2020-08-05
ALT-BU-2020-3958-1
Branch sisyphus update bulletin.
Closed vulnerabilities
Published: 2020-03-16
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2020-9321
configurationwatcher.go in Traefik 2.x before 2.1.4 and TraefikEE 2.0.0 mishandles the purging of certificate contents from providers before logging.
Severity: HIGH (7.5)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
References:
Closed vulnerabilities
Published: 2023-01-24
BDU:2023-00526
Уязвимость пакета libsss_certmap сервиса управления доступом к удаленным каталогам и механизма аутентификации sssd, позволяющая нарушителю повысить свои привилегии
Severity: HIGH (8.8)
Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2023-02-01
Modified: 2025-03-27
Modified: 2025-03-27
CVE-2022-4254
sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters
Severity: HIGH (8.8)
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
- https://access.redhat.com/security/cve/CVE-2022-4254
- https://access.redhat.com/security/cve/CVE-2022-4254
- https://bugzilla.redhat.com/show_bug.cgi?id=2149894
- https://bugzilla.redhat.com/show_bug.cgi?id=2149894
- https://github.com/SSSD/sssd/commit/a2b9a84460429181f2a4fa7e2bb5ab49fd561274
- https://github.com/SSSD/sssd/commit/a2b9a84460429181f2a4fa7e2bb5ab49fd561274
- https://github.com/SSSD/sssd/issues/5135
- https://github.com/SSSD/sssd/issues/5135
- [debian-lts-announce] 20230529 [SECURITY] [DLA 3436-1] sssd security update
- [debian-lts-announce] 20230529 [SECURITY] [DLA 3436-1] sssd security update
Closed bugs
Please rename lxc-devel to liblxc-devel
lxc-libs is a wrong package name