SUSE-CU-2022:3135-1: Security update of suse/389-ds
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Fri Nov 25 08:31:53 UTC 2022
SUSE Container Update Advisory: suse/389-ds
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2022:3135-1
Container Tags : suse/389-ds:2.0 , suse/389-ds:2.0-17.55 , suse/389-ds:latest
Container Release : 17.55
Severity : moderate
Type : security
References : 1174414 1190651 CVE-2019-2708
-----------------------------------------------------------------
The container suse/389-ds was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4212-1
Released: Thu Nov 24 15:53:48 2022
Summary: Recommended update for openssl-1_1
Type: recommended
Severity: moderate
References: 1190651
This update for openssl-1_1 fixes the following issues:
- FIPS: Mark PBKDF2 with key shorter than 112 bits as non-approved (bsc#1190651)
- FIPS: Consider RSA siggen/sigver with PKCS1 padding also approved (bsc#1190651)
- FIPS: Return the correct indicator for a given EC group order bits (bsc#1190651)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4214-1
Released: Thu Nov 24 16:17:31 2022
Summary: Security update for libdb-4_8
Type: security
Severity: low
References: 1174414,CVE-2019-2708
This update for libdb-4_8 fixes the following issues:
- CVE-2019-2708: Fixed partial DoS due to data store execution (bsc#1174414).
The following package changes have been done:
- libopenssl1_1-1.1.1l-150400.7.16.1 updated
- libopenssl1_1-hmac-1.1.1l-150400.7.16.1 updated
- openssl-1_1-1.1.1l-150400.7.16.1 updated
- libdb-4_8-4.8.30-150000.7.6.1 updated
- db48-utils-4.8.30-150000.7.6.1 updated
- container:sles15-image-15.0.0-27.14.20 updated
More information about the sle-security-updates
mailing list