Security update for shadow SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2024:1007-2 Final 1 1 2024-03-27T09:51:45Z current 2024-03-27T09:51:45Z 2024-03-27T09:51:45Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for shadow This update for shadow fixes the following issues: - CVE-2023-29383: Fixed apparent /etc/shadow manipulation via chfn (bsc#1210507). - CVE-2023-4641: Fixed possible password leak during passwd(1) change (bsc#1214806). The following non-security bugs were fixed: - bsc#1176006: Fix chage date miscalculation - bsc#1188307: Fix passwd segfault - bsc#1203823: Remove pam_keyinit from PAM config files - bsc#1213189: Change lock mechanism to file locking to prevent lock files after power interruptions - bsc#1206627: Add --prefix support to passwd, chpasswd and chage - bsc#1205502: useradd audit event user id field cannot be interpretedd The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Container suse/sle-micro/5.5/toolbox:latest-2024-1007,Container suse/sle-micro/5.5:latest-2024-1007,Container suse/sle-micro/base-5.5:latest-2024-1007,Container suse/sle-micro/kvm-5.5:latest-2024-1007,Container suse/sle-micro/rt-5.5:latest-2024-1007,Image SLES15-SP5-Manager-Proxy-5-0-BYOS-2024-1007,Image SLES15-SP5-Manager-Proxy-5-0-BYOS-Azure-2024-1007,Image SLES15-SP5-Manager-Proxy-5-0-BYOS-EC2-2024-1007,Image SLES15-SP5-Manager-Proxy-5-0-BYOS-GCE-2024-1007,Image SLES15-SP5-Manager-Server-5-0-2024-1007,Image SLES15-SP5-Manager-Server-5-0-Azure-llc-2024-1007,Image SLES15-SP5-Manager-Server-5-0-Azure-ltd-2024-1007,Image SLES15-SP5-Manager-Server-5-0-BYOS-2024-1007,Image SLES15-SP5-Manager-Server-5-0-BYOS-Azure-2024-1007,Image SLES15-SP5-Manager-Server-5-0-BYOS-EC2-2024-1007,Image SLES15-SP5-Manager-Server-5-0-BYOS-GCE-2024-1007,Image SLES15-SP5-Manager-Server-5-0-EC2-llc-2024-1007,Image SLES15-SP5-Manager-Server-5-0-EC2-ltd-2024-1007,Image SLES15-SP5-Micro-5-5-2024-1007,Image SLES15-SP5-Micro-5-5-Azure-2024-1007,Image SLES15-SP5-Micro-5-5-BYOS-2024-1007,Image SLES15-SP5-Micro-5-5-BYOS-Azure-2024-1007,Image SLES15-SP5-Micro-5-5-BYOS-EC2-2024-1007,Image SLES15-SP5-Micro-5-5-BYOS-GCE-2024-1007,Image SLES15-SP5-Micro-5-5-EC2-2024-1007,Image SLES15-SP5-Micro-5-5-GCE-2024-1007,SUSE-2024-1007,SUSE-SLE-Micro-5.5-2024-1007 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2024/suse-su-20241007-2/ Link for SUSE-SU-2024:1007-2 https://lists.suse.com/pipermail/sle-updates/2024-August/036530.html E-Mail link for SUSE-SU-2024:1007-2 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1144060 SUSE Bug 1144060 https://bugzilla.suse.com/1176006 SUSE Bug 1176006 https://bugzilla.suse.com/1188307 SUSE Bug 1188307 https://bugzilla.suse.com/1203823 SUSE Bug 1203823 https://bugzilla.suse.com/1205502 SUSE Bug 1205502 https://bugzilla.suse.com/1206627 SUSE Bug 1206627 https://bugzilla.suse.com/1210507 SUSE Bug 1210507 https://bugzilla.suse.com/1213189 SUSE Bug 1213189 https://bugzilla.suse.com/1214806 SUSE Bug 1214806 https://www.suse.com/security/cve/CVE-2023-29383/ SUSE CVE CVE-2023-29383 page https://www.suse.com/security/cve/CVE-2023-4641/ SUSE CVE CVE-2023-4641 page Container suse/sle-micro/5.5/toolbox:latest Container suse/sle-micro/5.5:latest Container suse/sle-micro/base-5.5:latest Container suse/sle-micro/kvm-5.5:latest Container suse/sle-micro/rt-5.5:latest Image SLES15-SP5-Manager-Proxy-5-0-BYOS Image SLES15-SP5-Manager-Proxy-5-0-BYOS-Azure Image SLES15-SP5-Manager-Proxy-5-0-BYOS-EC2 Image SLES15-SP5-Manager-Proxy-5-0-BYOS-GCE Image SLES15-SP5-Manager-Server-5-0 Image SLES15-SP5-Manager-Server-5-0-Azure-llc Image SLES15-SP5-Manager-Server-5-0-Azure-ltd Image SLES15-SP5-Manager-Server-5-0-BYOS Image SLES15-SP5-Manager-Server-5-0-BYOS-Azure Image SLES15-SP5-Manager-Server-5-0-BYOS-EC2 Image SLES15-SP5-Manager-Server-5-0-BYOS-GCE Image SLES15-SP5-Manager-Server-5-0-EC2-llc Image SLES15-SP5-Manager-Server-5-0-EC2-ltd Image SLES15-SP5-Micro-5-5 Image SLES15-SP5-Micro-5-5-Azure Image SLES15-SP5-Micro-5-5-BYOS Image SLES15-SP5-Micro-5-5-BYOS-Azure Image SLES15-SP5-Micro-5-5-BYOS-EC2 Image SLES15-SP5-Micro-5-5-BYOS-GCE Image SLES15-SP5-Micro-5-5-EC2 Image SLES15-SP5-Micro-5-5-GCE SUSE Linux Enterprise Micro 5.5 login_defs-4.8.1-150500.3.3.1 shadow-4.8.1-150500.3.3.1 login_defs-4.8.1-150500.3.3.1 as a component of Container suse/sle-micro/5.5/toolbox:latest shadow-4.8.1-150500.3.3.1 as a component of Container suse/sle-micro/5.5/toolbox:latest login_defs-4.8.1-150500.3.3.1 as a component of Container suse/sle-micro/5.5:latest shadow-4.8.1-150500.3.3.1 as a component of Container suse/sle-micro/5.5:latest login_defs-4.8.1-150500.3.3.1 as a component of Container suse/sle-micro/base-5.5:latest shadow-4.8.1-150500.3.3.1 as a component of Container suse/sle-micro/base-5.5:latest login_defs-4.8.1-150500.3.3.1 as a component of Container suse/sle-micro/kvm-5.5:latest shadow-4.8.1-150500.3.3.1 as a component of Container suse/sle-micro/kvm-5.5:latest login_defs-4.8.1-150500.3.3.1 as a component of Container suse/sle-micro/rt-5.5:latest shadow-4.8.1-150500.3.3.1 as a component of Container suse/sle-micro/rt-5.5:latest login_defs-4.8.1-150500.3.3.1 as a component of Image SLES15-SP5-Manager-Proxy-5-0-BYOS shadow-4.8.1-150500.3.3.1 as a component of Image SLES15-SP5-Manager-Proxy-5-0-BYOS login_defs-4.8.1-150500.3.3.1 as a component of Image SLES15-SP5-Manager-Proxy-5-0-BYOS-Azure shadow-4.8.1-150500.3.3.1 as a component of Image SLES15-SP5-Manager-Proxy-5-0-BYOS-Azure login_defs-4.8.1-150500.3.3.1 as a component of Image SLES15-SP5-Manager-Proxy-5-0-BYOS-EC2 shadow-4.8.1-150500.3.3.1 as a component of Image SLES15-SP5-Manager-Proxy-5-0-BYOS-EC2 login_defs-4.8.1-150500.3.3.1 as a component of Image SLES15-SP5-Manager-Proxy-5-0-BYOS-GCE shadow-4.8.1-150500.3.3.1 as a component of Image SLES15-SP5-Manager-Proxy-5-0-BYOS-GCE login_defs-4.8.1-150500.3.3.1 as a component of Image SLES15-SP5-Manager-Server-5-0 shadow-4.8.1-150500.3.3.1 as a component of Image SLES15-SP5-Manager-Server-5-0 login_defs-4.8.1-150500.3.3.1 as a component of Image SLES15-SP5-Manager-Server-5-0-Azure-llc shadow-4.8.1-150500.3.3.1 as a component of Image SLES15-SP5-Manager-Server-5-0-Azure-llc login_defs-4.8.1-150500.3.3.1 as a component of Image SLES15-SP5-Manager-Server-5-0-Azure-ltd shadow-4.8.1-150500.3.3.1 as a component of Image SLES15-SP5-Manager-Server-5-0-Azure-ltd login_defs-4.8.1-150500.3.3.1 as a component of Image SLES15-SP5-Manager-Server-5-0-BYOS shadow-4.8.1-150500.3.3.1 as a component of Image SLES15-SP5-Manager-Server-5-0-BYOS login_defs-4.8.1-150500.3.3.1 as a component of Image SLES15-SP5-Manager-Server-5-0-BYOS-Azure shadow-4.8.1-150500.3.3.1 as a component of Image SLES15-SP5-Manager-Server-5-0-BYOS-Azure login_defs-4.8.1-150500.3.3.1 as a component of Image SLES15-SP5-Manager-Server-5-0-BYOS-EC2 shadow-4.8.1-150500.3.3.1 as a component of Image SLES15-SP5-Manager-Server-5-0-BYOS-EC2 login_defs-4.8.1-150500.3.3.1 as a component of Image SLES15-SP5-Manager-Server-5-0-BYOS-GCE shadow-4.8.1-150500.3.3.1 as a component of Image SLES15-SP5-Manager-Server-5-0-BYOS-GCE login_defs-4.8.1-150500.3.3.1 as a component of Image SLES15-SP5-Manager-Server-5-0-EC2-llc shadow-4.8.1-150500.3.3.1 as a component of Image SLES15-SP5-Manager-Server-5-0-EC2-llc login_defs-4.8.1-150500.3.3.1 as a component of Image SLES15-SP5-Manager-Server-5-0-EC2-ltd shadow-4.8.1-150500.3.3.1 as a component of Image SLES15-SP5-Manager-Server-5-0-EC2-ltd login_defs-4.8.1-150500.3.3.1 as a component of Image SLES15-SP5-Micro-5-5 shadow-4.8.1-150500.3.3.1 as a component of Image SLES15-SP5-Micro-5-5 login_defs-4.8.1-150500.3.3.1 as a component of Image SLES15-SP5-Micro-5-5-Azure shadow-4.8.1-150500.3.3.1 as a component of Image SLES15-SP5-Micro-5-5-Azure login_defs-4.8.1-150500.3.3.1 as a component of Image SLES15-SP5-Micro-5-5-BYOS shadow-4.8.1-150500.3.3.1 as a component of Image SLES15-SP5-Micro-5-5-BYOS login_defs-4.8.1-150500.3.3.1 as a component of Image SLES15-SP5-Micro-5-5-BYOS-Azure shadow-4.8.1-150500.3.3.1 as a component of Image SLES15-SP5-Micro-5-5-BYOS-Azure login_defs-4.8.1-150500.3.3.1 as a component of Image SLES15-SP5-Micro-5-5-BYOS-EC2 shadow-4.8.1-150500.3.3.1 as a component of Image SLES15-SP5-Micro-5-5-BYOS-EC2 login_defs-4.8.1-150500.3.3.1 as a component of Image SLES15-SP5-Micro-5-5-BYOS-GCE shadow-4.8.1-150500.3.3.1 as a component of Image SLES15-SP5-Micro-5-5-BYOS-GCE login_defs-4.8.1-150500.3.3.1 as a component of Image SLES15-SP5-Micro-5-5-EC2 shadow-4.8.1-150500.3.3.1 as a component of Image SLES15-SP5-Micro-5-5-EC2 login_defs-4.8.1-150500.3.3.1 as a component of Image SLES15-SP5-Micro-5-5-GCE shadow-4.8.1-150500.3.3.1 as a component of Image SLES15-SP5-Micro-5-5-GCE login_defs-4.8.1-150500.3.3.1 as a component of SUSE Linux Enterprise Micro 5.5 shadow-4.8.1-150500.3.3.1 as a component of SUSE Linux Enterprise Micro 5.5 In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account. CVE-2023-29383 Container suse/sle-micro/5.5/toolbox:latest:login_defs-4.8.1-150500.3.3.1 Container suse/sle-micro/5.5/toolbox:latest:shadow-4.8.1-150500.3.3.1 Container suse/sle-micro/5.5:latest:login_defs-4.8.1-150500.3.3.1 Container suse/sle-micro/5.5:latest:shadow-4.8.1-150500.3.3.1 Container suse/sle-micro/base-5.5:latest:login_defs-4.8.1-150500.3.3.1 Container suse/sle-micro/base-5.5:latest:shadow-4.8.1-150500.3.3.1 Container suse/sle-micro/kvm-5.5:latest:login_defs-4.8.1-150500.3.3.1 Container suse/sle-micro/kvm-5.5:latest:shadow-4.8.1-150500.3.3.1 Container suse/sle-micro/rt-5.5:latest:login_defs-4.8.1-150500.3.3.1 Container suse/sle-micro/rt-5.5:latest:shadow-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Proxy-5-0-BYOS-Azure:login_defs-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Proxy-5-0-BYOS-Azure:shadow-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Proxy-5-0-BYOS-EC2:login_defs-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Proxy-5-0-BYOS-EC2:shadow-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Proxy-5-0-BYOS-GCE:login_defs-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Proxy-5-0-BYOS-GCE:shadow-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Proxy-5-0-BYOS:login_defs-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Proxy-5-0-BYOS:shadow-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Server-5-0-Azure-llc:login_defs-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Server-5-0-Azure-llc:shadow-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Server-5-0-Azure-ltd:login_defs-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Server-5-0-Azure-ltd:shadow-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Server-5-0-BYOS-Azure:login_defs-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Server-5-0-BYOS-Azure:shadow-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Server-5-0-BYOS-EC2:login_defs-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Server-5-0-BYOS-EC2:shadow-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Server-5-0-BYOS-GCE:login_defs-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Server-5-0-BYOS-GCE:shadow-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Server-5-0-BYOS:login_defs-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Server-5-0-BYOS:shadow-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Server-5-0-EC2-llc:login_defs-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Server-5-0-EC2-llc:shadow-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Server-5-0-EC2-ltd:login_defs-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Server-5-0-EC2-ltd:shadow-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Server-5-0:login_defs-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Server-5-0:shadow-4.8.1-150500.3.3.1 Image SLES15-SP5-Micro-5-5-Azure:login_defs-4.8.1-150500.3.3.1 Image SLES15-SP5-Micro-5-5-Azure:shadow-4.8.1-150500.3.3.1 Image SLES15-SP5-Micro-5-5-BYOS-Azure:login_defs-4.8.1-150500.3.3.1 Image SLES15-SP5-Micro-5-5-BYOS-Azure:shadow-4.8.1-150500.3.3.1 Image SLES15-SP5-Micro-5-5-BYOS-EC2:login_defs-4.8.1-150500.3.3.1 Image SLES15-SP5-Micro-5-5-BYOS-EC2:shadow-4.8.1-150500.3.3.1 Image SLES15-SP5-Micro-5-5-BYOS-GCE:login_defs-4.8.1-150500.3.3.1 Image SLES15-SP5-Micro-5-5-BYOS-GCE:shadow-4.8.1-150500.3.3.1 Image SLES15-SP5-Micro-5-5-BYOS:login_defs-4.8.1-150500.3.3.1 Image SLES15-SP5-Micro-5-5-BYOS:shadow-4.8.1-150500.3.3.1 Image SLES15-SP5-Micro-5-5-EC2:login_defs-4.8.1-150500.3.3.1 Image SLES15-SP5-Micro-5-5-EC2:shadow-4.8.1-150500.3.3.1 Image SLES15-SP5-Micro-5-5-GCE:login_defs-4.8.1-150500.3.3.1 Image SLES15-SP5-Micro-5-5-GCE:shadow-4.8.1-150500.3.3.1 Image SLES15-SP5-Micro-5-5:login_defs-4.8.1-150500.3.3.1 Image SLES15-SP5-Micro-5-5:shadow-4.8.1-150500.3.3.1 SUSE Linux Enterprise Micro 5.5:login_defs-4.8.1-150500.3.3.1 SUSE Linux Enterprise Micro 5.5:shadow-4.8.1-150500.3.3.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20241007-2/ https://www.suse.com/security/cve/CVE-2023-29383.html CVE-2023-29383 https://bugzilla.suse.com/1210507 SUSE Bug 1210507 A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from the memory. CVE-2023-4641 Container suse/sle-micro/5.5/toolbox:latest:login_defs-4.8.1-150500.3.3.1 Container suse/sle-micro/5.5/toolbox:latest:shadow-4.8.1-150500.3.3.1 Container suse/sle-micro/5.5:latest:login_defs-4.8.1-150500.3.3.1 Container suse/sle-micro/5.5:latest:shadow-4.8.1-150500.3.3.1 Container suse/sle-micro/base-5.5:latest:login_defs-4.8.1-150500.3.3.1 Container suse/sle-micro/base-5.5:latest:shadow-4.8.1-150500.3.3.1 Container suse/sle-micro/kvm-5.5:latest:login_defs-4.8.1-150500.3.3.1 Container suse/sle-micro/kvm-5.5:latest:shadow-4.8.1-150500.3.3.1 Container suse/sle-micro/rt-5.5:latest:login_defs-4.8.1-150500.3.3.1 Container suse/sle-micro/rt-5.5:latest:shadow-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Proxy-5-0-BYOS-Azure:login_defs-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Proxy-5-0-BYOS-Azure:shadow-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Proxy-5-0-BYOS-EC2:login_defs-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Proxy-5-0-BYOS-EC2:shadow-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Proxy-5-0-BYOS-GCE:login_defs-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Proxy-5-0-BYOS-GCE:shadow-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Proxy-5-0-BYOS:login_defs-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Proxy-5-0-BYOS:shadow-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Server-5-0-Azure-llc:login_defs-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Server-5-0-Azure-llc:shadow-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Server-5-0-Azure-ltd:login_defs-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Server-5-0-Azure-ltd:shadow-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Server-5-0-BYOS-Azure:login_defs-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Server-5-0-BYOS-Azure:shadow-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Server-5-0-BYOS-EC2:login_defs-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Server-5-0-BYOS-EC2:shadow-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Server-5-0-BYOS-GCE:login_defs-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Server-5-0-BYOS-GCE:shadow-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Server-5-0-BYOS:login_defs-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Server-5-0-BYOS:shadow-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Server-5-0-EC2-llc:login_defs-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Server-5-0-EC2-llc:shadow-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Server-5-0-EC2-ltd:login_defs-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Server-5-0-EC2-ltd:shadow-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Server-5-0:login_defs-4.8.1-150500.3.3.1 Image SLES15-SP5-Manager-Server-5-0:shadow-4.8.1-150500.3.3.1 Image SLES15-SP5-Micro-5-5-Azure:login_defs-4.8.1-150500.3.3.1 Image SLES15-SP5-Micro-5-5-Azure:shadow-4.8.1-150500.3.3.1 Image SLES15-SP5-Micro-5-5-BYOS-Azure:login_defs-4.8.1-150500.3.3.1 Image SLES15-SP5-Micro-5-5-BYOS-Azure:shadow-4.8.1-150500.3.3.1 Image SLES15-SP5-Micro-5-5-BYOS-EC2:login_defs-4.8.1-150500.3.3.1 Image SLES15-SP5-Micro-5-5-BYOS-EC2:shadow-4.8.1-150500.3.3.1 Image SLES15-SP5-Micro-5-5-BYOS-GCE:login_defs-4.8.1-150500.3.3.1 Image SLES15-SP5-Micro-5-5-BYOS-GCE:shadow-4.8.1-150500.3.3.1 Image SLES15-SP5-Micro-5-5-BYOS:login_defs-4.8.1-150500.3.3.1 Image SLES15-SP5-Micro-5-5-BYOS:shadow-4.8.1-150500.3.3.1 Image SLES15-SP5-Micro-5-5-EC2:login_defs-4.8.1-150500.3.3.1 Image SLES15-SP5-Micro-5-5-EC2:shadow-4.8.1-150500.3.3.1 Image SLES15-SP5-Micro-5-5-GCE:login_defs-4.8.1-150500.3.3.1 Image SLES15-SP5-Micro-5-5-GCE:shadow-4.8.1-150500.3.3.1 Image SLES15-SP5-Micro-5-5:login_defs-4.8.1-150500.3.3.1 Image SLES15-SP5-Micro-5-5:shadow-4.8.1-150500.3.3.1 SUSE Linux Enterprise Micro 5.5:login_defs-4.8.1-150500.3.3.1 SUSE Linux Enterprise Micro 5.5:shadow-4.8.1-150500.3.3.1 low To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20241007-2/ https://www.suse.com/security/cve/CVE-2023-4641.html CVE-2023-4641 https://bugzilla.suse.com/1214806 SUSE Bug 1214806