SUSE-IU-2024:325-1: Security update of suse/sle-micro/5.5
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Wed Apr 17 12:38:31 UTC 2024
SUSE Image Update Advisory: suse/sle-micro/5.5
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2024:325-1
Image Tags : suse/sle-micro/5.5:2.0.2 , suse/sle-micro/5.5:2.0.2-4.2.70 , suse/sle-micro/5.5:latest
Image Release : 4.2.70
Severity : important
Type : security
References : 1107342 1144060 1176006 1188307 1190495 1190495 1192051 1200731
1203823 1205502 1206627 1207987 1210507 1210959 1211886 1212440
1213189 1213418 1213809 1214806 1214934 1215005 1215377 1215434
1215806 1216198 1216594 1216598 1216752 1217083 1217316 1217320
1217321 1217324 1217326 1217329 1217330 1217432 1217445 1217450
1217589 1217667 1217773 1217828 1217964 1218215 1218232 1218492
1218571 1218866 1218894 1218894 1219026 1219031 1219142 1219238
1219243 1219321 1219520 1219559 1219576 1219581 1219767 1219841
1219901 1219975 1220061 1220361 1220374 1220385 1220389 1220441
1220485 1220724 1220770 1220771 1220772 1221050 1221134 1221151
1221218 1221239 1221289 1221399 1221665 1221667 1221675 1221677
1221831 1222259 CVE-2022-48624 CVE-2023-29383 CVE-2023-38469
CVE-2023-38471 CVE-2023-42465 CVE-2023-42465 CVE-2023-45918 CVE-2023-4641
CVE-2023-4750 CVE-2023-48231 CVE-2023-48232 CVE-2023-48233 CVE-2023-48234
CVE-2023-48235 CVE-2023-48236 CVE-2023-48237 CVE-2023-48706 CVE-2023-51385
CVE-2023-52160 CVE-2023-52425 CVE-2023-5388 CVE-2023-7207 CVE-2024-0727
CVE-2024-1753 CVE-2024-2004 CVE-2024-21626 CVE-2024-21626 CVE-2024-22667
CVE-2024-2398 CVE-2024-25062 CVE-2024-26458 CVE-2024-26461 CVE-2024-26462
CVE-2024-28085 CVE-2024-28182 CVE-2024-28757
-----------------------------------------------------------------
The container suse/sle-micro/5.5 was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:295-1
Released: Thu Feb 1 08:23:17 2024
Summary: Security update for runc
Type: security
Severity: important
References: 1218894,CVE-2024-21626
This update for runc fixes the following issues:
Update to runc v1.1.11:
- CVE-2024-21626: Fixed container breakout. (bsc#1218894)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:322-1
Released: Fri Feb 2 15:13:26 2024
Summary: Recommended update for aaa_base
Type: recommended
Severity: moderate
References: 1107342,1215434
This update for aaa_base fixes the following issues:
- Set JAVA_HOME correctly (bsc#1107342, bsc#1215434)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:408-1
Released: Wed Feb 7 11:06:37 2024
Summary: Recommended update for podman
Type: recommended
Severity: moderate
References: 1217828
This update for podman fixes the following issues:
- Update to version 4.8.3:
* Update RELEASE_NOTES.md
* update module golang.org/x/crypto [security]
* Error on HyperV VM start when gvproxy has failed to start
- Refactor network backend dependencies:
* podman requires either netavark or cni-plugins. On ALP, require
netavark, otherwise prefer netavark but don't force it.
* This fixes missing cni-plugins in some scenarios
* Default to netavark everywhere where it's available
- Update to version 4.8.2:
* Update RELEASE_NOTES.md
* Kube Play - set ReportWriter when building an image
* Fix user-mode net init flag on first time install
- Default to the new networking backend, netavark, on openSUSE (bsc#1217828)
- Update to version 4.8.1:
* Handle symlinks when checking DB vs runtime configs
* libpod: Detect whether we have a private UTS namespace on FreeBSD
* pkg/bindings: add new APIVersionError error type
* fix podman-remote exec regression with v4.8
* sqlite: fix issue in ValidateDBConfig()
* sqlite: fix missing Commit() in RemovePodContainers()
* sqlite: set busy timeout to 100s
* Fix locking error in WSL machine rm -f
* Gating test fixes
* If API calls for kube play --replace, then replace pod
* Fix wsl.conf generation when user-mode-networking is disabled
- Update to version 4.8.0:
* Bump to Buildah v1.33.2
* [CI:DOCS] Update release notes
* machine applehv: create better error on start failure
* Cirrus: Update operating branch
* rootless_tutorial: modernize
* Update to libhvee 0.5.0
* vmtypes names cannot be used as machine names
* Add support for --compat-auth-file in login/logout
* Update tests for a c/common error message change
* Update c/image and c/common to latest, c/buildah to main
* CI: test overlay and vfs
* [CI:DOCS] Add link to podman py docs
* Test fixes for debian
* pasta tests: remove some skips
* VM images: bump to 2023-11-16
* fix(deps): update module k8s.io/kubernetes to v1.28.4 [security]
* [CI:DOCS] Machine test timeout env var
* Quadlet - add support for UID and GID Mapping
* Quadlet - Allow using symlink on the base search paths
* [skip-ci] Update dessant/lock-threads action to v5
* Avoid empty SSH keys on applehv
* qemu,parseUSB: minor refactor
* fix(deps): update module github.com/gorilla/handlers to v1.5.2
* docs: fix relabeling command
* Pass secrets from the host down to internal podman containers
* (Temporary) Emergency CI fix: quay search is broken
* Update podman-stats.1.md.in
* [CI:BUILD] packit: handle builds for RC releases
* Quadlet test - add case for multi = sign in mount
* set RLIMIT_NOFILE soft limit to match the hard limit on mac
* rootless: use functionalities from c/storage
* CI: e2e: fix a smattering of test bugs that slipped in
* fix(deps): update module github.com/onsi/ginkgo/v2 to v2.13.1
* vendor: update c/storage
* Improve the documentation of quadlet
* Fix socket mapping socket mapping nits
* fix(deps): update module golang.org/x/tools to v0.15.0
* fix(deps): update github.com/containers/libhvee digest to 9651e31
* [skip-ci] Update github/issue-labeler action to v3.3
* Document --userns=auto behaviour for rootless users
* machine: qemu: add usb host passthrough
* fix(deps): update module golang.org/x/net to v0.18.0
* fix(deps): update module github.com/onsi/gomega to v1.30.0
* Refactor Ignition configuration for virt providers
* [CI:BUILD] rpm: disable GOPROXY
* Automatic code cleanups [JetBrains]
* Refactor key machine objects
* systests: add [NNN] prefix in logs, NNN = filename
* systests: add a last-minute check for db backend
* applehv: allow virtiofs to mount to root
* Run codespell on podman
* update completion scripts for cobra v1.8.0
* Fix man page display of podman-kube-generate
* Try to fix the broken formatting of man podman-kube-apply(1).
* fix(deps): update module golang.org/x/text to v0.14.0
* docs: make CNI removal explicit
* fix(deps): update module github.com/gorilla/mux to v1.8.1
* fix(deps): update module github.com/spf13/cobra to v1.8.0
* fix(deps): update module golang.org/x/sync to v0.5.0
* fix(deps): update module github.com/mattn/go-sqlite3 to v1.14.18
* Podman push --help should reveal default compression
* Update container-device-interface (CDI) to v0.6.2
* fix: adjust helper string in machine_common
* fix: adjust helper string in machine_common
* remote,test: remove .dockerignore which is a symlink
* [CI:DOCS] Update dependency golangci/golangci-lint to v1.55.2
* fix: adjust helper string in machine_common
* vendor: update github.com/coreos/go-systemd/v22 to latest main
* CI: default to sqlite
* vendor: update c/common
* check system connections before machine init
* Consume OCI images for machine image
* freebsd: drop dead code
* libpod: make removePodCgroup linux specific
* containers: drop special handling for ErrCgroupV1Rootless
* compose: fix compose provider debug message
* image: replace GetStoreImage with ResolveReference
* vendor: bump c/image to 373c52a9466f
* Refactor machine socket mapping
* AppleHV: Fix machine rm error message
* Add status messages to podman --remote commit
* End-of-Life policy for github issues
* fix(deps): update module github.com/shirou/gopsutil/v3 to v3.23.10
* Support passing of Ulimits as -1 to mean max
* fix(deps): update github.com/docker/go-connections digest to 0b8c1f4
* fix(deps): update github.com/crc-org/vfkit digest to f3c783d
* Log gvproxy and server9 to file on log-level=debug
* Change to using gopsutil for cross-OS process ops
* Initial addition of 9p code to Podman
* libpod: fix /etc/hostname with --uts=host
* systests: stty test: retry once on flake
* systests: pasta: avoid hangs
* Fix secrets scanning GHA Workflow
* [skip-ci] Update dawidd6/action-send-mail action to v3.9.0
* docs: clarify systemd cgroup mount
* podman build --remote URI Dockerfile shoud not be treated as file
* Small fixes for wacko CI environments
* Do not add powercap mask if no paths are masked
* compose: try all possible providers before throwing an error
* podman kube play --replace should force removal of pods and containers
* Sort kube options alphabetically
* container.conf: support attributed string slices
* CI: podman farm tests cleanup
* Mask /sys/devices/virtual/powercap
* Update module github.com/google/uuid to v1.4.0
* fix(deps): update module github.com/docker/docker to v24.0.7+incompatible
* fix(deps): update module go.etcd.io/bbolt to v1.3.8
* CI: systest: safer random_rfc1918_subnet
* CI: e2e: safer GetPort()
* Fix broken code block markup in Introduction.rst
* chore(deps): update module google.golang.org/grpc to v1.57.1 [security]
* chore: remove npipe const and use vmtype const for checking
* Update module github.com/onsi/gomega to v1.29.0
* CI: try to fix more networking flakes
* fix: check wsl npipe when executing podman compose
* [CI:DOCS] Update dependency golangci/golangci-lint to v1.55.1
* Quadlet - explicit support for read-only-tmpfs
* compat API: fix image-prune --all
* Makefile - allow more control over Ginkgo parameters
* Add e2e tests for farm build
* vendor c/{buildah,common}: appendable containers.conf strings, Part 1
* Add podman farm build command
* Add emulation package
* Use buildah default isolation when working with podman play kube
* docs(API): Fix compat network (dis-)connect
* test/e2e: do not import buildah
* pkg/specgen: remove config_unsupported.go
* pkg/parallel/ctr: add !remote tag
* pkg/domain/filters: add !remote tag
* pkg/ps: add !remote tag
* pkg/systemd/generate: add !remote tag
* libpod: add !remote tag
* pkg/autoupdate: add !remote tag
* vendor latest c/common
* libpod: remove build support non linux/freebsd
* Fix typo
* test/apiv2: adapt apiv2 test on cgroups v1 environment
* ginkgo setup: retry cache pulls
* Support size option when creating tmpfs volumes
* not mounted layers should be reported as info not error
* CI: stop using registry.k8s.io
* fix(deps): update module github.com/vbatts/git-validation to v1.2.1
* test fixes for c/common tag chnages
* vendor latest c/common
* hyperV: Update lastUp time
* [CI:DOCS] Update dependency golangci/golangci-lint to v1.55.0
* lint: disable testifylint
* lint: fix warnings found by perfsprint
* lint: fix warnings found by inamedparam
* lint: fix warnings found by protogetter
* libpod: skip DBUS_SESSION_BUS_ADDRESS in conmon
* Use node hostname in kube play when hostNetwork=true
* cirrus setup: special-case perl unicode
* network: document ports and macvlan interaction
* quadlet: document cgroupv2 requirement
* [skip-ci] Update actions/checkout digest to b4ffde6
* Revert 'Emergency workaround for CI breakage'
* remote: exec: do not leak session IDs on errors
* fix(deps): update github.com/containers/storage digest to 79aa304
* fix(deps): update module k8s.io/kubernetes to v1.28.3
* System tests: fix broken silence127
* Add TERM iff TERM not defined in container when podman exec -t
* Emergency workaround for CI breakage
* Kill gvproxy when machine rm -f
* Fix path for omvf vars on Darwin/arm64
* Allow systemd specifiers in User and Group Quadlet keys
* libpod: rename confusing import name
* use FindInitBinary() for init binary
* vendor latest c/common
* exec: do not leak session IDs on errors
* systests: cp test: lots of cleanup
* Define better error message for container name conflicts with external storage.
* Quadlet - support ImageName for .image files
* test/system: ignore 127 if it is the expected rc
* test/apiv2/20-containers.at: fix NanoCPUs tests on cgroups v1
* image history: fix walking layers
* fix(api): Ensure compatibality for network connect
* [CI:DOCS] Add cross-build target info.
* machine set: document --rootful better
* libpod: restart+userns cleanup netns correctly
* Minor log and doc fixes
* Quadlet man page - discuss volume removal explicitly
* Quadlet - add support for KubeDownForce
* System Test - Quadlet kube oneshot
* Fix output of podman --remote top
* buildah-bud: test relative TMPDIR
* Fix handling of --read-only-tmpfs flag
* Vendor common and buildah main
* remote,build: wire unsetlabels
* test: build with TMPDIR as relative
* docs: add unsetlabel
* vendor: bump buildah to v1.32.1-0.20231012130144-244170240d85
* fix(deps): update module github.com/vbauerster/mpb/v8 to v8.6.2
* fix: pull error response docker rest api compatibility
* Show client info even if remote connection fails
* fix(deps): update github.com/containers/libhvee digest to e51be96
* Run codespell
* SetLock for all virt providers
* Machine: Teardown on init failure
* healthcheck: make sure to always show health_status events
* Apply suggestions from code review
* [CI:DOCS]rtd: implement v2 build file
* Quadlet - support oneshot .kube files
* libpod: fix deadlock while parallel container create
* fix(deps): update module golang.org/x/net to v0.17.0
* api: add `compatMode` paramenter to libpod's pull endpoint
* api: break out compat image pull
* fix(deps): update module github.com/cpuguy83/go-md2man/v2 to v2.0.3
* use sqlite as default database
* vendor latest c/common
* fix(deps): update module github.com/nxadm/tail to v1.4.11
* Check for image with /libpod/containers/create
* container: always check if mountpoint is mounted
* fix(deps): update module github.com/onsi/ginkgo/v2 to v2.13.0
* vendor: update c/storage
* api: drop debug statement
* Quadlet - add support for global arguments
* Add system test
* fix(deps): update module golang.org/x/tools to v0.14.0
* Don't ignore containerfiles outside of build context
* fix(deps): update github.com/containers/libhvee digest to fcf1cc2
* fix(deps): update module golang.org/x/term to v0.13.0
* Update module golang.org/x/sys to v0.13.0
* [CI:DOCS] Add updating version on podman.io to release process
* containers.conf: add `privileged` field to containers table
* Implement secrets/credential scanning
* Cirrus: Execute Windows podman-machine e2e tests
* vendor: bump c/storage
* Update module golang.org/x/sync to v0.4.0
* [CI:DOCS] update swagger version on docs.podman.io
* Create Qemu command wrapper
* Adjust to path name change for resolved unit
* Revert 'Fix WSL systemd detection'
* [CI:BUILD] rpm/copr: gvforwarder recommends for RHEL
* [CI:DOCS] update kube play delete endpoint docs
* [CI:DOCS] Remove dead link from README
* test/system: --env-file test fixes
* Revert 'feat(env): support multiline in env-file'
* Revert 'docs(env-file): improve document description'
* Revert 'fix(env): parsing --env incorrect in cli'
* Filter health_check and exec events for logging in console
* inspect: ignore ENOENT during device lookup
* test, manifest: test push retry
* Fix locale issues with WSL version detection
* vendor: update module github.com/docker/distribution to v2.8.3+incompatible
* vendor: bump c/common to v0.56.1-0.20231002091908-745eaa498509
* Update github.com/containers/libhvee digest to e9b1811
* windows: Use prebuilt gvproxy/win-sshproxy binaries
* Volume create - fast exit when ignore is set and volume exists
* Update golang.org/x/exp digest to 9212866
* Update github.com/opencontainers/runtime-spec digest to c0e9043
* remove selinux tag as not needed anymore
* [skip-ci] Improve podmansh(1)
* Build applehv for Intel Macs
* Revert 'GHA Workflow: Faster discussion-locking'
* update vfkit vendored code
* Add DefaultMode to kube play
* Fix broken podman images filters
* Remove `c.ExtraFiles` line in machine
* podman: run --replace prints only the new container id
* New machines should show Never as LastUp
* podman machine: disable zincati update service
* Revert 'cirrus setup: install en_US.UTF-8 locale'
* Cirrus: CI VM images w/ newer automation-library
* CI VMs: bump to f39 + f38
* [CI:DOCS] Update podman load doc
* Update mac installer to latest gvproxy release
* Fix WSL systemd detection
* Add documentation for the vrf option on netavark
* fix(deps): update github.com/containers/common digest to 9342cdd
* fix: typos in links, path and code example
* e2e: ExitCleanly(): manual special cases
* e2e: ExitCleanly(): the final fron^Wcommit
* [CI:DOCS] Add win-sshproxy target to winmake
* wsl: enable machine init tests
* Update docs/source/markdown/options/rdt-class.md
* move IntelRdtClosID to HostConfig
* use default when user does not provide rdt-class
* Add documentation for Intel RDT support
* Add test for Intel RDT support
* Add Intel RDT support
* [CI:DOCS] Fix podman form update --help examples
* Quadlet container mount - support non key=val options
* test/e2e: default to netavark
* [skip-ci] Update dawidd6/action-send-mail action to v3.9.0
* fix(deps): update module github.com/containers/gvisor-tap-vsock to v0.7.1
* fix(deps): update github.com/containers/common digest to 4619314
* applehv: enable machine tests for start
* applehv: machine tests for stop and rm
* Update machine tests README
* Add podman socket info to machine inspect
* Fix podman machine info test for hyperV
* libpod: pass entire environment to conmon
* e2e: ExitCleanly(): manual fixes to get tests working
* e2e: ExitCleanly(): a few more
* FCOS+podman-next: correct GHA conditional syntax
* pkg/machine/e2e: wsl stop
* wsl: machine tests for inspect
* wsl: machine tests for ssh
* fix(deps): update github.com/containers/common digest to e18cda8
* wsl: machine start test
* wsl machine tests: set
* wsl: machine tests
* Skip proxy test for hyperV
* Enable machine e2e test for applehv
* hyperV: Respect rootful option on machine init
* [CI:BUILD] FCOS image: enable nightly build
* e2e: use safe fedora-minimal image
* hyperv: machine e2e tests for set command
* podman build: correct default pull policy
* fix handling of static/volume dir
* unbreak CI: useradd not found
* hyperv: set more realistic starting state
* hyperv: use StopWithForce with remove
* Fix all ports exposed by kube play
* Fix setting timezone on HyperV
* fix(deps): update github.com/containers/gvisor-tap-vsock digest to 97028a6
* Fix farm update to check for connections
* Adjust machine CPU tests
* Bump version on main
* [CI:BUILD] Packit: show SHORT_SHA in `podman --version` for COPR builds
* Vendor c/common
* pod rm: do not log error if anonymous volume is still used
* e2e: ExitCleanly(): manual fixes to get tests passing
* e2e: ExitCleanly(): a few more
* fixes for pkg/machine/e2e on hyperv
* test: fix rootless propagation test
* [CI:BUILD] packit: tag @containers/packit-build team on copr build failures
* Enable disk resizing for applehv
* Various updates for hyperv and machine e2e tests
* test: update fedoraMinimal version
* specgen, rootless: fix mount of cgroup without a netns
* Automatically remove anonymous volumes when removing a container
* Use ActiveServiceDestination in ssh remoteConnectionUsername
* fix(deps): update github.com/containers/gvisor-tap-vsock digest to 9298405
* e2e: ExitCleanly(): generate_kube_test.go
* e2e: generate kube -> kube generate
* e2e: ExitCleanly(): generate_kube_test.go
* windows cannot 'do' extra files
* e2e: ExitCleanly(): Fixes for breaking tests
* play kube -> kube play
* e2e: ExitCleanly(): play_kube_test.go
* introduce pkg/strongunits
* Makefile equiv Powershell script
* pass --syslog to the cleanup process
* vendor of containers/common
* fix --authfile auto-update test
* compat API: speed up network list
* Change priority for cli-flags for remotely operating Podman
* libpod: remove unused ContainerState() fucntion
* [CI:BUILD] Packit: Enable failure notifications for cockpit tests
* e2e: ExitCleanly(): more low-hanging fruit
* e2e: ExitCleanly(): more low-hanging fruit
* fix(deps): update module github.com/onsi/ginkgo/v2 to v2.12.1
* Enable machine e2e tests for WSL
* systests: tighter checks for unwanted warnings
* GHA Workflow: Faster discussion-locking
* [CI:BUILD] FCOS + podman-next image: pull in wasm
* [CI:BUILD] rpm: remove gvproxy subpackage
* [CI:DOCS] Tweak podman to Podman in a few farm man pages
* Docs on sig-proxy are wrong, we support TTY
* e2e: ExitCleanly(): low-hanging fruit, part 2
* e2e: ExitCleanly(): low-hanging fruit, part 1
* Buildtag out unix commands for common OS files
* systests: clean up after tests; fix missing path in logs
* [CI:BUILD] followup PR for fcos with podman-next
* Implement gvproxy networking using cmdline wrapper
* fix, test: rmi should work with images w/o layers
* vendor: bump c/common to v0.56.1-0.20230919073449-d1d9d38d8282
* Quadlet Image test - rearrange test function
* e2e: continuing ExitCleanly() work: manual tweaks
* e2e: continuing ExitCleanly() work
* [CI:DOCS] Improve podman-tag man page
* [CI:DOCS] Improve podman-build man page
* [CI:DOCS] Include precheck to release process
* [CI:DOCS] consistentize filter options in man pages
* Quadlet - add support for .image units
* --env-host: use default from containers.conf
* error when --module is specified on the command level
* man page crossrefs: add --filter autocompletes
* Fix specification of unix:///run
* Add label! filter and tests to containers and pods
* Add test for legacy address without two slashes
* Use url with scheme and path for the unix address
- Use crun only on selected archs
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:459-1
Released: Tue Feb 13 15:28:56 2024
Summary: Security update for runc
Type: security
Severity: important
References: 1218894,CVE-2024-21626
This update for runc fixes the following issues:
- Update to runc v1.1.12 (bsc#1218894)
The following CVE was already fixed with the previous release.
- CVE-2024-21626: Fixed container breakout.
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:527-1
Released: Mon Feb 19 10:03:27 2024
Summary: Recommended update for conmon
Type: recommended
Severity: moderate
References: 1215806,1217773
This update for conmon fixes the following issues:
- New upstream release 2.1.10
Bug fixes:
* Fix incorrect free in conn_sock
* logging: Respect log-size-max immediately after open
- New upstream release 2.1.9
Bug fixes:
* fix some issues flagged by SAST scan
* src: fix write after end of buffer
* src: open all files with O_CLOEXEC
* oom-score: restore oom score before running exit command
Features:
* Forward more messages on the sd-notify socket
* logging: -l passthrough accepts TTYs
* [bsc#1215806]
Update to version 2.1.8:
* stdio: ignore EIO for terminals (bsc#1217773)
* ensure console socket buffers are properly sized
* conmon: drop return after pexit()
* ctrl: make accept4 failures fatal
* logging: avoid opening /dev/null for each write
* oom: restore old OOM score
* Use default umask 0022
* cli: log parsing errors to stderr
* Changes to build conmon for riscv64
* Changes to build conmon for ppc64le
* Fix close_other_fds on FreeBSD
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:549-1
Released: Tue Feb 20 17:05:52 2024
Summary: Security update for openssl-1_1
Type: security
Severity: moderate
References: 1219243,CVE-2024-0727
This update for openssl-1_1 fixes the following issues:
- CVE-2024-0727: Denial of service when processing a maliciously formatted PKCS12 file (bsc#1219243).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:555-1
Released: Tue Feb 20 17:22:17 2024
Summary: Security update for libxml2
Type: security
Severity: moderate
References: 1219576,CVE-2024-25062
This update for libxml2 fixes the following issues:
- CVE-2024-25062: Fixed use-after-free in XMLReader (bsc#1219576).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:596-1
Released: Thu Feb 22 20:05:29 2024
Summary: Security update for openssh
Type: security
Severity: important
References: 1218215,CVE-2023-51385
This update for openssh fixes the following issues:
- CVE-2023-51385: Limit the use of shell metacharacters in host- and
user names to avoid command injection. (bsc#1218215)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:597-1
Released: Thu Feb 22 20:07:11 2024
Summary: Security update for mozilla-nss
Type: security
Severity: important
References: 1216198,CVE-2023-5388
This update for mozilla-nss fixes the following issues:
Update to NSS 3.90.2:
- CVE-2023-5388: Fixed timing attack against RSA decryption in TLS (bsc#1216198)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:614-1
Released: Mon Feb 26 11:31:18 2024
Summary: Recommended update for rpm
Type: recommended
Severity: important
References: 1216752
This update for rpm fixes the following issues:
- backport lua support for rpm.execute to ease migrating from SLE Micro 5.5 to 6.0 (bsc#1216752)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:615-1
Released: Mon Feb 26 11:32:32 2024
Summary: Recommended update for netcfg
Type: recommended
Severity: moderate
References: 1211886
This update for netcfg fixes the following issues:
- Add krb-prop entry (bsc#1211886)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:637-1
Released: Tue Feb 27 10:06:55 2024
Summary: Recommended update for duktape
Type: recommended
Severity: moderate
References:
This update for duktape fixes the following issues:
- Ship libduktape206-32bit: needed by libproxy since version 0.5.
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:764-1
Released: Tue Mar 5 13:46:25 2024
Summary: Security update for wpa_supplicant
Type: security
Severity: important
References: 1219975,CVE-2023-52160
This update for wpa_supplicant fixes the following issues:
- CVE-2023-52160: Bypassing WiFi Authentication (bsc#1219975).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:766-1
Released: Tue Mar 5 13:50:28 2024
Summary: Recommended update for libssh
Type: recommended
Severity: important
References: 1220385
This update for libssh fixes the following issues:
- Fix regression parsing IPv6 addresses provided as hostname (bsc#1220385)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:792-1
Released: Thu Mar 7 09:55:23 2024
Summary: Recommended update for timezone
Type: recommended
Severity: moderate
References:
This update for timezone fixes the following issues:
- Update to version 2024a
- Kazakhstan unifies on UTC+5
- Palestine springs forward a week later than previously predicted in 2024 and 2025
- Asia/Ho_Chi_Minh's 1955-07-01 transition occurred at 01:00 not 00:00
- From 1947 through 1949, Toronto's transitions occurred at 02:00 not 00:00
- In 1911 Miquelon adopted standard time on June 15, not May 15
- The FROM and TO columns of Rule lines can no longer be 'minimum'
- localtime no longer mishandle some timestamps
- strftime %s now uses tm_gmtoff if available
- Ittoqqortoormiit, Greenland changes time zones on 2024-03-31
- Vostok, Antarctica changed time zones on 2023-12-18
- Casey, Antarctica changed time zones five times since 2020
- Code and data fixes for Palestine timestamps starting in 2072
- A new data file zonenow.tab for timestamps starting now
- Much of Greenland changed its standard time from -03 to -02 on 2023-03-25
- localtime.c no longer mishandles TZif files that contain a single transition into a DST regime
- tzselect no longer creates temporary files
- tzselect no longer mishandles the following:
* Spaces and most other special characters in BUGEMAIL, PACKAGE, TZDIR, and VERSION.
* TZ strings when using mawk 1.4.3, which mishandles regular expressions of the form /X{2,}/
* ISO 6709 coordinates when using an awk that lacks the GNU extension of newlines in -v option-arguments
* Non UTF-8 locales when using an iconv command that lacks the GNU //TRANSLIT extension
* zic no longer mishandles data for Palestine after the year 2075
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:794-1
Released: Thu Mar 7 10:33:17 2024
Summary: Security update for sudo
Type: security
Severity: important
References: 1219026,1220389,CVE-2023-42465
This update for sudo fixes the following issues:
- CVE-2023-42465: Try to make sudo less vulnerable to ROWHAMMER attacks (bsc#1219026).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:305-1
Released: Mon Mar 11 14:15:37 2024
Summary: Security update for cpio
Type: security
Severity: moderate
References: 1218571,1219238,CVE-2023-7207
This update for cpio fixes the following issues:
- Fixed cpio not extracting correctly when using --no-absolute-filenames option the security fix for CVE-2023-7207 (bsc#1218571, bsc#1219238)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:846-1
Released: Tue Mar 12 13:31:27 2024
Summary: Recommended update for selinux-policy
Type: recommended
Severity: moderate
References: 1220361
This update for selinux-policy fixes the following issues:
* Don't audit getty and plymouth the checkpoint_restore capability (bsc#1220361)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:861-1
Released: Wed Mar 13 09:12:30 2024
Summary: Recommended update for aaa_base
Type: recommended
Severity: moderate
References: 1218232
This update for aaa_base fixes the following issues:
- Silence the output in the case of broken symlinks (bsc#1218232)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:870-1
Released: Wed Mar 13 13:05:14 2024
Summary: Security update for glibc
Type: security
Severity: moderate
References: 1217445,1217589,1218866
This update for glibc fixes the following issues:
Security issues fixed:
- qsort: harden handling of degenerated / non transient compare function (bsc#1218866)
Other issues fixed:
- getaddrinfo: translate ENOMEM to EAI_MEMORY (bsc#1217589, BZ #31163)
- aarch64: correct CFI in rawmemchr (bsc#1217445, BZ #31113)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:876-1
Released: Wed Mar 13 15:45:34 2024
Summary: Security update for sudo
Type: security
Severity: important
References: 1221134,1221151,CVE-2023-42465
This update for sudo fixes the following issues:
- CVE-2023-42465: Fixed issues introduced by first patches (bsc#1221151, bsc#1221134).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:903-1
Released: Fri Mar 15 06:57:36 2024
Summary: Recommended update for systemd-presets-common-SUSE
Type: recommended
Severity: moderate
References: 1200731
This update for systemd-presets-common-SUSE fixes the following issues:
- Split hcn-init.service to hcn-init-NetworkManager and hcn-init-wicked (bsc#1200731)
- Support both the old and new service to avoid complex version interdependency
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:907-1
Released: Fri Mar 15 08:57:38 2024
Summary: Recommended update for audit
Type: recommended
Severity: moderate
References: 1215377
This update for audit fixes the following issue:
- Fix plugin termination when using systemd service units (bsc#1215377)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:929-1
Released: Tue Mar 19 06:36:24 2024
Summary: Recommended update for coreutils
Type: recommended
Severity: moderate
References: 1219321
This update for coreutils fixes the following issues:
- tail: fix tailing sysfs files where PAGE_SIZE > BUFSIZ (bsc#1219321)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:980-1
Released: Mon Mar 25 06:18:28 2024
Summary: Recommended update for pam-config
Type: recommended
Severity: moderate
References: 1219767
This update for pam-config fixes the following issues:
- Fix pam_gnome_keyring module for AUTH (bsc#1219767)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:982-1
Released: Mon Mar 25 12:56:33 2024
Summary: Recommended update for systemd-rpm-macros
Type: recommended
Severity: moderate
References: 1217964
This update for systemd-rpm-macros fixes the following issue:
- Order packages that requires systemd after systemd-sysvcompat if needed. (bsc#1217964)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:984-1
Released: Mon Mar 25 16:04:44 2024
Summary: Recommended update for runc
Type: recommended
Severity: important
References: 1192051,1221050
This update for runc fixes the following issues:
- Add upstream patch <https://github.com/opencontainers/runc/pull/4219> to
properly fix -ENOSYS stub on ppc64le. bsc#1192051 bsc#1221050
This allows running 15 SP6 containers on older distributions.
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:997-1
Released: Tue Mar 26 11:03:37 2024
Summary: Security update for krb5
Type: security
Severity: important
References: 1220770,1220771,1220772,CVE-2024-26458,CVE-2024-26461,CVE-2024-26462
This update for krb5 fixes the following issues:
- CVE-2024-26458: Fixed memory leak at /krb5/src/lib/rpc/pmap_rmt.c (bsc#1220770).
- CVE-2024-26461: Fixed memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c (bsc#1220771).
- CVE-2024-26462: Fixed memory leak at /krb5/src/kdc/ndr.c (bsc#1220772).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1007-1
Released: Wed Mar 27 10:51:42 2024
Summary: Security update for shadow
Type: security
Severity: moderate
References: 1144060,1176006,1188307,1203823,1205502,1206627,1210507,1213189,1214806,CVE-2023-29383,CVE-2023-4641
This update for shadow fixes the following issues:
- CVE-2023-29383: Fixed apparent /etc/shadow manipulation via chfn (bsc#1210507).
- CVE-2023-4641: Fixed possible password leak during passwd(1) change (bsc#1214806).
The following non-security bugs were fixed:
- bsc#1176006: Fix chage date miscalculation
- bsc#1188307: Fix passwd segfault
- bsc#1203823: Remove pam_keyinit from PAM config files
- bsc#1213189: Change lock mechanism to file locking to prevent
lock files after power interruptions
- bsc#1206627: Add --prefix support to passwd, chpasswd and chage
- bsc#1205502: useradd audit event user id field cannot be interpretedd
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1014-1
Released: Wed Mar 27 18:33:55 2024
Summary: Security update for avahi
Type: security
Severity: moderate
References: 1216594,1216598,CVE-2023-38469,CVE-2023-38471
This update for avahi fixes the following issues:
- CVE-2023-38471: Fixed reachable assertion in dbus_set_host_name (bsc#1216594).
- CVE-2023-38469: Fixed reachable assertions in avahi (bsc#1216598).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1015-1
Released: Thu Mar 28 06:08:11 2024
Summary: Recommended update for sed
Type: recommended
Severity: important
References: 1221218
This update for sed fixes the following issues:
- 'sed -i' now creates temporary files with correct umask (bsc#1221218)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1080-1
Released: Tue Apr 2 06:50:10 2024
Summary: Recommended update for xfsprogs-scrub
Type: recommended
Severity: low
References: 1190495
This update for xfsprogs-scrub fixes the following issues:
- Added missing xfsprogs-scrub to Package Hub for SLE-15-SP5 and SLE-15-SP4 (bsc#1190495)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1081-1
Released: Tue Apr 2 06:50:44 2024
Summary: Recommended update for dracut
Type: recommended
Severity: important
References: 1217083,1219841,1220485,1221675
This update for dracut fixes the following issues:
- Update to version 055+suse.382.g80b55af2:
* Fix regression with multiple `rd.break=` options (bsc#1221675)
* Do not call `strcmp` if the `value` argument is NULL (bsc#1219841)
* Correct shellcheck regression when parsing ccw args (bsc#1220485)
* Skip README for AMD microcode generation (bsc#1217083)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1091-1
Released: Tue Apr 2 12:18:46 2024
Summary: Recommended update for rpm
Type: recommended
Severity: moderate
References:
This update for rpm fixes the following issues:
- Turn on IMA/EVM file signature support, move the imaevm code that needs the
libiamevm library into a plugin, and install this plugin as part of a new
'rpm-imaevmsign' subpackage (jsc#PED-7246).
- Backport signature reserved space handling from upstream.
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1104-1
Released: Wed Apr 3 14:29:58 2024
Summary: Recommended update for docker, containerd, rootlesskit, catatonit, slirp4netns, fuse-overlayfs
Type: recommended
Severity: important
References:
This update for docker fixes the following issues:
- Overlay files are world-writable (bsc#1220339)
- Allow disabling apparmor support (some products only support SELinux)
The other packages in the update (containerd, rootlesskit, catatonit, slirp4netns, fuse-overlayfs)
are no-change rebuilds required because the corresponding binary packages were missing in a number
of repositories, thus making docker not installable on some products.
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1129-1
Released: Mon Apr 8 09:12:08 2024
Summary: Security update for expat
Type: security
Severity: important
References: 1219559,1221289,CVE-2023-52425,CVE-2024-28757
This update for expat fixes the following issues:
- CVE-2023-52425: Fixed a DoS caused by processing large tokens. (bsc#1219559)
- CVE-2024-28757: Fixed an XML Entity Expansion. (bsc#1221289)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1133-1
Released: Mon Apr 8 11:29:02 2024
Summary: Security update for ncurses
Type: security
Severity: moderate
References: 1220061,CVE-2023-45918
This update for ncurses fixes the following issues:
- CVE-2023-45918: Fixed NULL pointer dereference via corrupted xterm-256color file (bsc#1220061).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1146-1
Released: Mon Apr 8 11:34:54 2024
Summary: Security update for podman
Type: security
Severity: important
References: 1221677,CVE-2024-1753
This update for podman fixes the following issues:
- CVE-2024-1753: Fixed an issue to prevent a full container escape at build time. (bsc#1221677)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1151-1
Released: Mon Apr 8 11:36:23 2024
Summary: Security update for curl
Type: security
Severity: moderate
References: 1221665,1221667,CVE-2024-2004,CVE-2024-2398
This update for curl fixes the following issues:
- CVE-2024-2004: Fix the uUsage of disabled protocol logic. (bsc#1221665)
- CVE-2024-2398: Fix HTTP/2 push headers memory-leak. (bsc#1221667)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1167-1
Released: Mon Apr 8 15:11:11 2024
Summary: Security update for nghttp2
Type: security
Severity: important
References: 1221399,CVE-2024-28182
This update for nghttp2 fixes the following issues:
- CVE-2024-28182: Fixed denial of service via http/2 continuation frames (bsc#1221399)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1172-1
Released: Tue Apr 9 09:52:32 2024
Summary: Security update for util-linux
Type: security
Severity: important
References: 1207987,1221831,CVE-2024-28085
This update for util-linux fixes the following issues:
- CVE-2024-28085: Properly neutralize escape sequences in wall. (bsc#1221831)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1175-1
Released: Tue Apr 9 10:06:40 2024
Summary: Recommended update for multipath-tools
Type: recommended
Severity: moderate
References: 1212440,1213809,1219142,1220374
This update for multipath-tools fixes the following issues:
- Fixed activation of LVM volume groups during coldplug (bsc#1219142)
- Avoid changing SCSI timeouts in 'multipath -d' (bsc#1213809)
- Fixed dev_loss_tmo even if not set in configuration (bsc#1212440)
- Backport of upstream bug fixes (bsc#1220374):
* Avoid setting queue_if_no_path on multipath maps for which the no_path_retry timeout has expired
* Fixed memory and error handling for code using aio (marginal path code, directio path checker)
* libmultipath: fixed max_sectors_kb on adding path
* Fixed warnings reported by udevadm verify
* libmultipath: use directio checker for LIO targets
* multipathd.service: remove 'Also=multipathd.socket'
* libmultipathd: avoid parsing errors due to unsupported designators
* libmultipath: return 'pending' state when port is in transition
* multipath.rules: fixed 'smart' bug with failed valid path check
* libmpathpersist: fixed resource leak in update_map_pr()
* libmultipath: keep renames from stopping other multipath actions
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1192-1
Released: Wed Apr 10 09:14:37 2024
Summary: Security update for less
Type: security
Severity: important
References: 1219901,CVE-2022-48624
This update for less fixes the following issues:
- CVE-2022-48624: Fixed LESSCLOSE handling in less that does not quote shell metacharacters (bsc#1219901).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1201-1
Released: Thu Apr 11 10:47:59 2024
Summary: Recommended update for xfsprogs-scrub and jctools
Type: recommended
Severity: low
References: 1190495,1213418
This update for xfsprogs-scrub fixes the following issues:
- Added missing xfsprogs-scrub to Package Hub for SLE-15-SP5 (bsc#1190495)
- Added missing jctools to Package Hub for SLE-15-SP5 (bsc#1213418)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1206-1
Released: Thu Apr 11 12:56:24 2024
Summary: Recommended update for rpm
Type: recommended
Severity: moderate
References: 1222259
This update for rpm fixes the following issues:
- remove imaevmsign plugin from rpm-ndb [bsc#1222259]
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1231-1
Released: Thu Apr 11 15:20:40 2024
Summary: Recommended update for glibc
Type: recommended
Severity: moderate
References: 1220441
This update for glibc fixes the following issues:
- duplocale: protect use of global locale (bsc#1220441, BZ #23970)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1253-1
Released: Fri Apr 12 08:15:18 2024
Summary: Recommended update for gcc13
Type: recommended
Severity: moderate
References: 1210959,1214934,1217450,1217667,1218492,1219031,1219520,1220724,1221239
This update for gcc13 fixes the following issues:
- Fix unwinding for JIT code. [bsc#1221239]
- Revert libgccjit dependency change. [bsc#1220724]
- Remove crypt and crypt_r interceptors. The crypt API change in SLE15 SP3
breaks them. [bsc#1219520]
- Add support for -fmin-function-alignment. [bsc#1214934]
- Use %{_target_cpu} to determine host and build.
- Fix for building TVM. [bsc#1218492]
- Add cross-X-newlib-devel requires to newlib cross compilers.
[bsc#1219031]
- Package m2rte.so plugin in the gcc13-m2 sub-package rather than in gcc13-devel. [bsc#1210959]
- Require libstdc++6-devel-gcc13 from gcc13-m2 as m2 programs are linked against libstdc++6.
- Fixed building mariadb on i686. [bsc#1217667]
- Avoid update-alternatives dependency for accelerator crosses.
- Package tool links to llvm in cross-amdgcn-gcc13 rather than in
cross-amdgcn-newlib13-devel since that also has the dependence.
- Depend on llvmVER instead of llvm with VER equal to
%product_libs_llvm_ver where available and adjust tool discovery
accordingly. This should also properly trigger re-builds when
the patchlevel version of llvmVER changes, possibly changing
the binary names we link to. [bsc#1217450]
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1272-1
Released: Fri Apr 12 16:24:28 2024
Summary: Recommended update for elemental-operator, elemental-operator-crds-helm, elemental-operator-helm, operator-image
Type: recommended
Severity: moderate
References:
This update for elemental-operator, elemental-operator-crds-helm, elemental-operator-helm, operator-image contains the following fixes:
- Update to version 1.4.3:
* registration: allow dots in machineInventory names
* registration: decouple replacing data-labels from sanitizing strings
* registration: move sanitize code in sanitizeString()
* V1.4.x fix channel synchronization (#683)
* linter: fix copyright dates
* Make linter happy
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1287-1
Released: Mon Apr 15 15:03:40 2024
Summary: Security update for vim
Type: security
Severity: important
References: 1215005,1217316,1217320,1217321,1217324,1217326,1217329,1217330,1217432,1219581,CVE-2023-4750,CVE-2023-48231,CVE-2023-48232,CVE-2023-48233,CVE-2023-48234,CVE-2023-48235,CVE-2023-48236,CVE-2023-48237,CVE-2023-48706,CVE-2024-22667
This update for vim fixes the following issues:
Updated to version 9.1.0111, fixes the following security problems
- CVE-2023-48231: Use-After-Free in win_close() (bsc#1217316).
- CVE-2023-48232: Floating point Exception in adjust_plines_for_skipcol() (bsc#1217320).
- CVE-2023-48233: overflow with count for :s command (bsc#1217321).
- CVE-2023-48234: overflow in nv_z_get_count (bsc#1217324).
- CVE-2023-48235: overflow in ex address parsing (CVE-2023-48235).
- CVE-2023-48236: overflow in get_number (bsc#1217329).
- CVE-2023-48237: overflow in shift_line (bsc#1217330).
- CVE-2023-48706: heap-use-after-free in ex_substitute (bsc#1217432).
- CVE-2024-22667: stack-based buffer overflow in did_set_langmap function in map.c (bsc#1219581).
- CVE-2023-4750: Heap use-after-free in function bt_quickfix (bsc#1215005).
The following package changes have been done:
- glibc-2.31-150300.71.1 updated
- libuuid1-2.37.4-150500.9.6.1 updated
- libsmartcols1-2.37.4-150500.9.6.1 updated
- libgcc_s1-13.2.1+git8285-150000.1.9.1 updated
- libexpat1-2.4.4-150400.3.17.1 updated
- libblkid1-2.37.4-150500.9.6.1 updated
- libaudit1-3.0.6-150400.4.16.1 updated
- libxml2-2-2.10.3-150500.5.14.1 updated
- libopenssl1_1-1.1.1l-150500.17.25.1 updated
- libstdc++6-13.2.1+git8285-150000.1.9.1 updated
- libfdisk1-2.37.4-150500.9.6.1 updated
- libmount1-2.37.4-150500.9.6.1 updated
- krb5-1.20.1-150500.3.6.1 updated
- libncurses6-6.1-150000.5.24.1 updated
- terminfo-base-6.1-150000.5.24.1 updated
- ncurses-utils-6.1-150000.5.24.1 updated
- login_defs-4.8.1-150500.3.3.1 updated
- cpio-2.13-150400.3.6.1 updated
- coreutils-8.32-150400.9.3.1 updated
- sed-4.4-150300.13.3.1 updated
- systemd-rpm-macros-15-150000.7.39.1 updated
- systemd-presets-common-SUSE-15-150500.20.6.1 updated
- openssl-1_1-1.1.1l-150500.17.25.1 updated
- netcfg-11.6-150000.3.6.1 updated
- rpm-4.14.3-150400.59.13.1 updated
- shadow-4.8.1-150500.3.3.1 updated
- pam-config-1.1-150200.3.6.1 updated
- util-linux-2.37.4-150500.9.6.1 updated
- aaa_base-84.87+git20180409.04c9dae-150300.10.12.1 updated
- util-linux-systemd-2.37.4-150500.9.6.1 updated
- dracut-055+suse.382.g80b55af2-150500.3.18.1 updated
- libfreebl3-3.90.2-150400.3.39.1 updated
- libnghttp2-14-1.40.0-150200.17.1 updated
- libssh-config-0.9.8-150400.3.6.1 updated
- libssh4-0.9.8-150400.3.6.1 updated
- mozilla-nss-certs-3.90.2-150400.3.39.1 updated
- libcurl4-8.0.1-150400.5.44.1 updated
- mozilla-nss-3.90.2-150400.3.39.1 updated
- libsoftokn3-3.90.2-150400.3.39.1 updated
- wpa_supplicant-2.10-150500.3.3.1 updated
- elemental-register-1.4.3-150500.3.3.3 updated
- elemental-support-1.4.3-150500.3.3.3 updated
- glibc-locale-base-2.31-150300.71.1 updated
- xfsprogs-5.13.0-150400.3.7.1 updated
- conmon-2.1.10-150500.9.9.1 updated
- kpartx-0.9.4+117+suse.87f2634-150500.3.9.1 updated
- libavahi-common3-0.8-150400.7.16.1 updated
- libduktape206-2.6.0-150500.4.5.1 updated
- openssh-common-8.4p1-150300.3.30.1 updated
- runc-1.1.12-150000.64.1 updated
- sudo-1.9.12p1-150500.7.10.1 updated
- timezone-2024a-150000.75.28.1 updated
- vim-data-common-9.1.0111-150500.20.9.1 updated
- libavahi-core7-0.8-150400.7.16.1 updated
- fuse-overlayfs-1.1.2-150100.3.11.1 updated
- vim-small-9.1.0111-150500.20.9.1 updated
- less-590-150400.3.6.2 updated
- avahi-0.8-150400.7.16.1 updated
- openssh-server-8.4p1-150300.3.30.1 updated
- openssh-clients-8.4p1-150300.3.30.1 updated
- libmpath0-0.9.4+117+suse.87f2634-150500.3.9.1 updated
- multipath-tools-0.9.4+117+suse.87f2634-150500.3.9.1 updated
- selinux-policy-20230511+git15.bdc96df2-150500.3.15.1 updated
- selinux-policy-targeted-20230511+git15.bdc96df2-150500.3.15.1 updated
- openssh-8.4p1-150300.3.30.1 updated
- podman-4.8.3-150500.3.9.1 updated
- container:suse-sle-micro-base-5.5-latest-2.0.2-4.2.51 updated
- gettext-runtime-0.20.2-1.43 removed
- iproute2-5.14-150400.1.8 removed
- libtextstyle0-0.20.2-1.43 removed
More information about the sle-container-updates
mailing list