SUSE-CU-2023:4287-1: Security update of suse/sle15

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Sun Dec 24 08:08:01 UTC 2023


SUSE Container Update Advisory: suse/sle15
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2023:4287-1
Container Tags        : suse/sle15:15.1 , suse/sle15:15.1.6.2.857
Container Release     : 6.2.857
Severity              : moderate
Type                  : security
References            : 1201384 1208143 1217277 1218014 CVE-2023-0361 CVE-2023-50495
                        CVE-2023-5981 
-----------------------------------------------------------------

The container suse/sle15 was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:4891-1
Released:    Mon Dec 18 16:31:49 2023
Summary:     Security update for ncurses
Type:        security
Severity:    moderate
References:  1201384,1218014,CVE-2023-50495
This update for ncurses fixes the following issues:

- CVE-2023-50495: Fixed a segmentation fault via _nc_wrap_entry() (bsc#1218014)
- Modify reset command to avoid altering clocal if the terminal uses a modem (bsc#1201384)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:4952-1
Released:    Thu Dec 21 15:08:30 2023
Summary:     Security update for gnutls
Type:        security
Severity:    moderate
References:  1208143,1217277,CVE-2023-0361,CVE-2023-5981
This update for gnutls fixes the following issues:

- CVE-2023-0361: Fixed a Bleichenbacher oracle in the TLS RSA key exchange (bsc#1208143).
- CVE-2023-5981: Fixed timing side-channel inside RSA-PSK key exchange (bsc#1217277).


The following package changes have been done:

- libgnutls30-3.6.7-150000.6.50.1 updated
- libncurses6-6.1-150000.5.20.1 updated
- ncurses-utils-6.1-150000.5.20.1 updated
- terminfo-base-6.1-150000.5.20.1 updated


More information about the sle-security-updates mailing list