SUSE-CU-2024:2283-1: Security update of suse/manager/5.0/x86_64/proxy-httpd

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Wed May 29 16:13:47 UTC 2024 

SUSE Container Update Advisory: suse/manager/5.0/x86_64/proxy-httpd
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2024:2283-1
Container Tags        : suse/manager/5.0/x86_64/proxy-httpd:5.0.0-rc , suse/manager/5.0/x86_64/proxy-httpd:5.0.0-rc.4.39 , suse/manager/5.0/x86_64/proxy-httpd:latest
Container Release     : 4.39
Severity              : moderate
Type                  : security
References            : 1189495 1191175 1215520 1218686 CVE-2021-3521 
-----------------------------------------------------------------

The container suse/manager/5.0/x86_64/proxy-httpd was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1341-1
Released:    Thu Apr 18 15:29:45 2024
Summary:     Recommended update for tftp
Type:        recommended
Severity:    moderate
References:  1215520
This update for tftp fixes the following issue:

- Allow enabling the service via `systemctl enable tftp` to create the tftp.socket symlink (bsc#1215520)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1398-1
Released:    Tue Apr 23 13:58:22 2024
Summary:     Recommended update for systemd-default-settings
Type:        recommended
Severity:    moderate
References:  
This update for systemd-default-settings fixes the following issues:

- Disable pids controller limit under user instances (jsc#SLE-10123)
- Disable controllers by default (jsc#PED-2276)
- The usage of drop-ins is now the official way for configuring systemd and its various daemons on Factory/ALP, 
  hence the early drop-ins SUSE specific 'feature' has been abandoned.
- User priority '26' for SLE-Micro
- Convert more drop-ins into early ones

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1557-1
Released:    Wed May  8 11:42:34 2024
Summary:     Security update for rpm
Type:        security
Severity:    moderate
References:  1189495,1191175,1218686,CVE-2021-3521
This update for rpm fixes the following issues:

Security fixes:
- CVE-2021-3521: Fixed missing subkey binding signature checking (bsc#1191175)

Other fixes:

- accept more signature subpackets marked as critical (bsc#1218686)
- backport limit support for the autopatch macro (bsc#1189495)


The following package changes have been done:

- cracklib-dict-small-2.9.11-150600.1.90 updated
- libldap-data-2.4.46-150600.23.21 updated
- glibc-2.38-150600.12.1 updated
- libzstd1-1.5.5-150600.1.3 updated
- libuuid1-2.39.3-150600.2.1 updated
- libsmartcols1-2.39.3-150600.2.1 updated
- libsepol2-3.5-150600.1.49 updated
- libsasl2-3-2.1.28-150600.5.3 updated
- libpcre2-8-0-10.42-150600.1.26 updated
- libnghttp2-14-1.40.0-150600.23.2 updated
- liblzma5-5.4.1-150600.1.2 updated
- liblz4-1-1.9.4-150600.1.4 updated
- libgpg-error0-1.47-150600.1.3 updated
- libfa1-1.14.1-150600.1.3 updated
- libcom_err2-1.47.0-150600.2.26 updated
- libblkid1-2.39.3-150600.2.1 updated
- libselinux1-3.5-150600.1.46 updated
- libglib-2_0-0-2.78.3-150600.2.2 updated
- libgcrypt20-1.10.3-150600.1.23 updated
- libfdisk1-2.39.3-150600.2.1 updated
- libmount1-2.39.3-150600.2.1 updated
- libgmodule-2_0-0-2.78.3-150600.2.2 updated
- libabsl2401_0_0-20240116.1-150600.17.7 updated
- libgobject-2_0-0-2.78.3-150600.2.2 updated
- libopenssl3-3.1.4-150600.3.6 updated
- libaugeas0-1.14.1-150600.1.3 updated
- libudev1-254.10-150600.2.3 updated
- libsystemd0-254.10-150600.2.3 updated
- libprotobuf-lite25_1_0-25.1-150600.14.3 updated
- libzck1-1.1.16-150600.9.3 updated
- libopenssl-3-fips-provider-3.1.4-150600.3.6 updated
- libldap-2_4-2-2.4.46-150600.23.21 updated
- krb5-1.20.1-150600.9.2 updated
- patterns-base-fips-20200124-150600.30.1 updated
- shared-mime-info-2.4-150600.1.3 updated
- login_defs-4.8.1-150600.15.45 updated
- libcrack2-2.9.11-150600.1.90 updated
- cracklib-2.9.11-150600.1.90 updated
- sed-4.9-150600.1.4 updated
- libcurl4-8.6.0-150600.2.2 updated
- sles-release-15.6-150600.37.2 updated
- libgio-2_0-0-2.78.3-150600.2.2 updated
- glib2-tools-2.78.3-150600.2.2 updated
- libpxbackend-1_0-0.5.3-150600.2.1 updated
- libproxy1-0.5.3-150600.2.2 updated
- gpg2-2.4.4-150600.1.4 updated
- libgpgme11-1.23.0-150600.1.41 updated
- libzypp-17.32.4-150600.1.2 updated
- shadow-4.8.1-150600.15.45 updated
- zypper-1.14.71-150600.8.2 updated
- util-linux-2.39.3-150600.2.1 updated
- curl-8.6.0-150600.2.2 updated
- girepository-1_0-1.78.1-150600.2.3 updated
- libgirepository-1_0-1-1.78.1-150600.2.3 updated
- libkmod2-29-150600.11.4 updated
- libyaml-0-2-0.1.7-1.17 added
- pam-config-1.1-150600.14.3 updated
- release-notes-susemanager-proxy-5.0.0~rc-150600.13.1 updated
- selinux-tools-3.5-150600.1.46 updated
- systemd-default-settings-branding-SLE-0.10-150300.3.7.1 updated
- systemd-default-settings-0.10-150300.3.7.1 updated
- xz-5.4.1-150600.1.2 updated
- zstd-1.5.5-150600.1.3 updated
- libopenssl1_1-1.1.1w-150600.3.10 updated
- libmodulemd2-2.13.0-150400.1.8 added
- systemd-presets-branding-SLE-15.1-150600.33.1 updated
- apache2-prefork-2.4.58-150600.3.2 updated
- typelib-1_0-Modulemd-2_0-2.13.0-150400.1.8 added
- policycoreutils-3.5-150600.1.50 updated
- systemd-254.10-150600.2.3 updated
- tftp-5.2-150000.5.6.2 updated
- python3-uyuni-common-libs-5.0.3-150600.1.41.1 updated
- python3-rpm-4.14.3-150400.59.16.1 updated
- apache2-2.4.58-150600.3.2 updated
- python3-libmodulemd-2.13.0-150400.1.8 added
- spacewalk-backend-5.0.6-150600.3.42.13 updated
- python3-spacewalk-client-tools-5.0.5-150600.3.89.8 updated
- spacewalk-client-tools-5.0.5-150600.3.89.8 updated
- mgr-push-5.0.2-150600.1.28.1 updated
- python3-mgr-push-5.0.2-150600.1.28.1 updated
- spacewalk-proxy-package-manager-5.0.2-150600.1.1 updated
- spacewalk-proxy-common-5.0.2-150600.1.1 updated
- spacewalk-proxy-broker-5.0.2-150600.1.1 updated
- spacewalk-proxy-redirect-5.0.2-150600.1.1 updated
- container:sles15-image-15.0.0-45.31 updated
- libnewt0_52-0.52.20-150000.7.2.3 removed
- libslang2-2.3.1a-150000.5.2.3 removed
- newt-0.52.20-150000.7.2.3 removed
- python3-newt-0.52.20-150000.7.2.3 removed

More information about the sle-container-updates mailing list