Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
suseSuseOPENSUSE-SU-2022:10018-1
HistoryJun 20, 2022 - 12:00 a.m.

Security update for atheme (important)

2022-06-2000:00:00
lists.opensuse.org
14

0.002 Low

EPSS

Percentile

54.8%

JSON

An update that solves one vulnerability and has one errata
is now available.

Description:

This update for atheme fixes the following issues:

atheme was updated to release 7.2.12:

  • CVE-2022-24976: Fixed General authentication bypass in Atheme IRC
    services with InspIRCd 3 [boo#1195989]
  • Track SASL login EID

Update to release 7.2.11

  • Add a preliminary Turkish translation
  • Add HMAC-MD5 verify-only support to crypto/pbkdf2v2
  • modules/chanserv/akick: fix unload crash with akicks that have timeouts
  • modules/nickserv/multimark: use IRC case canonicalisation for restored
    nicks
  • modules/nickserv/multimark: forbid unloading due to the potential for
    data loss
  • CA_ constants: include CA_EXEMPT (+e) where appropriate

Update to new upstream release 7.2.10.r2

  • Fix potential NULL dereference in modules/crypto/posix.
  • Bump E-Mail address maximum length to 254 characters.
  • Use flags setter information in modules/chanserv/access &
    modules/chanserv/flags.
  • Fix issue where modules/misc/httpd was not closing its listening socket
    on deinit.
  • Fix GroupServ data loss issue when a group was the founder of another
    group.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

  • openSUSE Backports SLE-15-SP3:

    zypper in -t patch openSUSE-2022-10018=1

OSVersionArchitecturePackageVersionFilename
openSUSE Backports SLE15-SP3aarch64- opensuse backports sle< 15-SP3 (aarch64 i586 ppc64le s390x x86_64):- openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64):.aarch64.rpm
openSUSE Backports SLE15-SP3i586- opensuse backports sle< 15-SP3 (aarch64 i586 ppc64le s390x x86_64):- openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64):.i586.rpm
openSUSE Backports SLE15-SP3ppc64le- opensuse backports sle< 15-SP3 (aarch64 i586 ppc64le s390x x86_64):- openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64):.ppc64le.rpm
openSUSE Backports SLE15-SP3s390x- opensuse backports sle< 15-SP3 (aarch64 i586 ppc64le s390x x86_64):- openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64):.s390x.rpm
openSUSE Backports SLE15-SP3x86_64- opensuse backports sle< 15-SP3 (aarch64 i586 ppc64le s390x x86_64):- openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64):.x86_64.rpm

Related

osv 1
suse 1
cvelist 1
nvd 1
ubuntucve 1
openvas 1
cve 1
veracode 1
nessus 1
prion 1
debiancve 1
osv
osv
CVE-2022-24976
2022-02-14 12:15:27
suse
suse
Security update for atheme (important)
2022-06-20 00:00:00
cvelist
cvelist
CVE-2022-24976
2022-02-13 06:20:02
nvd
nvd
CVE-2022-24976
2022-02-14 12:15:27
ubuntucve
ubuntucve
CVE-2022-24976
2022-02-14 00:00:00
openvas
openvas
openSUSE: Security Advisory for atheme (openSUSE-SU-2022:10019-1)
2024-03-04 00:00:00
cve
cve
CVE-2022-24976
2022-02-14 12:15:27
veracode
veracode
Denial Of Service (DoS)
2022-02-21 09:10:53
nessus
nessus
openSUSE 15 Security Update : atheme (openSUSE-SU-2022:10018-1)
2022-06-22 00:00:00
prion
prion
Authentication flaw
2022-02-14 12:15:00
debiancve
debiancve
CVE-2022-24976
2022-02-14 12:15:27

0.002 Low

EPSS

Percentile

54.8%

JSON
Related for OPENSUSE-SU-2022:10018-1
osv1suse1cvelist1nvd1ubuntucve1openvas1cve1veracode1nessus1prion1debiancve1