SUSE-IU-2024:600-1: Security update of suse/sle-micro/5.5
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Thu Jul 4 07:01:50 UTC 2024
SUSE Image Update Advisory: suse/sle-micro/5.5
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2024:600-1
Image Tags : suse/sle-micro/5.5:2.0.4 , suse/sle-micro/5.5:2.0.4-5.5.58 , suse/sle-micro/5.5:latest
Image Release : 5.5.58
Severity : important
Type : security
References : 1224282 1225771 1227052 CVE-2024-34459 CVE-2024-5564 CVE-2024-6104
-----------------------------------------------------------------
The container suse/sle-micro/5.5 was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-OU-2024:2282-1
Released: Tue Jul 2 22:41:28 2024
Summary: Optional update for openscap, scap-security-guide
Type: optional
Severity: moderate
References:
This update for scap-security-guide and openscap provides the SCAP tooling
for SLE Micro 5.3, 5.4, 5.5.
This includes shipping openscap dependencies libxmlsec1-1 and libxmlsec1-openssl for SLE Micro.
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:2283-1
Released: Tue Jul 2 23:12:19 2024
Summary: Security update for libndp
Type: security
Severity: important
References: 1225771,CVE-2024-5564
This update for libndp fixes the following issues:
- CVE-2024-5564: Add a check on the route information option length field. (bsc#1225771)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:2286-1
Released: Wed Jul 3 08:26:16 2024
Summary: Security update for podman
Type: security
Severity: moderate
References: 1227052,CVE-2024-6104
This update for podman fixes the following issues:
- CVE-2024-6104: Fixed a potential leak of sensitive information on
HTTP log file (bsc#1227052).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:2290-1
Released: Wed Jul 3 11:35:00 2024
Summary: Security update for libxml2
Type: security
Severity: low
References: 1224282,CVE-2024-34459
This update for libxml2 fixes the following issues:
- CVE-2024-34459: Fixed buffer over-read in xmlHTMLPrintFileContext in xmllint.c (bsc#1224282).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:2291-1
Released: Wed Jul 3 12:43:47 2024
Summary: Recommended update for elemental-operator1.5, elemental-operator1.5-crds-helm, elemental-operator1.5-helm, operator-image1.5, seedimage-builder1.5
Type: recommended
Severity: moderate
References:
This update for elemental-operator1.5, elemental-operator1.5-crds-helm, elemental-operator1.5-helm, operator-image1.5, seedimage-builder1.5 contains the following fixes:
Changes in elemental-operator1.5:
- Update to version 1.5.4:
* [BACKPORT] Ensure re-sync is triggered
* [BACKPORT] operator: fix ManagedOSVersionChannel sync
Changes in elemental-operator1.5-crds-helm, elemental-operator1.5-helm,
operator-image1.5, seedimage-builder1.5:
- Update to version 1.5.4.
The following package changes have been done:
- libxml2-2-2.10.3-150500.5.17.1 updated
- libndp0-1.6-150000.3.3.1 updated
- elemental-register1.5-1.5.4-150500.1.11.1 updated
- elemental-support1.5-1.5.4-150500.1.11.1 updated
- libltdl7-2.4.6-150000.3.8.1 updated
- libprocps8-3.3.17-150000.7.39.1 updated
- procps-3.3.17-150000.7.39.1 updated
- libxmlsec1-1-1.2.37-150400.14.5.1 updated
- libxmlsec1-openssl1-1.2.37-150400.14.5.1 updated
- podman-4.9.5-150500.3.15.1 updated
- container:suse-sle-micro-base-5.5-latest-2.0.4-5.8.34 updated
More information about the sle-container-updates
mailing list