SUSE-CU-2024:5699-1: Security update of suse/postgres

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Sat Nov 16 08:07:38 UTC 2024 

SUSE Container Update Advisory: suse/postgres
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2024:5699-1
Container Tags        : suse/postgres:16 , suse/postgres:16.4 , suse/postgres:16.4 , suse/postgres:16.4-54.1 , suse/postgres:latest
Container Release     : 54.1
Severity              : important
Type                  : security
References            : 1096974 1096984 1126117 1126118 1126119 1154661 1159034 1169512
                        1176123 1189996 1194818 1218609 1218609 1220117 1221831 1222285
                        1223605 1225598 1229476 CVE-2018-10360 CVE-2019-18218 CVE-2019-8905
                        CVE-2019-8906 CVE-2019-8907 CVE-2024-28085 
-----------------------------------------------------------------

The container suse/postgres was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:571-1
Released:    Thu Mar  7 18:13:46 2019
Summary:     Security update for file
Type:        security
Severity:    moderate
References:  1096974,1096984,1126117,1126118,1126119,CVE-2018-10360,CVE-2019-8905,CVE-2019-8906,CVE-2019-8907
This update for file fixes the following issues:

The following security vulnerabilities were addressed:

- CVE-2018-10360: Fixed an out-of-bounds read in the function do_core_note in
  readelf.c, which allowed remote attackers to cause a denial of service
  (application crash) via a crafted ELF file (bsc#1096974)
- CVE-2019-8905: Fixed a stack-based buffer over-read in do_core_note in readelf.c
  (bsc#1126118)
- CVE-2019-8906: Fixed an out-of-bounds read in do_core_note in readelf. c
  (bsc#1126119)
- CVE-2019-8907: Fixed a stack corruption in do_core_note in readelf.c
  (bsc#1126117)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:1294-1
Released:    Mon May 18 07:38:36 2020
Summary:     Security update for file
Type:        security
Severity:    moderate
References:  1154661,1169512,CVE-2019-18218
This update for file fixes the following issues:

Security issues fixed:

- CVE-2019-18218: Fixed a heap-based buffer overflow in cdf_read_property_info() (bsc#1154661).

Non-security issue fixed:

- Fixed broken '--help' output (bsc#1169512).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2983-1
Released:    Wed Oct 21 15:03:03 2020
Summary:     Recommended update for file
Type:        recommended
Severity:    moderate
References:  1176123
This update for file fixes the following issues:

- Fixes an issue when file displays broken 'ELF' interpreter. (bsc#1176123)  
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3182-1
Released:    Tue Sep 21 17:04:26 2021
Summary:     Recommended update for file
Type:        recommended
Severity:    moderate
References:  1189996
This update for file fixes the following issues:

- Fixes exception thrown by memory allocation problem (bsc#1189996)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:4671-1
Released:    Wed Dec  6 14:33:41 2023
Summary:     Recommended update for man
Type:        recommended
Severity:    moderate
References:  

This update of man fixes the following problem:

- The 'man' commands is delivered to SUSE Linux Enterprise Micro
  to allow browsing man pages.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1943-1
Released:    Fri Jun  7 17:04:06 2024
Summary:     Security update for util-linux
Type:        security
Severity:    important
References:  1218609,1220117,1221831,1223605,CVE-2024-28085
This update for util-linux fixes the following issues:

-  CVE-2024-28085: Properly neutralize escape sequences in wall to avoid potential account takeover. (bsc#1221831)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:2214-1
Released:    Tue Jun 25 17:11:26 2024
Summary:     Recommended update for util-linux
Type:        recommended
Severity:    moderate
References:  1225598
This update for util-linux fixes the following issue:

- Fix hang of lscpu -e (bsc#1225598)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:2888-1
Released:    Tue Aug 13 11:07:41 2024
Summary:     Recommended update for util-linux
Type:        recommended
Severity:    moderate
References:  1159034,1194818,1218609,1222285
This update for util-linux fixes the following issues:

- agetty: Prevent login cursor escape (bsc#1194818).
- Document unexpected side effects of lazy destruction (bsc#1159034).
- Don't delete binaries not common for all architectures. Create an
  util-linux-extra subpackage instead, so users of third party
  tools can use them (bsc#1222285).
- Improved man page for chcpu (bsc#1218609).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3239-1
Released:    Fri Sep 13 12:00:58 2024
Summary:     Recommended update for util-linux
Type:        recommended
Severity:    moderate
References:  1229476
This update for util-linux fixes the following issue:

- Skip aarch64 decode path for rest of the architectures (bsc#1229476).


The following package changes have been done:

- file-magic-5.32-7.14.1 added
- libuuid1-2.39.3-150600.4.12.2 added
- libsmartcols1-2.39.3-150600.4.12.2 added
- libblkid1-2.39.3-150600.4.12.2 added
- libfdisk1-2.39.3-150600.4.12.2 added
- libcap-ng0-0.7.9-4.37 added
- libmagic1-5.32-7.14.1 added
- libmount1-2.39.3-150600.4.12.2 added
- sed-4.9-150600.1.4 added
- system-group-hardware-20170617-150400.24.2.1 added
- libutempter0-1.1.6-3.42 added
- util-linux-2.39.3-150600.4.12.2 added
- container:suse-sle15-15.6-9f77af222d3839b51642d1cba74bedd918f0532d7a63584b6cc9144a6d8fa7e6-0 added
- container:registry.suse.com-bci-bci-micro-15.6-9f77af222d3839b51642d1cba74bedd918f0532d7a63584b6cc9144a6d8fa7e6-0 added
- container:registry.suse.com-bci-bci-base-15.6-3b6c9e2466a0c491b923ea6d8513a31f093ac93572312cb8d6c2136de1bbc534-0 removed
- glibc-locale-2.38-150600.14.14.2 removed
- glibc-locale-base-2.38-150600.14.14.2 removed
- libicu-suse65_1-65.1-150200.4.10.1 removed
- libicu65_1-ledata-65.1-150200.4.10.1 removed
- liblz4-1-1.9.4-150600.1.4 removed
- libpq5-16.4-150600.16.5.1 removed
- libsystemd0-254.18-150600.4.15.10 removed
- postgresql-16-150600.17.3.2 removed
- postgresql-server-16-150600.17.3.2 removed
- postgresql16-16.4-150600.16.5.1 removed
- postgresql16-server-16.4-150600.16.5.1 removed
- update-alternatives-1.19.0.4-150000.4.4.1 removed

More information about the sle-container-updates mailing list