SUSE-CU-2022:2423-1: Security update of bci/rust
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Fri Sep 30 08:06:30 UTC 2022
SUSE Container Update Advisory: bci/rust
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2022:2423-1
Container Tags : bci/rust:1.62 , bci/rust:1.62-2.39 , bci/rust:latest
Container Release : 2.39
Severity : moderate
Type : security
References : 1201942 1203431 1203433 CVE-2022-36113 CVE-2022-36114
-----------------------------------------------------------------
The container bci/rust was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3451-1
Released: Wed Sep 28 09:44:15 2022
Summary: Security update for rust1.62
Type: security
Severity: moderate
References: 1203431,1203433,CVE-2022-36113,CVE-2022-36114
This update for rust1.62 fixes the following issues:
- CVE-2022-36113: Fixed symlink hijack vulnerability (bsc#1203433).
- CVE-2022-36114: Fixed zip bomb vulnerability (bsc#1203431).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3452-1
Released: Wed Sep 28 12:13:43 2022
Summary: Recommended update for glibc
Type: recommended
Severity: moderate
References: 1201942
This update for glibc fixes the following issues:
- Reversing calculation of __x86_shared_non_temporal_threshold (bsc#1201942)
- powerpc: Optimized memcmp for power10 (jsc#PED-987)
The following package changes have been done:
- glibc-2.31-150300.41.1 updated
- glibc-devel-2.31-150300.41.1 updated
- rust1.62-1.62.1-150300.7.7.1 updated
- cargo1.62-1.62.1-150300.7.7.1 updated
- container:sles15-image-15.0.0-27.11.28 updated
More information about the sle-security-updates
mailing list