Release Info

Advisory: CLSA-2022:1646061301

OS: CentOS 8.5 ELS

Public date: 2022-02-28 00:00:00

Project: cyrus-sasl

Version: 2.1.27-5.el8.tuxcare.els1

Errata link: https://errata.cloudlinux.com/centos8.5-els/CLSA-2022-1646061301.html

Changelog

- CVE-2022-24407: Fix failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands (rhbz#2055846)

Update

Update command: dnf update cyrus-sasl*

Packages list

cyrus-sasl-ntlm-2.1.27-5.el8.tuxcare.els1.x86_64.rpm cyrus-sasl-lib-2.1.27-5.el8.tuxcare.els1.i686.rpm cyrus-sasl-gssapi-2.1.27-5.el8.tuxcare.els1.i686.rpm cyrus-sasl-scram-2.1.27-5.el8.tuxcare.els1.i686.rpm cyrus-sasl-ntlm-2.1.27-5.el8.tuxcare.els1.i686.rpm cyrus-sasl-plain-2.1.27-5.el8.tuxcare.els1.x86_64.rpm cyrus-sasl-scram-2.1.27-5.el8.tuxcare.els1.x86_64.rpm cyrus-sasl-ldap-2.1.27-5.el8.tuxcare.els1.x86_64.rpm cyrus-sasl-ldap-2.1.27-5.el8.tuxcare.els1.i686.rpm cyrus-sasl-plain-2.1.27-5.el8.tuxcare.els1.i686.rpm cyrus-sasl-2.1.27-5.el8.tuxcare.els1.x86_64.rpm cyrus-sasl-sql-2.1.27-5.el8.tuxcare.els1.x86_64.rpm cyrus-sasl-md5-2.1.27-5.el8.tuxcare.els1.x86_64.rpm cyrus-sasl-gs2-2.1.27-5.el8.tuxcare.els1.x86_64.rpm cyrus-sasl-2.1.27-5.el8.tuxcare.els1.i686.rpm cyrus-sasl-lib-2.1.27-5.el8.tuxcare.els1.x86_64.rpm cyrus-sasl-gs2-2.1.27-5.el8.tuxcare.els1.i686.rpm cyrus-sasl-devel-2.1.27-5.el8.tuxcare.els1.x86_64.rpm cyrus-sasl-devel-2.1.27-5.el8.tuxcare.els1.i686.rpm cyrus-sasl-md5-2.1.27-5.el8.tuxcare.els1.i686.rpm cyrus-sasl-sql-2.1.27-5.el8.tuxcare.els1.i686.rpm cyrus-sasl-gssapi-2.1.27-5.el8.tuxcare.els1.x86_64.rpm

CVEs

CVE-2022-24407