sysstat-11.7.3-11.el8

エラータID: AXSA:2023-7101:05

Release date: 
Friday, December 22, 2023 - 09:29
Subject: 
sysstat-11.7.3-11.el8
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

The sysstat packages provide the sar and iostat commands. These commands enable system monitoring of disk, network, and other I/O activity.

Security Fix(es):

* sysstat: check_overflow() function can work incorrectly that lead to an overflow (CVE-2023-33204)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Asianux Server 8.9 Release Notes linked from the References section.

CVE-2023-33204
sysstat through 12.7.2 allows a multiplication integer overflow in check_overflow in common.c. NOTE: this issue exists because of an incomplete fix for CVE-2022-39377.

Solution: 

Update packages.

CVEs: 
CVE-2023-33204
sysstat through 12.7.2 allows a multiplication integer overflow in check_overflow in common.c. NOTE: this issue exists because of an incomplete fix for CVE-2022-39377.
Additional Info: 

N/A

Download: 

SRPMS
  1. sysstat-11.7.3-11.el8.src.rpm
    MD5: d81ede6d4af2a4c8486e15c7ba4a7fde
    SHA-256: 82e67792c9fe86973eb321a5509c328b2deb0015400147efdee78e380ada9205
    Size: 567.38 kB

Asianux Server 8 for x86_64
  1. sysstat-11.7.3-11.el8.x86_64.rpm
    MD5: 28e66df84daaee7b6a2a8207a4abf116
    SHA-256: 44aefe79c75c2ea724a775509e4fd7b865c6eabd61890b6aa514eb06ebe7590d
    Size: 425.24 kB