Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.851652 |
Kategorie: | SuSE Local Security Checks |
Titel: | openSUSE: Security Advisory for tboot (openSUSE-SU-2017:3100-1) |
Zusammenfassung: | The remote host is missing an update for the 'tboot'; package(s) announced via the referenced advisory. |
Beschreibung: | Summary: The remote host is missing an update for the 'tboot' package(s) announced via the referenced advisory. Vulnerability Insight: This update for tboot fixes the following issues: Security issues fixed: - CVE-2017-16837: Fix tbootfailed to validate a number of immutable function pointers, which could allow an attacker to bypass the chain of trust and execute arbitrary code (boo#1068390). - Make tboot package compatible with OpenSSL 1.1.0 for SLE-15 support (boo#1067229). Bug fixes: - Update to new upstream version. See the referenced release notes for details (1.9.6 1.9.5, FATE#321510 1.9.4, FATE#320665 1.8.3, FATE#318542). - Fix some gcc7 warnings that lead to errors. (boo#1041264) - Fix wrong pvops kernel config matching (boo#981948) - Fix an excessive stack usage pattern that could lead to resets/crashes (boo#967441) - fixes a boot issue on Skylake (boo#964408) - Trim filler words from description use modern macros over shell vars. - Add reproducible.patch to call gzip -n to make build fully reproducible. Affected Software/OS: tboot on openSUSE Leap 42.3, openSUSE Leap 42.2 Solution: Please install the updated package(s). CVSS Score: 4.6 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P |
Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2017-16837 |
Copyright | Copyright (C) 2017 Greenbone Networks GmbH |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |