SUSE-SU-2024:2648-1

Опубликовано: 30 июл. 2024

Источник: suse-cvrf

Описание

Security update for shadow

This update for shadow fixes the following issues:

CVE-2013-4235: Fixed a race condition when copying and removing directory trees (bsc#916845).

Список пакетов

Container suse/ltss/sle15.3/bci-base:latest

login_defs-4.8.1-150300.4.15.1

shadow-4.8.1-150300.4.15.1

Container suse/sle-micro-rancher/5.2:latest

login_defs-4.8.1-150300.4.15.1

shadow-4.8.1-150300.4.15.1

Container suse/sle-micro/5.1/toolbox:latest

login_defs-4.8.1-150300.4.15.1

shadow-4.8.1-150300.4.15.1

Container suse/sle-micro/5.2/toolbox:latest

login_defs-4.8.1-150300.4.15.1

shadow-4.8.1-150300.4.15.1

Image SLES15-SP3-BYOS-Azure

login_defs-4.8.1-150300.4.15.1

shadow-4.8.1-150300.4.15.1

Image SLES15-SP3-BYOS-EC2-HVM

login_defs-4.8.1-150300.4.15.1

shadow-4.8.1-150300.4.15.1

Image SLES15-SP3-BYOS-GCE

login_defs-4.8.1-150300.4.15.1

shadow-4.8.1-150300.4.15.1

Image SLES15-SP3-CHOST-BYOS-Aliyun

login_defs-4.8.1-150300.4.15.1

shadow-4.8.1-150300.4.15.1

Image SLES15-SP3-CHOST-BYOS-Azure

login_defs-4.8.1-150300.4.15.1

shadow-4.8.1-150300.4.15.1

Image SLES15-SP3-CHOST-BYOS-EC2

login_defs-4.8.1-150300.4.15.1

shadow-4.8.1-150300.4.15.1

Image SLES15-SP3-CHOST-BYOS-GCE

login_defs-4.8.1-150300.4.15.1

shadow-4.8.1-150300.4.15.1

Image SLES15-SP3-CHOST-BYOS-SAP-CCloud

login_defs-4.8.1-150300.4.15.1

shadow-4.8.1-150300.4.15.1

Image SLES15-SP3-HPC-BYOS-Azure

login_defs-4.8.1-150300.4.15.1

shadow-4.8.1-150300.4.15.1

Image SLES15-SP3-HPC-BYOS-EC2-HVM

login_defs-4.8.1-150300.4.15.1

shadow-4.8.1-150300.4.15.1

Image SLES15-SP3-HPC-BYOS-GCE

login_defs-4.8.1-150300.4.15.1

shadow-4.8.1-150300.4.15.1

Image SLES15-SP3-Micro-5-1-BYOS-Azure

login_defs-4.8.1-150300.4.15.1

shadow-4.8.1-150300.4.15.1

Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM

login_defs-4.8.1-150300.4.15.1

shadow-4.8.1-150300.4.15.1

Image SLES15-SP3-Micro-5-1-BYOS-GCE

login_defs-4.8.1-150300.4.15.1

shadow-4.8.1-150300.4.15.1

Image SLES15-SP3-Micro-5-2-BYOS-Azure

login_defs-4.8.1-150300.4.15.1

shadow-4.8.1-150300.4.15.1

Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM

login_defs-4.8.1-150300.4.15.1

shadow-4.8.1-150300.4.15.1

Image SLES15-SP3-Micro-5-2-BYOS-GCE

login_defs-4.8.1-150300.4.15.1

shadow-4.8.1-150300.4.15.1

Image SLES15-SP3-SAP-Azure-LI-BYOS-Production

login_defs-4.8.1-150300.4.15.1

shadow-4.8.1-150300.4.15.1

Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production

login_defs-4.8.1-150300.4.15.1

shadow-4.8.1-150300.4.15.1

Image SLES15-SP3-SAP-BYOS-Azure

login_defs-4.8.1-150300.4.15.1

shadow-4.8.1-150300.4.15.1

Image SLES15-SP3-SAP-BYOS-EC2-HVM

login_defs-4.8.1-150300.4.15.1

shadow-4.8.1-150300.4.15.1

Image SLES15-SP3-SAP-BYOS-GCE

login_defs-4.8.1-150300.4.15.1

shadow-4.8.1-150300.4.15.1

Image SLES15-SP3-SAPCAL-Azure

login_defs-4.8.1-150300.4.15.1

shadow-4.8.1-150300.4.15.1

Image SLES15-SP3-SAPCAL-EC2-HVM

login_defs-4.8.1-150300.4.15.1

shadow-4.8.1-150300.4.15.1

Image SLES15-SP3-SAPCAL-GCE

login_defs-4.8.1-150300.4.15.1

shadow-4.8.1-150300.4.15.1

SUSE Enterprise Storage 7.1

login_defs-4.8.1-150300.4.15.1

shadow-4.8.1-150300.4.15.1

SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS

login_defs-4.8.1-150300.4.15.1

shadow-4.8.1-150300.4.15.1

SUSE Linux Enterprise Micro 5.1

login_defs-4.8.1-150300.4.15.1

shadow-4.8.1-150300.4.15.1

SUSE Linux Enterprise Micro 5.2

login_defs-4.8.1-150300.4.15.1

shadow-4.8.1-150300.4.15.1

SUSE Linux Enterprise Server 15 SP3-LTSS

login_defs-4.8.1-150300.4.15.1

shadow-4.8.1-150300.4.15.1

SUSE Linux Enterprise Server for SAP Applications 15 SP3

login_defs-4.8.1-150300.4.15.1

shadow-4.8.1-150300.4.15.1

Ссылки

https://www.suse.com/support/update/announcement/2024/suse-su-20242648-1/
Link for SUSE-SU-2024:2648-1
https://lists.suse.com/pipermail/sle-updates/2024-July/036170.html
E-Mail link for SUSE-SU-2024:2648-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/916845
SUSE Bug 916845
https://www.suse.com/security/cve/CVE-2013-4235/
SUSE CVE CVE-2013-4235 page

Описание

shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees

Затронутые продукты

Container suse/ltss/sle15.3/bci-base:latest:login_defs-4.8.1-150300.4.15.1

Container suse/ltss/sle15.3/bci-base:latest:shadow-4.8.1-150300.4.15.1

Container suse/sle-micro-rancher/5.2:latest:login_defs-4.8.1-150300.4.15.1

Container suse/sle-micro-rancher/5.2:latest:shadow-4.8.1-150300.4.15.1

Ссылки

https://www.suse.com/security/cve/CVE-2013-4235.html
CVE-2013-4235
https://bugzilla.suse.com/916845
SUSE Bug 916845

SUSE-SU-2024:2648-1

Описание

Список пакетов

Container suse/ltss/sle15.3/bci-base:latest

Container suse/sle-micro-rancher/5.2:latest

Container suse/sle-micro/5.1/toolbox:latest

Container suse/sle-micro/5.2/toolbox:latest

Image SLES15-SP3-BYOS-Azure

Image SLES15-SP3-BYOS-EC2-HVM

Image SLES15-SP3-BYOS-GCE

Image SLES15-SP3-CHOST-BYOS-Aliyun

Image SLES15-SP3-CHOST-BYOS-Azure

Image SLES15-SP3-CHOST-BYOS-EC2

Image SLES15-SP3-CHOST-BYOS-GCE

Image SLES15-SP3-CHOST-BYOS-SAP-CCloud

Image SLES15-SP3-HPC-BYOS-Azure

Image SLES15-SP3-HPC-BYOS-EC2-HVM

Image SLES15-SP3-HPC-BYOS-GCE

Image SLES15-SP3-Micro-5-1-BYOS-Azure

Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM

Image SLES15-SP3-Micro-5-1-BYOS-GCE

Image SLES15-SP3-Micro-5-2-BYOS-Azure

Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM

Image SLES15-SP3-Micro-5-2-BYOS-GCE

Image SLES15-SP3-SAP-Azure-LI-BYOS-Production

Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production

Image SLES15-SP3-SAP-BYOS-Azure

Image SLES15-SP3-SAP-BYOS-EC2-HVM

Image SLES15-SP3-SAP-BYOS-GCE

Image SLES15-SP3-SAPCAL-Azure

Image SLES15-SP3-SAPCAL-EC2-HVM

Image SLES15-SP3-SAPCAL-GCE

SUSE Enterprise Storage 7.1

SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS

SUSE Linux Enterprise Micro 5.1

SUSE Linux Enterprise Micro 5.2

SUSE Linux Enterprise Server 15 SP3-LTSS

SUSE Linux Enterprise Server for SAP Applications 15 SP3

Ссылки

Уязвимость: CVE-2013-4235

Описание

Затронутые продукты

Ссылки