Security update for libeconf SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2023:3639-1 Final 1 1 2023-09-18T11:33:33Z current 2023-09-18T11:33:33Z 2023-09-18T11:33:33Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for libeconf This update for libeconf fixes the following issues: Update to version 0.5.2. - CVE-2023-30078, CVE-2023-32181: Fixed a stack-buffer-overflow vulnerability in 'econf_writeFile' function (bsc#1211078). - CVE-2023-30079, CVE-2023-22652: Fixed a stack-buffer-overflow vulnerability in 'read_file' function. (bsc#1211078) The following non-security bug was fixed: - Fixed parsing files correctly which have space characters AND none space characters as delimiters (bsc#1198165). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Container ses/7.1/ceph/grafana:latest-2023-3639,Container ses/7.1/ceph/haproxy:latest-2023-3639,Container ses/7.1/ceph/keepalived:latest-2023-3639,Container ses/7.1/ceph/prometheus-alertmanager:latest-2023-3639,Container ses/7.1/ceph/prometheus-node-exporter:latest-2023-3639,Container ses/7.1/ceph/prometheus-server:latest-2023-3639,Container ses/7.1/ceph/prometheus-snmp_notifier:latest-2023-3639,Container ses/7.1/cephcsi/cephcsi:latest-2023-3639,Container ses/7.1/cephcsi/csi-attacher:v4.1.0-2023-3639,Container ses/7.1/cephcsi/csi-node-driver-registrar:v2.7.0-2023-3639,Container ses/7.1/cephcsi/csi-provisioner:v3.4.0-2023-3639,Container ses/7.1/cephcsi/csi-resizer:v1.7.0-2023-3639,Container ses/7.1/cephcsi/csi-snapshotter:v6.2.1-2023-3639,Container ses/7.1/rook/ceph:latest-2023-3639,Container suse/ltss/sle15.3/bci-base:latest-2023-3639,Container suse/sle-micro-rancher/5.2:latest-2023-3639,Container suse/sle-micro/5.1/toolbox:latest-2023-3639,Container suse/sle-micro/5.2/toolbox:latest-2023-3639,Container suse/sle15:15.3-2023-3639,Image SLES15-SP3-BYOS-Azure-2023-3639,Image SLES15-SP3-BYOS-EC2-HVM-2023-3639,Image SLES15-SP3-BYOS-GCE-2023-3639,Image SLES15-SP3-CHOST-BYOS-Aliyun-2023-3639,Image SLES15-SP3-CHOST-BYOS-Azure-2023-3639,Image SLES15-SP3-CHOST-BYOS-EC2-2023-3639,Image SLES15-SP3-CHOST-BYOS-GCE-2023-3639,Image SLES15-SP3-CHOST-BYOS-SAP-CCloud-2023-3639,Image SLES15-SP3-HPC-BYOS-Azure-2023-3639,Image SLES15-SP3-HPC-BYOS-EC2-HVM-2023-3639,Image SLES15-SP3-HPC-BYOS-GCE-2023-3639,Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure-2023-3639,Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM-2023-3639,Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE-2023-3639,Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure-2023-3639,Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM-2023-3639,Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE-2023-3639,Image SLES15-SP3-Micro-5-1-BYOS-Azure-2023-3639,Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM-2023-3639,Image SLES15-SP3-Micro-5-1-BYOS-GCE-2023-3639,Image SLES15-SP3-Micro-5-2-BYOS-Azure-2023-3639,Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM-2023-3639,Image SLES15-SP3-Micro-5-2-BYOS-GCE-2023-3639,Image SLES15-SP3-SAP-Azure-LI-BYOS-Production-2023-3639,Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production-2023-3639,Image SLES15-SP3-SAP-BYOS-Azure-2023-3639,Image SLES15-SP3-SAP-BYOS-EC2-HVM-2023-3639,Image SLES15-SP3-SAP-BYOS-GCE-2023-3639,Image SLES15-SP3-SAPCAL-Azure-2023-3639,Image SLES15-SP3-SAPCAL-EC2-HVM-2023-3639,Image SLES15-SP3-SAPCAL-GCE-2023-3639,SUSE-2023-3639,SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2023-3639,SUSE-SLE-Product-SUSE-Manager-Server-4.2-2023-3639,SUSE-SUSE-MicroOS-5.1-2023-3639,SUSE-SUSE-MicroOS-5.2-2023-3639 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2023/suse-su-20233639-1/ Link for SUSE-SU-2023:3639-1 https://lists.suse.com/pipermail/sle-security-updates/2023-September/016174.html E-Mail link for SUSE-SU-2023:3639-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1198165 SUSE Bug 1198165 https://bugzilla.suse.com/1211078 SUSE Bug 1211078 https://www.suse.com/security/cve/CVE-2023-22652/ SUSE CVE CVE-2023-22652 page https://www.suse.com/security/cve/CVE-2023-30078/ SUSE CVE CVE-2023-30078 page https://www.suse.com/security/cve/CVE-2023-30079/ SUSE CVE CVE-2023-30079 page https://www.suse.com/security/cve/CVE-2023-32181/ SUSE CVE CVE-2023-32181 page Container ses/7.1/ceph/grafana:latest Container ses/7.1/ceph/haproxy:latest Container ses/7.1/ceph/keepalived:latest Container ses/7.1/ceph/prometheus-alertmanager:latest Container ses/7.1/ceph/prometheus-node-exporter:latest Container ses/7.1/ceph/prometheus-server:latest Container ses/7.1/ceph/prometheus-snmp_notifier:latest Container ses/7.1/cephcsi/cephcsi:latest Container ses/7.1/cephcsi/csi-attacher:v4.1.0 Container ses/7.1/cephcsi/csi-node-driver-registrar:v2.7.0 Container ses/7.1/cephcsi/csi-provisioner:v3.4.0 Container ses/7.1/cephcsi/csi-resizer:v1.7.0 Container ses/7.1/cephcsi/csi-snapshotter:v6.2.1 Container ses/7.1/rook/ceph:latest Container suse/ltss/sle15.3/bci-base:latest Container suse/sle-micro-rancher/5.2:latest Container suse/sle-micro/5.1/toolbox:latest Container suse/sle-micro/5.2/toolbox:latest Container suse/sle15:15.3 Image SLES15-SP3-BYOS-Azure Image SLES15-SP3-BYOS-EC2-HVM Image SLES15-SP3-BYOS-GCE Image SLES15-SP3-CHOST-BYOS-Aliyun Image SLES15-SP3-CHOST-BYOS-Azure Image SLES15-SP3-CHOST-BYOS-EC2 Image SLES15-SP3-CHOST-BYOS-GCE Image SLES15-SP3-CHOST-BYOS-SAP-CCloud Image SLES15-SP3-HPC-BYOS-Azure Image SLES15-SP3-HPC-BYOS-EC2-HVM Image SLES15-SP3-HPC-BYOS-GCE Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE Image SLES15-SP3-Micro-5-1-BYOS-Azure Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM Image SLES15-SP3-Micro-5-1-BYOS-GCE Image SLES15-SP3-Micro-5-2-BYOS-Azure Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM Image SLES15-SP3-Micro-5-2-BYOS-GCE Image SLES15-SP3-SAP-Azure-LI-BYOS-Production Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production Image SLES15-SP3-SAP-BYOS-Azure Image SLES15-SP3-SAP-BYOS-EC2-HVM Image SLES15-SP3-SAP-BYOS-GCE Image SLES15-SP3-SAPCAL-Azure Image SLES15-SP3-SAPCAL-EC2-HVM Image SLES15-SP3-SAPCAL-GCE SUSE Linux Enterprise Micro 5.1 SUSE Linux Enterprise Micro 5.2 SUSE Manager Proxy 4.2 SUSE Manager Server 4.2 libeconf0-0.5.2-150300.3.11.1 libeconf-devel-0.5.2-150300.3.11.1 libeconf-utils-0.5.2-150300.3.11.1 libeconf0-32bit-0.5.2-150300.3.11.1 libeconf0-64bit-0.5.2-150300.3.11.1 libeconf0-0.5.2-150300.3.11.1 as a component of Container ses/7.1/ceph/grafana:latest libeconf0-0.5.2-150300.3.11.1 as a component of Container ses/7.1/ceph/haproxy:latest libeconf0-0.5.2-150300.3.11.1 as a component of Container ses/7.1/ceph/keepalived:latest libeconf0-0.5.2-150300.3.11.1 as a component of Container ses/7.1/ceph/prometheus-alertmanager:latest libeconf0-0.5.2-150300.3.11.1 as a component of Container ses/7.1/ceph/prometheus-node-exporter:latest libeconf0-0.5.2-150300.3.11.1 as a component of Container ses/7.1/ceph/prometheus-server:latest libeconf0-0.5.2-150300.3.11.1 as a component of Container ses/7.1/ceph/prometheus-snmp_notifier:latest libeconf0-0.5.2-150300.3.11.1 as a component of Container ses/7.1/cephcsi/cephcsi:latest libeconf0-0.5.2-150300.3.11.1 as a component of Container ses/7.1/cephcsi/csi-attacher:v4.1.0 libeconf0-0.5.2-150300.3.11.1 as a component of Container ses/7.1/cephcsi/csi-node-driver-registrar:v2.7.0 libeconf0-0.5.2-150300.3.11.1 as a component of Container ses/7.1/cephcsi/csi-provisioner:v3.4.0 libeconf0-0.5.2-150300.3.11.1 as a component of Container ses/7.1/cephcsi/csi-resizer:v1.7.0 libeconf0-0.5.2-150300.3.11.1 as a component of Container ses/7.1/cephcsi/csi-snapshotter:v6.2.1 libeconf0-0.5.2-150300.3.11.1 as a component of Container ses/7.1/rook/ceph:latest libeconf0-0.5.2-150300.3.11.1 as a component of Container suse/ltss/sle15.3/bci-base:latest libeconf0-0.5.2-150300.3.11.1 as a component of Container suse/sle-micro-rancher/5.2:latest libeconf0-0.5.2-150300.3.11.1 as a component of Container suse/sle-micro/5.1/toolbox:latest libeconf0-0.5.2-150300.3.11.1 as a component of Container suse/sle-micro/5.2/toolbox:latest libeconf0-0.5.2-150300.3.11.1 as a component of Container suse/sle15:15.3 libeconf0-0.5.2-150300.3.11.1 as a component of Image SLES15-SP3-BYOS-Azure libeconf0-0.5.2-150300.3.11.1 as a component of Image SLES15-SP3-BYOS-EC2-HVM libeconf0-0.5.2-150300.3.11.1 as a component of Image SLES15-SP3-BYOS-GCE libeconf0-0.5.2-150300.3.11.1 as a component of Image SLES15-SP3-CHOST-BYOS-Aliyun libeconf0-0.5.2-150300.3.11.1 as a component of Image SLES15-SP3-CHOST-BYOS-Azure libeconf0-0.5.2-150300.3.11.1 as a component of Image SLES15-SP3-CHOST-BYOS-EC2 libeconf0-0.5.2-150300.3.11.1 as a component of Image SLES15-SP3-CHOST-BYOS-GCE libeconf0-0.5.2-150300.3.11.1 as a component of Image SLES15-SP3-CHOST-BYOS-SAP-CCloud libeconf0-0.5.2-150300.3.11.1 as a component of Image SLES15-SP3-HPC-BYOS-Azure libeconf0-0.5.2-150300.3.11.1 as a component of Image SLES15-SP3-HPC-BYOS-EC2-HVM libeconf0-0.5.2-150300.3.11.1 as a component of Image SLES15-SP3-HPC-BYOS-GCE libeconf0-0.5.2-150300.3.11.1 as a component of Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure libeconf0-0.5.2-150300.3.11.1 as a component of Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM libeconf0-0.5.2-150300.3.11.1 as a component of Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE libeconf0-0.5.2-150300.3.11.1 as a component of Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure libeconf0-0.5.2-150300.3.11.1 as a component of Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM libeconf0-0.5.2-150300.3.11.1 as a component of Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE libeconf0-0.5.2-150300.3.11.1 as a component of Image SLES15-SP3-Micro-5-1-BYOS-Azure libeconf0-0.5.2-150300.3.11.1 as a component of Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM libeconf0-0.5.2-150300.3.11.1 as a component of Image SLES15-SP3-Micro-5-1-BYOS-GCE libeconf0-0.5.2-150300.3.11.1 as a component of Image SLES15-SP3-Micro-5-2-BYOS-Azure libeconf0-0.5.2-150300.3.11.1 as a component of Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM libeconf0-0.5.2-150300.3.11.1 as a component of Image SLES15-SP3-Micro-5-2-BYOS-GCE libeconf0-0.5.2-150300.3.11.1 as a component of Image SLES15-SP3-SAP-Azure-LI-BYOS-Production libeconf0-0.5.2-150300.3.11.1 as a component of Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production libeconf0-0.5.2-150300.3.11.1 as a component of Image SLES15-SP3-SAP-BYOS-Azure libeconf0-0.5.2-150300.3.11.1 as a component of Image SLES15-SP3-SAP-BYOS-EC2-HVM libeconf0-0.5.2-150300.3.11.1 as a component of Image SLES15-SP3-SAP-BYOS-GCE libeconf0-0.5.2-150300.3.11.1 as a component of Image SLES15-SP3-SAPCAL-Azure libeconf0-0.5.2-150300.3.11.1 as a component of Image SLES15-SP3-SAPCAL-EC2-HVM libeconf0-0.5.2-150300.3.11.1 as a component of Image SLES15-SP3-SAPCAL-GCE libeconf0-0.5.2-150300.3.11.1 as a component of SUSE Linux Enterprise Micro 5.1 libeconf0-0.5.2-150300.3.11.1 as a component of SUSE Linux Enterprise Micro 5.2 libeconf0-0.5.2-150300.3.11.1 as a component of SUSE Manager Proxy 4.2 libeconf0-0.5.2-150300.3.11.1 as a component of SUSE Manager Server 4.2 A Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in openSUSE libeconf leads to DoS via malformed config files. This issue affects libeconf: before 0.5.2. CVE-2023-22652 Container ses/7.1/ceph/grafana:latest:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/ceph/haproxy:latest:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/ceph/keepalived:latest:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/ceph/prometheus-alertmanager:latest:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/ceph/prometheus-node-exporter:latest:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/ceph/prometheus-server:latest:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/ceph/prometheus-snmp_notifier:latest:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/cephcsi/cephcsi:latest:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/cephcsi/csi-attacher:v4.1.0:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/cephcsi/csi-node-driver-registrar:v2.7.0:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/cephcsi/csi-provisioner:v3.4.0:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/cephcsi/csi-resizer:v1.7.0:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/cephcsi/csi-snapshotter:v6.2.1:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/rook/ceph:latest:libeconf0-0.5.2-150300.3.11.1 Container suse/ltss/sle15.3/bci-base:latest:libeconf0-0.5.2-150300.3.11.1 Container suse/sle-micro-rancher/5.2:latest:libeconf0-0.5.2-150300.3.11.1 Container suse/sle-micro/5.1/toolbox:latest:libeconf0-0.5.2-150300.3.11.1 Container suse/sle-micro/5.2/toolbox:latest:libeconf0-0.5.2-150300.3.11.1 Container suse/sle15:15.3:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-BYOS-Azure:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-BYOS-EC2-HVM:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-BYOS-GCE:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-CHOST-BYOS-Aliyun:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-CHOST-BYOS-Azure:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-CHOST-BYOS-EC2:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-CHOST-BYOS-GCE:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-CHOST-BYOS-SAP-CCloud:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-HPC-BYOS-Azure:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-HPC-BYOS-EC2-HVM:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-HPC-BYOS-GCE:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Micro-5-1-BYOS-Azure:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Micro-5-1-BYOS-GCE:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Micro-5-2-BYOS-Azure:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Micro-5-2-BYOS-GCE:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-SAP-BYOS-Azure:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-SAP-BYOS-GCE:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-SAPCAL-Azure:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-SAPCAL-EC2-HVM:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-SAPCAL-GCE:libeconf0-0.5.2-150300.3.11.1 SUSE Linux Enterprise Micro 5.1:libeconf0-0.5.2-150300.3.11.1 SUSE Linux Enterprise Micro 5.2:libeconf0-0.5.2-150300.3.11.1 SUSE Manager Proxy 4.2:libeconf0-0.5.2-150300.3.11.1 SUSE Manager Server 4.2:libeconf0-0.5.2-150300.3.11.1 important 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20233639-1/ https://www.suse.com/security/cve/CVE-2023-22652.html CVE-2023-22652 https://bugzilla.suse.com/1211078 SUSE Bug 1211078 ** REJECT ** DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-32181. Reason: This record is a duplicate of CVE-2023-32181. Notes: All CVE users should reference CVE-2023-32181 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage. CVE-2023-30078 Container ses/7.1/ceph/grafana:latest:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/ceph/haproxy:latest:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/ceph/keepalived:latest:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/ceph/prometheus-alertmanager:latest:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/ceph/prometheus-node-exporter:latest:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/ceph/prometheus-server:latest:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/ceph/prometheus-snmp_notifier:latest:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/cephcsi/cephcsi:latest:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/cephcsi/csi-attacher:v4.1.0:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/cephcsi/csi-node-driver-registrar:v2.7.0:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/cephcsi/csi-provisioner:v3.4.0:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/cephcsi/csi-resizer:v1.7.0:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/cephcsi/csi-snapshotter:v6.2.1:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/rook/ceph:latest:libeconf0-0.5.2-150300.3.11.1 Container suse/ltss/sle15.3/bci-base:latest:libeconf0-0.5.2-150300.3.11.1 Container suse/sle-micro-rancher/5.2:latest:libeconf0-0.5.2-150300.3.11.1 Container suse/sle-micro/5.1/toolbox:latest:libeconf0-0.5.2-150300.3.11.1 Container suse/sle-micro/5.2/toolbox:latest:libeconf0-0.5.2-150300.3.11.1 Container suse/sle15:15.3:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-BYOS-Azure:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-BYOS-EC2-HVM:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-BYOS-GCE:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-CHOST-BYOS-Aliyun:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-CHOST-BYOS-Azure:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-CHOST-BYOS-EC2:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-CHOST-BYOS-GCE:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-CHOST-BYOS-SAP-CCloud:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-HPC-BYOS-Azure:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-HPC-BYOS-EC2-HVM:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-HPC-BYOS-GCE:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Micro-5-1-BYOS-Azure:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Micro-5-1-BYOS-GCE:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Micro-5-2-BYOS-Azure:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Micro-5-2-BYOS-GCE:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-SAP-BYOS-Azure:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-SAP-BYOS-GCE:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-SAPCAL-Azure:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-SAPCAL-EC2-HVM:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-SAPCAL-GCE:libeconf0-0.5.2-150300.3.11.1 SUSE Linux Enterprise Micro 5.1:libeconf0-0.5.2-150300.3.11.1 SUSE Linux Enterprise Micro 5.2:libeconf0-0.5.2-150300.3.11.1 SUSE Manager Proxy 4.2:libeconf0-0.5.2-150300.3.11.1 SUSE Manager Server 4.2:libeconf0-0.5.2-150300.3.11.1 important 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20233639-1/ https://www.suse.com/security/cve/CVE-2023-30078.html CVE-2023-30078 https://bugzilla.suse.com/1211078 SUSE Bug 1211078 https://bugzilla.suse.com/1214597 SUSE Bug 1214597 ** REJECT ** DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-22652. Reason: This record is a duplicate of CVE-2023-22652. Notes: All CVE users should reference CVE-2023-22652 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage. CVE-2023-30079 Container ses/7.1/ceph/grafana:latest:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/ceph/haproxy:latest:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/ceph/keepalived:latest:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/ceph/prometheus-alertmanager:latest:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/ceph/prometheus-node-exporter:latest:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/ceph/prometheus-server:latest:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/ceph/prometheus-snmp_notifier:latest:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/cephcsi/cephcsi:latest:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/cephcsi/csi-attacher:v4.1.0:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/cephcsi/csi-node-driver-registrar:v2.7.0:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/cephcsi/csi-provisioner:v3.4.0:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/cephcsi/csi-resizer:v1.7.0:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/cephcsi/csi-snapshotter:v6.2.1:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/rook/ceph:latest:libeconf0-0.5.2-150300.3.11.1 Container suse/ltss/sle15.3/bci-base:latest:libeconf0-0.5.2-150300.3.11.1 Container suse/sle-micro-rancher/5.2:latest:libeconf0-0.5.2-150300.3.11.1 Container suse/sle-micro/5.1/toolbox:latest:libeconf0-0.5.2-150300.3.11.1 Container suse/sle-micro/5.2/toolbox:latest:libeconf0-0.5.2-150300.3.11.1 Container suse/sle15:15.3:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-BYOS-Azure:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-BYOS-EC2-HVM:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-BYOS-GCE:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-CHOST-BYOS-Aliyun:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-CHOST-BYOS-Azure:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-CHOST-BYOS-EC2:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-CHOST-BYOS-GCE:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-CHOST-BYOS-SAP-CCloud:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-HPC-BYOS-Azure:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-HPC-BYOS-EC2-HVM:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-HPC-BYOS-GCE:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Micro-5-1-BYOS-Azure:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Micro-5-1-BYOS-GCE:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Micro-5-2-BYOS-Azure:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Micro-5-2-BYOS-GCE:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-SAP-BYOS-Azure:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-SAP-BYOS-GCE:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-SAPCAL-Azure:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-SAPCAL-EC2-HVM:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-SAPCAL-GCE:libeconf0-0.5.2-150300.3.11.1 SUSE Linux Enterprise Micro 5.1:libeconf0-0.5.2-150300.3.11.1 SUSE Linux Enterprise Micro 5.2:libeconf0-0.5.2-150300.3.11.1 SUSE Manager Proxy 4.2:libeconf0-0.5.2-150300.3.11.1 SUSE Manager Server 4.2:libeconf0-0.5.2-150300.3.11.1 important 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20233639-1/ https://www.suse.com/security/cve/CVE-2023-30079.html CVE-2023-30079 https://bugzilla.suse.com/1211078 SUSE Bug 1211078 https://bugzilla.suse.com/1214598 SUSE Bug 1214598 A Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in openSUSE libeconf allows for DoS via malformed configuration files This issue affects libeconf: before 0.5.2. CVE-2023-32181 Container ses/7.1/ceph/grafana:latest:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/ceph/haproxy:latest:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/ceph/keepalived:latest:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/ceph/prometheus-alertmanager:latest:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/ceph/prometheus-node-exporter:latest:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/ceph/prometheus-server:latest:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/ceph/prometheus-snmp_notifier:latest:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/cephcsi/cephcsi:latest:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/cephcsi/csi-attacher:v4.1.0:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/cephcsi/csi-node-driver-registrar:v2.7.0:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/cephcsi/csi-provisioner:v3.4.0:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/cephcsi/csi-resizer:v1.7.0:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/cephcsi/csi-snapshotter:v6.2.1:libeconf0-0.5.2-150300.3.11.1 Container ses/7.1/rook/ceph:latest:libeconf0-0.5.2-150300.3.11.1 Container suse/ltss/sle15.3/bci-base:latest:libeconf0-0.5.2-150300.3.11.1 Container suse/sle-micro-rancher/5.2:latest:libeconf0-0.5.2-150300.3.11.1 Container suse/sle-micro/5.1/toolbox:latest:libeconf0-0.5.2-150300.3.11.1 Container suse/sle-micro/5.2/toolbox:latest:libeconf0-0.5.2-150300.3.11.1 Container suse/sle15:15.3:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-BYOS-Azure:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-BYOS-EC2-HVM:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-BYOS-GCE:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-CHOST-BYOS-Aliyun:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-CHOST-BYOS-Azure:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-CHOST-BYOS-EC2:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-CHOST-BYOS-GCE:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-CHOST-BYOS-SAP-CCloud:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-HPC-BYOS-Azure:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-HPC-BYOS-EC2-HVM:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-HPC-BYOS-GCE:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Micro-5-1-BYOS-Azure:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Micro-5-1-BYOS-GCE:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Micro-5-2-BYOS-Azure:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-Micro-5-2-BYOS-GCE:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-SAP-BYOS-Azure:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-SAP-BYOS-EC2-HVM:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-SAP-BYOS-GCE:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-SAPCAL-Azure:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-SAPCAL-EC2-HVM:libeconf0-0.5.2-150300.3.11.1 Image SLES15-SP3-SAPCAL-GCE:libeconf0-0.5.2-150300.3.11.1 SUSE Linux Enterprise Micro 5.1:libeconf0-0.5.2-150300.3.11.1 SUSE Linux Enterprise Micro 5.2:libeconf0-0.5.2-150300.3.11.1 SUSE Manager Proxy 4.2:libeconf0-0.5.2-150300.3.11.1 SUSE Manager Server 4.2:libeconf0-0.5.2-150300.3.11.1 important 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20233639-1/ https://www.suse.com/security/cve/CVE-2023-32181.html CVE-2023-32181 https://bugzilla.suse.com/1211078 SUSE Bug 1211078