SUSE-IU-2024:1979-1: Security update of suse/sl-micro/6.0/baremetal-os-container

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Sat Dec 7 08:04:25 UTC 2024 

SUSE Image Update Advisory: suse/sl-micro/6.0/baremetal-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2024:1979-1
Image Tags        : suse/sl-micro/6.0/baremetal-os-container:2.1.3 , suse/sl-micro/6.0/baremetal-os-container:2.1.3-4.23 , suse/sl-micro/6.0/baremetal-os-container:latest
Image Release     : 4.23
Severity          : moderate
Type              : security
References        : 1174414 1231833 1232579 CVE-2019-2708 CVE-2024-50602 
-----------------------------------------------------------------

The container suse/sl-micro/6.0/baremetal-os-container was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: 118
Released:    Fri Dec  6 13:37:37 2024
Summary:     Security update for libdb-4_8
Type:        security
Severity:    moderate
References:  1174414,CVE-2019-2708
This update for libdb-4_8 fixes the following issues:

CVE-2019-2708: Fixed data store execution leading to partial DoS (bsc#1174414)

Changes:

* libdb: Data store execution leads to partial DoS
* Backport the upsteam commits:

  - Fixed several possible crashes when running db_verify
    on a corrupted database. [#27864]
  - Fixed several possible hangs when running db_verify
    on a corrupted database. [#27864]
  - Added a warning message when attempting to verify a queue
    database which has many extent files. Verification will take
    a long time if there are many extent files. [#27864]


-----------------------------------------------------------------
Advisory ID: 120
Released:    Fri Dec  6 13:38:42 2024
Summary:     Security update for expat
Type:        security
Severity:    moderate
References:  1232579,CVE-2024-50602
This update for expat fixes the following issues:

- CVE-2024-50602: Fixed possible denial-of-service vulnerability inside XML_ResumeParser (bsc#1232579).

-----------------------------------------------------------------
Advisory ID: 119
Released:    Fri Dec  6 13:38:42 2024
Summary:     Recommended update for gcc13
Type:        recommended
Severity:    moderate
References:  1231833
This update for gcc13 fixes the following issues:

- Fix for parsing tzdata 2024b [gcc#116657]



The following package changes have been done:

- libgcc_s1-13.3.0+git8781-2.1 updated
- libexpat1-2.5.0-4.1 updated
- libstdc++6-13.3.0+git8781-2.1 updated
- SL-Micro-release-6.0-24.33 updated
- libdb-4_8-4.8.30-7.1 updated
- container:SL-Micro-base-container-2.1.3-4.23 updated

More information about the sle-container-updates mailing list