UbuntuUpdates.org

Package "libnss-resolve"

Name: libnss-resolve

Description:

nss module to resolve names via systemd-resolved

Latest version: 249.11-0ubuntu3.7
Release: jammy (22.04)
Level: security
Repository: universe
Head package: systemd
Homepage: https://www.freedesktop.org/wiki/Software/systemd

Links


Download "libnss-resolve"


Other versions of "libnss-resolve" in Jammy

Repository Area Version
base universe 249.11-0ubuntu3
updates universe 249.11-0ubuntu3.12
proposed universe 249.11-0ubuntu3.13

Changelog

Version: 249.11-0ubuntu3.7 2023-03-07 19:07:13 UTC

  systemd (249.11-0ubuntu3.7) jammy-security; urgency=medium

  * SECURITY UPDATE: buffer overrun vulnerability in format_timespan()
    - debian/patches/CVE-2022-3821.patch: time-util: fix buffer-over-run
    - CVE-2022-3821
  * SECURITY UPDATE: information leak vulnerability in systemd-coredump
    - debian/patches/CVE-2022-4415.patch: do not allow user to access
      coredumps with changed uid/gid/capabilities
    - CVE-2022-4415

 -- Nishit Majithia <email address hidden> Thu, 02 Mar 2023 18:28:02 +0530

CVE-2022-3821 An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time a
CVE-2022-4415 A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpab



About   -   Send Feedback to @ubuntu_updates