SUSE Container Update Advisory: caasp/v4/cilium
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2019:103-1
Container Tags        : caasp/v4/cilium:1.2.1 , caasp/v4/cilium:1.2.1-rev1 , caasp/v4/cilium:1.2.1-rev1-build1.2
Container Release     : 1.2
Severity              : important
Type                  : security
References            : 1123043 1123371 1123377 1123378 CVE-2018-16890 CVE-2019-3822
                        CVE-2019-3823 CVE-2019-6706 
-----------------------------------------------------------------

The container caasp/v4/cilium was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:247-1
Released:    Wed Feb  6 07:18:45 2019
Summary:     Security update for lua53
Type:        security
Severity:    moderate
References:  1123043,CVE-2019-6706
This update for lua53 fixes the following issues:

Security issue fixed:

- CVE-2019-6706: Fixed a use-after-free bug in the lua_upvaluejoin function of lapi.c (bsc#1123043)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:248-1
Released:    Wed Feb  6 08:35:20 2019
Summary:     Security update for curl
Type:        security
Severity:    important
References:  1123371,1123377,1123378,CVE-2018-16890,CVE-2019-3822,CVE-2019-3823
This update for curl fixes the following issues:

Security issues fixed:

- CVE-2019-3823: Fixed a heap out-of-bounds read in the code handling the end-of-response for SMTP (bsc#1123378).
- CVE-2019-3822: Fixed a stack based buffer overflow in the function creating an outgoing NTLM type-3 message (bsc#1123377).
- CVE-2018-16890: Fixed a heap buffer out-of-bounds read in the function handling incoming NTLM type-2 messages (bsc#1123371).


The following package changes have been done:

- libcurl4-7.60.0-3.17.1 updated
- liblua5_3-5-5.3.4-3.3.2 updated
- cilium-1.2.1-2.1 updated