Skip to content
This repository has been archived by the owner on Oct 10, 2023. It is now read-only.

0.342.0
Compare
Choose a tag to compare
@cf-buildpacks-eng cf-buildpacks-eng released this 29 Nov 20:24
· 27 commits to main since this release
0.342.0
d8153b5

Notably, this release addresses:

USN-5745-2 USN-5745-2: shadow regression:

USN-5748-1 USN-5748-1: Sysstat vulnerability:

  • CVE-2022-39377: sysstat is a set of system performance tools for the Linux operating system. On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1, allocate_structures contains a size_t overflow in sa_common.c. The allocate_structures function insufficiently checks bounds before arithmetic multiplication, allowing for an overflow in the size allocated for the buffer representing system activities. This issue may lead to Remote Code Execution (RCE). This issue has been patched in version 12.7.1.
-ii  login   1:4.5-1ubuntu2.4  amd64  system login tools
+ii  login   1:4.5-1ubuntu2.5  amd64  system login tools
-ii  passwd  1:4.5-1ubuntu2.4  amd64  change and administer password and group data
+ii  passwd  1:4.5-1ubuntu2.5  amd64  change and administer password and group data
-ii  sysstat 11.6.1-1ubuntu0.1 amd64  system performance tools for Linux
+ii  sysstat 11.6.1-1ubuntu0.2 amd64  system performance tools for Linux
Assets 3
Loading