SUSE-CU-2025:2582-1: Security update of bci/ruby
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Wed Apr 16 20:22:15 UTC 2025
SUSE Container Update Advisory: bci/ruby
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:2582-1
Container Tags : bci/ruby:2 , bci/ruby:2.5 , bci/ruby:2.5-31.57 , bci/ruby:latest
Container Release : 31.57
Severity : important
Type : security
References : 1185842 CVE-2020-36327
-----------------------------------------------------------------
The container bci/ruby was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:1291-1
Released: Wed Apr 16 09:41:51 2025
Summary: Recommended update for timezone
Type: recommended
Severity: moderate
References:
This update for timezone fixes the following issues:
- Version update 2025b
* New zone for Aysen Region in Chile (America/Coyhaique) which
moves from -04/-03 to -03
- Refresh patches for philippines historical data and china tzdata
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:1294-1
Released: Wed Apr 16 09:52:35 2025
Summary: Security update for rubygem-bundler
Type: security
Severity: important
References: 1185842,CVE-2020-36327
This update for rubygem-bundler fixes the following issues:
- CVE-2020-36327: Fixed bundler choosing a dependency source based
on the highest gem version number, which means that a rogue gem
found at a public source may be chosen (bsc#1185842)
Other fixes:
- Updated to version 2.2.34
The following package changes have been done:
- timezone-2025b-150600.91.6.2 updated
- ruby2.5-rubygem-bundler-2.2.34-150000.3.11.1 updated
More information about the sle-container-updates
mailing list