SUSE-SU-2023:0603-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:0603-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2023:0603-1
- Related
- Published
- 2023-03-02T13:54:29Z
- Modified
- 2023-03-02T13:54:29Z
- Summary
- Security update for google-guest-agent
- Details
-
This update for google-guest-agent fixes the following issues:
Updated to version 20230222.00 (bsc#1202100, bsc#1202101) and bumped go API version to 1.18 to address the following (bsc#1208723):
- CVE-2021-38297: Fixed data overwrite when passing large arguments to GOARCH=wasm GOOS=js (bsc#1191468).
CVE-2022-23806: Fixed Curve.IsOnCurve to incorrectly return true (bsc#1195838).
Bugfixes:
Avoid bashim in post install scripts (bsc#1195391).
- References
-
- https://www.suse.com/support/update/announcement/2023/suse-su-20230603-1/
- https://bugzilla.suse.com/1191468
- https://bugzilla.suse.com/1195391
- https://bugzilla.suse.com/1195838
- https://bugzilla.suse.com/1202100
- https://bugzilla.suse.com/1202101
- https://bugzilla.suse.com/1208723
- https://www.suse.com/security/cve/CVE-2021-38297
- https://www.suse.com/security/cve/CVE-2022-23806