Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
suseSuseSUSE-SU-2017:2699-1
HistoryOct 11, 2017 - 3:06 a.m.

Security update for SLES 12 Docker image (important)

2017-10-1103:06:53
lists.opensuse.org
128

0.976 High

EPSS

Percentile

100.0%

JSON

The SUSE Linux Enterprise Server 12 container image has been updated to
include security and stability fixes.

The following issues related to building of the container images have been
fixed:

  • Included krb5 package to avoid the inclusion of krb5-mini which gets
    selected as a dependency by the Build Service solver. (bsc#1056193)
  • Do not install recommended packages when building container images.
    (bsc#975726)

A number of security issues that have been already fixed by updates
released for SUSE Linux Enterprise Server 12 are now included in the base
image. A package/CVE cross-reference is available below.

pam:

  • CVE-2015-3238

libtasn1:

  • CVE-2015-3622
  • CVE-2016-4008

libidn:

  • CVE-2015-2059
  • CVE-2015-8948
  • CVE-2016-6261
  • CVE-2016-6262
  • CVE-2016-6263

zlib:

  • CVE-2016-9840
  • CVE-2016-9841
  • CVE-2016-9842
  • CVE-2016-9843

curl:

  • CVE-2016-5419
  • CVE-2016-5420
  • CVE-2016-5421
  • CVE-2016-7141
  • CVE-2016-7167
  • CVE-2016-8615
  • CVE-2016-8616
  • CVE-2016-8617
  • CVE-2016-8618
  • CVE-2016-8619
  • CVE-2016-8620
  • CVE-2016-8621
  • CVE-2016-8622
  • CVE-2016-8623
  • CVE-2016-8624
  • CVE-2016-9586
  • CVE-2017-1000100
  • CVE-2017-1000101
  • CVE-2017-7407

openssl:

  • CVE-2016-2105
  • CVE-2016-2106
  • CVE-2016-2107
  • CVE-2016-2108
  • CVE-2016-2109
  • CVE-2016-2177
  • CVE-2016-2178
  • CVE-2016-2179
  • CVE-2016-2180
  • CVE-2016-2181
  • CVE-2016-2182
  • CVE-2016-2183
  • CVE-2016-6302
  • CVE-2016-6303
  • CVE-2016-6304
  • CVE-2016-6306

libxml2:

  • CVE-2014-0191
  • CVE-2015-8806
  • CVE-2016-1762
  • CVE-2016-1833
  • CVE-2016-1834
  • CVE-2016-1835
  • CVE-2016-1837
  • CVE-2016-1838
  • CVE-2016-1839
  • CVE-2016-1840
  • CVE-2016-2073
  • CVE-2016-3627
  • CVE-2016-3705
  • CVE-2016-4447
  • CVE-2016-4448
  • CVE-2016-4449
  • CVE-2016-4483
  • CVE-2016-4658
  • CVE-2016-9318
  • CVE-2016-9597
  • CVE-2017-9047
  • CVE-2017-9048
  • CVE-2017-9049
  • CVE-2017-9050

util-linux:

  • CVE-2015-5218
  • CVE-2016-5011
  • CVE-2017-2616

cracklib:

  • CVE-2016-6318

systemd:

  • CVE-2014-9770
  • CVE-2015-8842
  • CVE-2016-7796

pcre:

  • CVE-2014-8964
  • CVE-2015-2325
  • CVE-2015-2327
  • CVE-2015-2328
  • CVE-2015-3210
  • CVE-2015-3217
  • CVE-2015-5073
  • CVE-2015-8380
  • CVE-2015-8381
  • CVE-2015-8382
  • CVE-2015-8383
  • CVE-2015-8384
  • CVE-2015-8385
  • CVE-2015-8386
  • CVE-2015-8387
  • CVE-2015-8388
  • CVE-2015-8389
  • CVE-2015-8390
  • CVE-2015-8391
  • CVE-2015-8392
  • CVE-2015-8393
  • CVE-2015-8394
  • CVE-2015-8395
  • CVE-2016-1283
  • CVE-2016-3191

appamor:

  • CVE-2017-6507

bash:

  • CVE-2014-6277
  • CVE-2014-6278
  • CVE-2016-0634
  • CVE-2016-7543

cpio:

  • CVE-2016-2037

glibc:

  • CVE-2016-1234
  • CVE-2016-3075
  • CVE-2016-3706
  • CVE-2016-4429
  • CVE-2017-1000366

perl:

  • CVE-2015-8853
  • CVE-2016-1238
  • CVE-2016-2381
  • CVE-2016-6185

libssh2_org:

  • CVE-2016-0787

expat:

  • CVE-2012-6702
  • CVE-2015-1283
  • CVE-2016-0718
  • CVE-2016-5300
  • CVE-2016-9063
  • CVE-2017-9233

ncurses:

  • CVE-2017-10684
  • CVE-2017-10685
  • CVE-2017-11112
  • CVE-2017-11113

libksba:

  • CVE-2016-4574
  • CVE-2016-4579

libgcrypt:

  • CVE-2015-7511
  • CVE-2016-6313
  • CVE-2017-7526

dbus-1:

  • CVE-2014-7824
  • CVE-2015-0245

Finally, the following packages received non-security fixes:

  • augeas
  • bzip2
  • ca-certificates-mozilla
  • coreutils
  • cryptsetup
  • cyrus-sasl
  • dirmngr
  • e2fsprogs
  • findutils
  • gpg2
  • insserv-compat
  • kmod
  • libcap
  • libsolv
  • libzypp
  • openldap2
  • p11-kit
  • permissions
  • procps
  • rpm
  • sed
  • shadow
  • zypper

Related

openvas 54
suse 14
nessus 62
ibm 21
symantec 1
fedora 5
openwrt 1
gentoo 1
ubuntu 5
f5 2
debian 7
cloudfoundry 2
osv 5
mageia 2
altlinux 4
amazon 2
archlinux 3
freebsd_advisory 1
redhat 3
centos 2
oraclelinux 2
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2017:2699-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2017:2700-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2016:2971-1)
2021-04-19 00:00:00
suse
suse
Security update for SLES 12-SP1 Docker image (important)
2017-10-11 03:07:32
Security update for libxml2 (important)
2016-06-16 13:10:48
Security update for libxml2 (important)
2016-06-09 18:07:56
nessus
nessus
SUSE SLED12 / SLES12 Security Update : pcre (SUSE-SU-2016:2971-1)
2016-12-05 00:00:00
SUSE SLED12 / SLES12 Security Update : pcre (SUSE-SU-2016:3161-1)
2016-12-16 00:00:00
openSUSE Security Update : pcre (openSUSE-2016-1448)
2016-12-13 00:00:00
ibm
ibm
Security Bulletin:Multiple vulnerabilities in PCRE affect IBM Tivoli Network Manager IP Edition.
2018-06-17 15:15:49
Security Bulletin: Multiple vulnerabilities with the open source Perl Compatible Regular Expression (PCRE) libraries used in IBM Aspera Shares Application
2018-06-15 07:08:32
Security Bulletin: Multiple vulnerabilities Perl Compatible Regular Expression (PCRE) libraries - IBM Aspera Shares Application
2019-07-10 10:10:01
symantec
symantec
SA128 : Multiple PCRE Vulnerabilities
2016-07-07 08:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: mingw-pcre-8.38-1.fc22
2016-02-17 04:25:54
[SECURITY] Fedora 23 Update: mingw-pcre-8.38-1.fc23
2016-02-17 04:01:55
[SECURITY] Fedora 24 Update: curl-7.47.1-9.fc24
2016-11-06 00:28:22
openwrt
openwrt
pcre: Security update (18 CVEs)
2016-01-28 12:40:02
gentoo
gentoo
libpcre: Multiple Vulnerabilities
2016-07-09 00:00:00
ubuntu
ubuntu
PCRE vulnerabilities
2016-03-29 00:00:00
curl vulnerabilities
2016-11-03 00:00:00
libxml2 vulnerabilities
2016-06-06 00:00:00
f5
f5
SOL20225390 - Multiple PCRE vulnerabilities
2016-02-04 00:00:00
K20225390 : Multiple PCRE vulnerabilities
2016-02-04 00:00:00
debian
debian
[SECURITY] [DLA 503-1] libxml2 security update
2016-06-03 19:22:01
[SECURITY] [DSA 3593-1] libxml2 security update
2016-06-02 20:28:31
[SECURITY] [DSA 3593-1] libxml2 security update
2016-06-02 20:28:31
cloudfoundry
cloudfoundry
USN-3123-1: curl vulnerabilities | Cloud Foundry
2016-12-13 00:00:00
USN-2994-1 libxml2 vulnerabilities | Cloud Foundry
2016-06-13 00:00:00
osv
osv
curl - security update
2016-11-03 00:00:00
openssl - security update
2016-09-22 00:00:00
curl - security update
2016-11-17 00:00:00
mageia
mageia
Updated libxml2 packages fix security vulnerability
2016-07-27 00:59:16
Updated openssl packages fix security vulnerabilities
2016-10-12 01:12:20
altlinux
altlinux
Security fix for the ALT Linux 7 package openssl10 version 1.0.1u-alt0.M70P.1
2016-09-23 00:00:00
Security fix for the ALT Linux 10 package openssl1.1 version 1.0.2i-alt1
2016-09-22 00:00:00
Security fix for the ALT Linux 9 package openssl1.1 version 1.0.2i-alt1
2016-09-22 00:00:00
amazon
amazon
Medium: curl
2016-11-10 18:00:00
Important: libxml2
2016-07-14 16:30:00
archlinux
archlinux
[ASA-201609-24] lib32-openssl: multiple issues
2016-09-26 00:00:00
[ASA-201609-23] openssl: multiple issues
2016-09-26 00:00:00
libxml2: multiple issues
2016-05-26 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-16:26.openssl
2016-09-23 00:00:00
redhat
redhat
(RHSA-2016:1025) Important: pcre security update
2016-05-11 11:17:05
(RHSA-2016:1292) Important: libxml2 security update
2016-06-23 08:21:08
(RHSA-2016:1940) Important: openssl security update
2016-09-27 11:50:45
centos
centos
pcre security update
2016-05-13 00:44:08
openssl security update
2016-09-28 14:48:04
oraclelinux
oraclelinux
openssl security update
2016-09-27 00:00:00
libxml2 security update
2016-06-23 00:00:00

0.976 High

EPSS

Percentile

100.0%

JSON
Related for SUSE-SU-2017:2699-1
openvas54suse14nessus62ibm21symantec1fedora5openwrt1gentoo1ubuntu5f52debian7cloudfoundry2osv5mageia2altlinux4amazon2archlinux3freebsd_advisory1redhat3centos2oraclelinux2