Описание
Security update for gpg2
This update for gpg2 fixes the following issues:
- CVE-2022-34903: Fixed a potential signature forgery via injection into the status line when certain unusual conditions are met (bsc#1201225).
Список пакетов
Container caasp/v4/cilium-operator:1.6.6
gpg2-2.2.5-150000.4.22.1
Container caasp/v4/cilium:1.6.6
gpg2-2.2.5-150000.4.22.1
Container caasp/v4/helm-tiller:2.16.12
gpg2-2.2.5-150000.4.22.1
Container suse/sle15:15.0
gpg2-2.2.5-150000.4.22.1
Container suse/sle15:15.1
gpg2-2.2.5-150000.4.22.1
Container suse/sle15:15.2
gpg2-2.2.5-150000.4.22.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production
gpg2-2.2.5-150000.4.22.1
Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production
gpg2-2.2.5-150000.4.22.1
Image SLES15-SP1-SAPCAL-Azure
gpg2-2.2.5-150000.4.22.1
Image SLES15-SP1-SAPCAL-EC2-HVM
gpg2-2.2.5-150000.4.22.1
Image SLES15-SP1-SAPCAL-GCE
gpg2-2.2.5-150000.4.22.1
Image SLES15-SP2-BYOS-Azure
gpg2-2.2.5-150000.4.22.1
Image SLES15-SP2-BYOS-EC2-HVM
gpg2-2.2.5-150000.4.22.1
Image SLES15-SP2-BYOS-GCE
gpg2-2.2.5-150000.4.22.1
Image SLES15-SP2-HPC-BYOS-Azure
gpg2-2.2.5-150000.4.22.1
Image SLES15-SP2-HPC-BYOS-EC2-HVM
gpg2-2.2.5-150000.4.22.1
Image SLES15-SP2-SAP-Azure
gpg2-2.2.5-150000.4.22.1
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production
gpg2-2.2.5-150000.4.22.1
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production
gpg2-2.2.5-150000.4.22.1
Image SLES15-SP2-SAP-BYOS-Azure
gpg2-2.2.5-150000.4.22.1
Image SLES15-SP2-SAP-BYOS-EC2-HVM
gpg2-2.2.5-150000.4.22.1
Image SLES15-SP2-SAP-BYOS-GCE
gpg2-2.2.5-150000.4.22.1
Image SLES15-SP2-SAP-EC2-HVM
gpg2-2.2.5-150000.4.22.1
Image SLES15-SP2-SAP-GCE
gpg2-2.2.5-150000.4.22.1
SUSE Enterprise Storage 6
gpg2-2.2.5-150000.4.22.1
gpg2-lang-2.2.5-150000.4.22.1
SUSE Enterprise Storage 7
gpg2-2.2.5-150000.4.22.1
gpg2-lang-2.2.5-150000.4.22.1
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS
gpg2-2.2.5-150000.4.22.1
gpg2-lang-2.2.5-150000.4.22.1
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS
gpg2-2.2.5-150000.4.22.1
gpg2-lang-2.2.5-150000.4.22.1
SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS
gpg2-2.2.5-150000.4.22.1
gpg2-lang-2.2.5-150000.4.22.1
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
gpg2-2.2.5-150000.4.22.1
gpg2-lang-2.2.5-150000.4.22.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS
gpg2-2.2.5-150000.4.22.1
gpg2-lang-2.2.5-150000.4.22.1
SUSE Linux Enterprise High Performance Computing 15-LTSS
gpg2-2.2.5-150000.4.22.1
gpg2-lang-2.2.5-150000.4.22.1
SUSE Linux Enterprise Server 15 SP1-BCL
gpg2-2.2.5-150000.4.22.1
gpg2-lang-2.2.5-150000.4.22.1
SUSE Linux Enterprise Server 15 SP1-LTSS
gpg2-2.2.5-150000.4.22.1
gpg2-lang-2.2.5-150000.4.22.1
SUSE Linux Enterprise Server 15 SP2-BCL
gpg2-2.2.5-150000.4.22.1
gpg2-lang-2.2.5-150000.4.22.1
SUSE Linux Enterprise Server 15 SP2-LTSS
gpg2-2.2.5-150000.4.22.1
gpg2-lang-2.2.5-150000.4.22.1
SUSE Linux Enterprise Server 15-LTSS
gpg2-2.2.5-150000.4.22.1
gpg2-lang-2.2.5-150000.4.22.1
SUSE Linux Enterprise Server for SAP Applications 15
gpg2-2.2.5-150000.4.22.1
gpg2-lang-2.2.5-150000.4.22.1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
gpg2-2.2.5-150000.4.22.1
gpg2-lang-2.2.5-150000.4.22.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2
gpg2-2.2.5-150000.4.22.1
gpg2-lang-2.2.5-150000.4.22.1
SUSE Manager Proxy 4.1
gpg2-2.2.5-150000.4.22.1
gpg2-lang-2.2.5-150000.4.22.1
SUSE Manager Retail Branch Server 4.1
gpg2-2.2.5-150000.4.22.1
gpg2-lang-2.2.5-150000.4.22.1
SUSE Manager Server 4.1
gpg2-2.2.5-150000.4.22.1
gpg2-lang-2.2.5-150000.4.22.1
Ссылки
- Link for SUSE-SU-2022:3144-1
- E-Mail link for SUSE-SU-2022:3144-1
- SUSE Security Ratings
- SUSE Bug 1201225
- SUSE CVE CVE-2022-34903 page
Описание
GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.
Затронутые продукты
Container caasp/v4/cilium-operator:1.6.6:gpg2-2.2.5-150000.4.22.1
Container caasp/v4/cilium:1.6.6:gpg2-2.2.5-150000.4.22.1
Container caasp/v4/helm-tiller:2.16.12:gpg2-2.2.5-150000.4.22.1
Container suse/sle15:15.0:gpg2-2.2.5-150000.4.22.1
Ссылки
- CVE-2022-34903
- SUSE Bug 1201225