SUSE-RU-2019:1820-1: moderate: Recommended update for velum
sle-updates at lists.suse.com
sle-updates at lists.suse.com
Thu Jul 11 07:10:53 MDT 2019
SUSE Recommended Update: Recommended update for velum
______________________________________________________________________________
Announcement ID: SUSE-RU-2019:1820-1
Rating: moderate
References: #1121348 #1121349
Affected Products:
SUSE CaaS Platform 3.0
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update fixes the following issues:
* Updated 'rack' rubygem to address (CVE-2018-16471, bsc#1121349)
* Updated the following rubygem packages to address CVE-2018-16476:
rubygem-rails-4_2, rubygem-activejob-4_2, rubygem-activesupport-4_2,
rubygem-actionview-4_2, rubygem-actionmailer-4_2,
rubygem-actionpack-4_2, rubygem-activemodel-4_2, rubygem-railties-4_2,
rubygem-activerecord-4_2 (CVE-2018-16476, bsc#1121348)
Patch Instructions:
To install this SUSE Recommended Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE CaaS Platform 3.0:
To install this update, use the SUSE CaaS Platform Velum dashboard.
It will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- SUSE CaaS Platform 3.0 (x86_64):
sles12-velum-image-3.1.14-3.50.3
References:
https://www.suse.com/security/cve/CVE-2018-16471.html
https://www.suse.com/security/cve/CVE-2018-16476.html
https://bugzilla.suse.com/1121348
https://bugzilla.suse.com/1121349
More information about the sle-updates
mailing list