SUSE: 2021:559-1 suse/sle15 Security Update | LinuxSecurity.com

Advisories

SUSE Container Update Advisory: suse/sle15
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2021:559-1
Container Tags        : suse/sle15:15.2 , suse/sle15:15.2.9.5.55
Container Release     : 9.5.55
Severity              : moderate
Type                  : security
References            : 1027496 1183085 1190356 1191286 1191324 1191370 1191609 1191736
                        1192337 1192436 CVE-2016-10228 
-----------------------------------------------------------------

The container suse/sle15 was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3830-1
Released:    Wed Dec  1 13:45:46 2021
Summary:     Security update for glibc
Type:        security
Severity:    moderate
References:  1027496,1183085,CVE-2016-10228

This update for glibc fixes the following issues:


- libio: do not attempt to free wide buffers of legacy streams (bsc#1183085) 
- CVE-2016-10228: Rewrite iconv option parsing to fix security issue (bsc#1027496)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3870-1
Released:    Thu Dec  2 07:11:50 2021
Summary:     Recommended update for libzypp, zypper
Type:        recommended
Severity:    moderate
References:  1190356,1191286,1191324,1191370,1191609,1192337,1192436
This update for libzypp, zypper fixes the following issues:

libzypp:

- Check log writer before accessing it (bsc#1192337)
- Zypper should keep cached files if transaction is aborted (bsc#1190356)
- Require a minimum number of mirrors for multicurl (bsc#1191609)
- Fixed slowdowns when rlimit is too high by using procfs to detect niumber of 
  open file descriptors (bsc#1191324)
- Fixed zypper incomplete messages when using non English localization (bsc#1191370)
- RepoManager: Don't probe for plaindir repository if the URL schema is a plugin (bsc#1191286)
- Disable logger in the child process after fork (bsc#1192436)

zypper:

- Fixed Zypper removing a kernel explicitely pinned that uses uname -r output format as name (openSUSE/zypper#418)


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3872-1
Released:    Thu Dec  2 07:25:55 2021
Summary:     Recommended update for cracklib
Type:        recommended
Severity:    moderate
References:  1191736
This update for cracklib fixes the following issues:

- Enable build time tests (bsc#1191736)


The following package changes have been done:

- cracklib-dict-small-2.9.7-11.6.1 updated
- cracklib-2.9.7-11.6.1 updated
- glibc-2.26-13.62.1 updated
- libcrack2-2.9.7-11.6.1 updated
- libzypp-17.28.8-20.1 updated
- zypper-1.14.50-21.1 updated

SUSE: 2021:559-1 suse/sle15 Security Update

December 5, 2021
The container suse/sle15 was updated

Summary

Advisory ID: SUSE-SU-2021:3830-1 Released: Wed Dec 1 13:45:46 2021 Summary: Security update for glibc Type: security Severity: moderate Advisory ID: SUSE-RU-2021:3870-1 Released: Thu Dec 2 07:11:50 2021 Summary: Recommended update for libzypp, zypper Type: recommended Severity: moderate Advisory ID: SUSE-RU-2021:3872-1 Released: Thu Dec 2 07:25:55 2021 Summary: Recommended update for cracklib Type: recommended Severity: moderate

References

References : 1027496 1183085 1190356 1191286 1191324 1191370 1191609 1191736

1192337 1192436 CVE-2016-10228

1027496,1183085,CVE-2016-10228

This update for glibc fixes the following issues:

- libio: do not attempt to free wide buffers of legacy streams (bsc#1183085)

- CVE-2016-10228: Rewrite iconv option parsing to fix security issue (bsc#1027496)

1190356,1191286,1191324,1191370,1191609,1192337,1192436

This update for libzypp, zypper fixes the following issues:

libzypp:

- Check log writer before accessing it (bsc#1192337)

- Zypper should keep cached files if transaction is aborted (bsc#1190356)

- Require a minimum number of mirrors for multicurl (bsc#1191609)

- Fixed slowdowns when rlimit is too high by using procfs to detect niumber of

open file descriptors (bsc#1191324)

- Fixed zypper incomplete messages when using non English localization (bsc#1191370)

- RepoManager: Don't probe for plaindir repository if the URL schema is a plugin (bsc#1191286)

- Disable logger in the child process after fork (bsc#1192436)

zypper:

- Fixed Zypper removing a kernel explicitely pinned that uses uname -r output format as name (openSUSE/zypper#418)

1191736

This update for cracklib fixes the following issues:

- Enable build time tests (bsc#1191736)

The following package changes have been done:

- cracklib-dict-small-2.9.7-11.6.1 updated

- cracklib-2.9.7-11.6.1 updated

- glibc-2.26-13.62.1 updated

- libcrack2-2.9.7-11.6.1 updated

- libzypp-17.28.8-20.1 updated

- zypper-1.14.50-21.1 updated

Severity
Container Advisory ID : SUSE-CU-2021:559-1
Container Tags : suse/sle15:15.2 , suse/sle15:15.2.9.5.55
Container Release : 9.5.55
Severity : moderate
Type : security

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.