SUSE-CU-2024:6286-1: Security update of bci/spack

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Wed Dec 11 14:23:49 UTC 2024 

SUSE Container Update Advisory: bci/spack
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2024:6286-1
Container Tags        : bci/spack:0.21 , bci/spack:0.21.3 , bci/spack:0.21.3-18.7 , bci/spack:latest
Container Release     : 18.7
Severity              : important
Type                  : security
References            : 1231463 1231463 1231795 1233282 1233307 1233699 CVE-2024-11168
                        CVE-2024-52533 
-----------------------------------------------------------------

The container bci/spack was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:4193-1
Released:    Thu Dec  5 12:01:40 2024
Summary:     Security update for python3
Type:        security
Severity:    low
References:  1231795,1233307,CVE-2024-11168
This update for python3 fixes the following issues:

- CVE-2024-11168: Fixed improper validation of IPv6 and IPvFuture addresses (bsc#1233307)

Other fixes:
- Remove -IVendor/ from python-config (bsc#1231795)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:4224-1
Released:    Fri Dec  6 10:24:50 2024
Summary:     Recommended update for glibc
Type:        recommended
Severity:    moderate
References:  1233699
This update for glibc fixes the following issue:

- Remove nss-systemd from default nsswitch.conf (bsc#1233699).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:4244-1
Released:    Fri Dec  6 14:04:39 2024
Summary:     Recommended update for shared-mime-info
Type:        recommended
Severity:    moderate
References:  1231463
This update for shared-mime-info fixes the following issue:

- Uninstall silently if update-mime-database is not present (bsc#1231463).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:4254-1
Released:    Fri Dec  6 18:03:05 2024
Summary:     Security update for glib2
Type:        security
Severity:    important
References:  1231463,1233282,CVE-2024-52533
This update for glib2 fixes the following issues:

Security issues fixed:

- CVE-2024-52533: Fix a single byte buffer overflow in set_connect_msg() (bsc#1233282).

Non-security issue fixed:

- Fix error when uninstalling packages (bsc#1231463).



The following package changes have been done:

- glibc-2.38-150600.14.17.2 updated
- libglib-2_0-0-2.78.6-150600.4.8.1 updated
- libgmodule-2_0-0-2.78.6-150600.4.8.1 updated
- libgobject-2_0-0-2.78.6-150600.4.8.1 updated
- shared-mime-info-2.4-150600.3.3.2 updated
- libpython3_6m1_0-3.6.15-150300.10.78.1 updated
- python3-base-3.6.15-150300.10.78.1 updated
- glibc-devel-2.38-150600.14.17.2 updated
- libgio-2_0-0-2.78.6-150600.4.8.1 updated
- glib2-tools-2.78.6-150600.4.8.1 updated
- container:registry.suse.com-bci-bci-base-15.6-648eddfe4d6457ffc41f6a9177e39a26fd3a42ad869bc818d42d2d13dd951944-0 updated

More information about the sle-container-updates mailing list