Release date:
2023-03-02 19:07:42 UTC
Description:
* SECURITY UPDATE: Within the lg_init() function, if several allocations
succeed but then one fails, an uninitialized pointer would have been
freed despite never being allocated.
- debian/patches/CVE-2022-34480.patch: avoid using uninitialized pointer
- CVE-2022-34480
Updated packages:
-
libnss3_3.28.4-0ubuntu0.16.04.14+tuxcare.els4_amd64.deb
sha:43e35f758829a003388bda34fa9c12ff9e6a06a2
-
libnss3-1d_3.28.4-0ubuntu0.16.04.14+tuxcare.els4_amd64.deb
sha:4dd31be5cc5e88d35aab0e99e368b2fed4512878
-
libnss3-dev_3.28.4-0ubuntu0.16.04.14+tuxcare.els4_amd64.deb
sha:4508a86ad926b29e38b7c53f0bc5abb50d5641e7
-
libnss3-nssdb_3.28.4-0ubuntu0.16.04.14+tuxcare.els4_all.deb
sha:b9af9b63b976ebd43a6ba919d9d1d1eb63d12fd6
-
libnss3-tools_3.28.4-0ubuntu0.16.04.14+tuxcare.els4_amd64.deb
sha:917869153a563ea3d075a3e3e481ea9aa7a4776b
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
