SUSE-CU-2021:58-1: Security update of suse/sle15
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Sat Feb 27 07:05:32 UTC 2021
SUSE Container Update Advisory: suse/sle15
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2021:58-1
Container Tags : suse/sle15:15.2 , suse/sle15:15.2.8.2.853
Container Release : 8.2.853
Severity : important
Type : security
References : 1178386 1179694 1179721 1180038 1181505 1182117 CVE-2019-25013
CVE-2020-27618 CVE-2020-29562 CVE-2020-29573 CVE-2021-3326
-----------------------------------------------------------------
The container suse/sle15 was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:653-1
Released: Fri Feb 26 19:53:43 2021
Summary: Security update for glibc
Type: security
Severity: important
References: 1178386,1179694,1179721,1180038,1181505,1182117,CVE-2019-25013,CVE-2020-27618,CVE-2020-29562,CVE-2020-29573,CVE-2021-3326
This update for glibc fixes the following issues:
- Fix buffer overrun in EUC-KR conversion module (CVE-2019-25013, bsc#1182117, BZ #24973)
- x86: Harden printf against non-normal long double values (CVE-2020-29573, bsc#1179721, BZ #26649)
- gconv: Fix assertion failure in ISO-2022-JP-3 module (CVE-2021-3326, bsc#1181505, BZ #27256)
- iconv: Accept redundant shift sequences in IBM1364 (CVE-2020-27618, bsc#1178386, BZ #26224)
- iconv: Fix incorrect UCS4 inner loop bounds (CVE-2020-29562, bsc#1179694, BZ #26923)
- Fix parsing of /sys/devices/system/cpu/online (bsc#1180038, BZ #25859)
More information about the sle-security-updates
mailing list