SUSE-CU-2020:489-1: Security update of suse/sles12sp3

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Sat Sep 12 00:23:17 MDT 2020


SUSE Container Update Advisory: suse/sles12sp3
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2020:489-1
Container Tags        : suse/sles12sp3:2.0.2 , suse/sles12sp3:24.203 , suse/sles12sp3:latest
Container Release     : 24.203
Severity              : moderate
Type                  : security
References            : 1159928 1161517 1161521 1172021 1176179 CVE-2019-19956 CVE-2019-20388
                        CVE-2020-24977 CVE-2020-7595 
-----------------------------------------------------------------

The container suse/sles12sp3 was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:2609-1
Released:    Fri Sep 11 10:58:59 2020
Summary:     Security update for libxml2
Type:        security
Severity:    moderate
References:  1159928,1161517,1161521,1172021,1176179,CVE-2019-19956,CVE-2019-20388,CVE-2020-24977,CVE-2020-7595
This update for libxml2 fixes the following issues:

- CVE-2019-20388: Fixed a memory leak in xmlSchemaPreRun (bsc#1161521).
- CVE-2020-7595: Fixed an infinite loop in an EOF situation (bsc#1161517).
- CVE-2020-24977: Fixed a global-buffer-overflow in xmlEncodeEntitiesInternal (bsc#1176179).
- Fixed invalid xmlns references due to CVE-2019-19956 (bsc#1172021).
  


More information about the sle-security-updates mailing list