SUSE-CU-2020:510-1: Security update of suse/sle15

Tue Oct 6 01:44:12 MDT 2020

SUSE Container Update Advisory: suse/sle15
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2020:510-1
Container Tags        : suse/sle15:15.0 , suse/sle15:15.0.4.22.276
Container Release     : 4.22.276
Severity              : moderate
Type                  : security
References            : 1161335 1165424 1170347 1173273 1173529 1174240 1174561 1174918
                        1175342 1175568 1175592 1175811 1175830 1175831 1176625 1176759
                        CVE-2020-8027 
-----------------------------------------------------------------

The container suse/sle15 was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2651-1
Released:    Wed Sep 16 14:42:55 2020
Summary:     Recommended update for zlib
Type:        recommended
Severity:    moderate
References:  1175811,1175830,1175831
This update for zlib fixes the following issues:

- Fix compression level switching (bsc#1175811, bsc#1175830, bsc#1175831)
- Enable hardware compression on s390/s390x (jsc#SLE-13776)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:2712-1
Released:    Tue Sep 22 17:08:03 2020
Summary:     Security update for openldap2
Type:        security
Severity:    moderate
References:  1175568,CVE-2020-8027
This update for openldap2 fixes the following issues:

- CVE-2020-8027: openldap_update_modules_path.sh starts daemons unconditionally and uses fixed paths in /tmp (bsc#1175568).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:2814-1
Released:    Thu Oct  1 09:55:30 2020
Summary:     Security update for permissions
Type:        security
Severity:    moderate
References:  1161335,1176625
This update for permissions fixes the following issues:

- whitelist WMP (bsc#1161335, bsc#1176625)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2817-1
Released:    Thu Oct  1 10:38:37 2020
Summary:     Recommended update for libzypp, zypper
Type:        recommended
Severity:    moderate
References:  1165424,1173273,1173529,1174240,1174561,1174918,1175342,1175592
This update for libzypp, zypper provides the following fixes:

Changes in libzypp:
- VendorAttr: Const-correct API and let Target provide its settings. (bsc#1174918)
- Support buildnr with commit hash in purge-kernels. This adds special behaviour for when
  a kernel version has the rebuild counter before the kernel commit hash. (bsc#1175342)
- Improve Italian translation of the 'breaking dependencies' message. (bsc#1173529)
- Make sure reading from lsof does not block forever. (bsc#1174240)
- Just collect details for the signatures found.

Changes in zypper:
- man: Enhance description of the global package cache. (bsc#1175592)
- man: Point out that plain rpm packages are not downloaded to the global package cache.
  (bsc#1173273)
- Directly list subcommands in 'zypper help'. (bsc#1165424)
- Remove extern C block wrapping augeas.h as it breaks the build on Arch Linux.
- Point out that plaindir repos do not follow symlinks. (bsc#1174561)
- Fix help command for list-patches.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2825-1
Released:    Fri Oct  2 08:44:28 2020
Summary:     Recommended update for suse-build-key
Type:        recommended
Severity:    moderate
References:  1170347,1176759
This update for suse-build-key fixes the following issues:

- The SUSE Notary Container key is different from the build signing
  key, include this key instead as suse-container-key. (PM-1845 bsc#1170347)

- The SUSE build key for SUSE Linux Enterprise 12 and 15 is extended by 4 more years. (bsc#1176759)