[security-announce] SUSE-SU-2017:2700-1: important: Security update for SLES 12-SP1 Docker image

SUSE Security Update: Security update for SLES 12-SP1 Docker image ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:2700-1 Rating: important References: #1056193 #975726 Cross-References: CVE-2012-6702 CVE-2014-0191 CVE-2014-6271 CVE-2014-6277 CVE-2014-6278 CVE-2014-7169 CVE-2014-7187 CVE-2014-7824 CVE-2014-8964 CVE-2014-9770 CVE-2015-0245 CVE-2015-0860 CVE-2015-1283 CVE-2015-2059 CVE-2015-2325 CVE-2015-2327 CVE-2015-2328 CVE-2015-3210 CVE-2015-3217 CVE-2015-3238 CVE-2015-3622 CVE-2015-5073 CVE-2015-5276 CVE-2015-7511 CVE-2015-8380 CVE-2015-8381 CVE-2015-8382 CVE-2015-8383 CVE-2015-8384 CVE-2015-8385 CVE-2015-8386 CVE-2015-8387 CVE-2015-8388 CVE-2015-8389 CVE-2015-8390 CVE-2015-8391 CVE-2015-8392 CVE-2015-8393 CVE-2015-8394 CVE-2015-8395 CVE-2015-8806 CVE-2015-8842 CVE-2015-8853 CVE-2015-8948 CVE-2016-0634 CVE-2016-0718 CVE-2016-0787 CVE-2016-1234 CVE-2016-1238 CVE-2016-1283 CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-2037 CVE-2016-2073 CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-2183 CVE-2016-2381 CVE-2016-3075 CVE-2016-3191 CVE-2016-3627 CVE-2016-3705 CVE-2016-3706 CVE-2016-4008 CVE-2016-4429 CVE-2016-4447 CVE-2016-4448 CVE-2016-4449 CVE-2016-4483 CVE-2016-4574 CVE-2016-4579 CVE-2016-4658 CVE-2016-5011 CVE-2016-5300 CVE-2016-5419 CVE-2016-5420 CVE-2016-5421 CVE-2016-6185 CVE-2016-6261 CVE-2016-6262 CVE-2016-6263 CVE-2016-6302 CVE-2016-6303 CVE-2016-6304 CVE-2016-6306 CVE-2016-6313 CVE-2016-6318 CVE-2016-7056 CVE-2016-7141 CVE-2016-7167 CVE-2016-7543 CVE-2016-7796 CVE-2016-8610 CVE-2016-8615 CVE-2016-8616 CVE-2016-8617 CVE-2016-8618 CVE-2016-8619 CVE-2016-8620 CVE-2016-8621 CVE-2016-8622 CVE-2016-8623 CVE-2016-8624 CVE-2016-9063 CVE-2016-9318 CVE-2016-9586 CVE-2016-9597 CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 CVE-2017-1000100 CVE-2017-1000101 CVE-2017-1000366 CVE-2017-10684 CVE-2017-10685 CVE-2017-11112 CVE-2017-11113 CVE-2017-2616 CVE-2017-3731 CVE-2017-6507 CVE-2017-7407 CVE-2017-7526 CVE-2017-9047 CVE-2017-9048 CVE-2017-9049 CVE-2017-9050 CVE-2017-9233 Affected Products: SUSE Linux Enterprise Module for Containers 12 ______________________________________________________________________________ An update that fixes 143 vulnerabilities is now available. Description: The SUSE Linux Enterprise Server 12 SP1 container image has been updated to include security and stability fixes. The following issues related to building of the container images have been fixed: - Included krb5 package to avoid the inclusion of krb5-mini which gets selected as a dependency by the Build Service solver. (bsc#1056193) - Do not install recommended packages when building container images. (bsc#975726) A number of security issues that have been already fixed by updates released for SUSE Linux Enterprise Server 12 SP1 are now included in the base image. A package/CVE cross-reference is available below. pam: - CVE-2015-3238 libtasn1: - CVE-2015-3622 - CVE-2016-4008 expat: expat: - CVE-2012-6702 - CVE-2015-1283 - CVE-2016-0718 - CVE-2016-5300 - CVE-2016-9063 - CVE-2017-9233 libidn: - CVE-2015-2059 - CVE-2015-8948 - CVE-2016-6261 - CVE-2016-6262 - CVE-2016-6263 zlib: - CVE-2016-9840 - CVE-2016-9841 - CVE-2016-9842 - CVE-2016-9843 curl: - CVE-2016-5419 - CVE-2016-5420 - CVE-2016-5421 - CVE-2016-7141 - CVE-2016-7167 - CVE-2016-8615 - CVE-2016-8616 - CVE-2016-8617 - CVE-2016-8618 - CVE-2016-8619 - CVE-2016-8620 - CVE-2016-8621 - CVE-2016-8622 - CVE-2016-8623 - CVE-2016-8624 - CVE-2016-9586 - CVE-2017-1000100 - CVE-2017-1000101 - CVE-2017-7407 openssl: - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2107 - CVE-2016-2108 - CVE-2016-2109 - CVE-2016-2177 - CVE-2016-2178 - CVE-2016-2179 - CVE-2016-2180 - CVE-2016-2181 - CVE-2016-2182 - CVE-2016-2183 - CVE-2016-6302 - CVE-2016-6303 - CVE-2016-6304 - CVE-2016-6306 - CVE-2016-7056 - CVE-2016-8610 - CVE-2017-3731 cracklib: - CVE-2016-6318 pcre: - CVE-2014-8964 - CVE-2015-2325 - CVE-2015-2327 - CVE-2015-2328 - CVE-2015-3210 - CVE-2015-3217 - CVE-2015-5073 - CVE-2015-8380 - CVE-2015-8381 - CVE-2015-8382 - CVE-2015-8383 - CVE-2015-8384 - CVE-2015-8385 - CVE-2015-8386 - CVE-2015-8387 - CVE-2015-8388 - CVE-2015-8389 - CVE-2015-8390 - CVE-2015-8391 - CVE-2015-8392 - CVE-2015-8393 - CVE-2015-8394 - CVE-2015-8395 - CVE-2016-1283 - CVE-2016-3191 appamor: - CVE-2017-6507 bash: - CVE-2014-6277 - CVE-2014-6278 - CVE-2016-0634 - CVE-2016-7543 cpio: - CVE-2016-2037 glibc: - CVE-2016-1234 - CVE-2016-3075 - CVE-2016-3706 - CVE-2016-4429 - CVE-2017-1000366 perl: - CVE-2015-8853 - CVE-2016-1238 - CVE-2016-2381 - CVE-2016-6185 libssh2_org: - CVE-2016-0787 util-linux: - CVE-2016-5011 - CVE-2017-2616 ncurses: - CVE-2017-10684 - CVE-2017-10685 - CVE-2017-11112 - CVE-2017-11113 libksba: - CVE-2016-4574 - CVE-2016-4579 libxml2: - CVE-2014-0191 - CVE-2015-8806 - CVE-2016-1762 - CVE-2016-1833 - CVE-2016-1834 - CVE-2016-1835 - CVE-2016-1837 - CVE-2016-1838 - CVE-2016-1839 - CVE-2016-1840 - CVE-2016-2073 - CVE-2016-3627 - CVE-2016-3705 - CVE-2016-4447 - CVE-2016-4448 - CVE-2016-4449 - CVE-2016-4483 - CVE-2016-4658 - CVE-2016-9318 - CVE-2016-9597 - CVE-2017-9047 - CVE-2017-9048 - CVE-2017-9049 - CVE-2017-9050 libgcrypt: - CVE-2015-7511 - CVE-2016-6313 - CVE-2017-7526 update-alternatives: - CVE-2015-0860 systemd: - CVE-2014-9770 - CVE-2015-8842 - CVE-2016-7796 dbus-1: - CVE-2014-7824 - CVE-2015-0245 Finally, the following packages received non-security fixes: - augeas - bzip2 - ca-certificates-mozilla - coreutils - cryptsetup - cyrus-sasl - dirmngr - e2fsprogs - findutils - gpg2 - insserv-compat - kmod - libcap - libsolv - libzypp - lua51 - lvm2 - netcfg - p11-kit - permissions - procps - rpm - sed - sg3_utils - shadow - zypper Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Containers 12: zypper in -t patch SUSE-SLE-Module-Containers-12-2017-1673=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Module for Containers 12 (ppc64le s390x x86_64): sles12sp1-docker-image-1.0.7-20171002 References: https://www.suse.com/security/cve/CVE-2012-6702.html https://www.suse.com/security/cve/CVE-2014-0191.html https://www.suse.com/security/cve/CVE-2014-6271.html https://www.suse.com/security/cve/CVE-2014-6277.html https://www.suse.com/security/cve/CVE-2014-6278.html https://www.suse.com/security/cve/CVE-2014-7169.html https://www.suse.com/security/cve/CVE-2014-7187.html https://www.suse.com/security/cve/CVE-2014-7824.html https://www.suse.com/security/cve/CVE-2014-8964.html https://www.suse.com/security/cve/CVE-2014-9770.html https://www.suse.com/security/cve/CVE-2015-0245.html https://www.suse.com/security/cve/CVE-2015-0860.html https://www.suse.com/security/cve/CVE-2015-1283.html https://www.suse.com/security/cve/CVE-2015-2059.html https://www.suse.com/security/cve/CVE-2015-2325.html https://www.suse.com/security/cve/CVE-2015-2327.html https://www.suse.com/security/cve/CVE-2015-2328.html https://www.suse.com/security/cve/CVE-2015-3210.html https://www.suse.com/security/cve/CVE-2015-3217.html https://www.suse.com/security/cve/CVE-2015-3238.html https://www.suse.com/security/cve/CVE-2015-3622.html https://www.suse.com/security/cve/CVE-2015-5073.html https://www.suse.com/security/cve/CVE-2015-5276.html https://www.suse.com/security/cve/CVE-2015-7511.html https://www.suse.com/security/cve/CVE-2015-8380.html https://www.suse.com/security/cve/CVE-2015-8381.html https://www.suse.com/security/cve/CVE-2015-8382.html https://www.suse.com/security/cve/CVE-2015-8383.html https://www.suse.com/security/cve/CVE-2015-8384.html https://www.suse.com/security/cve/CVE-2015-8385.html https://www.suse.com/security/cve/CVE-2015-8386.html https://www.suse.com/security/cve/CVE-2015-8387.html https://www.suse.com/security/cve/CVE-2015-8388.html https://www.suse.com/security/cve/CVE-2015-8389.html https://www.suse.com/security/cve/CVE-2015-8390.html https://www.suse.com/security/cve/CVE-2015-8391.html https://www.suse.com/security/cve/CVE-2015-8392.html https://www.suse.com/security/cve/CVE-2015-8393.html https://www.suse.com/security/cve/CVE-2015-8394.html https://www.suse.com/security/cve/CVE-2015-8395.html https://www.suse.com/security/cve/CVE-2015-8806.html https://www.suse.com/security/cve/CVE-2015-8842.html https://www.suse.com/security/cve/CVE-2015-8853.html https://www.suse.com/security/cve/CVE-2015-8948.html https://www.suse.com/security/cve/CVE-2016-0634.html https://www.suse.com/security/cve/CVE-2016-0718.html https://www.suse.com/security/cve/CVE-2016-0787.html https://www.suse.com/security/cve/CVE-2016-1234.html https://www.suse.com/security/cve/CVE-2016-1238.html https://www.suse.com/security/cve/CVE-2016-1283.html https://www.suse.com/security/cve/CVE-2016-1762.html https://www.suse.com/security/cve/CVE-2016-1833.html https://www.suse.com/security/cve/CVE-2016-1834.html https://www.suse.com/security/cve/CVE-2016-1835.html https://www.suse.com/security/cve/CVE-2016-1837.html https://www.suse.com/security/cve/CVE-2016-1838.html https://www.suse.com/security/cve/CVE-2016-1839.html https://www.suse.com/security/cve/CVE-2016-1840.html https://www.suse.com/security/cve/CVE-2016-2037.html https://www.suse.com/security/cve/CVE-2016-2073.html https://www.suse.com/security/cve/CVE-2016-2105.html https://www.suse.com/security/cve/CVE-2016-2106.html https://www.suse.com/security/cve/CVE-2016-2107.html https://www.suse.com/security/cve/CVE-2016-2108.html https://www.suse.com/security/cve/CVE-2016-2109.html https://www.suse.com/security/cve/CVE-2016-2177.html https://www.suse.com/security/cve/CVE-2016-2178.html https://www.suse.com/security/cve/CVE-2016-2179.html https://www.suse.com/security/cve/CVE-2016-2180.html https://www.suse.com/security/cve/CVE-2016-2181.html https://www.suse.com/security/cve/CVE-2016-2182.html https://www.suse.com/security/cve/CVE-2016-2183.html https://www.suse.com/security/cve/CVE-2016-2381.html https://www.suse.com/security/cve/CVE-2016-3075.html https://www.suse.com/security/cve/CVE-2016-3191.html https://www.suse.com/security/cve/CVE-2016-3627.html https://www.suse.com/security/cve/CVE-2016-3705.html https://www.suse.com/security/cve/CVE-2016-3706.html https://www.suse.com/security/cve/CVE-2016-4008.html https://www.suse.com/security/cve/CVE-2016-4429.html https://www.suse.com/security/cve/CVE-2016-4447.html https://www.suse.com/security/cve/CVE-2016-4448.html https://www.suse.com/security/cve/CVE-2016-4449.html https://www.suse.com/security/cve/CVE-2016-4483.html https://www.suse.com/security/cve/CVE-2016-4574.html https://www.suse.com/security/cve/CVE-2016-4579.html https://www.suse.com/security/cve/CVE-2016-4658.html https://www.suse.com/security/cve/CVE-2016-5011.html https://www.suse.com/security/cve/CVE-2016-5300.html https://www.suse.com/security/cve/CVE-2016-5419.html https://www.suse.com/security/cve/CVE-2016-5420.html https://www.suse.com/security/cve/CVE-2016-5421.html https://www.suse.com/security/cve/CVE-2016-6185.html https://www.suse.com/security/cve/CVE-2016-6261.html https://www.suse.com/security/cve/CVE-2016-6262.html https://www.suse.com/security/cve/CVE-2016-6263.html https://www.suse.com/security/cve/CVE-2016-6302.html https://www.suse.com/security/cve/CVE-2016-6303.html https://www.suse.com/security/cve/CVE-2016-6304.html https://www.suse.com/security/cve/CVE-2016-6306.html https://www.suse.com/security/cve/CVE-2016-6313.html https://www.suse.com/security/cve/CVE-2016-6318.html https://www.suse.com/security/cve/CVE-2016-7056.html https://www.suse.com/security/cve/CVE-2016-7141.html https://www.suse.com/security/cve/CVE-2016-7167.html https://www.suse.com/security/cve/CVE-2016-7543.html https://www.suse.com/security/cve/CVE-2016-7796.html https://www.suse.com/security/cve/CVE-2016-8610.html https://www.suse.com/security/cve/CVE-2016-8615.html https://www.suse.com/security/cve/CVE-2016-8616.html https://www.suse.com/security/cve/CVE-2016-8617.html https://www.suse.com/security/cve/CVE-2016-8618.html https://www.suse.com/security/cve/CVE-2016-8619.html https://www.suse.com/security/cve/CVE-2016-8620.html https://www.suse.com/security/cve/CVE-2016-8621.html https://www.suse.com/security/cve/CVE-2016-8622.html https://www.suse.com/security/cve/CVE-2016-8623.html https://www.suse.com/security/cve/CVE-2016-8624.html https://www.suse.com/security/cve/CVE-2016-9063.html https://www.suse.com/security/cve/CVE-2016-9318.html https://www.suse.com/security/cve/CVE-2016-9586.html https://www.suse.com/security/cve/CVE-2016-9597.html https://www.suse.com/security/cve/CVE-2016-9840.html https://www.suse.com/security/cve/CVE-2016-9841.html https://www.suse.com/security/cve/CVE-2016-9842.html https://www.suse.com/security/cve/CVE-2016-9843.html https://www.suse.com/security/cve/CVE-2017-1000100.html https://www.suse.com/security/cve/CVE-2017-1000101.html https://www.suse.com/security/cve/CVE-2017-1000366.html https://www.suse.com/security/cve/CVE-2017-10684.html https://www.suse.com/security/cve/CVE-2017-10685.html https://www.suse.com/security/cve/CVE-2017-11112.html https://www.suse.com/security/cve/CVE-2017-11113.html https://www.suse.com/security/cve/CVE-2017-2616.html https://www.suse.com/security/cve/CVE-2017-3731.html https://www.suse.com/security/cve/CVE-2017-6507.html https://www.suse.com/security/cve/CVE-2017-7407.html https://www.suse.com/security/cve/CVE-2017-7526.html https://www.suse.com/security/cve/CVE-2017-9047.html https://www.suse.com/security/cve/CVE-2017-9048.html https://www.suse.com/security/cve/CVE-2017-9049.html https://www.suse.com/security/cve/CVE-2017-9050.html https://www.suse.com/security/cve/CVE-2017-9233.html https://bugzilla.suse.com/1056193 https://bugzilla.suse.com/975726 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security-announce+help@opensuse.org