SUSE-IU-2024:1187-1: Security update of suse-sles-15-sp6-chost-byos-v20240905-x86_64-gen2
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Wed Sep 11 07:01:19 UTC 2024
SUSE Image Update Advisory: suse-sles-15-sp6-chost-byos-v20240905-x86_64-gen2
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2024:1187-1
Image Tags : suse-sles-15-sp6-chost-byos-v20240905-x86_64-gen2:20240905
Image Release :
Severity : critical
Type : security
References : 1027519 1159034 1194818 1194818 1214855 1218609 1219267 1219268
1219438 1220356 1220523 1220690 1220693 1220696 1221243 1221365
1221677 1221751 1221752 1221753 1221760 1221786 1221787 1221821
1221822 1221824 1221827 1221916 1222021 1222285 1222985 1223409
1223535 1223571 1224014 1224016 1224117 1225907 1226100 1226463
1227127 1227138 1227308 1227525 1228105 1228124 1228159 1228265
1228324 1228398 1228574 1228575 1228732 1228847 1228968 1229160
1229329 1229339 1229465 1229975 CVE-2024-1753 CVE-2024-23651
CVE-2024-23652 CVE-2024-23653 CVE-2024-24786 CVE-2024-28180 CVE-2024-31145
CVE-2024-31146 CVE-2024-3727 CVE-2024-41110 CVE-2024-5535 CVE-2024-6119
CVE-2024-6345
-----------------------------------------------------------------
The container suse-sles-15-sp6-chost-byos-v20240905-x86_64-gen2 was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:2869-1
Released: Fri Aug 9 15:59:29 2024
Summary: Security update for ca-certificates-mozilla
Type: security
Severity: important
References: 1220356,1227525
This update for ca-certificates-mozilla fixes the following issues:
- Updated to 2.68 state of Mozilla SSL root CAs (bsc#1227525)
- Added: FIRMAPROFESIONAL CA ROOT-A WEB
- Distrust: GLOBALTRUST 2020
- Updated to 2.66 state of Mozilla SSL root CAs (bsc#1220356)
Added:
- CommScope Public Trust ECC Root-01
- CommScope Public Trust ECC Root-02
- CommScope Public Trust RSA Root-01
- CommScope Public Trust RSA Root-02
- D-Trust SBR Root CA 1 2022
- D-Trust SBR Root CA 2 2022
- Telekom Security SMIME ECC Root 2021
- Telekom Security SMIME RSA Root 2023
- Telekom Security TLS ECC Root 2020
- Telekom Security TLS RSA Root 2023
- TrustAsia Global Root CA G3
- TrustAsia Global Root CA G4
Removed:
- Autoridad de Certificacion Firmaprofesional CIF A62634068
- Chambers of Commerce Root - 2008
- Global Chambersign Root - 2008
- Security Communication Root CA
- Symantec Class 1 Public Primary Certification Authority - G6
- Symantec Class 2 Public Primary Certification Authority - G6
- TrustCor ECA-1
- TrustCor RootCert CA-1
- TrustCor RootCert CA-2
- VeriSign Class 1 Public Primary Certification Authority - G3
- VeriSign Class 2 Public Primary Certification Authority - G3
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:2886-1
Released: Tue Aug 13 09:46:48 2024
Summary: Recommended update for dmidecode
Type: recommended
Severity: moderate
References:
This update for dmidecode fixes the following issues:
- Version update (jsc#PED-8574):
* Support for SMBIOS 3.6.0. This includes new memory device types, new
processor upgrades, and Loongarch support
* Support for SMBIOS 3.7.0. This includes new port types, new processor
upgrades, new slot characteristics and new fields for memory modules
* Add bash completion
* Decode HPE OEM records 197, 216, 224, 230, 238, 239, 242 and 245
* Implement options --list-strings and --list-types
* Update HPE OEM records 203, 212, 216, 221, 233 and 236
* Update Redfish support
* Bug fixes:
- Fix enabled slot characteristics not being printed
* Minor improvements:
- Print slot width on its own line
- Use standard strings for slot width
* Add a --no-quirks option
* Drop the CPUID exception list
* Obsoletes patches removed :
dmidecode-do-not-let-dump-bin-overwrite-an-existing-file,
dmidecode-fortify-entry-point-length-checks,
dmidecode-split-table-fetching-from-decoding,
dmidecode-write-the-whole-dump-file-at-once,
dmioem-fix-segmentation-fault-in-dmi_hp_240_attr,
dmioem-hpe-oem-record-237-firmware-change,
dmioem-typo-fix-virutal-virtual,
ensure-dev-mem-is-a-character-device-file,
news-fix-typo,
use-read_file-to-read-from-dump
Update for HPE servers from upstream:
- dmioem-update-hpe-oem-type-238 patch: Decode PCI bus segment in
HPE type 238 records
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:2888-1
Released: Tue Aug 13 11:07:41 2024
Summary: Recommended update for util-linux
Type: recommended
Severity: moderate
References: 1159034,1194818,1218609,1222285
This update for util-linux fixes the following issues:
- agetty: Prevent login cursor escape (bsc#1194818).
- Document unexpected side effects of lazy destruction (bsc#1159034).
- Don't delete binaries not common for all architectures. Create an
util-linux-extra subpackage instead, so users of third party
tools can use them (bsc#1222285).
- Improved man page for chcpu (bsc#1218609).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:2912-1
Released: Wed Aug 14 20:20:13 2024
Summary: Recommended update for cloud-regionsrv-client
Type: recommended
Severity: important
References: 1222985,1223571,1224014,1224016,1227308
This update for cloud-regionsrv-client contains the following fixes:
- Update to version 10.3.0 (bsc#1227308, bsc#1222985)
+ Add support for sidecar registry
Podman and rootless Docker support to set up the necessary
configuration for the container engines to run as defined
+ Add running command as root through sudoers file
- Update to version 10.2.0 (bsc#1223571, bsc#1224014, bsc#1224016)
+ In addition to logging, write message to stderr when registration fails
+ Detect transactional-update system with read only setup and use
the transactional-update command to register
+ Handle operation in a different target root directory for credentials
checking
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:2918-1
Released: Thu Aug 15 06:59:39 2024
Summary: Recommended update for grub2
Type: recommended
Severity: important
References: 1223535,1226100,1228124
This update for grub2 fixes the following issues:
- Fix btrfs subvolume for platform modules not mounting at runtime when the
default subvolume is the topmost root tree (bsc#1228124)
- Fix error in grub-install when root is on tmpfs (bsc#1226100)
- Fix input handling in ppc64le grub2 has high latency (bsc#1223535)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:2932-1
Released: Thu Aug 15 12:05:04 2024
Summary: Recommended update for supportutils
Type: recommended
Severity: moderate
References: 1222021,1227127,1228265
This update for supportutils fixes the following issues:
Changes to version 3.2.8
+ Avoid getting duplicate kernel verifications in boot.text (pr#190)
+ lvm: suppress file descriptor leak warnings from lvm commands (pr#191)
+ docker_info: Add timestamps to container logs (pr#196)
+ Key value pairs and container log timestamps (bsc#1222021 PED-8211, pr#198)
+ Update supportconfig get pam.d sorted (pr#199)
+ yast_files: Exclude .zcat (pr#201)
+ Sanitize grub bootloader (bsc#1227127, pr#203)
+ Sanitize regcodes (pr#204)
+ Improve product detection (pr#205)
+ Add read_values for s390x (bsc#1228265, pr#206)
+ hardware_info: Remove old alsa ver check (pr#209)
+ drbd_info: Fix incorrect escape of quotes (pr#210)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:2933-1
Released: Thu Aug 15 12:12:50 2024
Summary: Security update for openssl-1_1
Type: security
Severity: moderate
References: 1225907,1226463,1227138,CVE-2024-5535
This update for openssl-1_1 fixes the following issues:
- CVE-2024-5535: Fixed a buffer overread in function SSL_select_next_proto() with an empty supported client protocols buffer (bsc#1227138)
Other fixes:
- Build with no-afalgeng. (bsc#1226463)
- Fixed C99 violations to allow the package to build with GCC 14. (bsc#1225907)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:2952-1
Released: Fri Aug 16 17:05:34 2024
Summary: Recommended update for nfs-utils
Type: recommended
Severity: moderate
References: 1228159
This update for nfs-utils fixes the following issues:
- Include source for libnfsidmap 0.26 and build that.
This is needed for compatability with SLE15-SP5 and earlier.
- Copied from old nfsidmap package (bsc#1228159).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:2957-1
Released: Mon Aug 19 10:48:01 2024
Summary: Recommended update for ldb, samba
Type: recommended
Severity: moderate
References: 1228732
This update for ldb, samba fixes the following issues:
- Many qsort() comparisons are non-transitive, which can lead to
out-of-bounds access in some circumstances.
- Fix a crash when joining offline and 'kerberos method' includes
keytab (bsc#1228732).
- Fix reading the password from STDIN or environment vars if it
was already given in the command line (bsc#1228732).
- netr_LogonSamLogonEx returns NR_STATUS_ACCESS_DENIED with SysvolReady=0.
- Anonymous smb3 signing/encryption should be allowed (similar to Windows Server 2022).
- Panic in dreplsrv_op_pull_source_apply_changes_trigger.
- winbindd, net ads join and other things don't work on an ipv6 only host.
- Smbcacls incorrectly propagates inheritance with Inherit-Only flag.
- http library doesn't support 'chunked transfer encoding'.
- fd_handle_destructor() panics within an smbd_smb2_close() if
vfs_stat_fsp() fails in fd_close()
- samba-gpupdate: Correctly implement site support.
- libgpo: Segfault in python bindings.
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:2967-1
Released: Mon Aug 19 15:41:29 2024
Summary: Recommended update for pam
Type: recommended
Severity: moderate
References: 1194818
This update for pam fixes the following issue:
- Prevent cursor escape from the login prompt (bsc#1194818).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:3054-1
Released: Wed Aug 28 14:48:31 2024
Summary: Security update for python3-setuptools
Type: security
Severity: important
References: 1228105,CVE-2024-6345
This update for python3-setuptools fixes the following issues:
- CVE-2024-6345: Fixed code execution via download functions in the package_index module (bsc#1228105)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3071-1
Released: Mon Sep 2 15:17:11 2024
Summary: Recommended update for suse-build-key
Type: recommended
Severity: moderate
References: 1229339
This update for suse-build-key fixes the following issue:
- extended 2048 bit SUSE SLE 12, 15 GA-SP5 key until 2028 (bsc#1229339).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3103-1
Released: Tue Sep 3 16:59:06 2024
Summary: Recommended update for xfsprogs
Type: recommended
Severity: moderate
References: 1229160
This update for xfsprogs fixes the following issue:
- xfs_repair: allow symlinks with short remote targets (bsc#1229160)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:3106-1
Released: Tue Sep 3 17:00:40 2024
Summary: Security update for openssl-3
Type: security
Severity: moderate
References: 1220523,1220690,1220693,1220696,1221365,1221751,1221752,1221753,1221760,1221786,1221787,1221821,1221822,1221824,1221827,1229465,CVE-2024-6119
This update for openssl-3 fixes the following issues:
- CVE-2024-6119: Fixed denial of service in X.509 name checks (bsc#1229465)
Other fixes:
- FIPS: Deny SHA-1 signature verification in FIPS provider (bsc#1221365).
- FIPS: RSA keygen PCT requirements.
- FIPS: Check that the fips provider is available before setting
it as the default provider in FIPS mode (bsc#1220523).
- FIPS: Port openssl to use jitterentropy (bsc#1220523).
- FIPS: Block non-Approved Elliptic Curves (bsc#1221786).
- FIPS: Service Level Indicator (bsc#1221365).
- FIPS: Output the FIPS-validation name and module version which uniquely
identify the FIPS validated module (bsc#1221751).
- FIPS: Add required selftests: (bsc#1221760).
- FIPS: DH: Disable FIPS 186-4 Domain Parameters (bsc#1221821).
- FIPS: Recommendation for Password-Based Key Derivation (bsc#1221827).
- FIPS: Zero initialization required (bsc#1221752).
- FIPS: Reseed DRBG (bsc#1220690, bsc#1220693, bsc#1220696).
- FIPS: NIST SP 800-56Brev2 (bsc#1221824).
- FIPS: Approved Modulus Sizes for RSA Digital Signature for FIPS 186-4 (bsc#1221787).
- FIPS: Port openssl to use jitterentropy (bsc#1220523).
- FIPS: NIST SP 800-56Arev3 (bsc#1221822).
- FIPS: Error state has to be enforced (bsc#1221753).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:3113-1
Released: Tue Sep 3 17:04:05 2024
Summary: Security update for xen
Type: security
Severity: important
References: 1027519,1228574,1228575,CVE-2024-31145,CVE-2024-31146
This update for xen fixes the following issues:
- CVE-2024-31145: Fixed error handling in x86 IOMMU identity mapping (XSA-460, bsc#1228574)
- CVE-2024-31146: Fixed PCI device pass-through with shared resources (XSA-461, bsc#1228575)
Other fixes:
- Update to Xen 4.18.3 security bug fix release (bsc#1027519)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:3120-1
Released: Tue Sep 3 17:12:57 2024
Summary: Security update for buildah, docker
Type: security
Severity: critical
References: 1214855,1219267,1219268,1219438,1221243,1221677,1221916,1223409,1224117,1228324,CVE-2024-1753,CVE-2024-23651,CVE-2024-23652,CVE-2024-23653,CVE-2024-24786,CVE-2024-28180,CVE-2024-3727,CVE-2024-41110
This update for buildah, docker fixes the following issues:
Changes in docker:
- CVE-2024-23651: Fixed arbitrary files write due to race condition on mounts (bsc#1219267)
- CVE-2024-23652: Fixed insufficient validation of parent directory on mount (bsc#1219268)
- CVE-2024-23653: Fixed insufficient validation on entitlement on container creation via buildkit (bsc#1219438)
- CVE-2024-41110: A Authz zero length regression that could lead to authentication bypass was fixed (bsc#1228324)
Other fixes:
- Update to Docker 25.0.6-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/25.0/#2506>
- Update to Docker 25.0.5-ce (bsc#1223409)
- Fix BuildKit's symlink resolution logic to correctly handle non-lexical
symlinks. (bsc#1221916)
- Write volume options atomically so sudden system crashes won't result in
future Docker starts failing due to empty files. (bsc#1214855)
Changes in buildah:
- Update to version 1.35.4:
* [release-1.35] Bump to Buildah v1.35.4
* [release-1.35] CVE-2024-3727 updates (bsc#1224117)
* integration test: handle new labels in 'bud and test --unsetlabel'
* [release-1.35] Bump go-jose CVE-2024-28180
* [release-1.35] Bump ocicrypt and go-jose CVE-2024-28180
- Update to version 1.35.3:
* [release-1.35] Bump to Buildah v1.35.3
* [release-1.35] correctly configure /etc/hosts and resolv.conf
* [release-1.35] buildah: refactor resolv/hosts setup.
* [release-1.35] rename the hostFile var to reflect
* [release-1.35] Bump c/common to v0.58.1
* [release-1.35] Bump Buildah to v1.35.2
* [release-1.35] CVE-2024-24786 protobuf to 1.33
* [release-1.35] Bump to v1.35.2-dev
- Update to version 1.35.1:
* [release-1.35] Bump to v1.35.1
* [release-1.35] CVE-2024-1753 container escape fix (bsc#1221677)
- Buildah dropped cni support, require netavark instead (bsc#1221243)
- Remove obsolete requires libcontainers-image & libcontainers-storage
- Require passt for rootless networking (poo#156955)
Buildah moved to passt/pasta for rootless networking from slirp4netns
(https://github.com/containers/common/pull/1846)
- Update to version 1.35.0:
* Bump v1.35.0
* Bump c/common v0.58.0, c/image v5.30.0, c/storage v1.53.0
* conformance tests: don't break on trailing zeroes in layer blobs
* Add a conformance test for copying to a mounted prior stage
* fix(deps): update module github.com/stretchr/testify to v1.9.0
* cgroups: reuse version check from c/common
* Update vendor of containers/(common,image)
* fix(deps): update github.com/containers/storage digest to eadc620
* fix(deps): update github.com/containers/luksy digest to ceb12d4
* fix(deps): update github.com/containers/image/v5 digest to cdc6802
* manifest add: complain if we get artifact flags without --artifact
* Use retry logic from containers/common
* Vendor in containers/(storage,image,common)
* Update module golang.org/x/crypto to v0.20.0
* Add comment re: Total Success task name
* tests: skip_if_no_unshare(): check for --setuid
* Properly handle build --pull=false
* [skip-ci] Update tim-actions/get-pr-commits action to v1.3.1
* Update module go.etcd.io/bbolt to v1.3.9
* Revert 'Reduce official image size'
* Update module github.com/opencontainers/image-spec to v1.1.0
* Reduce official image size
* Build with CNI support on FreeBSD
* build --all-platforms: skip some base 'image' platforms
* Bump main to v1.35.0-dev
* Vendor in latest containers/(storage,image,common)
* Split up error messages for missing --sbom related flags
* `buildah manifest`: add artifact-related options
* cmd/buildah/manifest.go: lock lists before adding/annotating/pushing
* cmd/buildah/manifest.go: don't make struct declarations aliases
* Use golang.org/x/exp/slices.Contains
* Disable loong64 again
* Fix a couple of typos in one-line comments
* egrep is obsolescent; use grep -E
* Try Cirrus with a newer VM version
* Set CONTAINERS_CONF in the chroot-mount-flags integration test
* Update to match dependency API update
* Update github.com/openshift/imagebuilder and containers/common
* docs: correct default authfile path
* fix(deps): update module github.com/containerd/containerd to v1.7.13
* tests: retrofit test for heredoc summary
* build, heredoc: show heredoc summary in build output
* manifest, push: add support for --retry and --retry-delay
* fix(deps): update github.com/openshift/imagebuilder digest to b767bc3
* imagebuildah: fix crash with empty RUN
* fix(deps): update github.com/containers/luksy digest to b62d551
* fix(deps): update module github.com/opencontainers/runc to v1.1.12 [security]
* fix(deps): update module github.com/moby/buildkit to v0.12.5 [security]
* Make buildah match podman for handling of ulimits
* docs: move footnotes to where they're applicable
* Allow users to specify no-dereference
* Run codespell on code
* Fix FreeBSD version parsing
* Fix a build break on FreeBSD
* Remove a bad FROM line
* fix(deps): update module github.com/onsi/gomega to v1.31.1
* fix(deps): update module github.com/opencontainers/image-spec to v1.1.0-rc6
* docs: use reversed logo for dark theme in README
* build,commit: add --sbom to scan and produce SBOMs when committing
* commit: force omitHistory if the parent has layers but no history
* docs: fix a couple of typos
* internal/mkcw.Archive(): handle extra image content
* stage_executor,heredoc: honor interpreter in heredoc
* stage_executor,layers: burst cache if heredoc content is changed
* fix(deps): update module golang.org/x/crypto to v0.18.0
* Replace map[K]bool with map[K]struct{} where it makes sense
* fix(deps): update module golang.org/x/sync to v0.6.0
* fix(deps): update module golang.org/x/term to v0.16.0
* Bump CI VMs
* Replace strings.SplitN with strings.Cut
* fix(deps): update github.com/containers/storage digest to ef81e9b
* fix(deps): update github.com/containers/image/v5 digest to 1b221d4
* fix(deps): update module github.com/fsouza/go-dockerclient to v1.10.1
* Document use of containers-transports values in buildah
* fix(deps): update module golang.org/x/crypto to v0.17.0 [security]
* chore(deps): update dependency containers/automation_images to v20231208
* manifest: addCompression use default from containers.conf
* commit: add a --add-file flag
* mkcw: populate the rootfs using an overlay
* chore(deps): update dependency containers/automation_images to v20230517
* [skip-ci] Update actions/stale action to v9
* fix(deps): update module github.com/containernetworking/plugins to v1.4.0
* fix(deps): update github.com/containers/image/v5 digest to 7a40fee
* Bump to v1.34.1-dev
* Ignore errors if label.Relabel returns ENOSUP
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3124-1
Released: Tue Sep 3 17:38:34 2024
Summary: Recommended update for cryptsetup
Type: recommended
Severity: moderate
References: 1229975
This update for cryptsetup fixes the following issues:
- FIPS: Extend the password for PBKDF2 benchmarking to be more than 20
chars to meet FIPS 140-3 requirements (bsc#1229975)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3132-1
Released: Tue Sep 3 17:43:10 2024
Summary: Recommended update for permissions
Type: recommended
Severity: moderate
References: 1228968,1229329
This update for permissions fixes the following issues:
- Update to version 20240826:
* permissions: remove outdated entries (bsc#1228968)
- Update to version 20240826:
* cockpit: revert path change (bsc#1229329)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3135-1
Released: Wed Sep 4 08:36:23 2024
Summary: Recommended update for rsyslog
Type: recommended
Severity: moderate
References:
This update for rsyslog fixes the following issues:
- Version upgrade
- patches replaced by upgrade (details in upgrade logs)
* Revert 'Update omlibdbi.c'
* imkmsg: add params 'readMode' and 'expectedBootCompleteSeconds'
* testbench: fix 'typo' in test case
* omazureeventhubs: Corrected handling of transport closed failures
* imkmsg: add module param parseKernelTimestamp
* imfile: remove state file on file delete fix
* imklog bugfix: keepKernelTimestamp=off config param did not work
* Netstreamdriver: deallocate certificate related resources
* TLS subsystem: add remote hostname to error reporting
* Fix forking issue do to close_range call
* replace debian sample systemd service file by readme
* testbench: bump zookeeper version to match current offering
* Update rsyslog.service sample unit to the latest version used in Debian Trixie
* Only keep a single rsyslog.service for Debian
* Remove no longer used --with-systemdsystemunitdir configure switch
* use logind instead of utmp for wall messages with systemd
* Typo fixes
* Drop CAP_IPC_LOCK capability
* Add CAP_NET_RAW capability due to the omudpspoof module
* Add new global config option 'libcapng.enable'
* tcp net subsystem: handle data race gracefully
* Avoid crash on restart in imrelp SIGTTIN handler
- patches replaced by upgrade
* fix startup issue on modern systemd systems
* Fix misspeling in message.
* tcpflood bugfix: plain tcp send error not properly reported
* omprog bugfix: Add CAP_DAC_OVERRIDE to the bounding set
* testbench: cleanup and improve some more imfile tests
* lookup tables: fix static analyzer issue
* lookup tables bugfix: reload on HUP did not work when backgrounded
* CI: fix and cleaup github workflow
* imjournal: Support input module
* testbench: make test more reliable
* tcpflood: add -A option to NOT abort when sending fails
* tcpflood: fix today's programming error
* openssl: Replaced depreceated method SSLv23_method with TLS_method
* testbench improvement: define state file directories for imfile tests
* testbench: cleanup a test and some nitfixes to it
* tcpflood bugfix: TCP sending was not implemented properly
* testbench: make waiting for HUP processing more reliable
* build system: make rsyslogd execute when --disable-inet is configured
* CI: update zookeper download to newer version
* ossl driver: Using newer INIT API for OpenSSL 1.1+ Versions
* ossl: Fix CRL File Expire from 1 day to 100 years.
* PR5175: Add TLS CRL Support for GnuTLS driver and OpenSSL 1.0.2+
* omazureeventhubs: Initial implementation of new output module
* TLS CRL Support Issue 5081
* action.resumeintervalmax: the parameter was not respected
* IMHIREDIS::FIXED:: Restore compatiblity with hiredis < v1.0.0
* Add the 'batchsize' parameter to imhiredis
* Clear undefined behavior in libgcry.c (GH #5167)
* Do not try to drop capabilities when we don't have any
* testbench: use newer zookeeper version in tests
* build system: more precise error message on too-old lib
* Fix quoting for omprog, improg, mmexternal
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3147-1
Released: Thu Sep 5 09:30:37 2024
Summary: Recommended update for dracut
Type: recommended
Severity: moderate
References: 1228398,1228847
This update for dracut fixes the following issues:
- Version update with:
* feat(systemd*) include systemd config files from /usr/lib/systemd (bsc#1228398)
* fix(convertfs) error in conditional expressions (bsc#1228847)
The following package changes have been done:
- ca-certificates-mozilla-2.68-150200.33.1 updated
- dmidecode-3.6-150400.16.11.2 updated
- docker-25.0.6_ce-150000.207.1 updated
- dracut-059+suse.531.g48487c31-150600.3.6.2 updated
- grub2-i386-pc-2.12-150600.8.3.1 updated
- grub2-x86_64-efi-2.12-150600.8.3.1 updated
- grub2-2.12-150600.8.3.1 updated
- libblkid1-2.39.3-150600.4.9.4 updated
- libcryptsetup12-2.7.0-150600.3.3.1 updated
- libfdisk1-2.39.3-150600.4.9.4 updated
- libldb2-2.8.1-150600.3.3.4 updated
- libmount1-2.39.3-150600.4.9.4 updated
- libnfsidmap1-1.0-150600.28.3.2 updated
- libopenssl1_1-1.1.1w-150600.5.6.1 updated
- libopenssl3-3.1.4-150600.5.15.1 updated
- libsmartcols1-2.39.3-150600.4.9.4 updated
- libuuid1-2.39.3-150600.4.9.4 updated
- libyaml-0-2-0.1.7-150000.3.2.1 added
- nfs-client-2.6.4-150600.28.3.2 updated
- openssl-3-3.1.4-150600.5.15.1 updated
- pam-1.3.0-150000.6.71.2 updated
- permissions-20240826-150600.10.9.1 updated
- python-azure-agent-config-server-2.9.1.1-150100.3.44.2 updated
- python-azure-agent-2.9.1.1-150100.3.44.2 updated
- python3-PyYAML-5.4.1-150300.3.3.1 updated
- python3-setuptools-44.1.1-150400.9.9.1 updated
- rsyslog-module-relp-8.2406.0-150600.12.3.2 updated
- rsyslog-8.2406.0-150600.12.3.2 updated
- samba-client-libs-4.19.7+git.357.1d7950ebd62-150600.3.3.2 updated
- supportutils-3.2.8-150600.3.3.1 updated
- suse-build-key-12.0-150000.8.52.3 updated
- util-linux-systemd-2.39.3-150600.4.9.4 updated
- util-linux-2.39.3-150600.4.9.4 updated
- xen-libs-4.18.3_02-150600.3.6.1 updated
- xfsprogs-6.7.0-150600.3.6.2 updated
- haveged-1.9.14-150600.9.5 removed
- libhavege2-1.9.14-150600.9.5 removed
More information about the sle-container-updates
mailing list