SUSE-SU-2023:0056-2

UNKNOWN

Security update for libksba

Published Feb 15, 2023

Modified 3 years ago

Fix available

Details

This update for libksba fixes the following issues:

CVE-2022-47629: Fixed an integer overflow vulnerability in the CRL signature parser (bsc#1206579).

Affected Packages

libksba

SUSE Enterprise Storage 6SUSE Enterprise Storage 7SUSE Enterprise Storage 7.1SUSE Linux Enterprise High Performance Computing 15 SP1-LTSSSUSE Linux Enterprise High Performance Computing 15 SP2-LTSS

Fixed in:

1.3.5-150000.4.6.1

libksba-devel

SUSE Enterprise Storage 6SUSE Enterprise Storage 7SUSE Enterprise Storage 7.1SUSE Linux Enterprise High Performance Computing 15 SP1-LTSSSUSE Linux Enterprise High Performance Computing 15 SP2-LTSS

Fixed in:

1.3.5-150000.4.6.1

libksba8

SUSE Enterprise Storage 6SUSE Enterprise Storage 7SUSE Enterprise Storage 7.1SUSE Linux Enterprise High Performance Computing 15 SP1-LTSSSUSE Linux Enterprise High Performance Computing 15 SP2-LTSS

Fixed in:

1.3.5-150000.4.6.1

References

REPORT

https://bugzilla.suse.com/1206579

WEB

https://www.suse.com/security/cve/CVE-2022-47629

ADVISORY

https://www.suse.com/support/update/announcement/2023/suse-su-20230056-2/

Upstream

CVE-2022-47629

Ecosystems(16)

SUSE Enterprise Storage 6 SUSE Enterprise Storage 7 SUSE Enterprise Storage 7.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS

Timeline

PublishedFeb 15, 2023

ModifiedFeb 15, 2023

SUSE-SU-2023:0056-2 | Mondoo Vulnerability Intelligence