SUSE Container Update Advisory: sles12/caasp-dex
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2019:279-1
Container Tags        : sles12/caasp-dex:2.7.1
Container Release     : 3.3.197
Severity              : important
Type                  : security
References            : 1114835 1123371 1123377 1123378 CVE-2018-16890 CVE-2019-3822
                        CVE-2019-3823 
-----------------------------------------------------------------

The container sles12/caasp-dex was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:249-1
Released:    Wed Feb  6 08:36:16 2019
Summary:     Security update for curl
Type:        security
Severity:    important
References:  1123371,1123377,1123378,CVE-2018-16890,CVE-2019-3822,CVE-2019-3823
This update for curl fixes the following issues:

Security issues fixed:

- CVE-2019-3823: Fixed a heap out-of-bounds read in the code handling the end-of-response for SMTP (bsc#1123378).
- CVE-2019-3822: Fixed a stack based buffer overflow in the function creating an outgoing NTLM type-3 message (bsc#1123377).
- CVE-2018-16890: Fixed a heap buffer out-of-bounds read in the function handling incoming NTLM type-2 messages (bsc#1123371).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:261-1
Released:    Wed Feb  6 11:26:21 2019
Summary:     Recommended update for pam-config
Type:        recommended
Severity:    moderate
References:  1114835
This update for pam-config fixes the following issues:

- Adds support for more pam_cracklib options. (bsc#1114835)