SUSE-CU-2024:6479-1: Security update of suse/sle-micro/5.4/toolbox

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Thu Dec 19 16:08:50 UTC 2024 

SUSE Container Update Advisory: suse/sle-micro/5.4/toolbox
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2024:6479-1
Container Tags        : suse/sle-micro/5.4/toolbox:13.2 , suse/sle-micro/5.4/toolbox:13.2-5.19.63 , suse/sle-micro/5.4/toolbox:latest
Container Release     : 5.19.63
Severity              : important
Type                  : security
References            : 1203617 1230272 1231610 1234068 CVE-2024-11053 
-----------------------------------------------------------------

The container suse/sle-micro/5.4/toolbox was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:4338-1
Released:    Tue Dec 17 08:18:46 2024
Summary:     Recommended update for systemd
Type:        recommended
Severity:    important
References:  1230272,1231610
This update for systemd fixes the following issues:

- core/unit: increase the NameOwnerChanged/GetNameOwner timeout to the unit's start timeout (bsc#1230272)
- core/unit: add get_timeout_start_usec in UnitVTable and define it for service
- sd-bus: make bus_add_match_full accept timeout
- udev-builtin-path_id: SAS wide ports must have num_phys > 1 (bsc#1231610)
- sd-device: add helper to read a unsigned int attribute

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:4359-1
Released:    Tue Dec 17 14:19:32 2024
Summary:     Security update for curl
Type:        security
Severity:    moderate
References:  1234068,CVE-2024-11053
This update for curl fixes the following issues:

 - CVE-2024-11053: Fixed password leak in curl used for the first host to the followed-to host under certain circumstances (bsc#1234068)


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:4378-1
Released:    Thu Dec 19 08:23:55 2024
Summary:     Recommended update for aaa_base
Type:        recommended
Severity:    moderate
References:  1203617
This update for aaa_base fixes the following issues:

- Added Midnigh Commander helpers for tcsh and bash resources (bsc#1203617)


The following package changes have been done:

- aaa_base-84.87+git20180409.04c9dae-150300.10.23.1 updated
- curl-8.0.1-150400.5.59.1 updated
- libcurl4-8.0.1-150400.5.59.1 updated
- libsystemd0-249.17-150400.8.46.1 updated
- libudev1-249.17-150400.8.46.1 updated
- libzypp-17.35.15-150400.3.101.1 updated

More information about the sle-container-updates mailing list