SUSE Container Update Advisory: suse/sle15 ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2019:9-1 Container Tags : suse/sle15:15.0 , suse/sle15:15.0.4.13.1 Container Release : 4.13.1 Severity : moderate Type : security References : 1100396 1119414 1122729 1126327 1129753 1130045 CVE-2016-10739 SLE-3853 SLE-4117 ----------------------------------------------------------------- The container suse/sle15 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2019:894-1 Released: Fri Apr 5 17:16:23 2019 Summary: Recommended update for rpm Type: recommended Severity: moderate References: 1119414,1126327,1129753,SLE-3853,SLE-4117 This update for rpm fixes the following issues: - This update shortens RPM changelog to after a certain cut off date (bsc#1129753) - Translate dashes to underscores in kmod provides (FATE#326579, jsc#SLE-4117, jsc#SLE-3853, bsc#1119414). - Re-add symset-table from SLE 12 (bsc#1126327). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2019:903-1 Released: Mon Apr 8 15:41:44 2019 Summary: Security update for glibc Type: security Severity: moderate References: 1100396,1122729,1130045,CVE-2016-10739 This update for glibc fixes the following issues: Security issue fixed: - CVE-2016-10739: Fixed an improper implementation of getaddrinfo function which could allow applications to incorrectly assume that had parsed a valid string, without the possibility of embedded HTTP headers or other potentially dangerous substrings (bsc#1122729). Other issue fixed: - Fixed an issue where pthread_mutex_trylock did not use a correct order of instructions while maintained the robust mutex list due to missing compiler barriers (bsc#1130045). - Added new Japanese Era name support (bsc#1100396). The following package changes have been done: - glibc-2.26-13.19.1 updated - rpm-4.14.1-10.16.1 updated