Download
| Alert*
|
oval:org.secpod.oval:def:89051709
This update for util-linux fixes the following issues: * CVE-2024-28085: Properly neutralize escape sequences in wall. * Prevent error message if `/var/lib/libuuid/clock.txt` does not exist * Fixed performance degradation oval:org.secpod.oval:def:613032 Skyler Ferrante discovered that the wall tool from util-linux does not properly handle escape sequences from command line arguments. A local attacker can take advantage of this flaw for information disclosure. With this update wall and write are not anymore installed with setgid tty. oval:org.secpod.oval:def:89051735 This update for util-linux fixes the following issues: * CVE-2024-28085: Properly neutralize escape sequences in wall oval:org.secpod.oval:def:99567 util-linux: miscellaneous system utilities util-linux could be made to expose sensitive information. oval:org.secpod.oval:def:99577 util-linux: miscellaneous system utilities Details: USN-6719-1 fixed a vulnerability in util-linux. Unfortunately, it was discovered that the fix did not fully address the issue. This update removes the setgid permission bit from the wall and write utilities. Original advisory util-linux could be ma ... oval:org.secpod.oval:def:89051739 This update for util-linux fixes the following issues: * CVE-2024-28085: Properly neutralize escape sequences in wall oval:org.secpod.oval:def:89051736 This update for util-linux fixes the following issues: * CVE-2024-28085: Properly neutralize escape sequences in wall oval:org.secpod.oval:def:708858 util-linux: miscellaneous system utilities util-linux could be made to expose sensitive information. oval:org.secpod.oval:def:708869 util-linux: miscellaneous system utilities Details: USN-6719-1 fixed a vulnerability in util-linux. Unfortunately, it was discovered that the fix did not fully address the issue. This update removes the setgid permission bit from the wall and write utilities. Original advisory util-linux could be ma ... oval:org.secpod.oval:def:89051737 This update for util-linux fixes the following issues: * CVE-2024-28085: Properly neutralize escape sequences in wall |
