Linux Security
    Linux Security
    Linux Security

    SUSE: 2021:14-1 harbor/harbor-trivy-adapter Security Update

    Date 04 Jan 2021
    336
    Posted By LinuxSecurity Advisories
    The container harbor/harbor-trivy-adapter was updated. The following patches have been included in this update:
    SUSE Container Update Advisory: harbor/harbor-trivy-adapter
    -----------------------------------------------------------------
    Container Advisory ID : SUSE-CU-2021:14-1
    Container Tags        : harbor/harbor-trivy-adapter:2.1.2 , harbor/harbor-trivy-adapter:2.1.2-rev1 , harbor/harbor-trivy-adapter:2.1.2-rev1-build3.79
    Container Release     : 3.79
    Severity              : important
    Type                  : security
    References            : 1084671 1098449 1144793 1168771 1169006 1173513 1174232 1174593
                            1174942 1175514 1175623 1177458 1177490 1177510 1177533 1177658
                            1177858 1177864 1177939 1177998 1178346 1178376 1178387 1178512
                            1178554 1178727 1178823 1178825 1179398 1179399 1179431 1179491
                            1179515 1179593 1180138 CVE-2020-14145 CVE-2020-1971 CVE-2020-25692
                            CVE-2020-28196 CVE-2020-8284 CVE-2020-8285 CVE-2020-8286 
    -----------------------------------------------------------------
    
    The container harbor/harbor-trivy-adapter was updated. The following patches have been included in this update:
    
    -----------------------------------------------------------------
    Advisory ID: SUSE-RU-2020:3157-1
    Released:    Wed Nov  4 15:37:05 2020
    Summary:     Recommended update for ca-certificates-mozilla
    Type:        recommended
    Severity:    moderate
    References:  1177864
    This update for ca-certificates-mozilla fixes the following issues:
    
    The SSL Root CA store was updated to the 2.44 state of the Mozilla NSS Certificate store (bsc#1177864)
    
    - Removed CAs:
    
      - EE Certification Centre Root CA
      - Taiwan GRCA
    
    - Added CAs:
    
      - Trustwave Global Certification Authority
      - Trustwave Global ECC P256 Certification Authority
      - Trustwave Global ECC P384 Certification Authority
    
    -----------------------------------------------------------------
    Advisory ID: SUSE-RU-2020:3290-1
    Released:    Wed Nov 11 12:25:32 2020
    Summary:     Recommended update for findutils
    Type:        recommended
    Severity:    moderate
    References:  1174232
    This update for findutils fixes the following issues:
    
    - Do not unconditionally use leaf optimization for NFS. (bsc#1174232)
      NFS st_nlink are not accurate on all implementations, leading to aborts() if that assumption is made.
    
    -----------------------------------------------------------------
    Advisory ID: SUSE-RU-2020:3294-1
    Released:    Wed Nov 11 12:28:46 2020
    Summary:     Recommended update for SLES-release
    Type:        recommended
    Severity:    moderate
    References:  1177998
    This update for SLES-release fixes the following issue:
    
    - Obsolete Leap 15.2.1 (jump) to allow migration from Jump/Leap 15.2.1 to SLE 15 SP2. (bsc#1177998)
    
    -----------------------------------------------------------------
    Advisory ID: SUSE-RU-2020:3301-1
    Released:    Thu Nov 12 13:51:02 2020
    Summary:     Recommended update for openssh
    Type:        recommended
    Severity:    moderate
    References:  1177939
    This update for openssh fixes the following issues:
    
    - Ensure that only approved DH parameters are used in FIPS mode, to meet NIST 800-56arev3 restrictions. (bsc#1177939).
    
    -----------------------------------------------------------------
    Advisory ID: SUSE-SU-2020:3313-1
    Released:    Thu Nov 12 16:07:37 2020
    Summary:     Security update for openldap2
    Type:        security
    Severity:    important
    References:  1178387,CVE-2020-25692
    This update for openldap2 fixes the following issues:
    
    - CVE-2020-25692: Fixed an unauthenticated remote denial of service due to incorrect validation of modrdn equality rules (bsc#1178387).
    
    -----------------------------------------------------------------
    Advisory ID: SUSE-SU-2020:3377-1
    Released:    Thu Nov 19 09:29:32 2020
    Summary:     Security update for krb5
    Type:        security
    Severity:    moderate
    References:  1178512,CVE-2020-28196
    This update for krb5 fixes the following security issue:
    
    - CVE-2020-28196: Fixed an unbounded recursion via an ASN.1-encoded Kerberos message (bsc#1178512).
    
    -----------------------------------------------------------------
    Advisory ID: SUSE-RU-2020:3381-1
    Released:    Thu Nov 19 10:53:38 2020
    Summary:     Recommended update for systemd
    Type:        recommended
    Severity:    moderate
    References:  1177458,1177490,1177510
    This update for systemd fixes the following issues:
    
    - build-sys: optionally disable support of journal over the network (bsc#1177458)
    - ask-password: prevent buffer overflow when reading from keyring (bsc#1177510)
    - mount: don't propagate errors from mount_setup_unit() further up
    - Rely on the new build option --disable-remote for journal_remote
      This allows to drop the workaround that consisted in cleaning journal-upload files and
      {sysusers.d,tmpfiles.d}/systemd-remote.conf manually when 'journal_remote' support was disabled.
    - Move journal-{remote,upload}.conf.5.gz man pages into systemd-journal_remote sub package 
    - Make sure {sysusers.d,tmpfiles.d}/systemd-remote.conf are not shipped with --without=journal_remote (bsc#1177458)
      These files were incorrectly packaged in the main package when systemd-journal_remote was disabled.
    - Make use of %{_unitdir} and %{_sysusersdir}
    - Remove mq-deadline selection from 60-io-scheduler.rules (bsc#1177490)
    
    -----------------------------------------------------------------
    Advisory ID: SUSE-RU-2020:3462-1
    Released:    Fri Nov 20 13:14:35 2020
    Summary:     Recommended update for pam and sudo
    Type:        recommended
    Severity:    moderate
    References:  1174593,1177858,1178727
    This update for pam and sudo fixes the following issue:
    
    pam:
    
    - pam_xauth: do not *free* a string which has been successfully passed to *putenv*. (bsc#1177858)
    - Initialize the local variable *daysleft* to avoid a misleading warning for password expire days. (bsc#1178727)
    - Run /usr/bin/xauth using the old user's and group's identifiers. (bsc#1174593)
    
    sudo:
    
    - Fix a problem with pam_xauth which checks effective and real uids to get the real identity of the user. (bsc#1174593)
    
    -----------------------------------------------------------------
    Advisory ID: SUSE-RU-2020:3581-1
    Released:    Tue Dec  1 14:40:22 2020
    Summary:     Recommended update for libusb-1_0
    Type:        recommended
    Severity:    moderate
    References:  1178376
    This update for libusb-1_0 fixes the following issues:
    
    - Fixes a build failure for libusb for the inclusion of 'sys/time.h' on PowerPC. (bsc#1178376)
    
    -----------------------------------------------------------------
    Advisory ID: SUSE-RU-2020:3620-1
    Released:    Thu Dec  3 17:03:55 2020
    Summary:     Recommended update for pam
    Type:        recommended
    Severity:    moderate
    References:  
    This update for pam fixes the following issues:
    
    - Check if the password is part of the username. (jsc#SLE-16719, jsc#SLE-16720)
      - Check whether the password contains a substring of of the user's name of at least `` characters length in 
      some form. This is enabled by the new parameter `usersubstr=`
    
    -----------------------------------------------------------------
    Advisory ID: SUSE-RU-2020:3626-1
    Released:    Fri Dec  4 13:51:46 2020
    Summary:     Recommended update for audit
    Type:        recommended
    Severity:    moderate
    References:  1179515
    This update for audit fixes the following issues:
    
    - Enable Aarch64 processor support. (bsc#1179515) 
    
    -----------------------------------------------------------------
    Advisory ID: SUSE-RU-2020:3703-1
    Released:    Mon Dec  7 20:17:32 2020
    Summary:     Recommended update for aaa_base
    Type:        recommended
    Severity:    moderate
    References:  1179431
    This update for aaa_base fixes the following issue:
    
    - Avoid semicolon within (t)csh login script on S/390. (bsc#1179431)
    
    -----------------------------------------------------------------
    Advisory ID: SUSE-SU-2020:3721-1
    Released:    Wed Dec  9 13:36:46 2020
    Summary:     Security update for openssl-1_1
    Type:        security
    Severity:    important
    References:  1179491,CVE-2020-1971
    This update for openssl-1_1 fixes the following issues:
    	  
    - CVE-2020-1971: Fixed a null pointer dereference in EDIPARTYNAME (bsc#1179491).
    
    -----------------------------------------------------------------
    Advisory ID: SUSE-SU-2020:3735-1
    Released:    Wed Dec  9 18:19:24 2020
    Summary:     Security update for curl
    Type:        security
    Severity:    moderate
    References:  1179398,1179399,1179593,CVE-2020-8284,CVE-2020-8285,CVE-2020-8286
    This update for curl fixes the following issues:
    
    - CVE-2020-8286: Fixed improper OSCP verification in the client side (bsc#1179593). 
    - CVE-2020-8285: Fixed a stack overflow due to FTP wildcard (bsc#1179399).
    - CVE-2020-8284: Fixed an issue where a malicius FTP server could make curl connect to a different IP (bsc#1179398).	  
    
    -----------------------------------------------------------------
    Advisory ID: SUSE-SU-2020:3736-1
    Released:    Wed Dec  9 18:19:58 2020
    Summary:     Security update for openssh
    Type:        security
    Severity:    moderate
    References:  1173513,CVE-2020-14145
    This update for openssh fixes the following issues:
    
    - CVE-2020-14145: Fixed a potential information leak during host key exchange (bsc#1173513).
    
    -----------------------------------------------------------------
    Advisory ID: SUSE-RU-2020:3809-1
    Released:    Tue Dec 15 13:46:05 2020
    Summary:     Recommended update for glib2
    Type:        recommended
    Severity:    moderate
    References:  1178346
    This update for glib2 fixes the following issues:
    
    Update from version 2.62.5 to version 2.62.6:
    
    - Support for slim format of timezone. (bsc#1178346)
    - Fix DST incorrect end day when using slim format. (bsc#1178346)
    - Fix SOCKS5 username/password authentication.
    - Updated translations.
    
    -----------------------------------------------------------------
    Advisory ID: SUSE-RU-2020:3853-1
    Released:    Wed Dec 16 12:27:27 2020
    Summary:     Recommended update for util-linux
    Type:        recommended
    Severity:    moderate
    References:  1084671,1169006,1174942,1175514,1175623,1178554,1178825
    This update for util-linux fixes the following issue:
    
    - Do not trigger the automatic close of CDROM. (bsc#1084671)
    - Try to automatically configure broken serial lines. (bsc#1175514)
    - Avoid `sulogin` failing on not existing or not functional console devices. (bsc#1175514)
    - Build with `libudev` support to support non-root users. (bsc#1169006)
    - Avoid memory errors on PowerPC systems with valid hardware configurations. (bsc#1175623, bsc#1178554, bsc#1178825)
    - Fix warning on mounts to `CIFS` with mount –a. (bsc#1174942)
    
    -----------------------------------------------------------------
    Advisory ID: SUSE-RU-2020:3942-1
    Released:    Tue Dec 29 12:22:01 2020
    Summary:     Recommended update for libidn2
    Type:        recommended
    Severity:    moderate
    References:  1180138
    This update for libidn2 fixes the following issues:
    
    - The library is actually dual licensed, GPL-2.0-or-later or LGPL-3.0-or-later,
      adjusted the RPM license tags (bsc#1180138)
    
    -----------------------------------------------------------------
    Advisory ID: SUSE-RU-2020:3943-1
    Released:    Tue Dec 29 12:24:45 2020
    Summary:     Recommended update for libxml2
    Type:        recommended
    Severity:    moderate
    References:  1178823
    This update for libxml2 fixes the following issues:
    
    Avoid quadratic checking of identity-constraints, speeding up XML validation (bsc#1178823)
    * key/unique/keyref schema attributes currently use quadratic loops
      to check their various constraints (that keys are unique and that
      keyrefs refer to existing keys).
    * This fix uses a hash table to avoid the quadratic behaviour.
    
    -----------------------------------------------------------------
    Advisory ID: SUSE-RU-2021:6-1
    Released:    Mon Jan  4 07:05:06 2021
    Summary:     Recommended update for libdlm
    Type:        recommended
    Severity:    moderate
    References:  1098449,1144793,1168771,1177533,1177658
    This update for libdlm fixes the following issues:
    
    - Rework libdlm3 require with a shared library version tag instead so it propagates to all consuming packages.(bsc#1177658, bsc#1098449)
    - Add support for type 'uint64_t' to corosync ringid. (bsc#1168771)
    - Include some fixes/enhancements for dlm_controld. (bsc#1144793)
    - Fixed an issue where /boot logical volume was accidentally unmounted. (bsc#1177533)
    

    LinuxSecurity Poll

    'Tis the season of giving! How have you given back to the open-source community?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/49-tis-the-season-of-giving-how-have-you-given-back-to-the-open-source-community?task=poll.vote&format=json
    49
    radio
    [{"id":"171","title":"I've contributed to the development of an open-source project.","votes":"22","type":"x","order":"1","pct":34.92,"resources":[]},{"id":"172","title":"I've reviewed open-source code for security bugs.","votes":"13","type":"x","order":"2","pct":20.63,"resources":[]},{"id":"173","title":"I've made a donation to an open-source project.","votes":"28","type":"x","order":"3","pct":44.44,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

    Please vote first in order to view vote results.


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.