SUSE Container Update Advisory: suse/sles12sp4
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2019:636-1
Container Tags        : suse/sles12sp4:14.74 , suse/sles12sp4:latest
Container Release     : 14.74
Severity              : important
Type                  : security
References            : 1087481 1096974 1096984 1126117 1126118 1126119 1130324 CVE-2018-10360
                        CVE-2019-8905 CVE-2019-8906 CVE-2019-8907 CVE-2019-9924 
-----------------------------------------------------------------

The container suse/sles12sp4 was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:794-1
Released:    Thu Mar 28 12:09:29 2019
Summary:     Recommended update for krb5
Type:        recommended
Severity:    moderate
References:  1087481
This update for krb5 fixes the following issues:

- Add support for the GSS_KRB5_CRED_NO_CI_FLAGS_X cred option to
  suppress sending the confidentiality and integrity flags in GSS
  initiator tokens unless they are requested by the caller. These
  flags control the negotiated SASL security layer for the Microsoft
  GSS-SPNEGO SASL mechanism. (bsc#1087481).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:838-1
Released:    Tue Apr  2 09:52:06 2019
Summary:     Security update for bash
Type:        security
Severity:    important
References:  1130324,CVE-2019-9924
This update for bash fixes the following issues:
	  
Security issue fixed: 

- CVE-2019-9924: Fixed a vulnerability in which shell did not prevent user BASH_CMDS 
  allowing the user to execute any command with the permissions of the shell (bsc#1130324).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:839-1
Released:    Tue Apr  2 13:13:21 2019
Summary:     Security update for file
Type:        security
Severity:    moderate
References:  1096974,1096984,1126117,1126118,1126119,CVE-2018-10360,CVE-2019-8905,CVE-2019-8906,CVE-2019-8907
This update for file fixes the following issues:

The following security vulnerabilities were addressed:

- Fixed an out-of-bounds read in the function do_core_note in readelf.c, which
  allowed remote attackers to cause a denial of service (application crash) via
  a crafted ELF file (bsc#1096974 CVE-2018-10360).
- CVE-2019-8905: Fixed a stack-based buffer over-read in do_core_note in readelf.c
  (bsc#1126118)
- CVE-2019-8906: Fixed an out-of-bounds read in do_core_note in readelf. c
  (bsc#1126119)
- CVE-2019-8907: Fixed a stack corruption in do_core_note in readelf.c
  (bsc#1126117)


The following package changes have been done:

- base-container-licenses-3.0-1.74 updated
- bash-4.3-83.23.1 updated
- container-suseconnect-2.0.0-1.8 updated
- file-magic-5.22-10.12.2 updated
- krb5-1.12.5-40.34.1 updated
- libmagic1-5.22-10.12.2 updated
- libreadline6-6.3-83.23.1 updated