Skip to content

Security Update 4.0 380

Mukul Sikka edited this page Nov 18, 2024 · 588 revisions

Critical Photon OS Security Update

Summary

Advisory Id : PHSA-2023-4.0-0380

Type : Security

Severity : ['Critical', 'Important', 'Moderate']

Issue date : 2023-04-25

Affected Release: 4.0

Details

Updates of ['redis', 'vim', 'bluez', 'libxml2', 'libyang'] packages of Photon OS have been released.

Affected Packages

Critical

bluez - ['CVE-2021-43400']

Important

vim - ['CVE-2022-2286', 'CVE-2022-2816', 'CVE-2022-2289', 'CVE-2022-2285', 'CVE-2022-2817', 'CVE-2022-2522', 'CVE-2022-2889', 'CVE-2022-3235', 'CVE-2022-3016', 'CVE-2022-2343', 'CVE-2022-3296', 'CVE-2022-4141', 'CVE-2022-2849', 'CVE-2022-3491', 'CVE-2022-3234', 'CVE-2022-2862', 'CVE-2022-2344', 'CVE-2022-3297', 'CVE-2022-2345', 'CVE-2022-3099', 'CVE-2022-2284', 'CVE-2022-2287', 'CVE-2022-2264', 'CVE-2022-2288', 'CVE-2022-3134', 'CVE-2022-2304', 'CVE-2022-3352', 'CVE-2022-3037', 'CVE-2022-2982', 'CVE-2022-2581', 'CVE-2022-2580', 'CVE-2022-3256', 'CVE-2022-2571', 'CVE-2022-2257', 'CVE-2022-3705']

libyang - ['CVE-2023-26917']

Moderate

redis - ['CVE-2023-28856']

vim - ['CVE-2022-2598', 'CVE-2023-1264', 'CVE-2022-3153', 'CVE-2023-1170', 'CVE-2022-3278', 'CVE-2022-2874', 'CVE-2022-2980', 'CVE-2022-2845', 'CVE-2022-2923', 'CVE-2022-4293', 'CVE-2023-1175']

bluez - ['CVE-2022-3637', 'CVE-2022-3563']

libxml2 - ['CVE-2023-29469', 'CVE-2023-28484']

libyang - ['CVE-2023-26916']

Solution

Update the affected packages (tdnf update package)

Updated Packages Information

redis-7.0.0-8.ph4.x86_64.rpm | size : 1.4M , sha256 : 49c87dbbf94a16c5811e1db8cb71c30cdf871b2b64c138162ecb0fb7891127d7 , build time : Tue, 25 Apr 2023 02:58:06 UTC

vim-9.0.1392-1.ph4.x86_64.rpm | size : 1.6M , sha256 : 3ed98e76b59603c39d76d8a5c0b063aab294c3667263c4ac315507e2d20e8cff , build time : Tue, 25 Apr 2023 02:57:57 UTC

vim-extra-9.0.1392-1.ph4.x86_64.rpm | size : 7.4M , sha256 : f68f891f1ea0fd0d4dd3a474e2ed6955840c8393a04e82eda2dd69e03980612f , build time : Tue, 25 Apr 2023 02:57:57 UTC

bluez-5.65-1.ph4.x86_64.rpm | size : 1.5M , sha256 : 6a95c5cd1b40abc8ae7ff87e62f4a35500e3ac775ce8541fa4a6a2e56f074813 , build time : Tue, 25 Apr 2023 02:59:43 UTC

bluez-devel-5.65-1.ph4.x86_64.rpm | size : 36K , sha256 : a39b212544e14180c94a836b1df3d77ab63a844d85d8c0aa556caf26264c477a , build time : Tue, 25 Apr 2023 02:59:43 UTC

bluez-tools-0.2.0.20140808-3.ph4.x86_64.rpm | size : 204K , sha256 : 1def15ed0bfbf00e6518fb851859e0c96f2d2bf1ae0686fc96aaf76718b7c344 , build time : Tue, 25 Apr 2023 03:01:01 UTC

libxml2-2.9.12-8.ph4.x86_64.rpm | size : 640K , sha256 : 6aff6a2eb4a2156a4c630ea13c78324df3ff74bcf540e83908714634bb030b86 , build time : Tue, 25 Apr 2023 02:57:57 UTC

libxml2-devel-2.9.12-8.ph4.x86_64.rpm | size : 628K , sha256 : ad21f6e37a1c309f8d96c72ad9d3a0bba3fb50d7fb29797ea5215ef3c937373c , build time : Tue, 25 Apr 2023 02:57:57 UTC

libyang-2.1.55-1.ph4.x86_64.rpm | size : 480K , sha256 : ca20242ffe71d00fc89f290a12cb3a0f2bba21cc0642944ddcdd7ec8ff3afad5 , build time : Tue, 25 Apr 2023 02:57:59 UTC

libyang-devel-2.1.55-1.ph4.x86_64.rpm | size : 92K , sha256 : d2b74a3ddbadf9252f43646894d94d88fa25360122e372651ba6d45606ed25a7 , build time : Tue, 25 Apr 2023 02:57:59 UTC

libyang-tools-2.1.55-1.ph4.x86_64.rpm | size : 56K , sha256 : cc1fe3670207076ffcf37ddc39648700a2d52d5b70d3526bbf1b6561886031d6 , build time : Tue, 25 Apr 2023 02:57:59 UTC

Clone this wiki locally