SUSE-CU-2024:3963-1: Security update of suse/sle-micro/5.4/toolbox

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Wed Sep 4 07:08:19 UTC 2024 

SUSE Container Update Advisory: suse/sle-micro/5.4/toolbox
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2024:3963-1
Container Tags        : suse/sle-micro/5.4/toolbox:13.2 , suse/sle-micro/5.4/toolbox:13.2-5.19.19 , suse/sle-micro/5.4/toolbox:latest
Container Release     : 5.19.19
Severity              : moderate
Type                  : security
References            : 1224044 1228535 1229339 CVE-2024-34397 CVE-2024-7264 
-----------------------------------------------------------------

The container suse/sle-micro/5.4/toolbox was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3071-1
Released:    Mon Sep  2 15:17:11 2024
Summary:     Recommended update for suse-build-key
Type:        recommended
Severity:    moderate
References:  1229339
This update for suse-build-key fixes the following issue:

- extended 2048 bit SUSE SLE 12, 15 GA-SP5 key until 2028 (bsc#1229339).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:3080-1
Released:    Mon Sep  2 16:43:54 2024
Summary:     Security update for curl
Type:        security
Severity:    moderate
References:  1228535,CVE-2024-7264
This update for curl fixes the following issues:

  - CVE-2024-7264: Fixed out-of-bounds read in ASN.1 date parser GTime2str() (bsc#1228535)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:3086-1
Released:    Tue Sep  3 08:57:32 2024
Summary:     Security update for glib2
Type:        security
Severity:    low
References:  1224044,CVE-2024-34397
This update for glib2 fixes the following issues:

- Fixed a possible use after free regression introduced by CVE-2024-34397 patch (bsc#1224044).


The following package changes have been done:

- curl-8.0.1-150400.5.47.1 updated
- libcurl4-8.0.1-150400.5.47.1 updated
- libglib-2_0-0-2.70.5-150400.3.14.1 updated
- libgmodule-2_0-0-2.70.5-150400.3.14.1 updated
- suse-build-key-12.0-150000.8.52.3 updated

More information about the sle-container-updates mailing list