Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2025:02166-1

Опубликовано: 30 июн. 2025
Источник: suse-cvrf

Описание

Security update for himmelblau

This update for himmelblau fixes the following issues:

  • CVE-2025-5791: Fixed using deprecated users crate (bsc#1244202)
  • CVE-2025-3416: Fixed use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate (bsc#1242648)

Update to version 0.7.17+git.0.1ebdab0

  • Update sccache-action version to use new cache service

Список пакетов

SUSE Linux Enterprise Module for Basesystem 15 SP7
himmelblau-0.7.17+git.0.1ebdab0-150700.3.3.2
himmelblau-sshd-config-0.7.17+git.0.1ebdab0-150700.3.3.2
libnss_himmelblau2-0.7.17+git.0.1ebdab0-150700.3.3.2
pam-himmelblau-0.7.17+git.0.1ebdab0-150700.3.3.2

Ссылки

Описание

A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string.

Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP7:himmelblau-0.7.17+git.0.1ebdab0-150700.3.3.2
SUSE Linux Enterprise Module for Basesystem 15 SP7:himmelblau-sshd-config-0.7.17+git.0.1ebdab0-150700.3.3.2
SUSE Linux Enterprise Module for Basesystem 15 SP7:libnss_himmelblau2-0.7.17+git.0.1ebdab0-150700.3.3.2
SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-himmelblau-0.7.17+git.0.1ebdab0-150700.3.3.2
Ссылки

Описание

unknown

Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP7:himmelblau-0.7.17+git.0.1ebdab0-150700.3.3.2
SUSE Linux Enterprise Module for Basesystem 15 SP7:himmelblau-sshd-config-0.7.17+git.0.1ebdab0-150700.3.3.2
SUSE Linux Enterprise Module for Basesystem 15 SP7:libnss_himmelblau2-0.7.17+git.0.1ebdab0-150700.3.3.2
SUSE Linux Enterprise Module for Basesystem 15 SP7:pam-himmelblau-0.7.17+git.0.1ebdab0-150700.3.3.2
Ссылки