SUSE-SU-2022:3355-1

Опубликовано: 23 сент. 2022

Источник: suse-cvrf

Описание

Security update for puppet

This update for puppet fixes the following issues:

CVE-2021-27023: Fixed unsafe HTTP redirect (bsc#1192797).

Список пакетов

SUSE Linux Enterprise Module for Advanced Systems Management 12

puppet-3.8.5-15.18.1

puppet-server-3.8.5-15.18.1

Ссылки

https://www.suse.com/support/update/announcement/2022/suse-su-20223355-1/
Link for SUSE-SU-2022:3355-1
https://lists.suse.com/pipermail/sle-security-updates/2022-September/012354.html
E-Mail link for SUSE-SU-2022:3355-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1192797
SUSE Bug 1192797
https://www.suse.com/security/cve/CVE-2021-27023/
SUSE CVE CVE-2021-27023 page

Описание

A flaw was discovered in Puppet Agent and Puppet Server that may result in a leak of HTTP credentials when following HTTP redirects to a different host. This is similar to CVE-2018-1000007

Затронутые продукты

SUSE Linux Enterprise Module for Advanced Systems Management 12:puppet-3.8.5-15.18.1

SUSE Linux Enterprise Module for Advanced Systems Management 12:puppet-server-3.8.5-15.18.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-27023.html
CVE-2021-27023
https://bugzilla.suse.com/1192797
SUSE Bug 1192797

SUSE-SU-2022:3355-1

Описание

Список пакетов

SUSE Linux Enterprise Module for Advanced Systems Management 12

Ссылки

Уязвимость: CVE-2021-27023

Описание

Затронутые продукты

Ссылки