ESB-2017.2550 - [SUSE] SLES: Multiple vulnerabilities 2017-10-11

Printable version
PGP/GPG verifiable version

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2017.2550
      SUSE Security Update: Security update for SLES 12 Docker image
                              11 October 2017

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:          SLES
Publisher:        SUSE
Operating System: SUSE
Impact/Access:    Execute Arbitrary Code/Commands -- Remote/Unauthenticated
                  Root Compromise                 -- Existing Account      
                  Increased Privileges            -- Remote/Unauthenticated
                  Access Privileged Data          -- Remote/Unauthenticated
                  Modify Arbitrary Files          -- Remote/Unauthenticated
                  Denial of Service               -- Remote/Unauthenticated
                  Provide Misleading Information  -- Remote/Unauthenticated
                  Access Confidential Data        -- Remote/Unauthenticated
                  Reduced Security                -- Remote/Unauthenticated
Resolution:       Patch/Upgrade
CVE Names:        CVE-2017-1000366 CVE-2017-1000101 CVE-2017-1000100
                  CVE-2017-11113 CVE-2017-11112 CVE-2017-10685
                  CVE-2017-10684 CVE-2017-9233 CVE-2017-9050
                  CVE-2017-9049 CVE-2017-9048 CVE-2017-9047
                  CVE-2017-7526 CVE-2017-7407 CVE-2017-6507
                  CVE-2017-2616 CVE-2016-9843 CVE-2016-9842
                  CVE-2016-9841 CVE-2016-9840 CVE-2016-9597
                  CVE-2016-9586 CVE-2016-9318 CVE-2016-9063
                  CVE-2016-8624 CVE-2016-8623 CVE-2016-8622
                  CVE-2016-8621 CVE-2016-8620 CVE-2016-8619
                  CVE-2016-8618 CVE-2016-8617 CVE-2016-8616
                  CVE-2016-8615 CVE-2016-7796 CVE-2016-7543
                  CVE-2016-7167 CVE-2016-7141 CVE-2016-6318
                  CVE-2016-6313 CVE-2016-6306 CVE-2016-6304
                  CVE-2016-6303 CVE-2016-6302 CVE-2016-6263
                  CVE-2016-6262 CVE-2016-6261 CVE-2016-6185
                  CVE-2016-5421 CVE-2016-5420 CVE-2016-5419
                  CVE-2016-5300 CVE-2016-5011 CVE-2016-4658
                  CVE-2016-4579 CVE-2016-4574 CVE-2016-4483
                  CVE-2016-4449 CVE-2016-4448 CVE-2016-4447
                  CVE-2016-4429 CVE-2016-4008 CVE-2016-3706
                  CVE-2016-3705 CVE-2016-3627 CVE-2016-3191
                  CVE-2016-3075 CVE-2016-2381 CVE-2016-2183
                  CVE-2016-2182 CVE-2016-2181 CVE-2016-2180
                  CVE-2016-2179 CVE-2016-2178 CVE-2016-2177
                  CVE-2016-2109 CVE-2016-2108 CVE-2016-2107
                  CVE-2016-2106 CVE-2016-2105 CVE-2016-2073
                  CVE-2016-2037 CVE-2016-1840 CVE-2016-1839
                  CVE-2016-1838 CVE-2016-1837 CVE-2016-1835
                  CVE-2016-1834 CVE-2016-1833 CVE-2016-1762
                  CVE-2016-1283 CVE-2016-1238 CVE-2016-1234
                  CVE-2016-0787 CVE-2016-0718 CVE-2016-0634
                  CVE-2015-8948 CVE-2015-8853 CVE-2015-8842
                  CVE-2015-8806 CVE-2015-8395 CVE-2015-8394
                  CVE-2015-8393 CVE-2015-8392 CVE-2015-8391
                  CVE-2015-8390 CVE-2015-8389 CVE-2015-8388
                  CVE-2015-8387 CVE-2015-8386 CVE-2015-8385
                  CVE-2015-8384 CVE-2015-8383 CVE-2015-8382
                  CVE-2015-8381 CVE-2015-8380 CVE-2015-7511
                  CVE-2015-5276 CVE-2015-5218 CVE-2015-5073
                  CVE-2015-3622 CVE-2015-3238 CVE-2015-3217
                  CVE-2015-3210 CVE-2015-2328 CVE-2015-2327
                  CVE-2015-2325 CVE-2015-2059 CVE-2015-1283
                  CVE-2015-0245 CVE-2014-9770 CVE-2014-8964
                  CVE-2014-7824 CVE-2014-7187 CVE-2014-7169
                  CVE-2014-6278 CVE-2014-6277 CVE-2014-6271
                  CVE-2014-0191 CVE-2012-6702 

Reference:        ASB-2017.0115
                  ASB-2017.0107
                  ESB-2017.2542
                  ESB-2017.2531

Comment: This bulletin contains three (3) SUSE security advisories.

- --------------------------BEGIN INCLUDED TEXT--------------------

   SUSE Security Update: Security update for SLES 12 Docker image
______________________________________________________________________________

Announcement ID:    SUSE-SU-2017:2699-1
Rating:             important
References:         #1056193 #975726 
Cross-References:   CVE-2012-6702 CVE-2014-0191 CVE-2014-6271
                    CVE-2014-6277 CVE-2014-6278 CVE-2014-7169
                    CVE-2014-7187 CVE-2014-7824 CVE-2014-8964
                    CVE-2014-9770 CVE-2015-0245 CVE-2015-1283
                    CVE-2015-2059 CVE-2015-2325 CVE-2015-2327
                    CVE-2015-2328 CVE-2015-3210 CVE-2015-3217
                    CVE-2015-3238 CVE-2015-3622 CVE-2015-5073
                    CVE-2015-5218 CVE-2015-5276 CVE-2015-7511
                    CVE-2015-8380 CVE-2015-8381 CVE-2015-8382
                    CVE-2015-8383 CVE-2015-8384 CVE-2015-8385
                    CVE-2015-8386 CVE-2015-8387 CVE-2015-8388
                    CVE-2015-8389 CVE-2015-8390 CVE-2015-8391
                    CVE-2015-8392 CVE-2015-8393 CVE-2015-8394
                    CVE-2015-8395 CVE-2015-8806 CVE-2015-8842
                    CVE-2015-8853 CVE-2015-8948 CVE-2016-0634
                    CVE-2016-0718 CVE-2016-0787 CVE-2016-1234
                    CVE-2016-1238 CVE-2016-1283 CVE-2016-1762
                    CVE-2016-1833 CVE-2016-1834 CVE-2016-1835
                    CVE-2016-1837 CVE-2016-1838 CVE-2016-1839
                    CVE-2016-1840 CVE-2016-2037 CVE-2016-2073
                    CVE-2016-2105 CVE-2016-2106 CVE-2016-2107
                    CVE-2016-2108 CVE-2016-2109 CVE-2016-2177
                    CVE-2016-2178 CVE-2016-2179 CVE-2016-2180
                    CVE-2016-2181 CVE-2016-2182 CVE-2016-2183
                    CVE-2016-2381 CVE-2016-3075 CVE-2016-3191
                    CVE-2016-3627 CVE-2016-3705 CVE-2016-3706
                    CVE-2016-4008 CVE-2016-4429 CVE-2016-4447
                    CVE-2016-4448 CVE-2016-4449 CVE-2016-4483
                    CVE-2016-4574 CVE-2016-4579 CVE-2016-4658
                    CVE-2016-5011 CVE-2016-5300 CVE-2016-5419
                    CVE-2016-5420 CVE-2016-5421 CVE-2016-6185
                    CVE-2016-6261 CVE-2016-6262 CVE-2016-6263
                    CVE-2016-6302 CVE-2016-6303 CVE-2016-6304
                    CVE-2016-6306 CVE-2016-6313 CVE-2016-6318
                    CVE-2016-7141 CVE-2016-7167 CVE-2016-7543
                    CVE-2016-7796 CVE-2016-8615 CVE-2016-8616
                    CVE-2016-8617 CVE-2016-8618 CVE-2016-8619
                    CVE-2016-8620 CVE-2016-8621 CVE-2016-8622
                    CVE-2016-8623 CVE-2016-8624 CVE-2016-9063
                    CVE-2016-9318 CVE-2016-9586 CVE-2016-9597
                    CVE-2016-9840 CVE-2016-9841 CVE-2016-9842
                    CVE-2016-9843 CVE-2017-1000100 CVE-2017-1000101
                    CVE-2017-1000366 CVE-2017-10684 CVE-2017-10685
                    CVE-2017-11112 CVE-2017-11113 CVE-2017-2616
                    CVE-2017-6507 CVE-2017-7407 CVE-2017-7526
                    CVE-2017-9047 CVE-2017-9048 CVE-2017-9049
                    CVE-2017-9050 CVE-2017-9233
Affected Products:
                    SUSE Linux Enterprise Module for Containers 12
______________________________________________________________________________

   An update that fixes 140 vulnerabilities is now available.

Description:

   The SUSE Linux Enterprise Server 12 container image has been updated to
   include security and stability fixes.

   The following issues related to building of the container images have been
   fixed:

   - Included krb5 package to avoid the inclusion of krb5-mini which gets
     selected as a dependency by the Build Service solver. (bsc#1056193)
   - Do not install recommended packages when building container images.
     (bsc#975726)

   A number of security issues that have been already fixed by updates
   released for SUSE Linux Enterprise Server 12 are now included in the base
   image. A package/CVE cross-reference is available below.

   pam:

   - CVE-2015-3238

   libtasn1:

   - CVE-2015-3622
   - CVE-2016-4008

   libidn:

   - CVE-2015-2059
   - CVE-2015-8948
   - CVE-2016-6261
   - CVE-2016-6262
   - CVE-2016-6263

   zlib:

   - CVE-2016-9840
   - CVE-2016-9841
   - CVE-2016-9842
   - CVE-2016-9843

   curl:

   - CVE-2016-5419
   - CVE-2016-5420
   - CVE-2016-5421
   - CVE-2016-7141
   - CVE-2016-7167
   - CVE-2016-8615
   - CVE-2016-8616
   - CVE-2016-8617
   - CVE-2016-8618
   - CVE-2016-8619
   - CVE-2016-8620
   - CVE-2016-8621
   - CVE-2016-8622
   - CVE-2016-8623
   - CVE-2016-8624
   - CVE-2016-9586
   - CVE-2017-1000100
   - CVE-2017-1000101
   - CVE-2017-7407

   openssl:

   - CVE-2016-2105
   - CVE-2016-2106
   - CVE-2016-2107
   - CVE-2016-2108
   - CVE-2016-2109
   - CVE-2016-2177
   - CVE-2016-2178
   - CVE-2016-2179
   - CVE-2016-2180
   - CVE-2016-2181
   - CVE-2016-2182
   - CVE-2016-2183
   - CVE-2016-6302
   - CVE-2016-6303
   - CVE-2016-6304
   - CVE-2016-6306

   libxml2:

   - CVE-2014-0191
   - CVE-2015-8806
   - CVE-2016-1762
   - CVE-2016-1833
   - CVE-2016-1834
   - CVE-2016-1835
   - CVE-2016-1837
   - CVE-2016-1838
   - CVE-2016-1839
   - CVE-2016-1840
   - CVE-2016-2073
   - CVE-2016-3627
   - CVE-2016-3705
   - CVE-2016-4447
   - CVE-2016-4448
   - CVE-2016-4449
   - CVE-2016-4483
   - CVE-2016-4658
   - CVE-2016-9318
   - CVE-2016-9597
   - CVE-2017-9047
   - CVE-2017-9048
   - CVE-2017-9049
   - CVE-2017-9050

   util-linux:

   - CVE-2015-5218
   - CVE-2016-5011
   - CVE-2017-2616

   cracklib:

   - CVE-2016-6318

   systemd:

   - CVE-2014-9770
   - CVE-2015-8842
   - CVE-2016-7796

   pcre:

   - CVE-2014-8964
   - CVE-2015-2325
   - CVE-2015-2327
   - CVE-2015-2328
   - CVE-2015-3210
   - CVE-2015-3217
   - CVE-2015-5073
   - CVE-2015-8380
   - CVE-2015-8381
   - CVE-2015-8382
   - CVE-2015-8383
   - CVE-2015-8384
   - CVE-2015-8385
   - CVE-2015-8386
   - CVE-2015-8387
   - CVE-2015-8388
   - CVE-2015-8389
   - CVE-2015-8390
   - CVE-2015-8391
   - CVE-2015-8392
   - CVE-2015-8393
   - CVE-2015-8394
   - CVE-2015-8395
   - CVE-2016-1283
   - CVE-2016-3191

   appamor:

   - CVE-2017-6507

   bash:

   - CVE-2014-6277
   - CVE-2014-6278
   - CVE-2016-0634
   - CVE-2016-7543

   cpio:

   - CVE-2016-2037

   glibc:

   - CVE-2016-1234
   - CVE-2016-3075
   - CVE-2016-3706
   - CVE-2016-4429
   - CVE-2017-1000366

   perl:

   - CVE-2015-8853
   - CVE-2016-1238
   - CVE-2016-2381
   - CVE-2016-6185

   libssh2_org:

   - CVE-2016-0787

   expat:

   - CVE-2012-6702
   - CVE-2015-1283
   - CVE-2016-0718
   - CVE-2016-5300
   - CVE-2016-9063
   - CVE-2017-9233

   ncurses:

   - CVE-2017-10684
   - CVE-2017-10685
   - CVE-2017-11112
   - CVE-2017-11113

   libksba:

   - CVE-2016-4574
   - CVE-2016-4579

   libgcrypt:

   - CVE-2015-7511
   - CVE-2016-6313
   - CVE-2017-7526

   dbus-1:

   - CVE-2014-7824
   - CVE-2015-0245

   Finally, the following packages received non-security fixes:

   - augeas
   - bzip2
   - ca-certificates-mozilla
   - coreutils
   - cryptsetup
   - cyrus-sasl
   - dirmngr
   - e2fsprogs
   - findutils
   - gpg2
   - insserv-compat
   - kmod
   - libcap
   - libsolv
   - libzypp
   - openldap2
   - p11-kit
   - permissions
   - procps
   - rpm
   - sed
   - shadow
   - zypper


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Module for Containers 12:

      zypper in -t patch SUSE-SLE-Module-Containers-12-2017-1672=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Module for Containers 12 (ppc64le s390x x86_64):

      sles12-docker-image-1.1.4-20171002


References:

   https://www.suse.com/security/cve/CVE-2012-6702.html
   https://www.suse.com/security/cve/CVE-2014-0191.html
   https://www.suse.com/security/cve/CVE-2014-6271.html
   https://www.suse.com/security/cve/CVE-2014-6277.html
   https://www.suse.com/security/cve/CVE-2014-6278.html
   https://www.suse.com/security/cve/CVE-2014-7169.html
   https://www.suse.com/security/cve/CVE-2014-7187.html
   https://www.suse.com/security/cve/CVE-2014-7824.html
   https://www.suse.com/security/cve/CVE-2014-8964.html
   https://www.suse.com/security/cve/CVE-2014-9770.html
   https://www.suse.com/security/cve/CVE-2015-0245.html
   https://www.suse.com/security/cve/CVE-2015-1283.html
   https://www.suse.com/security/cve/CVE-2015-2059.html
   https://www.suse.com/security/cve/CVE-2015-2325.html
   https://www.suse.com/security/cve/CVE-2015-2327.html
   https://www.suse.com/security/cve/CVE-2015-2328.html
   https://www.suse.com/security/cve/CVE-2015-3210.html
   https://www.suse.com/security/cve/CVE-2015-3217.html
   https://www.suse.com/security/cve/CVE-2015-3238.html
   https://www.suse.com/security/cve/CVE-2015-3622.html
   https://www.suse.com/security/cve/CVE-2015-5073.html
   https://www.suse.com/security/cve/CVE-2015-5218.html
   https://www.suse.com/security/cve/CVE-2015-5276.html
   https://www.suse.com/security/cve/CVE-2015-7511.html
   https://www.suse.com/security/cve/CVE-2015-8380.html
   https://www.suse.com/security/cve/CVE-2015-8381.html
   https://www.suse.com/security/cve/CVE-2015-8382.html
   https://www.suse.com/security/cve/CVE-2015-8383.html
   https://www.suse.com/security/cve/CVE-2015-8384.html
   https://www.suse.com/security/cve/CVE-2015-8385.html
   https://www.suse.com/security/cve/CVE-2015-8386.html
   https://www.suse.com/security/cve/CVE-2015-8387.html
   https://www.suse.com/security/cve/CVE-2015-8388.html
   https://www.suse.com/security/cve/CVE-2015-8389.html
   https://www.suse.com/security/cve/CVE-2015-8390.html
   https://www.suse.com/security/cve/CVE-2015-8391.html
   https://www.suse.com/security/cve/CVE-2015-8392.html
   https://www.suse.com/security/cve/CVE-2015-8393.html
   https://www.suse.com/security/cve/CVE-2015-8394.html
   https://www.suse.com/security/cve/CVE-2015-8395.html
   https://www.suse.com/security/cve/CVE-2015-8806.html
   https://www.suse.com/security/cve/CVE-2015-8842.html
   https://www.suse.com/security/cve/CVE-2015-8853.html
   https://www.suse.com/security/cve/CVE-2015-8948.html
   https://www.suse.com/security/cve/CVE-2016-0634.html
   https://www.suse.com/security/cve/CVE-2016-0718.html
   https://www.suse.com/security/cve/CVE-2016-0787.html
   https://www.suse.com/security/cve/CVE-2016-1234.html
   https://www.suse.com/security/cve/CVE-2016-1238.html
   https://www.suse.com/security/cve/CVE-2016-1283.html
   https://www.suse.com/security/cve/CVE-2016-1762.html
   https://www.suse.com/security/cve/CVE-2016-1833.html
   https://www.suse.com/security/cve/CVE-2016-1834.html
   https://www.suse.com/security/cve/CVE-2016-1835.html
   https://www.suse.com/security/cve/CVE-2016-1837.html
   https://www.suse.com/security/cve/CVE-2016-1838.html
   https://www.suse.com/security/cve/CVE-2016-1839.html
   https://www.suse.com/security/cve/CVE-2016-1840.html
   https://www.suse.com/security/cve/CVE-2016-2037.html
   https://www.suse.com/security/cve/CVE-2016-2073.html
   https://www.suse.com/security/cve/CVE-2016-2105.html
   https://www.suse.com/security/cve/CVE-2016-2106.html
   https://www.suse.com/security/cve/CVE-2016-2107.html
   https://www.suse.com/security/cve/CVE-2016-2108.html
   https://www.suse.com/security/cve/CVE-2016-2109.html
   https://www.suse.com/security/cve/CVE-2016-2177.html
   https://www.suse.com/security/cve/CVE-2016-2178.html
   https://www.suse.com/security/cve/CVE-2016-2179.html
   https://www.suse.com/security/cve/CVE-2016-2180.html
   https://www.suse.com/security/cve/CVE-2016-2181.html
   https://www.suse.com/security/cve/CVE-2016-2182.html
   https://www.suse.com/security/cve/CVE-2016-2183.html
   https://www.suse.com/security/cve/CVE-2016-2381.html
   https://www.suse.com/security/cve/CVE-2016-3075.html
   https://www.suse.com/security/cve/CVE-2016-3191.html
   https://www.suse.com/security/cve/CVE-2016-3627.html
   https://www.suse.com/security/cve/CVE-2016-3705.html
   https://www.suse.com/security/cve/CVE-2016-3706.html
   https://www.suse.com/security/cve/CVE-2016-4008.html
   https://www.suse.com/security/cve/CVE-2016-4429.html
   https://www.suse.com/security/cve/CVE-2016-4447.html
   https://www.suse.com/security/cve/CVE-2016-4448.html
   https://www.suse.com/security/cve/CVE-2016-4449.html
   https://www.suse.com/security/cve/CVE-2016-4483.html
   https://www.suse.com/security/cve/CVE-2016-4574.html
   https://www.suse.com/security/cve/CVE-2016-4579.html
   https://www.suse.com/security/cve/CVE-2016-4658.html
   https://www.suse.com/security/cve/CVE-2016-5011.html
   https://www.suse.com/security/cve/CVE-2016-5300.html
   https://www.suse.com/security/cve/CVE-2016-5419.html
   https://www.suse.com/security/cve/CVE-2016-5420.html
   https://www.suse.com/security/cve/CVE-2016-5421.html
   https://www.suse.com/security/cve/CVE-2016-6185.html
   https://www.suse.com/security/cve/CVE-2016-6261.html
   https://www.suse.com/security/cve/CVE-2016-6262.html
   https://www.suse.com/security/cve/CVE-2016-6263.html
   https://www.suse.com/security/cve/CVE-2016-6302.html
   https://www.suse.com/security/cve/CVE-2016-6303.html
   https://www.suse.com/security/cve/CVE-2016-6304.html
   https://www.suse.com/security/cve/CVE-2016-6306.html
   https://www.suse.com/security/cve/CVE-2016-6313.html
   https://www.suse.com/security/cve/CVE-2016-6318.html
   https://www.suse.com/security/cve/CVE-2016-7141.html
   https://www.suse.com/security/cve/CVE-2016-7167.html
   https://www.suse.com/security/cve/CVE-2016-7543.html
   https://www.suse.com/security/cve/CVE-2016-7796.html
   https://www.suse.com/security/cve/CVE-2016-8615.html
   https://www.suse.com/security/cve/CVE-2016-8616.html
   https://www.suse.com/security/cve/CVE-2016-8617.html
   https://www.suse.com/security/cve/CVE-2016-8618.html
   https://www.suse.com/security/cve/CVE-2016-8619.html
   https://www.suse.com/security/cve/CVE-2016-8620.html
   https://www.suse.com/security/cve/CVE-2016-8621.html
   https://www.suse.com/security/cve/CVE-2016-8622.html
   https://www.suse.com/security/cve/CVE-2016-8623.html
   https://www.suse.com/security/cve/CVE-2016-8624.html
   https://www.suse.com/security/cve/CVE-2016-9063.html
   https://www.suse.com/security/cve/CVE-2016-9318.html
   https://www.suse.com/security/cve/CVE-2016-9586.html
   https://www.suse.com/security/cve/CVE-2016-9597.html
   https://www.suse.com/security/cve/CVE-2016-9840.html
   https://www.suse.com/security/cve/CVE-2016-9841.html
   https://www.suse.com/security/cve/CVE-2016-9842.html
   https://www.suse.com/security/cve/CVE-2016-9843.html
   https://www.suse.com/security/cve/CVE-2017-1000100.html
   https://www.suse.com/security/cve/CVE-2017-1000101.html
   https://www.suse.com/security/cve/CVE-2017-1000366.html
   https://www.suse.com/security/cve/CVE-2017-10684.html
   https://www.suse.com/security/cve/CVE-2017-10685.html
   https://www.suse.com/security/cve/CVE-2017-11112.html
   https://www.suse.com/security/cve/CVE-2017-11113.html
   https://www.suse.com/security/cve/CVE-2017-2616.html
   https://www.suse.com/security/cve/CVE-2017-6507.html
   https://www.suse.com/security/cve/CVE-2017-7407.html
   https://www.suse.com/security/cve/CVE-2017-7526.html
   https://www.suse.com/security/cve/CVE-2017-9047.html
   https://www.suse.com/security/cve/CVE-2017-9048.html
   https://www.suse.com/security/cve/CVE-2017-9049.html
   https://www.suse.com/security/cve/CVE-2017-9050.html
   https://www.suse.com/security/cve/CVE-2017-9233.html
   https://bugzilla.suse.com/1056193
   https://bugzilla.suse.com/975726

================================================

   SUSE Security Update: Security update for SLES 12-SP1 Docker image
______________________________________________________________________________

Announcement ID:    SUSE-SU-2017:2700-1
Rating:             important
References:         #1056193 #975726 
Cross-References:   CVE-2012-6702 CVE-2014-0191 CVE-2014-6271
                    CVE-2014-6277 CVE-2014-6278 CVE-2014-7169
                    CVE-2014-7187 CVE-2014-7824 CVE-2014-8964
                    CVE-2014-9770 CVE-2015-0245 CVE-2015-0860
                    CVE-2015-1283 CVE-2015-2059 CVE-2015-2325
                    CVE-2015-2327 CVE-2015-2328 CVE-2015-3210
                    CVE-2015-3217 CVE-2015-3238 CVE-2015-3622
                    CVE-2015-5073 CVE-2015-5276 CVE-2015-7511
                    CVE-2015-8380 CVE-2015-8381 CVE-2015-8382
                    CVE-2015-8383 CVE-2015-8384 CVE-2015-8385
                    CVE-2015-8386 CVE-2015-8387 CVE-2015-8388
                    CVE-2015-8389 CVE-2015-8390 CVE-2015-8391
                    CVE-2015-8392 CVE-2015-8393 CVE-2015-8394
                    CVE-2015-8395 CVE-2015-8806 CVE-2015-8842
                    CVE-2015-8853 CVE-2015-8948 CVE-2016-0634
                    CVE-2016-0718 CVE-2016-0787 CVE-2016-1234
                    CVE-2016-1238 CVE-2016-1283 CVE-2016-1762
                    CVE-2016-1833 CVE-2016-1834 CVE-2016-1835
                    CVE-2016-1837 CVE-2016-1838 CVE-2016-1839
                    CVE-2016-1840 CVE-2016-2037 CVE-2016-2073
                    CVE-2016-2105 CVE-2016-2106 CVE-2016-2107
                    CVE-2016-2108 CVE-2016-2109 CVE-2016-2177
                    CVE-2016-2178 CVE-2016-2179 CVE-2016-2180
                    CVE-2016-2181 CVE-2016-2182 CVE-2016-2183
                    CVE-2016-2381 CVE-2016-3075 CVE-2016-3191
                    CVE-2016-3627 CVE-2016-3705 CVE-2016-3706
                    CVE-2016-4008 CVE-2016-4429 CVE-2016-4447
                    CVE-2016-4448 CVE-2016-4449 CVE-2016-4483
                    CVE-2016-4574 CVE-2016-4579 CVE-2016-4658
                    CVE-2016-5011 CVE-2016-5300 CVE-2016-5419
                    CVE-2016-5420 CVE-2016-5421 CVE-2016-6185
                    CVE-2016-6261 CVE-2016-6262 CVE-2016-6263
                    CVE-2016-6302 CVE-2016-6303 CVE-2016-6304
                    CVE-2016-6306 CVE-2016-6313 CVE-2016-6318
                    CVE-2016-7056 CVE-2016-7141 CVE-2016-7167
                    CVE-2016-7543 CVE-2016-7796 CVE-2016-8610
                    CVE-2016-8615 CVE-2016-8616 CVE-2016-8617
                    CVE-2016-8618 CVE-2016-8619 CVE-2016-8620
                    CVE-2016-8621 CVE-2016-8622 CVE-2016-8623
                    CVE-2016-8624 CVE-2016-9063 CVE-2016-9318
                    CVE-2016-9586 CVE-2016-9597 CVE-2016-9840
                    CVE-2016-9841 CVE-2016-9842 CVE-2016-9843
                    CVE-2017-1000100 CVE-2017-1000101 CVE-2017-1000366
                    CVE-2017-10684 CVE-2017-10685 CVE-2017-11112
                    CVE-2017-11113 CVE-2017-2616 CVE-2017-3731
                    CVE-2017-6507 CVE-2017-7407 CVE-2017-7526
                    CVE-2017-9047 CVE-2017-9048 CVE-2017-9049
                    CVE-2017-9050 CVE-2017-9233
Affected Products:
                    SUSE Linux Enterprise Module for Containers 12
______________________________________________________________________________

   An update that fixes 143 vulnerabilities is now available.

Description:

   The SUSE Linux Enterprise Server 12 SP1 container image has been updated
   to include security and stability fixes.

   The following issues related to building of the container images have been
   fixed:

   - Included krb5 package to avoid the inclusion of krb5-mini which gets
     selected as a dependency by the Build Service solver. (bsc#1056193)
   - Do not install recommended packages when building container images.
     (bsc#975726)

   A number of security issues that have been already fixed by updates
   released for SUSE Linux Enterprise Server 12 SP1 are now included in the
   base image. A package/CVE cross-reference is available below.

   pam:

   - CVE-2015-3238

   libtasn1:

   - CVE-2015-3622
   - CVE-2016-4008

   expat:

   expat:

   - CVE-2012-6702
   - CVE-2015-1283
   - CVE-2016-0718
   - CVE-2016-5300
   - CVE-2016-9063
   - CVE-2017-9233

   libidn:

   - CVE-2015-2059
   - CVE-2015-8948
   - CVE-2016-6261
   - CVE-2016-6262
   - CVE-2016-6263


   zlib:

   - CVE-2016-9840
   - CVE-2016-9841
   - CVE-2016-9842
   - CVE-2016-9843

   curl:

   - CVE-2016-5419
   - CVE-2016-5420
   - CVE-2016-5421
   - CVE-2016-7141
   - CVE-2016-7167
   - CVE-2016-8615
   - CVE-2016-8616
   - CVE-2016-8617
   - CVE-2016-8618
   - CVE-2016-8619
   - CVE-2016-8620
   - CVE-2016-8621
   - CVE-2016-8622
   - CVE-2016-8623
   - CVE-2016-8624
   - CVE-2016-9586
   - CVE-2017-1000100
   - CVE-2017-1000101
   - CVE-2017-7407

   openssl:

   - CVE-2016-2105
   - CVE-2016-2106
   - CVE-2016-2107
   - CVE-2016-2108
   - CVE-2016-2109
   - CVE-2016-2177
   - CVE-2016-2178
   - CVE-2016-2179
   - CVE-2016-2180
   - CVE-2016-2181
   - CVE-2016-2182
   - CVE-2016-2183
   - CVE-2016-6302
   - CVE-2016-6303
   - CVE-2016-6304
   - CVE-2016-6306
   - CVE-2016-7056
   - CVE-2016-8610
   - CVE-2017-3731

   cracklib:

   - CVE-2016-6318

   pcre:

   - CVE-2014-8964
   - CVE-2015-2325
   - CVE-2015-2327
   - CVE-2015-2328
   - CVE-2015-3210
   - CVE-2015-3217
   - CVE-2015-5073
   - CVE-2015-8380
   - CVE-2015-8381
   - CVE-2015-8382
   - CVE-2015-8383
   - CVE-2015-8384
   - CVE-2015-8385
   - CVE-2015-8386
   - CVE-2015-8387
   - CVE-2015-8388
   - CVE-2015-8389
   - CVE-2015-8390
   - CVE-2015-8391
   - CVE-2015-8392
   - CVE-2015-8393
   - CVE-2015-8394
   - CVE-2015-8395
   - CVE-2016-1283
   - CVE-2016-3191

   appamor:

   - CVE-2017-6507

   bash:

   - CVE-2014-6277
   - CVE-2014-6278
   - CVE-2016-0634
   - CVE-2016-7543

   cpio:

   - CVE-2016-2037

   glibc:

   - CVE-2016-1234
   - CVE-2016-3075
   - CVE-2016-3706
   - CVE-2016-4429
   - CVE-2017-1000366

   perl:

   - CVE-2015-8853
   - CVE-2016-1238
   - CVE-2016-2381
   - CVE-2016-6185

   libssh2_org:

   - CVE-2016-0787

   util-linux:

   - CVE-2016-5011
   - CVE-2017-2616

   ncurses:

   - CVE-2017-10684
   - CVE-2017-10685
   - CVE-2017-11112
   - CVE-2017-11113

   libksba:

   - CVE-2016-4574
   - CVE-2016-4579

   libxml2:

   - CVE-2014-0191
   - CVE-2015-8806
   - CVE-2016-1762
   - CVE-2016-1833
   - CVE-2016-1834
   - CVE-2016-1835
   - CVE-2016-1837
   - CVE-2016-1838
   - CVE-2016-1839
   - CVE-2016-1840
   - CVE-2016-2073
   - CVE-2016-3627
   - CVE-2016-3705
   - CVE-2016-4447
   - CVE-2016-4448
   - CVE-2016-4449
   - CVE-2016-4483
   - CVE-2016-4658
   - CVE-2016-9318
   - CVE-2016-9597
   - CVE-2017-9047
   - CVE-2017-9048
   - CVE-2017-9049
   - CVE-2017-9050

   libgcrypt:

   - CVE-2015-7511
   - CVE-2016-6313
   - CVE-2017-7526

   update-alternatives:

   - CVE-2015-0860

   systemd:

   - CVE-2014-9770
   - CVE-2015-8842
   - CVE-2016-7796

   dbus-1:

   - CVE-2014-7824
   - CVE-2015-0245

   Finally, the following packages received non-security fixes:

   - augeas
   - bzip2
   - ca-certificates-mozilla
   - coreutils
   - cryptsetup
   - cyrus-sasl
   - dirmngr
   - e2fsprogs
   - findutils
   - gpg2
   - insserv-compat
   - kmod
   - libcap
   - libsolv
   - libzypp
   - lua51
   - lvm2
   - netcfg
   - p11-kit
   - permissions
   - procps
   - rpm
   - sed
   - sg3_utils
   - shadow
   - zypper


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Module for Containers 12:

      zypper in -t patch SUSE-SLE-Module-Containers-12-2017-1673=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Module for Containers 12 (ppc64le s390x x86_64):

      sles12sp1-docker-image-1.0.7-20171002


References:

   https://www.suse.com/security/cve/CVE-2012-6702.html
   https://www.suse.com/security/cve/CVE-2014-0191.html
   https://www.suse.com/security/cve/CVE-2014-6271.html
   https://www.suse.com/security/cve/CVE-2014-6277.html
   https://www.suse.com/security/cve/CVE-2014-6278.html
   https://www.suse.com/security/cve/CVE-2014-7169.html
   https://www.suse.com/security/cve/CVE-2014-7187.html
   https://www.suse.com/security/cve/CVE-2014-7824.html
   https://www.suse.com/security/cve/CVE-2014-8964.html
   https://www.suse.com/security/cve/CVE-2014-9770.html
   https://www.suse.com/security/cve/CVE-2015-0245.html
   https://www.suse.com/security/cve/CVE-2015-0860.html
   https://www.suse.com/security/cve/CVE-2015-1283.html
   https://www.suse.com/security/cve/CVE-2015-2059.html
   https://www.suse.com/security/cve/CVE-2015-2325.html
   https://www.suse.com/security/cve/CVE-2015-2327.html
   https://www.suse.com/security/cve/CVE-2015-2328.html
   https://www.suse.com/security/cve/CVE-2015-3210.html
   https://www.suse.com/security/cve/CVE-2015-3217.html
   https://www.suse.com/security/cve/CVE-2015-3238.html
   https://www.suse.com/security/cve/CVE-2015-3622.html
   https://www.suse.com/security/cve/CVE-2015-5073.html
   https://www.suse.com/security/cve/CVE-2015-5276.html
   https://www.suse.com/security/cve/CVE-2015-7511.html
   https://www.suse.com/security/cve/CVE-2015-8380.html
   https://www.suse.com/security/cve/CVE-2015-8381.html
   https://www.suse.com/security/cve/CVE-2015-8382.html
   https://www.suse.com/security/cve/CVE-2015-8383.html
   https://www.suse.com/security/cve/CVE-2015-8384.html
   https://www.suse.com/security/cve/CVE-2015-8385.html
   https://www.suse.com/security/cve/CVE-2015-8386.html
   https://www.suse.com/security/cve/CVE-2015-8387.html
   https://www.suse.com/security/cve/CVE-2015-8388.html
   https://www.suse.com/security/cve/CVE-2015-8389.html
   https://www.suse.com/security/cve/CVE-2015-8390.html
   https://www.suse.com/security/cve/CVE-2015-8391.html
   https://www.suse.com/security/cve/CVE-2015-8392.html
   https://www.suse.com/security/cve/CVE-2015-8393.html
   https://www.suse.com/security/cve/CVE-2015-8394.html
   https://www.suse.com/security/cve/CVE-2015-8395.html
   https://www.suse.com/security/cve/CVE-2015-8806.html
   https://www.suse.com/security/cve/CVE-2015-8842.html
   https://www.suse.com/security/cve/CVE-2015-8853.html
   https://www.suse.com/security/cve/CVE-2015-8948.html
   https://www.suse.com/security/cve/CVE-2016-0634.html
   https://www.suse.com/security/cve/CVE-2016-0718.html
   https://www.suse.com/security/cve/CVE-2016-0787.html
   https://www.suse.com/security/cve/CVE-2016-1234.html
   https://www.suse.com/security/cve/CVE-2016-1238.html
   https://www.suse.com/security/cve/CVE-2016-1283.html
   https://www.suse.com/security/cve/CVE-2016-1762.html
   https://www.suse.com/security/cve/CVE-2016-1833.html
   https://www.suse.com/security/cve/CVE-2016-1834.html
   https://www.suse.com/security/cve/CVE-2016-1835.html
   https://www.suse.com/security/cve/CVE-2016-1837.html
   https://www.suse.com/security/cve/CVE-2016-1838.html
   https://www.suse.com/security/cve/CVE-2016-1839.html
   https://www.suse.com/security/cve/CVE-2016-1840.html
   https://www.suse.com/security/cve/CVE-2016-2037.html
   https://www.suse.com/security/cve/CVE-2016-2073.html
   https://www.suse.com/security/cve/CVE-2016-2105.html
   https://www.suse.com/security/cve/CVE-2016-2106.html
   https://www.suse.com/security/cve/CVE-2016-2107.html
   https://www.suse.com/security/cve/CVE-2016-2108.html
   https://www.suse.com/security/cve/CVE-2016-2109.html
   https://www.suse.com/security/cve/CVE-2016-2177.html
   https://www.suse.com/security/cve/CVE-2016-2178.html
   https://www.suse.com/security/cve/CVE-2016-2179.html
   https://www.suse.com/security/cve/CVE-2016-2180.html
   https://www.suse.com/security/cve/CVE-2016-2181.html
   https://www.suse.com/security/cve/CVE-2016-2182.html
   https://www.suse.com/security/cve/CVE-2016-2183.html
   https://www.suse.com/security/cve/CVE-2016-2381.html
   https://www.suse.com/security/cve/CVE-2016-3075.html
   https://www.suse.com/security/cve/CVE-2016-3191.html
   https://www.suse.com/security/cve/CVE-2016-3627.html
   https://www.suse.com/security/cve/CVE-2016-3705.html
   https://www.suse.com/security/cve/CVE-2016-3706.html
   https://www.suse.com/security/cve/CVE-2016-4008.html
   https://www.suse.com/security/cve/CVE-2016-4429.html
   https://www.suse.com/security/cve/CVE-2016-4447.html
   https://www.suse.com/security/cve/CVE-2016-4448.html
   https://www.suse.com/security/cve/CVE-2016-4449.html
   https://www.suse.com/security/cve/CVE-2016-4483.html
   https://www.suse.com/security/cve/CVE-2016-4574.html
   https://www.suse.com/security/cve/CVE-2016-4579.html
   https://www.suse.com/security/cve/CVE-2016-4658.html
   https://www.suse.com/security/cve/CVE-2016-5011.html
   https://www.suse.com/security/cve/CVE-2016-5300.html
   https://www.suse.com/security/cve/CVE-2016-5419.html
   https://www.suse.com/security/cve/CVE-2016-5420.html
   https://www.suse.com/security/cve/CVE-2016-5421.html
   https://www.suse.com/security/cve/CVE-2016-6185.html
   https://www.suse.com/security/cve/CVE-2016-6261.html
   https://www.suse.com/security/cve/CVE-2016-6262.html
   https://www.suse.com/security/cve/CVE-2016-6263.html
   https://www.suse.com/security/cve/CVE-2016-6302.html
   https://www.suse.com/security/cve/CVE-2016-6303.html
   https://www.suse.com/security/cve/CVE-2016-6304.html
   https://www.suse.com/security/cve/CVE-2016-6306.html
   https://www.suse.com/security/cve/CVE-2016-6313.html
   https://www.suse.com/security/cve/CVE-2016-6318.html
   https://www.suse.com/security/cve/CVE-2016-7056.html
   https://www.suse.com/security/cve/CVE-2016-7141.html
   https://www.suse.com/security/cve/CVE-2016-7167.html
   https://www.suse.com/security/cve/CVE-2016-7543.html
   https://www.suse.com/security/cve/CVE-2016-7796.html
   https://www.suse.com/security/cve/CVE-2016-8610.html
   https://www.suse.com/security/cve/CVE-2016-8615.html
   https://www.suse.com/security/cve/CVE-2016-8616.html
   https://www.suse.com/security/cve/CVE-2016-8617.html
   https://www.suse.com/security/cve/CVE-2016-8618.html
   https://www.suse.com/security/cve/CVE-2016-8619.html
   https://www.suse.com/security/cve/CVE-2016-8620.html
   https://www.suse.com/security/cve/CVE-2016-8621.html
   https://www.suse.com/security/cve/CVE-2016-8622.html
   https://www.suse.com/security/cve/CVE-2016-8623.html
   https://www.suse.com/security/cve/CVE-2016-8624.html
   https://www.suse.com/security/cve/CVE-2016-9063.html
   https://www.suse.com/security/cve/CVE-2016-9318.html
   https://www.suse.com/security/cve/CVE-2016-9586.html
   https://www.suse.com/security/cve/CVE-2016-9597.html
   https://www.suse.com/security/cve/CVE-2016-9840.html
   https://www.suse.com/security/cve/CVE-2016-9841.html
   https://www.suse.com/security/cve/CVE-2016-9842.html
   https://www.suse.com/security/cve/CVE-2016-9843.html
   https://www.suse.com/security/cve/CVE-2017-1000100.html
   https://www.suse.com/security/cve/CVE-2017-1000101.html
   https://www.suse.com/security/cve/CVE-2017-1000366.html
   https://www.suse.com/security/cve/CVE-2017-10684.html
   https://www.suse.com/security/cve/CVE-2017-10685.html
   https://www.suse.com/security/cve/CVE-2017-11112.html
   https://www.suse.com/security/cve/CVE-2017-11113.html
   https://www.suse.com/security/cve/CVE-2017-2616.html
   https://www.suse.com/security/cve/CVE-2017-3731.html
   https://www.suse.com/security/cve/CVE-2017-6507.html
   https://www.suse.com/security/cve/CVE-2017-7407.html
   https://www.suse.com/security/cve/CVE-2017-7526.html
   https://www.suse.com/security/cve/CVE-2017-9047.html
   https://www.suse.com/security/cve/CVE-2017-9048.html
   https://www.suse.com/security/cve/CVE-2017-9049.html
   https://www.suse.com/security/cve/CVE-2017-9050.html
   https://www.suse.com/security/cve/CVE-2017-9233.html
   https://bugzilla.suse.com/1056193
   https://bugzilla.suse.com/975726

================================================

   SUSE Security Update: Security update for SLES 12-SP2 Docker image
______________________________________________________________________________

Announcement ID:    SUSE-SU-2017:2701-1
Rating:             important
References:         #1056193 
Cross-References:   CVE-2012-6702 CVE-2015-3238 CVE-2016-10156
                    CVE-2016-1839 CVE-2016-2037 CVE-2016-4658
                    CVE-2016-5011 CVE-2016-5300 CVE-2016-7055
                    CVE-2016-9063 CVE-2016-9318 CVE-2016-9401
                    CVE-2016-9586 CVE-2016-9597 CVE-2016-9840
                    CVE-2016-9841 CVE-2016-9842 CVE-2016-9843
                    CVE-2017-0663 CVE-2017-1000100 CVE-2017-1000101
                    CVE-2017-1000366 CVE-2017-10684 CVE-2017-10685
                    CVE-2017-11112 CVE-2017-11113 CVE-2017-2616
                    CVE-2017-3731 CVE-2017-3732 CVE-2017-5969
                    CVE-2017-6507 CVE-2017-7375 CVE-2017-7376
                    CVE-2017-7407 CVE-2017-7435 CVE-2017-7436
                    CVE-2017-7526 CVE-2017-8872 CVE-2017-9047
                    CVE-2017-9048 CVE-2017-9049 CVE-2017-9050
                    CVE-2017-9217 CVE-2017-9233 CVE-2017-9269
                    CVE-2017-9287 CVE-2017-9445
Affected Products:
                    SUSE Linux Enterprise Module for Containers 12
______________________________________________________________________________

   An update that fixes 47 vulnerabilities is now available.

Description:

   The SUSE Linux Enterprise Server 12 SP2 container image has been updated
   to include security and stability fixes.

   The following issues related to building of the container images have been
   fixed:

   - Included krb5 package to avoid the inclusion of krb5-mini which gets
     selected as a dependency by the Build Service solver. (bsc#1056193)

   A number of security issues that have been already fixed by updates
   released for SUSE Linux Enterprise Server 12 are now included in the base
   image. A package/CVE cross-reference is available below.

   bash:

   - CVE-2016-9401

   expat:

   - CVE-2012-6702
   - CVE-2016-5300
   - CVE-2016-9063
   - CVE-2017-9233

   curl:

   - CVE-2016-9586
   - CVE-2017-1000100
   - CVE-2017-1000101
   - CVE-2017-7407

   glibc:

   - CVE-2017-1000366

   openssl:

   - CVE-2017-3731
   - CVE-2017-3732
   - CVE-2016-7055

   pam:

   - CVE-2015-3238

   apparmor:

   - CVE-2017-6507

   ncurses:

   - CVE-2017-10684
   - CVE-2017-10685
   - CVE-2017-11112
   - CVE-2017-11113

   libgcrypt:

   - CVE-2017-7526

   libxml2:

   - CVE-2016-1839
   - CVE-2016-4658
   - CVE-2016-9318
   - CVE-2016-9597
   - CVE-2017-0663
   - CVE-2017-5969
   - CVE-2017-7375
   - CVE-2017-7376
   - CVE-2017-8872
   - CVE-2017-9047
   - CVE-2017-9048
   - CVE-2017-9049
   - CVE-2017-9050

   libzypp:

   - CVE-2017-9269
   - CVE-2017-7435
   - CVE-2017-7436

   openldap2:

   - CVE-2017-9287

   systemd:

   - CVE-2016-10156
   - CVE-2017-9217
   - CVE-2017-9445

   util-linux:

   - CVE-2016-5011
   - CVE-2017-2616

   zlib:

   - CVE-2016-9840
   - CVE-2016-9841
   - CVE-2016-9842
   - CVE-2016-9843

   zypper:

   - CVE-2017-7436

   Finally, the following packages received non-security fixes:

   - binutils
   - cpio
   - cryptsetup
   - cyrus-sasl
   - dbus-1
   - dirmngr
   - e2fsprogs
   - gpg2
   - insserv-compat
   - kmod
   - libsolv
   - libsemanage
   - lvm2
   - lua51
   - netcfg
   - procps
   - sed
   - sg3_utils
   - shadow


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Module for Containers 12:

      zypper in -t patch SUSE-SLE-Module-Containers-12-2017-1674=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Module for Containers 12 (ppc64le s390x x86_64):

      sles12sp2-docker-image-1.0.2-20171006


References:

   https://www.suse.com/security/cve/CVE-2012-6702.html
   https://www.suse.com/security/cve/CVE-2015-3238.html
   https://www.suse.com/security/cve/CVE-2016-10156.html
   https://www.suse.com/security/cve/CVE-2016-1839.html
   https://www.suse.com/security/cve/CVE-2016-2037.html
   https://www.suse.com/security/cve/CVE-2016-4658.html
   https://www.suse.com/security/cve/CVE-2016-5011.html
   https://www.suse.com/security/cve/CVE-2016-5300.html
   https://www.suse.com/security/cve/CVE-2016-7055.html
   https://www.suse.com/security/cve/CVE-2016-9063.html
   https://www.suse.com/security/cve/CVE-2016-9318.html
   https://www.suse.com/security/cve/CVE-2016-9401.html
   https://www.suse.com/security/cve/CVE-2016-9586.html
   https://www.suse.com/security/cve/CVE-2016-9597.html
   https://www.suse.com/security/cve/CVE-2016-9840.html
   https://www.suse.com/security/cve/CVE-2016-9841.html
   https://www.suse.com/security/cve/CVE-2016-9842.html
   https://www.suse.com/security/cve/CVE-2016-9843.html
   https://www.suse.com/security/cve/CVE-2017-0663.html
   https://www.suse.com/security/cve/CVE-2017-1000100.html
   https://www.suse.com/security/cve/CVE-2017-1000101.html
   https://www.suse.com/security/cve/CVE-2017-1000366.html
   https://www.suse.com/security/cve/CVE-2017-10684.html
   https://www.suse.com/security/cve/CVE-2017-10685.html
   https://www.suse.com/security/cve/CVE-2017-11112.html
   https://www.suse.com/security/cve/CVE-2017-11113.html
   https://www.suse.com/security/cve/CVE-2017-2616.html
   https://www.suse.com/security/cve/CVE-2017-3731.html
   https://www.suse.com/security/cve/CVE-2017-3732.html
   https://www.suse.com/security/cve/CVE-2017-5969.html
   https://www.suse.com/security/cve/CVE-2017-6507.html
   https://www.suse.com/security/cve/CVE-2017-7375.html
   https://www.suse.com/security/cve/CVE-2017-7376.html
   https://www.suse.com/security/cve/CVE-2017-7407.html
   https://www.suse.com/security/cve/CVE-2017-7435.html
   https://www.suse.com/security/cve/CVE-2017-7436.html
   https://www.suse.com/security/cve/CVE-2017-7526.html
   https://www.suse.com/security/cve/CVE-2017-8872.html
   https://www.suse.com/security/cve/CVE-2017-9047.html
   https://www.suse.com/security/cve/CVE-2017-9048.html
   https://www.suse.com/security/cve/CVE-2017-9049.html
   https://www.suse.com/security/cve/CVE-2017-9050.html
   https://www.suse.com/security/cve/CVE-2017-9217.html
   https://www.suse.com/security/cve/CVE-2017-9233.html
   https://www.suse.com/security/cve/CVE-2017-9269.html
   https://www.suse.com/security/cve/CVE-2017-9287.html
   https://www.suse.com/security/cve/CVE-2017-9445.html
   https://bugzilla.suse.com/1056193

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBWd2t6Ix+lLeg9Ub1AQijMw/7BkZdDRSghqR0RnlYhoV8CK3HLnUOoSZW
qIlhy8h5R7o7K62B+QH+OEAoahVc7aVKtoXyNZq1XqFSqkYn2CMfVVze1jFEy/oz
X38bY6E89c2pB8PLqJapYW0lc4x1OJxJM2l6yI+thDkD3bzGRzhrxLkUvVMNmo6t
7kseU/w0Gtf9mUEfjuLMLYGtAEb/Fxm9ji5y8xE2SoZEj5vma2Jami/pRLIPNd8O
jjApnF1uIY4XhmZF6sr8TXT+niqNxAASVHUEBdkgxzZXHxxxFgd7HgG8ayhPuVl5
wM9XcK5SA77Q8KAtCi2DR6nmnaEDnhe1B/4cz42OBZHgGTCY+qeFfntHj3pJYwvO
8onaN8RPm2XP6f/eAcOnrBGO37dwO4CZXWQh0As8m2D1fgcQcW7/gKziguAsQA8v
gME15DiQ8WacV3ZYJe/80D70IdKHm+r/BtTy0ojTFCYNCI50i8zeQ7Jyu5ufsaIH
aQqGFoKkqRPAJYq/WtM6htPGue8U68Y3OCtY1aXcjLOX8yXrJ9jyO//OMKsIwzSm
VUgkrmGcOaCxXsS8R/n0gGsETA3aOkgD4shVngKl7ib4io6I7J8Abh4axUJvaGJD
8niJJ5yzfibpgj0FKJPqDwih2k985QLe6fQw1nFRMhvNZ3Mbvd/YUzYlqw+WaknK
iROWE8L61o4=
=0DYC
-----END PGP SIGNATURE-----

« Back to bulletins