Overview

File _patchinfo of Package patchinfo.24762

<patchinfo incident="24762">
  <issue tracker="bnc" id="1201466">keylime_verifier.service and keylime_registrar got (code=exited, status=1/FAILURE) after update</issue>
  <issue tracker="bnc" id="1201866">keylime_verifier not working in SLE</issue>
  <issue tracker="cve" id="2022-1053"/>
  <issue tracker="cve" id="2022-31250"/>
  <issue tracker="bnc" id="1199253">VUL-0: CVE-2022-1053: keylime: Tenant and Verifier might not use the same registrar data</issue>
  <issue tracker="bnc" id="1200885">VUL-0: CVE-2022-31250: keylime: %post scriplet allows for privilege escalation from keylime user to root</issue>
  <packager>aplanas</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for keylime</summary>
  <description>This update for keylime fixes the following issues:

Update to version 6.3.2, including fixes for:

- CVE-2022-1053: Fixed Tenant and Verifier might not use the same registrar data (bsc#1199253).
- CVE-2022-31250: Fixed %post scriplet allows for privilege escalation from keylime user to root (bsc#1200885).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places