SUSE-CU-2020:68-1: Security update of suse/sles12sp3

[sle-security-updates at lists.suse.com]

SUSE Container Update Advisory: suse/sles12sp3
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2020:68-1
Container Tags        : suse/sles12sp3:2.0.2 , suse/sles12sp3:24.115 , suse/sles12sp3:latest
Container Release     : 24.115
Severity              : moderate
Type                  : security
References            : 1123886 1160594 1160764 1161779 1163922 CVE-2020-8013 
-----------------------------------------------------------------

The container suse/sles12sp3 was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:545-1
Released:    Fri Feb 28 15:50:46 2020
Summary:     Security update for permissions
Type:        security
Severity:    moderate
References:  1123886,1160594,1160764,1161779,1163922,CVE-2020-8013
Description:

This update for permissions fixes the following issues:

Security issues fixed:

- CVE-2020-8013: Fixed an issue where chkstat set unintended setuid/capabilities for mrsh and wodim (bsc#1163922).

Non-security issues fixed:

- Fixed a regression where chkstat broke when /proc was not available (bsc#1160764, bsc#1160594).
- Fixed capability handling when doing multiple permission changes at once (bsc#1161779).