SUSE-CU-2024:5389-1: Recommended update of bci/kiwi

[sle-container-updates at lists.suse.com]

SUSE Container Update Advisory: bci/kiwi
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2024:5389-1
Container Tags        : bci/kiwi:9 , bci/kiwi:9.24 , bci/kiwi:9.24.43 , bci/kiwi:9.24.43-17.2 , bci/kiwi:latest
Container Release     : 17.2
Severity              : moderate
Type                  : recommended
References            : 1226724 1226731 1226733 1227642 1227669 1227670 1227671 1230166
-----------------------------------------------------------------

The container bci/kiwi was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3846-1
Released:    Thu Oct 31 11:07:10 2024
Summary:     Recommended update for gnutls
Type:        recommended
Severity:    moderate
References:  1226724,1226731,1226733,1227642,1227669,1227670,1227671,1230166
This update for gnutls fixes the following issues:

- FIPS: Do not allow curve P-192 for signature or keypair verification [bsc#1227669]
- FIPS: Allow to perform the integrity check with the hmac provided by each library [bsc#1226724]
- FIPS: Mark gnutls_hash_fast operations as approved in SLI. [bsc#1230166]
- FIPS: Run pairwise consistency test only in FIPS mode. [bsc#1226733]
- FIPS: Use full hash+sign operations, not low level primitives in PCT test. [bsc#1226733]
- FIPS: Mark SHA1 as not allowed for signature verification in both RSA and ECDSA sigVer. [bsc#1227642]
- FIPS: Allow RSA signature verification with min of 2048 bit modulus. [bsc#1227670]
- FIPS: Remove not needed DSA in selfchecks in FIPS mode. [bsc#1227671, bsc#1226731]


The following package changes have been done:

- libgnutls30-3.8.3-150600.4.3.1 updated