openSUSE-SU-2025:0030-1: moderate: Security update for dante

openSUSE Security Update: Security update for dante ______________________________________________________________________________ Announcement ID: openSUSE-SU-2025:0030-1 Rating: moderate References: #1234688 Cross-References: CVE-2024-54662 Affected Products: openSUSE Backports SLE-15-SP6 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for dante fixes the following issues: - Update to version 1.4.4 * Fixed incorrect access control for some sockd.conf configurations involving socksmethod (boo#1234688, CVE-2024-54662). Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP6: zypper in -t patch openSUSE-2025-30=1 Package List: - openSUSE Backports SLE-15-SP6 (aarch64 ppc64le s390x x86_64): dante-1.4.4-bp156.4.3.1 dante-devel-1.4.4-bp156.4.3.1 dante-server-1.4.4-bp156.4.3.1 libsocks0-1.4.4-bp156.4.3.1 - openSUSE Backports SLE-15-SP6 (aarch64_ilp32): dante-devel-64bit-1.4.4-bp156.4.3.1 libsocks0-64bit-1.4.4-bp156.4.3.1 References: https://www.suse.com/security/cve/CVE-2024-54662.html https://bugzilla.suse.com/1234688
participants (1)
-
opensuse-security@opensuse.org