SUSE Container Update Advisory: suse/sles12sp4
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2020:348-1
Container Tags        : suse/sles12sp4:26.199 , suse/sles12sp4:latest
Container Release     : 26.199
Severity              : important
Type                  : security
References            : 1102840 1160039 1170601 1171863 1171864 1171866 CVE-2020-10543
                        CVE-2020-10878 CVE-2020-12723 
-----------------------------------------------------------------

The container suse/sles12sp4 was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:1662-1
Released:    Thu Jun 18 11:13:05 2020
Summary:     Security update for perl
Type:        security
Severity:    important
References:  1102840,1160039,1170601,1171863,1171864,1171866,CVE-2020-10543,CVE-2020-10878,CVE-2020-12723
This update for perl fixes the following issues:

- CVE-2020-10543: Fixed a heap buffer overflow in regular expression compiler which could have 
  allowed overwriting of allocated memory with attacker's data (bsc#1171863).
- CVE-2020-10878: Fixed multiple integer overflows which could have allowed the insertion of 
  instructions into the compiled form of Perl regular expression (bsc#1171864).
- CVE-2020-12723: Fixed an attacker's corruption of the intermediate language state of a 
  compiled regular expression (bsc#1171866).
- Fixed utf8 handling in perldoc by useing 'term' instead of 'man' (bsc#1170601).
- Some packages make assumptions about the date and time they are built. 
  This update will solve the issues caused by calling the perl function timelocal
  expressing the year with two digit only instead of four digits. (bsc#1102840) (bsc#1160039)


The following package changes have been done:

- base-container-licenses-3.0-1.158 updated
- container-suseconnect-2.0.0-1.71 updated
- perl-base-5.18.2-12.23.1 updated