SUSE-CU-2024:3990-1: Security update of bci/openjdk

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Thu Sep 5 07:07:33 UTC 2024 

SUSE Container Update Advisory: bci/openjdk
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2024:3990-1
Container Tags        : bci/openjdk:11 , bci/openjdk:11-27.7
Container Release     : 27.7
Severity              : moderate
Type                  : security
References            : 1224044 1224113 1228535 CVE-2024-34397 CVE-2024-7264 
-----------------------------------------------------------------

The container bci/openjdk was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:3080-1
Released:    Mon Sep  2 16:43:54 2024
Summary:     Security update for curl
Type:        security
Severity:    moderate
References:  1228535,CVE-2024-7264
This update for curl fixes the following issues:

  - CVE-2024-7264: Fixed out-of-bounds read in ASN.1 date parser GTime2str() (bsc#1228535)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:3086-1
Released:    Tue Sep  3 08:57:32 2024
Summary:     Security update for glib2
Type:        security
Severity:    low
References:  1224044,CVE-2024-34397
This update for glib2 fixes the following issues:

- Fixed a possible use after free regression introduced by CVE-2024-34397 patch (bsc#1224044).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3131-1
Released:    Tue Sep  3 17:42:24 2024
Summary:     Recommended update for mozilla-nss
Type:        recommended
Severity:    moderate
References:  1224113
This update for mozilla-nss fixes the following issues:

- FIPS: Enforce approved curves with the CKK_EC_MONTGOMERY key type (bsc#1224113).


The following package changes have been done:

- libglib-2_0-0-2.70.5-150400.3.14.1 updated
- libcurl4-8.0.1-150400.5.47.1 updated
- curl-8.0.1-150400.5.47.1 updated
- libfreebl3-3.101.2-150400.3.51.1 updated
- mozilla-nss-certs-3.101.2-150400.3.51.1 updated
- mozilla-nss-3.101.2-150400.3.51.1 updated
- libsoftokn3-3.101.2-150400.3.51.1 updated
- container:sles15-image-15.0.0-36.14.17 updated

More information about the sle-container-updates mailing list