SUSE-CU-2024:1474-1: Security update of suse/sle15
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Mon Apr 15 07:06:45 UTC 2024
SUSE Container Update Advisory: suse/sle15
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2024:1474-1
Container Tags : bci/bci-base:15.6 , bci/bci-base:15.6.46.2.3 , suse/sle15:15.6 , suse/sle15:15.6.46.2.3
Container Release : 46.2.3
Severity : important
Type : security
References : 1219321 1219559 1220061 1221289 CVE-2023-45918 CVE-2023-52425
CVE-2024-28757
-----------------------------------------------------------------
The container suse/sle15 was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:929-1
Released: Tue Mar 19 06:36:24 2024
Summary: Recommended update for coreutils
Type: recommended
Severity: moderate
References: 1219321
This update for coreutils fixes the following issues:
- tail: fix tailing sysfs files where PAGE_SIZE > BUFSIZ (bsc#1219321)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1091-1
Released: Tue Apr 2 12:18:46 2024
Summary: Recommended update for rpm
Type: recommended
Severity: moderate
References:
This update for rpm fixes the following issues:
- Turn on IMA/EVM file signature support, move the imaevm code that needs the
libiamevm library into a plugin, and install this plugin as part of a new
'rpm-imaevmsign' subpackage (jsc#PED-7246).
- Backport signature reserved space handling from upstream.
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1129-1
Released: Mon Apr 8 09:12:08 2024
Summary: Security update for expat
Type: security
Severity: important
References: 1219559,1221289,CVE-2023-52425,CVE-2024-28757
This update for expat fixes the following issues:
- CVE-2023-52425: Fixed a DoS caused by processing large tokens. (bsc#1219559)
- CVE-2024-28757: Fixed an XML Entity Expansion. (bsc#1221289)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1133-1
Released: Mon Apr 8 11:29:02 2024
Summary: Security update for ncurses
Type: security
Severity: moderate
References: 1220061,CVE-2023-45918
This update for ncurses fixes the following issues:
- CVE-2023-45918: Fixed NULL pointer dereference via corrupted xterm-256color file (bsc#1220061).
The following package changes have been done:
- coreutils-8.32-150400.9.3.1 updated
- glibc-2.38-150600.9.1 updated
- libexpat1-2.4.4-150400.3.17.1 updated
- libgcrypt20-1.10.3-150600.1.16 updated
- libgpgme11-1.23.0-150600.1.31 updated
- libimaevm3-1.4-150600.7.2 added
- libldap-2_4-2-2.4.46-150600.23.12 updated
- libldap-data-2.4.46-150600.23.12 updated
- libncurses6-6.1-150000.5.24.1 updated
- libnghttp2-14-1.40.0-150600.23.1 updated
- libopenssl-3-fips-provider-3.1.4-150600.2.13 updated
- libopenssl3-3.1.4-150600.2.13 updated
- libssh-config-0.9.8-150600.9.1 updated
- libssh4-0.9.8-150600.9.1 updated
- libsystemd0-254.9-150600.2.19 updated
- libudev1-254.9-150600.2.19 updated
- ncurses-utils-6.1-150000.5.24.1 updated
- openssl-3-3.1.4-150600.2.13 updated
- rpm-ndb-4.14.3-150400.59.10.1 updated
- sle-module-basesystem-release-15.6-150600.31.4 updated
- sle-module-python3-release-15.6-150600.31.4 updated
- sle-module-server-applications-release-15.6-150600.31.4 updated
- sles-release-15.6-150600.31.3 updated
- terminfo-base-6.1-150000.5.24.1 updated
More information about the sle-container-updates
mailing list