SUSE: 2016:0748-1 Important: SLES12SP1-Docker Image Security Update

suse

March 14, 2016

An update that fixes 15 vulnerabilities is now available

Summary

This update for sles12sp1-docker-image fixes the following issues: glibc fixed the following security issues: - CVE-2015-7547: A stack-based buffer overflow in getaddrinfo allowed remote attackers to cause a crash or execute arbitrary code via crafted and timed DNS responses (bsc#961721) - CVE-2015-8777: Insufficient checking of LD_POINTER_GUARD environment variable allowed local attackers to bypass the pointer guarding protection of the dynamic loader on set-user-ID and set-group-ID programs (bsc#950944) - CVE-2015-8776: Out-of-range time values passed to the strftime function may cause it to crash, leading to a denial of service, or potentially disclosure information (bsc#962736) - CVE-2015-8778: Integer overflow in hcreate and hcreate_r could have

Topics Covered

security advisory denial of service buffer overflow code execution important SUSE Linux Enterprise sles12sp1-docker-image

References

#969591

Cross- CVE-2014-9761 CVE-2015-3197 CVE-2015-7547

CVE-2015-8776 CVE-2015-8777 CVE-2015-8778

CVE-2015-8779 CVE-2016-0702 CVE-2016-0703

CVE-2016-0704 CVE-2016-0705 CVE-2016-0797

CVE-2016-0798 CVE-2016-0799 CVE-2016-0800

Affected Products:

SUSE Linux Enterprise Module for Containers 12

https://www.suse.com/security/cve/CVE-2014-9761.html

https://www.suse.com/security/cve/CVE-2015-3197.html

https://www.suse.com/security/cve/CVE-2015-7547.html

https://www.suse.com/security/cve/CVE-2015-8776.html

https://www.suse.com/security/cve/CVE-2015-8777.html

https://www.suse.com/security/cve/CVE-2015-8778.html

https://www.suse.com/security/cve/CVE-2015-8779.html

https://www.suse.com/security/cve/CVE-2016-0702.html

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2016:0748-1

Rating: important

Topics Covered

security advisory denial of service buffer overflow code execution important SUSE Linux Enterprise sles12sp1-docker-image

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2016:0748-1 Important: SLES12SP1-Docker Image Security Update

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2016:0748-1 Important: SLES12SP1-Docker Image Security Update

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!