SUSE Container Update Advisory: suse/sle15 ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2023:3827-1 Container Tags : bci/bci-base:15.5 , bci/bci-base:15.5.36.5.57 , suse/sle15:15.5 , suse/sle15:15.5.36.5.57 Container Release : 36.5.57 Severity : important Type : security References : 1212475 1216129 1216922 CVE-2023-45322 CVE-2023-5678 ----------------------------------------------------------------- The container suse/sle15 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:4504-1 Released: Tue Nov 21 13:27:50 2023 Summary: Security update for libxml2 Type: security Severity: moderate References: 1216129,CVE-2023-45322 This update for libxml2 fixes the following issues: - CVE-2023-45322: Fixed a use-after-free in xmlUnlinkNode() in tree.c (bsc#1216129). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:4511-1 Released: Tue Nov 21 16:43:08 2023 Summary: Security update for container-suseconnect Type: security Severity: important References: 1212475 This update of container-suseconnect fixes the following issues: - rebuild the package with the go 1.21 security release (bsc#1212475). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:4518-1 Released: Tue Nov 21 17:35:30 2023 Summary: Security update for openssl-1_1 Type: security Severity: important References: 1216922,CVE-2023-5678 This update for openssl-1_1 fixes the following issues: - CVE-2023-5678: Fixed generating and checking of excessively long X9.42 DH keys that resulted in a possible Denial of Service (bsc#1216922). The following package changes have been done: - container-suseconnect-2.4.0-150000.4.44.1 updated - libopenssl1_1-hmac-1.1.1l-150500.17.22.1 updated - libopenssl1_1-1.1.1l-150500.17.22.1 updated - libxml2-2-2.10.3-150500.5.11.1 updated - openssl-1_1-1.1.1l-150500.17.22.1 updated