SUSE 5149 Published by

The following security update are available for SUSE:

SUSE-SU-2017:2699-1: important: Security update for SLES 12 Docker image
SUSE-SU-2017:2700-1: important: Security update for SLES 12-SP1 Docker image
SUSE-SU-2017:2701-1: important: Security update for SLES 12-SP2 Docker image



SUSE-SU-2017:2699-1: important: Security update for SLES 12 Docker image

SUSE Security Update: Security update for SLES 12 Docker image
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:2699-1
Rating: important
References: #1056193 #975726
Cross-References: CVE-2012-6702 CVE-2014-0191 CVE-2014-6271
CVE-2014-6277 CVE-2014-6278 CVE-2014-7169
CVE-2014-7187 CVE-2014-7824 CVE-2014-8964
CVE-2014-9770 CVE-2015-0245 CVE-2015-1283
CVE-2015-2059 CVE-2015-2325 CVE-2015-2327
CVE-2015-2328 CVE-2015-3210 CVE-2015-3217
CVE-2015-3238 CVE-2015-3622 CVE-2015-5073
CVE-2015-5218 CVE-2015-5276 CVE-2015-7511
CVE-2015-8380 CVE-2015-8381 CVE-2015-8382
CVE-2015-8383 CVE-2015-8384 CVE-2015-8385
CVE-2015-8386 CVE-2015-8387 CVE-2015-8388
CVE-2015-8389 CVE-2015-8390 CVE-2015-8391
CVE-2015-8392 CVE-2015-8393 CVE-2015-8394
CVE-2015-8395 CVE-2015-8806 CVE-2015-8842
CVE-2015-8853 CVE-2015-8948 CVE-2016-0634
CVE-2016-0718 CVE-2016-0787 CVE-2016-1234
CVE-2016-1238 CVE-2016-1283 CVE-2016-1762
CVE-2016-1833 CVE-2016-1834 CVE-2016-1835
CVE-2016-1837 CVE-2016-1838 CVE-2016-1839
CVE-2016-1840 CVE-2016-2037 CVE-2016-2073
CVE-2016-2105 CVE-2016-2106 CVE-2016-2107
CVE-2016-2108 CVE-2016-2109 CVE-2016-2177
CVE-2016-2178 CVE-2016-2179 CVE-2016-2180
CVE-2016-2181 CVE-2016-2182 CVE-2016-2183
CVE-2016-2381 CVE-2016-3075 CVE-2016-3191
CVE-2016-3627 CVE-2016-3705 CVE-2016-3706
CVE-2016-4008 CVE-2016-4429 CVE-2016-4447
CVE-2016-4448 CVE-2016-4449 CVE-2016-4483
CVE-2016-4574 CVE-2016-4579 CVE-2016-4658
CVE-2016-5011 CVE-2016-5300 CVE-2016-5419
CVE-2016-5420 CVE-2016-5421 CVE-2016-6185
CVE-2016-6261 CVE-2016-6262 CVE-2016-6263
CVE-2016-6302 CVE-2016-6303 CVE-2016-6304
CVE-2016-6306 CVE-2016-6313 CVE-2016-6318
CVE-2016-7141 CVE-2016-7167 CVE-2016-7543
CVE-2016-7796 CVE-2016-8615 CVE-2016-8616
CVE-2016-8617 CVE-2016-8618 CVE-2016-8619
CVE-2016-8620 CVE-2016-8621 CVE-2016-8622
CVE-2016-8623 CVE-2016-8624 CVE-2016-9063
CVE-2016-9318 CVE-2016-9586 CVE-2016-9597
CVE-2016-9840 CVE-2016-9841 CVE-2016-9842
CVE-2016-9843 CVE-2017-1000100 CVE-2017-1000101
CVE-2017-1000366 CVE-2017-10684 CVE-2017-10685
CVE-2017-11112 CVE-2017-11113 CVE-2017-2616
CVE-2017-6507 CVE-2017-7407 CVE-2017-7526
CVE-2017-9047 CVE-2017-9048 CVE-2017-9049
CVE-2017-9050 CVE-2017-9233
Affected Products:
SUSE Linux Enterprise Module for Containers 12
______________________________________________________________________________

An update that fixes 140 vulnerabilities is now available.

Description:

The SUSE Linux Enterprise Server 12 container image has been updated to
include security and stability fixes.

The following issues related to building of the container images have been
fixed:

- Included krb5 package to avoid the inclusion of krb5-mini which gets
selected as a dependency by the Build Service solver. (bsc#1056193)
- Do not install recommended packages when building container images.
(bsc#975726)

A number of security issues that have been already fixed by updates
released for SUSE Linux Enterprise Server 12 are now included in the base
image. A package/CVE cross-reference is available below.

pam:

- CVE-2015-3238

libtasn1:

- CVE-2015-3622
- CVE-2016-4008

libidn:

- CVE-2015-2059
- CVE-2015-8948
- CVE-2016-6261
- CVE-2016-6262
- CVE-2016-6263

zlib:

- CVE-2016-9840
- CVE-2016-9841
- CVE-2016-9842
- CVE-2016-9843

curl:

- CVE-2016-5419
- CVE-2016-5420
- CVE-2016-5421
- CVE-2016-7141
- CVE-2016-7167
- CVE-2016-8615
- CVE-2016-8616
- CVE-2016-8617
- CVE-2016-8618
- CVE-2016-8619
- CVE-2016-8620
- CVE-2016-8621
- CVE-2016-8622
- CVE-2016-8623
- CVE-2016-8624
- CVE-2016-9586
- CVE-2017-1000100
- CVE-2017-1000101
- CVE-2017-7407

openssl:

- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2177
- CVE-2016-2178
- CVE-2016-2179
- CVE-2016-2180
- CVE-2016-2181
- CVE-2016-2182
- CVE-2016-2183
- CVE-2016-6302
- CVE-2016-6303
- CVE-2016-6304
- CVE-2016-6306

libxml2:

- CVE-2014-0191
- CVE-2015-8806
- CVE-2016-1762
- CVE-2016-1833
- CVE-2016-1834
- CVE-2016-1835
- CVE-2016-1837
- CVE-2016-1838
- CVE-2016-1839
- CVE-2016-1840
- CVE-2016-2073
- CVE-2016-3627
- CVE-2016-3705
- CVE-2016-4447
- CVE-2016-4448
- CVE-2016-4449
- CVE-2016-4483
- CVE-2016-4658
- CVE-2016-9318
- CVE-2016-9597
- CVE-2017-9047
- CVE-2017-9048
- CVE-2017-9049
- CVE-2017-9050

util-linux:

- CVE-2015-5218
- CVE-2016-5011
- CVE-2017-2616

cracklib:

- CVE-2016-6318

systemd:

- CVE-2014-9770
- CVE-2015-8842
- CVE-2016-7796

pcre:

- CVE-2014-8964
- CVE-2015-2325
- CVE-2015-2327
- CVE-2015-2328
- CVE-2015-3210
- CVE-2015-3217
- CVE-2015-5073
- CVE-2015-8380
- CVE-2015-8381
- CVE-2015-8382
- CVE-2015-8383
- CVE-2015-8384
- CVE-2015-8385
- CVE-2015-8386
- CVE-2015-8387
- CVE-2015-8388
- CVE-2015-8389
- CVE-2015-8390
- CVE-2015-8391
- CVE-2015-8392
- CVE-2015-8393
- CVE-2015-8394
- CVE-2015-8395
- CVE-2016-1283
- CVE-2016-3191

appamor:

- CVE-2017-6507

bash:

- CVE-2014-6277
- CVE-2014-6278
- CVE-2016-0634
- CVE-2016-7543

cpio:

- CVE-2016-2037

glibc:

- CVE-2016-1234
- CVE-2016-3075
- CVE-2016-3706
- CVE-2016-4429
- CVE-2017-1000366

perl:

- CVE-2015-8853
- CVE-2016-1238
- CVE-2016-2381
- CVE-2016-6185

libssh2_org:

- CVE-2016-0787

expat:

- CVE-2012-6702
- CVE-2015-1283
- CVE-2016-0718
- CVE-2016-5300
- CVE-2016-9063
- CVE-2017-9233

ncurses:

- CVE-2017-10684
- CVE-2017-10685
- CVE-2017-11112
- CVE-2017-11113

libksba:

- CVE-2016-4574
- CVE-2016-4579

libgcrypt:

- CVE-2015-7511
- CVE-2016-6313
- CVE-2017-7526

dbus-1:

- CVE-2014-7824
- CVE-2015-0245

Finally, the following packages received non-security fixes:

- augeas
- bzip2
- ca-certificates-mozilla
- coreutils
- cryptsetup
- cyrus-sasl
- dirmngr
- e2fsprogs
- findutils
- gpg2
- insserv-compat
- kmod
- libcap
- libsolv
- libzypp
- openldap2
- p11-kit
- permissions
- procps
- rpm
- sed
- shadow
- zypper


Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- SUSE Linux Enterprise Module for Containers 12:

zypper in -t patch SUSE-SLE-Module-Containers-12-2017-1672=1

To bring your system up-to-date, use "zypper patch".


Package List:

- SUSE Linux Enterprise Module for Containers 12 (ppc64le s390x x86_64):

sles12-docker-image-1.1.4-20171002


References:

https://www.suse.com/security/cve/CVE-2012-6702.html
https://www.suse.com/security/cve/CVE-2014-0191.html
https://www.suse.com/security/cve/CVE-2014-6271.html
https://www.suse.com/security/cve/CVE-2014-6277.html
https://www.suse.com/security/cve/CVE-2014-6278.html
https://www.suse.com/security/cve/CVE-2014-7169.html
https://www.suse.com/security/cve/CVE-2014-7187.html
https://www.suse.com/security/cve/CVE-2014-7824.html
https://www.suse.com/security/cve/CVE-2014-8964.html
https://www.suse.com/security/cve/CVE-2014-9770.html
https://www.suse.com/security/cve/CVE-2015-0245.html
https://www.suse.com/security/cve/CVE-2015-1283.html
https://www.suse.com/security/cve/CVE-2015-2059.html
https://www.suse.com/security/cve/CVE-2015-2325.html
https://www.suse.com/security/cve/CVE-2015-2327.html
https://www.suse.com/security/cve/CVE-2015-2328.html
https://www.suse.com/security/cve/CVE-2015-3210.html
https://www.suse.com/security/cve/CVE-2015-3217.html
https://www.suse.com/security/cve/CVE-2015-3238.html
https://www.suse.com/security/cve/CVE-2015-3622.html
https://www.suse.com/security/cve/CVE-2015-5073.html
https://www.suse.com/security/cve/CVE-2015-5218.html
https://www.suse.com/security/cve/CVE-2015-5276.html
https://www.suse.com/security/cve/CVE-2015-7511.html
https://www.suse.com/security/cve/CVE-2015-8380.html
https://www.suse.com/security/cve/CVE-2015-8381.html
https://www.suse.com/security/cve/CVE-2015-8382.html
https://www.suse.com/security/cve/CVE-2015-8383.html
https://www.suse.com/security/cve/CVE-2015-8384.html
https://www.suse.com/security/cve/CVE-2015-8385.html
https://www.suse.com/security/cve/CVE-2015-8386.html
https://www.suse.com/security/cve/CVE-2015-8387.html
https://www.suse.com/security/cve/CVE-2015-8388.html
https://www.suse.com/security/cve/CVE-2015-8389.html
https://www.suse.com/security/cve/CVE-2015-8390.html
https://www.suse.com/security/cve/CVE-2015-8391.html
https://www.suse.com/security/cve/CVE-2015-8392.html
https://www.suse.com/security/cve/CVE-2015-8393.html
https://www.suse.com/security/cve/CVE-2015-8394.html
https://www.suse.com/security/cve/CVE-2015-8395.html
https://www.suse.com/security/cve/CVE-2015-8806.html
https://www.suse.com/security/cve/CVE-2015-8842.html
https://www.suse.com/security/cve/CVE-2015-8853.html
https://www.suse.com/security/cve/CVE-2015-8948.html
https://www.suse.com/security/cve/CVE-2016-0634.html
https://www.suse.com/security/cve/CVE-2016-0718.html
https://www.suse.com/security/cve/CVE-2016-0787.html
https://www.suse.com/security/cve/CVE-2016-1234.html
https://www.suse.com/security/cve/CVE-2016-1238.html
https://www.suse.com/security/cve/CVE-2016-1283.html
https://www.suse.com/security/cve/CVE-2016-1762.html
https://www.suse.com/security/cve/CVE-2016-1833.html
https://www.suse.com/security/cve/CVE-2016-1834.html
https://www.suse.com/security/cve/CVE-2016-1835.html
https://www.suse.com/security/cve/CVE-2016-1837.html
https://www.suse.com/security/cve/CVE-2016-1838.html
https://www.suse.com/security/cve/CVE-2016-1839.html
https://www.suse.com/security/cve/CVE-2016-1840.html
https://www.suse.com/security/cve/CVE-2016-2037.html
https://www.suse.com/security/cve/CVE-2016-2073.html
https://www.suse.com/security/cve/CVE-2016-2105.html
https://www.suse.com/security/cve/CVE-2016-2106.html
https://www.suse.com/security/cve/CVE-2016-2107.html
https://www.suse.com/security/cve/CVE-2016-2108.html
https://www.suse.com/security/cve/CVE-2016-2109.html
https://www.suse.com/security/cve/CVE-2016-2177.html
https://www.suse.com/security/cve/CVE-2016-2178.html
https://www.suse.com/security/cve/CVE-2016-2179.html
https://www.suse.com/security/cve/CVE-2016-2180.html
https://www.suse.com/security/cve/CVE-2016-2181.html
https://www.suse.com/security/cve/CVE-2016-2182.html
https://www.suse.com/security/cve/CVE-2016-2183.html
https://www.suse.com/security/cve/CVE-2016-2381.html
https://www.suse.com/security/cve/CVE-2016-3075.html
https://www.suse.com/security/cve/CVE-2016-3191.html
https://www.suse.com/security/cve/CVE-2016-3627.html
https://www.suse.com/security/cve/CVE-2016-3705.html
https://www.suse.com/security/cve/CVE-2016-3706.html
https://www.suse.com/security/cve/CVE-2016-4008.html
https://www.suse.com/security/cve/CVE-2016-4429.html
https://www.suse.com/security/cve/CVE-2016-4447.html
https://www.suse.com/security/cve/CVE-2016-4448.html
https://www.suse.com/security/cve/CVE-2016-4449.html
https://www.suse.com/security/cve/CVE-2016-4483.html
https://www.suse.com/security/cve/CVE-2016-4574.html
https://www.suse.com/security/cve/CVE-2016-4579.html
https://www.suse.com/security/cve/CVE-2016-4658.html
https://www.suse.com/security/cve/CVE-2016-5011.html
https://www.suse.com/security/cve/CVE-2016-5300.html
https://www.suse.com/security/cve/CVE-2016-5419.html
https://www.suse.com/security/cve/CVE-2016-5420.html
https://www.suse.com/security/cve/CVE-2016-5421.html
https://www.suse.com/security/cve/CVE-2016-6185.html
https://www.suse.com/security/cve/CVE-2016-6261.html
https://www.suse.com/security/cve/CVE-2016-6262.html
https://www.suse.com/security/cve/CVE-2016-6263.html
https://www.suse.com/security/cve/CVE-2016-6302.html
https://www.suse.com/security/cve/CVE-2016-6303.html
https://www.suse.com/security/cve/CVE-2016-6304.html
https://www.suse.com/security/cve/CVE-2016-6306.html
https://www.suse.com/security/cve/CVE-2016-6313.html
https://www.suse.com/security/cve/CVE-2016-6318.html
https://www.suse.com/security/cve/CVE-2016-7141.html
https://www.suse.com/security/cve/CVE-2016-7167.html
https://www.suse.com/security/cve/CVE-2016-7543.html
https://www.suse.com/security/cve/CVE-2016-7796.html
https://www.suse.com/security/cve/CVE-2016-8615.html
https://www.suse.com/security/cve/CVE-2016-8616.html
https://www.suse.com/security/cve/CVE-2016-8617.html
https://www.suse.com/security/cve/CVE-2016-8618.html
https://www.suse.com/security/cve/CVE-2016-8619.html
https://www.suse.com/security/cve/CVE-2016-8620.html
https://www.suse.com/security/cve/CVE-2016-8621.html
https://www.suse.com/security/cve/CVE-2016-8622.html
https://www.suse.com/security/cve/CVE-2016-8623.html
https://www.suse.com/security/cve/CVE-2016-8624.html
https://www.suse.com/security/cve/CVE-2016-9063.html
https://www.suse.com/security/cve/CVE-2016-9318.html
https://www.suse.com/security/cve/CVE-2016-9586.html
https://www.suse.com/security/cve/CVE-2016-9597.html
https://www.suse.com/security/cve/CVE-2016-9840.html
https://www.suse.com/security/cve/CVE-2016-9841.html
https://www.suse.com/security/cve/CVE-2016-9842.html
https://www.suse.com/security/cve/CVE-2016-9843.html
https://www.suse.com/security/cve/CVE-2017-1000100.html
https://www.suse.com/security/cve/CVE-2017-1000101.html
https://www.suse.com/security/cve/CVE-2017-1000366.html
https://www.suse.com/security/cve/CVE-2017-10684.html
https://www.suse.com/security/cve/CVE-2017-10685.html
https://www.suse.com/security/cve/CVE-2017-11112.html
https://www.suse.com/security/cve/CVE-2017-11113.html
https://www.suse.com/security/cve/CVE-2017-2616.html
https://www.suse.com/security/cve/CVE-2017-6507.html
https://www.suse.com/security/cve/CVE-2017-7407.html
https://www.suse.com/security/cve/CVE-2017-7526.html
https://www.suse.com/security/cve/CVE-2017-9047.html
https://www.suse.com/security/cve/CVE-2017-9048.html
https://www.suse.com/security/cve/CVE-2017-9049.html
https://www.suse.com/security/cve/CVE-2017-9050.html
https://www.suse.com/security/cve/CVE-2017-9233.html
https://bugzilla.suse.com/1056193
https://bugzilla.suse.com/975726


SUSE-SU-2017:2700-1: important: Security update for SLES 12-SP1 Docker image

SUSE Security Update: Security update for SLES 12-SP1 Docker image
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:2700-1
Rating: important
References: #1056193 #975726
Cross-References: CVE-2012-6702 CVE-2014-0191 CVE-2014-6271
CVE-2014-6277 CVE-2014-6278 CVE-2014-7169
CVE-2014-7187 CVE-2014-7824 CVE-2014-8964
CVE-2014-9770 CVE-2015-0245 CVE-2015-0860
CVE-2015-1283 CVE-2015-2059 CVE-2015-2325
CVE-2015-2327 CVE-2015-2328 CVE-2015-3210
CVE-2015-3217 CVE-2015-3238 CVE-2015-3622
CVE-2015-5073 CVE-2015-5276 CVE-2015-7511
CVE-2015-8380 CVE-2015-8381 CVE-2015-8382
CVE-2015-8383 CVE-2015-8384 CVE-2015-8385
CVE-2015-8386 CVE-2015-8387 CVE-2015-8388
CVE-2015-8389 CVE-2015-8390 CVE-2015-8391
CVE-2015-8392 CVE-2015-8393 CVE-2015-8394
CVE-2015-8395 CVE-2015-8806 CVE-2015-8842
CVE-2015-8853 CVE-2015-8948 CVE-2016-0634
CVE-2016-0718 CVE-2016-0787 CVE-2016-1234
CVE-2016-1238 CVE-2016-1283 CVE-2016-1762
CVE-2016-1833 CVE-2016-1834 CVE-2016-1835
CVE-2016-1837 CVE-2016-1838 CVE-2016-1839
CVE-2016-1840 CVE-2016-2037 CVE-2016-2073
CVE-2016-2105 CVE-2016-2106 CVE-2016-2107
CVE-2016-2108 CVE-2016-2109 CVE-2016-2177
CVE-2016-2178 CVE-2016-2179 CVE-2016-2180
CVE-2016-2181 CVE-2016-2182 CVE-2016-2183
CVE-2016-2381 CVE-2016-3075 CVE-2016-3191
CVE-2016-3627 CVE-2016-3705 CVE-2016-3706
CVE-2016-4008 CVE-2016-4429 CVE-2016-4447
CVE-2016-4448 CVE-2016-4449 CVE-2016-4483
CVE-2016-4574 CVE-2016-4579 CVE-2016-4658
CVE-2016-5011 CVE-2016-5300 CVE-2016-5419
CVE-2016-5420 CVE-2016-5421 CVE-2016-6185
CVE-2016-6261 CVE-2016-6262 CVE-2016-6263
CVE-2016-6302 CVE-2016-6303 CVE-2016-6304
CVE-2016-6306 CVE-2016-6313 CVE-2016-6318
CVE-2016-7056 CVE-2016-7141 CVE-2016-7167
CVE-2016-7543 CVE-2016-7796 CVE-2016-8610
CVE-2016-8615 CVE-2016-8616 CVE-2016-8617
CVE-2016-8618 CVE-2016-8619 CVE-2016-8620
CVE-2016-8621 CVE-2016-8622 CVE-2016-8623
CVE-2016-8624 CVE-2016-9063 CVE-2016-9318
CVE-2016-9586 CVE-2016-9597 CVE-2016-9840
CVE-2016-9841 CVE-2016-9842 CVE-2016-9843
CVE-2017-1000100 CVE-2017-1000101 CVE-2017-1000366
CVE-2017-10684 CVE-2017-10685 CVE-2017-11112
CVE-2017-11113 CVE-2017-2616 CVE-2017-3731
CVE-2017-6507 CVE-2017-7407 CVE-2017-7526
CVE-2017-9047 CVE-2017-9048 CVE-2017-9049
CVE-2017-9050 CVE-2017-9233
Affected Products:
SUSE Linux Enterprise Module for Containers 12
______________________________________________________________________________

An update that fixes 143 vulnerabilities is now available.

Description:

The SUSE Linux Enterprise Server 12 SP1 container image has been updated
to include security and stability fixes.

The following issues related to building of the container images have been
fixed:

- Included krb5 package to avoid the inclusion of krb5-mini which gets
selected as a dependency by the Build Service solver. (bsc#1056193)
- Do not install recommended packages when building container images.
(bsc#975726)

A number of security issues that have been already fixed by updates
released for SUSE Linux Enterprise Server 12 SP1 are now included in the
base image. A package/CVE cross-reference is available below.

pam:

- CVE-2015-3238

libtasn1:

- CVE-2015-3622
- CVE-2016-4008

expat:

expat:

- CVE-2012-6702
- CVE-2015-1283
- CVE-2016-0718
- CVE-2016-5300
- CVE-2016-9063
- CVE-2017-9233

libidn:

- CVE-2015-2059
- CVE-2015-8948
- CVE-2016-6261
- CVE-2016-6262
- CVE-2016-6263


zlib:

- CVE-2016-9840
- CVE-2016-9841
- CVE-2016-9842
- CVE-2016-9843

curl:

- CVE-2016-5419
- CVE-2016-5420
- CVE-2016-5421
- CVE-2016-7141
- CVE-2016-7167
- CVE-2016-8615
- CVE-2016-8616
- CVE-2016-8617
- CVE-2016-8618
- CVE-2016-8619
- CVE-2016-8620
- CVE-2016-8621
- CVE-2016-8622
- CVE-2016-8623
- CVE-2016-8624
- CVE-2016-9586
- CVE-2017-1000100
- CVE-2017-1000101
- CVE-2017-7407

openssl:

- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2107
- CVE-2016-2108
- CVE-2016-2109
- CVE-2016-2177
- CVE-2016-2178
- CVE-2016-2179
- CVE-2016-2180
- CVE-2016-2181
- CVE-2016-2182
- CVE-2016-2183
- CVE-2016-6302
- CVE-2016-6303
- CVE-2016-6304
- CVE-2016-6306
- CVE-2016-7056
- CVE-2016-8610
- CVE-2017-3731

cracklib:

- CVE-2016-6318

pcre:

- CVE-2014-8964
- CVE-2015-2325
- CVE-2015-2327
- CVE-2015-2328
- CVE-2015-3210
- CVE-2015-3217
- CVE-2015-5073
- CVE-2015-8380
- CVE-2015-8381
- CVE-2015-8382
- CVE-2015-8383
- CVE-2015-8384
- CVE-2015-8385
- CVE-2015-8386
- CVE-2015-8387
- CVE-2015-8388
- CVE-2015-8389
- CVE-2015-8390
- CVE-2015-8391
- CVE-2015-8392
- CVE-2015-8393
- CVE-2015-8394
- CVE-2015-8395
- CVE-2016-1283
- CVE-2016-3191

appamor:

- CVE-2017-6507

bash:

- CVE-2014-6277
- CVE-2014-6278
- CVE-2016-0634
- CVE-2016-7543

cpio:

- CVE-2016-2037

glibc:

- CVE-2016-1234
- CVE-2016-3075
- CVE-2016-3706
- CVE-2016-4429
- CVE-2017-1000366

perl:

- CVE-2015-8853
- CVE-2016-1238
- CVE-2016-2381
- CVE-2016-6185

libssh2_org:

- CVE-2016-0787

util-linux:

- CVE-2016-5011
- CVE-2017-2616

ncurses:

- CVE-2017-10684
- CVE-2017-10685
- CVE-2017-11112
- CVE-2017-11113

libksba:

- CVE-2016-4574
- CVE-2016-4579

libxml2:

- CVE-2014-0191
- CVE-2015-8806
- CVE-2016-1762
- CVE-2016-1833
- CVE-2016-1834
- CVE-2016-1835
- CVE-2016-1837
- CVE-2016-1838
- CVE-2016-1839
- CVE-2016-1840
- CVE-2016-2073
- CVE-2016-3627
- CVE-2016-3705
- CVE-2016-4447
- CVE-2016-4448
- CVE-2016-4449
- CVE-2016-4483
- CVE-2016-4658
- CVE-2016-9318
- CVE-2016-9597
- CVE-2017-9047
- CVE-2017-9048
- CVE-2017-9049
- CVE-2017-9050

libgcrypt:

- CVE-2015-7511
- CVE-2016-6313
- CVE-2017-7526

update-alternatives:

- CVE-2015-0860

systemd:

- CVE-2014-9770
- CVE-2015-8842
- CVE-2016-7796

dbus-1:

- CVE-2014-7824
- CVE-2015-0245

Finally, the following packages received non-security fixes:

- augeas
- bzip2
- ca-certificates-mozilla
- coreutils
- cryptsetup
- cyrus-sasl
- dirmngr
- e2fsprogs
- findutils
- gpg2
- insserv-compat
- kmod
- libcap
- libsolv
- libzypp
- lua51
- lvm2
- netcfg
- p11-kit
- permissions
- procps
- rpm
- sed
- sg3_utils
- shadow
- zypper


Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- SUSE Linux Enterprise Module for Containers 12:

zypper in -t patch SUSE-SLE-Module-Containers-12-2017-1673=1

To bring your system up-to-date, use "zypper patch".


Package List:

- SUSE Linux Enterprise Module for Containers 12 (ppc64le s390x x86_64):

sles12sp1-docker-image-1.0.7-20171002


References:

https://www.suse.com/security/cve/CVE-2012-6702.html
https://www.suse.com/security/cve/CVE-2014-0191.html
https://www.suse.com/security/cve/CVE-2014-6271.html
https://www.suse.com/security/cve/CVE-2014-6277.html
https://www.suse.com/security/cve/CVE-2014-6278.html
https://www.suse.com/security/cve/CVE-2014-7169.html
https://www.suse.com/security/cve/CVE-2014-7187.html
https://www.suse.com/security/cve/CVE-2014-7824.html
https://www.suse.com/security/cve/CVE-2014-8964.html
https://www.suse.com/security/cve/CVE-2014-9770.html
https://www.suse.com/security/cve/CVE-2015-0245.html
https://www.suse.com/security/cve/CVE-2015-0860.html
https://www.suse.com/security/cve/CVE-2015-1283.html
https://www.suse.com/security/cve/CVE-2015-2059.html
https://www.suse.com/security/cve/CVE-2015-2325.html
https://www.suse.com/security/cve/CVE-2015-2327.html
https://www.suse.com/security/cve/CVE-2015-2328.html
https://www.suse.com/security/cve/CVE-2015-3210.html
https://www.suse.com/security/cve/CVE-2015-3217.html
https://www.suse.com/security/cve/CVE-2015-3238.html
https://www.suse.com/security/cve/CVE-2015-3622.html
https://www.suse.com/security/cve/CVE-2015-5073.html
https://www.suse.com/security/cve/CVE-2015-5276.html
https://www.suse.com/security/cve/CVE-2015-7511.html
https://www.suse.com/security/cve/CVE-2015-8380.html
https://www.suse.com/security/cve/CVE-2015-8381.html
https://www.suse.com/security/cve/CVE-2015-8382.html
https://www.suse.com/security/cve/CVE-2015-8383.html
https://www.suse.com/security/cve/CVE-2015-8384.html
https://www.suse.com/security/cve/CVE-2015-8385.html
https://www.suse.com/security/cve/CVE-2015-8386.html
https://www.suse.com/security/cve/CVE-2015-8387.html
https://www.suse.com/security/cve/CVE-2015-8388.html
https://www.suse.com/security/cve/CVE-2015-8389.html
https://www.suse.com/security/cve/CVE-2015-8390.html
https://www.suse.com/security/cve/CVE-2015-8391.html
https://www.suse.com/security/cve/CVE-2015-8392.html
https://www.suse.com/security/cve/CVE-2015-8393.html
https://www.suse.com/security/cve/CVE-2015-8394.html
https://www.suse.com/security/cve/CVE-2015-8395.html
https://www.suse.com/security/cve/CVE-2015-8806.html
https://www.suse.com/security/cve/CVE-2015-8842.html
https://www.suse.com/security/cve/CVE-2015-8853.html
https://www.suse.com/security/cve/CVE-2015-8948.html
https://www.suse.com/security/cve/CVE-2016-0634.html
https://www.suse.com/security/cve/CVE-2016-0718.html
https://www.suse.com/security/cve/CVE-2016-0787.html
https://www.suse.com/security/cve/CVE-2016-1234.html
https://www.suse.com/security/cve/CVE-2016-1238.html
https://www.suse.com/security/cve/CVE-2016-1283.html
https://www.suse.com/security/cve/CVE-2016-1762.html
https://www.suse.com/security/cve/CVE-2016-1833.html
https://www.suse.com/security/cve/CVE-2016-1834.html
https://www.suse.com/security/cve/CVE-2016-1835.html
https://www.suse.com/security/cve/CVE-2016-1837.html
https://www.suse.com/security/cve/CVE-2016-1838.html
https://www.suse.com/security/cve/CVE-2016-1839.html
https://www.suse.com/security/cve/CVE-2016-1840.html
https://www.suse.com/security/cve/CVE-2016-2037.html
https://www.suse.com/security/cve/CVE-2016-2073.html
https://www.suse.com/security/cve/CVE-2016-2105.html
https://www.suse.com/security/cve/CVE-2016-2106.html
https://www.suse.com/security/cve/CVE-2016-2107.html
https://www.suse.com/security/cve/CVE-2016-2108.html
https://www.suse.com/security/cve/CVE-2016-2109.html
https://www.suse.com/security/cve/CVE-2016-2177.html
https://www.suse.com/security/cve/CVE-2016-2178.html
https://www.suse.com/security/cve/CVE-2016-2179.html
https://www.suse.com/security/cve/CVE-2016-2180.html
https://www.suse.com/security/cve/CVE-2016-2181.html
https://www.suse.com/security/cve/CVE-2016-2182.html
https://www.suse.com/security/cve/CVE-2016-2183.html
https://www.suse.com/security/cve/CVE-2016-2381.html
https://www.suse.com/security/cve/CVE-2016-3075.html
https://www.suse.com/security/cve/CVE-2016-3191.html
https://www.suse.com/security/cve/CVE-2016-3627.html
https://www.suse.com/security/cve/CVE-2016-3705.html
https://www.suse.com/security/cve/CVE-2016-3706.html
https://www.suse.com/security/cve/CVE-2016-4008.html
https://www.suse.com/security/cve/CVE-2016-4429.html
https://www.suse.com/security/cve/CVE-2016-4447.html
https://www.suse.com/security/cve/CVE-2016-4448.html
https://www.suse.com/security/cve/CVE-2016-4449.html
https://www.suse.com/security/cve/CVE-2016-4483.html
https://www.suse.com/security/cve/CVE-2016-4574.html
https://www.suse.com/security/cve/CVE-2016-4579.html
https://www.suse.com/security/cve/CVE-2016-4658.html
https://www.suse.com/security/cve/CVE-2016-5011.html
https://www.suse.com/security/cve/CVE-2016-5300.html
https://www.suse.com/security/cve/CVE-2016-5419.html
https://www.suse.com/security/cve/CVE-2016-5420.html
https://www.suse.com/security/cve/CVE-2016-5421.html
https://www.suse.com/security/cve/CVE-2016-6185.html
https://www.suse.com/security/cve/CVE-2016-6261.html
https://www.suse.com/security/cve/CVE-2016-6262.html
https://www.suse.com/security/cve/CVE-2016-6263.html
https://www.suse.com/security/cve/CVE-2016-6302.html
https://www.suse.com/security/cve/CVE-2016-6303.html
https://www.suse.com/security/cve/CVE-2016-6304.html
https://www.suse.com/security/cve/CVE-2016-6306.html
https://www.suse.com/security/cve/CVE-2016-6313.html
https://www.suse.com/security/cve/CVE-2016-6318.html
https://www.suse.com/security/cve/CVE-2016-7056.html
https://www.suse.com/security/cve/CVE-2016-7141.html
https://www.suse.com/security/cve/CVE-2016-7167.html
https://www.suse.com/security/cve/CVE-2016-7543.html
https://www.suse.com/security/cve/CVE-2016-7796.html
https://www.suse.com/security/cve/CVE-2016-8610.html
https://www.suse.com/security/cve/CVE-2016-8615.html
https://www.suse.com/security/cve/CVE-2016-8616.html
https://www.suse.com/security/cve/CVE-2016-8617.html
https://www.suse.com/security/cve/CVE-2016-8618.html
https://www.suse.com/security/cve/CVE-2016-8619.html
https://www.suse.com/security/cve/CVE-2016-8620.html
https://www.suse.com/security/cve/CVE-2016-8621.html
https://www.suse.com/security/cve/CVE-2016-8622.html
https://www.suse.com/security/cve/CVE-2016-8623.html
https://www.suse.com/security/cve/CVE-2016-8624.html
https://www.suse.com/security/cve/CVE-2016-9063.html
https://www.suse.com/security/cve/CVE-2016-9318.html
https://www.suse.com/security/cve/CVE-2016-9586.html
https://www.suse.com/security/cve/CVE-2016-9597.html
https://www.suse.com/security/cve/CVE-2016-9840.html
https://www.suse.com/security/cve/CVE-2016-9841.html
https://www.suse.com/security/cve/CVE-2016-9842.html
https://www.suse.com/security/cve/CVE-2016-9843.html
https://www.suse.com/security/cve/CVE-2017-1000100.html
https://www.suse.com/security/cve/CVE-2017-1000101.html
https://www.suse.com/security/cve/CVE-2017-1000366.html
https://www.suse.com/security/cve/CVE-2017-10684.html
https://www.suse.com/security/cve/CVE-2017-10685.html
https://www.suse.com/security/cve/CVE-2017-11112.html
https://www.suse.com/security/cve/CVE-2017-11113.html
https://www.suse.com/security/cve/CVE-2017-2616.html
https://www.suse.com/security/cve/CVE-2017-3731.html
https://www.suse.com/security/cve/CVE-2017-6507.html
https://www.suse.com/security/cve/CVE-2017-7407.html
https://www.suse.com/security/cve/CVE-2017-7526.html
https://www.suse.com/security/cve/CVE-2017-9047.html
https://www.suse.com/security/cve/CVE-2017-9048.html
https://www.suse.com/security/cve/CVE-2017-9049.html
https://www.suse.com/security/cve/CVE-2017-9050.html
https://www.suse.com/security/cve/CVE-2017-9233.html
https://bugzilla.suse.com/1056193
https://bugzilla.suse.com/975726

SUSE-SU-2017:2701-1: important: Security update for SLES 12-SP2 Docker image

SUSE Security Update: Security update for SLES 12-SP2 Docker image
______________________________________________________________________________

Announcement ID: SUSE-SU-2017:2701-1
Rating: important
References: #1056193
Cross-References: CVE-2012-6702 CVE-2015-3238 CVE-2016-10156
CVE-2016-1839 CVE-2016-2037 CVE-2016-4658
CVE-2016-5011 CVE-2016-5300 CVE-2016-7055
CVE-2016-9063 CVE-2016-9318 CVE-2016-9401
CVE-2016-9586 CVE-2016-9597 CVE-2016-9840
CVE-2016-9841 CVE-2016-9842 CVE-2016-9843
CVE-2017-0663 CVE-2017-1000100 CVE-2017-1000101
CVE-2017-1000366 CVE-2017-10684 CVE-2017-10685
CVE-2017-11112 CVE-2017-11113 CVE-2017-2616
CVE-2017-3731 CVE-2017-3732 CVE-2017-5969
CVE-2017-6507 CVE-2017-7375 CVE-2017-7376
CVE-2017-7407 CVE-2017-7435 CVE-2017-7436
CVE-2017-7526 CVE-2017-8872 CVE-2017-9047
CVE-2017-9048 CVE-2017-9049 CVE-2017-9050
CVE-2017-9217 CVE-2017-9233 CVE-2017-9269
CVE-2017-9287 CVE-2017-9445
Affected Products:
SUSE Linux Enterprise Module for Containers 12
______________________________________________________________________________

An update that fixes 47 vulnerabilities is now available.

Description:

The SUSE Linux Enterprise Server 12 SP2 container image has been updated
to include security and stability fixes.

The following issues related to building of the container images have been
fixed:

- Included krb5 package to avoid the inclusion of krb5-mini which gets
selected as a dependency by the Build Service solver. (bsc#1056193)

A number of security issues that have been already fixed by updates
released for SUSE Linux Enterprise Server 12 are now included in the base
image. A package/CVE cross-reference is available below.

bash:

- CVE-2016-9401

expat:

- CVE-2012-6702
- CVE-2016-5300
- CVE-2016-9063
- CVE-2017-9233

curl:

- CVE-2016-9586
- CVE-2017-1000100
- CVE-2017-1000101
- CVE-2017-7407

glibc:

- CVE-2017-1000366

openssl:

- CVE-2017-3731
- CVE-2017-3732
- CVE-2016-7055

pam:

- CVE-2015-3238

apparmor:

- CVE-2017-6507

ncurses:

- CVE-2017-10684
- CVE-2017-10685
- CVE-2017-11112
- CVE-2017-11113

libgcrypt:

- CVE-2017-7526

libxml2:

- CVE-2016-1839
- CVE-2016-4658
- CVE-2016-9318
- CVE-2016-9597
- CVE-2017-0663
- CVE-2017-5969
- CVE-2017-7375
- CVE-2017-7376
- CVE-2017-8872
- CVE-2017-9047
- CVE-2017-9048
- CVE-2017-9049
- CVE-2017-9050

libzypp:

- CVE-2017-9269
- CVE-2017-7435
- CVE-2017-7436

openldap2:

- CVE-2017-9287

systemd:

- CVE-2016-10156
- CVE-2017-9217
- CVE-2017-9445

util-linux:

- CVE-2016-5011
- CVE-2017-2616

zlib:

- CVE-2016-9840
- CVE-2016-9841
- CVE-2016-9842
- CVE-2016-9843

zypper:

- CVE-2017-7436

Finally, the following packages received non-security fixes:

- binutils
- cpio
- cryptsetup
- cyrus-sasl
- dbus-1
- dirmngr
- e2fsprogs
- gpg2
- insserv-compat
- kmod
- libsolv
- libsemanage
- lvm2
- lua51
- netcfg
- procps
- sed
- sg3_utils
- shadow


Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- SUSE Linux Enterprise Module for Containers 12:

zypper in -t patch SUSE-SLE-Module-Containers-12-2017-1674=1

To bring your system up-to-date, use "zypper patch".


Package List:

- SUSE Linux Enterprise Module for Containers 12 (ppc64le s390x x86_64):

sles12sp2-docker-image-1.0.2-20171006


References:

https://www.suse.com/security/cve/CVE-2012-6702.html
https://www.suse.com/security/cve/CVE-2015-3238.html
https://www.suse.com/security/cve/CVE-2016-10156.html
https://www.suse.com/security/cve/CVE-2016-1839.html
https://www.suse.com/security/cve/CVE-2016-2037.html
https://www.suse.com/security/cve/CVE-2016-4658.html
https://www.suse.com/security/cve/CVE-2016-5011.html
https://www.suse.com/security/cve/CVE-2016-5300.html
https://www.suse.com/security/cve/CVE-2016-7055.html
https://www.suse.com/security/cve/CVE-2016-9063.html
https://www.suse.com/security/cve/CVE-2016-9318.html
https://www.suse.com/security/cve/CVE-2016-9401.html
https://www.suse.com/security/cve/CVE-2016-9586.html
https://www.suse.com/security/cve/CVE-2016-9597.html
https://www.suse.com/security/cve/CVE-2016-9840.html
https://www.suse.com/security/cve/CVE-2016-9841.html
https://www.suse.com/security/cve/CVE-2016-9842.html
https://www.suse.com/security/cve/CVE-2016-9843.html
https://www.suse.com/security/cve/CVE-2017-0663.html
https://www.suse.com/security/cve/CVE-2017-1000100.html
https://www.suse.com/security/cve/CVE-2017-1000101.html
https://www.suse.com/security/cve/CVE-2017-1000366.html
https://www.suse.com/security/cve/CVE-2017-10684.html
https://www.suse.com/security/cve/CVE-2017-10685.html
https://www.suse.com/security/cve/CVE-2017-11112.html
https://www.suse.com/security/cve/CVE-2017-11113.html
https://www.suse.com/security/cve/CVE-2017-2616.html
https://www.suse.com/security/cve/CVE-2017-3731.html
https://www.suse.com/security/cve/CVE-2017-3732.html
https://www.suse.com/security/cve/CVE-2017-5969.html
https://www.suse.com/security/cve/CVE-2017-6507.html
https://www.suse.com/security/cve/CVE-2017-7375.html
https://www.suse.com/security/cve/CVE-2017-7376.html
https://www.suse.com/security/cve/CVE-2017-7407.html
https://www.suse.com/security/cve/CVE-2017-7435.html
https://www.suse.com/security/cve/CVE-2017-7436.html
https://www.suse.com/security/cve/CVE-2017-7526.html
https://www.suse.com/security/cve/CVE-2017-8872.html
https://www.suse.com/security/cve/CVE-2017-9047.html
https://www.suse.com/security/cve/CVE-2017-9048.html
https://www.suse.com/security/cve/CVE-2017-9049.html
https://www.suse.com/security/cve/CVE-2017-9050.html
https://www.suse.com/security/cve/CVE-2017-9217.html
https://www.suse.com/security/cve/CVE-2017-9233.html
https://www.suse.com/security/cve/CVE-2017-9269.html
https://www.suse.com/security/cve/CVE-2017-9287.html
https://www.suse.com/security/cve/CVE-2017-9445.html
https://bugzilla.suse.com/1056193