Release date:
2023-03-20 22:02:09 UTC
Description:
* SECURITY UPDATE: buffer overrun vulnerability in format_timespan()
- debian/patches/CVE-2022-3821.patch: fix buffer-over-run
- CVE-2022-3821
* SECURITY UPDATE: a local privelege escalation for some sudo configs
was not blocked adequately
- debian/patches/CVE-2023-26604.patch: use only less as a pager and
restrict its functionality (e.g stop running external shell) unless
environment variable SYSTEMD_PAGERSECURE is defined
- CVE-2023-26604
Updated packages:
-
libnss-myhostname_229-4ubuntu21.33+tuxcare.els1_amd64.deb
sha:25b0e61ab0127b506c57fc43d5f229ab78857af4
-
libnss-mymachines_229-4ubuntu21.33+tuxcare.els1_amd64.deb
sha:011e5897ebb6f4759c3d7a887387d6f406eb74d7
-
libnss-resolve_229-4ubuntu21.33+tuxcare.els1_amd64.deb
sha:cde318897bae5f996b938ce4cc5942750e570610
-
libpam-systemd_229-4ubuntu21.33+tuxcare.els1_amd64.deb
sha:85c135e532488ed3629352b4cba45087079a4c5e
-
libsystemd-dev_229-4ubuntu21.33+tuxcare.els1_amd64.deb
sha:4774fb9f3f3a4d5486499f6c7fbae2284f083d8d
-
libsystemd0_229-4ubuntu21.33+tuxcare.els1_amd64.deb
sha:105563acea80aec67e2681884cf70c55d7fdd8e0
-
libudev-dev_229-4ubuntu21.33+tuxcare.els1_amd64.deb
sha:64736d11529092b7eb67051e808508bcc4f48b50
-
libudev1_229-4ubuntu21.33+tuxcare.els1_amd64.deb
sha:c97fd0343fd2b6b02aaca6d092aa5f9c90023742
-
systemd_229-4ubuntu21.33+tuxcare.els1_amd64.deb
sha:29934591ba71bd8498bc6e6503a66dff0ca1147b
-
systemd-container_229-4ubuntu21.33+tuxcare.els1_amd64.deb
sha:89edc631d2b5d9ea957fac93a08f1fec5233cdcd
-
systemd-coredump_229-4ubuntu21.33+tuxcare.els1_amd64.deb
sha:da9edf102249822d2b771f6f76d442dfa031d8e5
-
systemd-journal-remote_229-4ubuntu21.33+tuxcare.els1_amd64.deb
sha:1355fcc0a1f921a24cb9071172eada1d6a351546
-
systemd-sysv_229-4ubuntu21.33+tuxcare.els1_amd64.deb
sha:f356ecb5742cc39de21f836e17cc32bca20bc59c
-
udev_229-4ubuntu21.33+tuxcare.els1_amd64.deb
sha:4a132cee7327403cbc3e093e9e5eaf1425b66392
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.