Upstream information

CVE-2021-29133 at MITRE

Description

Lack of verification in haserl, a component of Alpine Linux Configuration Framework, before 0.9.36 allows local users to read the contents of any file on the filesystem.

SUSE information

Overall state of this security issue: Does not affect SUSE products

This issue is currently rated as having moderate severity.

SUSE Bugzilla entry: 1187671 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Package Hub for SUSE Linux Enterprise 15 SP1
  • haserl >= 0.9.36-bp151.4.3.1
Patchnames:
openSUSE-2021-1279
SUSE Package Hub for SUSE Linux Enterprise 15 SP2
  • haserl >= 0.9.36-bp152.4.3.1
Patchnames:
openSUSE-2021-1279
SUSE Package Hub for SUSE Linux Enterprise 15 SP3
  • haserl >= 0.9.36-bp153.2.3.1
Patchnames:
openSUSE-2021-1279
openSUSE Leap 15.2
  • haserl >= 0.9.36-lp152.4.3.1
Patchnames:
openSUSE-2021-1279
openSUSE Leap 15.3
  • haserl >= 0.9.36-bp153.2.3.1
Patchnames:
openSUSE-2021-1279
openSUSE Tumbleweed
  • haserl >= 0.9.36-1.3
Patchnames:
openSUSE Tumbleweed GA haserl-0.9.36-1.3