SUSE-CU-2021:437-1: Security update of bci/golang
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Thu Oct 21 09:07:38 UTC 2021
SUSE Container Update Advisory: bci/golang
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2021:437-1
Container Tags : bci/golang:1.16
Container Release : 4.7
Severity : moderate
Type : security
References : 1178236 1182345 1185016 1185524 1186910 1187270 1187512 1188344
1188921 1190052 1190645 1190739 1190793 1190915 1190933 1191468
CVE-2021-37600 CVE-2021-38297 CVE-2021-39537
-----------------------------------------------------------------
The container bci/golang was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3474-1
Released: Wed Oct 20 08:41:31 2021
Summary: Security update for util-linux
Type: security
Severity: moderate
References: 1178236,1188921,CVE-2021-37600
This update for util-linux fixes the following issues:
- CVE-2021-37600: Fixed an integer overflow which could lead to a buffer overflow in get_sem_elements() in sys-utils/ipcutils.c. (bsc#1188921)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3480-1
Released: Wed Oct 20 11:24:10 2021
Summary: Recommended update for yast2-network
Type: recommended
Severity: moderate
References: 1185016,1185524,1186910,1187270,1187512,1188344,1190645,1190739,1190915,1190933
This update for yast2-network fixes the following issues:
- Don't crash when the interfaces table contains a not configured one (bnc#1190645, bsc#1190915).
- Fix the shown description using the interface friendly name when it is empty (bsc#1190933).
- Consider aliases sections as case insensitive (bsc#1190739).
- Display user defined device name in the devices overview (bnc#1190645).
- Don't crash when defined aliases in AutoYaST profile are not defined as a map (bsc#1188344).
- Support 'boot' and 'on' as aliases for the 'auto' startmode (bsc#1186910).
- Fix desktop file so the control center tooltip is translated (bsc#1187270).
- Use the linuxrc proxy settings for the HTTPS and FTP proxies (bsc#1185016).
- Don't crash at the end of installation when storing wifi configuration for NetworkManager (bsc#1185524, bsc#1187512).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3487-1
Released: Wed Oct 20 16:18:28 2021
Summary: Security update for go1.16
Type: security
Severity: moderate
References: 1182345,1191468,CVE-2021-38297
This update for go1.16 fixes the following issues:
Update to go1.16.9
- CVE-2021-38297: misc/wasm, cmd/link: do not let command line args overwrite global data (bsc#1191468)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3490-1
Released: Wed Oct 20 16:31:55 2021
Summary: Security update for ncurses
Type: security
Severity: moderate
References: 1190793,CVE-2021-39537
This update for ncurses fixes the following issues:
- CVE-2021-39537: Fixed an heap-based buffer overflow in _nc_captoinfo. (bsc#1190793)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3494-1
Released: Wed Oct 20 16:48:46 2021
Summary: Recommended update for pam
Type: recommended
Severity: moderate
References: 1190052
This update for pam fixes the following issues:
- Added pam_faillock to the set of available PAM modules. (jsc#SLE-20638)
- Added new file macros.pam on request of systemd. (bsc#1190052)
More information about the sle-security-updates
mailing list