Advisory: CLSA-2022:1646061262
OS: Ubuntu 16.04 ELS
Public date: 2022-02-28
Project: cyrus-sasl
Version: 2.1.26.dfsg1-14ubuntu0.2+tuxcare.els1
Errata link: https://errata.cloudlinux.com/ubuntu16-els/CLSA-2022-1646061262.html
* SECURITY UPDATE: SQL injection in SQL plugin - debian/patches/CVE-2022-24407.patch: escape password for SQL insert/update commands in plugins/sql.c. - CVE-2022-24407
Update command: apt-get update apt-get --only-upgrade install cyrus-sasl*
cyrus-sasl2-doc_2.1.26.dfsg1-14ubuntu0.2+tuxcare.els1_all.deb libsasl2-2_2.1.26.dfsg1-14ubuntu0.2+tuxcare.els1_amd64.deb libsasl2-dev_2.1.26.dfsg1-14ubuntu0.2+tuxcare.els1_amd64.deb libsasl2-modules_2.1.26.dfsg1-14ubuntu0.2+tuxcare.els1_amd64.deb libsasl2-modules-db_2.1.26.dfsg1-14ubuntu0.2+tuxcare.els1_amd64.deb libsasl2-modules-gssapi-heimdal_2.1.26.dfsg1-14ubuntu0.2+tuxcare.els1_amd64.deb libsasl2-modules-gssapi-mit_2.1.26.dfsg1-14ubuntu0.2+tuxcare.els1_amd64.deb libsasl2-modules-ldap_2.1.26.dfsg1-14ubuntu0.2+tuxcare.els1_amd64.deb libsasl2-modules-otp_2.1.26.dfsg1-14ubuntu0.2+tuxcare.els1_amd64.deb libsasl2-modules-sql_2.1.26.dfsg1-14ubuntu0.2+tuxcare.els1_amd64.deb sasl2-bin_2.1.26.dfsg1-14ubuntu0.2+tuxcare.els1_amd64.deb