SUSE-CU-2023:3358-1: Security update of bci/rust

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Tue Oct 10 12:25:22 UTC 2023 

SUSE Container Update Advisory: bci/rust
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2023:3358-1
Container Tags        : bci/rust:1.72 , bci/rust:1.72-1.4.7 , bci/rust:latest , bci/rust:stable , bci/rust:stable-1.4.7
Container Release     : 4.7
Severity              : important
Type                  : security
References            : 1215713 1215834 CVE-2023-35945 
-----------------------------------------------------------------

The container bci/rust was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:3993-1
Released:    Fri Oct  6 12:04:30 2023
Summary:     Recommended update for rust1.72
Type:        recommended
Severity:    moderate
References:  1215834
This update for rust1.72 fixes the following issues:

- use gcc12 instead of gcc11 (bsc#1215834)

Version 1.72.1 (2023-09-19)
===========================

- Adjust codegen change to improve LLVM codegen
- rustdoc: Fix self ty params in objects with lifetimes
- Fix regression in compile times
- Resolve some ICE regressions in the compiler.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:3997-1
Released:    Fri Oct  6 14:13:56 2023
Summary:     Security update for nghttp2
Type:        security
Severity:    important
References:  1215713,CVE-2023-35945
This update for nghttp2 fixes the following issues:

- CVE-2023-35945: Fixed memory leak when PUSH_PROMISE or HEADERS frame cannot be sent (bsc#1215713).


The following package changes have been done:

- libnghttp2-14-1.40.0-150200.9.1 updated
- libasan8-12.3.0+git1204-150000.1.16.1 added
- libtsan2-12.3.0+git1204-150000.1.16.1 added
- cpp12-12.3.0+git1204-150000.1.16.1 added
- gcc12-12.3.0+git1204-150000.1.16.1 added
- rust1.72-1.72.1-150400.9.6.1 updated
- cargo1.72-1.72.1-150400.9.6.1 updated
- cpp11-11.3.0+git1637-150000.1.11.2 removed
- gcc11-11.3.0+git1637-150000.1.11.2 removed
- libasan6-11.3.0+git1637-150000.1.11.2 removed
- libtsan0-11.3.0+git1637-150000.1.11.2 removed

More information about the sle-security-updates mailing list