Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
suseSuseOPENSUSE-SU-2022:10090-1
HistoryAug 16, 2022 - 12:00 a.m.

Security update for canna (important)

2022-08-1600:00:00
lists.opensuse.org
14

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

JSON

An update that fixes one vulnerability is now available.

Description:

This update for canna fixes the following issues:

  • CVE-2022-21950: move UNIX socket dir from /tmp to /run to avoid local
    attackers being able to place bogus directories in its stead. Use
    systemd-tmpfiles for cleaning old sockets (boo#1199280).

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

  • openSUSE Backports SLE-15-SP3:

    zypper in -t patch openSUSE-2022-10090=1

OSVersionArchitecturePackageVersionFilename
openSUSE Backports SLE15-SP3aarch64- opensuse backports sle< 15-SP3 (aarch64 i586 ppc64le s390x x86_64):- openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64):.aarch64.rpm
openSUSE Backports SLE15-SP3i586- opensuse backports sle< 15-SP3 (aarch64 i586 ppc64le s390x x86_64):- openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64):.i586.rpm
openSUSE Backports SLE15-SP3ppc64le- opensuse backports sle< 15-SP3 (aarch64 i586 ppc64le s390x x86_64):- openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64):.ppc64le.rpm
openSUSE Backports SLE15-SP3s390x- opensuse backports sle< 15-SP3 (aarch64 i586 ppc64le s390x x86_64):- openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64):.s390x.rpm
openSUSE Backports SLE15-SP3x86_64- opensuse backports sle< 15-SP3 (aarch64 i586 ppc64le s390x x86_64):- openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64):.x86_64.rpm
openSUSE Backports SLE15-SP3aarch64_ilp32- opensuse backports sle< 15-SP3 (aarch64_ilp32):- openSUSE Backports SLE-15-SP3 (aarch64_ilp32):.aarch64_ilp32.rpm
openSUSE Backports SLE15-SP3x86_64- opensuse backports sle< 15-SP3 (x86_64):- openSUSE Backports SLE-15-SP3 (x86_64):.x86_64.rpm

Related

suse 1
openvas 2
nessus 1
prion 1
cve 1
mageia 1
suse
suse
Security update for canna (important)
2022-08-16 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2022-0306)
2022-08-26 00:00:00
openSUSE: Security Advisory for canna (openSUSE-SU-2022:10091-1)
2024-03-04 00:00:00
nessus
nessus
openSUSE 15 Security Update : canna (openSUSE-SU-2022:10091-1)
2022-08-18 00:00:00
prion
prion
Improper access control
2022-09-07 09:15:00
cve
cve
CVE-2022-21950
2022-09-07 09:15:00
mageia
mageia
Updated canna packages fix security vulnerability
2022-08-26 00:21:07

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

JSON
Related for OPENSUSE-SU-2022:10090-1
suse1openvas2nessus1prion1cve1mageia1