SUSE-CU-2024:2759-1: Security update of trento/trento-web

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Tue Jun 18 07:10:44 UTC 2024 

SUSE Container Update Advisory: trento/trento-web
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2024:2759-1
Container Tags        : trento/trento-web:2.3.1 , trento/trento-web:2.3.1-build4.34.1 , trento/trento-web:latest
Container Release     : 4.34.1
Severity              : moderate
Type                  : security
References            : 1201384 1216862 1217969 1218014 CVE-2023-39804 CVE-2023-50495
-----------------------------------------------------------------

The container trento/trento-web was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:4723-1
Released:    Tue Dec 12 09:57:51 2023
Summary:     Recommended update for libtirpc
Type:        recommended
Severity:    moderate
References:  1216862
This update for libtirpc fixes the following issue:

- fix sed parsing in specfile (bsc#1216862)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:4891-1
Released:    Mon Dec 18 16:31:49 2023
Summary:     Security update for ncurses
Type:        security
Severity:    moderate
References:  1201384,1218014,CVE-2023-50495
This update for ncurses fixes the following issues:

- CVE-2023-50495: Fixed a segmentation fault via _nc_wrap_entry() (bsc#1218014)
- Modify reset command to avoid altering clocal if the terminal uses a modem (bsc#1201384)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:70-1
Released:    Tue Jan  9 18:29:39 2024
Summary:     Security update for tar
Type:        security
Severity:    low
References:  1217969,CVE-2023-39804
This update for tar fixes the following issues:

- CVE-2023-39804: Fixed  extension attributes in PAX archives incorrect hanling (bsc#1217969).


The following package changes have been done:

- libtirpc-netconfig-1.3.4-150300.3.23.1 updated
- libssh-config-0.9.6-150400.1.5 added
- libncurses6-6.1-150000.5.20.1 updated
- terminfo-base-6.1-150000.5.20.1 updated
- ncurses-utils-6.1-150000.5.20.1 updated
- libtirpc3-1.3.4-150300.3.23.1 updated
- libcurl4-8.0.1-150400.5.41.1 updated
- system-group-hardware-20170617-150400.24.2.1 updated
- tar-1.34-150000.3.34.1 updated
- container:bci-nodejs-16-15.0.0-27.14.130 updated
- container:sles15-image-15.0.0-27.14.130 updated
- libxml2-2-2.9.14-150400.5.25.1 removed
- perl-base-5.26.1-150300.17.14.1 removed
- timezone-2023c-150000.75.23.1 removed

More information about the sle-container-updates mailing list