cloud-init-23.1.1-11.el9.ML.1
エラータID: AXSA:2023-7004:08
Release date:
Thursday, December 14, 2023 - 23:15
Subject:
cloud-init-23.1.1-11.el9.ML.1
Affected Channels:
MIRACLE LINUX 9 for x86_64
Severity:
Moderate
Description:
The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install SSH keys, and to let the user run various scripts.
Security Fix(es):
* cloud-init: sensitive data could be exposed in logs (CVE-2023-1786)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2023-1786
Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find hashed passwords and possibly escalate their privilege.
Solution:
Update packages.
CVEs:
CVE-2023-1786
Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find hashed passwords and possibly escalate their privilege.
Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find hashed passwords and possibly escalate their privilege.
Additional Info:
N/A
Download:
SRPMS
- cloud-init-23.1.1-11.el9.ML.1.src.rpm
MD5: a6df3f05dea9bcfdb2f8d66ad7fea65f
SHA-256: d3a925d91d9dea26a791eb876052642c4a7248a3ef06457f571273ede5139b4f
Size: 1.55 MB
Asianux Server 9 for x86_64
- cloud-init-23.1.1-11.el9.ML.1.noarch.rpm
MD5: 56ae2f5fbb8deb2157a5f8513873076a
SHA-256: 953393ed35392c814e4a459ed2f7b003ca859d2d9f244e0dba0d45144765c0cc
Size: 1.03 MB
日本語