SUSE-CU-2021:199-1: Security update of suse/sles12sp5
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Thu May 27 06:19:22 UTC 2021
SUSE Container Update Advisory: suse/sles12sp5
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2021:199-1
Container Tags : suse/sles12sp5:6.5.182 , suse/sles12sp5:latest
Container Release : 6.5.182
Severity : moderate
Type : security
References : 1186114 CVE-2021-22898
-----------------------------------------------------------------
The container suse/sles12sp5 was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1763-1
Released: Wed May 26 12:31:57 2021
Summary: Security update for curl
Type: security
Severity: moderate
References: 1186114,CVE-2021-22898
This update for curl fixes the following issues:
- CVE-2021-22898: Fixed curl TELNET stack contents disclosure (bsc#1186114).
- Allow partial chain verification [jsc#SLE-17956]
* Have intermediate certificates in the trust store be treated
as trust-anchors, in the same way as self-signed root CA
certificates are. This allows users to verify servers using
the intermediate cert only, instead of needing the whole chain.
* Set FLAG_TRUSTED_FIRST unconditionally.
* Do not check partial chains with CRL check.
More information about the sle-security-updates
mailing list