SUSE-CU-2024:923-1: Security update of suse/sle-micro/5.5/toolbox

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Wed Mar 13 08:04:02 UTC 2024 

SUSE Container Update Advisory: suse/sle-micro/5.5/toolbox
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2024:923-1
Container Tags        : suse/sle-micro/5.5/toolbox:12.1 , suse/sle-micro/5.5/toolbox:12.1-2.2.173 , suse/sle-micro/5.5/toolbox:latest
Container Release     : 2.2.173
Severity              : important
Type                  : security
References            : 1219026 1220389 CVE-2023-42465 
-----------------------------------------------------------------

The container suse/sle-micro/5.5/toolbox was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:792-1
Released:    Thu Mar  7 09:55:23 2024
Summary:     Recommended update for timezone
Type:        recommended
Severity:    moderate
References:  
This update for timezone fixes the following issues:

- Update to version 2024a
- Kazakhstan unifies on UTC+5
- Palestine springs forward a week later than previously predicted in 2024 and 2025
- Asia/Ho_Chi_Minh's 1955-07-01 transition occurred at 01:00 not 00:00
- From 1947 through 1949, Toronto's transitions occurred at 02:00 not 00:00
- In 1911 Miquelon adopted standard time on June 15, not May 15
- The FROM and TO columns of Rule lines can no longer be 'minimum'
- localtime no longer mishandle some timestamps
- strftime %s now uses tm_gmtoff if available
- Ittoqqortoormiit, Greenland changes time zones on 2024-03-31
- Vostok, Antarctica changed time zones on 2023-12-18
- Casey, Antarctica changed time zones five times since 2020
- Code and data fixes for Palestine timestamps starting in 2072
- A new data file zonenow.tab for timestamps starting now
- Much of Greenland changed its standard time from -03 to -02 on 2023-03-25
- localtime.c no longer mishandles TZif files that contain a single transition into a DST regime
- tzselect no longer creates temporary files
- tzselect no longer mishandles the following:
  * Spaces and most other special characters in BUGEMAIL, PACKAGE, TZDIR, and VERSION.
  * TZ strings when using mawk 1.4.3, which mishandles regular expressions of the form /X{2,}/
  * ISO 6709 coordinates when using an awk that lacks the GNU extension of newlines in -v option-arguments
  * Non UTF-8 locales when using an iconv command that lacks the GNU //TRANSLIT extension
  * zic no longer mishandles data for Palestine after the year 2075

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:794-1
Released:    Thu Mar  7 10:33:17 2024
Summary:     Security update for sudo
Type:        security
Severity:    important
References:  1219026,1220389,CVE-2023-42465
This update for sudo fixes the following issues:

- CVE-2023-42465: Try to make sudo less vulnerable to ROWHAMMER attacks (bsc#1219026).


The following package changes have been done:

- sudo-1.9.12p1-150500.7.7.1 updated
- timezone-2024a-150000.75.28.1 updated
- container:sles15-image-15.0.0-36.11.10 updated

More information about the sle-container-updates mailing list