SUSE Container Update Advisory: suse/sle15
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2021:280-1
Container Tags        : suse/sle15:15.1 , suse/sle15:15.1.6.2.489
Container Release     : 6.2.489
Severity              : important
Type                  : security
References            : 1029961 1040589 1047218 1106014 1154935 1157818 1158812 1158958
                        1158959 1158960 1159491 1159715 1159847 1159850 1160309 1160438
                        1160439 1161268 1164719 1167471 1172091 1172115 1172234 1172236
                        1172240 1172308 1173641 1175448 1175449 1178561 1178577 1178624
                        1178675 1182016 1182604 1184761 1184967 1184994 1185046 1185331
                        1185540 1185807 1185958 1186015 1186049 1186791 1187060 1187210
                        1187212 1187292 1187400 1188063 1188217 1188218 1188219 1188220
                        928700 928701 CVE-2015-3414 CVE-2015-3415 CVE-2019-19244 CVE-2019-19317
                        CVE-2019-19603 CVE-2019-19645 CVE-2019-19646 CVE-2019-19880 CVE-2019-19923
                        CVE-2019-19924 CVE-2019-19925 CVE-2019-19926 CVE-2019-19959 CVE-2019-20218
                        CVE-2020-13434 CVE-2020-13435 CVE-2020-13630 CVE-2020-13631 CVE-2020-13632
                        CVE-2020-15358 CVE-2020-24370 CVE-2020-24371 CVE-2020-9327 CVE-2021-22922
                        CVE-2021-22923 CVE-2021-22924 CVE-2021-22925 CVE-2021-33560 CVE-2021-33910
                        CVE-2021-3541 CVE-2021-3580 
-----------------------------------------------------------------

The container suse/sle15 was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1861-1
Released:    Fri Jun  4 09:59:40 2021
Summary:     Recommended update for gcc10
Type:        recommended
Severity:    moderate
References:  1029961,1106014,1178577,1178624,1178675,1182016
This update for gcc10 fixes the following issues:

- Disable nvptx offloading for aarch64 again since it doesn't work
- Fixed a build failure issue. (bsc#1182016)
- Fix for memory miscompilation on 'aarch64'. (bsc#1178624, bsc#1178577)
- Fix 32bit 'libgnat.so' link. (bsc#1178675)
- prepare usrmerge: Install libgcc_s into %_libdir. ABI wise it stays /%lib. (bsc#1029961)
- Build complete set of multilibs for arm-none target. (bsc#1106014)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:1917-1
Released:    Wed Jun  9 14:48:05 2021
Summary:     Security update for libxml2
Type:        security
Severity:    moderate
References:  1186015,CVE-2021-3541
This update for libxml2 fixes the following issues:

- CVE-2021-3541: Fixed exponential entity expansion attack bypasses all existing protection mechanisms. (bsc#1186015)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:1953-1
Released:    Thu Jun 10 16:18:50 2021
Summary:     Recommended update for gpg2
Type:        recommended
Severity:    moderate
References:  1161268,1172308
This update for gpg2 fixes the following issues:

- Fixed an issue where the gpg-agent's ssh-agent does not handle flags 
  in signing requests properly (bsc#1161268 and bsc#1172308).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2143-1
Released:    Wed Jun 23 16:27:04 2021
Summary:     Security update for libnettle
Type:        security
Severity:    important
References:  1187060,CVE-2021-3580
This update for libnettle fixes the following issues:

- CVE-2021-3580: Fixed a remote denial of service in the RSA decryption via manipulated ciphertext (bsc#1187060).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2157-1
Released:    Thu Jun 24 15:40:14 2021
Summary:     Security update for libgcrypt
Type:        security
Severity:    important
References:  1187212,CVE-2021-33560
This update for libgcrypt fixes the following issues:

- CVE-2021-33560: Fixed a side-channel against ElGamal encryption, caused by missing exponent blinding (bsc#1187212).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2173-1
Released:    Mon Jun 28 14:59:45 2021
Summary:     Recommended update for automake
Type:        recommended
Severity:    moderate
References:  1040589,1047218,1182604,1185540,1186049
This update for automake fixes the following issues:

- Implement generated autoconf makefiles reproducible (bsc#1182604)
- Add fix to avoid date variations in docs. (bsc#1047218, jsc#SLE-17848)
- Avoid bashisms in test-driver script. (bsc#1185540)

This update for pcre fixes the following issues:

- Do not run profiling 'check' in parallel to make package build reproducible. (bsc#1040589)

This update for brp-check-suse fixes the following issues:

- Add fixes to support reproducible builds. (bsc#1186049) 


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2191-1
Released:    Mon Jun 28 18:38:13 2021
Summary:     Recommended update for patterns-microos
Type:        recommended
Severity:    moderate
References:  1186791
This update for patterns-microos provides the following fix:

- Add zypper-migration-plugin to the default pattern. (bsc#1186791)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2196-1
Released:    Tue Jun 29 09:41:39 2021
Summary:     Security update for lua53
Type:        security
Severity:    moderate
References:  1175448,1175449,CVE-2020-24370,CVE-2020-24371
This update for lua53 fixes the following issues:

Update to version 5.3.6:

- CVE-2020-24371: lgc.c mishandles the interaction between barriers and the sweep phase, leading to a memory access violation involving collectgarbage (bsc#1175449)
- CVE-2020-24370: ldebug.c allows a negation overflow and segmentation fault in getlocal and setlocal (bsc#1175448)
- Long brackets with a huge number of '=' overflow some internal buffer arithmetic.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2205-1
Released:    Wed Jun 30 09:17:41 2021
Summary:     Recommended update for openldap2
Type:        recommended
Severity:    important
References:  1187210
This update for openldap2 fixes the following issues:

- Resolve issues in the idle / connection 'TTL' timeout implementation in OpenLDAP. (bsc#1187210)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2246-1
Released:    Mon Jul  5 15:17:49 2021
Summary:     Recommended update for systemd
Type:        recommended
Severity:    moderate
References:  1154935,1167471,1178561,1184761,1184967,1185046,1185331,1185807,1185958,1187292,1187400
This update for systemd fixes the following issues:

  cgroup: Parse infinity properly for memory protections. (bsc#1167471)
  cgroup: Make empty assignments reset to default. (bsc#1167471)
  cgroup: Support 0-value for memory protection directives. (bsc#1167471)
  core/cgroup: Fixed an issue with ignored parameter of 'MemorySwapMax=0'. (bsc#1154935)
  bus-unit-util: Add proper 'MemorySwapMax' serialization.
  core: Accept MemorySwapMax= properties that are scaled.
  execute: Make sure to call into PAM after initializing resource limits. (bsc#1184967)
  core: Rename 'ShutdownWatchdogSec' to 'RebootWatchdogSec'. (bsc#1185331)
  Return -EAGAIN instead of -EALREADY from unit_reload. (bsc#1185046)
  rules: Don't ignore Xen virtual interfaces anymore. (bsc#1178561)
  write_net_rules: Set execute bits. (bsc#1178561)
  udev: Rework network device renaming.
  Revert 'Revert 'udev: Network device renaming - immediately give up if the target name isn't available''
    
  mount-util: tape over name_to_handle_at() flakiness (#7517) (bsc#1184761)
  core: fix output (logging) for mount units (#7603) (bsc#1187400)
  udev requires systemd in its %post (bsc#1185958)
  cgroup: Parse infinity properly for memory protections (bsc#1167471)
  cgroup: Make empty assignments reset to default (bsc#1167471)
  cgroup: Support 0-value for memory protection directives (bsc#1167471)
  Create /run/lock/subsys again (bsc#1187292)
  The creation of this directory was mistakenly dropped when
  'filesystem' package took the initialization of the generic paths
  over.
  Expect 644 permissions for /usr/lib/udev/compat-symlink-generation (bsc#1185807)
  
  

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2320-1
Released:    Wed Jul 14 17:01:06 2021
Summary:     Security update for sqlite3
Type:        security
Severity:    important
References:  1157818,1158812,1158958,1158959,1158960,1159491,1159715,1159847,1159850,1160309,1160438,1160439,1164719,1172091,1172115,1172234,1172236,1172240,1173641,928700,928701,CVE-2015-3414,CVE-2015-3415,CVE-2019-19244,CVE-2019-19317,CVE-2019-19603,CVE-2019-19645,CVE-2019-19646,CVE-2019-19880,CVE-2019-19923,CVE-2019-19924,CVE-2019-19925,CVE-2019-19926,CVE-2019-19959,CVE-2019-20218,CVE-2020-13434,CVE-2020-13435,CVE-2020-13630,CVE-2020-13631,CVE-2020-13632,CVE-2020-15358,CVE-2020-9327
This update for sqlite3 fixes the following issues:

- Update to version 3.36.0
- CVE-2020-15358: heap-based buffer overflow in multiSelectOrderBy due to mishandling of query-flattener
  optimization (bsc#1173641)
- CVE-2020-9327: NULL pointer dereference and segmentation fault because of generated column optimizations in
  isAuxiliaryVtabOperator (bsc#1164719)
- CVE-2019-20218: selectExpander in select.c proceeds with WITH stack unwinding even after a parsing error (bsc#1160439)
- CVE-2019-19959: memory-management error via ext/misc/zipfile.c involving embedded '\0' input (bsc#1160438)
- CVE-2019-19923: improper handling  of  certain uses of SELECT DISTINCT in flattenSubquery may lead to null pointer
  dereference (bsc#1160309)
- CVE-2019-19924: improper error handling in sqlite3WindowRewrite() (bsc#1159850)
- CVE-2019-19925: improper handling of NULL pathname during an update of a ZIP archive (bsc#1159847)
- CVE-2019-19926: improper handling  of certain errors during parsing  multiSelect in select.c (bsc#1159715)
- CVE-2019-19880: exprListAppendList in window.c allows attackers to trigger an invalid pointer dereference
  (bsc#1159491)
- CVE-2019-19603: during handling of CREATE TABLE and CREATE VIEW statements, does not consider confusion with
  a shadow table name (bsc#1158960)
- CVE-2019-19646: pragma.c mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated
  columns (bsc#1158959)
- CVE-2019-19645: alter.c allows attackers to trigger infinite recursion via certain types of self-referential views
  in conjunction with ALTER TABLE statements (bsc#1158958)
- CVE-2019-19317: lookupName in resolve.c omits bits from the colUsed bitmask in the case of a generated column,
  which allows attackers to cause a denial of service (bsc#1158812)
- CVE-2019-19244: sqlite3,sqlite2,sqlite: The function sqlite3Select in select.c allows a crash if a
  sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage (bsc#1157818)
- CVE-2015-3415: sqlite3VdbeExec comparison operator vulnerability (bsc#928701)
- CVE-2015-3414: sqlite3,sqlite2: dequoting of collation-sequence names (bsc#928700)
- CVE-2020-13434: integer overflow in sqlite3_str_vappendf (bsc#1172115)
- CVE-2020-13630: (bsc#1172234: use-after-free in fts3EvalNextRow
- CVE-2020-13631: virtual table allowed to be renamed to one of its shadow tables (bsc#1172236)
- CVE-2020-13632: NULL pointer dereference via crafted matchinfo() query (bsc#1172240)
- CVE-2020-13435: Malicious SQL statements could have crashed the process that is running SQLite (bsc#1172091)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2404-1
Released:    Tue Jul 20 14:21:30 2021
Summary:     Security update for systemd
Type:        security
Severity:    moderate
References:  1184994,1188063,CVE-2021-33910
This update for systemd fixes the following issues:

- CVE-2021-33910: Fixed a denial of service in systemd via unit_name_path_escape() (bsc#1188063)
- Skip udev rules if 'elevator=' is used (bsc#1184994)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2440-1
Released:    Wed Jul 21 13:48:24 2021
Summary:     Security update for curl
Type:        security
Severity:    moderate
References:  1188217,1188218,1188219,1188220,CVE-2021-22922,CVE-2021-22923,CVE-2021-22924,CVE-2021-22925
This update for curl fixes the following issues:

- CVE-2021-22925: TELNET stack contents disclosure again. (bsc#1188220)
- CVE-2021-22924: Bad connection reuse due to flawed path name checks. (bsc#1188219)
- CVE-2021-22923: Insufficiently Protected Credentials. (bsc#1188218)
- CVE-2021-22922: Wrong content via metalink not discarded. (bsc#1188217)

SUSE: 2021:280-1 suse/sle15 Security Update

August 7, 2021
The container suse/sle15 was updated

Summary

Advisory ID: SUSE-RU-2021:1861-1 Released: Fri Jun 4 09:59:40 2021 Summary: Recommended update for gcc10 Type: recommended Severity: moderate Advisory ID: SUSE-SU-2021:1917-1 Released: Wed Jun 9 14:48:05 2021 Summary: Security update for libxml2 Type: security Severity: moderate Advisory ID: SUSE-RU-2021:1953-1 Released: Thu Jun 10 16:18:50 2021 Summary: Recommended update for gpg2 Type: recommended Severity: moderate Advisory ID: SUSE-SU-2021:2143-1 Released: Wed Jun 23 16:27:04 2021 Summary: Security update for libnettle Type: security Severity: important Advisory ID: SUSE-SU-2021:2157-1 Released: Thu Jun 24 15:40:14 2021 Summary: Security update for libgcrypt Type: security Severity: important Advisory ID: SUSE-RU-2021:2173-1 Released: Mon Jun 28 14:59:45 2021 Summary: Recommended update for automake Type: recommended Severity: moderate Advisory ID: SUSE-RU-2021:2191-1 Released: Mon Jun 28 18:38:13 2021 Summary: Recommended update for patterns-microos Type: recommended Severity: moderate Advisory ID: SUSE-SU-2021:2196-1 Released: Tue Jun 29 09:41:39 2021 Summary: Security update for lua53 Type: security Severity: moderate Advisory ID: SUSE-RU-2021:2205-1 Released: Wed Jun 30 09:17:41 2021 Summary: Recommended update for openldap2 Type: recommended Severity: important Advisory ID: SUSE-RU-2021:2246-1 Released: Mon Jul 5 15:17:49 2021 Summary: Recommended update for systemd Type: recommended Severity: moderate Advisory ID: SUSE-SU-2021:2320-1 Released: Wed Jul 14 17:01:06 2021 Summary: Security update for sqlite3 Type: security Severity: important Advisory ID: SUSE-SU-2021:2404-1 Released: Tue Jul 20 14:21:30 2021 Summary: Security update for systemd Type: security Severity: moderate Advisory ID: SUSE-SU-2021:2440-1 Released: Wed Jul 21 13:48:24 2021 Summary: Security update for curl Type: security Severity: moderate

References

References : 1029961 1040589 1047218 1106014 1154935 1157818 1158812 1158958

1158959 1158960 1159491 1159715 1159847 1159850 1160309 1160438

1160439 1161268 1164719 1167471 1172091 1172115 1172234 1172236

1172240 1172308 1173641 1175448 1175449 1178561 1178577 1178624

1178675 1182016 1182604 1184761 1184967 1184994 1185046 1185331

1185540 1185807 1185958 1186015 1186049 1186791 1187060 1187210

1187212 1187292 1187400 1188063 1188217 1188218 1188219 1188220

928700 928701 CVE-2015-3414 CVE-2015-3415 CVE-2019-19244 CVE-2019-19317

CVE-2019-19603 CVE-2019-19645 CVE-2019-19646 CVE-2019-19880 CVE-2019-19923

CVE-2019-19924 CVE-2019-19925 CVE-2019-19926 CVE-2019-19959 CVE-2019-20218

CVE-2020-13434 CVE-2020-13435 CVE-2020-13630 CVE-2020-13631 CVE-2020-13632

CVE-2020-15358 CVE-2020-24370 CVE-2020-24371 CVE-2020-9327 CVE-2021-22922

CVE-2021-22923 CVE-2021-22924 CVE-2021-22925 CVE-2021-33560 CVE-2021-33910

CVE-2021-3541 CVE-2021-3580

1029961,1106014,1178577,1178624,1178675,1182016

This update for gcc10 fixes the following issues:

- Disable nvptx offloading for aarch64 again since it doesn't work

- Fixed a build failure issue. (bsc#1182016)

- Fix for memory miscompilation on 'aarch64'. (bsc#1178624, bsc#1178577)

- Fix 32bit 'libgnat.so' link. (bsc#1178675)

- prepare usrmerge: Install libgcc_s into %_libdir. ABI wise it stays /%lib. (bsc#1029961)

- Build complete set of multilibs for arm-none target. (bsc#1106014)

1186015,CVE-2021-3541

This update for libxml2 fixes the following issues:

- CVE-2021-3541: Fixed exponential entity expansion attack bypasses all existing protection mechanisms. (bsc#1186015)

1161268,1172308

This update for gpg2 fixes the following issues:

- Fixed an issue where the gpg-agent's ssh-agent does not handle flags

in signing requests properly (bsc#1161268 and bsc#1172308).

1187060,CVE-2021-3580

This update for libnettle fixes the following issues:

- CVE-2021-3580: Fixed a remote denial of service in the RSA decryption via manipulated ciphertext (bsc#1187060).

1187212,CVE-2021-33560

This update for libgcrypt fixes the following issues:

- CVE-2021-33560: Fixed a side-channel against ElGamal encryption, caused by missing exponent blinding (bsc#1187212).

1040589,1047218,1182604,1185540,1186049

This update for automake fixes the following issues:

- Implement generated autoconf makefiles reproducible (bsc#1182604)

- Add fix to avoid date variations in docs. (bsc#1047218, jsc#SLE-17848)

- Avoid bashisms in test-driver script. (bsc#1185540)

This update for pcre fixes the following issues:

- Do not run profiling 'check' in parallel to make package build reproducible. (bsc#1040589)

This update for brp-check-suse fixes the following issues:

- Add fixes to support reproducible builds. (bsc#1186049)

1186791

This update for patterns-microos provides the following fix:

- Add zypper-migration-plugin to the default pattern. (bsc#1186791)

1175448,1175449,CVE-2020-24370,CVE-2020-24371

This update for lua53 fixes the following issues:

Update to version 5.3.6:

- CVE-2020-24371: lgc.c mishandles the interaction between barriers and the sweep phase, leading to a memory access violation involving collectgarbage (bsc#1175449)

- CVE-2020-24370: ldebug.c allows a negation overflow and segmentation fault in getlocal and setlocal (bsc#1175448)

- Long brackets with a huge number of '=' overflow some internal buffer arithmetic.

1187210

This update for openldap2 fixes the following issues:

- Resolve issues in the idle / connection 'TTL' timeout implementation in OpenLDAP. (bsc#1187210)

1154935,1167471,1178561,1184761,1184967,1185046,1185331,1185807,1185958,1187292,1187400

This update for systemd fixes the following issues:

cgroup: Parse infinity properly for memory protections. (bsc#1167471)

cgroup: Make empty assignments reset to default. (bsc#1167471)

cgroup: Support 0-value for memory protection directives. (bsc#1167471)

core/cgroup: Fixed an issue with ignored parameter of 'MemorySwapMax=0'. (bsc#1154935)

bus-unit-util: Add proper 'MemorySwapMax' serialization.

core: Accept MemorySwapMax= properties that are scaled.

execute: Make sure to call into PAM after initializing resource limits. (bsc#1184967)

core: Rename 'ShutdownWatchdogSec' to 'RebootWatchdogSec'. (bsc#1185331)

Return -EAGAIN instead of -EALREADY from unit_reload. (bsc#1185046)

rules: Don't ignore Xen virtual interfaces anymore. (bsc#1178561)

write_net_rules: Set execute bits. (bsc#1178561)

udev: Rework network device renaming.

Revert 'Revert 'udev: Network device renaming - immediately give up if the target name isn't available''

mount-util: tape over name_to_handle_at() flakiness (#7517) (bsc#1184761)

core: fix output (logging) for mount units (#7603) (bsc#1187400)

udev requires systemd in its %post (bsc#1185958)

cgroup: Parse infinity properly for memory protections (bsc#1167471)

cgroup: Make empty assignments reset to default (bsc#1167471)

cgroup: Support 0-value for memory protection directives (bsc#1167471)

Create /run/lock/subsys again (bsc#1187292)

The creation of this directory was mistakenly dropped when

'filesystem' package took the initialization of the generic paths

over.

Expect 644 permissions for /usr/lib/udev/compat-symlink-generation (bsc#1185807)

1157818,1158812,1158958,1158959,1158960,1159491,1159715,1159847,1159850,1160309,1160438,1160439,1164719,1172091,1172115,1172234,1172236,1172240,1173641,928700,928701,CVE-2015-3414,CVE-2015-3415,CVE-2019-19244,CVE-2019-19317,CVE-2019-19603,CVE-2019-19645,CVE-2019-19646,CVE-2019-19880,CVE-2019-19923,CVE-2019-19924,CVE-2019-19925,CVE-2019-19926,CVE-2019-19959,CVE-2019-20218,CVE-2020-13434,CVE-2020-13435,CVE-2020-13630,CVE-2020-13631,CVE-2020-13632,CVE-2020-15358,CVE-2020-9327

This update for sqlite3 fixes the following issues:

- Update to version 3.36.0

- CVE-2020-15358: heap-based buffer overflow in multiSelectOrderBy due to mishandling of query-flattener

optimization (bsc#1173641)

- CVE-2020-9327: NULL pointer dereference and segmentation fault because of generated column optimizations in

isAuxiliaryVtabOperator (bsc#1164719)

- CVE-2019-20218: selectExpander in select.c proceeds with WITH stack unwinding even after a parsing error (bsc#1160439)

- CVE-2019-19959: memory-management error via ext/misc/zipfile.c involving embedded '\0' input (bsc#1160438)

- CVE-2019-19923: improper handling of certain uses of SELECT DISTINCT in flattenSubquery may lead to null pointer

dereference (bsc#1160309)

- CVE-2019-19924: improper error handling in sqlite3WindowRewrite() (bsc#1159850)

- CVE-2019-19925: improper handling of NULL pathname during an update of a ZIP archive (bsc#1159847)

- CVE-2019-19926: improper handling of certain errors during parsing multiSelect in select.c (bsc#1159715)

- CVE-2019-19880: exprListAppendList in window.c allows attackers to trigger an invalid pointer dereference

(bsc#1159491)

- CVE-2019-19603: during handling of CREATE TABLE and CREATE VIEW statements, does not consider confusion with

a shadow table name (bsc#1158960)

- CVE-2019-19646: pragma.c mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated

columns (bsc#1158959)

- CVE-2019-19645: alter.c allows attackers to trigger infinite recursion via certain types of self-referential views

in conjunction with ALTER TABLE statements (bsc#1158958)

- CVE-2019-19317: lookupName in resolve.c omits bits from the colUsed bitmask in the case of a generated column,

which allows attackers to cause a denial of service (bsc#1158812)

- CVE-2019-19244: sqlite3,sqlite2,sqlite: The function sqlite3Select in select.c allows a crash if a

sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage (bsc#1157818)

- CVE-2015-3415: sqlite3VdbeExec comparison operator vulnerability (bsc#928701)

- CVE-2015-3414: sqlite3,sqlite2: dequoting of collation-sequence names (bsc#928700)

- CVE-2020-13434: integer overflow in sqlite3_str_vappendf (bsc#1172115)

- CVE-2020-13630: (bsc#1172234: use-after-free in fts3EvalNextRow

- CVE-2020-13631: virtual table allowed to be renamed to one of its shadow tables (bsc#1172236)

- CVE-2020-13632: NULL pointer dereference via crafted matchinfo() query (bsc#1172240)

- CVE-2020-13435: Malicious SQL statements could have crashed the process that is running SQLite (bsc#1172091)

1184994,1188063,CVE-2021-33910

This update for systemd fixes the following issues:

- CVE-2021-33910: Fixed a denial of service in systemd via unit_name_path_escape() (bsc#1188063)

- Skip udev rules if 'elevator=' is used (bsc#1184994)

1188217,1188218,1188219,1188220,CVE-2021-22922,CVE-2021-22923,CVE-2021-22924,CVE-2021-22925

This update for curl fixes the following issues:

- CVE-2021-22925: TELNET stack contents disclosure again. (bsc#1188220)

- CVE-2021-22924: Bad connection reuse due to flawed path name checks. (bsc#1188219)

- CVE-2021-22923: Insufficiently Protected Credentials. (bsc#1188218)

- CVE-2021-22922: Wrong content via metalink not discarded. (bsc#1188217)

Severity
Container Advisory ID : SUSE-CU-2021:280-1
Container Tags : suse/sle15:15.1 , suse/sle15:15.1.6.2.489
Container Release : 6.2.489
Severity : important
Type : security

Related News

23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved