Описание
Security update for zstd
This update for zstd fixes the following issues:
- CVE-2022-4899: Fixed buffer overrun in util.c (bsc#1209533).
Список пакетов
Container caasp/v4/cilium-operator:1.6.6
libzstd1-1.4.4-150000.1.9.1
Container caasp/v4/cilium:1.6.6
libzstd1-1.4.4-150000.1.9.1
Container ses/7.1/ceph/grafana:latest
libzstd1-1.4.4-150000.1.9.1
Container ses/7.1/ceph/haproxy:latest
libzstd1-1.4.4-150000.1.9.1
Container ses/7.1/ceph/keepalived:latest
libzstd1-1.4.4-150000.1.9.1
Container ses/7.1/ceph/prometheus-alertmanager:latest
libzstd1-1.4.4-150000.1.9.1
Container ses/7.1/ceph/prometheus-node-exporter:latest
libzstd1-1.4.4-150000.1.9.1
Container ses/7.1/ceph/prometheus-server:latest
libzstd1-1.4.4-150000.1.9.1
Container ses/7.1/ceph/prometheus-snmp_notifier:latest
libzstd1-1.4.4-150000.1.9.1
Container ses/7.1/cephcsi/cephcsi:latest
libzstd1-1.4.4-150000.1.9.1
Container ses/7.1/cephcsi/csi-attacher:v4.1.0
libzstd1-1.4.4-150000.1.9.1
Container ses/7.1/cephcsi/csi-node-driver-registrar:v2.7.0
libzstd1-1.4.4-150000.1.9.1
Container ses/7.1/cephcsi/csi-provisioner:v3.4.0
libzstd1-1.4.4-150000.1.9.1
Container ses/7.1/cephcsi/csi-resizer:v1.7.0
libzstd1-1.4.4-150000.1.9.1
Container ses/7.1/cephcsi/csi-snapshotter:v6.2.1
libzstd1-1.4.4-150000.1.9.1
Container ses/7.1/rook/ceph:latest
libzstd1-1.4.4-150000.1.9.1
Container suse/ltss/sle15.3/bci-base:latest
libzstd1-1.4.4-150000.1.9.1
Container suse/sle-micro-rancher/5.2:latest
libzstd1-1.4.4-150000.1.9.1
zstd-1.4.4-150000.1.9.1
Container suse/sle-micro/5.1/toolbox:latest
libzstd1-1.4.4-150000.1.9.1
Container suse/sle-micro/5.2/toolbox:latest
libzstd1-1.4.4-150000.1.9.1
Container suse/sle15:15.1
libzstd1-1.4.4-150000.1.9.1
Container suse/sle15:15.2
libzstd1-1.4.4-150000.1.9.1
Container suse/sle15:15.3
libzstd1-1.4.4-150000.1.9.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production
libzstd1-1.4.4-150000.1.9.1
Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production
libzstd1-1.4.4-150000.1.9.1
Image SLES15-SP2-BYOS-Azure
libzstd1-1.4.4-150000.1.9.1
Image SLES15-SP2-HPC-BYOS-Azure
libzstd1-1.4.4-150000.1.9.1
Image SLES15-SP2-SAP-Azure
libzstd1-1.4.4-150000.1.9.1
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production
libzstd1-1.4.4-150000.1.9.1
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production
libzstd1-1.4.4-150000.1.9.1
Image SLES15-SP2-SAP-BYOS-Azure
libzstd1-1.4.4-150000.1.9.1
Image SLES15-SP2-SAP-BYOS-EC2-HVM
libzstd1-1.4.4-150000.1.9.1
Image SLES15-SP2-SAP-BYOS-GCE
libzstd1-1.4.4-150000.1.9.1
Image SLES15-SP2-SAP-EC2-HVM
libzstd1-1.4.4-150000.1.9.1
Image SLES15-SP2-SAP-GCE
libzstd1-1.4.4-150000.1.9.1
Image SLES15-SP3-BYOS-Azure
libzstd1-1.4.4-150000.1.9.1
Image SLES15-SP3-BYOS-EC2-HVM
libzstd1-1.4.4-150000.1.9.1
Image SLES15-SP3-BYOS-GCE
libzstd1-1.4.4-150000.1.9.1
Image SLES15-SP3-CHOST-BYOS-Aliyun
libzstd1-1.4.4-150000.1.9.1
Image SLES15-SP3-CHOST-BYOS-Azure
libzstd1-1.4.4-150000.1.9.1
Image SLES15-SP3-CHOST-BYOS-EC2
libzstd1-1.4.4-150000.1.9.1
Image SLES15-SP3-CHOST-BYOS-GCE
libzstd1-1.4.4-150000.1.9.1
Image SLES15-SP3-CHOST-BYOS-SAP-CCloud
libzstd1-1.4.4-150000.1.9.1
Image SLES15-SP3-HPC-BYOS-Azure
libzstd1-1.4.4-150000.1.9.1
Image SLES15-SP3-HPC-BYOS-EC2-HVM
libzstd1-1.4.4-150000.1.9.1
Image SLES15-SP3-HPC-BYOS-GCE
libzstd1-1.4.4-150000.1.9.1
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure
libzstd1-1.4.4-150000.1.9.1
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM
libzstd1-1.4.4-150000.1.9.1
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE
libzstd1-1.4.4-150000.1.9.1
Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure
libzstd1-1.4.4-150000.1.9.1
Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM
libzstd1-1.4.4-150000.1.9.1
Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE
libzstd1-1.4.4-150000.1.9.1
Image SLES15-SP3-Micro-5-1-BYOS-Azure
libzstd1-1.4.4-150000.1.9.1
Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM
libzstd1-1.4.4-150000.1.9.1
Image SLES15-SP3-Micro-5-1-BYOS-GCE
libzstd1-1.4.4-150000.1.9.1
Image SLES15-SP3-Micro-5-2-BYOS-Azure
libzstd1-1.4.4-150000.1.9.1
Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM
libzstd1-1.4.4-150000.1.9.1
Image SLES15-SP3-Micro-5-2-BYOS-GCE
libzstd1-1.4.4-150000.1.9.1
Image SLES15-SP3-SAP-Azure-LI-BYOS-Production
libzstd1-1.4.4-150000.1.9.1
Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production
libzstd1-1.4.4-150000.1.9.1
Image SLES15-SP3-SAP-BYOS-Azure
libzstd1-1.4.4-150000.1.9.1
Image SLES15-SP3-SAP-BYOS-EC2-HVM
libzstd1-1.4.4-150000.1.9.1
Image SLES15-SP3-SAP-BYOS-GCE
libzstd1-1.4.4-150000.1.9.1
Image SLES15-SP3-SAPCAL-Azure
libzstd1-1.4.4-150000.1.9.1
libzstd1-32bit-1.4.4-150000.1.9.1
Image SLES15-SP3-SAPCAL-EC2-HVM
libzstd1-1.4.4-150000.1.9.1
libzstd1-32bit-1.4.4-150000.1.9.1
Image SLES15-SP3-SAPCAL-GCE
libzstd1-1.4.4-150000.1.9.1
libzstd1-32bit-1.4.4-150000.1.9.1
SUSE Linux Enterprise Micro 5.1
libzstd1-1.4.4-150000.1.9.1
SUSE Linux Enterprise Micro 5.2
libzstd1-1.4.4-150000.1.9.1
zstd-1.4.4-150000.1.9.1
SUSE Linux Enterprise Real Time 15 SP3
libzstd-devel-1.4.4-150000.1.9.1
libzstd1-1.4.4-150000.1.9.1
libzstd1-32bit-1.4.4-150000.1.9.1
zstd-1.4.4-150000.1.9.1
Ссылки
- Link for SUSE-SU-2023:2074-1
- E-Mail link for SUSE-SU-2023:2074-1
- SUSE Security Ratings
- SUSE Bug 1209533
- SUSE CVE CVE-2022-4899 page
Описание
A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun.
Затронутые продукты
Container caasp/v4/cilium-operator:1.6.6:libzstd1-1.4.4-150000.1.9.1
Container caasp/v4/cilium:1.6.6:libzstd1-1.4.4-150000.1.9.1
Container ses/7.1/ceph/grafana:latest:libzstd1-1.4.4-150000.1.9.1
Container ses/7.1/ceph/haproxy:latest:libzstd1-1.4.4-150000.1.9.1
Ссылки
- CVE-2022-4899
- SUSE Bug 1209533