SUSE-CU-2022:2372-1: Security update of bci/nodejs

sle-updates at lists.suse.com sle-updates at lists.suse.com
Wed Sep 28 09:04:31 UTC 2022 

SUSE Container Update Advisory: bci/nodejs
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2022:2372-1
Container Tags        : bci/node:14 , bci/node:14-33.40 , bci/nodejs:14 , bci/nodejs:14-33.40
Container Release     : 33.40
Severity              : important
Type                  : security
References            : 1047178 1199140 1201680 1203018 CVE-2017-6512 CVE-2021-46828
                        CVE-2022-31252 
-----------------------------------------------------------------

The container bci/nodejs was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3262-1
Released:    Tue Sep 13 15:34:29 2022
Summary:     Recommended update for gcc11
Type:        recommended
Severity:    moderate
References:  1199140

This update for gcc11 ships some missing 32bit libraries for s390x. (bsc#1199140)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3271-1
Released:    Wed Sep 14 06:45:39 2022
Summary:     Security update for perl
Type:        security
Severity:    moderate
References:  1047178,CVE-2017-6512
This update for perl fixes the following issues:

- CVE-2017-6512: Fixed File::Path rmtree/remove_tree race condition (bsc#1047178).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3305-1
Released:    Mon Sep 19 11:45:57 2022
Summary:     Security update for libtirpc
Type:        security
Severity:    important
References:  1201680,CVE-2021-46828
This update for libtirpc fixes the following issues:

- CVE-2021-46828: Fixed denial of service vulnerability with lots of connections (bsc#1201680).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3353-1
Released:    Fri Sep 23 15:23:40 2022
Summary:     Security update for permissions
Type:        security
Severity:    moderate
References:  1203018,CVE-2022-31252
This update for permissions fixes the following issues:

- CVE-2022-31252: Fixed chkstat group controlled paths (bsc#1203018).


The following package changes have been done:

- libtirpc-netconfig-1.2.6-150300.3.14.1 updated
- perl-base-5.26.1-150300.17.11.1 updated
- libgcc_s1-11.3.0+git1637-150000.1.11.2 updated
- libstdc++6-11.3.0+git1637-150000.1.11.2 updated
- libtirpc3-1.2.6-150300.3.14.1 updated
- permissions-20201225-150400.5.11.1 updated
- container:sles15-image-15.0.0-27.11.27 updated

More information about the sle-updates mailing list