SUSE-CU-2020:762-1: Security update of ses/7/prometheus-webhook-snmp

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Tue Dec 8 05:52:58 MST 2020 

SUSE Container Update Advisory: ses/7/prometheus-webhook-snmp
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2020:762-1
Container Tags        : ses/7/prometheus-webhook-snmp:1.4 , ses/7/prometheus-webhook-snmp:1.4.1.94 , ses/7/prometheus-webhook-snmp:latest , ses/7/prometheus-webhook-snmp:sle15.2.octopus
Container Release     : 1.94
Severity              : important
Type                  : security
References            : 1176262 1178376 1179193 1179431 1179515 CVE-2019-20916 
-----------------------------------------------------------------

The container ses/7/prometheus-webhook-snmp was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3581-1
Released:    Tue Dec  1 14:40:22 2020
Summary:     Recommended update for libusb-1_0
Type:        recommended
Severity:    moderate
References:  1178376
This update for libusb-1_0 fixes the following issues:

- Fixes a build failure for libusb for the inclusion of 'sys/time.h' on PowerPC. (bsc#1178376)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3593-1
Released:    Wed Dec  2 10:33:49 2020
Summary:     Security update for python3
Type:        security
Severity:    important
References:  1176262,1179193,CVE-2019-20916
This update for python3 fixes the following issues:

Update to 3.6.12 (bsc#1179193), including:

- Fixed a directory traversal in _download_http_url() (bsc#1176262 CVE-2019-20916)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3620-1
Released:    Thu Dec  3 17:03:55 2020
Summary:     Recommended update for pam
Type:        recommended
Severity:    moderate
References:  
This update for pam fixes the following issues:

- Check if the password is part of the username. (jsc#SLE-16719, jsc#SLE-16720)
  - Check whether the password contains a substring of of the user's name of at least `<N>` characters length in 
  some form. This is enabled by the new parameter `usersubstr=<N>`

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3626-1
Released:    Fri Dec  4 13:51:46 2020
Summary:     Recommended update for audit
Type:        recommended
Severity:    moderate
References:  1179515
This update for audit fixes the following issues:

- Enable Aarch64 processor support. (bsc#1179515) 

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3703-1
Released:    Mon Dec  7 20:17:32 2020
Summary:     Recommended update for aaa_base
Type:        recommended
Severity:    moderate
References:  1179431
This update for aaa_base fixes the following issue:

- Avoid semicolon within (t)csh login script on S/390. (bsc#1179431)

More information about the sle-security-updates mailing list