SUSE-CU-2020:30-1: Security update of suse/sle15
sle-updates at lists.suse.com
sle-updates at lists.suse.com
Fri Jan 31 00:14:15 MST 2020
SUSE Container Update Advisory: suse/sle15
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2020:30-1
Container Tags : suse/sle15:15.0 , suse/sle15:15.0.4.22.140
Container Release : 4.22.140
Severity : moderate
Type : security
References : 1149332 1151582 1157292 1157794 1157893 1158996 1160571 1160970
CVE-2019-19126 CVE-2019-5188
-----------------------------------------------------------------
The container suse/sle15 was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:256-1
Released: Wed Jan 29 09:39:17 2020
Summary: Recommended update for aaa_base
Type: recommended
Severity: moderate
References: 1157794,1160970
Description:
This update for aaa_base fixes the following issues:
- Improves the way how the Java path is created to fix an issue with sapjvm. (bsc#1157794)
- Drop 'dev.cdrom.autoclose' = 0 from sysctl config. (bsc#1160970)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:262-1
Released: Thu Jan 30 11:02:42 2020
Summary: Security update for glibc
Type: security
Severity: moderate
References: 1149332,1151582,1157292,1157893,1158996,CVE-2019-19126
Description:
This update for glibc fixes the following issues:
Security issue fixed:
- CVE-2019-19126: Fixed to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition (bsc#1157292).
Bug fixes:
- Fixed z15 (s390x) strstr implementation that can return incorrect results if search string cross page boundary (bsc#1157893).
- Fixed Hardware support in toolchain (bsc#1151582).
- Fixed syscalls during early process initialization (SLE-8348).
- Fixed an array overflow in backtrace for PowerPC (bsc#1158996).
- Moved to posix_spawn on popen (bsc#1149332).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:265-1
Released: Thu Jan 30 14:05:34 2020
Summary: Security update for e2fsprogs
Type: security
Severity: moderate
References: 1160571,CVE-2019-5188
Description:
This update for e2fsprogs fixes the following issues:
- CVE-2019-5188: Fixed a code execution vulnerability in the directory rehashing functionality (bsc#1160571).
More information about the sle-updates
mailing list