Описание
Security update for keylime
This update for keylime fixes the following issues:
- CVE-2023-38200: Fixed a DoS attack against it's SSL connections. (bsc#1213310)
Список пакетов
SUSE Linux Enterprise Module for Basesystem 15 SP4
keylime-agent-6.3.2-150400.4.17.1
keylime-config-6.3.2-150400.4.17.1
keylime-firewalld-6.3.2-150400.4.17.1
keylime-logrotate-6.3.2-150400.4.17.1
keylime-registrar-6.3.2-150400.4.17.1
keylime-tpm_cert_store-6.3.2-150400.4.17.1
keylime-verifier-6.3.2-150400.4.17.1
python3-keylime-6.3.2-150400.4.17.1
SUSE Linux Enterprise Module for Basesystem 15 SP5
keylime-agent-6.3.2-150400.4.17.1
keylime-config-6.3.2-150400.4.17.1
keylime-firewalld-6.3.2-150400.4.17.1
keylime-logrotate-6.3.2-150400.4.17.1
keylime-registrar-6.3.2-150400.4.17.1
keylime-tpm_cert_store-6.3.2-150400.4.17.1
keylime-verifier-6.3.2-150400.4.17.1
python3-keylime-6.3.2-150400.4.17.1
openSUSE Leap 15.4
keylime-agent-6.3.2-150400.4.17.1
keylime-config-6.3.2-150400.4.17.1
keylime-firewalld-6.3.2-150400.4.17.1
keylime-registrar-6.3.2-150400.4.17.1
keylime-tpm_cert_store-6.3.2-150400.4.17.1
keylime-verifier-6.3.2-150400.4.17.1
python3-keylime-6.3.2-150400.4.17.1
openSUSE Leap 15.5
keylime-agent-6.3.2-150400.4.17.1
keylime-config-6.3.2-150400.4.17.1
keylime-firewalld-6.3.2-150400.4.17.1
keylime-logrotate-6.3.2-150400.4.17.1
keylime-registrar-6.3.2-150400.4.17.1
keylime-tpm_cert_store-6.3.2-150400.4.17.1
keylime-verifier-6.3.2-150400.4.17.1
python3-keylime-6.3.2-150400.4.17.1
Ссылки
- Link for SUSE-SU-2023:3245-1
- E-Mail link for SUSE-SU-2023:3245-1
- SUSE Security Ratings
- SUSE Bug 1213310
- SUSE CVE CVE-2023-38200 page
Описание
A flaw was found in Keylime. Due to their blocking nature, the Keylime registrar is subject to a remote denial of service against its SSL connections. This flaw allows an attacker to exhaust all available connections.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP4:keylime-agent-6.3.2-150400.4.17.1
SUSE Linux Enterprise Module for Basesystem 15 SP4:keylime-config-6.3.2-150400.4.17.1
SUSE Linux Enterprise Module for Basesystem 15 SP4:keylime-firewalld-6.3.2-150400.4.17.1
SUSE Linux Enterprise Module for Basesystem 15 SP4:keylime-logrotate-6.3.2-150400.4.17.1
Ссылки
- CVE-2023-38200
- SUSE Bug 1213310