SUSE-CU-2020:158-1: Security update of suse/sle15

[sle-security-updates at lists.suse.com]

SUSE Container Update Advisory: suse/sle15
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2020:158-1
Container Tags        : suse/sle15:15.0 , suse/sle15:15.0.4.22.191
Container Release     : 4.22.191
Severity              : important
Type                  : security
References            : 1160594 1160764 1161779 1163922 CVE-2019-3688 CVE-2019-3690 CVE-2020-8013
-----------------------------------------------------------------

The container suse/sle15 was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:1163-1
Released:    Mon May  4 09:45:01 2020
Summary:     Security update for permissions
Type:        security
Severity:    important
References:  1160594,1160764,1161779,1163922,CVE-2019-3688,CVE-2019-3690,CVE-2020-8013
This update for permissions fixes the following issues:

Security issue fixed:

- CVE-2020-8013: Fixed a local privilege escalation with mrsh and wodim (bsc#1163922).

Non-security issues fixed:

- Fixed regression where chkstat breaks without /proc available (bsc#1160764, bsc#1160594)
- Fixed capability handling when doing multiple permission changes at once (bsc#1161779)
- Fixed handling of relative directory symlinks in chkstat