SUSE Container Update Advisory: bci/nodejs
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2024:3331-1
Container Tags        : bci/node:18 , bci/node:18-26.14 , bci/nodejs:18 , bci/nodejs:18-26.14
Container Release     : 26.14
Severity              : important
Type                  : security
References            : 1219660 916845 CVE-2013-4235 CVE-2024-24577 
-----------------------------------------------------------------

The container bci/nodejs was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:2656-1
Released:    Tue Jul 30 15:36:08 2024
Summary:     Security update for git
Type:        security
Severity:    important
References:  1219660,CVE-2024-24577
This update for git fixes the following issues:

- CVE-2024-24577: Fixed arbitrary code execution due to heap corruption in git_index_add (bsc#1219660)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:2658-1
Released:    Tue Jul 30 15:37:26 2024
Summary:     Security update for shadow
Type:        security
Severity:    important
References:  916845,CVE-2013-4235
This update for shadow fixes the following issues:

- CVE-2013-4235: Fixed a race condition when copying and removing directory trees (bsc#916845).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:2679-1
Released:    Wed Jul 31 09:47:44 2024
Summary:     Recommended update for patterns-base
Type:        recommended
Severity:    moderate
References:  
This update for patterns-base fixes the following issues:

Added a fips-certified pattern matching the exact certified FIPS
versions of the Linux Kernel, openssl 1.1.1, gnutls/nettle, mozilla-nss
and libgcrypt.

Note that applying this pattern might cause downgrade of various packages
and so deinstall security and bugfix updates released after the certified
binaries.


The following package changes have been done:

- login_defs-4.8.1-150400.10.18.1 updated
- patterns-base-fips-20200124-150400.20.10.1 updated
- shadow-4.8.1-150400.10.18.1 updated
- git-core-2.35.3-150300.10.42.1 updated
- container:sles15-image-15.0.0-36.14.8 updated