SUSE-CU-2020:177-1: Security update of suse/sle15
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Fri May 22 12:42:44 MDT 2020
SUSE Container Update Advisory: suse/sle15
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2020:177-1
Container Tags : suse/sle15:15.0 , suse/sle15:15.0.4.22.206
Container Release : 4.22.206
Severity : important
Type : security
References : 1154661 1155271 1159314 1159928 1161517 1161521 1169512 1171173
1171422 1171872 CVE-2019-18218 CVE-2019-19956 CVE-2019-20388
CVE-2020-7595
-----------------------------------------------------------------
The container suse/sle15 was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1267-1
Released: Wed May 13 11:58:58 2020
Summary: Recommended update for permissions
Type: recommended
Severity: important
References: 1171173
This update for permissions fixes the following issue:
- Remove setuid bit for newgidmap and newuidmap in paranoid profile. (bsc#1171173)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1290-1
Released: Fri May 15 16:39:59 2020
Summary: Recommended update for gnutls
Type: recommended
Severity: moderate
References: 1171422
This update for gnutls fixes the following issues:
- Add RSA 4096 key generation support in FIPS mode (bsc#1171422)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:1294-1
Released: Mon May 18 07:38:36 2020
Summary: Security update for file
Type: security
Severity: moderate
References: 1154661,1169512,CVE-2019-18218
This update for file fixes the following issues:
Security issues fixed:
- CVE-2019-18218: Fixed a heap-based buffer overflow in cdf_read_property_info() (bsc#1154661).
Non-security issue fixed:
- Fixed broken '--help' output (bsc#1169512).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:1299-1
Released: Mon May 18 07:43:21 2020
Summary: Security update for libxml2
Type: security
Severity: moderate
References: 1159928,1161517,1161521,CVE-2019-19956,CVE-2019-20388,CVE-2020-7595
This update for libxml2 fixes the following issues:
- CVE-2019-20388: Fixed a memory leak in xmlSchemaPreRun (bsc#1161521).
- CVE-2019-19956: Fixed a memory leak (bsc#1159928).
- CVE-2020-7595: Fixed an infinite loop in an EOF situation (bsc#1161517).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1328-1
Released: Mon May 18 17:16:04 2020
Summary: Recommended update for grep
Type: recommended
Severity: moderate
References: 1155271
This update for grep fixes the following issues:
- Update testsuite expectations, no functional changes (bsc#1155271)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1349-1
Released: Wed May 20 11:39:00 2020
Summary: Recommended update for libsolv
Type: recommended
Severity: moderate
References: 1159314
This update for libsolv fixes the following issues:
libsolv was updated to version 0.7.11:
- fix solv_zchunk decoding error if large chunks are used (bsc#1159314)
- treat retracted pathes as irrelevant
- made add_update_target work with multiversion installs
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1362-1
Released: Thu May 21 09:31:43 2020
Summary: Recommended update for libgcrypt
Type: recommended
Severity: moderate
References: 1171872
This update for libgcrypt fixes the following issues:
- FIPS: RSA/DSA/ECC test_keys() print out debug messages only in debug mode (bsc#1171872)
More information about the sle-security-updates
mailing list