Security update for SLES 12-SP2 Docker image
| Announcement ID: | SUSE-SU-2017:2701-1 |
| Rating: | important |
| References: | #1056193 |
| Affected Products: |
An update that fixes 47 vulnerabilities is now available.
Description:
The SUSE Linux Enterprise Server 12 SP2 container image has been updated
to include security and stability fixes.
The following issues related to building of the container images have been
fixed:
- Included krb5 package to avoid the inclusion of krb5-mini which gets
selected as a dependency by the Build Service solver. (bsc#1056193)
A number of security issues that have been already fixed by updates
released for SUSE Linux Enterprise Server 12 are now included in the base
image. A package/CVE cross-reference is available below.
bash:
- CVE-2016-9401
expat:
- CVE-2012-6702
- CVE-2016-5300
- CVE-2016-9063
- CVE-2017-9233
curl:
- CVE-2016-9586
- CVE-2017-1000100
- CVE-2017-1000101
- CVE-2017-7407
glibc:
- CVE-2017-1000366
openssl:
- CVE-2017-3731
- CVE-2017-3732
- CVE-2016-7055
pam:
- CVE-2015-3238
apparmor:
- CVE-2017-6507
ncurses:
- CVE-2017-10684
- CVE-2017-10685
- CVE-2017-11112
- CVE-2017-11113
libgcrypt:
- CVE-2017-7526
libxml2:
- CVE-2016-1839
- CVE-2016-4658
- CVE-2016-9318
- CVE-2016-9597
- CVE-2017-0663
- CVE-2017-5969
- CVE-2017-7375
- CVE-2017-7376
- CVE-2017-8872
- CVE-2017-9047
- CVE-2017-9048
- CVE-2017-9049
- CVE-2017-9050
libzypp:
- CVE-2017-9269
- CVE-2017-7435
- CVE-2017-7436
openldap2:
- CVE-2017-9287
systemd:
- CVE-2016-10156
- CVE-2017-9217
- CVE-2017-9445
util-linux:
- CVE-2016-5011
- CVE-2017-2616
zlib:
- CVE-2016-9840
- CVE-2016-9841
- CVE-2016-9842
- CVE-2016-9843
zypper:
- CVE-2017-7436
Finally, the following packages received non-security fixes:
- binutils
- cpio
- cryptsetup
- cyrus-sasl
- dbus-1
- dirmngr
- e2fsprogs
- gpg2
- insserv-compat
- kmod
- libsolv
- libsemanage
- lvm2
- lua51
- netcfg
- procps
- sed
- sg3_utils
- shadow
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Module for Containers 12:
zypper in -t patch SUSE-SLE-Module-Containers-12-2017-1674=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Module for Containers 12 (ppc64le s390x x86_64):
- sles12sp2-docker-image-1.0.2-20171006
References:
- https://www.suse.com/security/cve/CVE-2012-6702.html
- https://www.suse.com/security/cve/CVE-2015-3238.html
- https://www.suse.com/security/cve/CVE-2016-10156.html
- https://www.suse.com/security/cve/CVE-2016-1839.html
- https://www.suse.com/security/cve/CVE-2016-2037.html
- https://www.suse.com/security/cve/CVE-2016-4658.html
- https://www.suse.com/security/cve/CVE-2016-5011.html
- https://www.suse.com/security/cve/CVE-2016-5300.html
- https://www.suse.com/security/cve/CVE-2016-7055.html
- https://www.suse.com/security/cve/CVE-2016-9063.html
- https://www.suse.com/security/cve/CVE-2016-9318.html
- https://www.suse.com/security/cve/CVE-2016-9401.html
- https://www.suse.com/security/cve/CVE-2016-9586.html
- https://www.suse.com/security/cve/CVE-2016-9597.html
- https://www.suse.com/security/cve/CVE-2016-9840.html
- https://www.suse.com/security/cve/CVE-2016-9841.html
- https://www.suse.com/security/cve/CVE-2016-9842.html
- https://www.suse.com/security/cve/CVE-2016-9843.html
- https://www.suse.com/security/cve/CVE-2017-0663.html
- https://www.suse.com/security/cve/CVE-2017-1000100.html
- https://www.suse.com/security/cve/CVE-2017-1000101.html
- https://www.suse.com/security/cve/CVE-2017-1000366.html
- https://www.suse.com/security/cve/CVE-2017-10684.html
- https://www.suse.com/security/cve/CVE-2017-10685.html
- https://www.suse.com/security/cve/CVE-2017-11112.html
- https://www.suse.com/security/cve/CVE-2017-11113.html
- https://www.suse.com/security/cve/CVE-2017-2616.html
- https://www.suse.com/security/cve/CVE-2017-3731.html
- https://www.suse.com/security/cve/CVE-2017-3732.html
- https://www.suse.com/security/cve/CVE-2017-5969.html
- https://www.suse.com/security/cve/CVE-2017-6507.html
- https://www.suse.com/security/cve/CVE-2017-7375.html
- https://www.suse.com/security/cve/CVE-2017-7376.html
- https://www.suse.com/security/cve/CVE-2017-7407.html
- https://www.suse.com/security/cve/CVE-2017-7435.html
- https://www.suse.com/security/cve/CVE-2017-7436.html
- https://www.suse.com/security/cve/CVE-2017-7526.html
- https://www.suse.com/security/cve/CVE-2017-8872.html
- https://www.suse.com/security/cve/CVE-2017-9047.html
- https://www.suse.com/security/cve/CVE-2017-9048.html
- https://www.suse.com/security/cve/CVE-2017-9049.html
- https://www.suse.com/security/cve/CVE-2017-9050.html
- https://www.suse.com/security/cve/CVE-2017-9217.html
- https://www.suse.com/security/cve/CVE-2017-9233.html
- https://www.suse.com/security/cve/CVE-2017-9269.html
- https://www.suse.com/security/cve/CVE-2017-9287.html
- https://www.suse.com/security/cve/CVE-2017-9445.html
- https://bugzilla.suse.com/1056193