SUSE-CU-2022:2963-1: Security update of suse/sle-micro/5.1/toolbox
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Sat Nov 12 08:44:46 UTC 2022
SUSE Container Update Advisory: suse/sle-micro/5.1/toolbox
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2022:2963-1
Container Tags : suse/sle-micro/5.1/toolbox:11.1 , suse/sle-micro/5.1/toolbox:11.1-2.2.310 , suse/sle-micro/5.1/toolbox:latest
Container Release : 2.2.310
Severity : important
Type : security
References : 1196840 1199492 1199918 1199926 1199927 1204708 CVE-2022-43680
-----------------------------------------------------------------
The container suse/sle-micro/5.1/toolbox was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3905-1
Released: Tue Nov 8 12:23:17 2022
Summary: Recommended update for aaa_base
Type: recommended
Severity: important
References: 1196840,1199492,1199918,1199926,1199927
This update for aaa_base and iputils fixes the following issues:
aaa_base:
- Failures in ping for SUSE Linux Enterprise 15 and 15 SP1 due to sysctl setting for ping_group_range (bsc#1199926, bsc#1199927)
- The wrapper rootsh is not a restricted shell (bsc#1199492)
iputils:
- Fix device binding on ping6 for ICMP datagram socket. (bsc#1196840, bsc#1199918, bsc#1199926, bsc#1199927)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3912-1
Released: Tue Nov 8 13:38:11 2022
Summary: Security update for expat
Type: security
Severity: important
References: 1204708,CVE-2022-43680
This update for expat fixes the following issues:
- CVE-2022-43680: Fixed use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate (bsc#1204708).
The following package changes have been done:
- iputils-s20161105-150000.8.6.1 updated
- libexpat1-2.2.5-150000.3.25.1 updated
More information about the sle-security-updates
mailing list