{"affected":[{"ecosystem_specific":{"binaries":[{"aws-efs-utils":"2.3.3-150600.17.6.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Public Cloud 15 SP6","name":"aws-efs-utils","purl":"pkg:rpm/suse/aws-efs-utils&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.3.3-150600.17.6.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"aws-efs-utils":"2.3.3-150600.17.6.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Public Cloud 15 SP7","name":"aws-efs-utils","purl":"pkg:rpm/suse/aws-efs-utils&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP7"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.3.3-150600.17.6.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"aws-efs-utils":"2.3.3-150600.17.6.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.6","name":"aws-efs-utils","purl":"pkg:rpm/opensuse/aws-efs-utils&distro=openSUSE%20Leap%2015.6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.3.3-150600.17.6.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for aws-efs-utils fixes the following issues:\n\nUpdate to version 2.3.3 (bsc#1240044).\n\nSecurity issues fixed:\n\n- CVE-2025-55159: slab: incorrect bounds check in `get_disjoint_mut` function can lead to potential crash due to out-of-bounds access (bsc#1248055).\n- CVE-2020-35881: traitobject: log4rs: out-of-bounds write due to fat pointer layout assumptions (bsc#1249851).\n\nOther issues fixed:\n\n- Build and install efs-proxy binary (bsc#1240044).\n\n- Fixed in version 2.3.3:\n  * Add environment variable support for AWS profiles and regions\n  * Regenerate Cargo.lock with rust 1.70.0\n  * Update circle-ci config\n  * Fix AWS Env Variable Test and Code Style Issue\n  * Remove CentOS 8 and Ubuntu 16.04 from verified Linux distribution list\n\n- Fixed in version 2.3.2:\n  * Update version in amazon-efs-utils.spec to 2.3.1\n  * Fix incorrect package version\n\n- Fixed in version 2.3.1:\n  * Fix backtrace version to resolve ubuntu and rhel build issues\n  * Pin Cargo.lock to avoid unexpected error across images\n\n- Fixed in version 2.3.0:\n  * Add support for pod-identity credentials in the credentials chain\n  * Enable mounting with IPv6 when using with the 'stunnel' mount option\n\n- Fixed in version 2.2.1:\n  * Update log4rs\n\n- Fixed in version 2.2.0\n  * Use region-specific domain suffixes for dns endpoints where missing\n  * Merge PR #211 - Amend Debian control to use binary architecture\n  \n- Fixed in version 2.1.0\n  * Add mount option for specifying region\n  * Add new ISO regions to config file\n  \n- Fixed in version 2.0.4\n  * Add retry logic to and increase timeout for EC2 metadata token\n    retrieval requests\n\n- Fixed in version 2.0.3:\n  * Upgrade py version\n  * Replace deprecated usage of datetime\n  \n- Fixed in version 2.0.2\n  * Check for efs-proxy PIDs when cleaning tunnel state files\n  * Add PID to log entries\n  \n- Fxied in  version 2.0.1\n  * Disable Nagle's algorithm for efs-proxy TLS mounts to improve latencies\n  \n- Fixed in version 2.0.0:\n  * Replace stunnel, which provides TLS encryptions for mounts, with efs-proxy, a component built in-house at AWS.\n    Efs-proxy lays the foundation for upcoming feature launches at EFS.\n\n- Fixed in version 1.36.0:\n  * Support new mount option: crossaccount, conduct cross account mounts via ip address. Use client AZ-ID to choose\n    mount target.\n  \n- Fixed in version 1.35.2:\n  * Revert 'Add warning if using older Version'\n  * Support MacOS Sonoma\n\n- Fixed in version 1.35.1:\n  * Revert openssl requirement change\n  * Revert 'Update EFS Documentation: Clarify Current FIPS Compliance Status'\n  * Update EFS Documentation: Clarify Current FIPS Compliance Status\n  * test: Change repo urls in eol debian9 build\n  * Check private key file size to skip generation\n  * test: Fix pytest that failed since commit 3dd89ca\n  * Fix should_check_efs_utils_version scope\n  * Add warning if using old version\n  * Add 'fsap' option as EFS-only option\n\n- Fixed in version 1.35.0:\n  * Add parameters to allow mount fo pod impersonation feature in EFS CSI Driver\n  * Updated the README with support of Oracle8 distribution\n  * Readme troubleshooting section + table of contents\n  * Add efs-utils Support for MacOS Ventura EC2 instances\n","id":"SUSE-SU-2025:3954-1","modified":"2025-11-05T14:06:34Z","published":"2025-11-05T14:06:34Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2025/suse-su-20253954-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1240044"},{"type":"REPORT","url":"https://bugzilla.suse.com/1248055"},{"type":"REPORT","url":"https://bugzilla.suse.com/1249851"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-35881"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-55159"}],"related":["CVE-2020-35881","CVE-2025-55159"],"summary":"Security update for aws-efs-utils","upstream":["CVE-2020-35881","CVE-2025-55159"]}