SUSE-CU-2019:730-1: Security update of caasp/v4/salt-api

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Thu Jan 16 10:00:40 MST 2020


SUSE Container Update Advisory: caasp/v4/salt-api
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2019:730-1
Container Tags        : caasp/v4/salt-api:2018.3.0 , caasp/v4/salt-api:2018.3.0-rev1 , caasp/v4/salt-api:2018.3.0-rev1-build2.1 , caasp/v4/salt-api:beta1
Severity              : important
Type                  : security
References            : 1073748 1109847 1120149 1122191 CVE-2018-14647 CVE-2019-5010
-----------------------------------------------------------------

The container caasp/v4/salt-api was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:440-1
Released:    Tue Feb 19 18:52:51 2019
Summary:     Recommended update for dmidecode
Type:        recommended
Severity:    moderate
References:  1120149
Description:

This update for dmidecode fixes the following issues:

- Extensions to Memory Device (Type 17) (FATE#326831 bsc#1120149)
- Add 'Logical non-volatile device' to the memory device types (FATE#326831 bsc#1120149)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:482-1
Released:    Mon Feb 25 11:57:46 2019
Summary:     Security update for python
Type:        security
Severity:    important
References:  1073748,1109847,1122191,CVE-2018-14647,CVE-2019-5010
Description:

This update for python fixes the following issues:

Security issues fixed:

- CVE-2019-5010: Fixed a denial-of-service vulnerability in the X509 certificate parser (bsc#1122191).
- CVE-2018-14647: Fixed a denial-of-service vulnerability in Expat (bsc#1109847).

Non-security issue fixed:

- Fixed a bug where PyWeakReference struct was not initialized correctly leading to a crash (bsc#1073748).



More information about the sle-security-updates mailing list