SUSE-CU-2023:2623-1: Security update of trento/trento-web
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Sat Aug 12 07:20:13 UTC 2023
SUSE Container Update Advisory: trento/trento-web
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2023:2623-1
Container Tags : trento/trento-web:2.1.0 , trento/trento-web:2.1.0-build4.24.1 , trento/trento-web:latest
Container Release : 4.24.1
Severity : important
Type : security
References : 1206513 1208721 1209229 1210434 1210593 1210999 1211795 1211828
1212260 CVE-2023-29491 CVE-2023-2953 CVE-2023-31484
-----------------------------------------------------------------
The container trento/trento-web was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2111-1
Released: Fri May 5 14:34:00 2023
Summary: Security update for ncurses
Type: security
Severity: moderate
References: 1210434,CVE-2023-29491
This update for ncurses fixes the following issues:
- CVE-2023-29491: Fixed memory corruption issues when processing malformed terminfo data (bsc#1210434).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2133-1
Released: Tue May 9 13:37:10 2023
Summary: Recommended update for zlib
Type: recommended
Severity: moderate
References: 1206513
This update for zlib fixes the following issues:
- Add DFLTCC support for using inflate() with a small window (bsc#1206513)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2333-1
Released: Wed May 31 09:01:28 2023
Summary: Recommended update for zlib
Type: recommended
Severity: moderate
References: 1210593
This update for zlib fixes the following issue:
- Fix function calling order to avoid crashes (bsc#1210593)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2484-1
Released: Mon Jun 12 08:49:58 2023
Summary: Security update for openldap2
Type: security
Severity: moderate
References: 1211795,CVE-2023-2953
This update for openldap2 fixes the following issues:
- CVE-2023-2953: Fixed null pointer deref in ber_memalloc_x (bsc#1211795).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2625-1
Released: Fri Jun 23 17:16:11 2023
Summary: Recommended update for gcc12
Type: recommended
Severity: moderate
References:
This update for gcc12 fixes the following issues:
- Update to GCC 12.3 release, 0c61aa720e62f1baf0bfd178e283, git1204
* includes regression and other bug fixes
- Speed up builds with --enable-link-serialization.
- Update embedded newlib to version 4.2.0
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2855-1
Released: Mon Jul 17 16:35:21 2023
Summary: Recommended update for openldap2
Type: recommended
Severity: moderate
References: 1212260
This update for openldap2 fixes the following issues:
- libldap2 crashes on ldap_sasl_bind_s (bsc#1212260)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2882-1
Released: Wed Jul 19 11:49:39 2023
Summary: Security update for perl
Type: security
Severity: important
References: 1210999,CVE-2023-31484
This update for perl fixes the following issues:
- CVE-2023-31484: Enable TLS cert verification in CPAN (bsc#1210999).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2885-1
Released: Wed Jul 19 16:58:43 2023
Summary: Recommended update for glibc
Type: recommended
Severity: moderate
References: 1208721,1209229,1211828
This update for glibc fixes the following issues:
- getlogin_r: fix missing fallback if loginuid is unset (bsc#1209229, BZ #30235)
- Exclude static archives from preparation for live patching (bsc#1208721)
- resolv_conf: release lock on allocation failure (bsc#1211828, BZ #30527)
The following package changes have been done:
- libldap-data-2.4.46-150200.14.17.1 updated
- glibc-2.31-150300.52.2 updated
- perl-base-5.26.1-150300.17.14.1 updated
- libuuid1-2.37.2-150400.8.17.1 updated
- libudev1-249.16-150400.8.28.3 updated
- libsmartcols1-2.37.2-150400.8.17.1 updated
- libcap2-2.63-150400.3.3.1 updated
- libblkid1-2.37.2-150400.8.17.1 updated
- libaudit1-3.0.6-150400.4.10.1 updated
- libfdisk1-2.37.2-150400.8.17.1 updated
- libz1-1.2.11-150000.3.45.1 updated
- libgcc_s1-12.3.0+git1204-150000.1.10.1 updated
- libstdc++6-12.3.0+git1204-150000.1.10.1 updated
- libncurses6-6.1-150000.5.15.1 updated
- terminfo-base-6.1-150000.5.15.1 updated
- ncurses-utils-6.1-150000.5.15.1 updated
- libxml2-2-2.9.14-150400.5.19.1 updated
- libsystemd0-249.16-150400.8.28.3 updated
- libopenssl1_1-1.1.1l-150400.7.48.1 updated
- libopenssl1_1-hmac-1.1.1l-150400.7.48.1 updated
- libldap-2_4-2-2.4.46-150200.14.17.1 updated
- libmount1-2.37.2-150400.8.17.1 updated
- libcurl4-8.0.1-150400.5.26.1 updated
- util-linux-2.37.2-150400.8.17.1 updated
- container:bci-nodejs-16-15.0.0-27.14.85 updated
- container:sles15-image-15.0.0-27.14.85 updated
More information about the sle-security-updates
mailing list