SUSE-CU-2024:733-1: Security update of suse/git

[sle-container-updates at lists.suse.com]

SUSE Container Update Advisory: suse/git
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2024:733-1
Container Tags        : suse/git:2.35 , suse/git:2.35-9.1 , suse/git:latest
Container Release     : 9.1
Severity              : important
Type                  : security
References            : 1214668 1214788 1215241 1215313 1217460 1217950 1218215 CVE-2023-48795
                        CVE-2023-51385 
-----------------------------------------------------------------

The container suse/git was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:4153-1
Released:    Fri Oct 20 19:27:58 2023
Summary:     Recommended update for systemd
Type:        recommended
Severity:    moderate
References:  1215313
This update for systemd fixes the following issues:

- Fix mismatch of nss-resolve version in Package Hub (no source code changes)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:4902-1
Released:    Tue Dec 19 13:09:42 2023
Summary:     Security update for openssh
Type:        security
Severity:    important
References:  1214788,1217950,CVE-2023-48795
This update for openssh fixes the following issues:

- CVE-2023-48795: Fixed prefix truncation breaking ssh channel integrity (bsc#1217950).

the following non-security bug was fixed:

- Fix the 'no route to host' error when connecting via ProxyJump

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:214-1
Released:    Wed Jan 24 16:01:31 2024
Summary:     Recommended update for systemd
Type:        recommended
Severity:    moderate
References:  1214668,1215241,1217460
This update for systemd fixes the following issues:

- resolved: actually check authenticated flag of SOA transaction
- core/mount: Make device deps from /proc/self/mountinfo and .mount unit file exclusive
- core: Add trace logging to mount_add_device_dependencies()
- core/mount: Remove default deps from /proc/self/mountinfo when it is updated (bsc#1217460)
- core/mount: Set Mount.from_proc_self_mountinfo flag before adding default dependencies
- core: wrap some long comment
- utmp-wtmp: Handle EINTR gracefully when waiting to write to tty
- utmp-wtmp: Fix error in case isatty() fails
- homed: Handle EINTR gracefully when waiting for device node
- resolved: Handle EINTR returned from fd_wait_for_event() better
- sd-netlink: Handle EINTR from poll() gracefully, as success
- varlink: Handle EINTR gracefully when waiting for EIO via ppoll()
- stdio-bridge: Don't be bothered with EINTR
- sd-bus: Handle EINTR return from bus_poll() (bsc#1215241)
- core: Replace slice dependencies as they get added (bsc#1214668)


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:596-1
Released:    Thu Feb 22 20:05:29 2024
Summary:     Security update for openssh
Type:        security
Severity:    important
References:  1218215,CVE-2023-51385
This update for openssh fixes the following issues:

- CVE-2023-51385: Limit the use of shell metacharacters in host- and
  user names to avoid command injection. (bsc#1218215)


The following package changes have been done:

- libcbor0-0.5.0-150100.4.6.1 added
- libedit0-3.1.snap20150325-2.12 added
- libfido2-1-1.13.0-150400.5.6.1 added
- libhidapi-hidraw0-0.10.1-150300.3.2.1 added
- libudev1-249.17-150400.8.40.1 added
- openssh-clients-8.4p1-150300.3.30.1 added
- openssh-common-8.4p1-150300.3.30.1 added