Security Update 5.0 44

Important Photon OS Security Update

Summary

Advisory Id : PHSA-2023-5.0-0044

Type : Security

Severity : ['Important', 'Moderate']

Issue date : 2023-07-05

Affected Release: 5.0

Details

Updates of ['libtiff', 'nerdctl', 'fuse-overlayfs-snapshotter'] packages of Photon OS have been released.

Affected Packages

Important

libtiff - ['CVE-2023-3618']

nerdctl - ['CVE-2023-27561', 'CVE-2019-19921', 'CVE-2023-28642']

fuse-overlayfs-snapshotter - ['CVE-2023-25173']

Moderate

libtiff - ['CVE-2023-25433', 'CVE-2023-26966', 'CVE-2023-2908', 'CVE-2023-3316', 'CVE-2023-25435', 'CVE-2023-2731']

nerdctl - ['CVE-2023-25809']

fuse-overlayfs-snapshotter - ['CVE-2022-23471', 'CVE-2023-25153']

Solution

Update the affected packages (tdnf update package)

Updated Packages Information

libtiff-4.5.1-1.ph5.x86_64.rpm | size : 380K , sha256 : fa181b8cdc9d0689bf85b4562ef83a7e18dfcf7c0f80349a84487a8832eb6df5 , build time : Wed, 05 Jul 2023 02:46:52 UTC

libtiff-devel-4.5.1-1.ph5.x86_64.rpm | size : 152K , sha256 : cf656679e71c0234677dc45b39e595bdb941f7d8ae992769d10076179d4f681f , build time : Wed, 05 Jul 2023 02:46:52 UTC

nerdctl-1.4.0-1.ph5.x86_64.rpm | size : 7.2M , sha256 : 7cd6790df1fb31f1721de9d7e42e507950baa4449b7b2bcf1332470f8d9a559a , build time : Wed, 05 Jul 2023 02:46:59 UTC

fuse-overlayfs-snapshotter-1.0.6-1.ph5.x86_64.rpm | size : 3.2M , sha256 : dfb45ab985f85ff4397526478d08fc906788246cbb9a1e3ac1c5f40125c0fdac , build time : Wed, 05 Jul 2023 02:46:59 UTC