SUSE-CU-2020:443-1: Security update of suse/sle15
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Thu Sep 10 00:53:28 MDT 2020
SUSE Container Update Advisory: suse/sle15
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2020:443-1
Container Tags : suse/sle15:15.2 , suse/sle15:15.2.8.2.743
Container Release : 8.2.743
Severity : moderate
Type : security
References : 1174154 1175109 CVE-2020-15719 CVE-2020-8231
-----------------------------------------------------------------
The container suse/sle15 was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:2445-1
Released: Wed Sep 2 09:33:02 2020
Summary: Security update for curl
Type: security
Severity: moderate
References: 1175109,CVE-2020-8231
This update for curl fixes the following issues:
- An application that performs multiple requests with libcurl's
multi API and sets the 'CURLOPT_CONNECT_ONLY' option, might in
rare circumstances experience that when subsequently using the
setup connect-only transfer, libcurl will pick and use the wrong
connection and instead pick another one the application has
created since then. [bsc#1175109, CVE-2020-8231]
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:2581-1
Released: Wed Sep 9 13:07:07 2020
Summary: Security update for openldap2
Type: security
Severity: moderate
References: 1174154,CVE-2020-15719
This update for openldap2 fixes the following issues:
- bsc#1174154 - CVE-2020-15719 - This resolves an issue with x509
SAN's falling back to CN validation in violation of rfc6125.
More information about the sle-security-updates
mailing list