SUSE Container Update Advisory: sles12/nginx-ingress-controller ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2019:477-1 Container Tags : sles12/nginx-ingress-controller:0.15.0 Container Release : 2.5.226 Severity : moderate Type : security References : 1116544 1139937 1140095 1140101 CVE-2018-20843 CVE-2019-13117 CVE-2019-13118 ----------------------------------------------------------------- The container sles12/nginx-ingress-controller was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2019:1834-1 Released: Fri Jul 12 17:55:14 2019 Summary: Security update for expat Type: security Severity: moderate References: 1139937,CVE-2018-20843 This update for expat fixes the following issues: Security issue fixed: - CVE-2018-20843: Fixed a denial of service triggered by high resource consumption in the XML parser when XML names contain a large amount of colons (bsc#1139937). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2019:1844-1 Released: Mon Jul 15 07:13:09 2019 Summary: Recommended update for pam Type: recommended Severity: low References: 1116544 This update for pam fixes the following issues: - restricted the number of file descriptors to close to a more sensible number based upon resource limits (bsc#1116544) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2019:1867-1 Released: Wed Jul 17 13:11:03 2019 Summary: Security update for libxslt Type: security Severity: moderate References: 1140095,1140101,CVE-2019-13117,CVE-2019-13118 This update for libxslt fixes the following issues: Security issues fixed: - CVE-2019-13118: Fixed a read of uninitialized stack data (bsc#1140101). - CVE-2019-13117: Fixed a uninitialized read which allowed to discern whether a byte on the stack contains certain special characters (bsc#1140095).