SUSE-CU-2024:1689-1: Security update of suse/manager/5.0/x86_64/server-hub-xmlrpc-api

Wed Apr 24 09:31:35 UTC 2024

SUSE Container Update Advisory: suse/manager/5.0/x86_64/server-hub-xmlrpc-api
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2024:1689-1
Container Tags        : suse/manager/5.0/x86_64/server-hub-xmlrpc-api:5.0.0-beta2 , suse/manager/5.0/x86_64/server-hub-xmlrpc-api:5.0.0-beta2.2.39 , suse/manager/5.0/x86_64/server-hub-xmlrpc-api:latest
Container Release     : 2.39
Severity              : important
Type                  : security
References            : 1210959 1211886 1214934 1215377 1217450 1217667 1218232 1218492
                        1219031 1219321 1219520 1219559 1220061 1220724 1221239 1221289
                        CVE-2023-45918 CVE-2023-52425 CVE-2024-28757 
-----------------------------------------------------------------

The container suse/manager/5.0/x86_64/server-hub-xmlrpc-api was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:615-1
Released:    Mon Feb 26 11:32:32 2024
Summary:     Recommended update for netcfg
Type:        recommended
Severity:    moderate
References:  1211886
This update for netcfg fixes the following issues:

- Add krb-prop entry (bsc#1211886)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:861-1
Released:    Wed Mar 13 09:12:30 2024
Summary:     Recommended update for aaa_base
Type:        recommended
Severity:    moderate
References:  1218232
This update for aaa_base fixes the following issues:

- Silence the output in the case of broken symlinks (bsc#1218232)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:907-1
Released:    Fri Mar 15 08:57:38 2024
Summary:     Recommended update for audit
Type:        recommended
Severity:    moderate
References:  1215377
This update for audit fixes the following issue:

- Fix plugin termination when using systemd service units (bsc#1215377)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:929-1
Released:    Tue Mar 19 06:36:24 2024
Summary:     Recommended update for coreutils
Type:        recommended
Severity:    moderate
References:  1219321
This update for coreutils fixes the following issues:

- tail: fix tailing sysfs files where PAGE_SIZE > BUFSIZ (bsc#1219321)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1129-1
Released:    Mon Apr  8 09:12:08 2024
Summary:     Security update for expat
Type:        security
Severity:    important
References:  1219559,1221289,CVE-2023-52425,CVE-2024-28757
This update for expat fixes the following issues:

- CVE-2023-52425: Fixed a DoS caused by processing large tokens. (bsc#1219559) 
- CVE-2024-28757: Fixed an XML Entity Expansion. (bsc#1221289)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1133-1
Released:    Mon Apr  8 11:29:02 2024
Summary:     Security update for ncurses
Type:        security
Severity:    moderate
References:  1220061,CVE-2023-45918
This update for ncurses fixes the following issues:

- CVE-2023-45918: Fixed NULL pointer dereference via corrupted xterm-256color file (bsc#1220061).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1253-1
Released:    Fri Apr 12 08:15:18 2024
Summary:     Recommended update for gcc13
Type:        recommended
Severity:    moderate
References:  1210959,1214934,1217450,1217667,1218492,1219031,1219520,1220724,1221239
This update for gcc13 fixes the following issues:

- Fix unwinding for JIT code.  [bsc#1221239] 
- Revert libgccjit dependency change.  [bsc#1220724]
- Remove crypt and crypt_r interceptors. The crypt API change in SLE15 SP3
  breaks them.  [bsc#1219520]
- Add support for -fmin-function-alignment.  [bsc#1214934]
- Use %{_target_cpu} to determine host and build.
- Fix for building TVM.  [bsc#1218492]
- Add cross-X-newlib-devel requires to newlib cross compilers.
  [bsc#1219031]
- Package m2rte.so plugin in the gcc13-m2 sub-package rather than in gcc13-devel.  [bsc#1210959]
- Require libstdc++6-devel-gcc13 from gcc13-m2 as m2 programs are linked against libstdc++6.
- Fixed building mariadb on i686.  [bsc#1217667]
- Avoid update-alternatives dependency for accelerator crosses.
- Package tool links to llvm in cross-amdgcn-gcc13 rather than in
  cross-amdgcn-newlib13-devel since that also has the dependence.
- Depend on llvmVER instead of llvm with VER equal to
  %product_libs_llvm_ver where available and adjust tool discovery
  accordingly.  This should also properly trigger re-builds when
  the patchlevel version of llvmVER changes, possibly changing
  the binary names we link to.  [bsc#1217450]

The following package changes have been done:

- cracklib-dict-small-2.9.11-150600.1.89 updated
- crypto-policies-20230920.570ea89-150600.1.9 updated
- libldap-data-2.4.46-150600.23.15 updated
- libsemanage-conf-3.5-150600.1.48 updated
- libssh-config-0.9.8-150600.9.1 updated
- glibc-2.38-150600.9.2 updated
- libzstd1-1.5.5-150600.1.2 updated
- libuuid1-2.39.3-150600.1.15 updated
- libsmartcols1-2.39.3-150600.1.15 updated
- libsepol2-3.5-150600.1.48 updated
- libsasl2-3-2.1.28-150600.5.2 updated
- libpcre2-8-0-10.42-150600.1.25 updated
- libnghttp2-14-1.40.0-150600.23.1 updated
- liblzma5-5.4.1-150600.1.1 updated
- liblz4-1-1.9.4-150600.1.3 updated
- libgpg-error0-1.47-150600.1.2 updated
- libcom_err2-1.47.0-150600.2.25 updated
- libblkid1-2.39.3-150600.1.15 updated
- libselinux1-3.5-150600.1.45 updated
- libgcrypt20-1.10.3-150600.1.18 updated
- libfdisk1-2.39.3-150600.1.15 updated
- libmount1-2.39.3-150600.1.15 updated
- libgcc_s1-13.2.1+git8285-150000.1.9.1 updated
- libstdc++6-13.2.1+git8285-150000.1.9.1 updated
- libncurses6-6.1-150000.5.24.1 updated
- terminfo-base-6.1-150000.5.24.1 updated
- ncurses-utils-6.1-150000.5.24.1 updated
- libexpat1-2.4.4-150400.3.17.1 updated
- libaudit1-3.0.6-150400.4.16.1 updated
- libopenssl3-3.1.4-150600.2.18 updated
- libudev1-254.10-150600.1.3 updated
- libsystemd0-254.10-150600.1.3 updated
- libsemanage2-3.5-150600.1.48 updated
- libopenssl-3-fips-provider-3.1.4-150600.2.18 updated
- libldap-2_4-2-2.4.46-150600.23.15 updated
- krb5-1.20.1-150600.9.1 updated
- patterns-base-fips-20200124-150600.29.2 updated
- libssh4-0.9.8-150600.9.1 updated
- coreutils-8.32-150400.9.3.1 updated
- login_defs-4.8.1-150600.15.44 updated
- libcrack2-2.9.11-150600.1.89 updated
- cracklib-2.9.11-150600.1.89 updated
- sed-4.9-150600.1.3 updated
- libcurl4-8.6.0-150600.2.1 updated
- sles-release-15.6-150600.33.2 updated
- shadow-4.8.1-150600.15.44 updated
- util-linux-2.39.3-150600.1.15 updated
- aaa_base-84.87+git20180409.04c9dae-150300.10.12.1 updated
- netcfg-11.6-150000.3.6.1 updated
- libapparmor1-3.1.7-150600.3.1 updated
- libkmod2-29-150600.11.3 updated
- librdkafka1-0.11.6-150600.14.2 updated
- pam-config-1.1-150600.14.2 updated
- systemd-presets-common-SUSE-15-150600.25.2 updated
- xz-5.4.1-150600.1.1 updated
- systemd-presets-branding-SLE-15.1-150600.32.2 updated
- systemd-254.10-150600.1.3 updated
- util-linux-systemd-2.39.3-150600.1.9 updated
- wicked-0.6.74-150600.9.1 updated
- wicked-service-0.6.74-150600.9.1 updated
- rsyslog-8.2306.0-150600.10.5 updated
- hub-xmlrpc-api-0.7-150600.1.10 updated
- container:sles15-image-15.0.0-45.12 updated
- gzip-1.10-150200.10.1 removed
- libdw1-0.185-150400.5.3.1 removed
- libelf1-0.185-150400.5.3.1 removed
- libffi7-3.2.1.git259-10.8 removed
- liblua5_3-5-5.3.6-3.6.1 removed
- libxml2-2-2.10.3-150500.5.14.1 removed
- rpm-config-SUSE-1-150400.14.3.1 removed
- tar-1.34-150000.3.34.1 removed
- timezone-2023c-150000.75.23.1 removed