SUSE Container Update Advisory: sles12/nginx-ingress-controller
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2019:470-1
Container Tags        : sles12/nginx-ingress-controller:0.15.0
Container Release     : 2.5.173
Severity              : important
Type                  : security
References            : 1092034 1096209 1098155 1100396 1103244 1128712 1130103 1133528
                        CVE-2018-1152 CVE-2018-11813 CVE-2018-14498 CVE-2019-3859 
-----------------------------------------------------------------

The container sles12/nginx-ingress-controller was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:1060-1
Released:    Sat Apr 27 09:45:38 2019
Summary:     Security update for libssh2_org
Type:        security
Severity:    important
References:  1130103,1133528,CVE-2019-3859
This update for libssh2_org fixes the following issues:

 - Incorrect upstream fix for CVE-2019-3859 broke public key authentication [bsc#1133528, bsc#1130103]


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:1111-1
Released:    Tue Apr 30 12:59:27 2019
Summary:     Security update for libjpeg-turbo
Type:        security
Severity:    moderate
References:  1096209,1098155,1128712,CVE-2018-1152,CVE-2018-11813,CVE-2018-14498
This update for libjpeg-turbo fixes the following issues:

The following security vulnerabilities were addressed:

- CVE-2018-14498: Fixed a heap-based buffer over read in get_8bit_row function
  which could allow to an attacker to cause denial of service (bsc#1128712).
- CVE-2018-11813: Fixed the end-of-file mishandling in read_pixel in rdtarga.c,
  which allowed remote attackers to cause a denial-of-service via crafted JPG
  files due to a large loop (bsc#1096209)
- CVE-2018-1152: Fixed a denial of service in start_input_bmp() rdbmp.c caused
  by a divide by zero when processing a crafted BMP image (bsc#1098155)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:1125-1
Released:    Tue Apr 30 18:50:59 2019
Summary:     Recommended update for glibc
Type:        recommended
Severity:    important
References:  1100396,1103244
This update for glibc fixes the following issues:

- Add support for the new Japanese time era name that comes into
  effect on 2019-05-01. [bsc#1100396, bsc#1103244]

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:1131-1
Released:    Thu May  2 15:39:59 2019
Summary:     Recommended update for libidn
Type:        recommended
Severity:    moderate
References:  1092034
This update for libidn fixes the following issues:

- Obsoletes now the libidn 32bit package (bsc#1092034)