SUSE: 2021:559-1 suse/sle15 Security Update
Summary
Advisory ID: SUSE-SU-2021:3830-1 Released: Wed Dec 1 13:45:46 2021 Summary: Security update for glibc Type: security Severity: moderate Advisory ID: SUSE-RU-2021:3870-1 Released: Thu Dec 2 07:11:50 2021 Summary: Recommended update for libzypp, zypper Type: recommended Severity: moderate Advisory ID: SUSE-RU-2021:3872-1 Released: Thu Dec 2 07:25:55 2021 Summary: Recommended update for cracklib Type: recommended Severity: moderate
References
References : 1027496 1183085 1190356 1191286 1191324 1191370 1191609 1191736
1192337 1192436 CVE-2016-10228
1027496,1183085,CVE-2016-10228
This update for glibc fixes the following issues:
- libio: do not attempt to free wide buffers of legacy streams (bsc#1183085)
- CVE-2016-10228: Rewrite iconv option parsing to fix security issue (bsc#1027496)
1190356,1191286,1191324,1191370,1191609,1192337,1192436
This update for libzypp, zypper fixes the following issues:
libzypp:
- Check log writer before accessing it (bsc#1192337)
- Zypper should keep cached files if transaction is aborted (bsc#1190356)
- Require a minimum number of mirrors for multicurl (bsc#1191609)
- Fixed slowdowns when rlimit is too high by using procfs to detect niumber of
open file descriptors (bsc#1191324)
- Fixed zypper incomplete messages when using non English localization (bsc#1191370)
- RepoManager: Don't probe for plaindir repository if the URL schema is a plugin (bsc#1191286)
- Disable logger in the child process after fork (bsc#1192436)
zypper:
- Fixed Zypper removing a kernel explicitely pinned that uses uname -r output format as name (openSUSE/zypper#418)
1191736
This update for cracklib fixes the following issues:
- Enable build time tests (bsc#1191736)
The following package changes have been done:
- cracklib-dict-small-2.9.7-11.6.1 updated
- cracklib-2.9.7-11.6.1 updated
- glibc-2.26-13.62.1 updated
- libcrack2-2.9.7-11.6.1 updated
- libzypp-17.28.8-20.1 updated
- zypper-1.14.50-21.1 updated