SUSE-SU-2023:4109-1

Опубликовано: 18 окт. 2023

Источник: suse-cvrf

Описание

Security update for erlang

This update for erlang fixes the following issues:

Updated to version 23.3.4.19 (jsc#PED-6209):
- CVE-2022-37026: Complete a previous insufficient fix for an authentication bypass (bsc#1205318).

Список пакетов

SUSE Enterprise Storage 7.1

erlang-23.3.4.19-150300.3.11.1

erlang-epmd-23.3.4.19-150300.3.11.1

SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS

erlang-23.3.4.19-150300.3.11.1

erlang-epmd-23.3.4.19-150300.3.11.1

SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS

erlang-23.3.4.19-150300.3.11.1

erlang-epmd-23.3.4.19-150300.3.11.1

SUSE Linux Enterprise Module for Server Applications 15 SP4

erlang-23.3.4.19-150300.3.11.1

erlang-epmd-23.3.4.19-150300.3.11.1

SUSE Linux Enterprise Module for Server Applications 15 SP5

erlang-23.3.4.19-150300.3.11.1

erlang-epmd-23.3.4.19-150300.3.11.1

SUSE Linux Enterprise Server 15 SP3-LTSS

erlang-23.3.4.19-150300.3.11.1

erlang-epmd-23.3.4.19-150300.3.11.1

SUSE Linux Enterprise Server for SAP Applications 15 SP3

erlang-23.3.4.19-150300.3.11.1

erlang-epmd-23.3.4.19-150300.3.11.1

SUSE Manager Proxy 4.2

erlang-23.3.4.19-150300.3.11.1

erlang-epmd-23.3.4.19-150300.3.11.1

SUSE Manager Server 4.2

erlang-23.3.4.19-150300.3.11.1

erlang-epmd-23.3.4.19-150300.3.11.1

Ссылки

https://www.suse.com/support/update/announcement/2023/suse-su-20234109-1/
Link for SUSE-SU-2023:4109-1
https://lists.suse.com/pipermail/sle-security-updates/2023-October/016724.html
E-Mail link for SUSE-SU-2023:4109-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1205318
SUSE Bug 1205318
https://www.suse.com/security/cve/CVE-2022-37026/
SUSE CVE CVE-2022-37026 page

Описание

In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before 25.0.2, there is a Client Authentication Bypass in certain client-certification situations for SSL, TLS, and DTLS.

Затронутые продукты

SUSE Enterprise Storage 7.1:erlang-23.3.4.19-150300.3.11.1

SUSE Enterprise Storage 7.1:erlang-epmd-23.3.4.19-150300.3.11.1

SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:erlang-23.3.4.19-150300.3.11.1

SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:erlang-epmd-23.3.4.19-150300.3.11.1

Ссылки

https://www.suse.com/security/cve/CVE-2022-37026.html
CVE-2022-37026
https://bugzilla.suse.com/1205318
SUSE Bug 1205318
https://bugzilla.suse.com/1207113
SUSE Bug 1207113

SUSE-SU-2023:4109-1

Описание

Список пакетов

SUSE Enterprise Storage 7.1

SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS

SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS

SUSE Linux Enterprise Module for Server Applications 15 SP4

SUSE Linux Enterprise Module for Server Applications 15 SP5

SUSE Linux Enterprise Server 15 SP3-LTSS

SUSE Linux Enterprise Server for SAP Applications 15 SP3

SUSE Manager Proxy 4.2

SUSE Manager Server 4.2

Ссылки

Уязвимость: CVE-2022-37026

Описание

Затронутые продукты

Ссылки