SUSE-CU-2023:629-1: Security update of ses/7.1/ceph/ceph
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Mon Mar 13 12:48:58 UTC 2023
SUSE Container Update Advisory: ses/7.1/ceph/ceph
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2023:629-1
Container Tags : ses/7.1/ceph/ceph:16.2.9.536 , ses/7.1/ceph/ceph:16.2.9.536.3.2.417 , ses/7.1/ceph/ceph:latest , ses/7.1/ceph/ceph:sle15.3.pacific
Container Release : 3.2.417
Severity : important
Type : security
References : 1178168 1182066 1198331 1199282 1204585 1208574 CVE-2020-25659
CVE-2020-36242 CVE-2021-30560
-----------------------------------------------------------------
The container ses/7.1/ceph/ceph was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:604-1
Released: Thu Mar 2 15:51:55 2023
Summary: Security update for python-cryptography, python-cryptography-vectors
Type: security
Severity: important
References: 1178168,1182066,1198331,1199282,CVE-2020-25659,CVE-2020-36242
This update for python-cryptography, python-cryptography-vectors fixes the following issues:
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- CVE-2020-36242: Fixed a bug where certain sequences of update() calls could result in integer overflow (bsc#1182066).
- CVE-2020-25659: Fixed Bleichenbacher vulnerabilities (bsc#1178168).
- update to 3.3.2 (bsc#1198331)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:676-1
Released: Wed Mar 8 14:33:23 2023
Summary: Recommended update for libxml2
Type: recommended
Severity: moderate
References: 1204585
This update for libxml2 fixes the following issues:
- Add W3C conformance tests to the testsuite (bsc#1204585):
* Added file xmlts20080827.tar.gz
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:680-1
Released: Wed Mar 8 17:14:06 2023
Summary: Security update for libxslt
Type: security
Severity: important
References: 1208574,CVE-2021-30560
This update for libxslt fixes the following issues:
- CVE-2021-30560: Fixing a use after free vulnerability in Blink XSLT (bsc#1208574).
The following package changes have been done:
- libxml2-2-2.9.7-150000.3.54.1 updated
- libxslt1-1.1.32-150000.3.14.1 updated
- python3-cryptography-3.3.2-150200.16.1 updated
- container:sles15-image-15.0.0-17.20.111 updated
More information about the sle-security-updates
mailing list