SUSE Container Update Advisory: suse/sles12sp3
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2019:693-1
Container Tags        : suse/sles12sp3:2.0.2 , suse/sles12sp3:24.87 , suse/sles12sp3:latest
Container Release     : 24.87
Severity              : moderate
Type                  : security
References            : 1093414 1150734 1157198 CVE-2019-3688 CVE-2019-3690 
-----------------------------------------------------------------

The container suse/sles12sp3 was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:3180-1
Released:    Thu Dec  5 11:42:40 2019
Summary:     Security update for permissions
Type:        security
Severity:    moderate
References:  1093414,1150734,1157198,CVE-2019-3688,CVE-2019-3690
This update for permissions fixes the following issues:

- CVE-2019-3688: Changed wrong ownership in /usr/sbin/pinger to root:squid
  which could have allowed a squid user to gain persistence by changing the 
  binary (bsc#1093414).
- CVE-2019-3690: Fixed a privilege escalation through untrusted symbolic 
  links (bsc#1150734).
- Fixed a regression which caused segmentation fault (bsc#1157198).


The following package changes have been done:

- permissions-2015.09.28.1626-17.20.1 updated