Releases: cloudfoundry/cflinuxfs4
Releases · cloudfoundry/cflinuxfs4
0.62.0
Notably, this release addresses:
USN-5844-1 USN-5844-1: OpenSSL vulnerabilities:
- CVE-2023-0286: X.400 address type confusion in X.509 GeneralName
- CVE-2022-4203: X.509 Name Constraints Read Buffer Overflow
- CVE-2022-4304: Timing Oracle in RSA Decryption
- CVE-2022-4450: Double free after calling PEM_read_bio_ex
- CVE-2023-0215: Use-after-free following BIO_new_NDEF
- CVE-2023-0216: Invalid pointer dereference in d2i_PKCS7 functions
- CVE-2023-0217: NULL dereference validating DSA public key
- CVE-2023-0401: NULL dereference during PKCS7 data verification
- CVE-2023-0217: NULL dereference validating DSA public key
- CVE-2022-4304: Timing Oracle in RSA Decryption
- CVE-2023-0215: Use-after-free following BIO_new_NDEF
- CVE-2022-4450: Double free after calling PEM_read_bio_ex
- CVE-2023-0286: X.400 address type confusion in X.509 GeneralName
- CVE-2023-0401: NULL dereference during PKCS7 data verification
- CVE-2022-4203: X.509 Name Constraints Read Buffer Overflow
- CVE-2023-0216: Invalid pointer dereference in d2i_PKCS7 functions
USN-5825-2 USN-5825-2: PAM regressions:
- CVE-2022-28321: The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. The pam_access.so module doesn't correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS. In such conditions, a user with denied access to a machine can still get access. NOTE: the relevance of this issue is largely limited to openSUSE Tumbleweed and openSUSE Factory; it does not affect Linux-PAM upstream.
- https://launchpad.net/bugs/2006073: PAM: CVE-2022-28321 patch not correctly applied
-ii bind9-dnsutils 1:9.18.1-1ubuntu1.2 amd64 Clients provided with BIND 9
-ii bind9-host 1:9.18.1-1ubuntu1.2 amd64 DNS Lookup Utility
-ii bind9-libs:amd64 1:9.18.1-1ubuntu1.2 amd64 Shared Libraries used by BIND 9
+ii bind9-dnsutils 1:9.18.1-1ubuntu1.3 amd64 Clients provided with BIND 9
+ii bind9-host 1:9.18.1-1ubuntu1.3 amd64 DNS Lookup Utility
+ii bind9-libs:amd64 1:9.18.1-1ubuntu1.3 amd64 Shared Libraries used by BIND 9
-ii dnsutils 1:9.18.1-1ubuntu1.2 all Transitional package for bind9-dnsutils
+ii dnsutils 1:9.18.1-1ubuntu1.3 all Transitional package for bind9-dnsutils
-ii kbd 2.3.0-3ubuntu4 amd64 Linux console font and keytable utilities
+ii kbd 2.3.0-3ubuntu4.22.04 amd64 Linux console font and keytable utilities
-ii krb5-multidev:amd64 1.19.2-2 amd64 development files for MIT Kerberos without Heimdal conflict
-ii krb5-user 1.19.2-2 amd64 basic programs to authenticate using MIT Kerberos
+ii krb5-multidev:amd64 1.19.2-2ubuntu0.1 amd64 development files for MIT Kerberos without Heimdal conflict
+ii krb5-user 1.19.2-2ubuntu0.1 amd64 basic programs to authenticate using MIT Kerberos
-ii libdrm-common 2.4.110-1ubuntu1 all Userspace interface to kernel DRM services -- common files
-ii libdrm2:amd64 2.4.110-1ubuntu1 amd64 Userspace interface to kernel DRM services -- runtime
+ii libdrm-common 2.4.113-2~ubuntu0.22.04.1 all Userspace interface to kernel DRM services -- common files
+ii libdrm2:amd64 2.4.113-2~ubuntu0.22.04.1 amd64 Userspace interface to kernel DRM services -- runtime
-ii libgssapi-krb5-2:amd64 1.19.2-2 amd64 MIT Kerberos runtime libraries - krb5 GSS-API Mechanism
-ii libgssrpc4:amd64 1.19.2-2 amd64 MIT Kerberos runtime libraries - GSS enabled ONCRPC
+ii libgssapi-krb5-2:amd64 1.19.2-2ubuntu0.1 amd64 MIT Kerberos runtime libraries - krb5 GSS-API Mechanism
+ii libgssrpc4:amd64 1.19.2-2ubuntu0.1 amd64 MIT Kerberos runtime libraries - GSS enabled ONCRPC
-ii libk5crypto3:amd64 1.19.2-2 amd64 MIT Kerberos runtime libraries - Crypto Library
-ii libkadm5clnt-mit12:amd64 1.19.2-2 amd64 MIT Kerberos runtime libraries - Administration Clients
-ii libkadm5srv-mit12:amd64 1.19.2-2 amd64 MIT Kerberos runtime libraries - KDC and Admin Server
-ii libkdb5-10:amd64 1.19.2-2 amd64 MIT Kerberos runtime libraries - Kerberos database
+ii libk5crypto3:amd64 1.19.2-2ubuntu0.1 amd64 MIT Kerberos runtime libraries - Crypto Library
+ii libkadm5clnt-mit12:amd64 1.19.2-2ubuntu0.1 amd64 MIT Kerberos runtime libraries - Administration Clients
+ii libkadm5srv-mit12:amd64 1.19.2-2ubuntu0.1 amd64 MIT Kerberos runtime libraries - KDC and Admin Server
+ii libkdb5-10:amd64 1.19.2-2ubuntu0.1 amd64 MIT Kerberos runtime libraries - Kerberos database
-ii libkrb5-3:amd64 1.19.2-2 amd64 MIT Kerberos runtime libraries
-ii libkrb5-dev:amd64 1.19.2-2 amd64 headers and development libraries for MIT Kerberos
-ii libkrb5support0:amd64 1.19.2-2 amd64 MIT Kerberos runtime libraries - Support library
+ii libkrb5-3:amd64 1.19.2-2ubuntu0.1 amd64 MIT Kerberos runtime libraries
+ii libkrb5-dev:amd64 1.19.2-2ubuntu0.1 amd64 headers and development libraries for MIT Kerberos
+ii libkrb5support0:amd64 1.19.2-2ubuntu0.1 amd64 MIT Kerberos runtime libraries - Support library
-ii libpam-modules:amd64 1.4.0-11ubuntu2.1 amd64 Pluggable Authentication Modules for PAM
-ii libpam-modules-bin 1.4.0-11ubuntu2.1 amd64 Pluggable Authentication Modules for PAM - helper binaries
-ii libpam-runtime 1.4.0-11ubuntu2.1 all Runtime support for the PAM library
-ii libpam0g:amd64 1.4.0-11ubuntu2.1 amd64 Pluggable Authentication Modules library
+ii libpam-modules:amd64 1.4.0-11ubuntu2.3 amd64 Pluggable Authentication Modules for PAM
+ii libpam-modules-bin 1.4.0-11ubuntu2.3 amd64 Pluggable Authentication Modules for PAM - helper binaries
+ii libpam-runtime 1.4.0-11ubuntu2.3 all Runtime support for the PAM library
+ii libpam0g:amd64 1.4.0-11ubuntu2.3 amd64 Pluggable Authentication Modules library
-ii libssl-dev:amd64 3.0.2-0ubuntu1.7 amd64 Secure Sockets Layer toolkit - development files
-ii libssl3:amd64 3.0.2-0ubuntu1.7 amd64 Secure Sockets Layer toolkit - shared libraries
+ii libssl-dev:amd64 3.0.2-0ubuntu1.8 amd64 Secure Sockets Layer toolkit - development files
+ii libssl3:amd64 3.0.2-0ubuntu1.8 amd64 Secure Sockets Layer toolkit - shared libraries
-ii linux-libc-dev:amd64 5.15.0-58.64 amd64 Linux Kernel Headers for development
+ii linux-libc-dev:amd64 5.15.0-60.66 amd64 Linux Kernel Headers for development
-ii openssl 3.0.2-0ubuntu1.7 amd64 Secure Sockets Layer toolkit - cryptographic utility
+ii openssl 3.0.2-0ubuntu1.8 amd64 Secure Sockets Layer toolkit - cryptographic utility
-ii ubuntu-advantage-tools 27.12~22.04.1 amd64 management tools for Ubuntu Pro
+ii ubuntu-advantage-tools 27.13.3~22.04.1 amd64 management tools for Ubuntu Pro
0.61.0
Notably, this release addresses:
USN-5825-1 USN-5825-1: PAM vulnerability:
- CVE-2022-28321: The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. The pam_access.so module doesn't correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS. In such conditions, a user with denied access to a machine can still get access. NOTE: the relevance of this issue is largely limited to openSUSE Tumbleweed and openSUSE Factory; it does not affect Linux-PAM upstream.
-ii libpam-modules:amd64 1.4.0-11ubuntu2 amd64 Pluggable Authentication Modules for PAM
-ii libpam-modules-bin 1.4.0-11ubuntu2 amd64 Pluggable Authentication Modules for PAM - helper binaries
-ii libpam-runtime 1.4.0-11ubuntu2 all Runtime support for the PAM library
-ii libpam0g:amd64 1.4.0-11ubuntu2 amd64 Pluggable Authentication Modules library
+ii libpam-modules:amd64 1.4.0-11ubuntu2.1 amd64 Pluggable Authentication Modules for PAM
+ii libpam-modules-bin 1.4.0-11ubuntu2.1 amd64 Pluggable Authentication Modules for PAM - helper binaries
+ii libpam-runtime 1.4.0-11ubuntu2.1 all Runtime support for the PAM library
+ii libpam0g:amd64 1.4.0-11ubuntu2.1 amd64 Pluggable Authentication Modules library
-ii libwbclient0:amd64 2:4.15.9+dfsg-0ubuntu0.3 amd64 Samba winbind client library
+ii libwbclient0:amd64 2:4.15.13+dfsg-0ubuntu1 amd64 Samba winbind client library
0.60.0
Notably, this release addresses:
USN-5806-2 USN-5806-2: Ruby vulnerability:
- CVE-2021-33621: The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that use untrusted user input either to generate an HTTP response or to create a CGI::Cookie object.
-ii libruby3.0:amd64 3.0.2-7ubuntu2.2 amd64 Libraries necessary to run Ruby 3.0
+ii libruby3.0:amd64 3.0.2-7ubuntu2.3 amd64 Libraries necessary to run Ruby 3.0
-ii python3-pkg-resources 59.6.0-1.2 all Package Discovery and Resource Access using pkg_resources
+ii python3-pkg-resources 59.6.0-1.2ubuntu0.22.04.1 all Package Discovery and Resource Access using pkg_resources
-ii ruby3.0 3.0.2-7ubuntu2.2 amd64 Interpreter of object-oriented scripting language Ruby
+ii ruby3.0 3.0.2-7ubuntu2.3 amd64 Interpreter of object-oriented scripting language Ruby
0.59.0
Notably, this release addresses:
USN-5811-1 USN-5811-1: Sudo vulnerabilities:
- CVE-2023-22809: arbitrary file overwrite via sudoedit
- CVE-2022-33070: Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift via the function parse_tag_and_wiretype in protobuf-c/protobuf-c.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via unspecified vectors.
- CVE-2023-22809: arbitrary file overwrite via sudoedit
- CVE-2022-33070: Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift via the function parse_tag_and_wiretype in protobuf-c/protobuf-c.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via unspecified vectors.
-ii sudo 1.9.9-1ubuntu2.1 amd64 Provide limited super user privileges to specific users
+ii sudo 1.9.9-1ubuntu2.2 amd64 Provide limited super user privileges to specific users
0.58.0
-ii python-apt-common 2.3.0ubuntu2.1 all Python interface to libapt-pkg (locales)
+ii python-apt-common 2.4.0 all Python interface to libapt-pkg (locales)
-ii python3-apt 2.3.0ubuntu2.1 amd64 Python 3 interface to libapt-pkg
+ii python3-apt 2.4.0 amd64 Python 3 interface to libapt-pkg
0.57.0
Notably, this release addresses:
USN-5810-1 USN-5810-1: Git vulnerabilities:
- CVE-2022-23521: When parsing gitattributes, multiple integer overflows can occur when there is a huge number of path patterns, a huge number of attributes for a single pattern, or when the declared attribute names are huge.
- CVE-2022-41903: When processing the padding operators (e.g., %<(, %<|(, %>(, %>>(, or %><( ), an integer overflow can occur in pretty.c::format_and_pad_commit() where a size_t is improperly stored as an int, and then added as an offset to a subsequent memcpy() call.
- CVE-2022-41903: When processing the padding operators (e.g., %<(, %<|(, %>(, %>>(, or %><( ), an integer overflow can occur in pretty.c::format_and_pad_commit() where a size_t is improperly stored as an int, and then added as an offset to a subsequent memcpy() call.
- CVE-2022-23521: When parsing gitattributes, multiple integer overflows can occur when there is a huge number of path patterns, a huge number of attributes for a single pattern, or when the declared attribute names are huge.
USN-5807-1 USN-5807-1: libXpm vulnerabilities:
- CVE-2022-44617: infinite loop on height/width of 0
- CVE-2022-46285: infinite loop on unclosed comments
- CVE-2022-4883: compression commands depend on $PATH
- CVE-2022-46285: infinite loop on unclosed comments
- CVE-2022-44617: infinite loop on height/width of 0
- CVE-2022-4883: compression commands depend on $PATH
-ii git 1:2.34.1-1ubuntu1.5 amd64 fast, scalable, distributed revision control system
-ii git-man 1:2.34.1-1ubuntu1.5 all fast, scalable, distributed revision control system (manual pages)
+ii git 1:2.34.1-1ubuntu1.6 amd64 fast, scalable, distributed revision control system
+ii git-man 1:2.34.1-1ubuntu1.6 all fast, scalable, distributed revision control system (manual pages)
-ii libxpm-dev:amd64 1:3.5.12-1build2 amd64 X11 pixmap library (development headers)
-ii libxpm4:amd64 1:3.5.12-1build2 amd64 X11 pixmap library
+ii libxpm-dev:amd64 1:3.5.12-1ubuntu0.22.04.1 amd64 X11 pixmap library (development headers)
+ii libxpm4:amd64 1:3.5.12-1ubuntu0.22.04.1 amd64 X11 pixmap library
0.56.0
Notably, this release addresses:
USN-5801-1 USN-5801-1: Vim vulnerabilities:
- CVE-2022-0392: Heap-based Buffer Overflow in GitHub repository vim prior to 8.2.
- CVE-2022-0417: Heap-based Buffer Overflow GitHub repository vim/vim prior to 8.2.
- CVE-2022-0392: Heap-based Buffer Overflow in GitHub repository vim prior to 8.2.
- CVE-2022-0417: Heap-based Buffer Overflow GitHub repository vim/vim prior to 8.2.
-ii libpq-dev 14.5-0ubuntu0.22.04.1 amd64 header files for libpq5 (PostgreSQL library)
-ii libpq5:amd64 14.5-0ubuntu0.22.04.1 amd64 PostgreSQL C client library
+ii libpq-dev 14.6-0ubuntu0.22.04.1 amd64 header files for libpq5 (PostgreSQL library)
+ii libpq5:amd64 14.6-0ubuntu0.22.04.1 amd64 PostgreSQL C client library
-ii linux-libc-dev:amd64 5.15.0-56.62 amd64 Linux Kernel Headers for development
+ii linux-libc-dev:amd64 5.15.0-58.64 amd64 Linux Kernel Headers for development
-ii openssh-client 1:8.9p1-3 amd64 secure shell (SSH) client, for secure access to remote machines
-ii openssh-server 1:8.9p1-3 amd64 secure shell (SSH) server, for secure access from remote machines
-ii openssh-sftp-server 1:8.9p1-3 amd64 secure shell (SSH) sftp server module, for SFTP access from remote machines
+ii openssh-client 1:8.9p1-3ubuntu0.1 amd64 secure shell (SSH) client, for secure access to remote machines
+ii openssh-server 1:8.9p1-3ubuntu0.1 amd64 secure shell (SSH) server, for secure access from remote machines
+ii openssh-sftp-server 1:8.9p1-3ubuntu0.1 amd64 secure shell (SSH) sftp server module, for SFTP access from remote machines
-ii vim-common 2:8.2.3995-1ubuntu2.1 all Vi IMproved - Common files
-ii vim-tiny 2:8.2.3995-1ubuntu2.1 amd64 Vi IMproved - enhanced vi editor - compact version
+ii vim-common 2:8.2.3995-1ubuntu2.3 all Vi IMproved - Common files
+ii vim-tiny 2:8.2.3995-1ubuntu2.3 amd64 Vi IMproved - enhanced vi editor - compact version
-ii xxd 2:8.2.3995-1ubuntu2.1 amd64 tool to make (or reverse) a hex dump
+ii xxd 2:8.2.3995-1ubuntu2.3 amd64 tool to make (or reverse) a hex dump
0.55.0
Notably, this release addresses:
USN-5788-1 USN-5788-1: curl vulnerabilities:
- CVE-2022-43551: A vulnerability exists in curl <7.87.0 HSTS check that could be bypassed to trick it to keep using HTTP. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. However, the HSTS mechanism could be bypassed if the host name in the given URL first uses IDN characters that get replaced to ASCII counterparts as part of the IDN conversion. Like using the character UTF-8 U+3002 (IDEOGRAPHIC FULL STOP) instead of the common ASCII full stop (U+002E)
.. Then in a subsequent request, it does not detect the HSTS state and makes a clear text transfer. Because it would store the info IDN encoded but look for it IDN decoded. - CVE-2022-43552: HTTP Proxy deny use-after-free
- CVE-2022-43551: A vulnerability exists in curl <7.87.0 HSTS check that could be bypassed to trick it to keep using HTTP. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. However, the HSTS mechanism could be bypassed if the host name in the given URL first uses IDN characters that get replaced to ASCII counterparts as part of the IDN conversion. Like using the character UTF-8 U+3002 (IDEOGRAPHIC FULL STOP) instead of the common ASCII full stop (U+002E)
.. Then in a subsequent request, it does not detect the HSTS state and makes a clear text transfer. Because it would store the info IDN encoded but look for it IDN decoded. - CVE-2022-43552: HTTP Proxy deny use-after-free
-ii curl 7.81.0-1ubuntu1.6 amd64 command line tool for transferring data with URL syntax
+ii curl 7.81.0-1ubuntu1.7 amd64 command line tool for transferring data with URL syntax
-ii libcurl3-gnutls:amd64 7.81.0-1ubuntu1.6 amd64 easy-to-use client-side URL transfer library (GnuTLS flavour)
-ii libcurl4:amd64 7.81.0-1ubuntu1.6 amd64 easy-to-use client-side URL transfer library (OpenSSL flavour)
-ii libcurl4-openssl-dev:amd64 7.81.0-1ubuntu1.6 amd64 development files and documentation for libcurl (OpenSSL flavour)
+ii libcurl3-gnutls:amd64 7.81.0-1ubuntu1.7 amd64 easy-to-use client-side URL transfer library (GnuTLS flavour)
+ii libcurl4:amd64 7.81.0-1ubuntu1.7 amd64 easy-to-use client-side URL transfer library (OpenSSL flavour)
+ii libcurl4-openssl-dev:amd64 7.81.0-1ubuntu1.7 amd64 development files and documentation for libcurl (OpenSSL flavour)
-ii libsasl2-2:amd64 2.1.27+dfsg2-3ubuntu1 amd64 Cyrus SASL - authentication abstraction library
-ii libsasl2-dev 2.1.27+dfsg2-3ubuntu1 amd64 Cyrus SASL - development files for authentication abstraction library
-ii libsasl2-modules:amd64 2.1.27+dfsg2-3ubuntu1 amd64 Cyrus SASL - pluggable authentication modules
-ii libsasl2-modules-db:amd64 2.1.27+dfsg2-3ubuntu1 amd64 Cyrus SASL - pluggable authentication modules (DB)
-ii libsasl2-modules-gssapi-mit:amd64 2.1.27+dfsg2-3ubuntu1 amd64 Cyrus SASL - pluggable authentication modules (GSSAPI)
+ii libsasl2-2:amd64 2.1.27+dfsg2-3ubuntu1.1 amd64 Cyrus SASL - authentication abstraction library
+ii libsasl2-dev 2.1.27+dfsg2-3ubuntu1.1 amd64 Cyrus SASL - development files for authentication abstraction library
+ii libsasl2-modules:amd64 2.1.27+dfsg2-3ubuntu1.1 amd64 Cyrus SASL - pluggable authentication modules
+ii libsasl2-modules-db:amd64 2.1.27+dfsg2-3ubuntu1.1 amd64 Cyrus SASL - pluggable authentication modules (DB)
+ii libsasl2-modules-gssapi-mit:amd64 2.1.27+dfsg2-3ubuntu1.1 amd64 Cyrus SASL - pluggable authentication modules (GSSAPI)
-ii tzdata 2022f-0ubuntu0.22.04.1 all time zone and daylight-saving time data
+ii tzdata 2022g-0ubuntu0.22.04.1 all time zone and daylight-saving time data
0.54.0
Notably, this release addresses:
USN-5767-1 USN-5767-1: Python vulnerabilities:
- CVE-2022-37454: The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.
- CVE-2022-45061: An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often supplied by remote servers that could be controlled by a malicious actor; in such a scenario, they could trigger excessive CPU consumption on the client attempting to make use of an attacker-supplied supposed hostname. For example, the attack payload could be placed in the Location header of an HTTP response with status code 302. A fix is planned in 3.11.1, 3.10.9, 3.9.16, 3.8.16, and 3.7.16.
- CVE-2022-45061: An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often supplied by remote servers that could be controlled by a malicious actor; in such a scenario, they could trigger excessive CPU consumption on the client attempting to make use of an attacker-supplied supposed hostname. For example, the attack payload could be placed in the Location header of an HTTP response with status code 302. A fix is planned in 3.11.1, 3.10.9, 3.9.16, 3.8.16, and 3.7.16.
- CVE-2022-37454: The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.
-ii libpython3.10:amd64 3.10.6-1~22.04.1 amd64 Shared Python runtime library (version 3.10)
-ii libpython3.10-minimal:amd64 3.10.6-1~22.04.1 amd64 Minimal subset of the Python language (version 3.10)
-ii libpython3.10-stdlib:amd64 3.10.6-1~22.04.1 amd64 Interactive high-level object-oriented language (standard library, version 3.10)
+ii libpython3.10:amd64 3.10.6-1~22.04.2 amd64 Shared Python runtime library (version 3.10)
+ii libpython3.10-minimal:amd64 3.10.6-1~22.04.2 amd64 Minimal subset of the Python language (version 3.10)
+ii libpython3.10-stdlib:amd64 3.10.6-1~22.04.2 amd64 Interactive high-level object-oriented language (standard library, version 3.10)
-ii libwbclient0:amd64 2:4.15.9+dfsg-0ubuntu0.2 amd64 Samba winbind client library
+ii libwbclient0:amd64 2:4.15.9+dfsg-0ubuntu0.3 amd64 Samba winbind client library
-ii python3.10 3.10.6-1~22.04.1 amd64 Interactive high-level object-oriented language (version 3.10)
-ii python3.10-minimal 3.10.6-1~22.04.1 amd64 Minimal subset of the Python language (version 3.10)
+ii python3.10 3.10.6-1~22.04.2 amd64 Interactive high-level object-oriented language (version 3.10)
+ii python3.10-minimal 3.10.6-1~22.04.2 amd64 Minimal subset of the Python language (version 3.10)
0.53.0
Notably, this release addresses:
USN-5762-1 USN-5762-1: GNU binutils vulnerability:
- CVE-2022-38533: In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfd_getl32 when called from the strip_main function in strip-new via a crafted file.
-ii binutils 2.38-4ubuntu2 amd64 GNU assembler, linker and binary utilities
-ii binutils-common:amd64 2.38-4ubuntu2 amd64 Common files for the GNU assembler, linker and binary utilities
-ii binutils-x86-64-linux-gnu 2.38-4ubuntu2 amd64 GNU binary utilities, for x86-64-linux-gnu target
+ii binutils 2.38-4ubuntu2.1 amd64 GNU assembler, linker and binary utilities
+ii binutils-common:amd64 2.38-4ubuntu2.1 amd64 Common files for the GNU assembler, linker and binary utilities
+ii binutils-x86-64-linux-gnu 2.38-4ubuntu2.1 amd64 GNU binary utilities, for x86-64-linux-gnu target
-ii libbinutils:amd64 2.38-4ubuntu2 amd64 GNU binary utilities (private shared library)
+ii libbinutils:amd64 2.38-4ubuntu2.1 amd64 GNU binary utilities (private shared library)
-ii libctf-nobfd0:amd64 2.38-4ubuntu2 amd64 Compact C Type Format library (runtime, no BFD dependency)
-ii libctf0:amd64 2.38-4ubuntu2 amd64 Compact C Type Format library (runtime, BFD dependency)
+ii libctf-nobfd0:amd64 2.38-4ubuntu2.1 amd64 Compact C Type Format library (runtime, no BFD dependency)
+ii libctf0:amd64 2.38-4ubuntu2.1 amd64 Compact C Type Format library (runtime, BFD dependency)