SUSE-CU-2024:1682-1: Recommended update of suse/manager/4.3/proxy-ssh

[sle-container-updates at lists.suse.com]

SUSE Container Update Advisory: suse/manager/4.3/proxy-ssh
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2024:1682-1
Container Tags        : suse/manager/4.3/proxy-ssh:4.3.11 , suse/manager/4.3/proxy-ssh:4.3.11.9.39.22 , suse/manager/4.3/proxy-ssh:latest
Container Release     : 9.39.22
Severity              : moderate
Type                  : recommended
References            : 1216474 1218871 1221123 1222831 
-----------------------------------------------------------------

The container suse/manager/4.3/proxy-ssh was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1366-1
Released:    Mon Apr 22 11:04:32 2024
Summary:     Recommended update for openssh
Type:        recommended
Severity:    moderate
References:  1216474,1218871,1221123,1222831
This update for openssh fixes the following issues:

- Fix hostbased ssh login failing occasionally with 'signature
  unverified: incorrect signature' by fixing a typo in patch (bsc#1221123)
- Avoid closing IBM Z crypto devices nodes. (bsc#1218871)
- Allow usage of IBM Z crypto adapter cards in seccomp filters (bsc#1216474)

- Change the default value of UpdateHostKeys to Yes (unless
  VerifyHostKeyDNS is enabled).

  This makes ssh update the known_hosts stored keys with all published
  versions by the server (after it's authenticated with an existing
  key), which will allow to identify the server with a different key if
  the existing key is considered insecure at some point in the future
  (bsc#1222831).


The following package changes have been done:

- openssh-common-8.4p1-150300.3.37.1 updated
- openssh-fips-8.4p1-150300.3.37.1 updated
- openssh-server-8.4p1-150300.3.37.1 updated
- openssh-clients-8.4p1-150300.3.37.1 updated
- openssh-8.4p1-150300.3.37.1 updated