Bugzilla – Bug 1216591
VUL-0: CVE-2023-46316: traceroute: wrapper scripts do not properly parse command lines
Last modified: 2024-07-12 16:31:28 UTC
In buc Traceroute 2.0.12 through 2.1.2 before 2.1.3, the wrapper scripts do not properly parse command lines. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-46316 https://security-tracker.debian.org/tracker/CVE-2023-46316
All maintained codestreams affected: - SUSE:ALP:Source:Standard:1.0 - SUSE:SLE-12:Update - SUSE:SLE-15:Update
Submitted into ALP: https://build.suse.de/request/show/313505
Will submit into 15,12/traceroute soon.
15 https://build.suse.de/request/show/313508 12 https://build.suse.de/request/show/313509 I guess you will have to force review for mosquetero anyway. I believe all fixed.
SUSE-SU-2023:4623-1: An update that solves one vulnerability can now be installed. Category: security (moderate) Bug References: 1216591 CVE References: CVE-2023-46316 Sources used: openSUSE Leap Micro 5.3 (src): traceroute-2.0.21-150000.3.3.1 openSUSE Leap Micro 5.4 (src): traceroute-2.0.21-150000.3.3.1 openSUSE Leap 15.4 (src): traceroute-2.0.21-150000.3.3.1 openSUSE Leap 15.5 (src): traceroute-2.0.21-150000.3.3.1 SUSE Linux Enterprise Micro for Rancher 5.3 (src): traceroute-2.0.21-150000.3.3.1 SUSE Linux Enterprise Micro 5.3 (src): traceroute-2.0.21-150000.3.3.1 SUSE Linux Enterprise Micro for Rancher 5.4 (src): traceroute-2.0.21-150000.3.3.1 SUSE Linux Enterprise Micro 5.4 (src): traceroute-2.0.21-150000.3.3.1 SUSE Linux Enterprise Micro 5.5 (src): traceroute-2.0.21-150000.3.3.1 Basesystem Module 15-SP4 (src): traceroute-2.0.21-150000.3.3.1 Basesystem Module 15-SP5 (src): traceroute-2.0.21-150000.3.3.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:4656-1: An update that solves one vulnerability can now be installed. Category: security (moderate) Bug References: 1216591 CVE References: CVE-2023-46316 Sources used: SUSE Linux Enterprise High Performance Computing 12 SP5 (src): traceroute-2.0.19-3.6.1 SUSE Linux Enterprise Server 12 SP5 (src): traceroute-2.0.19-3.6.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src): traceroute-2.0.19-3.6.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
I guess gleidi user has to accept review for (In reply to Petr Gajdos from comment #7) > Submitted into ALP: > https://build.suse.de/request/show/313505
https://build.suse.de/request/show/313505 has reached SUSE:ALP:Source:Standard:1.0 . I'm resolving this bug as fixed.
SUSE-SU-2024:2468-1: An update that solves one vulnerability can now be installed. Category: security (moderate) Bug References: 1216591 CVE References: CVE-2023-46316 Maintenance Incident: [SUSE:Maintenance:31622](https://smelt.suse.de/incident/31622/) Sources used: SUSE Linux Enterprise Micro 5.5 (src): traceroute-2.0.21-150000.3.3.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.