Vulnerability Scan Report for registry.suse.com/bci/bci-init:15.5.14.36
Systemd environment for containers based on the SLE Base Container Image. This container is only supported with podman.
Last scanned on: November 01, 2024 11:02
Systemd environment for containers based on the SLE Base Container Image. This container is only supported with podman.
Last scanned on: November 01, 2024 11:02
Package Name | Severity | Status | Description | Reference links | |
---|---|---|---|---|---|
perl-base | HIGH | fixed |
Security update for perl Vulnerability ID: SUSE-SU-2024:1762-1 Installed Version: 5.26.1-150300.17.14.1 Fixed Version: 5.26.1-150300.17.17.1 This update for perl fixes the following issues: Security issues fixed: - CVE-2018-6913: Fixed space calculation issues in pp_pack.c (bsc#1082216) - CVE-2018-6798: Fixed heap buffer overflow in regexec.c (bsc#1082233) Non-security issue fixed: - make Net::FTP work with TLS 1.3 (bsc#1213638) |
||
rpm-ndb | MEDIUM | fixed |
Security update for rpm Vulnerability ID: SUSE-SU-2024:1557-1 Installed Version: 4.14.3-150400.59.7.1 Fixed Version: 4.14.3-150400.59.16.1 This update for rpm fixes the following issues: Security fixes: - CVE-2021-3521: Fixed missing subkey binding signature checking (bsc#1191175) Other fixes: - accept more signature subpackets marked as critical (bsc#1218686) - backport limit support for the autopatch macro (bsc#1189495) |
||
shadow | MEDIUM | fixed |
Security update for shadow Vulnerability ID: SUSE-SU-2024:2658-1 Installed Version: 4.8.1-150400.10.15.1 Fixed Version: 4.8.1-150400.10.18.1 This update for shadow fixes the following issues: - CVE-2013-4235: Fixed a race condition when copying and removing directory trees (bsc#916845). |
||
shadow | MEDIUM | fixed |
Security update for shadow Vulnerability ID: SUSE-SU-2024:2804-1 Installed Version: 4.8.1-150400.10.15.1 Fixed Version: 4.8.1-150400.10.21.1 This update for shadow fixes the following issues: - Fixed not copying of skel files (bsc#1228770) |
||
systemd | MEDIUM | fixed |
Security update for systemd Vulnerability ID: SUSE-SU-2024:3149-1 Installed Version: 249.17-150400.8.40.1 Fixed Version: 249.17-150400.8.43.1 This update for systemd fixes the following issues: - CVE-2023-7008: Fixed man-in-the-middle due to unsigned name response in signed zone not refused when DNSSEC=yes (bsc#1218297) Other fixes: - Unit: drop ProtectClock=yes from systemd-udevd.service (bsc#1226414) - Don't mention any rpm macros inside comments, even if escaped (bsc#1228091) - Skip redundant dependencies specified the LSB description that references the file name of the service itself for early boot scripts (bsc#1221479). |