SUSE-CU-2024:4215-1: Security update of suse/hpc/warewulf4-x86_64/sle-hpc-node

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Thu Sep 12 07:18:43 UTC 2024 

SUSE Container Update Advisory: suse/hpc/warewulf4-x86_64/sle-hpc-node
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2024:4215-1
Container Tags        : suse/hpc/warewulf4-x86_64/sle-hpc-node:15.6 , suse/hpc/warewulf4-x86_64/sle-hpc-node:15.6.17.5.28 , suse/hpc/warewulf4-x86_64/sle-hpc-node:latest
Container Release     : 17.5.28
Severity              : important
Type                  : security
References            : 1081596 1223094 1224771 1225267 1226014 1226030 1226493 1227205
                        1227625 1227793 1228042 1228138 1228206 1228208 1228398 1228420
                        1228787 1228847 1230093 222971 CVE-2024-8096 
-----------------------------------------------------------------

The container suse/hpc/warewulf4-x86_64/sle-hpc-node was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3147-1
Released:    Thu Sep  5 09:30:37 2024
Summary:     Recommended update for dracut
Type:        recommended
Severity:    moderate
References:  1228398,1228847
This update for dracut fixes the following issues:

- Version update with:
  * feat(systemd*) include systemd config files from /usr/lib/systemd (bsc#1228398)
  * fix(convertfs) error in conditional expressions (bsc#1228847)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3166-1
Released:    Mon Sep  9 12:25:30 2024
Summary:     Recommended update for glibc
Type:        recommended
Severity:    moderate
References:  1228042
This update for glibc fixes the following issue:

- s390x-wcsncmp patch for s390x: Fix segfault in wcsncmp (bsc#1228042).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3178-1
Released:    Mon Sep  9 14:39:12 2024
Summary:     Recommended update for libzypp, zypper, libsolv, zypp-plugin, PackageKit-branding-SLE, PackageKit, libyui, yast2-pkg-bindings
Type:        recommended
Severity:    important
References:  1081596,1223094,1224771,1225267,1226014,1226030,1226493,1227205,1227625,1227793,1228138,1228206,1228208,1228420,1228787,222971
This update for libzypp, zypper, libsolv, zypp-plugin, PackageKit-branding-SLE, PackageKit, libyui, yast2-pkg-bindings fixes the following issues:

- Make sure not to statically linked installed tools (bsc#1228787)
- MediaPluginType must be resolved to a valid MediaHandler (bsc#1228208)
- Export asSolvable for YAST (bsc#1228420)
- Export CredentialManager for legacy YAST versions (bsc#1228420)
- Fix 4 typos in zypp.conf
- Fix typo in the geoip update pipeline (bsc#1228206)
- Export RepoVariablesStringReplacer for yast2 (bsc#1228138)
- Removed dependency on external find program in the repo2solv tool
- Fix return value of repodata.add_solv()
- New SOLVER_FLAG_FOCUS_NEW flag
- Fix return value of repodata.add_solv() in the bindings
- Fix SHA-224 oid in solv_pgpvrfy
- Translation: updated .pot file.
- Conflict with python zypp-plugin < 0.6.4 (bsc#1227793)
- Fix int overflow in Provider
- Fix error reporting on repoindex.xml parse error (bsc#1227625)
- Keep UrlResolverPlugin API public
- Blacklist /snap executables for 'zypper ps' (bsc#1226014)
- Fix handling of buddies when applying locks (bsc#1225267)
- Fix readline setup to handle Ctrl-C and Ctrl-D correctly (bsc#1227205)
- Show rpm install size before installing (bsc#1224771)
- Install zypp/APIConfig.h legacy include
- Update soname due to RepoManager refactoring and cleanup
- Workaround broken libsolv-tools-base requirements
- Strip ssl_clientkey from repo urls (bsc#1226030)
- Remove protobuf build dependency
- Lazily attach medium during refresh workflows (bsc#1223094)
- Refactor RepoManager and add Service workflows
- Let_readline_abort_on_Ctrl-C (bsc#1226493)
- packages: add '--system' to show @System packages (bsc#222971)
- Provide python3-zypp-plugin down to SLE12 (bsc#1081596)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:3204-1
Released:    Wed Sep 11 10:55:22 2024
Summary:     Security update for curl
Type:        security
Severity:    moderate
References:  1230093,CVE-2024-8096
This update for curl fixes the following issues:

- CVE-2024-8096: OCSP stapling bypass with GnuTLS. (bsc#1230093)


The following package changes have been done:

- curl-8.6.0-150600.4.6.1 updated
- dracut-059+suse.531.g48487c31-150600.3.6.2 updated
- glibc-locale-base-2.38-150600.14.8.2 updated
- glibc-2.38-150600.14.8.2 updated
- libcurl4-8.6.0-150600.4.6.1 updated
- libsolv-tools-base-0.7.30-150400.3.27.2 updated
- libzypp-17.35.8-150600.3.19.1 updated
- zypper-1.14.76-150600.10.6.13 updated
- libabsl2401_0_0-20240116.1-150600.17.7 removed
- libprotobuf-lite25_1_0-25.1-150600.16.4.2 removed

More information about the sle-container-updates mailing list