SUSE Container Update Advisory: ses/7/rook/ceph ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2021:317-1 Container Tags : ses/7/rook/ceph:1.5.12 , ses/7/rook/ceph:1.5.12.4 , ses/7/rook/ceph:1.5.12.4.1.1756 , ses/7/rook/ceph:latest , ses/7/rook/ceph:sle15.2.octopus Container Release : 1.1756 Severity : important Type : security References : 1177695 1184994 1187091 1188063 1188127 1188217 1188218 1188219 1188220 1188571 1189683 CVE-2021-22922 CVE-2021-22923 CVE-2021-22924 CVE-2021-22925 CVE-2021-33910 CVE-2021-36222 ----------------------------------------------------------------- The container ses/7/rook/ceph was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2021:2404-1 Released: Tue Jul 20 14:21:30 2021 Summary: Security update for systemd Type: security Severity: moderate References: 1184994,1188063,CVE-2021-33910 This update for systemd fixes the following issues: - CVE-2021-33910: Fixed a denial of service in systemd via unit_name_path_escape() (bsc#1188063) - Skip udev rules if 'elevator=' is used (bsc#1184994) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2021:2439-1 Released: Wed Jul 21 13:46:48 2021 Summary: Security update for curl Type: security Severity: moderate References: 1188217,1188218,1188219,1188220,CVE-2021-22922,CVE-2021-22923,CVE-2021-22924,CVE-2021-22925 This update for curl fixes the following issues: - CVE-2021-22925: TELNET stack contents disclosure again. (bsc#1188220) - CVE-2021-22924: Bad connection reuse due to flawed path name checks. (bsc#1188219) - CVE-2021-22923: Insufficiently Protected Credentials. (bsc#1188218) - CVE-2021-22922: Wrong content via metalink not discarded. (bsc#1188217) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:2456-1 Released: Thu Jul 22 15:28:39 2021 Summary: Recommended update for pam-config Type: recommended Severity: moderate References: 1187091 This update for pam-config fixes the following issues: - Add 'revoke' to the option list for 'pam_keyinit'. - Fixed an issue when pam-config fails to create a new service config file. (bsc#1187091) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:2573-1 Released: Thu Jul 29 14:21:52 2021 Summary: Recommended update for timezone Type: recommended Severity: moderate References: 1188127 This update for timezone fixes the following issue: - From systemd v249: when enumerating time zones the timedatectl tool will now consult the 'tzdata.zi' file shipped by the IANA time zone database package, in addition to 'zone1970.tab', as before. This makes sure time zone aliases are now correctly supported. This update adds the 'tzdata.zi' file (bsc#1188127). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:2593-1 Released: Mon Aug 2 15:40:22 2021 Summary: Recommended update for suse-module-tools Type: recommended Severity: moderate References: 1177695 This update for suse-module-tools provides the following fix: - modprobe.d: Remove dma=none setting for parport_pc. (bsc#1177695) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2021:2800-1 Released: Fri Aug 20 10:43:04 2021 Summary: Security update for krb5 Type: security Severity: important References: 1188571,CVE-2021-36222 This update for krb5 fixes the following issues: - CVE-2021-36222: Fixed KDC null deref on bad encrypted challenge. (bsc#1188571) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:3001-1 Released: Thu Sep 9 15:08:13 2021 Summary: Recommended update for netcfg Type: recommended Severity: moderate References: 1189683 This update for netcfg fixes the following issues: - add submissions port/protocol to services file for message submission over TLS protocol [bsc#1189683] The following package changes have been done: - krb5-1.16.3-3.21.1 updated - libcryptsetup12-hmac-2.0.6-4.3.1 added - libcurl4-7.66.0-4.22.1 updated - libgcrypt20-hmac-1.8.2-8.39.1 added - libgnutls30-hmac-3.6.7-14.13.5 added - libopenssl1_1-hmac-1.1.1d-11.23.1 added - libsystemd0-234-24.90.1 updated - libudev1-234-24.90.1 updated - netcfg-11.6-3.3.1 updated - openssh-fips-8.1p1-5.18.1 added - pam-config-1.1-3.3.1 updated - suse-module-tools-15.2.12-4.3.1 updated - systemd-234-24.90.1 updated - timezone-2021a-3.47.1 updated - udev-234-24.90.1 updated - container:ceph-image-1.0.0-5.6 updated - dbus-1-glib-0.108-1.29 removed