Chromium

  • Fixed forbidden file access. If enabled, downloads, bookmarks and printing in Chromium are disabled.

  • Fixed Chromium browser security issues

    CVE-2023-0941, CVE-2023-0933,
    CVE-2023-0932, CVE-2023-0931, CVE-2023-0930, CVE-2023-0929, CVE-2023-0928,
    CVE-2023-0927, CVE-2023-0705, CVE-2023-0704, CVE-2023-0703, CVE-2023-0702,
    CVE-2023-0701, CVE-2023-0700, CVE-2023-0699, CVE-2023-0698, CVE-2023-0697,
    CVE-2023-0696, CVE-2023-0474, CVE-2023-0473, CVE-2023-0472, CVE-2023-0471,
    CVE-2023-0141, CVE-2023-0140, CVE-2023-0139, CVE-2023-0138, CVE-2023-0137,
    CVE-2023-0136, CVE-2023-0135, CVE-2023-0134, CVE-2023-0133, CVE-2023-0132,
    CVE-2023-0131, CVE-2023-0130, CVE-2023-0129, CVE-2023-0128, CVE-2022-4440,
    CVE-2022-4439, CVE-2022-4438, CVE-2022-4437, and CVE-2022-4436  

  • Updated Chromium browser to version 110.0.5481.177.

Network

  • Fixed privilege escalation in network management.

Base System

  • Fixed privilege escalation in setup_cmd tool.
    Changed: For security reasons, the default password protection value for the System Information accessory is set to Administrator.

    IGEL Setup

    Accessories > System Information

    ParameterPassword protection
    Registrysessions.device_manager0.pwprotected
    ValueAdministrator (default)
  • Fixed empty password entry for floppy group.
  • Fixed sysstat security issue CVE-2022-39377.  
  • Fixed binutils security issue CVE-2022-38533.
  • Fixed libarchive security issues CVE-2022-36227 and CVE-2022-28066.

  • Fixed curl security issues 

    CVE-2023-23916, CVE-2023-23915, CVE-2023-23914, CVE-2022-43552,
    CVE-2022-43551, CVE-2022-42916, CVE-2022-42915, CVE-2022-35260, and CVE-2022-32221 

  • Fixed xorg-server security issues CVE-2022-46344, CVE-2022-46343, CVE-2022-46342, CVE-2022-46341, CVE-2022-46340, and CVE-2022-46283.
  • Fixed libksba security issue CVE-2022-47629.
  • Fixed nautilus security issue CVE-2022-37290.
  • Fixed python2.7 security issue CVE-2022-45061.
  • Fixed python3.6 security issue CVE-2022-45061.  
  • Fixed net-snmp security issues CVE-2022-44793, CVE-2022-44792, and CVE-2022-4479.  
  • Fixed tiff security issue CVE-2022-3970.

  • Fixed webkit2gtk security issues

    CVE-2023-23518, CVE-2023-23517, CVE-2022-42826, CVE-2022-46700,
    CVE-2022-46699, CVE-2022-46698, CVE-2022-46692, CVE-2022-46691,
    CVE-2022-42867, CVE-2022-42863, CVE-2022-42856, and CVE-2022-42852  

  • Fixed qemu security issues CVE-2022-4172 and CVE-2022-3165.
  • Fixed vim security issue CVE-2022-0392.
  • Fixed sudo security issue CVE-2023-22809.
  • Fixed libxpm security issues CVE-2022-4883, CVE-2022-46285, and CVE-2022-44617.
  • Fixed zulu8-ca security issues CVE-2023-21830, CVE-2023-21835, and CVE-2023-21843.
  • Fixed heimdal security issues CVE-2022-45142, CVE-2022-44640, CVE-2022-42898, CVE-2022-41916, CVE-2022-3437, and CVE-2021-44758.
  • Fixed python-setuptools security issue CVE-2022-40897.  
  • Fixed pam security issue CVE-2022-28321.
  • Fixed mysql-5.7 security issue CVE-2023-21840.
  • Fixed xorg-server security issue CVE-2023-0494.  
  • Fixed e2fsprogs security issue CVE-2022-1304.
  • Fixed openssl1.0 security issues CVE-2023-0286 and CVE-2023-0215.
  • Fixed openssl security issues CVE-2023-0286, CVE-2023-0215, CVE-2022-4450, and CVE-2022-4304.
  • Fixed tpm2-tss security issue CVE-2023-22745.  
  • Fixed nss security issue CVE-2023-0767.
  • Fixed python3.6 security issue CVE-2022-37454.

  • Fixed tiff security issues

    CVE-2023-0804, CVE-2023-0803, CVE-2023-0802,
    CVE-2023-0801, CVE-2023-0800, CVE-2023-0799,
    CVE-2023-0798, CVE-2023-0797, CVE-2023-0796, and CVE-2023-0795

  • Fixed rsync security issue CVE-2022-29154.  
  • Fixed tar security issue CVE-2022-48303.
  • Updated ca-certificates to version 20230311.