SUSE-CU-2022:2423-1: Security update of bci/rust

sle-updates at lists.suse.com sle-updates at lists.suse.com
Fri Sep 30 08:06:29 UTC 2022


SUSE Container Update Advisory: bci/rust
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2022:2423-1
Container Tags        : bci/rust:1.62 , bci/rust:1.62-2.39 , bci/rust:latest
Container Release     : 2.39
Severity              : moderate
Type                  : security
References            : 1201942 1203431 1203433 CVE-2022-36113 CVE-2022-36114 
-----------------------------------------------------------------

The container bci/rust was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3451-1
Released:    Wed Sep 28 09:44:15 2022
Summary:     Security update for rust1.62
Type:        security
Severity:    moderate
References:  1203431,1203433,CVE-2022-36113,CVE-2022-36114
This update for rust1.62 fixes the following issues:

- CVE-2022-36113: Fixed symlink hijack vulnerability (bsc#1203433).
- CVE-2022-36114: Fixed zip bomb vulnerability (bsc#1203431).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3452-1
Released:    Wed Sep 28 12:13:43 2022
Summary:     Recommended update for glibc
Type:        recommended
Severity:    moderate
References:  1201942
This update for glibc fixes the following issues:

- Reversing calculation of __x86_shared_non_temporal_threshold (bsc#1201942)
- powerpc: Optimized memcmp for power10 (jsc#PED-987)


The following package changes have been done:

- glibc-2.31-150300.41.1 updated
- glibc-devel-2.31-150300.41.1 updated
- rust1.62-1.62.1-150300.7.7.1 updated
- cargo1.62-1.62.1-150300.7.7.1 updated
- container:sles15-image-15.0.0-27.11.28 updated


More information about the sle-updates mailing list