SUSE-CU-2022:405-1: Security update of suse/postgres
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Sat Mar 26 17:14:01 UTC 2022
SUSE Container Update Advisory: suse/postgres
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2022:405-1
Container Tags : suse/postgres:12 , suse/postgres:12-7.51 , suse/postgres:12.9
Container Release : 7.51
Severity : important
Type : security
References : 1182959 1190447 1194265 1195149 1195654 1195792 1195856 1196036
1197004 CVE-2022-24407
-----------------------------------------------------------------
The container suse/postgres was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:692-1
Released: Thu Mar 3 15:46:47 2022
Summary: Recommended update for filesystem
Type: recommended
Severity: moderate
References: 1190447
This update for filesystem fixes the following issues:
- Release ported filesystem to LTSS channels (bsc#1190447).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:743-1
Released: Mon Mar 7 22:08:12 2022
Summary: Security update for cyrus-sasl
Type: security
Severity: important
References: 1194265,1196036,CVE-2022-24407
This update for cyrus-sasl fixes the following issues:
- CVE-2022-24407: Fixed SQL injection in sql_auxprop_store in plugins/sql.c (bsc#1196036).
The following non-security bugs were fixed:
- postfix: sasl authentication with password fails (bsc#1194265).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:787-1
Released: Thu Mar 10 11:20:13 2022
Summary: Recommended update for openldap2
Type: recommended
Severity: moderate
References:
This update for openldap2 fixes the following issue:
- restore CLDAP functionality in CLI tools (jsc#PM-3288)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:789-1
Released: Thu Mar 10 11:22:05 2022
Summary: Recommended update for update-alternatives
Type: recommended
Severity: moderate
References: 1195654
This update for update-alternatives fixes the following issues:
- Break bash - update-alternatives cycle rewrite of '%post' in 'lua'. (bsc#1195654)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:861-1
Released: Tue Mar 15 23:30:48 2022
Summary: Recommended update for openssl-1_1
Type: recommended
Severity: moderate
References: 1182959,1195149,1195792,1195856
This update for openssl-1_1 fixes the following issues:
openssl-1_1:
- Fix PAC pointer authentication in ARM (bsc#1195856)
- Pull libopenssl-1_1 when updating openssl-1_1 with the same version (bsc#1195792)
- FIPS: Fix function and reason error codes (bsc#1182959)
- Enable zlib compression support (bsc#1195149)
glibc:
- Resolve installation issue of `glibc-devel` in SUSE Linux Enterprise Micro 5.1
linux-glibc-devel:
- Resolve installation issue of `linux-kernel-headers` in SUSE Linux Enterprise Micro 5.1
libxcrypt:
- Resolve installation issue of `libxcrypt-devel` in SUSE Linux Enterprise Micro 5.1
zlib:
- Resolve installation issue of `zlib-devel` in SUSE Linux Enterprise Micro 5.1
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:874-1
Released: Wed Mar 16 10:40:52 2022
Summary: Recommended update for openldap2
Type: recommended
Severity: moderate
References: 1197004
This update for openldap2 fixes the following issue:
- Revert jsc#PM-3288 - CLDAP ( -DLDAP_CONNECTIONLESS ) due to regression (bsc#1197004)
The following package changes have been done:
- libldap-data-2.4.46-9.64.1 updated
- filesystem-15.0-11.5.1 updated
- glibc-2.31-150300.20.7 updated
- libsasl2-3-2.1.27-150300.4.6.1 updated
- libcrypt1-4.4.15-150300.4.2.41 updated
- libzstd1-1.5.0-150400.1.48 updated
- libuuid1-2.37.2-150400.6.2 updated
- libudev1-249.11-150400.1.4 updated
- libsmartcols1-2.37.2-150400.6.2 updated
- libsepol1-3.1-150400.1.44 updated
- libopenssl1_1-1.1.1l-150400.3.22 updated
- libopenssl1_1-hmac-1.1.1l-150400.3.22 updated
- libgpg-error0-1.42-150400.1.97 updated
- libeconf0-0.4.4+git20220104.962774f-150400.1.16 updated
- libcom_err2-1.46.4-150400.1.56 updated
- libcap2-2.63-150400.1.3 updated
- libbz2-1-1.0.8-150400.1.91 updated
- libblkid1-2.37.2-150400.6.2 updated
- libaudit1-3.0.6-150400.1.25 updated
- libgcrypt20-1.9.4-150400.2.21 updated
- libgcrypt20-hmac-1.9.4-150400.2.21 updated
- libfdisk1-2.37.2-150400.6.2 updated
- libz1-1.2.11-3.26.10 updated
- libldap-2_4-2-2.4.46-9.64.1 updated
- libelf1-0.185-150400.3.12 updated
- libselinux1-3.1-150400.1.43 updated
- libsystemd0-249.11-150400.1.4 updated
- libreadline7-7.0-150400.24.7 updated
- libdw1-0.185-150400.3.12 updated
- libsemanage1-3.1-150400.1.41 updated
- libmount1-2.37.2-150400.6.2 updated
- bash-sh-4.4-150400.24.7 added
- bash-4.4-150400.24.7 updated
- login_defs-4.8.1-150400.8.31 updated
- cpio-2.13-150400.1.73 updated
- coreutils-8.32-150400.7.2 updated
- sles-release-15.4-150400.45.1 updated
- rpm-config-SUSE-1-150400.12.14 updated
- permissions-20201225-150400.1.2 updated
- shadow-4.8.1-150400.8.31 updated
- sysuser-shadow-3.1-150400.1.8 updated
- system-group-hardware-20170617-150400.22.7 updated
- util-linux-2.37.2-150400.6.2 updated
- glibc-locale-base-2.31-150300.20.7 updated
- kbd-legacy-2.4.0-150400.3.1 updated
- libdbus-1-3-1.12.2-150400.16.32 updated
- libdevmapper1_03-1.02.163-150400.15.19 updated
- libexpat1-2.4.4-150400.1.19 updated
- libseccomp2-2.5.3-150400.2.1 updated
- update-alternatives-1.19.0.4-4.3.1 updated
- glibc-locale-2.31-150300.20.7 updated
- kbd-2.4.0-150400.3.1 updated
- libcryptsetup12-2.4.3-150400.1.33 updated
- libcryptsetup12-hmac-2.4.3-150400.1.33 updated
- postgresql-14-150400.2.52 updated
- dbus-1-1.12.2-150400.16.32 updated
- systemd-249.11-150400.1.4 updated
- postgresql-server-14-150400.2.52 updated
- container:sles15-image-15.0.0-25.2.18 updated
More information about the sle-security-updates
mailing list