Описание
ELSA-2022-0666: cyrus-sasl security update (IMPORTANT)
[2.1.26-24.0.1]
- Check against gssapi null pointer [Orabug: 33270138]
[2.1.26-24]
- Fix for CVE-2022-24407
- Resolves: rhbz#2055842
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
cyrus-sasl
2.1.26-24.0.1.el7_9
cyrus-sasl-devel
2.1.26-24.0.1.el7_9
cyrus-sasl-gs2
2.1.26-24.0.1.el7_9
cyrus-sasl-gssapi
2.1.26-24.0.1.el7_9
cyrus-sasl-ldap
2.1.26-24.0.1.el7_9
cyrus-sasl-lib
2.1.26-24.0.1.el7_9
cyrus-sasl-md5
2.1.26-24.0.1.el7_9
cyrus-sasl-ntlm
2.1.26-24.0.1.el7_9
cyrus-sasl-plain
2.1.26-24.0.1.el7_9
cyrus-sasl-scram
2.1.26-24.0.1.el7_9
cyrus-sasl-sql
2.1.26-24.0.1.el7_9
Oracle Linux x86_64
cyrus-sasl
2.1.26-24.0.1.el7_9
cyrus-sasl-devel
2.1.26-24.0.1.el7_9
cyrus-sasl-gs2
2.1.26-24.0.1.el7_9
cyrus-sasl-gssapi
2.1.26-24.0.1.el7_9
cyrus-sasl-ldap
2.1.26-24.0.1.el7_9
cyrus-sasl-lib
2.1.26-24.0.1.el7_9
cyrus-sasl-md5
2.1.26-24.0.1.el7_9
cyrus-sasl-ntlm
2.1.26-24.0.1.el7_9
cyrus-sasl-plain
2.1.26-24.0.1.el7_9
cyrus-sasl-scram
2.1.26-24.0.1.el7_9
cyrus-sasl-sql
2.1.26-24.0.1.el7_9
Связанные CVE
Связанные уязвимости
In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement.
In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement.
In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement.
In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does ...