Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 530
Alerts This Week
Warning Icon 1 530

SUSE: 2023:562-2 Important: bci/openjdk-devel Security Patch

suse
Calendar Grey March 31, 2022
Dist Suse Esm H88
SUSE refreshes the bci/openjdk-devel container, providing critical security updates and enhancements to fortify system reliability.
The container bci/openjdk-devel was updated

Summary

Advisory ID: SUSE-RU-2022:1047-1 Released: Wed Mar 30 16:20:56 2022 Summary: Recommended update for pam Type: recommended Severity: moderate Advisory ID: SUSE-SU-2022:1061-1 Released: Wed Mar 30 18:27:06 2022 Summary: Security update for zlib Type: security Severity: important

References

References : 1196093 1197024 1197459 CVE-2018-25032

1196093,1197024

This update for pam fixes the following issues:

- Define _pam_vendordir as the variable is needed by systemd and others. (bsc#1196093)

- Between allocating the variable 'ai' and free'ing them, there are two 'return NO' were we don't free this variable.

This patch inserts freaddrinfo() calls before the 'return NO;'s. (bsc#1197024)

1197459,CVE-2018-25032

This update for zlib fixes the following issues:

- CVE-2018-25032: Fixed memory corruption on deflate (bsc#1197459).

The following package changes have been done:

- libz1-1.2.11-150000.3.30.1 updated

- pam-1.3.0-150000.6.55.3 updated

- container:openjdk-11-image-15.3.0-14.44 updated

Severity
important
Lowest
Low
Medium
High
Critical

Container Advisory ID : SUSE-CU-2022:461-1
Container Tags : bci/openjdk-devel:11 , bci/openjdk-devel:11-14.75 , bci/openjdk-devel:latest
Container Release : 14.75
Severity : important
Type : security

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.