SUSE: 2022:30-1 bci/openjdk Security Update | LinuxSecurity.com

Advisories

SUSE Container Update Advisory: bci/openjdk
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2022:30-1
Container Tags        : bci/openjdk:11
Container Release     : 6.23
Severity              : important
Type                  : security
References            : 1029961 1113013 1161276 1162581 1174504 1174504 1180064 1186071
                        1187153 1187273 1187654 1187993 1188623 1190356 1190401 1190440
                        1190984 1191286 1191324 1191370 1191563 1191592 1191609 1191736
                        1192160 1192161 1192248 1192337 1192423 1192436 1192688 1192717
                        1192858 1193170 1193480 1193759 CVE-2020-29361 CVE-2021-43527
                        CVE-2021-43618 
-----------------------------------------------------------------

The container bci/openjdk was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3786-1
Released:    Wed Nov 24 05:59:13 2021
Summary:     Recommended update for rpm-config-SUSE
Type:        recommended
Severity:    important
References:  1192160
This update for rpm-config-SUSE fixes the following issues:

- Add support for the kernel xz-compressed firmware files (bsc#1192160)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3799-1
Released:    Wed Nov 24 18:07:54 2021
Summary:     Recommended update for gcc11
Type:        recommended
Severity:    moderate
References:  1187153,1187273,1188623
This update for gcc11 fixes the following issues:

The additional GNU compiler collection GCC 11 is provided:

To select these compilers install the packages:

- gcc11
- gcc-c++11
- and others with 11 prefix.

to select them for building:

- CC='gcc-11'
- CXX='g++-11'

The compiler baselibraries (libgcc_s1, libstdc++6 and others) are being replaced by the GCC 11 variants.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3808-1
Released:    Fri Nov 26 00:30:54 2021
Summary:     Recommended update for systemd
Type:        recommended
Severity:    moderate
References:  1186071,1190440,1190984,1192161
This update for systemd fixes the following issues:

- Add timestamp to D-Bus events to improve traceability (jsc#SLE-17798)
- Fix fd_is_mount_point() when both the parent and directory are network file systems (bsc#1190984)
- Support detection for ARM64 Hyper-V guests (bsc#1186071)
- Fix systemd-detect-virt not detecting Amazon EC2 Nitro instance (bsc#1190440)
- Enable support for Portable Services in openSUSE Leap only (jsc#SLE-21694)
- Fix IO scheduler udev rules to address performance issues (jsc#SLE-21032, bsc#1192161)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3870-1
Released:    Thu Dec  2 07:11:50 2021
Summary:     Recommended update for libzypp, zypper
Type:        recommended
Severity:    moderate
References:  1190356,1191286,1191324,1191370,1191609,1192337,1192436
This update for libzypp, zypper fixes the following issues:

libzypp:

- Check log writer before accessing it (bsc#1192337)
- Zypper should keep cached files if transaction is aborted (bsc#1190356)
- Require a minimum number of mirrors for multicurl (bsc#1191609)
- Fixed slowdowns when rlimit is too high by using procfs to detect niumber of 
  open file descriptors (bsc#1191324)
- Fixed zypper incomplete messages when using non English localization (bsc#1191370)
- RepoManager: Don't probe for plaindir repository if the URL schema is a plugin (bsc#1191286)
- Disable logger in the child process after fork (bsc#1192436)

zypper:

- Fixed Zypper removing a kernel explicitely pinned that uses uname -r output format as name (openSUSE/zypper#418)


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3872-1
Released:    Thu Dec  2 07:25:55 2021
Summary:     Recommended update for cracklib
Type:        recommended
Severity:    moderate
References:  1191736
This update for cracklib fixes the following issues:

- Enable build time tests (bsc#1191736)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3891-1
Released:    Fri Dec  3 10:21:49 2021
Summary:     Recommended update for keyutils
Type:        recommended
Severity:    moderate
References:  1029961,1113013,1187654
This update for keyutils fixes the following issues:

- Add /etc/keys/ and /usr/etc/keys/ directory (bsc#1187654)

keyutils was updated to 1.6.3 (jsc#SLE-20016):

* Revert the change notifications that were using /dev/watch_queue.
* Apply the change notifications that use pipe2(O_NOTIFICATION_PIPE).
* Allow 'keyctl supports' to retrieve raw capability data.
* Allow 'keyctl id' to turn a symbolic key ID into a numeric ID.
* Allow 'keyctl new_session' to name the keyring.
* Allow 'keyctl add/padd/etc.' to take hex-encoded data.
* Add 'keyctl watch*' to expose kernel change notifications on keys.
* Add caps for namespacing and notifications.
* Set a default TTL on keys that upcall for name resolution.
* Explicitly clear memory after it's held sensitive information.
* Various manual page fixes.
* Fix C++-related errors.
* Add support for keyctl_move().
* Add support for keyctl_capabilities().
* Make key=val list optional for various public-key ops.
* Fix system call signature for KEYCTL_PKEY_QUERY.
* Fix 'keyctl pkey_query' argument passing.
* Use keyctl_read_alloc() in dump_key_tree_aux().
* Various manual page fixes. 

Updated to 1.6:

* Apply various specfile cleanups from Fedora.
* request-key: Provide a command line option to suppress helper execution.
* request-key: Find least-wildcard match rather than first match.
* Remove the dependency on MIT Kerberos.
* Fix some error messages
* keyctl_dh_compute.3: Suggest /proc/crypto for list of available hashes.
* Fix doc and comment typos.
* Add public key ops for encrypt, decrypt, sign and verify (needs linux-4.20).
* Add pkg-config support for finding libkeyutils.
* upstream isn't offering PGP signatures for the source tarballs anymore

Updated to 1.5.11 (bsc#1113013)

* Add keyring restriction support.
* Add KDF support to the Diffie-Helman function.
* DNS: Add support for AFS config files and SRV records
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3899-1
Released:    Fri Dec  3 11:27:41 2021
Summary:     Security update for aaa_base
Type:        security
Severity:    moderate
References:  1162581,1174504,1191563,1192248
This update for aaa_base fixes the following issues:

- Allowed ping and ICMP commands without CAP_NET_RAW (bsc#1174504).
- Add $HOME/.local/bin to PATH, if it exists (bsc#1192248).
- Fixed get_kernel_version.c to work also for recent kernels on the s390/X platform (bsc#1191563).
- Support xz compressed kernel (bsc#1162581)   

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3934-1
Released:    Mon Dec  6 13:22:27 2021
Summary:     Security update for mozilla-nss
Type:        security
Severity:    important
References:  1193170,CVE-2021-43527
This update for mozilla-nss fixes the following issues:

Update to version 3.68.1:

- CVE-2021-43527: Fixed a Heap overflow in NSS when verifying DER-encoded DSA or RSA-PSS signatures (bsc#1193170).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3946-1
Released:    Mon Dec  6 14:57:42 2021
Summary:     Security update for gmp
Type:        security
Severity:    moderate
References:  1192717,CVE-2021-43618
This update for gmp fixes the following issues:
    
- CVE-2021-43618: Fixed buffer overflow via crafted input in mpz/inp_raw.c (bsc#1192717).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3963-1
Released:    Mon Dec  6 19:57:39 2021
Summary:     Recommended update for system-users
Type:        recommended
Severity:    moderate
References:  1190401
This update for system-users fixes the following issues:

- system-user-tss.conf: Removed group entry because it's not needed and contained syntax errors (bsc#1190401)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3980-1
Released:    Thu Dec  9 16:42:19 2021
Summary:     Recommended update for glibc
Type:        recommended
Severity:    moderate
References:  1191592

glibc was updated to fix the following issue:

- Support for new IBM Z Hardware (bsc#1191592, jsc#IBM-869)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:4145-1
Released:    Wed Dec 22 05:27:48 2021
Summary:     Recommended update for openssl-1_1
Type:        recommended
Severity:    moderate
References:  1161276
This update for openssl-1_1 fixes the following issues:

- Remove previously applied patch because it interferes with FIPS validation (bsc#1161276)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:4154-1
Released:    Wed Dec 22 11:02:38 2021
Summary:     Security update for p11-kit
Type:        security
Severity:    important
References:  1180064,1187993,CVE-2020-29361
This update for p11-kit fixes the following issues:

- CVE-2020-29361: Fixed multiple integer overflows in rpc code (bsc#1180064)
- Add support for CKA_NSS_{SERVER,EMAIL}_DISTRUST_AFTER (bsc#1187993).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:4175-1
Released:    Thu Dec 23 11:22:33 2021
Summary:     Recommended update for systemd
Type:        recommended
Severity:    important
References:  1192423,1192858,1193759
This update for systemd fixes the following issues:

- Bump the max number of inodes for /dev to a million (bsc#1192858)
- sleep: don't skip resume device with low priority/available space (bsc#1192423)
- test: use kbd-mode-map we ship in one more test case
- test-keymap-util: always use kbd-model-map we ship
- Add rules for virtual devices and enforce 'none' for loop devices. (bsc#1193759)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:4182-1
Released:    Thu Dec 23 11:51:51 2021
Summary:     Recommended update for zlib
Type:        recommended
Severity:    moderate
References:  1192688
This update for zlib fixes the following issues:

- Fix hardware compression incorrect result on z15 hardware (bsc#1192688)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:4192-1
Released:    Tue Dec 28 10:39:50 2021
Summary:     Security update for permissions
Type:        security
Severity:    moderate
References:  1174504
This update for permissions fixes the following issues:

- Update to version 20181225:
  * drop ping capabilities in favor of ICMP_PROTO sockets (bsc#1174504)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4-1
Released:    Mon Jan  3 08:28:54 2022
Summary:     Recommended update for libgcrypt
Type:        recommended
Severity:    moderate
References:  1193480
This update for libgcrypt fixes the following issues:

- Fix function gcry_mpi_sub_ui subtracting from negative value (bsc#1193480)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:12-1
Released:    Mon Jan  3 15:36:03 2022
Summary:     Recommended update for cairo, jbigkit, libjpeg-turbo, libwebp, libxcb, openjpeg2, pixman, poppler, tiff
Type:        recommended
Severity:    moderate
References:  
This recommended update for cairo, jbigkit, libjpeg-turbo, libwebp, libxcb, openjpeg2, pixman, poppler, tiff provides the following fix:

- Ship some missing binaries to PackageHub.
  

The following package changes have been done:

- aaa_base-84.87+git20180409.04c9dae-3.52.1 updated
- cracklib-dict-small-2.9.7-11.6.1 updated
- cracklib-2.9.7-11.6.1 updated
- glibc-2.31-9.6.1 updated
- libcrack2-2.9.7-11.6.1 updated
- libfreebl3-hmac-3.68.1-3.61.1 updated
- libfreebl3-3.68.1-3.61.1 updated
- libgcc_s1-11.2.1+git610-1.3.9 updated
- libgcrypt20-hmac-1.8.2-8.42.1 updated
- libgcrypt20-1.8.2-8.42.1 updated
- libgmp10-6.1.2-4.9.1 updated
- libjpeg8-8.1.2-32.2.1 updated
- libkeyutils1-1.6.3-5.6.1 updated
- libopenssl1_1-hmac-1.1.1d-11.33.2 updated
- libopenssl1_1-1.1.1d-11.33.2 updated
- libp11-kit0-0.23.2-4.13.1 updated
- libsoftokn3-hmac-3.68.1-3.61.1 updated
- libsoftokn3-3.68.1-3.61.1 updated
- libstdc++6-11.2.1+git610-1.3.9 updated
- libsystemd0-246.16-7.28.1 updated
- libudev1-246.16-7.28.1 updated
- libxcb1-1.13-3.7.1 updated
- libz1-1.2.11-3.24.1 updated
- libzypp-17.28.8-20.1 updated
- mozilla-nss-certs-3.68.1-3.61.1 updated
- mozilla-nss-3.68.1-3.61.1 updated
- openssl-1_1-1.1.1d-11.33.2 updated
- p11-kit-tools-0.23.2-4.13.1 updated
- p11-kit-0.23.2-4.13.1 updated
- permissions-20181225-23.9.1 updated
- rpm-config-SUSE-1-5.6.1 updated
- system-group-hardware-20170617-17.3.1 updated
- zypper-1.14.50-21.1 updated
- container:sles15-image-15.0.0-17.8.55 updated

SUSE: 2022:30-1 bci/openjdk Security Update

January 6, 2022
The container bci/openjdk was updated

Summary

Advisory ID: SUSE-RU-2021:3786-1 Released: Wed Nov 24 05:59:13 2021 Summary: Recommended update for rpm-config-SUSE Type: recommended Severity: important Advisory ID: SUSE-RU-2021:3799-1 Released: Wed Nov 24 18:07:54 2021 Summary: Recommended update for gcc11 Type: recommended Severity: moderate Advisory ID: SUSE-RU-2021:3808-1 Released: Fri Nov 26 00:30:54 2021 Summary: Recommended update for systemd Type: recommended Severity: moderate Advisory ID: SUSE-RU-2021:3870-1 Released: Thu Dec 2 07:11:50 2021 Summary: Recommended update for libzypp, zypper Type: recommended Severity: moderate Advisory ID: SUSE-RU-2021:3872-1 Released: Thu Dec 2 07:25:55 2021 Summary: Recommended update for cracklib Type: recommended Severity: moderate Advisory ID: SUSE-RU-2021:3891-1 Released: Fri Dec 3 10:21:49 2021 Summary: Recommended update for keyutils Type: recommended Severity: moderate Advisory ID: SUSE-SU-2021:3899-1 Released: Fri Dec 3 11:27:41 2021 Summary: Security update for aaa_base Type: security Severity: moderate Advisory ID: SUSE-SU-2021:3934-1 Released: Mon Dec 6 13:22:27 2021 Summary: Security update for mozilla-nss Type: security Severity: important Advisory ID: SUSE-SU-2021:3946-1 Released: Mon Dec 6 14:57:42 2021 Summary: Security update for gmp Type: security Severity: moderate Advisory ID: SUSE-RU-2021:3963-1 Released: Mon Dec 6 19:57:39 2021 Summary: Recommended update for system-users Type: recommended Severity: moderate Advisory ID: SUSE-RU-2021:3980-1 Released: Thu Dec 9 16:42:19 2021 Summary: Recommended update for glibc Type: recommended Severity: moderate Advisory ID: SUSE-RU-2021:4145-1 Released: Wed Dec 22 05:27:48 2021 Summary: Recommended update for openssl-1_1 Type: recommended Severity: moderate Advisory ID: SUSE-SU-2021:4154-1 Released: Wed Dec 22 11:02:38 2021 Summary: Security update for p11-kit Type: security Severity: important Advisory ID: SUSE-RU-2021:4175-1 Released: Thu Dec 23 11:22:33 2021 Summary: Recommended update for systemd Type: recommended Severity: important Advisory ID: SUSE-RU-2021:4182-1 Released: Thu Dec 23 11:51:51 2021 Summary: Recommended update for zlib Type: recommended Severity: moderate Advisory ID: SUSE-SU-2021:4192-1 Released: Tue Dec 28 10:39:50 2021 Summary: Security update for permissions Type: security Severity: moderate Advisory ID: SUSE-RU-2022:4-1 Released: Mon Jan 3 08:28:54 2022 Summary: Recommended update for libgcrypt Type: recommended Severity: moderate Advisory ID: SUSE-RU-2022:12-1 Released: Mon Jan 3 15:36:03 2022 Summary: Recommended update for cairo, jbigkit, libjpeg-turbo, libwebp, libxcb, openjpeg2, pixman, poppler, tiff Type: recommended Severity: moderate

References

References : 1029961 1113013 1161276 1162581 1174504 1174504 1180064 1186071

1187153 1187273 1187654 1187993 1188623 1190356 1190401 1190440

1190984 1191286 1191324 1191370 1191563 1191592 1191609 1191736

1192160 1192161 1192248 1192337 1192423 1192436 1192688 1192717

1192858 1193170 1193480 1193759 CVE-2020-29361 CVE-2021-43527

CVE-2021-43618

1192160

This update for rpm-config-SUSE fixes the following issues:

- Add support for the kernel xz-compressed firmware files (bsc#1192160)

1187153,1187273,1188623

This update for gcc11 fixes the following issues:

The additional GNU compiler collection GCC 11 is provided:

To select these compilers install the packages:

- gcc11

- gcc-c++11

- and others with 11 prefix.

to select them for building:

- CC='gcc-11'

- CXX='g++-11'

The compiler baselibraries (libgcc_s1, libstdc++6 and others) are being replaced by the GCC 11 variants.

1186071,1190440,1190984,1192161

This update for systemd fixes the following issues:

- Add timestamp to D-Bus events to improve traceability (jsc#SLE-17798)

- Fix fd_is_mount_point() when both the parent and directory are network file systems (bsc#1190984)

- Support detection for ARM64 Hyper-V guests (bsc#1186071)

- Fix systemd-detect-virt not detecting Amazon EC2 Nitro instance (bsc#1190440)

- Enable support for Portable Services in openSUSE Leap only (jsc#SLE-21694)

- Fix IO scheduler udev rules to address performance issues (jsc#SLE-21032, bsc#1192161)

1190356,1191286,1191324,1191370,1191609,1192337,1192436

This update for libzypp, zypper fixes the following issues:

libzypp:

- Check log writer before accessing it (bsc#1192337)

- Zypper should keep cached files if transaction is aborted (bsc#1190356)

- Require a minimum number of mirrors for multicurl (bsc#1191609)

- Fixed slowdowns when rlimit is too high by using procfs to detect niumber of

open file descriptors (bsc#1191324)

- Fixed zypper incomplete messages when using non English localization (bsc#1191370)

- RepoManager: Don't probe for plaindir repository if the URL schema is a plugin (bsc#1191286)

- Disable logger in the child process after fork (bsc#1192436)

zypper:

- Fixed Zypper removing a kernel explicitely pinned that uses uname -r output format as name (openSUSE/zypper#418)

1191736

This update for cracklib fixes the following issues:

- Enable build time tests (bsc#1191736)

1029961,1113013,1187654

This update for keyutils fixes the following issues:

- Add /etc/keys/ and /usr/etc/keys/ directory (bsc#1187654)

keyutils was updated to 1.6.3 (jsc#SLE-20016):

* Revert the change notifications that were using /dev/watch_queue.

* Apply the change notifications that use pipe2(O_NOTIFICATION_PIPE).

* Allow 'keyctl supports' to retrieve raw capability data.

* Allow 'keyctl id' to turn a symbolic key ID into a numeric ID.

* Allow 'keyctl new_session' to name the keyring.

* Allow 'keyctl add/padd/etc.' to take hex-encoded data.

* Add 'keyctl watch*' to expose kernel change notifications on keys.

* Add caps for namespacing and notifications.

* Set a default TTL on keys that upcall for name resolution.

* Explicitly clear memory after it's held sensitive information.

* Various manual page fixes.

* Fix C++-related errors.

* Add support for keyctl_move().

* Add support for keyctl_capabilities().

* Make key=val list optional for various public-key ops.

* Fix system call signature for KEYCTL_PKEY_QUERY.

* Fix 'keyctl pkey_query' argument passing.

* Use keyctl_read_alloc() in dump_key_tree_aux().

* Various manual page fixes.

Updated to 1.6:

* Apply various specfile cleanups from Fedora.

* request-key: Provide a command line option to suppress helper execution.

* request-key: Find least-wildcard match rather than first match.

* Remove the dependency on MIT Kerberos.

* Fix some error messages

* keyctl_dh_compute.3: Suggest /proc/crypto for list of available hashes.

* Fix doc and comment typos.

* Add public key ops for encrypt, decrypt, sign and verify (needs linux-4.20).

* Add pkg-config support for finding libkeyutils.

* upstream isn't offering PGP signatures for the source tarballs anymore

Updated to 1.5.11 (bsc#1113013)

* Add keyring restriction support.

* Add KDF support to the Diffie-Helman function.

* DNS: Add support for AFS config files and SRV records

1162581,1174504,1191563,1192248

This update for aaa_base fixes the following issues:

- Allowed ping and ICMP commands without CAP_NET_RAW (bsc#1174504).

- Add $HOME/.local/bin to PATH, if it exists (bsc#1192248).

- Fixed get_kernel_version.c to work also for recent kernels on the s390/X platform (bsc#1191563).

- Support xz compressed kernel (bsc#1162581)

1193170,CVE-2021-43527

This update for mozilla-nss fixes the following issues:

Update to version 3.68.1:

- CVE-2021-43527: Fixed a Heap overflow in NSS when verifying DER-encoded DSA or RSA-PSS signatures (bsc#1193170).

1192717,CVE-2021-43618

This update for gmp fixes the following issues:

- CVE-2021-43618: Fixed buffer overflow via crafted input in mpz/inp_raw.c (bsc#1192717).

1190401

This update for system-users fixes the following issues:

- system-user-tss.conf: Removed group entry because it's not needed and contained syntax errors (bsc#1190401)

1191592

glibc was updated to fix the following issue:

- Support for new IBM Z Hardware (bsc#1191592, jsc#IBM-869)

1161276

This update for openssl-1_1 fixes the following issues:

- Remove previously applied patch because it interferes with FIPS validation (bsc#1161276)

1180064,1187993,CVE-2020-29361

This update for p11-kit fixes the following issues:

- CVE-2020-29361: Fixed multiple integer overflows in rpc code (bsc#1180064)

- Add support for CKA_NSS_{SERVER,EMAIL}_DISTRUST_AFTER (bsc#1187993).

1192423,1192858,1193759

This update for systemd fixes the following issues:

- Bump the max number of inodes for /dev to a million (bsc#1192858)

- sleep: don't skip resume device with low priority/available space (bsc#1192423)

- test: use kbd-mode-map we ship in one more test case

- test-keymap-util: always use kbd-model-map we ship

- Add rules for virtual devices and enforce 'none' for loop devices. (bsc#1193759)

1192688

This update for zlib fixes the following issues:

- Fix hardware compression incorrect result on z15 hardware (bsc#1192688)

1174504

This update for permissions fixes the following issues:

- Update to version 20181225:

* drop ping capabilities in favor of ICMP_PROTO sockets (bsc#1174504)

1193480

This update for libgcrypt fixes the following issues:

- Fix function gcry_mpi_sub_ui subtracting from negative value (bsc#1193480)

This recommended update for cairo, jbigkit, libjpeg-turbo, libwebp, libxcb, openjpeg2, pixman, poppler, tiff provides the following fix:

- Ship some missing binaries to PackageHub.

The following package changes have been done:

- aaa_base-84.87+git20180409.04c9dae-3.52.1 updated

- cracklib-dict-small-2.9.7-11.6.1 updated

- cracklib-2.9.7-11.6.1 updated

- glibc-2.31-9.6.1 updated

- libcrack2-2.9.7-11.6.1 updated

- libfreebl3-hmac-3.68.1-3.61.1 updated

- libfreebl3-3.68.1-3.61.1 updated

- libgcc_s1-11.2.1+git610-1.3.9 updated

- libgcrypt20-hmac-1.8.2-8.42.1 updated

- libgcrypt20-1.8.2-8.42.1 updated

- libgmp10-6.1.2-4.9.1 updated

- libjpeg8-8.1.2-32.2.1 updated

- libkeyutils1-1.6.3-5.6.1 updated

- libopenssl1_1-hmac-1.1.1d-11.33.2 updated

- libopenssl1_1-1.1.1d-11.33.2 updated

- libp11-kit0-0.23.2-4.13.1 updated

- libsoftokn3-hmac-3.68.1-3.61.1 updated

- libsoftokn3-3.68.1-3.61.1 updated

- libstdc++6-11.2.1+git610-1.3.9 updated

- libsystemd0-246.16-7.28.1 updated

- libudev1-246.16-7.28.1 updated

- libxcb1-1.13-3.7.1 updated

- libz1-1.2.11-3.24.1 updated

- libzypp-17.28.8-20.1 updated

- mozilla-nss-certs-3.68.1-3.61.1 updated

- mozilla-nss-3.68.1-3.61.1 updated

- openssl-1_1-1.1.1d-11.33.2 updated

- p11-kit-tools-0.23.2-4.13.1 updated

- p11-kit-0.23.2-4.13.1 updated

- permissions-20181225-23.9.1 updated

- rpm-config-SUSE-1-5.6.1 updated

- system-group-hardware-20170617-17.3.1 updated

- zypper-1.14.50-21.1 updated

- container:sles15-image-15.0.0-17.8.55 updated

Severity
Container Advisory ID : SUSE-CU-2022:30-1
Container Tags : bci/openjdk:11
Container Release : 6.23
Severity : important
Type : security

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.