SUSE-SU-2025:02957-1

See a problem?
Please try reporting it to the source first.
Source
https://www.suse.com/support/update/announcement/2025/suse-su-202502957-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:02957-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2025:02957-1
Upstream
Related
Published
2025-08-22T07:56:12Z
Modified
2025-08-22T19:47:19.929614Z
Summary
Security update for rust-keylime
Details

This update for rust-keylime fixes the following issues:

  • Update slab to version 0.4.11:

    • CVE-2025-55159: Fixed incorrect bounds check in getdisjointmut function (bsc#1248006)

  • Update to version 0.2.8+12:

    • build(deps): bump actions/checkout from 4 to 5
    • build(deps): bump cfg-if from 1.0.0 to 1.0.1
    • build(deps): bump openssl from 0.10.72 to 0.10.73
    • build(deps): bump clap from 4.5.39 to 4.5.45
    • build(deps): bump pest from 2.8.0 to 2.8.1
    • Fix clippy warnings
    • Use verifier-provided interval for continuous attestation timing
    • Add meta object with secondstonext_attestation to evidence response
    • Fix boot time retrieval
    • Fix IMA log format (it must be ['text/plain']) (#1073)
    • Remove unnecessary configuration fields
    • cargo: Bump retry-policies to version 0.4.0
References

Affected packages

SUSE:Linux Enterprise Micro 5.3 / rust-keylime

Package

Name
rust-keylime
Purl
pkg:rpm/suse/rust-keylime&distro=SUSE%20Linux%20Enterprise%20Micro%205.3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.2.8+12-150400.3.10.1

Ecosystem specific 

{
    "binaries": [
        {
            "rust-keylime": "0.2.8+12-150400.3.10.1"
        }
    ]
}