SUSE-CU-2024:5622-1: Security update of suse/hpc/warewulf4-x86_64/sle-hpc-node

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Wed Nov 13 08:20:09 UTC 2024 

SUSE Container Update Advisory: suse/hpc/warewulf4-x86_64/sle-hpc-node
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2024:5622-1
Container Tags        : suse/hpc/warewulf4-x86_64/sle-hpc-node:15.6 , suse/hpc/warewulf4-x86_64/sle-hpc-node:15.6.17.5.64 , suse/hpc/warewulf4-x86_64/sle-hpc-node:latest
Container Release     : 17.5.64
Severity              : important
Type                  : security
References            : 1220262 1229555 1229745 1230911 1231060 1232528 CVE-2023-50782
                        CVE-2024-9681 
-----------------------------------------------------------------

The container suse/hpc/warewulf4-x86_64/sle-hpc-node was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:3925-1
Released:    Wed Nov  6 11:14:28 2024
Summary:     Security update for curl
Type:        security
Severity:    moderate
References:  1232528,CVE-2024-9681
This update for curl fixes the following issues:

- CVE-2024-9681: Fixed HSTS subdomain overwrites parent cache entry (bsc#1232528)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3935-1
Released:    Thu Nov  7 06:12:39 2024
Summary:     Recommended update for wicked
Type:        recommended
Severity:    important
References:  1229555,1229745,1230911,1231060
This update for wicked fixes the following issues:

- Update to version 0.6.77
  - compat-suse: use iftype in sysctl handling (bsc#1230911) 
    - Always generate the ipv4/ipv6 <enabled>true|false</enabled> node
    - Inherit all, default and interface sysctl settings also for loopback,
      except for use_tempaddr and accept_dad
    - Consider only interface specific accept_redirects sysctl settings
    - Adopt ifsysctl(5) manual page with wicked specific behavior
  - route: fix family and destination processing (bsc#1231060)
  - man: improve wicked-config(5) file description
  - dhcp4: add ignore-rfc3927-1-6 wicked-config(5) option
  - team: set arp link watcher interval default to 1s
  - systemd: use `BindsTo=dbus.service` in favor of `Requisite=` (bsc#1229745)
  - compat-suse: fix use of deprecated `INTERFACETYPE=dummy` (bsc#1229555)
  - arp: don't set target broadcast hardware address
  - dbus: don't memcpy empty/NULL array value
  - ethtool: fix leak and free pause data in ethtool_free

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:3943-1
Released:    Thu Nov  7 11:12:00 2024
Summary:     Security update for openssl-3
Type:        security
Severity:    moderate
References:  1220262,CVE-2023-50782
This update for openssl-3 fixes the following issues:

- CVE-2023-50782: Implicit rejection in PKCS#1 v1.5 (bsc#1220262)


The following package changes have been done:

- curl-8.6.0-150600.4.12.1 updated
- libcurl4-8.6.0-150600.4.12.1 updated
- libopenssl3-3.1.4-150600.5.21.1 updated
- openssl-3-3.1.4-150600.5.21.1 updated
- wicked-service-0.6.77-150600.11.15.1 updated
- wicked-0.6.77-150600.11.15.1 updated

More information about the sle-container-updates mailing list