SUSE-CU-2020:359-1: Security update of suse/sles12sp3

sle-security-updates at sle-security-updates at
Thu Jul 9 11:32:58 MDT 2020

SUSE Container Update Advisory: suse/sles12sp3
Container Advisory ID : SUSE-CU-2020:359-1
Container Tags        : suse/sles12sp3:2.0.2 , suse/sles12sp3:24.174 , suse/sles12sp3:latest
Container Release     : 24.174
Severity              : important
Type                  : security
References            : 1084671 1154256 1157315 1161262 1161436 1162698 1164538 1165633
                        1167622 1170715 1171145 1172698 1172704 CVE-2019-20386 CVE-2020-8023

The container suse/sles12sp3 was updated. The following patches have been included in this update:

Advisory ID: SUSE-SU-2020:1842-1
Released:    Fri Jul  3 22:40:42 2020
Summary:     Security update for systemd
Type:        security
Severity:    moderate
References:  1084671,1154256,1157315,1161262,1161436,1162698,1164538,1165633,1167622,1171145,CVE-2019-20386
This update for systemd fixes the following issues:

- CVE-2019-20386: Fixed a memory leak when executing the udevadm trigger command (bsc#1161436).
- Renamed the persistent link for ATA devices (bsc#1164538)
- shared/install: try harder to find enablement symlinks when disabling a unit (bsc#1157315)
- tmpfiles: removed unnecessary assert (bsc#1171145)
- pid1: by default make user units inherit their umask from the user manager (bsc#1162698)
- manager: fixed job mode when signalled to shutdown etc (bsc#1161262)
- coredump: fixed bug that loses core dump files when core dumps are compressed and disk space is low. (bsc#1167622)
- udev: inform systemd how many workers we can potentially spawn (#4036) (bsc#1165633)
- libblkid: open device in nonblock mode. (bsc#1084671)
- udev/cdrom_id: Do not open CD-rom in exclusive mode. (bsc#1154256)

Advisory ID: SUSE-SU-2020:1859-1
Released:    Mon Jul  6 17:08:28 2020
Summary:     Security update for openldap2
Type:        security
Severity:    important
References:  1170715,1172698,1172704,CVE-2020-8023
This update for openldap2 fixes the following issues:

- CVE-2020-8023: Fixed a potential local privilege escalation from ldap to root when OPENLDAP_CONFIG_BACKEND='ldap' was used (bsc#1172698).	  
- Changed DB_CONFIG to root:ldap permissions (bsc#1172704).	 
- Fixed an issue where slapd becomes unresponsive after many failed login/bind attempts(bsc#1170715).

More information about the sle-security-updates mailing list