SUSE Container Update Advisory: bci/ruby ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2023:279-1 Container Tags : bci/ruby:2 , bci/ruby:2-33.11 , bci/ruby:2.5 , bci/ruby:2.5-33.11 , bci/ruby:latest Container Release : 33.11 Severity : important Type : security References : 1194038 1203652 1204944 1205000 1205646 1207182 1207264 CVE-2022-4415 ----------------------------------------------------------------- The container bci/ruby was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:177-1 Released: Thu Jan 26 20:57:35 2023 Summary: Recommended update for util-linux Type: recommended Severity: moderate References: 1194038,1205646 This update for util-linux fixes the following issues: - Fix tests not passing when '@' character is in build path: Fixes rpmbuild %checks fail when @ in the directory path (bsc#1194038). - libuuid continuous clock handling for time based UUIDs: Prevent use of the new libuuid ABI by uuidd %post before update of libuuid1 (bsc#1205646). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:178-1 Released: Thu Jan 26 20:58:21 2023 Summary: Recommended update for openssl-1_1 Type: recommended Severity: moderate References: 1207182 This update for openssl-1_1 fixes the following issues: - FIPS: Add Pair-wise Consistency Test when generating DH key [bsc#1207182] ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:188-1 Released: Fri Jan 27 12:07:19 2023 Summary: Recommended update for zlib Type: recommended Severity: important References: 1203652 This update for zlib fixes the following issues: - Follow up fix for bug bsc#1203652 due to libxml2 issues ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:201-1 Released: Fri Jan 27 15:24:15 2023 Summary: Security update for systemd Type: security Severity: moderate References: 1204944,1205000,1207264,CVE-2022-4415 This update for systemd fixes the following issues: - CVE-2022-4415: Fixed an issue where users could access coredumps with changed uid, gid or capabilities (bsc#1205000). Non-security fixes: - Enabled the pstore service (jsc#PED-2663). - Fixed an issue accessing TPM when secure boot is enabled (bsc#1204944). - Fixed an issue where a pamd file could get accidentally overwritten after an update (bsc#1207264). The following package changes have been done: - libuuid1-2.37.2-150400.8.14.1 updated - libudev1-249.14-150400.8.19.1 updated - libsmartcols1-2.37.2-150400.8.14.1 updated - libblkid1-2.37.2-150400.8.14.1 updated - libfdisk1-2.37.2-150400.8.14.1 updated - libz1-1.2.11-150000.3.39.1 updated - libsystemd0-249.14-150400.8.19.1 updated - libopenssl1_1-1.1.1l-150400.7.19.1 updated - libopenssl1_1-hmac-1.1.1l-150400.7.19.1 updated - libmount1-2.37.2-150400.8.14.1 updated - util-linux-2.37.2-150400.8.14.1 updated - container:sles15-image-15.0.0-27.14.33 updated
SUSE: 2023:279-1 bci/ruby Security Update
January 31, 2023
The container bci/ruby was updated
Summary
Advisory ID: SUSE-RU-2023:177-1 Released: Thu Jan 26 20:57:35 2023 Summary: Recommended update for util-linux Type: recommended Severity: moderate Advisory ID: SUSE-RU-2023:178-1 Released: Thu Jan 26 20:58:21 2023 Summary: Recommended update for openssl-1_1 Type: recommended Severity: moderate Advisory ID: SUSE-RU-2023:188-1 Released: Fri Jan 27 12:07:19 2023 Summary: Recommended update for zlib Type: recommended Severity: important Advisory ID: SUSE-SU-2023:201-1 Released: Fri Jan 27 15:24:15 2023 Summary: Security update for systemd Type: security Severity: moderate
References
References : 1194038 1203652 1204944 1205000 1205646 1207182 1207264 CVE-2022-4415
1194038,1205646
This update for util-linux fixes the following issues:
- Fix tests not passing when '@' character is in build path:
Fixes rpmbuild %checks fail when @ in the directory path (bsc#1194038).
- libuuid continuous clock handling for time based UUIDs:
Prevent use of the new libuuid ABI by uuidd %post before update
of libuuid1 (bsc#1205646).
1207182
This update for openssl-1_1 fixes the following issues:
- FIPS: Add Pair-wise Consistency Test when generating DH key [bsc#1207182]
1203652
This update for zlib fixes the following issues:
- Follow up fix for bug bsc#1203652 due to libxml2 issues
1204944,1205000,1207264,CVE-2022-4415
This update for systemd fixes the following issues:
- CVE-2022-4415: Fixed an issue where users could access coredumps
with changed uid, gid or capabilities (bsc#1205000).
Non-security fixes:
- Enabled the pstore service (jsc#PED-2663).
- Fixed an issue accessing TPM when secure boot is enabled (bsc#1204944).
- Fixed an issue where a pamd file could get accidentally overwritten
after an update (bsc#1207264).
The following package changes have been done:
- libuuid1-2.37.2-150400.8.14.1 updated
- libudev1-249.14-150400.8.19.1 updated
- libsmartcols1-2.37.2-150400.8.14.1 updated
- libblkid1-2.37.2-150400.8.14.1 updated
- libfdisk1-2.37.2-150400.8.14.1 updated
- libz1-1.2.11-150000.3.39.1 updated
- libsystemd0-249.14-150400.8.19.1 updated
- libopenssl1_1-1.1.1l-150400.7.19.1 updated
- libopenssl1_1-hmac-1.1.1l-150400.7.19.1 updated
- libmount1-2.37.2-150400.8.14.1 updated
- util-linux-2.37.2-150400.8.14.1 updated
- container:sles15-image-15.0.0-27.14.33 updated
Severity
Container Advisory ID : SUSE-CU-2023:279-1
Container Tags : bci/ruby:2 , bci/ruby:2-33.11 , bci/ruby:2.5 , bci/ruby:2.5-33.11 , bci/ruby:latest
Container Release : 33.11
Severity : important
Type : security
News
HOWTOs
Features
Interview with Guardian Digital CEO Dave Wreski: Open Source Utilization in Email Security Solutions & More
Verifying Linux Server Security: What Every Admin Needs to Know
What Linux, Windows & Mac OS Users Need to Know About VPNs
Complete Guide to Vulnerability Basics
How To Get Live Updates on Critical Linux Security Advisories
About Us
Powered By
