# Critical Photon OS Security Update ## Summary Advisory Id : PHSA-2023-3.0-0603 Type : Security Severity : ['Critical', 'Important', 'Moderate', 'Low'] Issue date : 2023-06-26 Affected Release: 3.0 ## Details Updates of ['calico', 'cmake', 'bindutils', 'etcd', 'go', 'samba-client'] packages of Photon OS have been released. ## Affected Packages ### Critical calico - ['[CVE-2023-29404](https://nvd.nist.gov/vuln/detail/CVE-2023-29404)', '[CVE-2023-29405](https://nvd.nist.gov/vuln/detail/CVE-2023-29405)', '[CVE-2023-29402](https://nvd.nist.gov/vuln/detail/CVE-2023-29402)'] cmake - ['[CVE-2019-5481](https://nvd.nist.gov/vuln/detail/CVE-2019-5481)', '[CVE-2022-32221](https://nvd.nist.gov/vuln/detail/CVE-2022-32221)', '[CVE-2019-5482](https://nvd.nist.gov/vuln/detail/CVE-2019-5482)', '[CVE-2019-3822](https://nvd.nist.gov/vuln/detail/CVE-2019-3822)'] go - ['[CVE-2023-29404](https://nvd.nist.gov/vuln/detail/CVE-2023-29404)', '[CVE-2023-29405](https://nvd.nist.gov/vuln/detail/CVE-2023-29405)', '[CVE-2023-29402](https://nvd.nist.gov/vuln/detail/CVE-2023-29402)'] samba-client - ['[CVE-2022-44640](https://nvd.nist.gov/vuln/detail/CVE-2022-44640)'] ### Important calico - ['[CVE-2023-29403](https://nvd.nist.gov/vuln/detail/CVE-2023-29403)'] cmake - ['[CVE-2022-27782](https://nvd.nist.gov/vuln/detail/CVE-2022-27782)', '[CVE-2020-8286](https://nvd.nist.gov/vuln/detail/CVE-2020-8286)', '[CVE-2023-27533](https://nvd.nist.gov/vuln/detail/CVE-2023-27533)', '[CVE-2023-27534](https://nvd.nist.gov/vuln/detail/CVE-2023-27534)', '[CVE-2020-8285](https://nvd.nist.gov/vuln/detail/CVE-2020-8285)', '[CVE-2019-5443](https://nvd.nist.gov/vuln/detail/CVE-2019-5443)', '[CVE-2018-16890](https://nvd.nist.gov/vuln/detail/CVE-2018-16890)', '[CVE-2016-5420](https://nvd.nist.gov/vuln/detail/CVE-2016-5420)', '[CVE-2016-5419](https://nvd.nist.gov/vuln/detail/CVE-2016-5419)', '[CVE-2019-5436](https://nvd.nist.gov/vuln/detail/CVE-2019-5436)', '[CVE-2022-22576](https://nvd.nist.gov/vuln/detail/CVE-2022-22576)', '[CVE-2020-8169](https://nvd.nist.gov/vuln/detail/CVE-2020-8169)', '[CVE-2022-27781](https://nvd.nist.gov/vuln/detail/CVE-2022-27781)', '[CVE-2016-0755](https://nvd.nist.gov/vuln/detail/CVE-2016-0755)', '[CVE-2020-8231](https://nvd.nist.gov/vuln/detail/CVE-2020-8231)', '[CVE-2021-22946](https://nvd.nist.gov/vuln/detail/CVE-2021-22946)', '[CVE-2020-8177](https://nvd.nist.gov/vuln/detail/CVE-2020-8177)', '[CVE-2019-3823](https://nvd.nist.gov/vuln/detail/CVE-2019-3823)', '[CVE-2021-22926](https://nvd.nist.gov/vuln/detail/CVE-2021-22926)', '[CVE-2016-5421](https://nvd.nist.gov/vuln/detail/CVE-2016-5421)'] bindutils - ['[CVE-2023-2911](https://nvd.nist.gov/vuln/detail/CVE-2023-2911)', '[CVE-2023-2828](https://nvd.nist.gov/vuln/detail/CVE-2023-2828)'] go - ['[CVE-2023-29403](https://nvd.nist.gov/vuln/detail/CVE-2023-29403)'] samba-client - ['[CVE-2020-25720](https://nvd.nist.gov/vuln/detail/CVE-2020-25720)', '[CVE-2022-38023](https://nvd.nist.gov/vuln/detail/CVE-2022-38023)', '[CVE-2022-37966](https://nvd.nist.gov/vuln/detail/CVE-2022-37966)'] ### Moderate cmake - ['[CVE-2023-27535](https://nvd.nist.gov/vuln/detail/CVE-2023-27535)', '[CVE-2023-28321](https://nvd.nist.gov/vuln/detail/CVE-2023-28321)', '[CVE-2022-32206](https://nvd.nist.gov/vuln/detail/CVE-2022-32206)', '[CVE-2021-22876](https://nvd.nist.gov/vuln/detail/CVE-2021-22876)', '[CVE-2022-27774](https://nvd.nist.gov/vuln/detail/CVE-2022-27774)', '[CVE-2016-8616](https://nvd.nist.gov/vuln/detail/CVE-2016-8616)', '[CVE-2023-23916](https://nvd.nist.gov/vuln/detail/CVE-2023-23916)', '[CVE-2014-3620](https://nvd.nist.gov/vuln/detail/CVE-2014-3620)', '[CVE-2021-22922](https://nvd.nist.gov/vuln/detail/CVE-2021-22922)', '[CVE-2022-43552](https://nvd.nist.gov/vuln/detail/CVE-2022-43552)', '[CVE-2022-27776](https://nvd.nist.gov/vuln/detail/CVE-2022-27776)', '[CVE-2023-27536](https://nvd.nist.gov/vuln/detail/CVE-2023-27536)', '[CVE-2021-22923](https://nvd.nist.gov/vuln/detail/CVE-2021-22923)', '[CVE-2014-3613](https://nvd.nist.gov/vuln/detail/CVE-2014-3613)', '[CVE-2022-32208](https://nvd.nist.gov/vuln/detail/CVE-2022-32208)', '[CVE-2013-1944](https://nvd.nist.gov/vuln/detail/CVE-2013-1944)', '[CVE-2021-22947](https://nvd.nist.gov/vuln/detail/CVE-2021-22947)', '[CVE-2021-22897](https://nvd.nist.gov/vuln/detail/CVE-2021-22897)', '[CVE-2015-3153](https://nvd.nist.gov/vuln/detail/CVE-2015-3153)', '[CVE-2021-22925](https://nvd.nist.gov/vuln/detail/CVE-2021-22925)', '[CVE-2023-28320](https://nvd.nist.gov/vuln/detail/CVE-2023-28320)', '[CVE-2023-27538](https://nvd.nist.gov/vuln/detail/CVE-2023-27538)'] etcd - ['[CVE-2018-1099](https://nvd.nist.gov/vuln/detail/CVE-2018-1099)'] samba-client - ['[CVE-2023-0225](https://nvd.nist.gov/vuln/detail/CVE-2023-0225)', '[CVE-2022-37967](https://nvd.nist.gov/vuln/detail/CVE-2022-37967)', '[CVE-2023-0614](https://nvd.nist.gov/vuln/detail/CVE-2023-0614)'] ### Low cmake - ['[CVE-2019-5435](https://nvd.nist.gov/vuln/detail/CVE-2019-5435)', '[CVE-2020-8284](https://nvd.nist.gov/vuln/detail/CVE-2020-8284)', '[CVE-2022-35252](https://nvd.nist.gov/vuln/detail/CVE-2022-35252)', '[CVE-2021-22898](https://nvd.nist.gov/vuln/detail/CVE-2021-22898)', '[CVE-2021-22924](https://nvd.nist.gov/vuln/detail/CVE-2021-22924)', '[CVE-2023-28322](https://nvd.nist.gov/vuln/detail/CVE-2023-28322)'] ## Solution Update the affected packages (tdnf update package) ## Updated Packages Information calico-3.20.2-10.ph3.x86_64.rpm | size : 18M , sha256 : 144737d35052f643214f4eb75c84a9d71bfc0d043e32e9fd76f35c8e6ff512fa , build time : Sat, 24 Jun 2023 02:29:36 UTC calico-bgp-daemon-0.2.2-25.ph3.x86_64.rpm | size : 9.3M , sha256 : 4f3f1c66a4fbc784078235e0f12ab16b2a9377736a0a853f02237f705179478a , build time : Sat, 24 Jun 2023 02:51:34 UTC calico-cni-3.21.0-11.ph3.x86_64.rpm | size : 35M , sha256 : 9c84eff8fb639a5658759d14b15e8cd05ceded3b53b2459543b67db16612675b , build time : Sat, 24 Jun 2023 02:38:51 UTC calico-confd-0.16.0-18.ph3.x86_64.rpm | size : 5.9M , sha256 : 5bdef8b7c2d0f020042747d201b8d805409365a1d40d26b811c156fc0acc6789 , build time : Sat, 24 Jun 2023 02:49:53 UTC calico-felix-3.20.2-10.ph3.x86_64.rpm | size : 17M , sha256 : 559486eb3e3c8b2411513d3753f48c4003093b9886d11ffc04de1bfe2040e94c , build time : Sat, 24 Jun 2023 02:31:04 UTC calico-k8s-policy-3.21.0-11.ph3.x86_64.rpm | size : 13M , sha256 : a40d4c79ad501539a560e4795cb3e03d01a01f46eaa263fe9e9955bbf4dbf0a0 , build time : Sat, 24 Jun 2023 02:41:52 UTC calico-libnetwork-1.1.0-27.ph3.x86_64.rpm | size : 7.0M , sha256 : f78f5f62e4a451abd63c69c237b27ff07125653ff96e8522423988e68a5ad7a9 , build time : Sat, 24 Jun 2023 02:41:52 UTC cmake-3.13.5-2.ph3.x86_64.rpm | size : 15M , sha256 : ebc1f9e9d7f291a1c11aa9232cdcae8652cee6206f8047fecc88af87678a9034 , build time : Sat, 24 Jun 2023 02:26:31 UTC bindutils-9.16.38-2.ph3.x86_64.rpm | size : 4.8M , sha256 : b4d6aa72d2cb4ff4b528c6a795b2e869a5f36baf77f1646121203d915a149c61 , build time : Sat, 24 Jun 2023 02:25:33 UTC etcd-3.3.27-13.ph3.x86_64.rpm | size : 12M , sha256 : bb8036c835e29440a76bf56beb8e4f0b375c5106df056fbd825ce99d8c1fb750 , build time : Sat, 24 Jun 2023 02:36:32 UTC etcd-3.5.1-12.ph3.x86_64.rpm | size : 14M , sha256 : 3234ed04842beb855588e7a6a4da98eebb994f3e9183fad9cf92c266235866a6 , build time : Sat, 24 Jun 2023 02:31:23 UTC go-1.20.5-1.ph3.x86_64.rpm | size : 96M , sha256 : e029841e7c01fc2de54c80dc2dd8017f50e04bb7b76ebbe7e5e8e62b9629053d , build time : Sat, 24 Jun 2023 02:26:30 UTC go-md2man-2.0.0-21.ph3.x86_64.rpm | size : 808K , sha256 : d413d872e33106c4f13e901507edf75e74286c3a5cb997063c07521923bb866f , build time : Sat, 24 Jun 2023 02:27:34 UTC samba-client-4.17.8-1.ph3.x86_64.rpm | size : 1.4M , sha256 : 961496a9e4378912a5a0271399e2511eb996f56c37394292b1416e93911c406a , build time : Sat, 24 Jun 2023 02:32:05 UTC samba-client-devel-4.17.8-1.ph3.x86_64.rpm | size : 248K , sha256 : 90ed51194c99092e6a389347f4a406409bb0533d775f78d902db675c3ccd6305 , build time : Sat, 24 Jun 2023 02:32:05 UTC samba-client-libs-4.17.8-1.ph3.x86_64.rpm | size : 8.2M , sha256 : 1d6effdd7f1616df3f13af5f9ac54e5c6e7b5b0ff31d09f171b26468872ba4fc , build time : Sat, 24 Jun 2023 02:32:05 UTC