SUSE-CU-2024:977-1: Security update of suse/sle-micro/5.5/toolbox
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Sat Mar 16 08:05:47 UTC 2024
SUSE Container Update Advisory: suse/sle-micro/5.5/toolbox
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2024:977-1
Container Tags : suse/sle-micro/5.5/toolbox:13.2 , suse/sle-micro/5.5/toolbox:13.2-2.2.179 , suse/sle-micro/5.5/toolbox:latest
Container Release : 2.2.179
Severity : important
Type : security
References : 1068950 1081527 1211052 1214691 1214713 1217445 1217589 1218632
1218812 1218814 1218866 1219241 1219639 1219666 1221134 1221151
CVE-2017-16829 CVE-2018-7208 CVE-2022-48064 CVE-2022-48566 CVE-2023-42465
CVE-2023-6597
-----------------------------------------------------------------
The container suse/sle-micro/5.5/toolbox was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:870-1
Released: Wed Mar 13 13:05:14 2024
Summary: Security update for glibc
Type: security
Severity: moderate
References: 1217445,1217589,1218866
This update for glibc fixes the following issues:
Security issues fixed:
- qsort: harden handling of degenerated / non transient compare function (bsc#1218866)
Other issues fixed:
- getaddrinfo: translate ENOMEM to EAI_MEMORY (bsc#1217589, BZ #31163)
- aarch64: correct CFI in rawmemchr (bsc#1217445, BZ #31113)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:876-1
Released: Wed Mar 13 15:45:34 2024
Summary: Security update for sudo
Type: security
Severity: important
References: 1221134,1221151,CVE-2023-42465
This update for sudo fixes the following issues:
- CVE-2023-42465: Fixed issues introduced by first patches (bsc#1221151, bsc#1221134).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:898-1
Released: Thu Mar 14 16:05:15 2024
Summary: Security update for gdb
Type: security
Severity: moderate
References: 1068950,1081527,1211052,CVE-2017-16829,CVE-2018-7208,CVE-2022-48064
This update for gdb fixes the following issues:
- Drop libdebuginfod1 BuildRequires/Recommends. The former isn't
needed because there's a build requirement on libdebuginfod-devel
already, which will pull the shared library. And the latter,
because it's bogus since RPM auto generated dependency will take
care of that requirement.
gdb was released in 13.2:
* This version of GDB includes the following changes and enhancements:
* Support for the following new targets has been added in both GDB and GDBserver:
* GNU/Linux/LoongArch (gdbserver) loongarch*-*-linux*
* GNU/Linux/CSKY (gdbserver) csky*-*linux*
* The Windows native target now supports target async.
* Floating-point support has now been added on LoongArch GNU/Linux.
* New commands:
* set print nibbles [on|off]
* show print nibbles
* This controls whether the 'print/t' command will display binary values in groups of four bits, known as 'nibbles'. The default is 'off'.
Various styling-related commands. See the gdb/NEWS file for more details.
Various maintenance commands. These are normally aimed at GDB experts or developers. See the gdb/NEWS file for more details.
* Python API improvements:
* New Python API for instruction disassembly.
* The new attribute 'locations' of gdb.Breakpoint returns a list of gdb.BreakpointLocation objects specifying the locations where the breakpoint is inserted into the debuggee.
* New Python type gdb.BreakpointLocation.
* New function gdb.format_address(ADDRESS, PROGSPACE, ARCHITECTURE) that formats ADDRESS as 'address '
* New function gdb.current_language that returns the name of the current language. Unlike gdb.parameter('language'), this will never return 'auto'.
* New function gdb.print_options that returns a dictionary of the prevailing print options, in the form accepted by gdb.Value.format_string.
* New method gdb.Frame.language that returns the name of the frame's language.
* gdb.Value.format_string now uses the format provided by 'print', if it is called during a 'print' or other similar operation.
* gdb.Value.format_string now accepts the 'summary' keyword. This can be used to request a shorter representation of a value, the way that 'set print frame-arguments scalars' does.
* The gdb.register_window_type method now restricts the set of acceptable window names. The first character of a window's name must start with a character in the set [a-zA-Z], every subsequent character of a window's name must be in the set [-_.a-zA-Z0-9].
* GDB/MI changes:
* MI version 1 is deprecated, and will be removed in GDB 14.
* The async record stating the stopped reason 'breakpoint-hit' now contains an optional field locno.
* Miscellaneous improvements:
* gdb now supports zstd compressed debug sections (ELFCOMPRESS_ZSTD) for ELF.
* New convenience variable $_inferior_thread_count contains the number of live threads in the current inferior.
* New convenience variables $_hit_bpnum and $_hit_locno, set to the breakpoint number and the breakpoint location number of the breakpoint last hit.
* The 'info breakpoints' now displays enabled breakpoint locations of disabled breakpoints as in the 'y-' state.
* The format of 'disassemble /r' and 'record instruction-history /r' has changed to match the layout of GNU objdump when disassembling.
* A new format '/b' has been introduce to provide the old behavior of '/r'.
* The TUI no longer styles the source and assembly code highlighted by the current position indicator by default. You can however re-enable styling using the new 'set style tui-current-position' command.
* It is now possible to use the 'document' command to document user-defined commands.
* Support for memory tag data for AArch64 MTE.
* Support Removal notices:
* DBX mode has been removed.
* Support for building against Python version 2 has been removed. It is now only possible to build GDB against Python 3.
* Support for the following commands has been removed:
* set debug aix-solib on|off
* show debug aix-solib
* set debug solib-frv on|off
* show debug solib-frv
* Use the 'set/show debug solib' commands instead.
See the NEWS file for a more complete and detailed list of what this release includes.
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:901-1
Released: Thu Mar 14 17:49:10 2024
Summary: Security update for python3
Type: security
Severity: important
References: 1214691,1219666,CVE-2022-48566,CVE-2023-6597
This update for python3 fixes the following issues:
- CVE-2023-6597: Fixed symlink bug in cleanup of tempfile.TemporaryDirectory (bsc#1219666).
- CVE-2022-48566: Make compare_digest more constant-time (bsc#1214691).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:904-1
Released: Fri Mar 15 08:42:04 2024
Summary: Recommended update for supportutils
Type: recommended
Severity: moderate
References: 1214713,1218632,1218812,1218814,1219241,1219639
This update for supportutils fixes the following issues:
- Update toversion 3.1.29
- Extended scaling for performance (bsc#1214713)
- Fixed kdumptool output error (bsc#1218632)
- Corrected podman ID errors (bsc#1218812)
- Duplicate non root podman entries removed (bsc#1218814)
- Corrected get_sles_ver for SLE Micro (bsc#1219241)
- Check nvidida-persistenced state (bsc#1219639)
The following package changes have been done:
- gdb-13.2-150400.15.14.1 updated
- glibc-locale-base-2.31-150300.68.1 updated
- glibc-locale-2.31-150300.68.1 updated
- libpython3_6m1_0-3.6.15-150300.10.57.1 updated
- python3-base-3.6.15-150300.10.57.1 updated
- sudo-1.9.12p1-150500.7.10.1 updated
- supportutils-3.1.29-150300.7.35.27.1 updated
More information about the sle-container-updates
mailing list