SUSE-CU-2024:1529-1: Recommended update of suse/sle-micro/5.1/toolbox

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Tue Apr 16 07:14:38 UTC 2024 

SUSE Container Update Advisory: suse/sle-micro/5.1/toolbox
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2024:1529-1
Container Tags        : suse/sle-micro/5.1/toolbox:13.2 , suse/sle-micro/5.1/toolbox:13.2-3.8.13 , suse/sle-micro/5.1/toolbox:latest
Container Release     : 3.8.13
Severity              : moderate
Type                  : recommended
References            : 1175678 1210959 1214934 1217450 1217667 1218171 1218492 1218544
                        1219031 1219520 1220441 1220724 1221239 1221525 1222109 CVE-2024-0217
-----------------------------------------------------------------

The container suse/sle-micro/5.1/toolbox was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1202-1
Released:    Thu Apr 11 10:49:34 2024
Summary:     Recommended update for libzypp, zypper, PackageKit
Type:        recommended
Severity:    moderate
References:  1175678,1218171,1218544,1221525,CVE-2024-0217
This update for libzypp, zypper, PackageKit fixes the following issues:

- Fixup New VendorSupportOption flag VendorSupportSuperseded (jsc#OBS-301, jsc#PED-8014)
- CVE-2024-0217: Check that Finished signal is emitted at most once (bsc#1218544)
- Add resolver option 'removeOrphaned' for distupgrade (bsc#1221525)
- New VendorSupportOption flag VendorSupportSuperseded (jsc#OBS-301, jsc#PED-8014)
- Add default stripe minimum
- Don't expose std::optional where YAST/PK explicitly use c++11.
- Digest: Avoid using the deprecated OPENSSL_config
- version 17.32.0
- ProblemSolution::skipsPatchesOnly overload to handout the patches
- Show active dry-run/download-only at the commit propmpt
- Add --skip-not-applicable-patches option
- Fix printing detailed solver problem description
- Fix bash-completion to work with right adjusted numbers in the 1st column too
- Set libzypp shutdown request signal on Ctrl+C
- In the detailed view show all baseurls not just the first one (bsc#1218171)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1231-1
Released:    Thu Apr 11 15:20:40 2024
Summary:     Recommended update for glibc
Type:        recommended
Severity:    moderate
References:  1220441
This update for glibc fixes the following issues:

- duplocale: protect use of global locale (bsc#1220441, BZ #23970)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1253-1
Released:    Fri Apr 12 08:15:18 2024
Summary:     Recommended update for gcc13
Type:        recommended
Severity:    moderate
References:  1210959,1214934,1217450,1217667,1218492,1219031,1219520,1220724,1221239
This update for gcc13 fixes the following issues:

- Fix unwinding for JIT code.  [bsc#1221239] 
- Revert libgccjit dependency change.  [bsc#1220724]
- Remove crypt and crypt_r interceptors. The crypt API change in SLE15 SP3
  breaks them.  [bsc#1219520]
- Add support for -fmin-function-alignment.  [bsc#1214934]
- Use %{_target_cpu} to determine host and build.
- Fix for building TVM.  [bsc#1218492]
- Add cross-X-newlib-devel requires to newlib cross compilers.
  [bsc#1219031]
- Package m2rte.so plugin in the gcc13-m2 sub-package rather than in gcc13-devel.  [bsc#1210959]
- Require libstdc++6-devel-gcc13 from gcc13-m2 as m2 programs are linked against libstdc++6.
- Fixed building mariadb on i686.  [bsc#1217667]
- Avoid update-alternatives dependency for accelerator crosses.
- Package tool links to llvm in cross-amdgcn-gcc13 rather than in
  cross-amdgcn-newlib13-devel since that also has the dependence.
- Depend on llvmVER instead of llvm with VER equal to
  %product_libs_llvm_ver where available and adjust tool discovery
  accordingly.  This should also properly trigger re-builds when
  the patchlevel version of llvmVER changes, possibly changing
  the binary names we link to.  [bsc#1217450]

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1279-1
Released:    Fri Apr 12 21:35:09 2024
Summary:     Recommended update for python3
Type:        recommended
Severity:    moderate
References:  1222109
This update for python3 fixes the following issue:

- Fix syslog making default 'ident' from sys.argv (bsc#1222109)


The following package changes have been done:

- glibc-locale-base-2.31-150300.71.1 updated
- glibc-locale-2.31-150300.71.1 updated
- glibc-2.31-150300.71.1 updated
- libgcc_s1-13.2.1+git8285-150000.1.9.1 updated
- libpython3_6m1_0-3.6.15-150300.10.60.1 updated
- libstdc++6-13.2.1+git8285-150000.1.9.1 updated
- libzypp-17.32.2-150200.92.3 updated
- python3-base-3.6.15-150300.10.60.1 updated
- zypper-1.14.69-150200.73.7 updated

More information about the sle-container-updates mailing list