Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 2 articles for you...
100
security advisorymoderateopenSUSEopenSUSE 15.6: SUSE-SU-2024:4416-1 moderate: vhostmd buffer fix
* bsc#1129772 * bsc#1152803 * bsc#1154838 * bsc#1181400 * bsc#1230961 . # Security update for vhostmd Announcement ID: SUSE-SU-2024:4416-1 Release Date: 2024-12-24T08:21:06Z Rating: moderate References: * bsc#1129772 * bsc#1152803 * bsc#1154838 * bsc#1181400 * bsc#1230961 Affected Products: * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that has five security fixes can now be installed. ## Description: This update for vhostmd fixes the following issues: Updated to version 1.2 * Fix actions using the 'free' command * Fix buffer accounting when generating metric XML * Change actions to retrieve vendor and product info * Add a 'unit' attribute to the metrics element * vif-stats.py: convert to Python3 * conf: Update the 'VirtualizationVendor' action to strip any URLs that may follow the vendor name (bsc#1230961) * Fix virtio transport to work with libvirt > = 9.7.0 * Added hardening to systemd service (bsc#1181400) * spec: Don't replace user-modified dtd in /etc/vhostmd/ (bsc#1154838) * Relax virtio requirement in config file (bsc#1152803) Updated to version 1.1 (bsc#1129772) * Merge libserialclient with libmetrics * Misc bug fixes and improvements ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-4416=1 openSUSE-SLE-15.6-2024-4416=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-4416=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * vhostmd-1.2-150600.17.3.1 * vm-dump-metrics-debuginfo-1.2-150600.17.3.1 * vhostmd-debugsource-1.2-150600.17.3.1 *libmetrics0-debuginfo-1.2-150600.17.3.1 * vm-dump-metrics-1.2-150600.17.3.1 * libmetrics-devel-1.2-150600.17.3.1 * libmetrics0-1.2-150600.17.3.1 * vhostmd-debuginfo-1.2-150600.17.3.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * vhostmd-1.2-150600.17.3.1 * vm-dump-metrics-debuginfo-1.2-150600.17.3.1 * vhostmd-debugsource-1.2-150600.17.3.1 * vm-dump-metrics-1.2-150600.17.3.1 * vhostmd-debuginfo-1.2-150600.17.3.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1129772 * https://bugzilla.suse.com/show_bug.cgi?id=1152803 * https://bugzilla.suse.com/show_bug.cgi?id=1154838 * https://bugzilla.suse.com/show_bug.cgi?id=1181400 * https://bugzilla.suse.com/show_bug.cgi?id=1230961 . vhostmd improves network security and optimizes overall performance for SUSE systems. Detailed installation instructions included.. vhostmd updates, openSUSE security, system performance, SUSE advisory. . LinuxSecurity.com Team
Dec 24, 2024
SuSE
202
security advisoryimportant updateopenSUSEopenSUSE 15.4/15.5: 2023:4672-1 Important Update for suse-build-key
This update for suse-build-key fixes the following issues: This update runs a import-suse-build-key script.. # Security update for suse-build-key Announcement ID: SUSE-SU-2023:4672-1 Rating: important References: * bsc#1216410 * bsc#1217215 * jsc#PED-2777 Affected Products: * Basesystem Module 15-SP4 * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE CaaS Platform 4.0 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP1 * SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP1 * SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server forSAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that contains one feature and has two security fixes can now be installed. ## Description: This update for suse-build-key fixes the following issues: This update runs a import-suse-build-key script. The previous libzypp-post-script based installation is replaced with a systemd timer and service (bsc#1217215 bsc#1216410 jsc#PED-2777). \- suse-build-key- import.service \- suse-build-key-import.timer It imports the future SUSE Linux Enterprise 15 4096 bit RSA key primary and reserve keys. After successful import the timer is disabled. To manually import them you can also run: # rpm --import /usr/lib/rpm/gnupg/keys/gpg-pubkey-3fa1d6ce-63c9481c.asc # rpm --import /usr/lib/rpm/gnupg/keys/gpg-pubkey-d588dc46-63c939db.asc ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2023-4672=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2023-4672=1 * openSUSE Leap 15.4 zypper in -t patch openSUSE-SLE-15.4-2023-4672=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2023-4672=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2023-4672=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2023-4672=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2023-4672=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2023-4672=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2023-4672=1 * Basesystem Module 15-SP4 zypper in -t patchSUSE-SLE-Module-Basesystem-15-SP4-2023-4672=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2023-4672=1 * SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-4672=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-4672=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-4672=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-4672=1 * SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-4672=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-4672=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-4672=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2023-4672=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2023-4672=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2023-4672=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2023-4672=1 * SUSE CaaS Platform 4.0 To install this update, use the SUSE CaaS Platform 'skuba' tool. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2023-4672=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2023-4672=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2023-4672=1 ## Package List: * openSUSE Leap Micro 5.3 (noarch) *suse-build-key-12.0-150000.8.37.1 * openSUSE Leap Micro 5.4 (noarch) * suse-build-key-12.0-150000.8.37.1 * openSUSE Leap 15.4 (noarch) * suse-build-key-12.0-150000.8.37.1 * openSUSE Leap 15.5 (noarch) * suse-build-key-12.0-150000.8.37.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * suse-build-key-12.0-150000.8.37.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * suse-build-key-12.0-150000.8.37.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * suse-build-key-12.0-150000.8.37.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * suse-build-key-12.0-150000.8.37.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * suse-build-key-12.0-150000.8.37.1 * Basesystem Module 15-SP4 (noarch) * suse-build-key-12.0-150000.8.37.1 * Basesystem Module 15-SP5 (noarch) * suse-build-key-12.0-150000.8.37.1 * SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (noarch) * suse-build-key-12.0-150000.8.37.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * suse-build-key-12.0-150000.8.37.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (noarch) * suse-build-key-12.0-150000.8.37.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * suse-build-key-12.0-150000.8.37.1 * SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (noarch) * suse-build-key-12.0-150000.8.37.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * suse-build-key-12.0-150000.8.37.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * suse-build-key-12.0-150000.8.37.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 (noarch) * suse-build-key-12.0-150000.8.37.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * suse-build-key-12.0-150000.8.37.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * suse-build-key-12.0-150000.8.37.1 * SUSE Enterprise Storage 7.1 (noarch) * suse-build-key-12.0-150000.8.37.1 * SUSE CaaS Platform 4.0 (noarch) * suse-build-key-12.0-150000.8.37.1 * SUSE LinuxEnterprise Micro 5.1 (noarch) * suse-build-key-12.0-150000.8.37.1 * SUSE Linux Enterprise Micro 5.2 (noarch) * suse-build-key-12.0-150000.8.37.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) * suse-build-key-12.0-150000.8.37.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1216410 * https://bugzilla.suse.com/show_bug.cgi?id=1217215 * . Stay informed about critical updates for suse-build-key addressing vulnerabilities in OpenSUSE Leap and SUSE Linux for enhanced security compliance. suse-build-key update, openSUSE security fixes, SUSE systemd updates. . Severity: Important. LinuxSecurity.com Team
Dec 06, 2023
•Important
OpenSUSE
200
security advisoryupdatecriticalScientific Linux SL7: SLSA-2023-1093-1 Critical: pesign Local Escalation
pesign: Local privilege escalation on pesign systemd service (CVE-2022-3560) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE SL7 x86_64 pesign-0.109-11.el7_9.x86_64.rpm pesign-debuginfo-0.109-11.el7_9.x86_64.rpm - Scientific Linux Development Team. Synopsis: Important: pesign security update Advisory ID: SLSA-2023:1093-1 Issue Date: 2023-03-07 CVE Numbers: CVE-2022-3560 -- Security Fix(es): * pesign: Local privilege escalation on pesign systemd service (CVE-2022-3560) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE -- SL7 x86_64 pesign-0.109-11.el7_9.x86_64.rpm pesign-debuginfo-0.109-11.el7_9.x86_64.rpm - Scientific Linux Development Team . Important security patch released for pesign on Scientific Linux to fix local privilege escalation vulnerability.. Pesign Security Update, Local Escalation Issue, Scientific Linux. . Severity: Critical. LinuxSecurity.com Team
Mar 07, 2023
•Critical
Scientific Linux
98
security advisoryprivilege escalationimportantRed Hat Enterprise Linux 7 RHSA-2023-1093-01 Important Local Escalation Fix
An update for pesign is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: pesign security update Advisory ID: RHSA-2023:1093-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:1093 Issue date: 2023-03-07 CVE Names: CVE-2022-3560 ==================================================================== 1. Summary: An update for pesign is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The pesign packages provide the pesign utility for signing UEFI binaries as well as other associated tools. Security Fix(es): * pesign: Local privilege escalation on pesign systemd service (CVE-2022-3560) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed(https://bugzilla.redhat.com/): 2135420 - CVE-2022-3560 pesign: Local privilege escalation on pesign systemd service 6. Package List: Red Hat Enterprise Linux Client Optional (v. 7): Source: pesign-0.109-11.el7_9.src.rpm x86_64: pesign-0.109-11.el7_9.x86_64.rpm pesign-debuginfo-0.109-11.el7_9.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): Source: pesign-0.109-11.el7_9.src.rpm x86_64: pesign-0.109-11.el7_9.x86_64.rpm pesign-debuginfo-0.109-11.el7_9.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): Source: pesign-0.109-11.el7_9.src.rpm x86_64: pesign-0.109-11.el7_9.x86_64.rpm pesign-debuginfo-0.109-11.el7_9.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): Source: pesign-0.109-11.el7_9.src.rpm x86_64: pesign-0.109-11.el7_9.x86_64.rpm pesign-debuginfo-0.109-11.el7_9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2022-3560 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBZAcuBdzjgjWX9erEAQgOHA/7BEHsUb4+utg+YL/EZfFuUqhkHpV3Xk6z i14QR6Hy5kepLhwvGvv37A0U5o8x4rfPYQI+w8vzxliWPY/JXQlawK+qVNcia+xb 1esZBTq7Pn3yfGxbbdA/nW0V0iFdeG/OnTvuyIWZXVe5RpdxMm6y3AB99xY9WM7Z l8QyDNfDQeNRQiZbMupF5Ie8vhnwFEmdNE1rbcBxPInqQ9KJqJNBRqPs/y5fiY9J IDuV/zHFGLAru9zfo0j1YxOV+vKa9FgUkgQwcqT3m39/L1qCY1j2aE0W8C9PFLcN nWu0qO3AChD2qMqTRxUwlag6OU8m99yXeXJD69udM91KBiAT5NwxPFZTwmodNX8p A9VLOuK30khSAjZKaL3jKH9V48WAEXWoIY2ncfFPovw7v7Zyv6bPq2nEIjghvlEf 9ymb60lfH/5wm29OLbmyOGc9eO0FK1qIcarjkI8Tb+PGsLDkocN+vDy7sbr48AlR ZGqLy7awTvdL1G9mFR1S9WMD62jSoHP/wKBwdCHb4cxOXkGjUBMrAnbOXkWU+vkf Q3Pc1a6PFkzgH+TjVNYXy6aOyeHZJxCEj/FDXHo/+QauTxx/xUmryxREFjzand7Z 8TYxpRm78DHmBPmctht+ivZ6thfrcLqtq4xMkCQEUL4PI2pWuL94GiRI3l6e/Iil r77PJEmt1v4=fimS -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Mar 07, 2023
•Important
Red Hat
98
security advisorysecurity updateimportantRed Hat Enterprise Linux 9.0 RHSA-2023:1065-01 Important: Local Escalation
An update for pesign is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: pesign security update Advisory ID: RHSA-2023:1065-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:1065 Issue date: 2023-03-06 CVE Names: CVE-2022-3560 ==================================================================== 1. Summary: An update for pesign is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream EUS (v.9.0) - aarch64, x86_64 3. Description: The pesign packages provide the pesign utility for signing UEFI binaries as well as other associated tools. Security Fix(es): * pesign: Local privilege escalation on pesign systemd service (CVE-2022-3560) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2135420 - CVE-2022-3560 pesign: Local privilege escalation on pesign systemd service 6. Package List: Red Hat Enterprise Linux AppStream EUS(v.9.0): Source: pesign-115-6.el9_0.src.rpm aarch64: pesign-115-6.el9_0.aarch64.rpm pesign-debuginfo-115-6.el9_0.aarch64.rpm pesign-debugsource-115-6.el9_0.aarch64.rpm x86_64: pesign-115-6.el9_0.x86_64.rpm pesign-debuginfo-115-6.el9_0.x86_64.rpm pesign-debugsource-115-6.el9_0.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2022-3560 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBZAXchtzjgjWX9erEAQin4w/9FS0fKoaD39pulnaugkaJelnlSqDmRn3f yEGAOeAnqajwHU7gz8INW0GMuCiq1HThgCRCXjGIqYrKD+WBdpTAIMkC2dmKSrzr a9H/i3hPaEz2psI6hqxN3sMZnJ4y3YEU6cMuQUnSxnMSFDRJig9ewT3h3IdHTK+d AomGlNopzXrcD42pwZqa//EFQLpESKPq2+0/ieUL4ji+2e69G/4CtagkvQFt7ZlF iElvP6BGfUOtSS9uE7BtgqJskLo8TxzX5a88dLUqlT2kATesBUB4wD+HCY1NqaOZ fG3jjv4szONm6GvUkH3cCSsB8MaJ1QXMJ5XAdAqPPF4Dw8ysIU6Xqx0vn25A7OAD NUmLwOD3uJJ6AejSsJugGcxlE9d7UFNzYQNJdWIefBbdDtZybsoK3rVxPIQfpFhn C86cQI0u3/tbFAcy2TVJAHHJ1I1aUYUP73hXMQg/OhVe1L/Gk9NRYmP7bKNQmMt9 WMWRvMkciULskCq9UjuC5JY/X7sUi1r2KeD/84P8+9uk2Gnlvtmz9kv78HWUTI7m SadGzcPfB8C179n+IQRucuOihFavmSWTH5dub45RyasAPjWMtd9rtyY3uXUpRA0Z coDyhXq8qQ14GIBKGuaBFHblS4IaYQ7355rOobP5iO4iQDqjl8/vpC9HxaTmJhz9 TJoZVLWARnI=pUY0 -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Mar 06, 2023
•Important
Red Hat
100
security advisorymoderatesecurity issueSUSE: 2022:1877-1 Moderate: bci/bci-init Update for Container Security
The container bci/bci-init was updated. The following patches have been included in this update:. SUSE Container Update Advisory: bci/bci-init ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2022:1877-1 Container Tags : bci/bci-init:15.4 , bci/bci-init:15.4.21.3 , bci/bci-init:latest Container Release : 21.3 Severity : moderate Type : security References : 1199524 1200485 CVE-2022-1706 ----------------------------------------------------------------- The container bci/bci-init was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:2866-1 Released: Mon Aug 22 15:36:30 2022 Summary: Security update for systemd-presets-common-SUSE Type: security Severity: moderate References: 1199524,1200485,CVE-2022-1706 This update for systemd-presets-common-SUSE fixes the following issues: - CVE-2022-1706: Fixed accessible configs from unprivileged containers in VMs running on VMware products (bsc#1199524). The following non-security bugs were fixed: - Modify branding-preset-states to fix systemd-presets-common-SUSE not enabling new user systemd service preset configuration just as it handles system service presets. By passing an (optional) second parameter 'user', the save/apply-changes commands now work with user services instead of system ones (bsc#1200485) - Add the wireplumber user service preset to enable it by default in SLE15-SP4 where it replaced pipewire-media-session, but keep pipewire-media-session preset so we don't have to branch the systemd-presets-common-SUSE package for SP4 (bsc#1200485) The following package changes have been done: - systemd-presets-common-SUSE-15-150100.8.17.1 updated . Routine security patch applied to gti/gti-launch container, resolving authorization conflicts and improving systemd service configurations.. Bci/bci-init, Suse, SecurityUpdate, Container Updates, Systemd Presets. . LinuxSecurity.com Team
Aug 23, 2022
SuSE
100
security advisorymoderateSUSESUSE: 2022:2866-1 Moderate: Systemd-Presets-Common Accessibility Fix
An update that solves one vulnerability and has one errata is now available. . SUSE Security Update: Security update for systemd-presets-common-SUSE ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:2866-1 Rating: moderate References: #1199524 #1200485 Cross-References: CVE-2022-1706 CVSS scores: CVE-2022-1706 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2022-1706 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: SUSE Linux Enterprise Desktop 15-SP3 SUSE Linux Enterprise Desktop 15-SP4 SUSE Linux Enterprise High Performance Computing 15-SP3 SUSE Linux Enterprise High Performance Computing 15-SP4 SUSE Linux Enterprise Micro 5.1 SUSE Linux Enterprise Micro 5.2 SUSE Linux Enterprise Module for Basesystem 15-SP3 SUSE Linux Enterprise Module for Basesystem 15-SP4 SUSE Linux Enterprise Server 15-SP3 SUSE Linux Enterprise Server 15-SP4 SUSE Linux Enterprise Server for SAP Applications 15-SP3 SUSE Linux Enterprise Server for SAP Applications 15-SP4 SUSE Linux Enterprise Storage 7.1 SUSE Manager Proxy 4.2 SUSE Manager Proxy 4.3 SUSE Manager Retail Branch Server 4.2 SUSE Manager Retail Branch Server 4.3 SUSE Manager Server 4.2 SUSE Manager Server 4.3 openSUSE Leap 15.3 openSUSE Leap 15.4 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for systemd-presets-common-SUSE fixes the following issues: - CVE-2022-1706: Fixed accessible configs from unprivileged containers in VMs running on VMware products (bsc#1199524). The following non-security bugs were fixed: - Modify branding-preset-states to fix systemd-presets-common-SUSE not enabling new user systemd service preset configuration just as it handles system service presets. By passing an (optional) second parameter "user", the save/apply-changes commands now work with user services instead of system ones (bsc#1200485) - Add the wireplumber user service preset to enable it by default in SLE15-SP4 where it replaced pipewire-media-session, but keep pipewire-media-session preset so we don't have to branch the systemd-presets-common-SUSE package for SP4 (bsc#1200485) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.4: zypper in -t patch openSUSE-SLE-15.4-2022-2866=1 - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-2866=1 - SUSE Linux Enterprise Module for Basesystem 15-SP4: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-2866=1 - SUSE Linux Enterprise Module for Basesystem 15-SP3: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-2866=1 - SUSE Linux Enterprise Micro 5.2: zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-2866=1 - SUSE Linux Enterprise Micro 5.1: zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-2866=1 Package List: - openSUSE Leap 15.4 (noarch): systemd-presets-common-SUSE-15-150100.8.17.1 - openSUSE Leap 15.3 (noarch): systemd-presets-common-SUSE-15-150100.8.17.1 - SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch): systemd-presets-common-SUSE-15-150100.8.17.1 - SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch): systemd-presets-common-SUSE-15-150100.8.17.1 - SUSE Linux Enterprise Micro 5.2 (noarch): systemd-presets-common-SUSE-15-150100.8.17.1 - SUSE Linux Enterprise Micro 5.1 (noarch): systemd-presets-common-SUSE-15-150100.8.17.1 References: https://www.suse.com/security/cve/CVE-2022-1706.html https://bugzilla.suse.com/1199524 https://bugzilla.suse.com/1200485 . SUSE Security Update: Resolutions for systemd-presets-common-SUSE addressing accessibility problems within virtual machines and configuration mistakes.. Linux Enterprise, security update, SUSE systemd, accessibility issues. . LinuxSecurity.com Team
Aug 22, 2022
SuSE
203
security advisorysecurity updatestunnelMageia 8: MGASA-2022-0109 Moderate: Stunnel Security Fix
Update to 5.62 including new features and bugfixes: Security bugfixes - The "redirect" option was fixed to properly handle unauthenticated requests (bsc#1182529). - Fixed a double free with OpenSSL older than 1.1.0. . MGASA-2022-0109 - Updated stunnel packages fix security vulnerability Publication date: 21 Mar 2022 URL: https://advisories.mageia.org/MGASA-2022-0109.html Type: security Affected Mageia releases: 8 Update to 5.62 including new features and bugfixes: Security bugfixes - The "redirect" option was fixed to properly handle unauthenticated requests (bsc#1182529). - Fixed a double free with OpenSSL older than 1.1.0. - Added hardening to systemd service (bsc#1181400). New features - Added new "protocol = capwin" and "protocol = capwinctrl" configuration file options. - Added support for the new SSL_set_options() values. - Added a bash completion script. - New 'sessionResume' service-level option to allow or disallow session resumption - Download fresh ca-certs.pem for each new release. - New 'protocolHeader' service-level option to insert custom 'connect' protocol negotiation headers. This feature can be used to impersonate other software (e.g. web browsers). - 'protocolHost' can also be used to control the client SMTP protocol negotiation HELO/EHLO value. - Initial FIPS 3.0 support. - Client-side "protocol = ldap" support Bugfixes - Fixed a transfer() loop bug. - Fixed reloading configuration with "systemctl reload stunnel.service". - Fixed incorrect messages logged for OpenSSL errors. - Fixed 'redirect' with 'protocol'. This combination is not supported by 'smtp', 'pop3' and 'imap' protocols. - X.509v3 extensions required by modern versions of OpenSSL are added to generated self-signed test certificates. - Fixed a tiny memory leak in configuration file reload error handling. - Fixed engine initialization. - FIPS TLS feature is reported when a provider or container is available, and not when FIPS control API is available. - Fix configuration reload when compression is used -Fix test suite fixed not to require external connectivity References: - https://bugs.mageia.org/show_bug.cgi?id=30185 - https://lists.suse.com/pipermail/sle-security-updates/2022-March/010458.html - SRPMS: - 8/core/stunnel-5.63-1.mga8 . Debian 2022-0205 updates curl to address vulnerabilities and improve performance with added options and support for new standards.. Mageia Security, Stunnel Update, Bugfixes, Security Fix. . LinuxSecurity.com Team
Mar 21, 2022
Mageia
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!