SUSE Container Update Advisory: suse/sles12sp5 ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2024:4197-1 Container Tags : suse/sles12sp5:6.8.42 , suse/sles12sp5:latest Container Release : 6.8.42 Severity : moderate Type : security References : 1194818 1229930 1229931 1229932 1230093 CVE-2024-45490 CVE-2024-45491 CVE-2024-45492 CVE-2024-8096 ----------------------------------------------------------------- The container suse/sles12sp5 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:3182-1 Released: Mon Sep 9 16:41:38 2024 Summary: Security update for expat Type: security Severity: moderate References: 1229930,1229931,1229932,CVE-2024-45490,CVE-2024-45491,CVE-2024-45492 This update for expat fixes the following issues: - CVE-2024-45492: Detect integer overflow in function nextScaffoldPart. (bsc#1229932) - CVE-2024-45491: Detect integer overflow in dtdCopy. (bsc#1229931) - CVE-2024-45490: Reject negative len for XML_ParseBuffer. (bsc#1229930) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:3184-1 Released: Tue Sep 10 07:31:28 2024 Summary: Recommended update for pam Type: recommended Severity: moderate References: 1194818 This update for pam fixes the following issues: - Prevent cursor escape from the login prompt (bsc#1194818) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:3203-1 Released: Wed Sep 11 10:55:06 2024 Summary: Security update for curl Type: security Severity: moderate References: 1230093,CVE-2024-8096 This update for curl fixes the following issues: - CVE-2024-8096: OCSP stapling bypass with GnuTLS. (bsc#1230093) The following package changes have been done: - libcurl4-8.0.1-11.92.1 updated - libexpat1-2.1.0-21.37.1 updated - pam-1.1.8-24.59.1 updated