Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

Vulnerability Intelligence

Customers

Vulnerability IntelligenceSUSE-SU-2023:0463-1

SUSE-SU-2023:0463-1

UNKNOWN

Security update for tar

Published Feb 20, 2023

Modified 3 years ago

Fix available

Details

This update for tar fixes the following issues:

CVE-2022-48303: Fixed a one-byte out-of-bounds read that resulted in use of uninitialized memory for a conditional jump (bsc#1207753).

Bug fixes:

Fix hang when unpacking test tarball (bsc#1202436).

Affected Packages

tar

SUSE Linux Enterprise Micro 5.1SUSE Linux Enterprise Micro 5.2SUSE Linux Enterprise Micro 5.3SUSE Linux Enterprise Module for Basesystem 15 SP4SUSE Linux Enterprise Real Time 15 SP3

Fixed in:

1.34-150000.3.31.1

tar-lang

SUSE Linux Enterprise Module for Basesystem 15 SP4SUSE Linux Enterprise Real Time 15 SP3openSUSE Leap 15.4

Fixed in:

1.34-150000.3.31.1

tar-rmt

SUSE Linux Enterprise Module for Basesystem 15 SP4SUSE Linux Enterprise Real Time 15 SP3openSUSE Leap 15.4

Fixed in:

1.34-150000.3.31.1

tar-backup-scripts

openSUSE Leap 15.4

Fixed in:

1.34-150000.3.31.1

tar-doc

openSUSE Leap 15.4

Fixed in:

1.34-150000.3.31.1

tar-tests

openSUSE Leap 15.4

Fixed in:

1.34-150000.3.31.1

References

REPORT

https://bugzilla.suse.com/1202436

REPORT

https://bugzilla.suse.com/1207753

WEB

https://www.suse.com/security/cve/CVE-2022-48303

ADVISORY

https://www.suse.com/support/update/announcement/2023/suse-su-20230463-1/

Upstream

CVE-2022-48303

Ecosystems(8)

SUSE Linux Enterprise Micro 5.1 SUSE Linux Enterprise Micro 5.2 SUSE Linux Enterprise Micro 5.3 SUSE Linux Enterprise Module for Basesystem 15 SP4 SUSE Linux Enterprise Real Time 15 SP3

Timeline

PublishedFeb 20, 2023

ModifiedFeb 20, 2023

SUSE-SU-2023:0463-1 | Mondoo Vulnerability Intelligence