SUSE Container Update Advisory: bci/openjdk ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2024:3990-1 Container Tags : bci/openjdk:11 , bci/openjdk:11-27.7 Container Release : 27.7 Severity : moderate Type : security References : 1224044 1224113 1228535 CVE-2024-34397 CVE-2024-7264 ----------------------------------------------------------------- The container bci/openjdk was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:3080-1 Released: Mon Sep 2 16:43:54 2024 Summary: Security update for curl Type: security Severity: moderate References: 1228535,CVE-2024-7264 This update for curl fixes the following issues: - CVE-2024-7264: Fixed out-of-bounds read in ASN.1 date parser GTime2str() (bsc#1228535) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:3086-1 Released: Tue Sep 3 08:57:32 2024 Summary: Security update for glib2 Type: security Severity: low References: 1224044,CVE-2024-34397 This update for glib2 fixes the following issues: - Fixed a possible use after free regression introduced by CVE-2024-34397 patch (bsc#1224044). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:3131-1 Released: Tue Sep 3 17:42:24 2024 Summary: Recommended update for mozilla-nss Type: recommended Severity: moderate References: 1224113 This update for mozilla-nss fixes the following issues: - FIPS: Enforce approved curves with the CKK_EC_MONTGOMERY key type (bsc#1224113). The following package changes have been done: - libglib-2_0-0-2.70.5-150400.3.14.1 updated - libcurl4-8.0.1-150400.5.47.1 updated - curl-8.0.1-150400.5.47.1 updated - libfreebl3-3.101.2-150400.3.51.1 updated - mozilla-nss-certs-3.101.2-150400.3.51.1 updated - mozilla-nss-3.101.2-150400.3.51.1 updated - libsoftokn3-3.101.2-150400.3.51.1 updated - container:sles15-image-15.0.0-36.14.17 updated