SUSE: 2022:2425-1 suse/sles12sp4 Security Update
Summary
Advisory ID: SUSE-RU-2022:3389-1 Released: Mon Sep 26 12:52:13 2022 Summary: Recommended update for libgcrypt Type: recommended Severity: moderate Advisory ID: SUSE-SU-2022:3466-1 Released: Thu Sep 29 11:43:25 2022 Summary: Security update for expat Type: security Severity: important
References
References : 1200095 1203438 CVE-2022-40674
1200095
This update for libgcrypt fixes the following issues:
- FIPS: Auto-initialize drbg if needed. (bsc#1200095)
1203438,CVE-2022-40674
This update for expat fixes the following issues:
- CVE-2022-40674: Fixed use-after-free in the doContent function in xmlparse.c (bsc#1203438).
The following package changes have been done:
- base-container-licenses-3.0-1.317 updated
- container-suseconnect-2.0.0-1.203 updated
- libexpat1-2.1.0-21.25.1 updated
- libgcrypt20-1.6.1-16.83.1 updated