SUSE-CU-2022:1338-1: Security update of suse/manager/4.3/proxy-httpd

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Tue Jun 21 12:03:53 UTC 2022 

SUSE Container Update Advisory: suse/manager/4.3/proxy-httpd
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2022:1338-1
Container Tags        : suse/manager/4.3/proxy-httpd:4.3.0 , suse/manager/4.3/proxy-httpd:4.3.0.7.11 , suse/manager/4.3/proxy-httpd:latest
Container Release     : 7.11
Severity              : moderate
Type                  : security
References            : 1080985 1111572 1142041 1192951 1193659 1195283 1196861 1197065
                        1197716 1198106 1198751 CVE-2018-6952 CVE-2019-13636 
-----------------------------------------------------------------

The container suse/manager/4.3/proxy-httpd was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1851-1
Released:    Thu May 26 08:59:55 2022
Summary:     Recommended update for gcc8
Type:        recommended
Severity:    moderate
References:  1197716
This update for gcc8 fixes the following issues:

- Fix build against SP4. (bsc#1197716)
- Remove bogus fixed include bits/statx.h from glibc 2.30 (bsc#1197716)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1909-1
Released:    Wed Jun  1 16:25:35 2022
Summary:     Recommended update for glibc
Type:        recommended
Severity:    moderate
References:  1198751
This update for glibc fixes the following issues:

- Add the correct name for the IBM Z16 (bsc#1198751).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1925-1
Released:    Thu Jun  2 14:35:20 2022
Summary:     Security update for patch
Type:        security
Severity:    moderate
References:  1080985,1111572,1142041,1198106,CVE-2018-6952,CVE-2019-13636
This update for patch fixes the following issues:

Security issues fixed:

- CVE-2019-13636: Fixed follow symlinks unless --follow-symlinks is given. This increases the security against malicious patches (bsc#1142041).
- CVE-2018-6952: Fixed swapping fakelines in pch_swap. This bug was causing a double free leading to a crash (bsc#1080985).

Bugfixes:

- Abort when cleaning up fails. This bug could cause an infinite loop when a patch wouldn't apply, leading to a segmentation fault (bsc#1111572).
- Pass the correct stat to backup files. This bug would occasionally cause backup files to be missing when all hunks failed to apply (bsc#1198106).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2019-1
Released:    Wed Jun  8 16:50:07 2022
Summary:     Recommended update for gcc11
Type:        recommended
Severity:    moderate
References:  1192951,1193659,1195283,1196861,1197065
This update for gcc11 fixes the following issues:

Update to the GCC 11.3.0 release.

* includes SLS hardening backport on x86_64.  [bsc#1195283]
* includes change to adjust gnats idea of the target, fixing the build of gprbuild.  [bsc#1196861]
* fixed miscompile of embedded premake in 0ad on i586.  [bsc#1197065]
* use --with-cpu rather than specifying --with-arch/--with-tune 
* Fix D memory corruption in -M output.
* Fix ICE in is_this_parameter with coroutines.  [bsc#1193659]
* fixes issue with debug dumping together with -o /dev/null
* fixes libgccjit issue showing up in emacs build  [bsc#1192951]
* Package mwaitintrin.h


The following package changes have been done:

- spacewalk-proxy-html-4.3.3-150400.1.11 updated
- glibc-locale-base-2.31-150300.26.5 updated
- libatomic1-11.3.0+git1637-150000.1.9.1 updated
- libgomp1-11.3.0+git1637-150000.1.9.1 updated
- libitm1-11.3.0+git1637-150000.1.9.1 updated
- liblsan0-11.3.0+git1637-150000.1.9.1 updated
- libmpx2-8.2.1+r264010-150000.1.6.4 updated
- libmpxwrappers2-8.2.1+r264010-150000.1.6.4 updated
- libtsan0-11.3.0+git1637-150000.1.9.1 updated
- patch-2.7.6-150000.5.3.1 updated
- glibc-locale-2.31-150300.26.5 updated
- uyuni-base-common-4.3.2-150400.1.21 updated
- python3-uyuni-common-libs-4.3.4-150400.1.16 updated
- glibc-devel-2.31-150300.26.5 updated
- spacewalk-base-minimal-4.3.20-150400.1.2 updated
- spacewalk-ssl-cert-check-4.3.2-150400.1.29 updated
- spacewalk-base-minimal-config-4.3.20-150400.1.2 updated
- python3-rhnlib-4.3.4-150400.1.15 updated
- spacewalk-backend-4.3.13-150400.1.4 updated
- python3-spacewalk-client-tools-4.3.9-150400.1.58 updated
- spacewalk-client-tools-4.3.9-150400.1.58 updated
- python3-spacewalk-certs-tools-4.3.13-150400.1.1 updated
- spacewalk-certs-tools-4.3.13-150400.1.1 updated
- mgr-push-4.3.4-150400.1.36 updated
- python3-mgr-push-4.3.4-150400.1.36 updated
- spacewalk-proxy-package-manager-4.3.10-150400.1.3 updated
- spacewalk-proxy-common-4.3.10-150400.1.3 updated
- spacewalk-proxy-broker-4.3.10-150400.1.3 updated
- susemanager-tftpsync-recv-4.3.6-150400.1.10 updated
- spacewalk-proxy-redirect-4.3.10-150400.1.3 updated

More information about the sle-security-updates mailing list