SUSE-CU-2021:67-1: Security update of suse/sle-micro/5.0/toolbox
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Thu Mar 11 07:05:47 UTC 2021
SUSE Container Update Advisory: suse/sle-micro/5.0/toolbox
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2021:67-1
Container Tags : suse/sle-micro/5.0/toolbox:10.1 , suse/sle-micro/5.0/toolbox:10.1-4.5 , suse/sle-micro/5.0/toolbox:latest
Container Release : 4.5
Severity : important
Type : security
References : 1173582 1176262 1177998 1178386 1179694 1179721 1179756 1180038
1180686 1181126 1181505 1182117 1182279 1182331 1182333 1182408
1182411 1182412 1182413 1182415 1182416 1182417 1182418 1182419
1182420 1182959 CVE-2019-20916 CVE-2019-25013 CVE-2020-27618
CVE-2020-29562 CVE-2020-29573 CVE-2020-36221 CVE-2020-36222 CVE-2020-36223
CVE-2020-36224 CVE-2020-36225 CVE-2020-36226 CVE-2020-36227 CVE-2020-36228
CVE-2020-36229 CVE-2020-36230 CVE-2021-23840 CVE-2021-23841 CVE-2021-27212
CVE-2021-3177 CVE-2021-3326
-----------------------------------------------------------------
The container suse/sle-micro/5.0/toolbox was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1989-1
Released: Tue Jul 21 17:58:58 2020
Summary: Recommended update to SLES-releases
Type: recommended
Severity: important
References: 1173582
This update of SLES-release provides the following fix:
- Obsolete Leap 15.2 as well to allow migration from Leap to SLE. (bsc#1173582)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3294-1
Released: Wed Nov 11 12:28:46 2020
Summary: Recommended update for SLES-release
Type: recommended
Severity: moderate
References: 1177998
This update for SLES-release fixes the following issue:
- Obsolete Leap 15.2.1 (jump) to allow migration from Jump/Leap 15.2.1 to SLE 15 SP2. (bsc#1177998)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:529-1
Released: Fri Feb 19 14:53:47 2021
Summary: Security update for python3
Type: security
Severity: moderate
References: 1176262,1179756,1180686,1181126,CVE-2019-20916,CVE-2021-3177
This update for python3 fixes the following issues:
- CVE-2021-3177: Fixed buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution (bsc#1181126).
- Provide the newest setuptools wheel (bsc#1176262, CVE-2019-20916) in their correct form (bsc#1180686).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:653-1
Released: Fri Feb 26 19:53:43 2021
Summary: Security update for glibc
Type: security
Severity: important
References: 1178386,1179694,1179721,1180038,1181505,1182117,CVE-2019-25013,CVE-2020-27618,CVE-2020-29562,CVE-2020-29573,CVE-2021-3326
This update for glibc fixes the following issues:
- Fix buffer overrun in EUC-KR conversion module (CVE-2019-25013, bsc#1182117, BZ #24973)
- x86: Harden printf against non-normal long double values (CVE-2020-29573, bsc#1179721, BZ #26649)
- gconv: Fix assertion failure in ISO-2022-JP-3 module (CVE-2021-3326, bsc#1181505, BZ #27256)
- iconv: Accept redundant shift sequences in IBM1364 (CVE-2020-27618, bsc#1178386, BZ #26224)
- iconv: Fix incorrect UCS4 inner loop bounds (CVE-2020-29562, bsc#1179694, BZ #26923)
- Fix parsing of /sys/devices/system/cpu/online (bsc#1180038, BZ #25859)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:723-1
Released: Mon Mar 8 16:45:27 2021
Summary: Security update for openldap2
Type: security
Severity: important
References: 1182279,1182408,1182411,1182412,1182413,1182415,1182416,1182417,1182418,1182419,1182420,CVE-2020-36221,CVE-2020-36222,CVE-2020-36223,CVE-2020-36224,CVE-2020-36225,CVE-2020-36226,CVE-2020-36227,CVE-2020-36228,CVE-2020-36229,CVE-2020-36230,CVE-2021-27212
This update for openldap2 fixes the following issues:
- bsc#1182408 CVE-2020-36230 - an assertion failure in slapd in the
X.509 DN parsing in decode.c ber_next_element, resulting in denial
of service.
- bsc#1182411 CVE-2020-36229 - ldap_X509dn2bv crash in the X.509 DN
parsing in ad_keystring, resulting in denial of service.
- bsc#1182412 CVE-2020-36228 - integer underflow leading to crash
in the Certificate List Exact Assertion processing, resulting in
denial of service.
- bsc#1182413 CVE-2020-36227 - infinite loop in slapd with the
cancel_extop Cancel operation, resulting in denial of service.
- bsc#1182416 CVE-2020-36225 - double free and slapd crash in the
saslAuthzTo processing, resulting in denial of service.
- bsc#1182417 CVE-2020-36224 - invalid pointer free and slapd crash
in the saslAuthzTo processing, resulting in denial of service.
- bsc#1182415 CVE-2020-36226 - memch->bv_len miscalculation and slapd
crash in the saslAuthzTo processing, resulting in denial of service.
- bsc#1182419 CVE-2020-36222 - assertion failure in slapd in the
saslAuthzTo validation, resulting in denial of service.
- bsc#1182420 CVE-2020-36221 - slapd crashes in the Certificate Exact
Assertion processing, resulting in denial of service (schema_init.c
serialNumberAndIssuerCheck).
- bsc#1182418 CVE-2020-36223 - slapd crash in the Values Return Filter
control handling, resulting in denial of service (double free and
out-of-bounds read).
- bsc#1182279 CVE-2021-27212 - an assertion failure in slapd can occur
in the issuerAndThisUpdateCheck function via a crafted packet,
resulting in a denial of service (daemon exit) via a short timestamp.
This is related to schema_init.c and checkTime.
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:754-1
Released: Tue Mar 9 17:10:49 2021
Summary: Security update for openssl-1_1
Type: security
Severity: moderate
References: 1182331,1182333,1182959,CVE-2021-23840,CVE-2021-23841
This update for openssl-1_1 fixes the following issues:
- CVE-2021-23840: Fixed an Integer overflow in CipherUpdate (bsc#1182333)
- CVE-2021-23841: Fixed a Null pointer dereference in X509_issuer_and_serial_hash() (bsc#1182331)
- Fixed unresolved error codes in FIPS (bsc#1182959).
More information about the sle-security-updates
mailing list