Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 443
Alerts This Week
Warning Icon 1 443

SUSE: 2022:2589-1 Critical: bci/golang Security Update for Expiring Flaw

suse
Calendar Grey October 5, 2022
Dist Suse Esm H88
Crucial security enhancement for SUSE container bci/golang tackling essential updates and fixes for security flaws.
The container bci/golang was updated

Summary

Advisory ID: SUSE-RU-2022:3452-1 Released: Wed Sep 28 12:13:43 2022 Summary: Recommended update for glibc Type: recommended Severity: moderate Advisory ID: SUSE-SU-2022:3489-1 Released: Sat Oct 1 13:35:24 2022 Summary: Security update for expat Type: security Severity: important

References

References : 1201942 1203438 CVE-2022-40674

1201942

This update for glibc fixes the following issues:

- Reversing calculation of __x86_shared_non_temporal_threshold (bsc#1201942)

- powerpc: Optimized memcmp for power10 (jsc#PED-987)

1203438,CVE-2022-40674

This update for expat fixes the following issues:

- CVE-2022-40674: Fixed use-after-free in the doContent function in xmlparse.c (bsc#1203438).

The following package changes have been done:

- libexpat1-2.4.4-150400.3.9.1 updated

- glibc-devel-2.31-150300.41.1 updated

- container:sles15-image-15.0.0-27.11.28 updated

- aaa_base-84.87+git20180409.04c9dae-3.57.1 removed

- bash-4.4-150400.25.22 removed

- bash-sh-4.4-150400.25.22 removed

- coreutils-8.32-150400.7.5 removed

- cpio-2.13-150400.1.98 removed

Severity
important
Lowest
Low
Medium
High
Critical

Container Advisory ID : SUSE-CU-2022:2457-1
Container Tags : bci/golang:1.19 , bci/golang:1.19-2.46 , bci/golang:latest
Container Release : 2.46
Severity : important
Type : security

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.