-2023-28319: use-after-free in SSH sha256 fingerprint check (bsc#1211230). - CVE-2023-28320: siglongjmp race condition (bsc#1211231). - CVE-2023-28321: IDN wildcard matching (bsc#1211232). - CVE-2023-28322: POST-after-PUT confusion (bsc#1211233). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:2240-1 Released: Wed May 17 19:56:54 2023 Summary: Recommended update for systemd Type: recommended Severity: moderate References: 1203141,1207410 This update for systemd fixes the following issues: - udev-rules: fix nvme symlink creation on namespace changes (bsc#1207410) - Optimize when hundred workers claim the same symlink with the same priority (bsc#1203141) - Add nss-resolve and systemd-network to Packagehub-Subpackages (MSC-626) The following package changes have been done: - libsystemd0-249.16-150400.8.28.3 updated -libcurl4-8.0.1-150400.5.23.1 updated - container:sles15-image-15.0.0-27.14.63 updated . The latest security enhancement for bci/php-fpm presents crucial fixes targeting significant vulnerabilities within the curl and systemd modules.. bci/php-fpm Update, Security Patch, Container Advisory, Curl Vulnerability, Systemd Update. . Severity: Important. LinuxSecurity.com Team
May 25, 2023
•Important
SuSE
100
security advisoryimportantSUSE ContainerSUSE: 2022:3507-1 Important: bci/rust Security Update for systemd
. SUSE Container Update Advisory: bci/rust ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2022:3507-1 Container Tags : bci/rust:1.65 , bci/rust:1.65-12.7 , bci/rust:latest Container Release : 12.7 Severity : important Type : security References : 1200723 1205000 CVE-2022-4415 ----------------------------------------------------------------- The container bci/rust was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:4629-1 Released: Wed Dec 28 09:24:07 2022 Summary: Security update for systemd Type: security Severity: important References: 1200723,1205000,CVE-2022-4415 This update for systemd fixes the following issues: - CVE-2022-4415: Fixed systemd-coredump that did not respect the fs.suid_dumpable kernel setting (bsc#1205000). Bug fixes: - Support by-path devlink for multipath nvme block devices (bsc#1200723). The following package changes have been done: - libsystemd0-249.12-150400.8.16.1 updated . This notification outlines a significant security correction for SUSE bci/rust concerning systemd. The updates rectify vital vulnerabilities.. SUSE Container, Rust Container, Security Advisory. . Severity: Important. LinuxSecurity.com Team
Dec 30, 2022
•Important
SuSE
100
security advisorysuseimportant updateSUSE: 2022:3502-1 Critical: Systemd and SQLite Security Update
. SUSE Container Update Advisory: suse/pcp ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2022:3502-1 Container Tags : suse/pcp:5 , suse/pcp:5.2 , suse/pcp:5.2.2 , suse/pcp:5.2.2-11.119 , suse/pcp:latest Container Release : 11.119 Severity : important Type : security References : 1200723 1205000 1206337 CVE-2022-4415 CVE-2022-46908 ----------------------------------------------------------------- The container suse/pcp was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:4628-1 Released: Wed Dec 28 09:23:13 2022 Summary: Security update for sqlite3 Type: security Severity: moderate References: 1206337,CVE-2022-46908 This update for sqlite3 fixes the following issues: - CVE-2022-46908: Properly implement the azProhibitedFunctions protection mechanism, when relying on --safe for execution of an untrusted CLI script (bsc#1206337). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:4629-1 Released: Wed Dec 28 09:24:07 2022 Summary: Security update for systemd Type: security Severity: important References: 1200723,1205000,CVE-2022-4415 This update for systemd fixes the following issues: - CVE-2022-4415: Fixed systemd-coredump that did not respect the fs.suid_dumpable kernel setting (bsc#1205000). Bug fixes: - Support by-path devlink for multipath nvme block devices (bsc#1200723). The following package changes have been done: - libudev1-249.12-150400.8.16.1 updated - libsqlite3-0-3.39.3-150000.3.20.1 updated - libsystemd0-249.12-150400.8.16.1 updated - systemd-249.12-150400.8.16.1 updated . Urgent security patch available for SUSE Container suse/pcp targeting vulnerabilities in libcurl and openssl. Immediate action required.. suse/pcp, security update, systemd patch, sqlite fix, container advisory. . Severity:Important. LinuxSecurity.com Team
Dec 30, 2022
•Important
SuSE
100
security advisoryimportant security fixSUSE ContainerSUSE: 2022:3480-1 Important: bci/dotnet-aspnet Security Fix
. SUSE Container Update Advisory: bci/dotnet-aspnet ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2022:3480-1 Container Tags : bci/dotnet-aspnet:3.1 , bci/dotnet-aspnet:3.1-46.7 , bci/dotnet-aspnet:3.1.32 , bci/dotnet-aspnet:3.1.32-46.7 Container Release : 46.7 Severity : important Type : security References : 1200723 1205000 CVE-2022-4415 ----------------------------------------------------------------- The container bci/dotnet-aspnet was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:4629-1 Released: Wed Dec 28 09:24:07 2022 Summary: Security update for systemd Type: security Severity: important References: 1200723,1205000,CVE-2022-4415 This update for systemd fixes the following issues: - CVE-2022-4415: Fixed systemd-coredump that did not respect the fs.suid_dumpable kernel setting (bsc#1205000). Bug fixes: - Support by-path devlink for multipath nvme block devices (bsc#1200723). The following package changes have been done: - libsystemd0-249.12-150400.8.16.1 updated . OpenSUSE security bulletin releases critical updates for bci/dotnet-core that feature key vulnerability patches along with enhancements for networkd.. bci/dotnet-aspnet Security,SUSE Container Update,systemd Fixes. . Severity: Important. LinuxSecurity.com Team
Dec 29, 2022
•Important
SuSE
100
security advisorycritical issuebuffer overrunSUSE: 2022:3037-1 Important: bci/dotnet-aspnet Critical Buffer Overrun
The container bci/dotnet-aspnet was updated. The following patches have been included in this update:. SUSE Container Update Advisory: bci/dotnet-aspnet ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2022:3037-1 Container Tags : bci/dotnet-aspnet:5.0 , bci/dotnet-aspnet:5.0-27.47 , bci/dotnet-aspnet:5.0.17 , bci/dotnet-aspnet:5.0.17-27.47 Container Release : 27.47 Severity : important Type : security References : 1177460 1202324 1204179 1204649 1204968 1205156 CVE-2022-3821 ----------------------------------------------------------------- The container bci/dotnet-aspnet was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:3999-1 Released: Tue Nov 15 17:08:04 2022 Summary: Security update for systemd Type: security Severity: moderate References: 1204179,1204968,CVE-2022-3821 This update for systemd fixes the following issues: - CVE-2022-3821: Fixed buffer overrun in format_timespan() function (bsc#1204968). - Import commit 0cd50eedcc0692c1f907b24424215f8db7d3b428 * 0469b9f2bc pstore: do not try to load all known pstore modules * ad05f54439 pstore: Run after modules are loaded * ccad817445 core: Add trigger limit for path units * 281d818fe3 core/mount: also add default before dependency for automount mount units * ffe5b4afa8 logind: fix crash in logind on user-specified message string - Document udev naming scheme (bsc#1204179) - Make 'sle15-sp3' net naming scheme still available for backward compatibility reason ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:4066-1 Released: Fri Nov 18 10:43:00 2022 Summary: Recommended update for timezone Type: recommended Severity: important References: 1177460,1202324,1204649,1205156 This update for timezone fixes the following issues: Update timezone version from2022a to 2022f (bsc#1177460, bsc#1204649, bsc#1205156): - Mexico will no longer observe DST except near the US border - Chihuahua moves to year-round -06 on 2022-10-30 - Fiji no longer observes DST - In vanguard form, GMT is now a Zone and Etc/GMT a link - zic now supports links to links, and vanguard form uses this - Simplify four Ontario zones - Fix a Y2438 bug when reading TZif data - Enable 64-bit time_t on 32-bit glibc platforms - Omit large-file support when no longer needed - Jordan and Syria switch from +02/+03 with DST to year-round +03 - Palestine transitions are now Saturdays at 02:00 - Simplify three Ukraine zones into one - Improve tzselect on intercontinental Zones - Chile's DST is delayed by a week in September 2022 (bsc#1202324) - Iran no longer observes DST after 2022 - Rename Europe/Kiev to Europe/Kyiv - New `zic -R` command option - Vanguard form now uses %z The following package changes have been done: - libsystemd0-249.12-150400.8.13.1 updated - timezone-2022f-150000.75.15.1 updated - container:sles15-image-15.0.0-27.14.16 updated . Security notice for SUSE Container: bci/python updates released addressing serious vulnerabilities such as memory corruption.. bci/dotnet-aspnet, container update, SUSE advisory, systemd patch, buffer overrun. . Severity: Important. LinuxSecurity.com Team
Nov 19, 2022
•Important
SuSE
100
security advisorysecurity updatebuffer overrunSUSE: 2022:3037-2 Critical: Security Patch for bci/dotnet-core
The container bci/dotnet-aspnet was updated. The following patches have been included in this update:. SUSE Container Update Advisory: bci/dotnet-aspnet ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2022:3036-1 Container Tags : bci/dotnet-aspnet:3.1 , bci/dotnet-aspnet:3.1-42.32 , bci/dotnet-aspnet:3.1.30 , bci/dotnet-aspnet:3.1.30-42.32 Container Release : 42.32 Severity : important Type : security References : 1177460 1202324 1204179 1204649 1204968 1205156 CVE-2022-3821 ----------------------------------------------------------------- The container bci/dotnet-aspnet was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:3999-1 Released: Tue Nov 15 17:08:04 2022 Summary: Security update for systemd Type: security Severity: moderate References: 1204179,1204968,CVE-2022-3821 This update for systemd fixes the following issues: - CVE-2022-3821: Fixed buffer overrun in format_timespan() function (bsc#1204968). - Import commit 0cd50eedcc0692c1f907b24424215f8db7d3b428 * 0469b9f2bc pstore: do not try to load all known pstore modules * ad05f54439 pstore: Run after modules are loaded * ccad817445 core: Add trigger limit for path units * 281d818fe3 core/mount: also add default before dependency for automount mount units * ffe5b4afa8 logind: fix crash in logind on user-specified message string - Document udev naming scheme (bsc#1204179) - Make 'sle15-sp3' net naming scheme still available for backward compatibility reason ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:4066-1 Released: Fri Nov 18 10:43:00 2022 Summary: Recommended update for timezone Type: recommended Severity: important References: 1177460,1202324,1204649,1205156 This update for timezone fixes the following issues: Update timezone version from2022a to 2022f (bsc#1177460, bsc#1204649, bsc#1205156): - Mexico will no longer observe DST except near the US border - Chihuahua moves to year-round -06 on 2022-10-30 - Fiji no longer observes DST - In vanguard form, GMT is now a Zone and Etc/GMT a link - zic now supports links to links, and vanguard form uses this - Simplify four Ontario zones - Fix a Y2438 bug when reading TZif data - Enable 64-bit time_t on 32-bit glibc platforms - Omit large-file support when no longer needed - Jordan and Syria switch from +02/+03 with DST to year-round +03 - Palestine transitions are now Saturdays at 02:00 - Simplify three Ukraine zones into one - Improve tzselect on intercontinental Zones - Chile's DST is delayed by a week in September 2022 (bsc#1202324) - Iran no longer observes DST after 2022 - Rename Europe/Kiev to Europe/Kyiv - New `zic -R` command option - Vanguard form now uses %z The following package changes have been done: - libsystemd0-249.12-150400.8.13.1 updated - timezone-2022f-150000.75.15.1 updated - container:sles15-image-15.0.0-27.14.16 updated . Recent updates for bci/dotnet-aspnet have addressed critical vulnerabilities. Prompt application of these updates is strongly advised!. dotnet-aspnet Update, Security Patches, SUSE Container Advisory. . Severity: Important. LinuxSecurity.com Team
Nov 19, 2022
•Important
SuSE
100
security advisorymoderateupdateopenSUSE Leap Micro 5.2 SUSE-SU-2022:2866-2 Moderate: Systemd Patch
An update that solves one vulnerability and has one errata is now available. . SUSE Security Update: Security update for systemd-presets-common-SUSE ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:2866-2 Rating: moderate References: #1199524 #1200485 Cross-References: CVE-2022-1706 CVSS scores: CVE-2022-1706 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2022-1706 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: openSUSE Leap Micro 5.2 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for systemd-presets-common-SUSE fixes the following issues: - CVE-2022-1706: Fixed accessible configs from unprivileged containers in VMs running on VMware products (bsc#1199524). The following non-security bugs were fixed: - Modify branding-preset-states to fix systemd-presets-common-SUSE not enabling new user systemd service preset configuration just as it handles system service presets. By passing an (optional) second parameter "user", the save/apply-changes commands now work with user services instead of system ones (bsc#1200485) - Add the wireplumber user service preset to enable it by default in SLE15-SP4 where it replaced pipewire-media-session, but keep pipewire-media-session preset so we don't have to branch the systemd-presets-common-SUSE package for SP4 (bsc#1200485) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap Micro 5.2: zypper in -t patch openSUSE-Leap-Micro-5.2-2022-2866=1 Package List: - openSUSE Leap Micro 5.2 (noarch): systemd-presets-common-SUSE-15-150100.8.17.1 References: https://www.suse.com/security/cve/CVE-2022-1706.html https://bugzilla.suse.com/1199524 https://bugzilla.suse.com/1200485 . SUSE issues a security patch for systemd-presets-common-SUSE, addressing the vulnerability CVE-2022-1706 classified as of moderate risk.. openSUSE Systemd Security Update, systemd patch, Security Advisory. . LinuxSecurity.com Team
Sep 01, 2022
SuSE
100
security advisorymoderatecontainer updateSUSE Security Update: 2022:207-1 for Bci/Golang - Moderate Severity
The container bci/golang was updated. The following patches have been included in this update:. SUSE Container Update Advisory: bci/golang ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2022:207-1 Container Tags : bci/golang:1.17 , bci/golang:1.17-9.11 , bci/golang:latest Container Release : 9.11 Severity : moderate Type : security References : 1191826 1192637 1194178 1194265 1194968 CVE-2021-3997 ----------------------------------------------------------------- The container bci/golang was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:383-1 Released: Tue Feb 15 17:47:36 2022 Summary: Recommended update for cyrus-sasl Type: recommended Severity: moderate References: 1194265 This update for cyrus-sasl fixes the following issues: - Fixed an issue when in postfix 'sasl' authentication with password fails. (bsc#1194265) - Add config parameter '--with-dblib=gdbm' - Avoid converting of '/etc/sasldb2 by every update. Convert '/etc/sasldb2' only if it is a Berkeley DB. ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:520-1 Released: Fri Feb 18 12:45:19 2022 Summary: Recommended update for rpm Type: recommended Severity: moderate References: 1194968 This update for rpm fixes the following issues: - Revert unwanted /usr/bin/python to /usr/bin/python2 change we got with the update to 4.14.3 (bsc#1194968) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:539-1 Released: Mon Feb 21 13:47:51 2022 Summary: Security update for systemd Type: security Severity: moderate References: 1191826,1192637,1194178,CVE-2021-3997 This update for systemd fixes the following issues: - CVE-2021-3997: Fixed an uncontrolled recursion in systemd's systemd-tmpfiles (bsc#1194178). Thefollowing non-security bugs were fixed: - udev/net_id: don't generate slot based names if multiple devices might claim the same slot (bsc#1192637) - localectl: don't omit keymaps files that are symlinks (bsc#1191826) The following package changes have been done: - libsasl2-3-2.1.27-150300.4.3.1 updated - libsystemd0-246.16-150300.7.39.1 updated - libudev1-246.16-150300.7.39.1 updated - openssl-1_1-1.1.1d-11.38.1 added - rpm-ndb-4.14.3-150300.46.1 updated - container:sles15-image-15.0.0-17.8.81 updated . Essential enhancements and fixes for SUSE container bci/python tackling various safety and performance challenges.. bci golang update, container security advisory, SUSE patches, systemd security. . LinuxSecurity.com Team
Feb 24, 2022
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!