SUSE-IU-2024:1640-1: Security update of containers/apache-tomcat
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Mon Dec 2 12:18:28 UTC 2024
SUSE Image Update Advisory: containers/apache-tomcat
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2024:1640-1
Image Tags : containers/apache-tomcat:10.1-openjdk11 , containers/apache-tomcat:10.1.25-openjdk11 , containers/apache-tomcat:10.1.25-openjdk11-56.1
Image Release : 56.1
Severity : moderate
Type : security
References : 1224044 CVE-2024-34397
-----------------------------------------------------------------
The container containers/apache-tomcat was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1950-1
Released: Fri Jun 7 17:20:14 2024
Summary: Security update for glib2
Type: security
Severity: moderate
References: 1224044,CVE-2024-34397
This update for glib2 fixes the following issues:
Update to version 2.78.6:
+ Fix a regression with IBus caused by the fix for CVE-2024-34397
Changes in version 2.78.5:
+ Fix CVE-2024-34397: GDBus signal subscriptions for well-known
names are vulnerable to unicast spoofing. (bsc#1224044)
+ Bugs fixed:
- gvfs-udisks2-volume-monitor SIGSEGV in
g_content_type_guess_for_tree() due to filename with bad
encoding
- gcontenttype: Make filename valid utf-8 string before processing.
- gdbusconnection: Don't deliver signals if the sender doesn't match.
Changes in version 2.78.4:
+ Bugs fixed:
- Fix generated RST anchors for methods, signals and properties.
- docs/reference: depend on a native gtk-doc.
- gobject_gdb.py: Do not break bt on optimized build.
- gregex: clean up usage of _GRegex.jit_status.
The following package changes have been done:
- libglib-2_0-0-2.78.6-150600.4.3.1 added
More information about the sle-container-updates
mailing list