SUSE-IU-2024:430-1: Recommended update of suse/sle-micro/5.5

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Wed May 15 07:01:19 UTC 2024 

SUSE Image Update Advisory: suse/sle-micro/5.5
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2024:430-1
Image Tags        : suse/sle-micro/5.5:2.0.2 , suse/sle-micro/5.5:2.0.2-4.2.99 , suse/sle-micro/5.5:latest
Image Release     : 4.2.99
Severity          : moderate
Type              : recommended
References        : 1197030 1213556 1216443 
-----------------------------------------------------------------

The container suse/sle-micro/5.5 was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1623-1
Released:    Mon May 13 14:10:44 2024
Summary:     Recommended update for libcontainers-common
Type:        recommended
Severity:    moderate
References:  1197030,1213556,1216443
This update for libcontainers-common fixes the following issues:

New release 20240206:

- bump bundled c/common to 0.57.4
- bump bundled c/image to 0.29.2
- conditionally require libcontainers-sles-mounds for product(SLE-Micro) as well
  (SLE Micro 6.0 now no longer provides product(SUSE_SLE) and instead only
  provides product(SLE-Micro)), fixes bsc#1216443

New release 20231204:

-  bump c/common to 0.57.0

   * Fix specification of unix:///run
   * libimage/layer_tree: if parent is empty and a manifest list then ignore check.
   * Split up util package into pkg/password, pkg/copy, pkg/version
   * Remove ActiveDestination method to move into podman
   * Default machine CPUs to Cores/2
   * pkg/config: do NOT set StaticDir and VolumeDir
   * Implement negated label match function
   * chore: import packages only once

-  bump c/storage to 1.51.0

   * overlay, composefs: mount loop device RO
   * Run codespell on code
   * store: serialize container deletion
   * pkg/system: reduce retry timeout for EnsureRemoveAll
   * overlay, composefs: use data-only lower layers
   * store: call RecordWrite() before graphDriver Cleanup()

-  bump c/image to 5.29.0

   * Use constants and types from opencontainers/image-spec/specs-go/v1
   * progress: set Current before Refill
   * copy: fix nil pointer dereference when checking compression algorithm
   * ociarchive: Add new ArchiveFileNotFoundError

New release 20230913:

- bump c/image to 5.28.0

  * Adding IO decorator to copy progress bar
  * Ensure we close HTTP connections on all paths
  * manifest: ListUpdate add imgspecv1.Platform field
  * pkg/docker: use the same default auth path as macOS on FreeBSD
  * blob: TryReusingBlobWithOptions consider RequiredCompression if set
  * Fix tests of the ostree transport
  * helpers_test,cleanup: correct argument order
  * Make temporary names container/image specific
  * listupdate,oci: instance show read-only annotations and CompressionAlgorithmNames
  * Fix TestOCI1IndexChooseInstanc
  * Refactor data passing in c/image/copy
  * Update module github.com/sigstore/fulcio to v1.4.0
  * copy/multiple: instanceCopyCopy honor UpdateCompressionAlgorithms
  * Update vendor of containers/storage
  * copy/single: accept custom *Options and wrap arguments in copySingleImageOptions
  * Improve transport documentation
  * copy: implement instanceCopyClone for zstd compression
  * copy/multiple: priority of instanceCopyCopy must be higher than instanceCopyClone
  * Clarify where mirrors are used
  * Update x/exp/slices, and some small slice-related cleanups
  * Use consistent example domains in #2069
  * copy: add support for ForceCompressionFormat
  * storage.storageImageDestination.Commit(): leverage image options
  * Rename SKOPEO_CI_TAG to SKOPEO_CI_BRANCH
  * [CI:DOCS] Add cirrus-cron retry/monitor jobs
  * [release-5.27] Fix the branch we use for determining a git-validation starting point
  * OCI image-spec / distribution-spec v1.1 updates, first round
  * Merge release branch into main
  * BREAKING: Update for move of github.com/theupdateframework/go-tuf/encrypted
  * Update module github.com/containers/ocicrypt to v1.1.8
  * fix removal of temp file in GetBlob on Windows
  * Fix build with golangci-lint 1.54.2
  * Implement, and default to, a SQLite BlobInfoCache instead of BoltDB
  * Update dependencies of docker/docker
  * Correctly handle encryption/decryption changes in non-OCI formats

New release 20230814:

- bump c/storage to 1.48.0

  * Fix error if continueWrite/continueRead pipe open fails
  * pkg/regexp: make sure that &Regexp implements the interfaces
  * Remove use of fillGo18FileTypeBits

- bump c/image to 5.27.0

  * Don't completely silently ignore non-OCI manifests in OCI layouts

- bump c/common to 0.55.3

  * Change default image volume mode to 'nullfs' on FreeBSD
  * [v0.55][CI-DOCS] remove zstd:chunked from docs
  * libimage: harden lookup by digest
  * libimage: HasDifferentDigest: add InsecureSkipTLSVerify option

- Disable CNI related configs on ALP (bsc#1213556)

  (https://github.com/containers/podman/issues/19327)

- Resolve choice on openSUSE distributions for libcontainer-policy
  by suggesting the libcontainers-openSUSE-policy explicitly.

- Enforce BCI verification via Podman on openSUSE distributions
  using the already shipped container signing keys.
  (bsc#1197030)

The following package changes have been done:

- libcontainers-default-policy-20240206-150500.4.9.2 added
- libcontainers-sles-mounts-20240206-150500.4.9.2 updated
- libcontainers-common-20240206-150500.4.9.2 updated
- container:suse-sle-micro-base-5.5-latest-2.0.2-5.5.3 updated

More information about the sle-container-updates mailing list