SUSE-CU-2025:1653-1: Security update of bci/bci-init
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Mon Mar 10 15:29:25 UTC 2025
SUSE Container Update Advisory: bci/bci-init
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:1653-1
Container Tags : bci/bci-init:15.7 , bci/bci-init:15.7-3.50
Container Release : 3.50
Severity : important
Type : security
References : 1224044 1231463 1233282 1237374 CVE-2024-34397 CVE-2024-52533
-----------------------------------------------------------------
The container bci/bci-init was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1950-1
Released: Fri Jun 7 17:20:14 2024
Summary: Security update for glib2
Type: security
Severity: moderate
References: 1224044,CVE-2024-34397
This update for glib2 fixes the following issues:
Update to version 2.78.6:
+ Fix a regression with IBus caused by the fix for CVE-2024-34397
Changes in version 2.78.5:
+ Fix CVE-2024-34397: GDBus signal subscriptions for well-known
names are vulnerable to unicast spoofing. (bsc#1224044)
+ Bugs fixed:
- gvfs-udisks2-volume-monitor SIGSEGV in
g_content_type_guess_for_tree() due to filename with bad
encoding
- gcontenttype: Make filename valid utf-8 string before processing.
- gdbusconnection: Don't deliver signals if the sender doesn't match.
Changes in version 2.78.4:
+ Bugs fixed:
- Fix generated RST anchors for methods, signals and properties.
- docs/reference: depend on a native gtk-doc.
- gobject_gdb.py: Do not break bt on optimized build.
- gregex: clean up usage of _GRegex.jit_status.
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:4254-1
Released: Fri Dec 6 18:03:05 2024
Summary: Security update for glib2
Type: security
Severity: important
References: 1231463,1233282,CVE-2024-52533
This update for glib2 fixes the following issues:
Security issues fixed:
- CVE-2024-52533: Fix a single byte buffer overflow in set_connect_msg() (bsc#1233282).
Non-security issue fixed:
- Fix error when uninstalling packages (bsc#1231463).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:794-1
Released: Thu Mar 6 07:59:29 2025
Summary: Recommended update for pkg-config
Type: recommended
Severity: important
References: 1237374
This update for pkg-config fixes the following issues:
- Build with system GLib instead of bundled GLib (bsc#1237374).
The following package changes have been done:
- libglib-2_0-0-2.78.6-150600.4.8.1 added
- libopenssl3-3.2.3-150700.3.10 updated
- libgcrypt20-1.11.0-150700.2.16 updated
- libopenssl-3-fips-provider-3.2.3-150700.3.10 updated
- sles-release-15.7-150700.21.5 updated
- pkg-config-0.29.2-150600.15.3.1 updated
- container:sles15-image-15.7.0-4.2.31 updated
More information about the sle-container-updates
mailing list