SUSE-CU-2024:1521-1: Security update of bci/bci-minimal

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Tue Apr 16 07:13:09 UTC 2024 

SUSE Container Update Advisory: bci/bci-minimal
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2024:1521-1
Container Tags        : bci/bci-minimal:15.6 , bci/bci-minimal:15.6.9.12
Container Release     : 9.12
Severity              : moderate
Type                  : security
References            : 1210959 1214934 1217450 1217667 1218492 1219031 1219321 1219520
                        1220061 1220724 1221239 1222259 CVE-2023-45918 
-----------------------------------------------------------------

The container bci/bci-minimal was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:929-1
Released:    Tue Mar 19 06:36:24 2024
Summary:     Recommended update for coreutils
Type:        recommended
Severity:    moderate
References:  1219321
This update for coreutils fixes the following issues:

- tail: fix tailing sysfs files where PAGE_SIZE > BUFSIZ (bsc#1219321)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1091-1
Released:    Tue Apr  2 12:18:46 2024
Summary:     Recommended update for rpm
Type:        recommended
Severity:    moderate
References:  
This update for rpm fixes the following issues:

- Turn on IMA/EVM file signature support, move the imaevm code that needs the
  libiamevm library into a plugin, and install this plugin as part of a new
  'rpm-imaevmsign' subpackage (jsc#PED-7246).

- Backport signature reserved space handling from upstream.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1133-1
Released:    Mon Apr  8 11:29:02 2024
Summary:     Security update for ncurses
Type:        security
Severity:    moderate
References:  1220061,CVE-2023-45918
This update for ncurses fixes the following issues:

- CVE-2023-45918: Fixed NULL pointer dereference via corrupted xterm-256color file (bsc#1220061).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1206-1
Released:    Thu Apr 11 12:56:24 2024
Summary:     Recommended update for rpm
Type:        recommended
Severity:    moderate
References:  1222259
This update for rpm fixes the following issues:

- remove imaevmsign plugin from rpm-ndb [bsc#1222259]

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1253-1
Released:    Fri Apr 12 08:15:18 2024
Summary:     Recommended update for gcc13
Type:        recommended
Severity:    moderate
References:  1210959,1214934,1217450,1217667,1218492,1219031,1219520,1220724,1221239
This update for gcc13 fixes the following issues:

- Fix unwinding for JIT code.  [bsc#1221239] 
- Revert libgccjit dependency change.  [bsc#1220724]
- Remove crypt and crypt_r interceptors. The crypt API change in SLE15 SP3
  breaks them.  [bsc#1219520]
- Add support for -fmin-function-alignment.  [bsc#1214934]
- Use %{_target_cpu} to determine host and build.
- Fix for building TVM.  [bsc#1218492]
- Add cross-X-newlib-devel requires to newlib cross compilers.
  [bsc#1219031]
- Package m2rte.so plugin in the gcc13-m2 sub-package rather than in gcc13-devel.  [bsc#1210959]
- Require libstdc++6-devel-gcc13 from gcc13-m2 as m2 programs are linked against libstdc++6.
- Fixed building mariadb on i686.  [bsc#1217667]
- Avoid update-alternatives dependency for accelerator crosses.
- Package tool links to llvm in cross-amdgcn-gcc13 rather than in
  cross-amdgcn-newlib13-devel since that also has the dependence.
- Depend on llvmVER instead of llvm with VER equal to
  %product_libs_llvm_ver where available and adjust tool discovery
  accordingly.  This should also properly trigger re-builds when
  the patchlevel version of llvmVER changes, possibly changing
  the binary names we link to.  [bsc#1217450]


The following package changes have been done:

- coreutils-8.32-150400.9.3.1 updated
- glibc-2.38-150600.9.2 updated
- libgcc_s1-13.2.1+git8285-150000.1.9.1 updated
- libgcrypt20-1.10.3-150600.1.17 updated
- libncurses6-6.1-150000.5.24.1 updated
- libstdc++6-13.2.1+git8285-150000.1.9.1 updated
- rpm-ndb-4.14.3-150400.59.13.1 updated
- sles-release-15.6-150600.32.2 updated
- terminfo-base-6.1-150000.5.24.1 updated
- container:micro-image-15.6.0-8.7 updated
- libpcre1-8.45-150000.20.13.1 removed

More information about the sle-container-updates mailing list