Security update for conmon
Announcement ID: | SUSE-SU-2022:4635-1 |
---|---|
Rating: | moderate |
References: | |
Cross-References: | |
CVSS scores: |
|
Affected Products: |
|
An update that solves one vulnerability can now be installed.
Description:
This update for conmon fixes the following issues:
conmon was updated to version 2.1.5:
- don't leak syslog_identifier
- logging: do not read more that the buf size
- logging: fix error handling
- Makefile: Fix install for FreeBSD
- signal: Track changes to get_signal_descriptor in the FreeBSD version
- Packit: initial enablement
Update to version 2.1.4:
- Fix a bug where conmon crashed when it got a SIGCHLD
update to 2.1.3:
- Stop using g_unix_signal_add() to avoid threads
- Rename CLI optionlog-size-global-max to log-global-size-max
Update to version 2.1.2:
- add log-global-size-max option to limit the total output conmon processes (CVE-2022-1708 bsc#1200285)
- journald: print tag and name if both are specified
- drop some logs to debug level
Update to version 2.1.0
- logging: buffer partial messages to journald
- exit: close all fds >= 3
- fix: cgroup: Free memory_cgroup_file_path if open fails.
Update to version 2.0.32
- Fix: Avoid mainfd_std{in,out} sharing the same file descriptor.
- exit_command: Fix: unset subreaper attribute before running exit command
Update to version 2.0.31 * logging: new mode -l passthrough * ctr_logs: use container name or ID as SYSLOG_IDENTIFIER for journald * conmon: Fix: free userdata files before exec cleanup
Patch Instructions:
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
-
openSUSE Leap Micro 5.3
zypper in -t patch openSUSE-Leap-Micro-5.3-2022-4635=1
-
openSUSE Leap 15.4
zypper in -t patch openSUSE-SLE-15.4-2022-4635=1
-
SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2022-4635=1
-
SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2022-4635=1
-
Containers Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Containers-15-SP4-2022-4635=1
Package List:
-
openSUSE Leap Micro 5.3 (aarch64 x86_64)
- conmon-debuginfo-2.1.5-150400.3.3.1
- conmon-2.1.5-150400.3.3.1
-
openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
- conmon-debuginfo-2.1.5-150400.3.3.1
- conmon-2.1.5-150400.3.3.1
-
SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
- conmon-debuginfo-2.1.5-150400.3.3.1
- conmon-2.1.5-150400.3.3.1
-
SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
- conmon-debuginfo-2.1.5-150400.3.3.1
- conmon-2.1.5-150400.3.3.1
-
Containers Module 15-SP4 (aarch64 ppc64le s390x x86_64)
- conmon-debuginfo-2.1.5-150400.3.3.1
- conmon-2.1.5-150400.3.3.1