SUSE-CU-2020:440-1: Security update of suse/sles12sp5

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Thu Sep 10 00:32:15 MDT 2020 

SUSE Container Update Advisory: suse/sles12sp5
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2020:440-1
Container Tags        : suse/sles12sp5:6.5.58 , suse/sles12sp5:latest
Container Release     : 6.5.58
Severity              : moderate
Type                  : security
References            : 1169488 1173227 1174551 1174660 1174736 1175109 CVE-2020-8231
-----------------------------------------------------------------

The container suse/sles12sp5 was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:2444-1
Released:    Wed Sep  2 09:32:43 2020
Summary:     Security update for curl
Type:        security
Severity:    moderate
References:  1175109,CVE-2020-8231
This update for curl fixes the following issues:

- An application that performs multiple requests with libcurl's
  multi API and sets the 'CURLOPT_CONNECT_ONLY' option, might in
  rare circumstances experience that when subsequently using the
  setup connect-only transfer, libcurl will pick and use the wrong
  connection and instead pick another one the application has
  created since then. [bsc#1175109, CVE-2020-8231]

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2547-1
Released:    Fri Sep  4 18:17:13 2020
Summary:     Recommended update for zlib
Type:        recommended
Severity:    moderate
References:  1174551,1174736
This update for zlib provides the following fixes:

- Permit a deflateParams() parameter change as soon as possible. (bsc#1174736)
- Fix DFLTCC not flushing EOBS when creating raw streams. (bsc#1174551)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2555-1
Released:    Mon Sep  7 14:30:36 2020
Summary:     Recommended update for systemd
Type:        recommended
Severity:    moderate
References:  1169488,1173227
This update for systemd fixes the following issues:

- Fix inconsistent file modes for some ghost files. (bsc#1173227)
- Fix for an issue where nfs-server clone causes cluster node to hang on reboot. (bsc#1169488)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2587-1
Released:    Wed Sep  9 22:03:04 2020
Summary:     Recommended update for procps
Type:        recommended
Severity:    moderate
References:  1174660
This update for procps fixes the following issues:

- Add fix for procps and its libraries to avoid issues with the 'free' tool. (bsc#1174660)

More information about the sle-security-updates mailing list