SUSE-CU-2024:6396-1: Security update of suse/sles/15.7/libguestfs-tools

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Fri Dec 13 07:38:46 UTC 2024 

SUSE Container Update Advisory: suse/sles/15.7/libguestfs-tools
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2024:6396-1
Container Tags        : suse/sles/15.7/libguestfs-tools:1.1.1 , suse/sles/15.7/libguestfs-tools:1.1.1-150700.9.29 , suse/sles/15.7/libguestfs-tools:1.1.1.28.81
Container Release     : 28.81
Severity              : important
Type                  : security
References            : 1225451 1231463 1231463 1231795 1232063 1233282 1233307 1233699
                        CVE-2024-11168 CVE-2024-52533 
-----------------------------------------------------------------

The container suse/sles/15.7/libguestfs-tools was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:4130-1
Released:    Mon Dec  2 10:56:25 2024
Summary:     Recommended update for dracut
Type:        recommended
Severity:    moderate
References:  1232063
This update for dracut fixes the following issue:

- Version update: 059+suse.543.g98d7f037
  * fix: removing systemd 59-persistent-storage-dm.rules (bsc#1232063).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:4193-1
Released:    Thu Dec  5 12:01:40 2024
Summary:     Security update for python3
Type:        security
Severity:    low
References:  1231795,1233307,CVE-2024-11168
This update for python3 fixes the following issues:

- CVE-2024-11168: Fixed improper validation of IPv6 and IPvFuture addresses (bsc#1233307)

Other fixes:
- Remove -IVendor/ from python-config (bsc#1231795)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:4200-1
Released:    Thu Dec  5 14:48:33 2024
Summary:     Recommended update for libsolv, libzypp, zypper
Type:        recommended
Severity:    moderate
References:  1225451
This update for libsolv, libzypp, zypper fixes the following issues:

- Fix replaces_installed_package using the wrong solvable id when checking the noupdate map
- Make POOL_FLAG_ADDFILEPROVIDESFILTERED behaviour more standard
- Add rpm_query_idarray query function
- Support rpm's 'orderwithrequires' dependency
- BuildCache: Don't try to retrieve missing raw metadata if no permission to write the cache (bsc#1225451)
- RepoManager: Throw RepoNoPermissionException if the user has no permission to update(write) the caches (bsc#1225451)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:4224-1
Released:    Fri Dec  6 10:24:50 2024
Summary:     Recommended update for glibc
Type:        recommended
Severity:    moderate
References:  1233699
This update for glibc fixes the following issue:

- Remove nss-systemd from default nsswitch.conf (bsc#1233699).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:4244-1
Released:    Fri Dec  6 14:04:39 2024
Summary:     Recommended update for shared-mime-info
Type:        recommended
Severity:    moderate
References:  1231463
This update for shared-mime-info fixes the following issue:

- Uninstall silently if update-mime-database is not present (bsc#1231463).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:4254-1
Released:    Fri Dec  6 18:03:05 2024
Summary:     Security update for glib2
Type:        security
Severity:    important
References:  1231463,1233282,CVE-2024-52533
This update for glib2 fixes the following issues:

Security issues fixed:

- CVE-2024-52533: Fix a single byte buffer overflow in set_connect_msg() (bsc#1233282).

Non-security issue fixed:

- Fix error when uninstalling packages (bsc#1231463).



The following package changes have been done:

- glibc-2.38-150600.14.17.2 updated
- libglib-2_0-0-2.78.6-150600.4.8.1 updated
- libgcrypt20-1.11.0-150700.2.2 updated
- libopenssl3-3.2.3-150700.1.4 updated
- libopenssl-3-fips-provider-3.2.3-150700.1.4 updated
- libsolv-tools-base-0.7.31-150600.8.7.2 updated
- sles-release-15.7-150700.14.1 updated
- libzypp-17.35.14-150600.3.32.2 updated
- zypper-1.14.78-150600.10.16.3 updated
- libguestfs-winsupport-1.54.0-150700.1.4 updated
- libgmodule-2_0-0-2.78.6-150600.4.8.1 updated
- libgobject-2_0-0-2.78.6-150600.4.8.1 updated
- libnettle8-3.10-150700.2.2 updated
- shared-mime-info-2.4-150600.3.3.2 updated
- libhogweed6-3.10-150700.2.2 updated
- python3-base-3.6.15-150300.10.78.1 updated
- libpython3_6m1_0-3.6.15-150300.10.78.1 updated
- xen-libs-4.19.0_04-150700.1.13 updated
- libgio-2_0-0-2.78.6-150600.4.8.1 updated
- glib2-tools-2.78.6-150600.4.8.1 updated
- dracut-059+suse.543.g98d7f037-150600.3.14.2 updated
- dracut-fips-059+suse.543.g98d7f037-150600.3.14.2 updated
- libguestfs0-1.54.0-150700.1.4 updated
- libguestfs-devel-1.54.0-150700.1.4 updated
- libguestfs-appliance-1.54.0-150700.1.4 updated
- libguestfs-1.54.0-150700.1.4 updated
- container:sles15-image-15.7.0-1.2 updated

More information about the sle-container-updates mailing list