SUSE-CU-2021:559-1: Security update of suse/sle15

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Sun Dec 5 07:55:53 UTC 2021 

SUSE Container Update Advisory: suse/sle15
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2021:559-1
Container Tags        : suse/sle15:15.2 , suse/sle15:15.2.9.5.55
Container Release     : 9.5.55
Severity              : moderate
Type                  : security
References            : 1027496 1183085 1190356 1191286 1191324 1191370 1191609 1191736
                        1192337 1192436 CVE-2016-10228 
-----------------------------------------------------------------

The container suse/sle15 was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3830-1
Released:    Wed Dec  1 13:45:46 2021
Summary:     Security update for glibc
Type:        security
Severity:    moderate
References:  1027496,1183085,CVE-2016-10228

This update for glibc fixes the following issues:


- libio: do not attempt to free wide buffers of legacy streams (bsc#1183085) 
- CVE-2016-10228: Rewrite iconv option parsing to fix security issue (bsc#1027496)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3870-1
Released:    Thu Dec  2 07:11:50 2021
Summary:     Recommended update for libzypp, zypper
Type:        recommended
Severity:    moderate
References:  1190356,1191286,1191324,1191370,1191609,1192337,1192436
This update for libzypp, zypper fixes the following issues:

libzypp:

- Check log writer before accessing it (bsc#1192337)
- Zypper should keep cached files if transaction is aborted (bsc#1190356)
- Require a minimum number of mirrors for multicurl (bsc#1191609)
- Fixed slowdowns when rlimit is too high by using procfs to detect niumber of 
  open file descriptors (bsc#1191324)
- Fixed zypper incomplete messages when using non English localization (bsc#1191370)
- RepoManager: Don't probe for plaindir repository if the URL schema is a plugin (bsc#1191286)
- Disable logger in the child process after fork (bsc#1192436)

zypper:

- Fixed Zypper removing a kernel explicitely pinned that uses uname -r output format as name (openSUSE/zypper#418)


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3872-1
Released:    Thu Dec  2 07:25:55 2021
Summary:     Recommended update for cracklib
Type:        recommended
Severity:    moderate
References:  1191736
This update for cracklib fixes the following issues:

- Enable build time tests (bsc#1191736)


The following package changes have been done:

- cracklib-dict-small-2.9.7-11.6.1 updated
- cracklib-2.9.7-11.6.1 updated
- glibc-2.26-13.62.1 updated
- libcrack2-2.9.7-11.6.1 updated
- libzypp-17.28.8-20.1 updated
- zypper-1.14.50-21.1 updated

More information about the sle-security-updates mailing list