Security update for SLES 12 Docker image (important)

2017-10-11T03:06:53
ID SUSE-SU-2017:2699-1
Type suse
Reporter Suse
Modified 2017-10-11T03:06:53

Description

The SUSE Linux Enterprise Server 12 container image has been updated to include security and stability fixes.

The following issues related to building of the container images have been fixed:

  • Included krb5 package to avoid the inclusion of krb5-mini which gets selected as a dependency by the Build Service solver. (bsc#1056193)
  • Do not install recommended packages when building container images. (bsc#975726)

A number of security issues that have been already fixed by updates released for SUSE Linux Enterprise Server 12 are now included in the base image. A package/CVE cross-reference is available below.

pam:

  • CVE-2015-3238

libtasn1:

  • CVE-2015-3622
  • CVE-2016-4008

libidn:

  • CVE-2015-2059
  • CVE-2015-8948
  • CVE-2016-6261
  • CVE-2016-6262
  • CVE-2016-6263

zlib:

  • CVE-2016-9840
  • CVE-2016-9841
  • CVE-2016-9842
  • CVE-2016-9843

curl:

  • CVE-2016-5419
  • CVE-2016-5420
  • CVE-2016-5421
  • CVE-2016-7141
  • CVE-2016-7167
  • CVE-2016-8615
  • CVE-2016-8616
  • CVE-2016-8617
  • CVE-2016-8618
  • CVE-2016-8619
  • CVE-2016-8620
  • CVE-2016-8621
  • CVE-2016-8622
  • CVE-2016-8623
  • CVE-2016-8624
  • CVE-2016-9586
  • CVE-2017-1000100
  • CVE-2017-1000101
  • CVE-2017-7407

openssl:

  • CVE-2016-2105
  • CVE-2016-2106
  • CVE-2016-2107
  • CVE-2016-2108
  • CVE-2016-2109
  • CVE-2016-2177
  • CVE-2016-2178
  • CVE-2016-2179
  • CVE-2016-2180
  • CVE-2016-2181
  • CVE-2016-2182
  • CVE-2016-2183
  • CVE-2016-6302
  • CVE-2016-6303
  • CVE-2016-6304
  • CVE-2016-6306

libxml2:

  • CVE-2014-0191
  • CVE-2015-8806
  • CVE-2016-1762
  • CVE-2016-1833
  • CVE-2016-1834
  • CVE-2016-1835
  • CVE-2016-1837
  • CVE-2016-1838
  • CVE-2016-1839
  • CVE-2016-1840
  • CVE-2016-2073
  • CVE-2016-3627
  • CVE-2016-3705
  • CVE-2016-4447
  • CVE-2016-4448
  • CVE-2016-4449
  • CVE-2016-4483
  • CVE-2016-4658
  • CVE-2016-9318
  • CVE-2016-9597
  • CVE-2017-9047
  • CVE-2017-9048
  • CVE-2017-9049
  • CVE-2017-9050

util-linux:

  • CVE-2015-5218
  • CVE-2016-5011
  • CVE-2017-2616

cracklib:

  • CVE-2016-6318

systemd:

  • CVE-2014-9770
  • CVE-2015-8842
  • CVE-2016-7796

pcre:

  • CVE-2014-8964
  • CVE-2015-2325
  • CVE-2015-2327
  • CVE-2015-2328
  • CVE-2015-3210
  • CVE-2015-3217
  • CVE-2015-5073
  • CVE-2015-8380
  • CVE-2015-8381
  • CVE-2015-8382
  • CVE-2015-8383
  • CVE-2015-8384
  • CVE-2015-8385
  • CVE-2015-8386
  • CVE-2015-8387
  • CVE-2015-8388
  • CVE-2015-8389
  • CVE-2015-8390
  • CVE-2015-8391
  • CVE-2015-8392
  • CVE-2015-8393
  • CVE-2015-8394
  • CVE-2015-8395
  • CVE-2016-1283
  • CVE-2016-3191

appamor:

  • CVE-2017-6507

bash:

  • CVE-2014-6277
  • CVE-2014-6278
  • CVE-2016-0634
  • CVE-2016-7543

cpio:

  • CVE-2016-2037

glibc:

  • CVE-2016-1234
  • CVE-2016-3075
  • CVE-2016-3706
  • CVE-2016-4429
  • CVE-2017-1000366

perl:

  • CVE-2015-8853
  • CVE-2016-1238
  • CVE-2016-2381
  • CVE-2016-6185

libssh2_org:

  • CVE-2016-0787

expat:

  • CVE-2012-6702
  • CVE-2015-1283
  • CVE-2016-0718
  • CVE-2016-5300
  • CVE-2016-9063
  • CVE-2017-9233

ncurses:

  • CVE-2017-10684
  • CVE-2017-10685
  • CVE-2017-11112
  • CVE-2017-11113

libksba:

  • CVE-2016-4574
  • CVE-2016-4579

libgcrypt:

  • CVE-2015-7511
  • CVE-2016-6313
  • CVE-2017-7526

dbus-1:

  • CVE-2014-7824
  • CVE-2015-0245

Finally, the following packages received non-security fixes:

  • augeas
  • bzip2
  • ca-certificates-mozilla
  • coreutils
  • cryptsetup
  • cyrus-sasl
  • dirmngr
  • e2fsprogs
  • findutils
  • gpg2
  • insserv-compat
  • kmod
  • libcap
  • libsolv
  • libzypp
  • openldap2
  • p11-kit
  • permissions
  • procps
  • rpm
  • sed
  • shadow
  • zypper