SUSE Container Update Advisory: sles12/salt-api
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2019:567-1
Container Tags        : sles12/salt-api:2018.3.0 , sles12/salt-api:2018.3.0-3.9.124
Container Release     : 3.9.124
Severity              : important
Type                  : security
References            : 1100989 1105495 1111300 1123697 1123704 1127155 1127891 1131635
                        1138459 1141853 CVE-2018-20852 CVE-2019-10160 
-----------------------------------------------------------------

The container sles12/salt-api was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:2091-1
Released:    Thu Aug  8 13:25:31 2019
Summary:     Security update for python
Type:        security
Severity:    important
References:  1138459,1141853,CVE-2018-20852,CVE-2019-10160
This update for python fixes the following issues:

- CVE-2019-10160: Fixed a regression in urlparse() and urlsplit() introduced by the fix for CVE-2019-9636 (bsc#1138459).
- CVE-2018-20852: Fixed an information leak where cookies could be send to the wrong server because of incorrect domain validation (bsc#1141853).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2101-1
Released:    Fri Aug  9 10:38:55 2019
Summary:     Recommended update for suse-module-tools
Type:        recommended
Severity:    moderate
References:  1100989,1105495,1111300,1123697,1123704,1127155,1127891,1131635
This update for suse-module-tools to version 12.6 fixes the following issues:

- weak-modules2: emit 'inconsistent' warning only if replacement fails (bsc#1127155)
- modprobe.conf.common: add csiostor->cxgb4 dependency (bsc#1100989, bsc#1131635)
- Fix driver-check.sh (bsc#1123697, bsc#1123704)
- modsign-verify: support for parsing PKCS#7 signatures (bsc#1111300, bsc#1105495)