Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 2 articles for you...
100
security advisorycriticalimportantSUSE SLES12SP5: 2023:3844-1 Important Security Updates for Packages
The container suse/sles12sp5 was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/sles12sp5 ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2023:3844-1 Container Tags : suse/sles12sp5:6.5.537 , suse/sles12sp5:latest Container Release : 6.5.537 Severity : important Type : security References : 1206480 1206684 1210557 1211427 1212101 1213915 1214052 1214460 1215427 1216129 1216664 1216922 CVE-2023-4039 CVE-2023-45322 CVE-2023-5678 ----------------------------------------------------------------- The container suse/sles12sp5 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:4480-1 Released: Mon Nov 20 10:15:33 2023 Summary: Security update for gcc13 Type: security Severity: important References: 1206480,1206684,1210557,1211427,1212101,1213915,1214052,1214460,1215427,1216664,CVE-2023-4039 This update for gcc13 fixes the following issues: This update ship the GCC 13.2 compiler suite and its base libraries. The compiler base libraries are provided for all SUSE Linux Enterprise 15 versions and replace the same named GCC 12 ones. The new compilers for C, C++, and Fortran are provided for SUSE Linux Enterprise 15 SP4 and SP5, and provided in the 'Development Tools' module. The Go, D, Ada and Modula 2 language compiler parts are available unsupported via the PackageHub repositories. To use gcc13 compilers use: - install 'gcc13' or 'gcc13-c++' or one of the other 'gcc13-COMPILER' frontend packages. - override your Makefile to use CC=gcc-13, CXX=g++-13 and similar overrides for the other languages. For a full changelog with all new GCC13 features, check out https://gcc.gnu.org/gcc-13/changes.html Detailed changes: * CVE-2023-4039: Fixed -fstack-protector issues onaarch64 with variable length stack allocations. (bsc#1214052) - Work around third party app crash during C++ standard library initialization. [bsc#1216664] - Fixed that GCC13 fails to compile some packages with error: unrecognizable insn (bsc#1215427) - Bump included newlib to version 4.3.0. - Update to GCC trunk head (r13-5254-g05b9868b182bb9) - Redo floatn fixinclude pick-up to simply keep what is there. - Turn cross compiler to s390x to a glibc cross. [bsc#1214460] - Also handle -static-pie in the default-PIE specs - Fixed missed optimization in Skia resulting in Firefox crashes when building with LTO. [bsc#1212101] - Make libstdc++6-devel packages own their directories since they can be installed standalone. [bsc#1211427] - Add new x86-related intrinsics (amxcomplexintrin.h). - RISC-V: Add support for inlining subword atomic operations - Use --enable-link-serialization rather that --enable-link-mutex, the benefit of the former one is that the linker jobs are not holding tokens of the make's jobserver. - Add cross-bpf packages. See https://gcc.gnu.org/wiki/BPFBackEnd for the general state of BPF with GCC. - Add bootstrap conditional to allow --without=bootstrap to be specified to speed up local builds for testing. - Bump included newlib to version 4.3.0. - Also package libhwasan_preinit.o on aarch64. - Configure external timezone database provided by the timezone package. Make libstdc++6 recommend timezone to get a fully working std::chrono. Install timezone when running the testsuite. - Package libhwasan_preinit.o on x86_64. - Fixed unwinding on aarch64 with pointer signing. [bsc#1206684] - Enable PRU flavour for gcc13 - update floatn fixinclude pickup to check each header separately (bsc#1206480) - Redo floatn fixinclude pick-up to simply keep what is there. - Bump libgo SONAME to libgo22. - Do not package libhwasan for biarch (32-bit architecture) as the extension depends on 64-bit pointers. - Adjust floatn fixincludes guard to work with SLE12 and earlier SLE15. - Dependon at least LLVM 13 for GCN cross compiler. - Update embedded newlib to version 4.2.0 - Allow cross-pru-gcc12-bootstrap for armv7l architecture. PRU architecture is used for real-time MCUs embedded into TI armv7l and aarch64 SoCs. We need to have cross-pru-gcc12 for armv7l in order to build both host applications and PRU firmware during the same build. ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:4505-1 Released: Tue Nov 21 13:30:43 2023 Summary: Security update for libxml2 Type: security Severity: moderate References: 1216129,CVE-2023-45322 This update for libxml2 fixes the following issues: - CVE-2023-45322: Fixed a use-after-free in xmlUnlinkNode() in tree.c (bsc#1216129). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:4523-1 Released: Tue Nov 21 17:50:16 2023 Summary: Security update for openssl-1_0_0 Type: security Severity: important References: 1216922,CVE-2023-5678 This update for openssl-1_0_0 fixes the following issues: - CVE-2023-5678: Fixed generating and checking of excessively long X9.42 DH keys that resulted in a possible Denial of Service (bsc#1216922). The following package changes have been done: - libgcc_s1-13.2.1+git7813-1.10.1 updated - libopenssl1_0_0-1.0.2p-3.87.1 updated - libstdc++6-13.2.1+git7813-1.10.1 updated - libxml2-2-2.9.4-46.68.2 updated - openssl-1_0_0-1.0.2p-3.87.1 updated . SUSE security alert notification for sles12sp5 presents essential updates for gcc, libxml2, and openssl.. SUSE Security Update, Container Advisory, GCC Security Fix, Openssl Update. . Severity: Important. LinuxSecurity.com Team
Nov 23, 2023
•Important
SuSE
100
security advisoryimportantca-certificatesSUSE: 2022:3458-1 Important Security Updates for SLES12SP5 Container
. SUSE Container Update Advisory: suse/sles12sp5 ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2022:3458-1 Container Tags : suse/sles12sp5:6.5.419 , suse/sles12sp5:latest Container Release : 6.5.419 Severity : important Type : security References : 1204423 1205000 1206212 1206622 CVE-2022-4415 ----------------------------------------------------------------- The container suse/sles12sp5 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:4625-1 Released: Tue Dec 27 09:47:49 2022 Summary: Security update for ca-certificates-mozilla Type: security Severity: important References: 1206212,1206622 This update for ca-certificates-mozilla fixes the following issues: - Updated to 2.60 state of Mozilla SSL root CAs (bsc#1206622) Removed CAs: - Global Chambersign Root - EC-ACC - Network Solutions Certificate Authority - Staat der Nederlanden EV Root CA - SwissSign Platinum CA - G2 Added CAs: - DIGITALSIGN GLOBAL ROOT ECDSA CA - DIGITALSIGN GLOBAL ROOT RSA CA - Security Communication ECC RootCA1 - Security Communication RootCA3 Changed trust: - TrustCor certificates only trusted up to Nov 30 (bsc#1206212) - Removed CAs (bsc#1206212) as most code does not handle 'valid before nov 30 2022' and it is not clear how many certs were issued for SSL middleware by TrustCor: - TrustCor RootCert CA-1 - TrustCor RootCert CA-2 - TrustCor ECA-1 ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:4627-1 Released: Tue Dec 27 15:05:41 2022 Summary: Security update for systemd Type: security Severity: important References: 1204423,1205000,CVE-2022-4415 This update for systemd fixes the following issues: - CVE-2022-4415: Fixed systemd-coredump that did not respect the fs.suid_dumpable kernel setting(bsc#1205000). Bug fixes: - Restrict cpu rule to x86_64, and also update the rule files to make use of the 'CONST{arch}' syntax (bsc#1204423). The following package changes have been done: - ca-certificates-mozilla-2.60-12.40.1 updated - libsystemd0-228-157.46.1 updated - libudev1-228-157.46.1 updated . Protect your SUSE Container by applying the most recent updates for ca-certificates and systemd, which tackle significant vulnerabilities.. SUSE Update, Container Advisory, Systemd Fix, Security Update, CA Certificate Update. . Severity: Important. LinuxSecurity.com Team
Dec 28, 2022
•Important
SuSE
100
security advisoryimportantinteger overflowSUSE: 2022:3314-1 Important Security Update for suse/sles12sp5
The container suse/sles12sp5 was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/sles12sp5 ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2022:3314-1 Container Tags : suse/sles12sp5:6.5.409 , suse/sles12sp5:latest Container Release : 6.5.409 Severity : important Type : security References : 1205126 CVE-2022-42898 ----------------------------------------------------------------- The container suse/sles12sp5 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:4335-1 Released: Tue Dec 6 16:03:03 2022 Summary: Security update for krb5 Type: security Severity: important References: 1205126,CVE-2022-42898 This update for krb5 fixes the following issues: - CVE-2022-42898: Fixed integer overflow in PAC parsing (bsc#1205126). The following package changes have been done: - krb5-1.12.5-40.43.1 updated . The recent update for the container image ubuntu/18.04 tackles significant security concerns, particularly regarding issues with OpenSSL.. suse container update, krb5 security patch, important update. . Severity: Important. LinuxSecurity.com Team
Dec 07, 2022
•Important
SuSE
100
security advisorycriticallibtasn1SUSE: 2022:2780-1 Critical: LibTasn1 Security Patch for Container
The container suse/sles12sp5 was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/sles12sp5 ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2022:2780-1 Container Tags : suse/sles12sp5:6.5.394 , suse/sles12sp5:latest Container Release : 6.5.394 Severity : critical Type : security References : 1204690 CVE-2021-46848 ----------------------------------------------------------------- The container suse/sles12sp5 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:3817-1 Released: Mon Oct 31 12:05:29 2022 Summary: Security update for libtasn1 Type: security Severity: critical References: 1204690,CVE-2021-46848 This update for libtasn1 fixes the following issues: - CVE-2021-46848: Fixed off-by-one array size check that affects asn1_encode_simple_der (bsc#1204690). The following package changes have been done: - libtasn1-6-4.9-3.13.1 updated - libtasn1-4.9-3.13.1 updated . Enhancements for the SUSE container suse/sles12sp5 feature vital security patches for libtasn1, resolving significant vulnerabilities.. Suse Container Update, LibTasn1 Security, Critical Patch Updates. . Severity: Critical. LinuxSecurity.com Team
Nov 01, 2022
•Critical
SuSE
100
security advisorysecurity updateimportantSUSE 2022:2733-1 Important: Curl Security Update for SLES12SP5
The container suse/sles12sp5 was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/sles12sp5 ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2022:2733-1 Container Tags : suse/sles12sp5:6.5.391 , suse/sles12sp5:latest Container Release : 6.5.391 Severity : important Type : security References : 1204383 CVE-2022-32221 ----------------------------------------------------------------- The container suse/sles12sp5 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:3769-1 Released: Wed Oct 26 12:17:10 2022 Summary: Security update for curl Type: security Severity: important References: 1204383,CVE-2022-32221 This update for curl fixes the following issues: - CVE-2022-32221: Fixed POST following PUT confusion (bsc#1204383). The following package changes have been done: - libcurl4-7.60.0-11.49.1 updated . The SUSE Container Update Notification addresses critical security patches for suse/sles12sp5 and hole fixes in curl.. SUSE Container Update,SLES12SP5 Updates,Curl Security Fix,Security Update Advisory. . Severity: Important. LinuxSecurity.com Team
Oct 27, 2022
•Important
SuSE
100
security advisorymoderateupdateSUSE: 2022:2353-1 Moderate: Security Update for SLES12SP5 Container
The container suse/sles12sp5 was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/sles12sp5 ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2022:2353-1 Container Tags : suse/sles12sp5:6.5.383 , suse/sles12sp5:latest Container Release : 6.5.383 Severity : moderate Type : security References : 1050467 1191194 1200095 1203018 CVE-2022-31252 ----------------------------------------------------------------- The container suse/sles12sp5 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:3382-1 Released: Mon Sep 26 12:34:19 2022 Summary: Security update for permissions Type: security Severity: moderate References: 1050467,1191194,1203018,CVE-2022-31252 This update for permissions fixes the following issues: - CVE-2022-31252: Fixed chkstat group controlled paths (bsc#1203018). - Add capability for prometheus-blackbox_exporter (bsc#1191194). - Make btmp root:utmp (bsc#1050467). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:3389-1 Released: Mon Sep 26 12:52:13 2022 Summary: Recommended update for libgcrypt Type: recommended Severity: moderate References: 1200095 This update for libgcrypt fixes the following issues: - FIPS: Auto-initialize drbg if needed. (bsc#1200095) The following package changes have been done: - libgcrypt20-1.6.1-16.83.1 updated - permissions-20170707-6.10.1 updated . The SUSE Container Update Advisory offers vital updates for SUSE Linux Enterprise Server 12 SP5, enhancing security and performance for users' systems . SUSE Container Update, Security Advisory, SLES12SP5, Update Details. . LinuxSecurity.com Team
Sep 28, 2022
SuSE
100
security advisorysecurity issueimportantSUSE SLES12SP5: 2022:281-1 Important Expat Security Update
The container suse/sles12sp5 was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/sles12sp5 ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2022:281-1 Container Tags : suse/sles12sp5:6.5.302 , suse/sles12sp5:latest Container Release : 6.5.302 Severity : important Type : security References : 1196025 1196784 CVE-2022-25236 ----------------------------------------------------------------- The container suse/sles12sp5 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:842-1 Released: Tue Mar 15 11:32:49 2022 Summary: Security update for expat Type: security Severity: important References: 1196025,1196784,CVE-2022-25236 This update for expat fixes the following issues: - Fixed a regression caused by the patch for CVE-2022-25236 (bsc#1196784). The following package changes have been done: - libexpat1-2.1.0-21.22.1 updated . The latest SUSE container suse/sles12sp5 features significant updates for expat, boosting both security and overall system reliability.. SUSE Container Update, Expat Security Fix, SLES12SP5 Patch Management. . Severity: Important. LinuxSecurity.com Team
Mar 17, 2022
•Important
SuSE
100
security advisorymoderatesoftware updateSUSE SLES12SP5: 2021:391-1 Moderate: Curl and Glibc Fixes
The container suse/sles12sp5 was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/sles12sp5 ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2021:391-1 Container Tags : suse/sles12sp5:6.5.241 , suse/sles12sp5:latest Container Release : 6.5.241 Severity : moderate Type : security References : 1186489 1187153 1187273 1188623 1190373 1190374 CVE-2021-22946 CVE-2021-22947 CVE-2021-33574 ----------------------------------------------------------------- The container suse/sles12sp5 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2021:3290-1 Released: Wed Oct 6 16:44:45 2021 Summary: Security update for glibc Type: security Severity: moderate References: 1186489,CVE-2021-33574 This update for glibc fixes the following issues: - CVE-2021-33574: Fixed a use-after-free possibility in mq_notify() (bsc#1186489) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:3329-1 Released: Mon Oct 11 15:31:42 2021 Summary: Recommended update for gcc11 Type: recommended Severity: moderate References: 1187153,1187273,1188623 This update for gcc11 fixes the following issues: The additional GNU compiler collection GCC 11 is provided in the Toolchain module, and updated compiler base libraries (libgcc_s1, libstdc++6 and others) are being provided in the regular SUSE Linux Enterprise Server repositories. Changes done in GCC11 are documented on: https://gcc.gnu.org/gcc-11/changes.html This update ships the C, C++, Objective C, D, Fortran, GO, and ADA compiler. To select these compilers install the packages: - gcc11 - gcc-c++11 - and others with 11 prefix. to select them for building: - CC='gcc-11' -CXX='g++-11' ----------------------------------------------------------------- Advisory ID: SUSE-SU-2021:3332-1 Released: Mon Oct 11 17:02:35 2021 Summary: Security update for curl Type: security Severity: moderate References: 1190373,1190374,CVE-2021-22946,CVE-2021-22947 This update for curl fixes the following issues: - CVE-2021-22947: Fixed STARTTLS protocol injection via MITM (bsc#1190374). - CVE-2021-22946: Fixed protocol downgrade required TLS bypassed (bsc#1190373). . SUSE Container Update Notice for suse/sles12sp5 addressing moderate severity vulnerabilities associated with curl and glibc.. SUSE Container Advisory, SLES12SP5, Security Update, Curl Issues, Glibc Patch. . LinuxSecurity.com Team
Oct 12, 2021
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!