SUSE-CU-2024:4458-1: Security update of suse/sle15

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Mon Sep 23 14:46:42 UTC 2024 

SUSE Container Update Advisory: suse/sle15
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2024:4458-1
Container Tags        : bci/bci-base:15.6 , bci/bci-base:15.6.47.11.17 , suse/sle15:15.6 , suse/sle15:15.6.47.11.17
Container Release     : 47.11.17
Severity              : important
Type                  : security
References            : 1225973 1225974 1227314 1228647 1229028 1230267 CVE-2024-24789
                        CVE-2024-24790 CVE-2024-24791 
-----------------------------------------------------------------

The container suse/sle15 was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3300-1
Released:    Wed Sep 18 14:27:53 2024
Summary:     Recommended update for ncurses
Type:        recommended
Severity:    moderate
References:  1229028
This update for ncurses fixes the following issues:

- Allow the terminal description based on static fallback entries to be freed (bsc#1229028)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3346-1
Released:    Thu Sep 19 17:20:06 2024
Summary:     Recommended update for libzypp, zypper
Type:        recommended
Severity:    moderate
References:  1228647,1230267
This update for libzypp, zypper fixes the following issues:

- API refactoring. Prevent zypper from using now private libzypp symbols (bsc#1230267)
- single_rpmtrans: fix installation of .src.rpms (bsc#1228647)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:3360-1
Released:    Sun Sep 22 23:45:55 2024
Summary:     Security update for container-suseconnect
Type:        security
Severity:    important
References:  1225973,1225974,1227314,CVE-2024-24789,CVE-2024-24790,CVE-2024-24791

This update for container-suseconnect rebuilds it against current go1.21.13.1.

Security issues fixed: CVE-2024-24789, CVE-2024-24790, CVE-2024-24791


The following package changes have been done:

- container-suseconnect-2.5.0-150000.4.55.1 updated
- libncurses6-6.1-150000.5.27.1 updated
- libsolv-tools-base-0.7.30-150600.8.2.1 updated
- libzypp-17.35.11-150600.3.24.1 updated
- ncurses-utils-6.1-150000.5.27.1 updated
- terminfo-base-6.1-150000.5.27.1 updated
- zypper-1.14.77-150600.10.11.2 updated

More information about the sle-container-updates mailing list