cloud-init-23.1.1-10.el8.ML.1
エラータID: AXSA:2023-7278:09
Release date:
Tuesday, December 26, 2023 - 00:11
Subject:
cloud-init-23.1.1-10.el8.ML.1
Affected Channels:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
Cloud-init is a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install ssh keys and to let the user run various scripts.
Security Fix(es):
* cloud-init: sensitive data could be exposed in logs (CVE-2023-1786)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2023-1786
Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find hashed passwords and possibly escalate their privilege.
Solution:
Update packages.
CVEs:
CVE-2023-1786
Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find hashed passwords and possibly escalate their privilege.
Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find hashed passwords and possibly escalate their privilege.
Additional Info:
N/A
Download:
SRPMS
- cloud-init-23.1.1-10.el8.ML.1.src.rpm
MD5: 39f1141c3dceade1665a723d5f4b99ae
SHA-256: 0aa1a20f604584ee1a012f9e51068e03857877811fde5c5af42b616676d2b374
Size: 1.56 MB
Asianux Server 8 for x86_64
- cloud-init-23.1.1-10.el8.ML.1.noarch.rpm
MD5: ffe7d379933f53c86673121989baf4e5
SHA-256: 4e5d2bac3ec14fe3970a3853b5a0e305284b994630e59e1dff41fd2b1ebd0bf2
Size: 1.21 MB
日本語