SUSE: 2022:1696-1 Important: bci/nodejs Security Threat
suse
July 29, 2022
The container bci/nodejs was updated
Summary
Advisory ID: SUSE-RU-2022:2494-1 Released: Thu Jul 21 15:16:42 2022 Summary: Recommended update for glibc Type: recommended Severity: important Advisory ID: SUSE-SU-2022:2546-1 Released: Mon Jul 25 14:43:22 2022 Summary: Security update for gpg2 Type: security Severity: important Advisory ID: SUSE-SU-2022:2550-1 Released: Tue Jul 26 14:00:21 2022 Summary: Security update for git Type: security
Topics Covered
References
References : 1194550 1196125 1197684 1199042 1200855 1201225 1201431 1201560
1201640 CVE-2022-29187 CVE-2022-34903
1200855,1201560,1201640
This update for glibc fixes the following issues:
- Remove tunables from static tls surplus patch which caused crashes (bsc#1200855)
- i386: Disable check_consistency for GCC 5 and above (bsc#1201640, BZ #25788)
1196125,1201225,CVE-2022-34903
This update for gpg2 fixes the following issues:
- CVE-2022-34903: Fixed a status injection vulnerability (bsc#1201225).
- Use AES as default cipher instead of 3DES when we are in FIPS mode. (bsc#1196125)
1201431,CVE-2022-29187
This update for git fixes the following issues:
- CVE-2022-29187: Incomplete fix for CVE-2022-24765: potential command injection via git worktree (bsc#1201431).
1194550,1197684,1199042
PREVIOUS 
NEXT Severity
important
Lowest
Low
Medium
High
Critical
Container Advisory ID : SUSE-CU-2022:1696-1
Container Tags : bci/node:12 , bci/node:12-16.116 , bci/nodejs:12 , bci/nodejs:12-16.116
Container Release : 16.116
Severity : important
Type : security
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!