SUSE-SU-2023:0389-1

Опубликовано: 13 фев. 2023

Источник: suse-cvrf

Описание

Security update for apr-util

This update for apr-util fixes the following issues:

CVE-2022-25147: Fixed a buffer overflow possible with specially crafted input during base64 encoding (bsc#1207866)

Список пакетов

Container bci/php-apache:8

libapr-util1-1.6.1-150300.18.5.1

Container bci/php-apache:latest

libapr-util1-1.6.1-150300.18.5.1

Container suse/manager/4.3/proxy-httpd:latest

libapr-util1-1.6.1-150300.18.5.1

Container suse/registry:latest

libapr-util1-1.6.1-150300.18.5.1

Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure

libapr-util1-1.6.1-150300.18.5.1

Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM

libapr-util1-1.6.1-150300.18.5.1

Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE

libapr-util1-1.6.1-150300.18.5.1

Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure

libapr-util1-1.6.1-150300.18.5.1

Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM

libapr-util1-1.6.1-150300.18.5.1

Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE

libapr-util1-1.6.1-150300.18.5.1

Image SLES15-SP3-SAPCAL-Azure

libapr-util1-1.6.1-150300.18.5.1

Image SLES15-SP3-SAPCAL-EC2-HVM

libapr-util1-1.6.1-150300.18.5.1

Image SLES15-SP3-SAPCAL-GCE

libapr-util1-1.6.1-150300.18.5.1

Image SLES15-SP4-Manager-Proxy-4-3-BYOS

libapr-util1-1.6.1-150300.18.5.1

Image SLES15-SP4-Manager-Proxy-4-3-BYOS-Azure

libapr-util1-1.6.1-150300.18.5.1

Image SLES15-SP4-Manager-Proxy-4-3-BYOS-EC2

libapr-util1-1.6.1-150300.18.5.1

Image SLES15-SP4-Manager-Proxy-4-3-BYOS-GCE

libapr-util1-1.6.1-150300.18.5.1

Image SLES15-SP4-Manager-Server-4-3

libapr-util1-1.6.1-150300.18.5.1

Image SLES15-SP4-Manager-Server-4-3-Azure-llc

libapr-util1-1.6.1-150300.18.5.1

Image SLES15-SP4-Manager-Server-4-3-Azure-ltd

libapr-util1-1.6.1-150300.18.5.1

Image SLES15-SP4-Manager-Server-4-3-BYOS

libapr-util1-1.6.1-150300.18.5.1

Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure

libapr-util1-1.6.1-150300.18.5.1

Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2

libapr-util1-1.6.1-150300.18.5.1

Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE

libapr-util1-1.6.1-150300.18.5.1

Image SLES15-SP4-Manager-Server-4-3-EC2-llc

libapr-util1-1.6.1-150300.18.5.1

Image SLES15-SP4-Manager-Server-4-3-EC2-ltd

libapr-util1-1.6.1-150300.18.5.1

Image SLES15-SP4-SAP

libapr-util1-1.6.1-150300.18.5.1

Image SLES15-SP4-SAP-Azure

libapr-util1-1.6.1-150300.18.5.1

Image SLES15-SP4-SAP-EC2

libapr-util1-1.6.1-150300.18.5.1

Image SLES15-SP4-SAP-GCE

libapr-util1-1.6.1-150300.18.5.1

Image SLES15-SP4-SAPCAL

libapr-util1-1.6.1-150300.18.5.1

Image SLES15-SP4-SAPCAL-Azure

libapr-util1-1.6.1-150300.18.5.1

Image SLES15-SP4-SAPCAL-EC2

libapr-util1-1.6.1-150300.18.5.1

Image SLES15-SP4-SAPCAL-GCE

libapr-util1-1.6.1-150300.18.5.1

Image SLES15-SP5-SAP-Azure

libapr-util1-1.6.1-150300.18.5.1

Image SLES15-SP5-SAP-EC2

libapr-util1-1.6.1-150300.18.5.1

Image SLES15-SP5-SAP-GCE

libapr-util1-1.6.1-150300.18.5.1

Image SLES15-SP5-SAPCAL-Azure

libapr-util1-1.6.1-150300.18.5.1

Image SLES15-SP5-SAPCAL-EC2

libapr-util1-1.6.1-150300.18.5.1

Image SLES15-SP5-SAPCAL-GCE

libapr-util1-1.6.1-150300.18.5.1

SUSE Enterprise Storage 7.1

apr-util-devel-1.6.1-150300.18.5.1

libapr-util1-1.6.1-150300.18.5.1

libapr-util1-dbd-mysql-1.6.1-150300.18.5.1

libapr-util1-dbd-pgsql-1.6.1-150300.18.5.1

libapr-util1-dbd-sqlite3-1.6.1-150300.18.5.1

libapr-util1-dbm-db-1.6.1-150300.18.5.1

SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS

apr-util-devel-1.6.1-150300.18.5.1

libapr-util1-1.6.1-150300.18.5.1

libapr-util1-dbd-mysql-1.6.1-150300.18.5.1

libapr-util1-dbd-pgsql-1.6.1-150300.18.5.1

libapr-util1-dbd-sqlite3-1.6.1-150300.18.5.1

libapr-util1-dbm-db-1.6.1-150300.18.5.1

SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS

apr-util-devel-1.6.1-150300.18.5.1

libapr-util1-1.6.1-150300.18.5.1

libapr-util1-dbd-mysql-1.6.1-150300.18.5.1

libapr-util1-dbd-pgsql-1.6.1-150300.18.5.1

libapr-util1-dbd-sqlite3-1.6.1-150300.18.5.1

libapr-util1-dbm-db-1.6.1-150300.18.5.1

SUSE Linux Enterprise Module for Basesystem 15 SP4

apr-util-devel-1.6.1-150300.18.5.1

libapr-util1-1.6.1-150300.18.5.1

SUSE Linux Enterprise Module for Server Applications 15 SP4

libapr-util1-dbd-mysql-1.6.1-150300.18.5.1

libapr-util1-dbd-pgsql-1.6.1-150300.18.5.1

libapr-util1-dbd-sqlite3-1.6.1-150300.18.5.1

SUSE Linux Enterprise Real Time 15 SP3

apr-util-devel-1.6.1-150300.18.5.1

libapr-util1-1.6.1-150300.18.5.1

libapr-util1-dbd-mysql-1.6.1-150300.18.5.1

libapr-util1-dbd-pgsql-1.6.1-150300.18.5.1

libapr-util1-dbd-sqlite3-1.6.1-150300.18.5.1

SUSE Linux Enterprise Server 15 SP3-LTSS

apr-util-devel-1.6.1-150300.18.5.1

libapr-util1-1.6.1-150300.18.5.1

libapr-util1-dbd-mysql-1.6.1-150300.18.5.1

libapr-util1-dbd-pgsql-1.6.1-150300.18.5.1

libapr-util1-dbd-sqlite3-1.6.1-150300.18.5.1

libapr-util1-dbm-db-1.6.1-150300.18.5.1

SUSE Linux Enterprise Server for SAP Applications 15 SP3

apr-util-devel-1.6.1-150300.18.5.1

libapr-util1-1.6.1-150300.18.5.1

libapr-util1-dbd-mysql-1.6.1-150300.18.5.1

libapr-util1-dbd-pgsql-1.6.1-150300.18.5.1

libapr-util1-dbd-sqlite3-1.6.1-150300.18.5.1

libapr-util1-dbm-db-1.6.1-150300.18.5.1

SUSE Manager Proxy 4.2

apr-util-devel-1.6.1-150300.18.5.1

libapr-util1-1.6.1-150300.18.5.1

libapr-util1-dbd-mysql-1.6.1-150300.18.5.1

libapr-util1-dbd-pgsql-1.6.1-150300.18.5.1

libapr-util1-dbd-sqlite3-1.6.1-150300.18.5.1

SUSE Manager Retail Branch Server 4.2

apr-util-devel-1.6.1-150300.18.5.1

libapr-util1-1.6.1-150300.18.5.1

libapr-util1-dbd-mysql-1.6.1-150300.18.5.1

libapr-util1-dbd-pgsql-1.6.1-150300.18.5.1

libapr-util1-dbd-sqlite3-1.6.1-150300.18.5.1

SUSE Manager Server 4.2

apr-util-devel-1.6.1-150300.18.5.1

libapr-util1-1.6.1-150300.18.5.1

libapr-util1-dbd-mysql-1.6.1-150300.18.5.1

libapr-util1-dbd-pgsql-1.6.1-150300.18.5.1

libapr-util1-dbd-sqlite3-1.6.1-150300.18.5.1

openSUSE Leap 15.4

apr-util-devel-1.6.1-150300.18.5.1

libapr-util1-1.6.1-150300.18.5.1

libapr-util1-dbd-mysql-1.6.1-150300.18.5.1

libapr-util1-dbd-pgsql-1.6.1-150300.18.5.1

libapr-util1-dbd-sqlite3-1.6.1-150300.18.5.1

libapr-util1-dbm-db-1.6.1-150300.18.5.1

Ссылки

https://www.suse.com/support/update/announcement/2023/suse-su-20230389-1/
Link for SUSE-SU-2023:0389-1
https://lists.suse.com/pipermail/sle-security-updates/2023-February/013744.html
E-Mail link for SUSE-SU-2023:0389-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1207866
SUSE Bug 1207866
https://www.suse.com/security/cve/CVE-2022-25147/
SUSE CVE CVE-2022-25147 page

Описание

Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime Utility (APR-util) 1.6.1 and prior versions.

Затронутые продукты

Container bci/php-apache:8:libapr-util1-1.6.1-150300.18.5.1

Container bci/php-apache:latest:libapr-util1-1.6.1-150300.18.5.1

Container suse/manager/4.3/proxy-httpd:latest:libapr-util1-1.6.1-150300.18.5.1

Container suse/registry:latest:libapr-util1-1.6.1-150300.18.5.1

Ссылки

https://www.suse.com/security/cve/CVE-2022-25147.html
CVE-2022-25147
https://bugzilla.suse.com/1207866
SUSE Bug 1207866
https://bugzilla.suse.com/1209320
SUSE Bug 1209320

SUSE-SU-2023:0389-1

Описание

Список пакетов

Container bci/php-apache:8

Container bci/php-apache:latest

Container suse/manager/4.3/proxy-httpd:latest

Container suse/registry:latest

Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure

Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM

Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE

Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure

Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM

Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE

Image SLES15-SP3-SAPCAL-Azure

Image SLES15-SP3-SAPCAL-EC2-HVM

Image SLES15-SP3-SAPCAL-GCE

Image SLES15-SP4-Manager-Proxy-4-3-BYOS

Image SLES15-SP4-Manager-Proxy-4-3-BYOS-Azure

Image SLES15-SP4-Manager-Proxy-4-3-BYOS-EC2

Image SLES15-SP4-Manager-Proxy-4-3-BYOS-GCE

Image SLES15-SP4-Manager-Server-4-3

Image SLES15-SP4-Manager-Server-4-3-Azure-llc

Image SLES15-SP4-Manager-Server-4-3-Azure-ltd

Image SLES15-SP4-Manager-Server-4-3-BYOS

Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure

Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2

Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE

Image SLES15-SP4-Manager-Server-4-3-EC2-llc

Image SLES15-SP4-Manager-Server-4-3-EC2-ltd

Image SLES15-SP4-SAP

Image SLES15-SP4-SAP-Azure

Image SLES15-SP4-SAP-EC2

Image SLES15-SP4-SAP-GCE

Image SLES15-SP4-SAPCAL

Image SLES15-SP4-SAPCAL-Azure

Image SLES15-SP4-SAPCAL-EC2

Image SLES15-SP4-SAPCAL-GCE

Image SLES15-SP5-SAP-Azure

Image SLES15-SP5-SAP-EC2

Image SLES15-SP5-SAP-GCE

Image SLES15-SP5-SAPCAL-Azure

Image SLES15-SP5-SAPCAL-EC2

Image SLES15-SP5-SAPCAL-GCE

SUSE Enterprise Storage 7.1

SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS

SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS

SUSE Linux Enterprise Module for Basesystem 15 SP4

SUSE Linux Enterprise Module for Server Applications 15 SP4

SUSE Linux Enterprise Real Time 15 SP3

SUSE Linux Enterprise Server 15 SP3-LTSS

SUSE Linux Enterprise Server for SAP Applications 15 SP3

SUSE Manager Proxy 4.2

SUSE Manager Retail Branch Server 4.2

SUSE Manager Server 4.2

openSUSE Leap 15.4

Ссылки

Уязвимость: CVE-2022-25147

Описание

Затронутые продукты

Ссылки