[SUSE-SU-2022:0727-1] Security update for libeconf, shadow and util-linux
Security update for libeconf, shadow and util-linux
This security update for libeconf, shadow and util-linux fix the following issues:
libeconf:
- Add libeconf to SLE-Module-Basesystem_15-SP3 because needed by 'util-linux' and 'shadow' to fix autoyast handling of security related parameters (bsc#1192954, jsc#SLE-23384, jsc#SLE-23402)
Issues fixed in libeconf:
- Reading numbers with different bases (e.g. oktal) (bsc#1193632) (#157)
- Fixed different issues while writing string values to file.
- Writing comments to file too.
- Fixed crash while merging values.
- Added econftool cat option (#146)
- new API call: econf_readDirsHistory (showing ALL locations)
- new API call: econf_getPath (absolute path of the configuration file)
- Man pages libeconf.3 and econftool.8.
- Handling multiline strings.
- Added libeconf_ext which returns more information like
line_nr, comments, path of the configuration file,...
- Econftool, an command line interface for handling configuration
files.
- Generating HTML API documentation with doxygen.
- Improving error handling and semantic file check.
- Joining entries with the same key to one single entry if
env variable ECONF_JOIN_SAME_ENTRIES has been set.
shadow:
- The legacy code does not support /etc/login.defs.d used by YaST. Enable libeconf to read it (bsc#1192954, jsc#SLE-23384, jsc#SLE-23402)
util-linux:
- The legacy code does not support /etc/login.defs.d used by YaST. Enable libeconf to read it (bsc#1192954, jsc#SLE-23384, jsc#SLE-23402)
- Allow use of larger values for start sector to prevent
blockdev --report
aborting (bsc#1188507) - Fixed
blockdev --report
using non-space characters as a field separator (bsc#1188507) - CVE-2021-3995: Fixed unauthorized unmount in util-linux's libmount. (bsc#1194976)
- CVE-2021-3996: Fixed unauthorized unmount in util-linux's libmount. (bsc#1194976)
- ID
- SUSE-SU-2022:0727-1
- Severity
- moderate
- URL
- https://www.suse.com/support/update/announcement/2022/suse-su-20220727-1/
- Published
-
2022-03-04T09:39:43
(2 years ago) - Modified
-
2022-03-04T09:39:43
(2 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
Source | # ID | Name | URL |
---|---|---|---|
Suse | SUSE ratings | https://www.suse.com/support/security/rating/ | |
Suse | URL of this CSAF notice | https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_0727-1.json | |
Suse | URL for SUSE-SU-2022:0727-1 | https://www.suse.com/support/update/announcement/2022/suse-su-20220727-1/ | |
Suse | E-Mail link for SUSE-SU-2022:0727-1 | https://lists.suse.com/pipermail/sle-security-updates/2022-March/010364.html | |
Bugzilla | SUSE Bug 1188507 | https://bugzilla.suse.com/1188507 | |
Bugzilla | SUSE Bug 1192954 | https://bugzilla.suse.com/1192954 | |
Bugzilla | SUSE Bug 1193632 | https://bugzilla.suse.com/1193632 | |
Bugzilla | SUSE Bug 1194976 | https://bugzilla.suse.com/1194976 | |
CVE | SUSE CVE CVE-2021-3995 page | https://www.suse.com/security/cve/CVE-2021-3995/ | |
CVE | SUSE CVE CVE-2021-3996 page | https://www.suse.com/security/cve/CVE-2021-3996/ |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/suse/util-linux?arch=x86_64&distro=slem-5 | suse | util-linux | < 2.36.2-150300.4.14.3 | slem-5 | x86_64 | |
Affected | pkg:rpm/suse/util-linux?arch=s390x&distro=slem-5 | suse | util-linux | < 2.36.2-150300.4.14.3 | slem-5 | s390x | |
Affected | pkg:rpm/suse/util-linux?arch=aarch64&distro=slem-5 | suse | util-linux | < 2.36.2-150300.4.14.3 | slem-5 | aarch64 | |
Affected | pkg:rpm/suse/util-linux-systemd?arch=x86_64&distro=slem-5 | suse | util-linux-systemd | < 2.36.2-150300.4.14.2 | slem-5 | x86_64 | |
Affected | pkg:rpm/suse/util-linux-systemd?arch=s390x&distro=slem-5 | suse | util-linux-systemd | < 2.36.2-150300.4.14.2 | slem-5 | s390x | |
Affected | pkg:rpm/suse/util-linux-systemd?arch=aarch64&distro=slem-5 | suse | util-linux-systemd | < 2.36.2-150300.4.14.2 | slem-5 | aarch64 | |
Affected | pkg:rpm/suse/shadow?arch=x86_64&distro=slem-5 | suse | shadow | < 4.8.1-150300.4.3.8 | slem-5 | x86_64 | |
Affected | pkg:rpm/suse/shadow?arch=s390x&distro=slem-5 | suse | shadow | < 4.8.1-150300.4.3.8 | slem-5 | s390x | |
Affected | pkg:rpm/suse/shadow?arch=aarch64&distro=slem-5 | suse | shadow | < 4.8.1-150300.4.3.8 | slem-5 | aarch64 | |
Affected | pkg:rpm/suse/login_defs?arch=noarch&distro=slem-5 | suse | login_defs | < 4.8.1-150300.4.3.8 | slem-5 | noarch | |
Affected | pkg:rpm/suse/libuuid1?arch=x86_64&distro=slem-5 | suse | libuuid1 | < 2.36.2-150300.4.14.3 | slem-5 | x86_64 | |
Affected | pkg:rpm/suse/libuuid1?arch=s390x&distro=slem-5 | suse | libuuid1 | < 2.36.2-150300.4.14.3 | slem-5 | s390x | |
Affected | pkg:rpm/suse/libuuid1?arch=aarch64&distro=slem-5 | suse | libuuid1 | < 2.36.2-150300.4.14.3 | slem-5 | aarch64 | |
Affected | pkg:rpm/suse/libsmartcols1?arch=x86_64&distro=slem-5 | suse | libsmartcols1 | < 2.36.2-150300.4.14.3 | slem-5 | x86_64 | |
Affected | pkg:rpm/suse/libsmartcols1?arch=s390x&distro=slem-5 | suse | libsmartcols1 | < 2.36.2-150300.4.14.3 | slem-5 | s390x | |
Affected | pkg:rpm/suse/libsmartcols1?arch=aarch64&distro=slem-5 | suse | libsmartcols1 | < 2.36.2-150300.4.14.3 | slem-5 | aarch64 | |
Affected | pkg:rpm/suse/libmount1?arch=x86_64&distro=slem-5 | suse | libmount1 | < 2.36.2-150300.4.14.3 | slem-5 | x86_64 | |
Affected | pkg:rpm/suse/libmount1?arch=s390x&distro=slem-5 | suse | libmount1 | < 2.36.2-150300.4.14.3 | slem-5 | s390x | |
Affected | pkg:rpm/suse/libmount1?arch=aarch64&distro=slem-5 | suse | libmount1 | < 2.36.2-150300.4.14.3 | slem-5 | aarch64 | |
Affected | pkg:rpm/suse/libfdisk1?arch=x86_64&distro=slem-5 | suse | libfdisk1 | < 2.36.2-150300.4.14.3 | slem-5 | x86_64 | |
Affected | pkg:rpm/suse/libfdisk1?arch=s390x&distro=slem-5 | suse | libfdisk1 | < 2.36.2-150300.4.14.3 | slem-5 | s390x | |
Affected | pkg:rpm/suse/libfdisk1?arch=aarch64&distro=slem-5 | suse | libfdisk1 | < 2.36.2-150300.4.14.3 | slem-5 | aarch64 | |
Affected | pkg:rpm/suse/libeconf0?arch=x86_64&distro=slem-5 | suse | libeconf0 | < 0.4.4+git20220104.962774f-150300.3.6.2 | slem-5 | x86_64 | |
Affected | pkg:rpm/suse/libeconf0?arch=s390x&distro=slem-5 | suse | libeconf0 | < 0.4.4+git20220104.962774f-150300.3.6.2 | slem-5 | s390x | |
Affected | pkg:rpm/suse/libeconf0?arch=aarch64&distro=slem-5 | suse | libeconf0 | < 0.4.4+git20220104.962774f-150300.3.6.2 | slem-5 | aarch64 | |
Affected | pkg:rpm/suse/libblkid1?arch=x86_64&distro=slem-5 | suse | libblkid1 | < 2.36.2-150300.4.14.3 | slem-5 | x86_64 | |
Affected | pkg:rpm/suse/libblkid1?arch=s390x&distro=slem-5 | suse | libblkid1 | < 2.36.2-150300.4.14.3 | slem-5 | s390x | |
Affected | pkg:rpm/suse/libblkid1?arch=aarch64&distro=slem-5 | suse | libblkid1 | < 2.36.2-150300.4.14.3 | slem-5 | aarch64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |