SUSE-CU-2024:2686-1: Security update of suse/manager/4.3/proxy-squid
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Fri Jun 14 07:14:00 UTC 2024
SUSE Container Update Advisory: suse/manager/4.3/proxy-squid
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2024:2686-1
Container Tags : suse/manager/4.3/proxy-squid:4.3.12 , suse/manager/4.3/proxy-squid:4.3.12.9.51.7 , suse/manager/4.3/proxy-squid:latest
Container Release : 9.51.7
Severity : important
Type : security
References : 1082216 1082233 1176006 1188307 1203823 1210959 1213638 1214934
1215377 1215496 1217000 1217445 1217450 1217589 1217667 1218475
1218492 1218866 1219031 1219243 1219321 1219520 1219576 1220061
1220441 1220724 1220770 1220771 1221218 1221239 1221632 1221940
1222548 1222992 1223423 1223424 1223425 1223596 CVE-2018-6798
CVE-2018-6913 CVE-2023-45918 CVE-2024-0727 CVE-2024-22365 CVE-2024-25062
CVE-2024-2511 CVE-2024-26458 CVE-2024-26461 CVE-2024-2961 CVE-2024-33599
CVE-2024-33600 CVE-2024-33601 CVE-2024-33602
-----------------------------------------------------------------
The container suse/manager/4.3/proxy-squid was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:62-1
Released: Mon Jan 8 11:44:47 2024
Summary: Recommended update for libxcrypt
Type: recommended
Severity: moderate
References: 1215496
This update for libxcrypt fixes the following issues:
- fix variable name for datamember [bsc#1215496]
- added patches fix https://github.com/besser82/libxcrypt/commit/b212d601549a0fc84cbbcaf21b931f903787d7e2
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:136-1
Released: Thu Jan 18 09:53:47 2024
Summary: Security update for pam
Type: security
Severity: moderate
References: 1217000,1218475,CVE-2024-22365
This update for pam fixes the following issues:
- CVE-2024-22365: Fixed a local denial of service during PAM login
due to a missing check during path manipulation (bsc#1218475).
- Check localtime_r() return value to fix crashing (bsc#1217000)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:833-1
Released: Mon Mar 11 10:31:14 2024
Summary: Security update for openssl-1_1
Type: security
Severity: moderate
References: 1219243,CVE-2024-0727
This update for openssl-1_1 fixes the following issues:
- CVE-2024-0727: Denial of service when processing a maliciously formatted PKCS12 file (bsc#1219243).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:870-1
Released: Wed Mar 13 13:05:14 2024
Summary: Security update for glibc
Type: security
Severity: moderate
References: 1217445,1217589,1218866
This update for glibc fixes the following issues:
Security issues fixed:
- qsort: harden handling of degenerated / non transient compare function (bsc#1218866)
Other issues fixed:
- getaddrinfo: translate ENOMEM to EAI_MEMORY (bsc#1217589, BZ #31163)
- aarch64: correct CFI in rawmemchr (bsc#1217445, BZ #31113)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:907-1
Released: Fri Mar 15 08:57:38 2024
Summary: Recommended update for audit
Type: recommended
Severity: moderate
References: 1215377
This update for audit fixes the following issue:
- Fix plugin termination when using systemd service units (bsc#1215377)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:914-1
Released: Mon Mar 18 06:39:03 2024
Summary: Recommended update for shadow
Type: recommended
Severity: important
References: 1176006,1188307,1203823
This update for shadow fixes the following issues:
- Fix chage date miscalculation (bsc#1176006)
- Fix passwd segfault when nsswitch.conf defines 'files compat' (bsc#1188307
- Remove pam_keyinit from PAM config files (bsc#1203823)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:929-1
Released: Tue Mar 19 06:36:24 2024
Summary: Recommended update for coreutils
Type: recommended
Severity: moderate
References: 1219321
This update for coreutils fixes the following issues:
- tail: fix tailing sysfs files where PAGE_SIZE > BUFSIZ (bsc#1219321)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1006-1
Released: Wed Mar 27 10:48:38 2024
Summary: Security update for krb5
Type: security
Severity: important
References: 1220770,1220771,CVE-2024-26458,CVE-2024-26461
This update for krb5 fixes the following issues:
- CVE-2024-26458: Fixed memory leak at /krb5/src/lib/rpc/pmap_rmt.c (bsc#1220770).
- CVE-2024-26461: Fixed memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c (bsc#1220771).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1015-1
Released: Thu Mar 28 06:08:11 2024
Summary: Recommended update for sed
Type: recommended
Severity: important
References: 1221218
This update for sed fixes the following issues:
- 'sed -i' now creates temporary files with correct umask (bsc#1221218)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1133-1
Released: Mon Apr 8 11:29:02 2024
Summary: Security update for ncurses
Type: security
Severity: moderate
References: 1220061,CVE-2023-45918
This update for ncurses fixes the following issues:
- CVE-2023-45918: Fixed NULL pointer dereference via corrupted xterm-256color file (bsc#1220061).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1231-1
Released: Thu Apr 11 15:20:40 2024
Summary: Recommended update for glibc
Type: recommended
Severity: moderate
References: 1220441
This update for glibc fixes the following issues:
- duplocale: protect use of global locale (bsc#1220441, BZ #23970)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1253-1
Released: Fri Apr 12 08:15:18 2024
Summary: Recommended update for gcc13
Type: recommended
Severity: moderate
References: 1210959,1214934,1217450,1217667,1218492,1219031,1219520,1220724,1221239
This update for gcc13 fixes the following issues:
- Fix unwinding for JIT code. [bsc#1221239]
- Revert libgccjit dependency change. [bsc#1220724]
- Remove crypt and crypt_r interceptors. The crypt API change in SLE15 SP3
breaks them. [bsc#1219520]
- Add support for -fmin-function-alignment. [bsc#1214934]
- Use %{_target_cpu} to determine host and build.
- Fix for building TVM. [bsc#1218492]
- Add cross-X-newlib-devel requires to newlib cross compilers.
[bsc#1219031]
- Package m2rte.so plugin in the gcc13-m2 sub-package rather than in gcc13-devel. [bsc#1210959]
- Require libstdc++6-devel-gcc13 from gcc13-m2 as m2 programs are linked against libstdc++6.
- Fixed building mariadb on i686. [bsc#1217667]
- Avoid update-alternatives dependency for accelerator crosses.
- Package tool links to llvm in cross-amdgcn-gcc13 rather than in
cross-amdgcn-newlib13-devel since that also has the dependence.
- Depend on llvmVER instead of llvm with VER equal to
%product_libs_llvm_ver where available and adjust tool discovery
accordingly. This should also properly trigger re-builds when
the patchlevel version of llvmVER changes, possibly changing
the binary names we link to. [bsc#1217450]
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1375-1
Released: Mon Apr 22 14:56:13 2024
Summary: Security update for glibc
Type: security
Severity: important
References: 1222992,CVE-2024-2961
This update for glibc fixes the following issues:
- iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence (CVE-2024-2961, bsc#1222992)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1485-1
Released: Thu May 2 05:33:36 2024
Summary: Recommended update for python39
Type: recommended
Severity: moderate
References:
This update for python39 fixes the following issues:
- Build python package for python311 (jsc#PED-5851) and python39 (jsc#PED-7886)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1665-1
Released: Thu May 16 08:00:09 2024
Summary: Recommended update for coreutils
Type: recommended
Severity: moderate
References: 1221632
This update for coreutils fixes the following issues:
- ls: avoid triggering automounts (bsc#1221632)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1762-1
Released: Wed May 22 16:14:17 2024
Summary: Security update for perl
Type: security
Severity: important
References: 1082216,1082233,1213638,CVE-2018-6798,CVE-2018-6913
This update for perl fixes the following issues:
Security issues fixed:
- CVE-2018-6913: Fixed space calculation issues in pp_pack.c (bsc#1082216)
- CVE-2018-6798: Fixed heap buffer overflow in regexec.c (bsc#1082233)
Non-security issue fixed:
- make Net::FTP work with TLS 1.3 (bsc#1213638)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1802-1
Released: Tue May 28 16:20:18 2024
Summary: Recommended update for e2fsprogs
Type: recommended
Severity: moderate
References: 1223596
This update for e2fsprogs fixes the following issues:
EA Inode handling fixes:
- ext2fs: avoid re-reading inode multiple times (bsc#1223596)
- e2fsck: fix potential out-of-bounds read in inc_ea_inode_refs() (bsc#1223596)
- e2fsck: add more checks for ea inode consistency (bsc#1223596)
- e2fsck: fix golden output of several tests (bsc#1223596)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1895-1
Released: Mon Jun 3 09:00:20 2024
Summary: Security update for glibc
Type: security
Severity: important
References: 1221940,1223423,1223424,1223425,CVE-2024-33599,CVE-2024-33600,CVE-2024-33601,CVE-2024-33602
This update for glibc fixes the following issues:
- CVE-2024-33599: Fixed a stack-based buffer overflow in netgroup cache in nscd (bsc#1223423)
- CVE-2024-33600: Avoid null pointer crashes after notfound response in nscd (bsc#1223424)
- CVE-2024-33600: Do not send missing not-found response in addgetnetgrentX in nscd (bsc#1223424)
- CVE-2024-33601, CVE-2024-33602: Fixed use of two buffers in addgetnetgrentX ( bsc#1223425)
- CVE-2024-33602: Use time_t for return type of addgetnetgrentX (bsc#1223425)
- Avoid creating userspace live patching prologue for _start routine (bsc#1221940)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:613-1
Released: Fri Jun 7 16:01:54 2024
Summary: Security update for libxml2
Type: security
Severity: important
References: 1219576,CVE-2024-25062
This update for libxml2 fixes the following issues:
- CVE-2024-25062: Fixed use-after-free in XMLReader (bsc#1219576).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1949-1
Released: Fri Jun 7 17:07:33 2024
Summary: Security update for openssl-1_1
Type: security
Severity: moderate
References: 1222548,CVE-2024-2511
This update for openssl-1_1 fixes the following issues:
- CVE-2024-2511: Fixed unconstrained session cache growth in TLSv1.3 (bsc#1222548).
The following package changes have been done:
- glibc-2.31-150300.83.1 updated
- libcrypt1-4.4.15-150300.4.7.1 updated
- perl-base-5.26.1-150300.17.17.1 updated
- libcom_err2-1.46.4-150400.3.6.2 updated
- libaudit1-3.0.6-150400.4.16.1 updated
- libgcc_s1-13.2.1+git8285-150000.1.9.1 updated
- libstdc++6-13.2.1+git8285-150000.1.9.1 updated
- libncurses6-6.1-150000.5.24.1 updated
- terminfo-base-6.1-150000.5.24.1 updated
- libxml2-2-2.9.14-150400.5.28.1 updated
- libopenssl1_1-1.1.1l-150400.7.66.2 updated
- libopenssl1_1-hmac-1.1.1l-150400.7.66.2 updated
- libsemanage1-3.1-150400.3.4.2 updated
- krb5-1.19.2-150400.3.9.1 updated
- login_defs-4.8.1-150400.10.15.1 updated
- coreutils-8.32-150400.9.6.1 updated
- sed-4.4-150300.13.3.1 updated
- pam-1.3.0-150000.6.66.1 updated
- shadow-4.8.1-150400.10.15.1 updated
- container:sles15-ltss-image-15.0.0-3.40 added
- container:registry.suse.com-bci-bci-base-15.4-- removed
More information about the sle-container-updates
mailing list