SUSE-CU-2024:5688-1: Security update of suse/sles/15.7/virt-launcher

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Fri Nov 15 08:07:04 UTC 2024 

SUSE Container Update Advisory: suse/sles/15.7/virt-launcher
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2024:5688-1
Container Tags        : suse/sles/15.7/virt-launcher:1.1.1 , suse/sles/15.7/virt-launcher:1.1.1-150700.9.22 , suse/sles/15.7/virt-launcher:1.1.1.34.30
Container Release     : 34.30
Severity              : moderate
Type                  : security
References            : 1220262 1226724 1226731 1226733 1227642 1227669 1227670 1227671
                        1230166 1230972 1231833 1232528 CVE-2023-50782 CVE-2024-9681
-----------------------------------------------------------------

The container suse/sles/15.7/virt-launcher was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3846-1
Released:    Thu Oct 31 11:07:10 2024
Summary:     Recommended update for gnutls
Type:        recommended
Severity:    moderate
References:  1226724,1226731,1226733,1227642,1227669,1227670,1227671,1230166
This update for gnutls fixes the following issues:

- FIPS: Do not allow curve P-192 for signature or keypair verification [bsc#1227669]
- FIPS: Allow to perform the integrity check with the hmac provided by each library [bsc#1226724]
- FIPS: Mark gnutls_hash_fast operations as approved in SLI. [bsc#1230166]
- FIPS: Run pairwise consistency test only in FIPS mode. [bsc#1226733]
- FIPS: Use full hash+sign operations, not low level primitives in PCT test. [bsc#1226733]
- FIPS: Mark SHA1 as not allowed for signature verification in both RSA and ECDSA sigVer. [bsc#1227642]
- FIPS: Allow RSA signature verification with min of 2048 bit modulus. [bsc#1227670]
- FIPS: Remove not needed DSA in selfchecks in FIPS mode. [bsc#1227671, bsc#1226731]

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3865-1
Released:    Fri Nov  1 16:10:37 2024
Summary:     Recommended update for gcc14
Type:        recommended
Severity:    moderate
References:  1231833
This update for gcc14 fixes the following issues:

- Fixed parsing timezone tzdata 2024b [gcc#116657 bsc#1231833]

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3896-1
Released:    Mon Nov  4 12:08:29 2024
Summary:     Recommended update for shadow
Type:        recommended
Severity:    moderate
References:  1230972
This update for shadow fixes the following issues:

- Add useradd warnings when requested UID is outside the default range (bsc#1230972)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:3925-1
Released:    Wed Nov  6 11:14:28 2024
Summary:     Security update for curl
Type:        security
Severity:    moderate
References:  1232528,CVE-2024-9681
This update for curl fixes the following issues:

- CVE-2024-9681: Fixed HSTS subdomain overwrites parent cache entry (bsc#1232528)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:3943-1
Released:    Thu Nov  7 11:12:00 2024
Summary:     Security update for openssl-3
Type:        security
Severity:    moderate
References:  1220262,CVE-2023-50782
This update for openssl-3 fixes the following issues:

- CVE-2023-50782: Implicit rejection in PKCS#1 v1.5 (bsc#1220262)


The following package changes have been done:

- libgcc_s1-14.2.0+git10526-150000.1.6.1 updated
- libstdc++6-14.2.0+git10526-150000.1.6.1 updated
- login_defs-4.8.1-150600.17.9.1 updated
- libopenssl3-3.1.4-150600.5.21.1 updated
- libopenssl-3-fips-provider-3.1.4-150600.5.21.1 updated
- patterns-base-fips-20200124-150700.35.1 updated
- sles-release-15.7-150700.11.2 updated
- libcurl4-8.6.0-150600.4.12.1 updated
- shadow-4.8.1-150600.17.9.1 updated
- curl-8.6.0-150600.4.12.1 updated
- kubevirt-container-disk-1.1.1-150700.9.22 updated
- qemu-accel-tcg-x86-9.1.1-150700.1.1 updated
- qemu-hw-usb-host-9.1.1-150700.1.1 updated
- qemu-ipxe-9.1.1-150700.1.1 updated
- qemu-seabios-9.1.11.16.3_3_gc13ff2cd-150700.1.1 updated
- qemu-vgabios-9.1.11.16.3_3_gc13ff2cd-150700.1.1 updated
- virtiofsd-1.12.0-150700.1.2 updated
- qemu-hw-usb-redirect-9.1.1-150700.1.1 updated
- libgnutls30-3.8.3-150600.4.3.1 updated
- xen-libs-4.19.0_04-150700.1.8 updated
- qemu-img-9.1.1-150700.1.1 updated
- gnutls-3.8.3-150600.4.3.1 updated
- kubevirt-virt-launcher-1.1.1-150700.9.22 updated
- qemu-ovmf-x86_64-202408-150700.1.1 updated
- qemu-x86-9.1.1-150700.1.1 updated
- qemu-9.1.1-150700.1.1 updated
- container:sles15-image-15.0.0-50.43 updated

More information about the sle-container-updates mailing list