SUSE Container Update Advisory: bci/nodejs ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2022:1279-1 Container Tags : bci/node:12 , bci/node:12-16.52 , bci/nodejs:12 , bci/nodejs:12-16.52 Container Release : 16.52 Severity : important Type : security References : 1040589 1199223 1199224 1199232 CVE-2022-1586 CVE-2022-27781 CVE-2022-27782 ----------------------------------------------------------------- The container bci/nodejs was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:1870-1 Released: Fri May 27 10:03:40 2022 Summary: Security update for curl Type: security Severity: important References: 1199223,1199224,CVE-2022-27781,CVE-2022-27782 This update for curl fixes the following issues: - CVE-2022-27781: Fixed CERTINFO never-ending busy-loop (bsc#1199223) - CVE-2022-27782: Fixed TLS and SSH connection too eager reuse (bsc#1199224) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:1883-1 Released: Mon May 30 12:41:35 2022 Summary: Security update for pcre2 Type: security Severity: important References: 1199232,CVE-2022-1586 This update for pcre2 fixes the following issues: - CVE-2022-1586: Fixed out-of-bounds read via missing Unicode property matching issue in JIT compiled regular expressions (bsc#1199232). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:1887-1 Released: Tue May 31 09:24:18 2022 Summary: Recommended update for grep Type: recommended Severity: moderate References: 1040589 This update for grep fixes the following issues: - Make profiling deterministic. (bsc#1040589, SLE-24115) The following package changes have been done: - grep-3.1-150000.4.6.1 updated - libcurl4-7.66.0-150200.4.33.1 updated - libpcre2-8-0-10.31-150000.3.7.1 updated - container:sles15-image-15.0.0-17.17.8 updated