SUSE-CU-2022:3135-1: Security update of suse/389-ds

sle-security-updates at sle-security-updates at
Fri Nov 25 08:31:53 UTC 2022

SUSE Container Update Advisory: suse/389-ds
Container Advisory ID : SUSE-CU-2022:3135-1
Container Tags        : suse/389-ds:2.0 , suse/389-ds:2.0-17.55 , suse/389-ds:latest
Container Release     : 17.55
Severity              : moderate
Type                  : security
References            : 1174414 1190651 CVE-2019-2708 

The container suse/389-ds was updated. The following patches have been included in this update:

Advisory ID: SUSE-RU-2022:4212-1
Released:    Thu Nov 24 15:53:48 2022
Summary:     Recommended update for openssl-1_1
Type:        recommended
Severity:    moderate
References:  1190651
This update for openssl-1_1 fixes the following issues:

- FIPS: Mark PBKDF2 with key shorter than 112 bits as non-approved (bsc#1190651)
- FIPS: Consider RSA siggen/sigver with PKCS1 padding also approved (bsc#1190651)
- FIPS: Return the correct indicator for a given EC group order bits (bsc#1190651)

Advisory ID: SUSE-SU-2022:4214-1
Released:    Thu Nov 24 16:17:31 2022
Summary:     Security update for libdb-4_8
Type:        security
Severity:    low
References:  1174414,CVE-2019-2708
This update for libdb-4_8 fixes the following issues:

- CVE-2019-2708: Fixed partial DoS due to data store execution (bsc#1174414).

The following package changes have been done:

- libopenssl1_1-1.1.1l-150400.7.16.1 updated
- libopenssl1_1-hmac-1.1.1l-150400.7.16.1 updated
- openssl-1_1-1.1.1l-150400.7.16.1 updated
- libdb-4_8-4.8.30-150000.7.6.1 updated
- db48-utils-4.8.30-150000.7.6.1 updated
- container:sles15-image-15.0.0-27.14.20 updated

More information about the sle-security-updates mailing list