3901 matches found
SUSE-SU-2024:4416-1 Security update for vhostmd
This update for vhostmd fixes the following issues: Updated to version 1.2 - Fix actions using the 'free' command - Fix buffer accounting when generating metric XML - Change actions to retrieve vendor and product info - Add a 'unit' attribute to the metrics element - vif-stats.py: convert to...
PT-2024-41360 · Opensuse +1 · Vhostmd
Name of the Vulnerable Software and Affected Versions: vhostmd versions prior to 1.2 Description: This update for vhostmd addresses issues including fixes for actions using the 'free' command, buffer accounting when generating metric XML, and the 'VirtualizationVendor' action to strip URLs. It al...
systemd bug fix update
An update is available for systemd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The systemd packages contain systemd, a system and service manager for Linux,...
SUSE SLES15: docker / docker-bash-completion / docker-fish-completion / etc (SUSE-SU-2024:4360-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:4360-1 advisory. - Update docker-buildx to v0.19.2. See upstream changelog online at . Some notable changelogs from the last update: -...
SUSE-SU-2024:4319-1 Security update for docker
This update for docker fixes the following issues: - Update docker-buildx to v0.19.2. See upstream changelog online at . Some notable changelogs from the last update: - Add a new toggle file /etc/docker/suse-secrets-enable which allows users to disable the SUSEConnect integration with Docker whic...
SUSE SLES12 Security Update : docker-stable (SUSE-SU-2024:4205-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2024:4205-1 advisory. - Remove DOCKERNETWORKOPTS from docker.service. This was removed from sysconfig a long time ago, and apparently this causes issues with systemd in some...
redis:7 security update
7.2.6-1 - rebase to 7.2.6 RHEL-26628 7.0.12-1 - rebase to 7.0.12 2221899 7.0.11-1 - rebase to 7.0.11 for new redis:7 stream 2129826 7.0.11-1 - Upstream 7.0.11 release. 7.0.10-2 - fix modules directory ownership and permissions 2176173 - drop redis-shutdown helper and rely on systemd 2181181...
Security update for docker-stable
This update for docker-stable fixes the following issues: Remove DOCKERNETWORKOPTS from docker.service. This was removed from sysconfig a long time ago, and apparently this causes issues with systemd in some cases. Update --add-runtime to point to correct binary path. Further merge docker and...
Race Condition
Overview benchexec is a framework for reliable benchmarking and resource measurement. Affected versions of this package are vulnerable to Race Condition via the asynchronous StartTransientUnit method within cgroupsv2.py. An attacker could manipulate the timing of transient unit creation, leading ...
CVE-2024-22037
The uyuni-server-attestation systemd service needs a databasepassword environment variable. This file has 640 permission, and cannot be shown users, but the environment is still exposed by systemd to non-privileged users...
CVE-2024-22037 Database password leaked by systemd uyuni-server-attestation service
The uyuni-server-attestation systemd service needs a databasepassword environment variable. This file has 640 permission, and cannot be shown users, but the environment is still exposed by systemd to non-privileged users...
CVE-2024-22037
CVE-2024-22037 is referenced in SUSE updates for Uyuni tooling. The issue stems from database credentials being exposed via environment in a systemd/Podman context. The connected SUSE advisory notes that CVE-2024-22037 is fixed by switching to podman secrets to store database credentials (uyuni-t...
CVE-2024-22037 Database password leaked by systemd uyuni-server-attestation service
The uyuni-server-attestation systemd service needs a databasepassword environment variable. This file has 640 permission, and cannot be shown users, but the environment is still exposed by systemd to non-privileged users...
SUSE Manager 安全漏洞
SUSE Manager is a Linux server management system from SUSE Germany. The system provides automated software management, system configuration and monitoring. A security vulnerability exists in SUSE Manager, which stems from the systemd service requiring the databasepassword environment variable, a...
SUSE CVE-2024-22037
The uyuni-server-attestation systemd service needs a databasepassword environment variable. This file has 640 permission, and cannot be shown users, but the environment is still exposed by systemd to non-privileged users...
Security update for SUSE Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security fixes on Python 3.11 interpreter: CVE-2024-7592: Fixed quadratic complexity in parsing -quoted cookie values with backslashes bsc1229873, bsc1230059 CVE-2024-8088: Prevent malformed payload to cause infinite loops in zipfile.Path...
PT-2024-19170 · Suse · Suse Manager Server +1
Name of the Vulnerable Software and Affected Versions: SUSE Manager Server affected versions not specified Description: The issue concerns the exposure of sensitive system information due to the uyuni-server-attestation systemd service needing a database password environment variable. Although th...
Fedora 37 : grafana (2022-8f60426b65)
The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-8f60426b65 advisory. Automatic update for grafana-9.0.2-2.fc37. Changelog Wed Jul 13 2022 Andreas Gerstmayr 9.0.2-2 - use systemd-sysusers to create the Grafana user and group...
Fedora 37 : systemd (2022-6919a53ea9)
The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-6919a53ea9 advisory. Bugfix release for CVE-2022-4415. No need to log out or reboot. Tenable has extracted the preceding description block directly from the Fedora security...
Fedora 41 : opendmarc (2024-513cf04db3)
The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-513cf04db3 advisory. - Fix for CVE-2024-25768 - Closes rhbz2266175 rhbz2266174 - Convert to %autorelease and %autochangelog - Simplify spec - Remove checks on if systemd is prese...