SUSE-CU-2025:413-1: Security update of suse/sles/15.7/cdi-cloner

[sle-container-updates at lists.suse.com]

SUSE Container Update Advisory: suse/sles/15.7/cdi-cloner
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:413-1
Container Tags        : suse/sles/15.7/cdi-cloner:1.58.0 , suse/sles/15.7/cdi-cloner:1.58.0-150700.7.35 , suse/sles/15.7/cdi-cloner:1.58.0.28.82
Container Release     : 28.82
Severity              : moderate
Type                  : security
References            : 1219736 1234068 1235151 CVE-2024-11053 
-----------------------------------------------------------------

The container suse/sles/15.7/cdi-cloner was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:4288-1
Released:    Wed Dec 11 09:31:32 2024
Summary:     Security update for curl
Type:        security
Severity:    moderate
References:  1234068,CVE-2024-11053
This update for curl fixes the following issues:

  - CVE-2024-11053: Fixed password leak used for the first host to the followed-to host under certain circumstances (bsc#1234068)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:42-1
Released:    Thu Jan  9 16:04:03 2025
Summary:     Recommended update for permissions
Type:        recommended
Severity:    moderate
References:  1219736
This update for permissions fixes the following issues:

- Update to version 20240826:

  * chkstat: backport support to operate in insecure mode via envvar opt-in (bsc#1219736)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:77-1
Released:    Mon Jan 13 10:43:05 2025
Summary:     Recommended update for curl
Type:        recommended
Severity:    moderate
References:  1235151

This update for curl fixes the following issue:

- smtp: for starttls, do full upgrade [bsc#1235151]
  * Make sure the TLS handshake after a successful STARTTLS command
    is fully done before further sending/receiving on the connection.
  

The following package changes have been done:

- glibc-2.38-150700.19.2 updated
- libuuid1-2.40.2-150700.1.2 updated
- libsmartcols1-2.40.2-150700.1.2 updated
- libnghttp2-14-1.64.0-150700.1.3 updated
- libblkid1-2.40.2-150700.1.2 updated
- libopenssl3-3.2.3-150700.3.3 updated
- grep-3.11-150700.1.2 updated
- libmount1-2.40.2-150700.1.2 updated
- libfdisk1-2.40.2-150700.1.2 updated
- libopenssl-3-fips-provider-3.2.3-150700.3.3 updated
- permissions-20240826-150600.10.12.1 updated
- libcurl4-8.6.0-150600.4.18.1 updated
- util-linux-2.40.2-150700.1.2 updated
- curl-8.6.0-150600.4.18.1 updated
- containerized-data-importer-cloner-1.58.0-150700.7.35 updated
- container:sles15-image-15.7.0-2.4 updated
- file-magic-5.32-7.14.1 removed
- libmagic1-5.32-7.14.1 removed