SUSE-CU-2024:1683-1: Security update of suse/manager/5.0/x86_64/proxy-httpd
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Wed Apr 24 09:31:26 UTC 2024
SUSE Container Update Advisory: suse/manager/5.0/x86_64/proxy-httpd
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2024:1683-1
Container Tags : suse/manager/5.0/x86_64/proxy-httpd:5.0.0-beta2 , suse/manager/5.0/x86_64/proxy-httpd:5.0.0-beta2.3.41 , suse/manager/5.0/x86_64/proxy-httpd:latest
Container Release : 3.41
Severity : important
Type : security
References : 1198533 1201817 1210959 1211886 1214169 1214691 1214934 1215377
1216296 1216541 1217450 1217667 1218232 1218492 1218952 1219031
1219321 1219520 1219559 1219666 1220061 1220724 1221239 1221289
1222109 1222259 CVE-2022-48566 CVE-2023-45918 CVE-2023-52425
CVE-2023-6597 CVE-2024-28757
-----------------------------------------------------------------
The container suse/manager/5.0/x86_64/proxy-httpd was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2761-1
Released: Mon Jul 3 15:16:44 2023
Summary: Recommended update for libjansson
Type: recommended
Severity: moderate
References: 1201817
This update for libjansson fixes the following issues:
- Update to 2.14 (bsc#1201817):
* New Features:
+ Add `json_object_getn`, `json_object_setn`, `json_object_deln`, and the
corresponding `nocheck` functions.
+ Add jansson_version_str() and jansson_version_cmp() for runtime version checking
+ Add json_object_update_new(), json_object_update_existing_new()
and json_object_update_missing_new() functions
+ Add json_object_update_recursive()
+ Add `json_pack()` format specifiers s*, o* and O* for values
that can be omitted if null
+ Add `json_error_code()` to retrieve numeric error codes
+ Enable thread safety for `json_dump()` on all systems.
Enable thread safe `json_decref()` and `json_incref()` for
modern compilers
+ Add `json_sprintf()` and `json_vsprintf()`
* Fixes:
+ Handle `sprintf` corner cases.
+ Add infinite loop check in json_deep_copy()
+ Enhance JANSSON_ATTRS macro to support earlier C standard(C89)
+ Update version detection for sphinx-build
+ Fix error message in `json_pack()` for NULL object
+ Avoid invalid memory read in `json_pack()`
+ Call va_end after va_copy in `json_vsprintf()`
+ Improve handling of formats with '?' and '*' in `json_pack()`
+ Remove inappropriate `jsonp_free()` which caused
segmentation fault in error handling
+ Fix incorrect report of success from `json_dump_file()` when
an error is returned by `fclose()`
+ Make json_equal() const-correct
+ Fix incomplete stealing of references by `json_pack()`
- Use GitHub as source URLs: Release hasn't been uploaded to digip.org.
- Add check section.
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:4453-1
Released: Wed Nov 15 14:24:58 2023
Summary: Recommended update for libjansson
Type: recommended
Severity: moderate
References: 1216541
This update for libjansson ships the missing 32bit library to the Basesystem module of 15 SP5.
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:4973-1
Released: Tue Dec 26 04:44:10 2023
Summary: Recommended update for duktape
Type: recommended
Severity: moderate
References: 1216296
This update of duktape fixes the following issue:
- duktape-devel is shipped to Basesystem module (bsc#1216296).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:615-1
Released: Mon Feb 26 11:32:32 2024
Summary: Recommended update for netcfg
Type: recommended
Severity: moderate
References: 1211886
This update for netcfg fixes the following issues:
- Add krb-prop entry (bsc#1211886)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:637-1
Released: Tue Feb 27 10:06:55 2024
Summary: Recommended update for duktape
Type: recommended
Severity: moderate
References:
This update for duktape fixes the following issues:
- Ship libduktape206-32bit: needed by libproxy since version 0.5.
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:849-1
Released: Tue Mar 12 15:38:03 2024
Summary: Recommended update for cloud-init
Type: recommended
Severity: important
References: 1198533,1214169,1218952
This update for cloud-init contains the following fixes:
- Skip tests with empty config.
- Support reboot on package update/upgrade via the cloud-init
config. (bsc#1198533, bsc#1218952, jsc#SMO-326)
- Switch build dependency to the generic distribution-release package.
- Move fdupes call back to %install. (bsc#1214169)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:861-1
Released: Wed Mar 13 09:12:30 2024
Summary: Recommended update for aaa_base
Type: recommended
Severity: moderate
References: 1218232
This update for aaa_base fixes the following issues:
- Silence the output in the case of broken symlinks (bsc#1218232)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:901-1
Released: Thu Mar 14 17:49:10 2024
Summary: Security update for python3
Type: security
Severity: important
References: 1214691,1219666,CVE-2022-48566,CVE-2023-6597
This update for python3 fixes the following issues:
- CVE-2023-6597: Fixed symlink bug in cleanup of tempfile.TemporaryDirectory (bsc#1219666).
- CVE-2022-48566: Make compare_digest more constant-time (bsc#1214691).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:907-1
Released: Fri Mar 15 08:57:38 2024
Summary: Recommended update for audit
Type: recommended
Severity: moderate
References: 1215377
This update for audit fixes the following issue:
- Fix plugin termination when using systemd service units (bsc#1215377)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:929-1
Released: Tue Mar 19 06:36:24 2024
Summary: Recommended update for coreutils
Type: recommended
Severity: moderate
References: 1219321
This update for coreutils fixes the following issues:
- tail: fix tailing sysfs files where PAGE_SIZE > BUFSIZ (bsc#1219321)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1091-1
Released: Tue Apr 2 12:18:46 2024
Summary: Recommended update for rpm
Type: recommended
Severity: moderate
References:
This update for rpm fixes the following issues:
- Turn on IMA/EVM file signature support, move the imaevm code that needs the
libiamevm library into a plugin, and install this plugin as part of a new
'rpm-imaevmsign' subpackage (jsc#PED-7246).
- Backport signature reserved space handling from upstream.
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1129-1
Released: Mon Apr 8 09:12:08 2024
Summary: Security update for expat
Type: security
Severity: important
References: 1219559,1221289,CVE-2023-52425,CVE-2024-28757
This update for expat fixes the following issues:
- CVE-2023-52425: Fixed a DoS caused by processing large tokens. (bsc#1219559)
- CVE-2024-28757: Fixed an XML Entity Expansion. (bsc#1221289)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1133-1
Released: Mon Apr 8 11:29:02 2024
Summary: Security update for ncurses
Type: security
Severity: moderate
References: 1220061,CVE-2023-45918
This update for ncurses fixes the following issues:
- CVE-2023-45918: Fixed NULL pointer dereference via corrupted xterm-256color file (bsc#1220061).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1176-1
Released: Tue Apr 9 10:43:33 2024
Summary: Recommended update for hwdata
Type: recommended
Severity: moderate
References:
This update for hwdata fixes the following issues:
- Update to 0.380
- Update pci, usb and vendor ids
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1206-1
Released: Thu Apr 11 12:56:24 2024
Summary: Recommended update for rpm
Type: recommended
Severity: moderate
References: 1222259
This update for rpm fixes the following issues:
- remove imaevmsign plugin from rpm-ndb [bsc#1222259]
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1253-1
Released: Fri Apr 12 08:15:18 2024
Summary: Recommended update for gcc13
Type: recommended
Severity: moderate
References: 1210959,1214934,1217450,1217667,1218492,1219031,1219520,1220724,1221239
This update for gcc13 fixes the following issues:
- Fix unwinding for JIT code. [bsc#1221239]
- Revert libgccjit dependency change. [bsc#1220724]
- Remove crypt and crypt_r interceptors. The crypt API change in SLE15 SP3
breaks them. [bsc#1219520]
- Add support for -fmin-function-alignment. [bsc#1214934]
- Use %{_target_cpu} to determine host and build.
- Fix for building TVM. [bsc#1218492]
- Add cross-X-newlib-devel requires to newlib cross compilers.
[bsc#1219031]
- Package m2rte.so plugin in the gcc13-m2 sub-package rather than in gcc13-devel. [bsc#1210959]
- Require libstdc++6-devel-gcc13 from gcc13-m2 as m2 programs are linked against libstdc++6.
- Fixed building mariadb on i686. [bsc#1217667]
- Avoid update-alternatives dependency for accelerator crosses.
- Package tool links to llvm in cross-amdgcn-gcc13 rather than in
cross-amdgcn-newlib13-devel since that also has the dependence.
- Depend on llvmVER instead of llvm with VER equal to
%product_libs_llvm_ver where available and adjust tool discovery
accordingly. This should also properly trigger re-builds when
the patchlevel version of llvmVER changes, possibly changing
the binary names we link to. [bsc#1217450]
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1279-1
Released: Fri Apr 12 21:35:09 2024
Summary: Recommended update for python3
Type: recommended
Severity: moderate
References: 1222109
This update for python3 fixes the following issue:
- Fix syslog making default 'ident' from sys.argv (bsc#1222109)
The following package changes have been done:
- cracklib-dict-small-2.9.11-150600.1.89 updated
- crypto-policies-20230920.570ea89-150600.1.9 updated
- libldap-data-2.4.46-150600.23.15 updated
- libsemanage-conf-3.5-150600.1.48 updated
- libssh-config-0.9.8-150600.9.1 updated
- glibc-2.38-150600.9.2 updated
- libzstd1-1.5.5-150600.1.2 updated
- libuuid1-2.39.3-150600.1.15 updated
- libsmartcols1-2.39.3-150600.1.15 updated
- libsepol2-3.5-150600.1.48 updated
- libsasl2-3-2.1.28-150600.5.2 updated
- libpcre2-8-0-10.42-150600.1.25 updated
- libnghttp2-14-1.40.0-150600.23.1 updated
- liblzma5-5.4.1-150600.1.1 updated
- liblz4-1-1.9.4-150600.1.3 updated
- libgpg-error0-1.47-150600.1.2 updated
- libfa1-1.14.1-150600.1.2 updated
- libcom_err2-1.47.0-150600.2.25 updated
- libblkid1-2.39.3-150600.1.15 updated
- libselinux1-3.5-150600.1.45 updated
- libglib-2_0-0-2.78.3-150600.1.6 updated
- libksba8-1.6.4-150600.1.2 updated
- libgcrypt20-1.10.3-150600.1.18 updated
- libfdisk1-2.39.3-150600.1.15 updated
- libmount1-2.39.3-150600.1.15 updated
- libgmodule-2_0-0-2.78.3-150600.1.6 updated
- libgcc_s1-13.2.1+git8285-150000.1.9.1 updated
- libstdc++6-13.2.1+git8285-150000.1.9.1 updated
- libncurses6-6.1-150000.5.24.1 updated
- terminfo-base-6.1-150000.5.24.1 updated
- ncurses-utils-6.1-150000.5.24.1 updated
- libduktape206-2.6.0-150500.4.5.1 added
- libexpat1-2.4.4-150400.3.17.1 updated
- libaudit1-3.0.6-150400.4.16.1 updated
- libsigc-2_0-0-2.12.1-150600.1.2 updated
- libabsl2401_0_0-20240116.1-150600.17.3 added
- libgobject-2_0-0-2.78.3-150600.1.6 updated
- libopenssl3-3.1.4-150600.2.18 updated
- libaugeas0-1.14.1-150600.1.2 updated
- libudev1-254.10-150600.1.3 updated
- libsystemd0-254.10-150600.1.3 updated
- libsemanage2-3.5-150600.1.48 updated
- libprotobuf-lite25_1_0-25.1-150600.14.1 updated
- libzck1-1.1.16-150600.9.2 updated
- libopenssl-3-fips-provider-3.1.4-150600.2.18 updated
- libldap-2_4-2-2.4.46-150600.23.15 updated
- krb5-1.20.1-150600.9.1 updated
- patterns-base-fips-20200124-150600.29.2 updated
- libssh4-0.9.8-150600.9.1 updated
- coreutils-8.32-150400.9.3.1 updated
- shared-mime-info-2.4-150600.1.2 updated
- login_defs-4.8.1-150600.15.44 updated
- libcrack2-2.9.11-150600.1.89 updated
- cracklib-2.9.11-150600.1.89 updated
- sed-4.9-150600.1.3 updated
- libcurl4-8.6.0-150600.2.1 updated
- sles-release-15.6-150600.33.2 updated
- gpg2-2.4.4-150600.1.3 updated
- libgpgme11-1.23.0-150600.1.35 updated
- shadow-4.8.1-150600.15.44 updated
- gio-branding-SLE-15-150600.33.2 updated
- libgio-2_0-0-2.78.3-150600.1.6 updated
- glib2-tools-2.78.3-150600.1.6 updated
- libpxbackend-1_0-0.5.3-150600.1.1 added
- libproxy1-0.5.3-150600.1.1 updated
- libzypp-17.31.31-150600.8.7 updated
- util-linux-2.39.3-150600.1.15 updated
- aaa_base-84.87+git20180409.04c9dae-150300.10.12.1 updated
- netcfg-11.6-150000.3.6.1 updated
- curl-8.6.0-150600.2.1 updated
- girepository-1_0-1.78.1-150600.2.2 updated
- libgirepository-1_0-1-1.78.1-150600.2.2 updated
- libapparmor1-3.1.7-150600.3.1 updated
- libjansson4-2.14-150000.3.5.1 added
- libkmod2-29-150600.11.3 updated
- pam-config-1.1-150600.14.2 updated
- release-notes-susemanager-proxy-5.0.0~beta2-150600.12.1 updated
- selinux-tools-3.5-150600.1.45 updated
- systemd-presets-common-SUSE-15-150600.25.2 updated
- xz-5.4.1-150600.1.1 updated
- zstd-1.5.5-150600.1.2 updated
- libapr-util1-1.6.1-150600.25.2 updated
- libopenssl1_1-1.1.1w-150600.2.11 updated
- policycoreutils-3.5-150600.1.42 updated
- uyuni-base-common-5.0.2-150600.1.15.1 updated
- systemd-presets-branding-SLE-15.1-150600.32.2 updated
- hwdata-0.380-150000.3.68.1 updated
- apache2-prefork-2.4.58-150600.3.1 updated
- python3-base-3.6.15-150300.10.60.1 updated
- libpython3_6m1_0-3.6.15-150300.10.60.1 updated
- systemd-254.10-150600.1.3 updated
- python3-3.6.15-150300.10.60.1 updated
- python3-rpm-4.14.3-150400.59.13.1 updated
- python3-netifaces-0.10.6-150000.3.2.1 updated
- apache2-2.4.58-150600.3.1 updated
- python3-dbus-python-1.2.16-150600.3.2 updated
- spacewalk-backend-5.0.5-150600.3.41.7 updated
- python3-spacewalk-client-tools-5.0.4-150600.3.88.11 updated
- spacewalk-client-tools-5.0.4-150600.3.88.11 updated
- container:sles15-image-15.0.0-45.12 updated
- apache2-utils-2.4.51-150600.12.2 removed
- gzip-1.10-150200.10.1 removed
- libabsl2308_0_0-20230802.1-150400.10.4.1 removed
- tar-1.34-150000.3.34.1 removed
- timezone-2023c-150000.75.23.1 removed
- which-2.21-2.20 removed
More information about the sle-container-updates
mailing list