SUSE-CU-2021:559-1: Security update of suse/sle15
sle-updates at lists.suse.com
sle-updates at lists.suse.com
Sun Dec 5 07:55:52 UTC 2021
SUSE Container Update Advisory: suse/sle15
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2021:559-1
Container Tags : suse/sle15:15.2 , suse/sle15:15.2.9.5.55
Container Release : 9.5.55
Severity : moderate
Type : security
References : 1027496 1183085 1190356 1191286 1191324 1191370 1191609 1191736
1192337 1192436 CVE-2016-10228
-----------------------------------------------------------------
The container suse/sle15 was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3830-1
Released: Wed Dec 1 13:45:46 2021
Summary: Security update for glibc
Type: security
Severity: moderate
References: 1027496,1183085,CVE-2016-10228
This update for glibc fixes the following issues:
- libio: do not attempt to free wide buffers of legacy streams (bsc#1183085)
- CVE-2016-10228: Rewrite iconv option parsing to fix security issue (bsc#1027496)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3870-1
Released: Thu Dec 2 07:11:50 2021
Summary: Recommended update for libzypp, zypper
Type: recommended
Severity: moderate
References: 1190356,1191286,1191324,1191370,1191609,1192337,1192436
This update for libzypp, zypper fixes the following issues:
libzypp:
- Check log writer before accessing it (bsc#1192337)
- Zypper should keep cached files if transaction is aborted (bsc#1190356)
- Require a minimum number of mirrors for multicurl (bsc#1191609)
- Fixed slowdowns when rlimit is too high by using procfs to detect niumber of
open file descriptors (bsc#1191324)
- Fixed zypper incomplete messages when using non English localization (bsc#1191370)
- RepoManager: Don't probe for plaindir repository if the URL schema is a plugin (bsc#1191286)
- Disable logger in the child process after fork (bsc#1192436)
zypper:
- Fixed Zypper removing a kernel explicitely pinned that uses uname -r output format as name (openSUSE/zypper#418)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3872-1
Released: Thu Dec 2 07:25:55 2021
Summary: Recommended update for cracklib
Type: recommended
Severity: moderate
References: 1191736
This update for cracklib fixes the following issues:
- Enable build time tests (bsc#1191736)
The following package changes have been done:
- cracklib-dict-small-2.9.7-11.6.1 updated
- cracklib-2.9.7-11.6.1 updated
- glibc-2.26-13.62.1 updated
- libcrack2-2.9.7-11.6.1 updated
- libzypp-17.28.8-20.1 updated
- zypper-1.14.50-21.1 updated
More information about the sle-updates
mailing list