Release Info

Advisory: CLSA-2022:1646060797

OS: CentOS 6 ELS

Public date: 2022-02-28 00:00:00

Project: cyrus-sasl

Version: 2.1.23-15.el6_6.2.tuxcare.els1

Errata link: https://errata.cloudlinux.com/els6/CLSA-2022-1646060797.html

Changelog

- CVE-2022-24407: Fix failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands

Update

Update command: yum update cyrus-sasl*

Packages list

cyrus-sasl-plain-2.1.23-15.el6_6.2.tuxcare.els1.i686.rpm cyrus-sasl-2.1.23-15.el6_6.2.tuxcare.els1.x86_64.rpm cyrus-sasl-lib-2.1.23-15.el6_6.2.tuxcare.els1.i686.rpm cyrus-sasl-ntlm-2.1.23-15.el6_6.2.tuxcare.els1.i686.rpm cyrus-sasl-gssapi-2.1.23-15.el6_6.2.tuxcare.els1.i686.rpm cyrus-sasl-devel-2.1.23-15.el6_6.2.tuxcare.els1.i686.rpm cyrus-sasl-ldap-2.1.23-15.el6_6.2.tuxcare.els1.i686.rpm cyrus-sasl-gssapi-2.1.23-15.el6_6.2.tuxcare.els1.x86_64.rpm cyrus-sasl-md5-2.1.23-15.el6_6.2.tuxcare.els1.x86_64.rpm cyrus-sasl-lib-2.1.23-15.el6_6.2.tuxcare.els1.x86_64.rpm cyrus-sasl-devel-2.1.23-15.el6_6.2.tuxcare.els1.x86_64.rpm cyrus-sasl-ntlm-2.1.23-15.el6_6.2.tuxcare.els1.x86_64.rpm cyrus-sasl-plain-2.1.23-15.el6_6.2.tuxcare.els1.x86_64.rpm cyrus-sasl-ldap-2.1.23-15.el6_6.2.tuxcare.els1.x86_64.rpm cyrus-sasl-sql-2.1.23-15.el6_6.2.tuxcare.els1.i686.rpm cyrus-sasl-sql-2.1.23-15.el6_6.2.tuxcare.els1.x86_64.rpm cyrus-sasl-md5-2.1.23-15.el6_6.2.tuxcare.els1.i686.rpm

CVEs

CVE-2022-24407