SUSE-CU-2020:353-1: Security update of suse/sle15
sle-updates at lists.suse.com
sle-updates at lists.suse.com
Wed Jul 1 04:17:15 MDT 2020
SUSE Container Update Advisory: suse/sle15
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2020:353-1
Container Tags : suse/sle15:15.0 , suse/sle15:15.0.4.22.227
Container Release : 4.22.227
Severity : important
Type : security
References : 1157315 1162698 1164538 1169488 1171145 1172072 1173027 CVE-2020-8177
-----------------------------------------------------------------
The container suse/sle15 was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1760-1
Released: Thu Jun 25 18:46:13 2020
Summary: Recommended update for systemd
Type: recommended
Severity: moderate
References: 1157315,1162698,1164538,1169488,1171145,1172072
This update for systemd fixes the following issues:
- Merge branch 'SUSE/v234' into SLE15
units: starting suspend.target should not fail when suspend is successful (bsc#1172072)
core/mount: do not add Before=local-fs.target or remote-fs.target if nofail mount option is set
mount: let mount_add_extras() take care of remote-fs.target deps (bsc#1169488)
mount: set up local-fs.target/remote-fs.target deps in mount_add_default_dependencies() too
udev: rename the persistent link for ATA devices (bsc#1164538)
shared/install: try harder to find enablement symlinks when disabling a unit (bsc#1157315)
tmpfiles: remove unnecessary assert (bsc#1171145)
test-engine: manager_free() was called too early
pid1: by default make user units inherit their umask from the user manager (bsc#1162698)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:1773-1
Released: Fri Jun 26 08:05:59 2020
Summary: Security update for curl
Type: security
Severity: important
References: 1173027,CVE-2020-8177
This update for curl fixes the following issues:
- CVE-2020-8177: Fixed an issue where curl could have been tricked by a malicious
server to overwrite a local file when using the -J option (bsc#1173027).
More information about the sle-updates
mailing list