Download
| Alert*
oval:org.secpod.oval:def:605807
libuuid1 is installed oval:org.secpod.oval:def:89044717 This update for util-linux fixes the following issues: This security issue was fixed: - CVE-2017-2616: In su with PAM support it was possible for local users to send SIGKILL to selected other processes with root privileges . This non-security issues were fixed: - lscpu: Implement WSL detection and w ... oval:org.secpod.oval:def:89044723 libuuid1 is installed oval:org.secpod.oval:def:89045277 This update for util-linux fixes the following issues: - Consider redundant slashes when comparing paths . - Use upstream compatibility patches for --show-pt-geometry with obsolescence and deprecation warning - Replace cifs mount detection patch with upstream one that covers all cases . - Reuse exi ... oval:org.secpod.oval:def:89050721 This update for util-linux and shadow fixes the following issues: util-linux: - Fixed an issue where PATH settings in /etc/default/su being ignored - Prevent outdated pam files . - Do not trim read-only volumes . - Integrate pam_keyinit pam module to login . - Perform one-time reset of /etc/default ... oval:org.secpod.oval:def:89050816 This update for util-linux and shadow fixes the following issues: util-linux: - Fixed an issue where PATH settings in /etc/default/su being ignored - Prevent outdated pam files . - De-duplicate fstrim -A properly . - Do not trim read-only volumes . - Integrate pam_keyinit pam module to login . - Pe ... oval:org.secpod.oval:def:89049649 This update for util-linux fixes the following security issue: - CVE-2018-7738: Fix local vulnerability using embedded shell commands in a mountpoint name oval:org.secpod.oval:def:89049249 This update for util-linux fixes the following issues: * CVE-2018-7738: Fixed shell code injection in umount bash-completions oval:org.secpod.oval:def:88332 The Qualys Research Labs discovered two vulnerabilities in util-linux"s libmount. These flaws allow an unprivileged user to unmount other users" filesystems that are either world-writable themselves or mounted in a world-writable directory , or to unmount FUSE filesystems that belong to certain othe ... oval:org.secpod.oval:def:89047566 This security update for libeconf, shadow and util-linux fix the following issues: libeconf: - Add libeconf to SLE-Module-Basesystem_15-SP3 because needed by "util-linux" and "shadow" to fix autoyast handling of security related parameters Issues fixed in libeconf: - Reading numbers with different ... oval:org.secpod.oval:def:605786 The Qualys Research Labs discovered two vulnerabilities in util-linux"s libmount. These flaws allow an unprivileged user to unmount other users" filesystems that are either world-writable themselves or mounted in a world-writable directory , or to unmount FUSE filesystems that belong to certain othe ... oval:org.secpod.oval:def:89051155 This update for util-linux fixes the following issues: * CVE-2018-7738: Fixed shell code injection in umount bash-completions . oval:org.secpod.oval:def:99567 util-linux: miscellaneous system utilities util-linux could be made to expose sensitive information. oval:org.secpod.oval:def:99577 util-linux: miscellaneous system utilities Details: USN-6719-1 fixed a vulnerability in util-linux. Unfortunately, it was discovered that the fix did not fully address the issue. This update removes the setgid permission bit from the wall and write utilities. Original advisory util-linux could be ma ... oval:org.secpod.oval:def:89051709 This update for util-linux fixes the following issues: * CVE-2024-28085: Properly neutralize escape sequences in wall. * Prevent error message if `/var/lib/libuuid/clock.txt` does not exist * Fixed performance degradation oval:org.secpod.oval:def:89051735 This update for util-linux fixes the following issues: * CVE-2024-28085: Properly neutralize escape sequences in wall oval:org.secpod.oval:def:89051739 This update for util-linux fixes the following issues: * CVE-2024-28085: Properly neutralize escape sequences in wall oval:org.secpod.oval:def:89051736 This update for util-linux fixes the following issues: * CVE-2024-28085: Properly neutralize escape sequences in wall oval:org.secpod.oval:def:708858 util-linux: miscellaneous system utilities util-linux could be made to expose sensitive information. oval:org.secpod.oval:def:708869 util-linux: miscellaneous system utilities Details: USN-6719-1 fixed a vulnerability in util-linux. Unfortunately, it was discovered that the fix did not fully address the issue. This update removes the setgid permission bit from the wall and write utilities. Original advisory util-linux could be ma ... oval:org.secpod.oval:def:89051737 This update for util-linux fixes the following issues: * CVE-2024-28085: Properly neutralize escape sequences in wall oval:org.secpod.oval:def:99984 Skyler Ferrante discovered that the wall tool from util-linux does not properly handle escape sequences from command line arguments. A local attacker can take advantage of this flaw for information disclosure. With this update wall and write are not anymore installed with setgid tty. oval:org.secpod.oval:def:89047091 This update for util-linux fixes the following issues: - CVE-2021-37600: Fixed an integer overflow which could lead to a buffer overflow in get_sem_elements in sys-utils/ipcutils.c |