SUSE-CU-2024:4846-1: Security update of suse/sle-micro/5.1/toolbox

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Sat Oct 5 07:23:31 UTC 2024 

SUSE Container Update Advisory: suse/sle-micro/5.1/toolbox
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2024:4846-1
Container Tags        : suse/sle-micro/5.1/toolbox:13.2 , suse/sle-micro/5.1/toolbox:13.2-3.13.33 , suse/sle-micro/5.1/toolbox:latest
Container Release     : 3.13.33
Severity              : moderate
Type                  : security
References            : 1229930 1229931 1229932 1230020 1230034 CVE-2023-7256 CVE-2024-45490
                        CVE-2024-45491 CVE-2024-45492 CVE-2024-8006 
-----------------------------------------------------------------

The container suse/sle-micro/5.1/toolbox was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:3515-1
Released:    Thu Oct  3 13:33:31 2024
Summary:     Security update for expat
Type:        security
Severity:    moderate
References:  1229930,1229931,1229932,CVE-2024-45490,CVE-2024-45491,CVE-2024-45492
This update for expat fixes the following issues:

- CVE-2024-45492: integer overflow in function nextScaffoldPart. (bsc#1229932)
- CVE-2024-45491: integer overflow in dtdCopy. (bsc#1229931)
- CVE-2024-45490: negative length for XML_ParseBuffer not rejected. (bsc#1229930)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:3516-1
Released:    Thu Oct  3 13:33:41 2024
Summary:     Security update for libpcap
Type:        security
Severity:    moderate
References:  1230020,1230034,CVE-2023-7256,CVE-2024-8006
This update for libpcap fixes the following issues:

- CVE-2024-8006: NULL pointer dereference in function pcap_findalldevs_ex(). (bsc#1230034)
- CVE-2023-7256: double free via struct addrinfo in function sock_initaddress(). (bsc#1230020)


The following package changes have been done:

- libexpat1-2.2.5-150000.3.30.1 updated
- libpcap1-1.9.1-150300.3.3.1 updated

More information about the sle-container-updates mailing list