Ansible, Containerd, Libuv1 updates for Debian

Debian 10432 Published 2025-05-05 07:07 by Philipp Esselbach

News

Debian GNU/Linux has released several security updates, including ansible regression update, containerd security update, and libuv1 security update.

Debian GNU/Linux 10 (Buster) Extended LTS:
ELA-1416-1 libuv1 security update

Debian GNU/Linux 11 (Bullseye) LTS:
[DLA 3695-2] ansible regression update
[DLA 4153-1] containerd security update

[SECURITY] [DLA 3695-2] ansible regression update

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3695-2 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Lee Garrett
May 02, 2025 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package : ansible
Version : 2.10.7+merged+base+2.10.17+dfsg-0+deb11u3
CVE ID :
Debian Bug : #1080467

ansible 2.10.7+merged+base+2.10.17+dfsg-0+deb11u1 introduced a regression in the
win_template module. This caused win_template tasks to fail with an error.

For Debian 11 bullseye, this problem has been fixed in version
2.10.7+merged+base+2.10.17+dfsg-0+deb11u3.

We recommend that you upgrade your ansible packages.

For the detailed security status of ansible please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/ansible

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

[SECURITY] [DLA 4153-1] containerd security update

-------------------------------------------------------------------------
Debian LTS Advisory DLA-4153-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Andreas Henriksson
May 04, 2025 https://wiki.debian.org/LTS
-------------------------------------------------------------------------

Package : containerd
Version : 1.4.13~ds1-1~deb11u5
CVE ID : CVE-2024-40635
Debian Bug : 1100806

containerd is a container runtime. A bug was found in containerd
where containers launched with a User set as a `UID:GID` larger than the
maximum 32-bit signed integer can cause an overflow condition where the
container ultimately runs as root (UID 0). This could cause unexpected behavior
for environments that require containers to run as a non-root user.

For Debian 11 bullseye, this problem has been fixed in version
1.4.13~ds1-1~deb11u5.

We recommend that you upgrade your containerd packages.

For the detailed security status of containerd please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/containerd

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

ELA-1416-1 libuv1 security update

Package : libuv1
Version : 1.24.1-1+deb10u3 (buster)

Related CVEs :
CVE-2020-8252

realpath in libuv incorrectly determined the buffer size which
can result in a buffer overflow if the resolved path is
longer than 256 bytes.

ELA-1416-1 libuv1 security update

Audiofile update for SUSE

Linux Kernel 6.15-rc5 released

Ansible, Containerd, Libuv1 updates for Debian

[SECURITY] [DLA 3695-2] ansible regression update

[SECURITY] [DLA 4153-1] containerd security update

ELA-1416-1 libuv1 security update

Windows

Linux

macOS

Community