SUSE Container Update Advisory: suse/sle15
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2019:62-1
Container Tags        : suse/sle15:15.1 , suse/sle15:15.1.6.2.119
Container Release     : 6.2.119
Severity              : moderate
Type                  : security
References            : 1114592 1135254 1141897 1142649 1142654 1148517 1149145 1155199
                        CVE-2019-14250 CVE-2019-14866 CVE-2019-15847 SLE-6533 SLE-6536
-----------------------------------------------------------------

The container suse/sle15 was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:3059-1
Released:    Mon Nov 25 17:33:07 2019
Summary:     Security update for cpio
Type:        security
Severity:    moderate
References:  1155199,CVE-2019-14866
This update for cpio fixes the following issues:

- CVE-2019-14866: Fixed an improper validation of the values written 
  in the header of a TAR file through the to_oct() function which could 
  have led to unexpected TAR generation (bsc#1155199).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2019:3061-1
Released:    Mon Nov 25 17:34:22 2019
Summary:     Security update for gcc9
Type:        security
Severity:    moderate
References:  1114592,1135254,1141897,1142649,1142654,1148517,1149145,CVE-2019-14250,CVE-2019-15847,SLE-6533,SLE-6536


This update includes the GNU Compiler Collection 9.

A full changelog is provided by the GCC team on:

   https://www.gnu.org/software/gcc/gcc-9/changes.html


The base system compiler libraries libgcc_s1, libstdc++6 and others are
now built by the gcc 9 packages.

To use it, install 'gcc9' or 'gcc9-c++' or other compiler brands and use CC=gcc-9 /
CXX=g++-9 during configuration for using it.


Security issues fixed:

- CVE-2019-15847: Fixed a miscompilation in the POWER9 back end, that optimized multiple calls of the __builtin_darn intrinsic into a single call. (bsc#1149145)
- CVE-2019-14250: Fixed a heap overflow in the LTO linker. (bsc#1142649)

Non-security issues fixed:

- Split out libstdc++ pretty-printers into a separate package supplementing gdb and the installed runtime. (bsc#1135254)
- Fixed miscompilation for vector shift on s390. (bsc#1141897)


The following package changes have been done:

- cpio-2.12-3.3.1 updated
- libgcc_s1-9.2.1+r275327-1.3.7 updated
- libstdc++6-9.2.1+r275327-1.3.7 updated