SUSE-CU-2024:3213-1: Security update of suse/manager/5.0/x86_64/server-migration-14-16

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Thu Jul 18 07:06:56 UTC 2024 

SUSE Container Update Advisory: suse/manager/5.0/x86_64/server-migration-14-16
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2024:3213-1
Container Tags        : suse/manager/5.0/x86_64/server-migration-14-16:5.0.0 , suse/manager/5.0/x86_64/server-migration-14-16:5.0.0.5.27 , suse/manager/5.0/x86_64/server-migration-14-16:latest
Container Release     : 5.27
Severity              : important
Type                  : security
References            : 1209627 1221482 1221632 1224038 1224038 1224051 1224051 1225551
                        CVE-2024-4317 CVE-2024-4317 CVE-2024-4741 
-----------------------------------------------------------------

The container suse/manager/5.0/x86_64/server-migration-14-16 was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1665-1
Released:    Thu May 16 08:00:09 2024
Summary:     Recommended update for coreutils
Type:        recommended
Severity:    moderate
References:  1221632
This update for coreutils fixes the following issues:

- ls: avoid triggering automounts (bsc#1221632)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1954-1
Released:    Fri Jun  7 18:01:06 2024
Summary:     Recommended update for glibc
Type:        recommended
Severity:    moderate
References:  1221482
This update for glibc fixes the following issues:

- Also include stat64 in the 32-bit libc_nonshared.a workaround
  (bsc#1221482)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:2024-1
Released:    Thu Jun 13 16:15:18 2024
Summary:     Recommended update for jitterentropy
Type:        recommended
Severity:    moderate
References:  1209627
This update for jitterentropy fixes the following issues:

- Fixed a stack corruption on s390x: [bsc#1209627]
  * Output size of the STCKE command on s390x is 16 bytes, compared
    to 8 bytes of the STCK command. Fix a stack corruption in the
    s390x version of jent_get_nstime(). Add some more detailed
    information on the STCKE command.

Updated to 3.4.1

* add FIPS 140 hints to man page
* simplify the test tool to search for optimal configurations
* fix: jent_loop_shuffle: re-add setting the time that was lost with 3.4.0
* enhancement: add ARM64 assembler code to read high-res timer
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:2059-1
Released:    Tue Jun 18 13:11:29 2024
Summary:     Security update for openssl-1_1
Type:        security
Severity:    important
References:  1225551,CVE-2024-4741
This update for openssl-1_1 fixes the following issues:

- CVE-2024-4741: Fixed a use-after-free with SSL_free_buffers. (bsc#1225551)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:2262-1
Released:    Tue Jul  2 10:04:07 2024
Summary:     Security update for postgresql14
Type:        security
Severity:    moderate
References:  1224038,1224051,CVE-2024-4317
This update for postgresql14 fixes the following issues:

- Upgrade to 14.12 (bsc#1224051):
- CVE-2024-4317: Restrict visibility of pg_stats_ext and pg_stats_ext_exprs entries to the table owner. See release notes for the steps that have to be taken to fix existing PostgreSQL instances. (bsc#1224038)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:2266-1
Released:    Tue Jul  2 10:14:58 2024
Summary:     Security update for postgresql16
Type:        security
Severity:    moderate
References:  1224038,1224051,CVE-2024-4317
This update for postgresql16 fixes the following issues:

PostgreSQL upgrade to version 16.3 (bsc#1224051):

- CVE-2024-4317: Fixed visibility restriction of pg_stats_ext and pg_stats_ext_exprs entries to the table owner (bsc#1224038).

Bug fixes:

- Fix incompatibility with LLVM 18.
- Prepare for PostgreSQL 17.
- Make sure all compilation and doc generation happens in %build.
- Require LLVM <= 17 for now, because LLVM 18 doesn't seem to work.
- Remove constraints file because improved memory usage for s390x
- Use %patch -P N instead of deprecated %patchN.

Release notes:

- https://www.postgresql.org/docs/release/16.3/


The following package changes have been done:

- perl-base-5.26.1-150300.17.17.1 updated
- coreutils-8.32-150400.9.6.1 updated
- libjitterentropy3-3.4.1-150000.1.12.1 updated
- glibc-locale-base-2.38-150600.14.5.1 updated
- libpq5-16.2-150600.16.2.1 updated
- glibc-locale-2.38-150600.14.5.1 updated
- libopenssl1_1-1.1.1w-150600.5.3.1 updated
- postgresql14-14.12-150600.16.3.1 updated
- postgresql16-16.2-150600.16.2.1 updated
- postgresql14-server-14.12-150600.16.3.1 updated
- postgresql16-server-16.2-150600.16.2.1 updated
- postgresql16-contrib-16.2-150600.16.2.1 updated
- postgresql14-contrib-14.12-150600.16.3.1 updated
- container:suse-manager-5.0-init-5.0.0-5.0.0-5.19 added
- container:suse-manager-5.0-init-5.0.0-rc-5.0.0-rc-4.58 removed

More information about the sle-container-updates mailing list