SUSE-CU-2024:6214-1: Security update of suse/389-ds

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Wed Dec 11 08:16:11 UTC 2024 

SUSE Container Update Advisory: suse/389-ds
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2024:6214-1
Container Tags        : suse/389-ds:2.2 , suse/389-ds:2.2-48.5 , suse/389-ds:latest
Container Release     : 48.5
Severity              : moderate
Type                  : security
References            : 1231795 1232579 1233307 1233699 CVE-2024-11168 CVE-2024-50602
-----------------------------------------------------------------

The container suse/389-ds was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:4035-1
Released:    Mon Nov 18 16:22:57 2024
Summary:     Security update for expat
Type:        security
Severity:    moderate
References:  1232579,CVE-2024-50602
This update for expat fixes the following issues:

- CVE-2024-50602: Fixed a denial of service via XML_ResumeParser (bsc#1232579).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:4045-1
Released:    Mon Nov 25 08:33:05 2024
Summary:     Recommended update for patterns-base
Type:        recommended
Severity:    moderate
References:  
This update for patterns-base fixes the following issue:

- Updated patterns-base, removing plymouth recommendation on s390x archs.
  Our certification team run into an issue (jsc#PED-10532), when they
  run bare metal installation with fully encrypted disk.
  If the whole disk is crypted, the prompt for the password is sent to
  plymouth, which is obviously showing nothing because for booting bare
  metal (LPAR) is used terminal in HMC. 

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:4193-1
Released:    Thu Dec  5 12:01:40 2024
Summary:     Security update for python3
Type:        security
Severity:    low
References:  1231795,1233307,CVE-2024-11168
This update for python3 fixes the following issues:

- CVE-2024-11168: Fixed improper validation of IPv6 and IPvFuture addresses (bsc#1233307)

Other fixes:
- Remove -IVendor/ from python-config (bsc#1231795)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:4224-1
Released:    Fri Dec  6 10:24:50 2024
Summary:     Recommended update for glibc
Type:        recommended
Severity:    moderate
References:  1233699
This update for glibc fixes the following issue:

- Remove nss-systemd from default nsswitch.conf (bsc#1233699).


The following package changes have been done:

- glibc-2.38-150600.14.17.2 updated
- patterns-base-fips-20200124-150600.32.3.2 updated
- libexpat1-2.4.4-150400.3.25.1 updated
- python3-base-3.6.15-150300.10.78.1 updated
- libpython3_6m1_0-3.6.15-150300.10.78.1 updated
- python3-3.6.15-150300.10.78.1 updated
- container:registry.suse.com-bci-bci-base-15.6-648eddfe4d6457ffc41f6a9177e39a26fd3a42ad869bc818d42d2d13dd951944-0 updated

More information about the sle-container-updates mailing list