SUSE-CU-2021:288-1: Security update of suse/sles12sp5

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Wed Aug 25 09:52:42 UTC 2021 

SUSE Container Update Advisory: suse/sles12sp5
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2021:288-1
Container Tags        : suse/sles12sp5:6.5.218 , suse/sles12sp5:latest
Container Release     : 6.5.218
Severity              : critical
Type                  : security
References            : 1189206 1189465 1189465 1189465 CVE-2021-38185 CVE-2021-38185
                        CVE-2021-38185 
-----------------------------------------------------------------

The container suse/sles12sp5 was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2686-1
Released:    Sat Aug 14 03:58:36 2021
Summary:     Security update for cpio
Type:        security
Severity:    important
References:  1189206,CVE-2021-38185
This update for cpio fixes the following issues:

  It was possible to trigger Remote code execution due to a integer overflow (CVE-2021-38185, bsc#1189206)
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2767-1
Released:    Tue Aug 17 17:29:14 2021
Summary:     Recommended update for cpio
Type:        recommended
Severity:    critical
References:  1189465
This update for cpio fixes the following issues:

- A regression in last update would cause builds to hang on various architectures(bsc#1189465)

  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2779-1
Released:    Thu Aug 19 16:08:35 2021
Summary:     Recommended update for cpio
Type:        recommended
Severity:    critical
References:  1189465,CVE-2021-38185
This update for cpio fixes the following issues:

- A regression in the previous update could lead to crashes (bsc#1189465)
  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2808-1
Released:    Mon Aug 23 12:09:10 2021
Summary:     Security update for cpio
Type:        security
Severity:    important
References:  1189465,CVE-2021-38185
This update for cpio fixes the following issues:

- A patch previously applied to remedy CVE-2021-38185 introduced a regression
  that had the potential to cause a segmentation fault in cpio. [bsc#1189465]

More information about the sle-security-updates mailing list