SUSE-SU-2025:0011-1
- Source
- https://www.suse.com/support/update/announcement/2025/suse-su-20250011-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:0011-1.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/SUSE-SU-2025:0011-1
- Related
- Published
- 2025-01-03T16:49:05Z
- Modified
- 2025-01-03T16:49:05Z
- Summary
- Security update for pcp
- Details
-
This update for pcp fixes the following issues:
Upgrade to 6.2.0 (bsc#1217826 / PED#8192):
- CVE-2024-45770: Fixed symlink race (bsc#1230552).
- CVE-2024-45769: Fixed pmstore corruption (bsc#1230551)
- CVE-2023-6917: Fixed local privilege escalation from pcp user to root (bsc#1217826).
Bug fixes:
- Reintroduce libuv support for SLE >= 15 (bsc#1231345).
- move pmlogger_daily into main package (bsc#1222815)
- References
-
- https://www.suse.com/support/update/announcement/2025/suse-su-20250011-1/
- https://bugzilla.suse.com/1217826
- https://bugzilla.suse.com/1222815
- https://bugzilla.suse.com/1230551
- https://bugzilla.suse.com/1230552
- https://bugzilla.suse.com/1231345
- https://www.suse.com/security/cve/CVE-2023-6917
- https://www.suse.com/security/cve/CVE-2024-45769
- https://www.suse.com/security/cve/CVE-2024-45770