SUSE-CU-2025:225-1: Security update of suse/sle15
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Wed Jan 15 08:09:33 UTC 2025
SUSE Container Update Advisory: suse/sle15
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:225-1
Container Tags : bci/bci-base:15.7 , bci/bci-base:15.7-3.2.1 , suse/sle15:15.7 , suse/sle15:15.7-3.2.1
Container Release : 3.2.1
Severity : important
Type : security
References : 1203617 1219736 1220338 1231048 1232227 1232844 1234015 1234068
1234749 1235151 CVE-2024-11053
-----------------------------------------------------------------
The container suse/sle15 was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:4288-1
Released: Wed Dec 11 09:31:32 2024
Summary: Security update for curl
Type: security
Severity: moderate
References: 1234068,CVE-2024-11053
This update for curl fixes the following issues:
- CVE-2024-11053: Fixed password leak used for the first host to the followed-to host under certain circumstances (bsc#1234068)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:4337-1
Released: Tue Dec 17 08:17:39 2024
Summary: Recommended update for systemd
Type: recommended
Severity: important
References: 1231048,1232844
This update for systemd fixes the following issues:
- udev: skipping empty udev rules file while collecting the stats (bsc#1232844)
- Clean up some remnants from when homed was in the experimental sub-package (bsc#1231048)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:4378-1
Released: Thu Dec 19 08:23:55 2024
Summary: Recommended update for aaa_base
Type: recommended
Severity: moderate
References: 1203617
This update for aaa_base fixes the following issues:
- Added Midnigh Commander helpers for tcsh and bash resources (bsc#1203617)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:4402-1
Released: Fri Dec 20 16:41:09 2024
Summary: Recommended update for libzypp
Type: recommended
Severity: moderate
References: 1234749
This update for libzypp fixes the following issues:
- Url: queryparams without value should not have a trailing '='
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:10-1
Released: Fri Jan 3 14:53:56 2025
Summary: Recommended update for systemd
Type: recommended
Severity: important
References: 1220338,1232227,1234015
This update for systemd fixes the following issues:
- Drop support for efivar SystemdOptions (bsc#1220338)
- pid1: make clear that $WATCHDOG_USEC is set for the shutdown binary (bsc#1232227)
- udev: allow/denylist for reading sysfs attributes when composing a NIC name (bsc#1234015)
- udev: add new builtin net_driver
- udev-builtin-net_id: split-out pci_get_onboard_index() from dev_pci_onboard()
- udev-builtin-net_id: split-out get_pci_slot_specifiers()
- udev-builtin-net_id: introduce get_port_specifier() helper function
- udev-builtin-net_id: split out get_dev_port() and make its failure critical
- udev-builtin-net_id: split-out pci_get_hotplug_slot() and pci_get_hotplug_slot_from_address()
- udev-builtin-net_id: return earlier when hotplug slot is not found
- udev-builtin-net_id: skip non-directory entry earlier
- udev-builtin-net_id: make names_xen() self-contained
- udev-builtin-net_id: use sd_device_get_sysnum() to get index of netdevsim
- udev-builtin-net_id: make names_netdevsim() self-contained
- udev-builtin-net_id: make names_platform() self-contained
- udev-builtin-net_id: make names_vio() self-contained
- udev-builtin-net_id: make names_ccw() self-contained
- udev-builtin-net_id: make dev_devicetree_onboard() self-contained
- udev-builtin-net_id: make names_mac() self-contained
- udev-builtin-net_id: split out get_ifname_prefix()
- udev-builtin-net_id: swap arguments for streq() and friends
- udev-builtin-net_id: drop unused value from NetNameType
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:42-1
Released: Thu Jan 9 16:04:03 2025
Summary: Recommended update for permissions
Type: recommended
Severity: moderate
References: 1219736
This update for permissions fixes the following issues:
- Update to version 20240826:
* chkstat: backport support to operate in insecure mode via envvar opt-in (bsc#1219736)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:77-1
Released: Mon Jan 13 10:43:05 2025
Summary: Recommended update for curl
Type: recommended
Severity: moderate
References: 1235151
This update for curl fixes the following issue:
- smtp: for starttls, do full upgrade [bsc#1235151]
* Make sure the TLS handshake after a successful STARTTLS command
is fully done before further sending/receiving on the connection.
The following package changes have been done:
- aaa_base-84.87+git20180409.04c9dae-150300.10.23.1 updated
- curl-8.6.0-150600.4.18.1 updated
- findutils-4.10.0-150700.1.2 updated
- glibc-2.38-150700.19.1 updated
- grep-3.11-150700.1.2 updated
- libblkid1-2.40.2-150700.1.2 updated
- libcurl4-8.6.0-150600.4.18.1 updated
- libfdisk1-2.40.2-150700.1.2 updated
- libgcrypt20-1.11.0-150700.2.7 updated
- libgpg-error0-1.50-150700.1.2 updated
- libmount1-2.40.2-150700.1.2 updated
- libnghttp2-14-1.64.0-150700.1.2 updated
- libopenssl-3-fips-provider-3.2.3-150700.3.2 updated
- libopenssl3-3.2.3-150700.3.2 updated
- libsmartcols1-2.40.2-150700.1.2 updated
- libudev1-254.21-150600.4.21.1 updated
- libuuid1-2.40.2-150700.1.2 updated
- libxml2-2-2.12.9-150700.1.2 updated
- libzypp-17.35.16-150600.3.39.1 updated
- openssl-3-3.2.3-150700.3.2 updated
- permissions-20240826-150600.10.12.1 updated
- sle-module-basesystem-release-15.7-150700.16.3 updated
- sle-module-python3-release-15.7-150700.16.3 updated
- sle-module-server-applications-release-15.7-150700.16.3 updated
- sles-release-15.7-150700.16.8 updated
- util-linux-2.40.2-150700.1.2 updated
More information about the sle-container-updates
mailing list