SUSE-CU-2020:39-1: Security update of ses/6/rook/ceph
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Sat Feb 1 01:40:17 MST 2020
SUSE Container Update Advisory: ses/6/rook/ceph
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2020:39-1
Container Tags : ses/6/rook/ceph:1.1.1.0 , ses/6/rook/ceph:1.1.1.0.1.5.110 , ses/6/rook/ceph:latest
Container Release : 1.5.110
Severity : moderate
Type : security
References : 1013125 1149332 1151582 1157292 1157794 1157893 1158830 1158996
1160571 1160970 1161074 1161312 CVE-2019-19126 CVE-2019-5188
CVE-2020-1699 CVE-2020-1700
-----------------------------------------------------------------
The container ses/6/rook/ceph was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:225-1
Released: Fri Jan 24 06:49:07 2020
Summary: Recommended update for procps
Type: recommended
Severity: moderate
References: 1158830
Description:
This update for procps fixes the following issues:
- Fix for 'ps -C' allowing to accept any arguments longer than 15 characters anymore. (bsc#1158830)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:256-1
Released: Wed Jan 29 09:39:17 2020
Summary: Recommended update for aaa_base
Type: recommended
Severity: moderate
References: 1157794,1160970
Description:
This update for aaa_base fixes the following issues:
- Improves the way how the Java path is created to fix an issue with sapjvm. (bsc#1157794)
- Drop 'dev.cdrom.autoclose' = 0 from sysctl config. (bsc#1160970)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:262-1
Released: Thu Jan 30 11:02:42 2020
Summary: Security update for glibc
Type: security
Severity: moderate
References: 1149332,1151582,1157292,1157893,1158996,CVE-2019-19126
Description:
This update for glibc fixes the following issues:
Security issue fixed:
- CVE-2019-19126: Fixed to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition (bsc#1157292).
Bug fixes:
- Fixed z15 (s390x) strstr implementation that can return incorrect results if search string cross page boundary (bsc#1157893).
- Fixed Hardware support in toolchain (bsc#1151582).
- Fixed syscalls during early process initialization (SLE-8348).
- Fixed an array overflow in backtrace for PowerPC (bsc#1158996).
- Moved to posix_spawn on popen (bsc#1149332).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:265-1
Released: Thu Jan 30 14:05:34 2020
Summary: Security update for e2fsprogs
Type: security
Severity: moderate
References: 1160571,CVE-2019-5188
Description:
This update for e2fsprogs fixes the following issues:
- CVE-2019-5188: Fixed a code execution vulnerability in the directory rehashing functionality (bsc#1160571).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:279-1
Released: Fri Jan 31 12:01:39 2020
Summary: Recommended update for p11-kit
Type: recommended
Severity: moderate
References: 1013125
Description:
This update for p11-kit fixes the following issues:
- Also build documentation (bsc#1013125)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:297-1
Released: Fri Jan 31 17:24:13 2020
Summary: Security update for ceph
Type: security
Severity: moderate
References: 1161074,1161312,CVE-2020-1699,CVE-2020-1700
Description:
This update for ceph fixes the following issues:
- CVE-2020-1700: Fixed a denial of service against the RGW server via connection leakage (bsc#1161312).
- CVE-2020-1699: Fixed a information disclosure by improper URL checking (bsc#1161074).
More information about the sle-security-updates
mailing list