SUSE-CU-2024:3797-1: Security update of bci/kiwi

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Sat Aug 17 07:03:48 UTC 2024 

SUSE Container Update Advisory: bci/kiwi
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2024:3797-1
Container Tags        : bci/kiwi:9 , bci/kiwi:9-9.1 , bci/kiwi:9.24 , bci/kiwi:9.24-9.1 , bci/kiwi:9.24.43 , bci/kiwi:9.24.43-9.1 , bci/kiwi:latest
Container Release     : 9.1
Severity              : important
Type                  : security
References            : 1222985 1223571 1224014 1224016 1225907 1226463 1227138 1227308
                        CVE-2024-5535 
-----------------------------------------------------------------

The container bci/kiwi was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:2912-1
Released:    Wed Aug 14 20:20:13 2024
Summary:     Recommended update for cloud-regionsrv-client
Type:        recommended
Severity:    important
References:  1222985,1223571,1224014,1224016,1227308
This update for cloud-regionsrv-client contains the following fixes:

- Update to version 10.3.0 (bsc#1227308, bsc#1222985)
  + Add support for sidecar registry
    Podman and rootless Docker support to set up the necessary
    configuration for the container engines to run as defined
  + Add running command as root through sudoers file

- Update to version 10.2.0 (bsc#1223571, bsc#1224014, bsc#1224016)
  + In addition to logging, write message to stderr when registration fails
  + Detect transactional-update system with read only setup and use
    the transactional-update command to register
  + Handle operation in a different target root directory for credentials
    checking

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:2933-1
Released:    Thu Aug 15 12:12:50 2024
Summary:     Security update for openssl-1_1
Type:        security
Severity:    moderate
References:  1225907,1226463,1227138,CVE-2024-5535
This update for openssl-1_1 fixes the following issues:

- CVE-2024-5535: Fixed a buffer overread in function SSL_select_next_proto() with an empty supported client protocols buffer (bsc#1227138)

Other fixes:
- Build with no-afalgeng. (bsc#1226463)
- Fixed C99 violations to allow the package to build with GCC 14. (bsc#1225907)


The following package changes have been done:

- libyaml-0-2-0.1.7-150000.3.2.1 added
- libopenssl1_1-1.1.1w-150600.5.6.1 updated
- python3-PyYAML-5.4.1-150300.3.3.1 updated

More information about the sle-container-updates mailing list