[CLSA-2023:1679349729] Fix CVE(s): CVE-2023-26604, CVE-2022-3821
Type:
security
Severity:
Important
Release date:
2023-03-20 22:02:09 UTC
Description:
* SECURITY UPDATE: buffer overrun vulnerability in format_timespan() - debian/patches/CVE-2022-3821.patch: fix buffer-over-run - CVE-2022-3821 * SECURITY UPDATE: a local privelege escalation for some sudo configs was not blocked adequately - debian/patches/CVE-2023-26604.patch: use only less as a pager and restrict its functionality (e.g stop running external shell) unless environment variable SYSTEMD_PAGERSECURE is defined - CVE-2023-26604
Updated packages:
  • libnss-myhostname_229-4ubuntu21.33+tuxcare.els1_amd64.deb
    sha:25b0e61ab0127b506c57fc43d5f229ab78857af4
  • libnss-mymachines_229-4ubuntu21.33+tuxcare.els1_amd64.deb
    sha:011e5897ebb6f4759c3d7a887387d6f406eb74d7
  • libnss-resolve_229-4ubuntu21.33+tuxcare.els1_amd64.deb
    sha:cde318897bae5f996b938ce4cc5942750e570610
  • libpam-systemd_229-4ubuntu21.33+tuxcare.els1_amd64.deb
    sha:85c135e532488ed3629352b4cba45087079a4c5e
  • libsystemd-dev_229-4ubuntu21.33+tuxcare.els1_amd64.deb
    sha:4774fb9f3f3a4d5486499f6c7fbae2284f083d8d
  • libsystemd0_229-4ubuntu21.33+tuxcare.els1_amd64.deb
    sha:105563acea80aec67e2681884cf70c55d7fdd8e0
  • libudev-dev_229-4ubuntu21.33+tuxcare.els1_amd64.deb
    sha:64736d11529092b7eb67051e808508bcc4f48b50
  • libudev1_229-4ubuntu21.33+tuxcare.els1_amd64.deb
    sha:c97fd0343fd2b6b02aaca6d092aa5f9c90023742
  • systemd_229-4ubuntu21.33+tuxcare.els1_amd64.deb
    sha:29934591ba71bd8498bc6e6503a66dff0ca1147b
  • systemd-container_229-4ubuntu21.33+tuxcare.els1_amd64.deb
    sha:89edc631d2b5d9ea957fac93a08f1fec5233cdcd
  • systemd-coredump_229-4ubuntu21.33+tuxcare.els1_amd64.deb
    sha:da9edf102249822d2b771f6f76d442dfa031d8e5
  • systemd-journal-remote_229-4ubuntu21.33+tuxcare.els1_amd64.deb
    sha:1355fcc0a1f921a24cb9071172eada1d6a351546
  • systemd-sysv_229-4ubuntu21.33+tuxcare.els1_amd64.deb
    sha:f356ecb5742cc39de21f836e17cc32bca20bc59c
  • udev_229-4ubuntu21.33+tuxcare.els1_amd64.deb
    sha:4a132cee7327403cbc3e093e9e5eaf1425b66392
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.