SUSE Container Update Advisory: sles12/dnsmasq-nanny ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2019:345-1 Container Tags : sles12/dnsmasq-nanny:1.0.0 Container Release : 2.3.362 Severity : important Type : security References : 1100989 1105495 1111300 1123697 1123704 1127155 1127891 1131635 1135449 1138459 1141853 CVE-2018-20852 CVE-2019-10160 ----------------------------------------------------------------- The container sles12/dnsmasq-nanny was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2019:2076-1 Released: Wed Aug 7 10:42:48 2019 Summary: Recommended update for dnsmasq Type: recommended Severity: moderate References: 1135449 This update for dnsmasq fixes the following issues: - Change permissions on /srv/tftpboot from 0750 to 0755 to sync with other providers/users of the directory. (bsc#1135449) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2019:2091-1 Released: Thu Aug 8 13:25:31 2019 Summary: Security update for python Type: security Severity: important References: 1138459,1141853,CVE-2018-20852,CVE-2019-10160 This update for python fixes the following issues: - CVE-2019-10160: Fixed a regression in urlparse() and urlsplit() introduced by the fix for CVE-2019-9636 (bsc#1138459). - CVE-2018-20852: Fixed an information leak where cookies could be send to the wrong server because of incorrect domain validation (bsc#1141853). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2019:2101-1 Released: Fri Aug 9 10:38:55 2019 Summary: Recommended update for suse-module-tools Type: recommended Severity: moderate References: 1100989,1105495,1111300,1123697,1123704,1127155,1127891,1131635 This update for suse-module-tools to version 12.6 fixes the following issues: - weak-modules2: emit 'inconsistent' warning only if replacement fails (bsc#1127155) - modprobe.conf.common: add csiostor->cxgb4 dependency (bsc#1100989, bsc#1131635) - Fix driver-check.sh (bsc#1123697, bsc#1123704) - modsign-verify: support for parsing PKCS#7 signatures (bsc#1111300, bsc#1105495)