SUSE-CU-2022:2457-1: Security update of bci/golang
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Wed Oct 5 07:36:44 UTC 2022
SUSE Container Update Advisory: bci/golang
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2022:2457-1
Container Tags : bci/golang:1.19 , bci/golang:1.19-2.46 , bci/golang:latest
Container Release : 2.46
Severity : important
Type : security
References : 1201942 1203438 CVE-2022-40674
-----------------------------------------------------------------
The container bci/golang was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3452-1
Released: Wed Sep 28 12:13:43 2022
Summary: Recommended update for glibc
Type: recommended
Severity: moderate
References: 1201942
This update for glibc fixes the following issues:
- Reversing calculation of __x86_shared_non_temporal_threshold (bsc#1201942)
- powerpc: Optimized memcmp for power10 (jsc#PED-987)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3489-1
Released: Sat Oct 1 13:35:24 2022
Summary: Security update for expat
Type: security
Severity: important
References: 1203438,CVE-2022-40674
This update for expat fixes the following issues:
- CVE-2022-40674: Fixed use-after-free in the doContent function in xmlparse.c (bsc#1203438).
The following package changes have been done:
- libexpat1-2.4.4-150400.3.9.1 updated
- glibc-devel-2.31-150300.41.1 updated
- container:sles15-image-15.0.0-27.11.28 updated
- aaa_base-84.87+git20180409.04c9dae-3.57.1 removed
- bash-4.4-150400.25.22 removed
- bash-sh-4.4-150400.25.22 removed
- coreutils-8.32-150400.7.5 removed
- cpio-2.13-150400.1.98 removed
- cracklib-2.9.7-11.6.1 removed
- cracklib-dict-small-2.9.7-11.6.1 removed
- diffutils-3.6-4.3.1 removed
- file-magic-5.32-7.14.1 removed
- filesystem-15.0-11.8.1 removed
- fillup-1.42-2.18 removed
- findutils-4.8.0-1.20 removed
- glibc-2.31-150300.37.1 removed
- grep-3.1-150000.4.6.1 removed
- info-6.5-4.17 removed
- krb5-1.19.2-150400.1.9 removed
- libacl1-2.2.52-4.3.1 removed
- libattr1-2.4.47-2.19 removed
- libaudit1-3.0.6-150400.2.13 removed
- libblkid1-2.37.2-150400.8.3.1 removed
- libbrotlicommon1-1.0.7-3.3.1 removed
- libbrotlidec1-1.0.7-3.3.1 removed
- libbz2-1-1.0.8-150400.1.122 removed
- libcap-ng0-0.7.9-4.37 removed
- libcap2-2.63-150400.1.7 removed
- libcom_err2-1.46.4-150400.3.3.1 removed
- libcrack2-2.9.7-11.6.1 removed
- libcrypt1-4.4.15-150300.4.4.3 removed
- libcurl4-7.79.1-150400.5.6.1 removed
- libdw1-0.185-150400.5.3.1 removed
- libeconf0-0.4.4+git20220104.962774f-150400.1.38 removed
- libelf1-0.185-150400.5.3.1 removed
- libfdisk1-2.37.2-150400.8.3.1 removed
- libgcc_s1-11.3.0+git1637-150000.1.11.2 removed
- libgcrypt20-1.9.4-150400.4.6 removed
- libgcrypt20-hmac-1.9.4-150400.4.6 removed
- libgmp10-6.1.2-4.9.1 removed
- libgpg-error0-1.42-150400.1.101 removed
- libidn2-0-2.2.0-3.6.1 removed
- libkeyutils1-1.6.3-5.6.1 removed
- libldap-2_4-2-2.4.46-150200.14.11.2 removed
- libldap-data-2.4.46-150200.14.11.2 removed
- liblua5_3-5-5.3.6-3.6.1 removed
- liblz4-1-1.9.3-150400.1.7 removed
- liblzma5-5.2.3-150000.4.7.1 removed
- libmagic1-5.32-7.14.1 removed
- libmount1-2.37.2-150400.8.3.1 removed
- libncurses6-6.1-150000.5.12.1 removed
- libnghttp2-14-1.40.0-6.1 removed
- libnsl2-1.2.0-2.44 removed
- libopenssl1_1-1.1.1l-150400.7.7.1 removed
- libopenssl1_1-hmac-1.1.1l-150400.7.7.1 removed
- libpcre1-8.45-150000.20.13.1 removed
- libpopt0-1.16-3.22 removed
- libpsl5-0.20.1-150000.3.3.1 removed
- libreadline7-7.0-150400.25.22 removed
- libsasl2-3-2.1.27-150300.4.6.1 removed
- libselinux1-3.1-150400.1.69 removed
- libsemanage1-3.1-150400.1.65 removed
- libsepol1-3.1-150400.1.70 removed
- libsmartcols1-2.37.2-150400.8.3.1 removed
- libssh-config-0.9.6-150400.1.5 removed
- libssh4-0.9.6-150400.1.5 removed
- libstdc++6-11.3.0+git1637-150000.1.11.2 removed
- libsystemd0-249.12-150400.8.10.1 removed
- libtirpc-netconfig-1.2.6-150300.3.14.1 removed
- libtirpc3-1.2.6-150300.3.14.1 removed
- libudev1-249.12-150400.8.10.1 removed
- libunistring2-0.9.10-1.1 removed
- libutempter0-1.1.6-3.42 removed
- libuuid1-2.37.2-150400.8.3.1 removed
- libverto1-0.2.6-3.20 removed
- libxml2-2-2.9.14-150400.5.7.1 removed
- libz1-1.2.11-150000.3.33.1 removed
- libzio1-1.06-2.20 removed
- libzstd1-1.5.0-150400.1.71 removed
- login_defs-4.8.1-150400.8.57 removed
- ncurses-utils-6.1-150000.5.12.1 removed
- pam-1.3.0-150000.6.58.3 removed
- patterns-base-fips-20200124-150400.18.4 removed
- perl-base-5.26.1-150300.17.11.1 removed
- permissions-20201225-150400.5.11.1 removed
- rpm-config-SUSE-1-150400.14.3.1 removed
- rpm-ndb-4.14.3-150300.49.1 removed
- sed-4.4-11.6 removed
- shadow-4.8.1-150400.8.57 removed
- sles-release-15.4-150400.55.1 removed
- system-group-hardware-20170617-150400.22.33 removed
- system-user-root-20190513-3.3.1 removed
- sysuser-shadow-3.1-150400.1.35 removed
- terminfo-base-6.1-150000.5.12.1 removed
- timezone-2022a-150000.75.10.1 removed
- util-linux-2.37.2-150400.8.3.1 removed
More information about the sle-security-updates
mailing list