SUSE Container Update Advisory: bci/python
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2023:1526-1
Container Tags        : bci/python:3 , bci/python:3-12.45 , bci/python:3.10 , bci/python:3.10-12.45 , bci/python:latest
Container Release     : 12.45
Severity              : important
Type                  : security
References            : 1206513 1207014 1210434 CVE-2023-29491 
-----------------------------------------------------------------

The container bci/python was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2111-1
Released:    Fri May  5 14:34:00 2023
Summary:     Security update for ncurses
Type:        security
Severity:    moderate
References:  1210434,CVE-2023-29491
This update for ncurses fixes the following issues:

- CVE-2023-29491: Fixed memory corruption issues when processing malformed terminfo data (bsc#1210434).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2114-1
Released:    Fri May  5 14:37:02 2023
Summary:     Recommended update for python310-setuptools
Type:        recommended
Severity:    moderate
References:  
This update for python310-setuptools fixes the following issues:

- Update to 67.6.1
- Support of pyproject.toml (jsc#PED-3765)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2131-1
Released:    Tue May  9 13:35:24 2023
Summary:     Recommended update for openssh
Type:        recommended
Severity:    important
References:  1207014
This update for openssh fixes the following issues:

- Remove some patches that cause invalid environment assignments (bsc#1207014).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2133-1
Released:    Tue May  9 13:37:10 2023
Summary:     Recommended update for zlib
Type:        recommended
Severity:    moderate
References:  1206513
This update for zlib fixes the following issues:

- Add DFLTCC support for using inflate() with a small window (bsc#1206513)


The following package changes have been done:

- libz1-1.2.11-150000.3.42.1 updated
- libncurses6-6.1-150000.5.15.1 updated
- terminfo-base-6.1-150000.5.15.1 updated
- ncurses-utils-6.1-150000.5.15.1 updated
- openssh-common-8.4p1-150300.3.18.2 updated
- python310-setuptools-67.6.1-150400.4.6.1 updated
- openssh-fips-8.4p1-150300.3.18.2 updated
- openssh-clients-8.4p1-150300.3.18.2 updated
- container:sles15-image-15.0.0-27.14.59 updated

SUSE: 2023:1526-1 bci/python Security Update

May 11, 2023
The container bci/python was updated

Summary

Advisory ID: SUSE-SU-2023:2111-1 Released: Fri May 5 14:34:00 2023 Summary: Security update for ncurses Type: security Severity: moderate Advisory ID: SUSE-RU-2023:2114-1 Released: Fri May 5 14:37:02 2023 Summary: Recommended update for python310-setuptools Type: recommended Severity: moderate Advisory ID: SUSE-RU-2023:2131-1 Released: Tue May 9 13:35:24 2023 Summary: Recommended update for openssh Type: recommended Severity: important Advisory ID: SUSE-RU-2023:2133-1 Released: Tue May 9 13:37:10 2023 Summary: Recommended update for zlib Type: recommended Severity: moderate

References

References : 1206513 1207014 1210434 CVE-2023-29491

1210434,CVE-2023-29491

This update for ncurses fixes the following issues:

- CVE-2023-29491: Fixed memory corruption issues when processing malformed terminfo data (bsc#1210434).

This update for python310-setuptools fixes the following issues:

- Update to 67.6.1

- Support of pyproject.toml (jsc#PED-3765)

1207014

This update for openssh fixes the following issues:

- Remove some patches that cause invalid environment assignments (bsc#1207014).

1206513

This update for zlib fixes the following issues:

- Add DFLTCC support for using inflate() with a small window (bsc#1206513)

The following package changes have been done:

- libz1-1.2.11-150000.3.42.1 updated

- libncurses6-6.1-150000.5.15.1 updated

- terminfo-base-6.1-150000.5.15.1 updated

- ncurses-utils-6.1-150000.5.15.1 updated

- openssh-common-8.4p1-150300.3.18.2 updated

- python310-setuptools-67.6.1-150400.4.6.1 updated

- openssh-fips-8.4p1-150300.3.18.2 updated

- openssh-clients-8.4p1-150300.3.18.2 updated

- container:sles15-image-15.0.0-27.14.59 updated

Severity
Container Advisory ID : SUSE-CU-2023:1526-1
Container Tags : bci/python:3 , bci/python:3-12.45 , bci/python:3.10 , bci/python:3.10-12.45 , bci/python:latest
Container Release : 12.45
Severity : important
Type : security

Related News

30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
8.Locks HexConnections CodeGlobe Esm H320
2 - 3 min read
Canonical has launched Ubuntu Pro for Devices , a comprehensive offering emphasizing security and compliance for IoT device deployments. This
2.Motherboard Esm H320
2 - 3 min read
The recently uncovered "Native Branch History Injection (BHI)" exploit against the Linux kernel marks a significant milestone in the ongoing battle

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved