SUSE-CU-2024:5681-1: Security update of suse/sles/15.7/cdi-uploadserver
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Fri Nov 15 08:06:37 UTC 2024
SUSE Container Update Advisory: suse/sles/15.7/cdi-uploadserver
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2024:5681-1
Container Tags : suse/sles/15.7/cdi-uploadserver:1.58.0 , suse/sles/15.7/cdi-uploadserver:1.58.0-150700.7.18 , suse/sles/15.7/cdi-uploadserver:1.58.0.28.47
Container Release : 28.47
Severity : moderate
Type : security
References : 1220262 1226724 1226731 1226733 1227642 1227669 1227670 1227671
1230166 1230972 1231833 1232528 CVE-2023-50782 CVE-2024-9681
-----------------------------------------------------------------
The container suse/sles/15.7/cdi-uploadserver was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3846-1
Released: Thu Oct 31 11:07:10 2024
Summary: Recommended update for gnutls
Type: recommended
Severity: moderate
References: 1226724,1226731,1226733,1227642,1227669,1227670,1227671,1230166
This update for gnutls fixes the following issues:
- FIPS: Do not allow curve P-192 for signature or keypair verification [bsc#1227669]
- FIPS: Allow to perform the integrity check with the hmac provided by each library [bsc#1226724]
- FIPS: Mark gnutls_hash_fast operations as approved in SLI. [bsc#1230166]
- FIPS: Run pairwise consistency test only in FIPS mode. [bsc#1226733]
- FIPS: Use full hash+sign operations, not low level primitives in PCT test. [bsc#1226733]
- FIPS: Mark SHA1 as not allowed for signature verification in both RSA and ECDSA sigVer. [bsc#1227642]
- FIPS: Allow RSA signature verification with min of 2048 bit modulus. [bsc#1227670]
- FIPS: Remove not needed DSA in selfchecks in FIPS mode. [bsc#1227671, bsc#1226731]
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3865-1
Released: Fri Nov 1 16:10:37 2024
Summary: Recommended update for gcc14
Type: recommended
Severity: moderate
References: 1231833
This update for gcc14 fixes the following issues:
- Fixed parsing timezone tzdata 2024b [gcc#116657 bsc#1231833]
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3896-1
Released: Mon Nov 4 12:08:29 2024
Summary: Recommended update for shadow
Type: recommended
Severity: moderate
References: 1230972
This update for shadow fixes the following issues:
- Add useradd warnings when requested UID is outside the default range (bsc#1230972)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:3925-1
Released: Wed Nov 6 11:14:28 2024
Summary: Security update for curl
Type: security
Severity: moderate
References: 1232528,CVE-2024-9681
This update for curl fixes the following issues:
- CVE-2024-9681: Fixed HSTS subdomain overwrites parent cache entry (bsc#1232528)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:3943-1
Released: Thu Nov 7 11:12:00 2024
Summary: Security update for openssl-3
Type: security
Severity: moderate
References: 1220262,CVE-2023-50782
This update for openssl-3 fixes the following issues:
- CVE-2023-50782: Implicit rejection in PKCS#1 v1.5 (bsc#1220262)
The following package changes have been done:
- libgcc_s1-14.2.0+git10526-150000.1.6.1 updated
- libstdc++6-14.2.0+git10526-150000.1.6.1 updated
- login_defs-4.8.1-150600.17.9.1 updated
- libopenssl3-3.1.4-150600.5.21.1 updated
- libopenssl-3-fips-provider-3.1.4-150600.5.21.1 updated
- patterns-base-fips-20200124-150700.35.1 updated
- libcurl4-8.6.0-150600.4.12.1 updated
- shadow-4.8.1-150600.17.9.1 updated
- curl-8.6.0-150600.4.12.1 updated
- libgnutls30-3.8.3-150600.4.3.1 updated
- qemu-img-9.1.1-150700.1.1 updated
- containerized-data-importer-uploadserver-1.58.0-150700.7.18 updated
- container:sles15-image-15.0.0-50.43 updated
More information about the sle-container-updates
mailing list