SUSE-CU-2020:507-1: Security update of suse/sles12sp3

sle-updates at lists.suse.com sle-updates at lists.suse.com
Tue Oct 6 01:14:05 MDT 2020 

SUSE Container Update Advisory: suse/sles12sp3
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2020:507-1
Container Tags        : suse/sles12sp3:2.0.2 , suse/sles12sp3:24.211 , suse/sles12sp3:latest
Container Release     : 24.211
Severity              : moderate
Type                  : security
References            : 1120629 1120630 1120631 1127155 1131823 1137977 1169488 1173227
                        CVE-2018-20532 CVE-2018-20533 CVE-2018-20534 
-----------------------------------------------------------------

The container suse/sles12sp3 was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:2660-1
Released:    Wed Sep 16 16:15:10 2020
Summary:     Security update for libsolv
Type:        security
Severity:    moderate
References:  1120629,1120630,1120631,1127155,1131823,1137977,CVE-2018-20532,CVE-2018-20533,CVE-2018-20534
This update for libsolv fixes the following issues:

This is a reissue of an existing libsolv update that also included libsolv-devel for LTSS products.

libsolv was updated to version 0.6.36 fixes the following issues:

Security issues fixed:

- CVE-2018-20532: Fixed a NULL pointer dereference in testcase_read() (bsc#1120629).
- CVE-2018-20533: Fixed a NULL pointer dereference in testcase_str2dep_complex() (bsc#1120630).
- CVE-2018-20534: Fixed a NULL pointer dereference in pool_whatprovides() (bsc#1120631).

Non-security issues fixed:

- Made cleandeps jobs on patterns work (bsc#1137977).
- Fixed an issue multiversion packages that obsolete their own name (bsc#1127155).
- Keep consistent package name if there are multiple alternatives (bsc#1131823).


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2777-1
Released:    Tue Sep 29 11:26:41 2020
Summary:     Recommended update for systemd
Type:        recommended
Severity:    moderate
References:  1169488,1173227
This update for systemd fixes the following issues:

- Fixes some file mode inconsistencies  for some ghost files (bsc#1173227)
- Fixes an issue where the system could hang on reboot (bsc#1169488)

More information about the sle-updates mailing list