Stay Secure with the Latest Linux Advisories

security advisorysecurity updatesecurity issue

SUSE: 2021:80-2 Critical: ses/7/csi-driver Security Patch

The container ses/7/cephcsi/csi-attacher was updated. The following patches have been included in this update:. SUSE Container Update Advisory: ses/7/cephcsi/csi-attacher ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2021:80-1 Container Tags : ses/7/cephcsi/csi-attacher:v3.0.0 , ses/7/cephcsi/csi-attacher:v3.0.0-rev1 , ses/7/cephcsi/csi-attacher:v3.0.0-rev1-build3.221 Container Release : 3.221 Severity : important Type : security References : 1176201 1179847 1181328 1181622 1182328 1182362 1182629 CVE-2021-27218 CVE-2021-27219 ----------------------------------------------------------------- The container ses/7/cephcsi/csi-attacher was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2021:778-1 Released: Fri Mar 12 17:42:25 2021 Summary: Security update for glib2 Type: security Severity: important References: 1182328,1182362,CVE-2021-27218,CVE-2021-27219 This update for glib2 fixes the following issues: - CVE-2021-27218: g_byte_array_new_take takes a gsize as length but stores in a guint, this patch will refuse if the length is larger than guint. (bsc#1182328) - CVE-2021-27219: g_memdup takes a guint as parameter and sometimes leads into an integer overflow, so add a g_memdup2 function which uses gsize to replace it. (bsc#1182362) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:786-1 Released: Mon Mar 15 11:19:23 2021 Summary: Recommended update for zlib Type: recommended Severity: moderate References: 1176201 This update for zlib fixes the following issues: - Fixed hw compression on z15 (bsc#1176201) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:874-1 Released: Thu Mar 18 09:41:54 2021 Summary: Recommended update for libsolv, libzypp,zypper Type: recommended Severity: moderate References: 1179847,1181328,1181622,1182629 This update for libsolv, libzypp, zypper fixes the following issues: - support multiple collections in updateinfo parser - Fixed an issue when some 'systemd' tools require '/proc' to be mounted and fail if it's not there. (bsc#1181328) - Enable release packages to request a releaxed suse/opensuse vendorcheck in dup when migrating. (bsc#1182629) - Patch: Identify well-known category names to allow to use the RH and SUSE patch category names synonymously. (bsc#1179847) - Fix '%posttrans' script execution. (fixes #265) - Repo: Allow multiple baseurls specified on one line (fixes #285) - Regex: Fix memory leak and undefined behavior. - Add rpm buildrequires for test suite (fixes #279) - Use rpmdb2solv new -D switch to tell the location of the rpmdatabase to use. - doc: give more details about creating versioned package locks. (bsc#1181622) - man: Document synonymously used patch categories (bsc#1179847) . SUSE Container Security Notice for ses/7/cephcsi/csi-detacher featuring urgent vulnerability resolution and essential updates.. SUSE Container Update, CephCSI, Security Patch. . Severity: Important. LinuxSecurity.com Team

Mar 23, 2021 •Important SuSE