Vulnerability Scan Report for registry.suse.com/bci/bci-init:15.5.14.23
Systemd environment for containers based on the SLE Base Container Image. This container is only supported with podman.
Last scanned on: October 01, 2024 19:11
Systemd environment for containers based on the SLE Base Container Image. This container is only supported with podman.
Last scanned on: October 01, 2024 19:11
Package Name | Severity | Status | Description | Reference links | |
---|---|---|---|---|---|
ca-certificates-mozilla | UNKNOWN | fixed |
Security update for ca-certificates-mozilla Vulnerability ID: SUSE-SU-2024:2869-1 Installed Version: 2.62-150200.30.1 Fixed Version: 2.68-150200.33.1 This update for ca-certificates-mozilla fixes the following issues: - Updated to 2.68 state of Mozilla SSL root CAs (bsc#1227525) - Added: FIRMAPROFESIONAL CA ROOT-A WEB - Distrust: GLOBALTRUST 2020 - Updated to 2.66 state of Mozilla SSL root CAs (bsc#1220356) Added: - CommScope Public Trust ECC Root-01 - CommScope Public Trust ECC Root-02 - CommScope Public Trust RSA Root-01 - CommScope Public Trust RSA Root-02 - D-Trust SBR Root CA 1 2022 - D-Trust SBR Root CA 2 2022 - Telekom Security SMIME ECC Root 2021 - Telekom Security SMIME RSA Root 2023 - Telekom Security TLS ECC Root 2020 - Telekom Security TLS RSA Root 2023 - TrustAsia Global Root CA G3 - TrustAsia Global Root CA G4 Removed: - Autoridad de Certificacion Firmaprofesional CIF A62634068 - Chambers of Commerce Root - 2008 - Global Chambersign Root - 2008 - Security Communication Root CA - Symantec Class 1 Public Primary Certification Authority - G6 - Symantec Class 2 Public Primary Certification Authority - G6 - TrustCor ECA-1 - TrustCor RootCert CA-1 - TrustCor RootCert CA-2 - VeriSign Class 1 Public Primary Certification Authority - G3 - VeriSign Class 2 Public Primary Certification Authority - G3 |
||
container-suseconnect | MEDIUM | fixed |
Security update for container-suseconnect Vulnerability ID: SUSE-SU-2024:3360-1 Installed Version: 2.4.0-150000.4.50.2 Fixed Version: 2.5.0-150000.4.55.1 This update for container-suseconnect rebuilds it against current go1.21.13.1. Security issues fixed: CVE-2024-24789, CVE-2024-24790, CVE-2024-24791 |
||
curl | MEDIUM | fixed |
Security update for curl Vulnerability ID: SUSE-SU-2024:1151-1 Installed Version: 8.0.1-150400.5.41.1 Fixed Version: 8.0.1-150400.5.44.1 This update for curl fixes the following issues: - CVE-2024-2004: Fix the uUsage of disabled protocol logic. (bsc#1221665) - CVE-2024-2398: Fix HTTP/2 push headers memory-leak. (bsc#1221667) |
||
curl | MEDIUM | fixed |
Security update for curl Vulnerability ID: SUSE-SU-2024:3080-1 Installed Version: 8.0.1-150400.5.41.1 Fixed Version: 8.0.1-150400.5.47.1 This update for curl fixes the following issues: - CVE-2024-7264: Fixed out-of-bounds read in ASN.1 date parser GTime2str() (bsc#1228535) |
||
curl | MEDIUM | fixed |
Security update for curl Vulnerability ID: SUSE-SU-2024:3211-1 Installed Version: 8.0.1-150400.5.41.1 Fixed Version: 8.0.1-150400.5.50.1 This update for curl fixes the following issues: - CVE-2024-8096: OCSP stapling bypass with GnuTLS. (bsc#1230093) |