Test ID:	1.3.6.1.4.1.25623.1.1.4.2025.0857.1
Category:	SuSE Local Security Checks
Title:	SUSE: Security Advisory (SUSE-SU-2025:0857-1)
Summary:	The remote host is missing an update for the 'build' package(s) announced via the SUSE-SU-2025:0857-1 advisory.
Description:	Summary: The remote host is missing an update for the 'build' package(s) announced via the SUSE-SU-2025:0857-1 advisory. Vulnerability Insight: This update for build fixes the following issues: - CVE-2024-22038: Fixed DoS attacks, information leaks with crafted Git repositories (bnc#1230469) Other fixes: - Fixed behaviour when using '--shell' aka 'osc shell' option in a VM build. Startup is faster and permissions stay intact now. - fixes for POSIX compatibility for obs-docker-support adn mkbaselibs - Add support for apk in docker/podman builds - Add support for 'wget' in Docker images - Fix debian support for Dockerfile builds - Fix preinstallimages in containers - mkosi: add back system-packages used by build-recipe directly - pbuild: parse the Release files for debian repos - mkosi: drop most systemd/build-packages deps and use obs_scm directory as source if present - improve source copy handling - Introduce --repos-directory and --containers-directory options - productcompose: support of building against a baseiso - preinstallimage: avoid inclusion of build script generated files - preserve timestamps on sources copy-in for kiwi and productcompose - alpine package support updates - tumbleweed config update - debian: Support installation of foreign architecture packages (required for armv7l setups) - Parse unknown timezones as UTC - Apk (Alpine Linux) format support added - Implement default value in parameter expansion - Also support supplements that use & as 'and' - Add workaround for skopeo's argument parser - add cap-htm=off on power9 - Fixed usage of chown calls - Remove leading `go` from `purl` locators - container related: * Implement support for the new element in kiwi recipes * Fixes for SBOM and dependencies of multi stage container builds * obs-docker-support: enable dnf and yum substitutions - Arch Linux: * fix file path for Arch repo * exclude unsupported arch * Use root as download user - build-vm-qemu: force sv48 satp mode on riscv64 - mkosi: * Create .sha256 files after mkosi builds * Always pass --image-version to mkosi - General improvements and bugfixes (mkosi, pbuild, appimage/livebuild, obs work detection, documention, SBOM) - Support slsa v1 in unpack_slsa_provenance - generate_sbom: do not clobber spdx supplier - Harden export_debian_orig_from_git (bsc#1230469) - SBOM generation: - Adding golang introspection support - Adding rust binary introspection support - Keep track of unknwon licenses and add a 'hasExtractedLicensingInfos' section - Also normalize licenses for cyclonedx - Make generate_sbom errors fatal - general improvements - Fix noprep building not working because the buildir is removed - kiwi image: also detect a debian build if /var/lib/dpkg/status is present - Do not use the Encode module to convert a code point to utf8 - Fix personality syscall number for riscv - add more required recommendations for KVM builds - set PACKAGER field in build-recipe-arch - fix writing _modulemd.yaml - pbuild: support --release and --baselibs option - ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'build' package(s) on SUSE Linux Enterprise Server 15-SP3, SUSE Linux Enterprise Server 15-SP4, SUSE Linux Enterprise Server 15-SP5, SUSE Linux Enterprise Server for SAP Applications 15-SP3, SUSE Linux Enterprise Server for SAP Applications 15-SP4, SUSE Linux Enterprise Server for SAP Applications 15-SP5. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2024-22038
Copyright	Copyright (C) 2025 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.