SUSE-CU-2025:6206-1: Security update of suse/hpc/warewulf4-x86_64/sle-hpc-node

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Tue Aug 19 07:24:58 UTC 2025 

SUSE Container Update Advisory: suse/hpc/warewulf4-x86_64/sle-hpc-node
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:6206-1
Container Tags        : suse/hpc/warewulf4-x86_64/sle-hpc-node:15.6 , suse/hpc/warewulf4-x86_64/sle-hpc-node:15.6.17.8.95 , suse/hpc/warewulf4-x86_64/sle-hpc-node:latest
Container Release     : 17.8.95
Severity              : moderate
Type                  : security
References            : 1230262 1232526 1234959 1237143 1237442 1238491 1239566 1239938
                        1240788 1241549 1243991 1244050 1245223 1246157 1246231 1246237
                        CVE-2024-56738 
-----------------------------------------------------------------

The container suse/hpc/warewulf4-x86_64/sle-hpc-node was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:2772-1
Released:    Tue Aug 12 19:35:08 2025
Summary:     Recommended update for grub2
Type:        security
Severity:    moderate
References:  1234959,1246157,1246231,1246237,CVE-2024-56738
This update for grub2 fixes the following issues:

- CVE-2024-56738: Fixed side-channel attack due to not 
  constant-time algorithm in grub_crypto_memcmp (bsc#1234959)

Other fixes:
- Fix test -f and -s do not work properly over the network files 
  served via tftp and http (bsc#1246157, bsc#1246237)
- Skip mount point in grub_find_device function (bsc#1246231)


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:2776-1
Released:    Wed Aug 13 08:10:36 2025
Summary:     Recommended update for systemd-rpm-macros
Type:        recommended
Severity:    moderate
References:  1237143
This update for systemd-rpm-macros fixes the following issues:

- Introduce %udev_trigger_with_reload() for packages that need to trigger events
  in theirs scriplets. The new macro automatically triggers a reload of the udev
  rule files as this step is often overlooked by packages (bsc#1237143).
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:2780-1
Released:    Wed Aug 13 10:28:27 2025
Summary:     Recommended update for gcc14
Type:        recommended
Severity:    moderate
References:  1230262,1232526,1237442,1238491,1239566,1239938,1240788,1241549,1243991,1244050
This update for gcc14 fixes the following issues:

Update to GCC 14.3 release, bb24b4c804f3d95b0ba95b7496, git11799

- Fixed libqt6webengine build.
- Fix build on s390x [bsc#1241549]
- Make sure link editing is done against our own shared library
  copy rather than the installed system runtime.  [bsc#1240788]
- Allow GCC executables to be built PIE.  [bsc#1239938]
- Backport -msplit-patch-nops required for user-space livepatching on powerpc.
- Also record -D_FORTIFY_SOURCE=2 in the DWARF debug info DW_AT_producer string.  [bsc#1239566]
- Disable profiling during build when %want_reproducible_builds is set [bsc#1238491]
- Fixes reported ICE in [bsc#1237442]
- Add larchintrin.h, lasxintrin.h and lsxintrin.h
  headers to gccXY main package in %files section
- libstdc++6 fix for parsing tzdata 2024b [gcc#116657]
- Fix ICE with LTO building openvino on aarch64 [bsc#1230262]
- Exclude shared objects present for link editing in the GCC specific
  subdirectory from provides processing via __provides_exclude_from.
  [bsc#1244050][bsc#1243991]
- Make cross-*-gcc14-bootstrap package conflict with the non-bootstrap
  variant conflict with the unversioned cross-*-gcc package.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:2838-1
Released:    Mon Aug 18 10:56:16 2025
Summary:     Recommended update for suse-build-key
Type:        recommended
Severity:    moderate
References:  1245223
This update for suse-build-key fixes the following issue:

- adjust SLES16 signing key UID (name,email) with official names (bsc#1245223).

The following package changes have been done:

- grub2-i386-pc-2.12-150600.8.34.1 updated
- grub2-x86_64-efi-2.12-150600.8.34.1 updated
- grub2-2.12-150600.8.34.1 updated
- libgcc_s1-14.3.0+git11799-150000.1.11.1 updated
- libstdc++6-14.3.0+git11799-150000.1.11.1 updated
- suse-build-key-12.0-150000.8.61.2 updated
- systemd-rpm-macros-16-150000.7.42.1 updated

More information about the sle-container-updates mailing list