SUSE-CU-2022:1361-1: Security update of suse/sle15

Wed Jun 22 07:34:25 UTC 2022

SUSE Container Update Advisory: suse/sle15
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2022:1361-1
Container Tags        : bci/bci-base:15.4 , bci/bci-base:15.4.27.8.1 , suse/sle15:15.4 , suse/sle15:15.4.27.8.1
Container Release     : 27.8.1
Severity              : important
Type                  : security
References            : 1040589 1192951 1193659 1195283 1196861 1197065 1197771 1197794
                        1198176 1198446 1198504 1198751 1199240 CVE-2022-1304 CVE-2022-29155
-----------------------------------------------------------------

The container suse/sle15 was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1655-1
Released:    Fri May 13 15:36:10 2022
Summary:     Recommended update for pam
Type:        recommended
Severity:    moderate
References:  1197794
This update for pam fixes the following issue:

- Do not include obsolete header files (bsc#1197794)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1658-1
Released:    Fri May 13 15:40:20 2022
Summary:     Recommended update for libpsl
Type:        recommended
Severity:    important
References:  1197771
This update for libpsl fixes the following issues:

- Fix libpsl compilation issues (bsc#1197771)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1670-1
Released:    Mon May 16 10:06:30 2022
Summary:     Security update for openldap2
Type:        security
Severity:    important
References:  1199240,CVE-2022-29155
This update for openldap2 fixes the following issues:

- CVE-2022-29155: Fixed SQL injection in back-sql (bsc#1199240).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1718-1
Released:    Tue May 17 17:44:43 2022
Summary:     Security update for e2fsprogs
Type:        security
Severity:    important
References:  1198446,CVE-2022-1304
This update for e2fsprogs fixes the following issues:

- CVE-2022-1304: Fixed out-of-bounds read/write leading to segmentation fault
  and possibly arbitrary code execution. (bsc#1198446)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1843-1
Released:    Wed May 25 15:25:44 2022
Summary:     Recommended update for suse-build-key
Type:        recommended
Severity:    moderate
References:  1198504
This update for suse-build-key fixes the following issues:

- still ship the old ptf key in the documentation directory (bsc#1198504)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1887-1
Released:    Tue May 31 09:24:18 2022
Summary:     Recommended update for grep
Type:        recommended
Severity:    moderate
References:  1040589
This update for grep fixes the following issues:

- Make profiling deterministic. (bsc#1040589, SLE-24115)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1899-1
Released:    Wed Jun  1 10:43:22 2022
Summary:     Recommended update for libtirpc
Type:        recommended
Severity:    important
References:  1198176
This update for libtirpc fixes the following issues:

- Add a check for nullpointer in check_address to prevent client from crashing (bsc#1198176)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1909-1
Released:    Wed Jun  1 16:25:35 2022
Summary:     Recommended update for glibc
Type:        recommended
Severity:    moderate
References:  1198751
This update for glibc fixes the following issues:

- Add the correct name for the IBM Z16 (bsc#1198751).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2019-1
Released:    Wed Jun  8 16:50:07 2022
Summary:     Recommended update for gcc11
Type:        recommended
Severity:    moderate
References:  1192951,1193659,1195283,1196861,1197065
This update for gcc11 fixes the following issues:

Update to the GCC 11.3.0 release.

* includes SLS hardening backport on x86_64.  [bsc#1195283]
* includes change to adjust gnats idea of the target, fixing the build of gprbuild.  [bsc#1196861]
* fixed miscompile of embedded premake in 0ad on i586.  [bsc#1197065]
* use --with-cpu rather than specifying --with-arch/--with-tune 
* Fix D memory corruption in -M output.
* Fix ICE in is_this_parameter with coroutines.  [bsc#1193659]
* fixes issue with debug dumping together with -o /dev/null
* fixes libgccjit issue showing up in emacs build  [bsc#1192951]
* Package mwaitintrin.h

The following package changes have been done:

- glibc-2.31-150300.26.5 updated
- grep-3.1-150000.4.6.1 updated
- libcom_err2-1.46.4-150400.3.3.1 updated
- libcurl4-7.79.1-150400.3.1 updated
- libgcc_s1-11.3.0+git1637-150000.1.9.1 updated
- libldap-2_4-2-2.4.46-150200.14.8.1 updated
- libldap-data-2.4.46-150200.14.8.1 updated
- libpsl5-0.20.1-150000.3.3.1 updated
- libstdc++6-11.3.0+git1637-150000.1.9.1 updated
- libsystemd0-249.11-150400.6.8 updated
- libtirpc-netconfig-1.2.6-150300.3.6.1 updated
- libtirpc3-1.2.6-150300.3.6.1 updated
- libudev1-249.11-150400.6.8 updated
- pam-1.3.0-150000.6.58.3 updated
- skelcd-EULA-bci-2022.05.10-150400.2.1 added
- sles-release-15.4-150400.55.1 updated
- suse-build-key-12.0-150000.8.25.1 updated