Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -4 articles for you...
100
security advisorymoderatesecurity updateSUSE: 2023:3842-2 Critical: bci/OpenJDK-Security Update Released
The container bci/openjdk-devel was updated. The following patches have been included in this update:. SUSE Container Update Advisory: bci/openjdk-devel ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2023:3831-1 Container Tags : bci/openjdk-devel:17 , bci/openjdk-devel:17-12.79 , bci/openjdk-devel:latest Container Release : 12.79 Severity : moderate Type : security References : 1162112 1216529 CVE-2023-46122 ----------------------------------------------------------------- The container bci/openjdk-devel was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:4527-1 Released: Wed Nov 22 14:38:50 2023 Summary: Security update for maven, maven-resolver, sbt, xmvn Type: security Severity: moderate References: 1162112,1216529,CVE-2023-46122 This update for maven, maven-resolver, sbt, xmvn fixes the following issues: - CVE-2023-46122: Fixed an arbitrary file write when extracting a crafted zip file with sbt (bsc#1216529). - Upgraded maven to version 3.9.4 - Upgraded maven-resolver to version 1.9.15. The following package changes have been done: - libxml2-2-2.10.3-150500.5.11.1 updated - libopenssl1_1-1.1.1l-150500.17.22.1 updated - libopenssl1_1-hmac-1.1.1l-150500.17.22.1 updated - openssl-1_1-1.1.1l-150500.17.22.1 updated - maven-resolver-api-1.9.15-150200.3.14.2 updated - maven-resolver-util-1.9.15-150200.3.14.2 updated - maven-resolver-spi-1.9.15-150200.3.14.2 updated - maven-resolver-named-locks-1.9.15-150200.3.14.2 updated - maven-resolver-transport-file-1.9.15-150200.3.14.2 updated - maven-resolver-connector-basic-1.9.15-150200.3.14.2 updated - maven-resolver-transport-wagon-1.9.15-150200.3.14.2 updated - maven-resolver-impl-1.9.15-150200.3.14.2 updated - maven-resolver-transport-http-1.9.15-150200.3.14.2 updated - maven-lib-3.9.4-150200.4.18.1 updated -maven-3.9.4-150200.4.18.1 updated - container:bci-openjdk-17-15.5.17-12.39 updated . Container update for bci/openjdk-devel resolves a moderate issue after various upgrades and fixes, updates are recommended.. bci OpenJDK Security Update, SUSE Container Advisory, Maven Upgrade. . LinuxSecurity.com Team
Nov 23, 2023
SuSE
100
security advisorysecurity updateimportantSUSE: 2023:1133-1 Important: Security Update for Container-suseconnect
The container suse/sle15 was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/sle15 ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2023:1133-1 Container Tags : suse/sle15:15.2 , suse/sle15:15.2.9.5.284 Container Release : 9.5.284 Severity : important Type : security References : ----------------------------------------------------------------- The container suse/sle15 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:1851-1 Released: Fri Apr 14 15:08:38 2023 Summary: Security update for container-suseconnect Type: security Severity: important References: This update for container-suseconnect fixes the following issue: - rebuilt against current go version. The following package changes have been done: - container-suseconnect-2.4.0-150000.4.26.1 updated . Maintain safety with SUSE Container Upgrade for suse/sle15, featuring critical updates and repairs.. SUSE Container Update, suse/sle15, security patches, container advisory, system update. . Severity: Important. LinuxSecurity.com Team
Apr 15, 2023
•Important
SuSE
100
security advisorysecurity updateimportantSUSE: 2022:1205-1 Important: Bci/Python Security Update
The container bci/python was updated. The following patches have been included in this update:. SUSE Container Update Advisory: bci/python ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2022:1205-1 Container Tags : bci/python:3 , bci/python:3.9 , bci/python:3.9-17.31 , bci/python:latest Container Release : 17.31 Severity : important Type : security References : 1196490 1197443 1197743 1197771 1197794 1198446 1198614 1198723 1198766 1199132 1199223 1199224 1199240 CVE-2022-1304 CVE-2022-22576 CVE-2022-23308 CVE-2022-27775 CVE-2022-27776 CVE-2022-27781 CVE-2022-27782 CVE-2022-29155 CVE-2022-29824 ----------------------------------------------------------------- The container bci/python was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:1655-1 Released: Fri May 13 15:36:10 2022 Summary: Recommended update for pam Type: recommended Severity: moderate References: 1197794 This update for pam fixes the following issue: - Do not include obsolete header files (bsc#1197794) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:1657-1 Released: Fri May 13 15:39:07 2022 Summary: Security update for curl Type: security Severity: moderate References: 1198614,1198723,1198766,CVE-2022-22576,CVE-2022-27775,CVE-2022-27776 This update for curl fixes the following issues: - CVE-2022-27776: Fixed auth/cookie leak on redirect (bsc#1198766) - CVE-2022-27775: Fixed bad local IPv6 connection reuse (bsc#1198723) - CVE-2022-22576: Fixed OAUTH2 bearer bypass in connection re-use (bsc#1198614) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:1658-1 Released: Fri May 13 15:40:20 2022 Summary: Recommended update for libpsl Type: recommended Severity: important References: 1197771 This update for libpsl fixes the following issues: - Fix libpsl compilation issues (bsc#1197771) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:1670-1 Released: Mon May 16 10:06:30 2022 Summary: Security update for openldap2 Type: security Severity: important References: 1199240,CVE-2022-29155 This update for openldap2 fixes the following issues: - CVE-2022-29155: Fixed SQL injection in back-sql (bsc#1199240). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:1688-1 Released: Mon May 16 14:02:49 2022 Summary: Security update for e2fsprogs Type: security Severity: important References: 1198446,CVE-2022-1304 This update for e2fsprogs fixes the following issues: - CVE-2022-1304: Fixed out-of-bounds read/write leading to segmentation fault and possibly arbitrary code execution. (bsc#1198446) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:1691-1 Released: Mon May 16 15:13:39 2022 Summary: Recommended update for augeas Type: recommended Severity: moderate References: 1197443 This update for augeas fixes the following issue: - Sysctl keys can contain some more non-alphanumeric characters. (bsc#1197443) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:1709-1 Released: Tue May 17 17:35:47 2022 Summary: Recommended update for libcbor Type: recommended Severity: important References: 1197743 This update for libcbor fixes the following issues: - Fix build errors occuring on SUSE Linux Enterprise 15 Service Pack 4 ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:1750-1 Released: Thu May 19 15:28:20 2022 Summary: Security update for libxml2 Type: security Severity: important References: 1196490,1199132,CVE-2022-23308,CVE-2022-29824 This update forlibxml2 fixes the following issues: - CVE-2022-23308: Fixed a use-after-free of ID and IDREF attributes (bsc#1196490). - CVE-2022-29824: Fixed integer overflow that could have led to an out-of-bounds write in buf.c (xmlBuf*) and tree.c (xmlBuffer*) (bsc#1199132). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:1870-1 Released: Fri May 27 10:03:40 2022 Summary: Security update for curl Type: security Severity: important References: 1199223,1199224,CVE-2022-27781,CVE-2022-27782 This update for curl fixes the following issues: - CVE-2022-27781: Fixed CERTINFO never-ending busy-loop (bsc#1199223) - CVE-2022-27782: Fixed TLS and SSH connection too eager reuse (bsc#1199224) The following package changes have been done: - curl-7.66.0-150200.4.33.1 updated - libaugeas0-1.10.1-150000.3.12.1 updated - libcbor0-0.5.0-150100.4.6.1 updated - libcom_err2-1.43.8-150000.4.33.1 updated - libcurl4-7.66.0-150200.4.33.1 updated - libldap-2_4-2-2.4.46-150200.14.8.1 updated - libldap-data-2.4.46-150200.14.8.1 updated - libpsl5-0.20.1-150000.3.3.1 updated - libxml2-2-2.9.7-150000.3.46.1 updated - pam-1.3.0-150000.6.58.3 updated - container:sles15-image-15.0.0-17.17.5 updated . SUSE Container update for bci/python includes important patches for various security issues and updates for dependencies.. Bci Python Security Patch, Container Advisory, SUSE Important Update. . LinuxSecurity.com Team
May 28, 2022
SuSE
100
security advisorymoderatesecurity updateSUSE: 2021:482-1 Important: Security Update for suse/sle15 Container
The container suse/sle15 was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/sle15 ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2021:482-1 Container Tags : suse/sle15:15.4 , suse/sle15:15.4.21.5 Container Release : 21.5 Severity : important Type : security References : 1177127 1178236 1183154 1185016 1185524 1186489 1186503 1186602 1186910 1187224 1187270 1187425 1187466 1187512 1187738 1187760 1187911 1188156 1188344 1188435 1188921 1189031 1189454 1189550 1190052 1190059 1190199 1190465 1190645 1190712 1190739 1190793 1190815 1190858 1190915 1190933 1191987 CVE-2021-33574 CVE-2021-35942 CVE-2021-37600 CVE-2021-39537 ----------------------------------------------------------------- The container suse/sle15 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-OU-2020:3026-1 Released: Fri Oct 23 15:35:49 2020 Summary: Optional update for the Public Cloud Module Type: optional Severity: moderate References: This update adds the Google Cloud Storage packages to the Public Cloud module (jsc#ECO-2398). The following packages were included: - python3-grpcio - python3-protobuf - python3-google-api-core - python3-google-cloud-core - python3-google-cloud-storage - python3-google-resumable-media - python3-googleapis-common-protos - python3-grpcio-gcp - python3-mock (updated to version 3.0.5) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:294-1 Released: Wed Feb 3 12:54:28 2021 Summary: Recommended update for libprotobuf Type: recommended Severity: moderate References: libprotobuf was updated to fix: - ship the libprotobuf-lite15 on the basesystem moduleand the INSTALLER channel. (jsc#ECO-2911) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:656-1 Released: Mon Mar 1 09:34:21 2021 Summary: Recommended update for protobuf Type: recommended Severity: moderate References: 1177127 This update for protobuf fixes the following issues: - Add missing dependency of python subpackages on python-six. (bsc#1177127) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:3013-1 Released: Thu Sep 9 16:55:40 2021 Summary: Recommended update for patterns-base, patterns-server-enterprise, sles15-image Type: recommended Severity: moderate References: 1183154,1189550 This update for patterns-base, patterns-server-enterprise, sles15-image fixes the following issues: - Add pattern to install necessary packages for FIPS (bsc#1183154) - Add patterns-base-fips to work also in FIPS environments (bsc#1183154) - Use the same icon in the fips pattern as the previous pattern had (bsc#1189550) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:3274-1 Released: Fri Oct 1 10:34:17 2021 Summary: Recommended update for ca-certificates-mozilla Type: recommended Severity: important References: 1190858 This update for ca-certificates-mozilla fixes the following issues: - remove one of the Letsencrypt CAs DST_Root_CA_X3.pem, as it expires September 30th 2021 and openssl certificate chain handling does not handle this correctly in openssl 1.0.2 and older. (bsc#1190858) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2021:3291-1 Released: Wed Oct 6 16:45:36 2021 Summary: Security update for glibc Type: security Severity: moderate References: 1186489,1187911,CVE-2021-33574,CVE-2021-35942 This update for glibc fixes the following issues: - CVE-2021-33574: Fixed use __pthread_attr_copy in mq_notify (bsc#1186489). - CVE-2021-35942: Fixed wordexp handleoverflow in positional parameter number (bsc#1187911). ----------------------------------------------------------------- Advisory ID: SUSE-OU-2021:3327-1 Released: Mon Oct 11 11:44:50 2021 Summary: Optional update for coreutils Type: optional Severity: low References: 1189454 This optional update for coreutils fixes the following issue: - Provide coreutils documentation, 'coreutils-doc', with 'L2' support level. (bsc#1189454) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:3382-1 Released: Tue Oct 12 14:30:17 2021 Summary: Recommended update for ca-certificates-mozilla Type: recommended Severity: moderate References: This update for ca-certificates-mozilla fixes the following issues: - A new sub-package for minimal base containers (jsc#SLE-22162) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2021:3474-1 Released: Wed Oct 20 08:41:31 2021 Summary: Security update for util-linux Type: security Severity: moderate References: 1178236,1188921,CVE-2021-37600 This update for util-linux fixes the following issues: - CVE-2021-37600: Fixed an integer overflow which could lead to a buffer overflow in get_sem_elements() in sys-utils/ipcutils.c. (bsc#1188921) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:3480-1 Released: Wed Oct 20 11:24:10 2021 Summary: Recommended update for yast2-network Type: recommended Severity: moderate References: 1185016,1185524,1186910,1187270,1187512,1188344,1190645,1190739,1190915,1190933 This update for yast2-network fixes the following issues: - Don't crash when the interfaces table contains a not configured one (bnc#1190645, bsc#1190915). - Fix the shown description using the interface friendly name when it is empty (bsc#1190933). - Consider aliases sections as case insensitive (bsc#1190739). - Display user defined device name in the devices overview (bnc#1190645). - Don't crash whendefined aliases in AutoYaST profile are not defined as a map (bsc#1188344). - Support 'boot' and 'on' as aliases for the 'auto' startmode (bsc#1186910). - Fix desktop file so the control center tooltip is translated (bsc#1187270). - Use the linuxrc proxy settings for the HTTPS and FTP proxies (bsc#1185016). - Don't crash at the end of installation when storing wifi configuration for NetworkManager (bsc#1185524, bsc#1187512). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2021:3490-1 Released: Wed Oct 20 16:31:55 2021 Summary: Security update for ncurses Type: security Severity: moderate References: 1190793,CVE-2021-39537 This update for ncurses fixes the following issues: - CVE-2021-39537: Fixed an heap-based buffer overflow in _nc_captoinfo. (bsc#1190793) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:3494-1 Released: Wed Oct 20 16:48:46 2021 Summary: Recommended update for pam Type: recommended Severity: moderate References: 1190052 This update for pam fixes the following issues: - Added pam_faillock to the set of available PAM modules. (jsc#SLE-20638) - Added new file macros.pam on request of systemd. (bsc#1190052) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:3501-1 Released: Fri Oct 22 10:42:46 2021 Summary: Recommended update for libzypp, zypper, libsolv, protobuf Type: recommended Severity: moderate References: 1186503,1186602,1187224,1187425,1187466,1187738,1187760,1188156,1188435,1189031,1190059,1190199,1190465,1190712,1190815 This update for libzypp, zypper, libsolv and protobuf fixes the following issues: - Choice rules: treat orphaned packages as newest (bsc#1190465) - Avoid calling 'su' to detect a too restrictive sudo user umask (bsc#1186602) - Do not check of signatures and keys two times(redundant) (bsc#1190059) - Rephrase vendor conflict message in case 2 packages are involved (bsc#1187760) - Show key fprfrom signature when signature check fails (bsc#1187224) - Fix solver jobs for PTFs (bsc#1186503) - Fix purge-kernels fails (bsc#1187738) - Fix obs:// platform guessing for Leap (bsc#1187425) - Make sure to keep states alives while transitioning. (bsc#1190199) - Manpage: Improve description about patch updates(bsc#1187466) - Manpage: Recommend the needs-rebooting command to test whether a system reboot is suggested. - Fix kernel-*-livepatch removal in purge-kernels. (bsc#1190815) - Fix crashes in logging code when shutting down (bsc#1189031) - Do not download full files even if the checkExistsOnly flag is set. (bsc#1190712) - Add need reboot/restart hint to XML install summary (bsc#1188435) - Prompt: choose exact match if prompt options are not prefix free (bsc#1188156) - Include libprotobuf-lite20 in products to enable parallel downloads. (jsc#ECO-2911, jsc#SLE-16862) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:3510-1 Released: Tue Oct 26 11:22:15 2021 Summary: Recommended update for pam Type: recommended Severity: important References: 1191987 This update for pam fixes the following issues: - Fixed a bad directive file which resulted in the 'securetty' file to be installed as 'macros.pam'. (bsc#1191987) The following package changes have been done: - bash-4.4-23.16 updated - ca-certificates-mozilla-2.44-21.1 updated - coreutils-8.32-3.2.1 updated - glibc-2.31-9.3.2 updated - krb5-1.19.2-1.1 updated - libaugeas0-1.10.1-3.3.1 updated - libblkid1-2.36.2-4.5.1 updated - libbrotlicommon1-1.0.7-1.59 added - libbrotlidec1-1.0.7-1.59 added - libbz2-1-1.0.8-1.10 updated - libcurl4-7.79.1-1.2 updated - libdw1-0.185-2.10 updated - libelf1-0.185-2.10 updated - libfdisk1-2.36.2-4.5.1 updated - libgcrypt20-hmac-1.9.4-1.25 added - libgcrypt20-1.9.4-1.25 updated - libglib-2_0-0-2.68.3-1.2 updated - libgpg-error0-1.42-1.20 updated - libgpgme11-1.16.0-1.7 updated - libkeyutils1-1.6.3-1.26 updated - liblz4-1-1.9.3-1.1 updated - libmount1-2.36.2-4.5.1updated - libncurses6-6.1-5.9.1 updated - libopenssl1_1-hmac-1.1.1l-1.15 added - libopenssl1_1-1.1.1l-1.15 updated - libp11-kit0-0.23.22-1.2 updated - libprotobuf-lite20-3.9.2-4.9.1 added - libreadline7-7.0-23.16 updated - libsmartcols1-2.36.2-4.5.1 updated - libsolv-tools-0.7.20-1.2 updated - libsystemd0-249.4-1.1 updated - libudev1-249.4-1.1 updated - libuuid1-2.36.2-4.5.1 updated - libxml2-2-2.9.12-1.1 updated - libyaml-cpp0_6-0.6.3-1.1 updated - libzstd1-1.4.9-1.4 updated - libzypp-17.28.5-1.2 updated - ncurses-utils-6.1-5.9.1 updated - openssl-1_1-1.1.1l-1.15 updated - p11-kit-tools-0.23.22-1.2 updated - p11-kit-0.23.22-1.2 updated - pam-1.3.0-6.50.1 updated - patterns-base-fips-20200124-10.5.1 added - rpm-config-SUSE-1-9.13 updated - rpm-ndb-4.14.3-41.2 updated - sles-release-15.4-19.1 updated - system-group-hardware-20170617-20.18 updated - terminfo-base-6.1-5.9.1 updated - util-linux-2.36.2-4.5.1 updated - zypper-1.14.49-1.1 updated . SUSE Container Update Notification for suse/sle15 tackles critical vulnerabilities with essential bug fixes and enhancements.. SUSE Container Update, suse/sle15 Patches, security update advisory. . Severity: Important. LinuxSecurity.com Team
Oct 29, 2021
•Important
SuSE
100
security advisorymoderate severitysuseSUSE: 2021:391-2 Important: Security Patch for SUSE/SLES12SP5
The container suse/sles12sp4 was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/sles12sp4 ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2021:390-1 Container Tags : suse/sles12sp4:26.357 , suse/sles12sp4:latest Container Release : 26.357 Severity : moderate Type : security References : 1186489 1187153 1187273 1188623 CVE-2021-33574 ----------------------------------------------------------------- The container suse/sles12sp4 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2021:3290-1 Released: Wed Oct 6 16:44:45 2021 Summary: Security update for glibc Type: security Severity: moderate References: 1186489,CVE-2021-33574 This update for glibc fixes the following issues: - CVE-2021-33574: Fixed a use-after-free possibility in mq_notify() (bsc#1186489) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:3329-1 Released: Mon Oct 11 15:31:42 2021 Summary: Recommended update for gcc11 Type: recommended Severity: moderate References: 1187153,1187273,1188623 This update for gcc11 fixes the following issues: The additional GNU compiler collection GCC 11 is provided in the Toolchain module, and updated compiler base libraries (libgcc_s1, libstdc++6 and others) are being provided in the regular SUSE Linux Enterprise Server repositories. Changes done in GCC11 are documented on: https://gcc.gnu.org/gcc-11/changes.html This update ships the C, C++, Objective C, D, Fortran, GO, and ADA compiler. To select these compilers install the packages: - gcc11 - gcc-c++11 - and others with 11 prefix. to select them for building: - CC='gcc-11' - CXX='g++-11' . Newly released updates for the SUSE container suse/sles12sp4 targeting security vulnerabilities and suggestedenhancements.. Suse/Sles12sp4 Update, Security Advisory, Container Patches, Glibc Update. . LinuxSecurity.com Team
Oct 12, 2021
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!