SUSE Container Update Advisory: ses/7.1/rook/ceph
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2023:640-1
Container Tags        : ses/7.1/rook/ceph:1.10.1 , ses/7.1/rook/ceph:1.10.1.16 , ses/7.1/rook/ceph:1.10.1.16.4.5.337 , ses/7.1/rook/ceph:latest , ses/7.1/rook/ceph:sle15.3.pacific
Container Release     : 4.5.337
Severity              : important
Type                  : security
References            : 1178168 1182066 1198331 1199282 1204585 1208574 CVE-2020-25659
                        CVE-2020-36242 CVE-2021-30560 
-----------------------------------------------------------------

The container ses/7.1/rook/ceph was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:604-1
Released:    Thu Mar  2 15:51:55 2023
Summary:     Security update for python-cryptography, python-cryptography-vectorsType:        security
Severity:    important
References:  1178168,1182066,1198331,1199282,CVE-2020-25659,CVE-2020-36242
This update for python-cryptography, python-cryptography-vectors fixes the following issues:

- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- CVE-2020-36242: Fixed a bug where certain sequences of update() calls could result in integer overflow (bsc#1182066).
- CVE-2020-25659: Fixed Bleichenbacher vulnerabilities (bsc#1178168).  

- update to 3.3.2 (bsc#1198331)
	 
	  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:676-1
Released:    Wed Mar  8 14:33:23 2023
Summary:     Recommended update for libxml2
Type:        recommended
Severity:    moderate
References:  1204585
This update for libxml2 fixes the following issues:

- Add W3C conformance tests to the testsuite (bsc#1204585):
  * Added file xmlts20080827.tar.gz 

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:680-1
Released:    Wed Mar  8 17:14:06 2023
Summary:     Security update for libxslt
Type:        security
Severity:    important
References:  1208574,CVE-2021-30560
This update for libxslt fixes the following issues:

- CVE-2021-30560: Fixing a use after free vulnerability in Blink XSLT (bsc#1208574).


The following package changes have been done:

- libxml2-2-2.9.7-150000.3.54.1 updated
- libxslt1-1.1.32-150000.3.14.1 updated
- python3-cryptography-3.3.2-150200.16.1 updated
- container:sles15-image-15.0.0-17.20.111 updated

SUSE: 2023:640-1 ses/7.1/rook/ceph Security Update

March 13, 2023
The container ses/7.1/rook/ceph was updated

Summary

Advisory ID: SUSE-SU-2023:604-1 Released: Thu Mar 2 15:51:55 2023 Summary: Security update for python-cryptography, python-cryptography-vectorsType: security Severity: important Advisory ID: SUSE-RU-2023:676-1 Released: Wed Mar 8 14:33:23 2023 Summary: Recommended update for libxml2 Type: recommended Severity: moderate Advisory ID: SUSE-SU-2023:680-1 Released: Wed Mar 8 17:14:06 2023 Summary: Security update for libxslt Type: security Severity: important

References

References : 1178168 1182066 1198331 1199282 1204585 1208574 CVE-2020-25659

CVE-2020-36242 CVE-2021-30560

1178168,1182066,1198331,1199282,CVE-2020-25659,CVE-2020-36242

This update for python-cryptography, python-cryptography-vectors fixes the following issues:

- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)

- CVE-2020-36242: Fixed a bug where certain sequences of update() calls could result in integer overflow (bsc#1182066).

- CVE-2020-25659: Fixed Bleichenbacher vulnerabilities (bsc#1178168).

- update to 3.3.2 (bsc#1198331)

1204585

This update for libxml2 fixes the following issues:

- Add W3C conformance tests to the testsuite (bsc#1204585):

* Added file xmlts20080827.tar.gz

1208574,CVE-2021-30560

This update for libxslt fixes the following issues:

- CVE-2021-30560: Fixing a use after free vulnerability in Blink XSLT (bsc#1208574).

The following package changes have been done:

- libxml2-2-2.9.7-150000.3.54.1 updated

- libxslt1-1.1.32-150000.3.14.1 updated

- python3-cryptography-3.3.2-150200.16.1 updated

- container:sles15-image-15.0.0-17.20.111 updated

Severity
Container Advisory ID : SUSE-CU-2023:640-1
Container Tags : ses/7.1/rook/ceph:1.10.1 , ses/7.1/rook/ceph:1.10.1.16 , ses/7.1/rook/ceph:1.10.1.16.4.5.337 , ses/7.1/rook/ceph:latest , ses/7.1/rook/ceph:sle15.3.pacific
Container Release : 4.5.337
Severity : important
Type : security

Related News

28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
8.Locks HexConnections CodeGlobe Esm H320
2 - 3 min read
Canonical has launched Ubuntu Pro for Devices , a comprehensive offering emphasizing security and compliance for IoT device deployments. This
2.Motherboard Esm H320
2 - 3 min read
The recently uncovered "Native Branch History Injection (BHI)" exploit against the Linux kernel marks a significant milestone in the ongoing battle
1.Penguin Landscape Esm H320
1 - 2 min read
There are compelling arguments in favor of Linux over Windows for desktop usage. Let's explore some advantages of choosing Linux over Windows for
4.Lock AbstractDigital Esm H320
2 - 3 min read
Canonical , the company behind Ubuntu , has introduced Netplan 1.0 , a network configuration tool that simplifies networking configuration on Linux

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved