SUSE-CU-2022:414-1: Security update of bci/rust

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Sat Mar 26 17:15:43 UTC 2022


SUSE Container Update Advisory: bci/rust
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2022:414-1
Container Tags        : bci/rust:1.56 , bci/rust:1.56-4.44
Container Release     : 4.44
Severity              : important
Type                  : security
References            : 1182959 1190447 1194265 1195149 1195792 1195856 1196036 1197004
                        CVE-2022-24407 
-----------------------------------------------------------------

The container bci/rust was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:692-1
Released:    Thu Mar  3 15:46:47 2022
Summary:     Recommended update for filesystem
Type:        recommended
Severity:    moderate
References:  1190447
This update for filesystem fixes the following issues:

- Release ported filesystem to LTSS channels (bsc#1190447).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:743-1
Released:    Mon Mar  7 22:08:12 2022
Summary:     Security update for cyrus-sasl
Type:        security
Severity:    important
References:  1194265,1196036,CVE-2022-24407
This update for cyrus-sasl fixes the following issues:

- CVE-2022-24407: Fixed SQL injection in sql_auxprop_store in plugins/sql.c (bsc#1196036).

The following non-security bugs were fixed:

- postfix: sasl authentication with password fails (bsc#1194265).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:787-1
Released:    Thu Mar 10 11:20:13 2022
Summary:     Recommended update for openldap2
Type:        recommended
Severity:    moderate
References:  
This update for openldap2 fixes the following issue:

- restore CLDAP functionality in CLI tools (jsc#PM-3288)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:861-1
Released:    Tue Mar 15 23:30:48 2022
Summary:     Recommended update for openssl-1_1 
Type:        recommended
Severity:    moderate
References:  1182959,1195149,1195792,1195856
This update for openssl-1_1 fixes the following issues:

openssl-1_1:

- Fix PAC pointer authentication in ARM (bsc#1195856)
- Pull libopenssl-1_1 when updating openssl-1_1 with the same version (bsc#1195792)
- FIPS: Fix function and reason error codes (bsc#1182959)
- Enable zlib compression support (bsc#1195149)
    
glibc:

- Resolve installation issue of `glibc-devel` in SUSE Linux Enterprise Micro 5.1
    
linux-glibc-devel:

- Resolve installation issue of `linux-kernel-headers` in SUSE Linux Enterprise Micro 5.1

libxcrypt:

- Resolve installation issue of `libxcrypt-devel` in SUSE Linux Enterprise Micro 5.1

zlib:

- Resolve installation issue of `zlib-devel` in SUSE Linux Enterprise Micro 5.1

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:874-1
Released:    Wed Mar 16 10:40:52 2022
Summary:     Recommended update for openldap2
Type:        recommended
Severity:    moderate
References:  1197004
This update for openldap2 fixes the following issue:

- Revert jsc#PM-3288 - CLDAP ( -DLDAP_CONNECTIONLESS ) due to regression (bsc#1197004)


The following package changes have been done:

- libldap-data-2.4.46-9.64.1 updated
- filesystem-15.0-11.5.1 updated
- glibc-2.31-150300.20.7 updated
- libsasl2-3-2.1.27-150300.4.6.1 updated
- libcrypt1-4.4.15-150300.4.2.41 updated
- libzstd1-1.5.0-150400.1.48 updated
- libuuid1-2.37.2-150400.6.2 updated
- libsmartcols1-2.37.2-150400.6.2 updated
- libsepol1-3.1-150400.1.44 updated
- libopenssl1_1-1.1.1l-150400.3.22 updated
- libopenssl1_1-hmac-1.1.1l-150400.3.22 updated
- libgpg-error0-1.42-150400.1.97 updated
- libeconf0-0.4.4+git20220104.962774f-150400.1.16 updated
- libcom_err2-1.46.4-150400.1.56 updated
- libcap2-2.63-150400.1.3 updated
- libbz2-1-1.0.8-150400.1.91 updated
- libblkid1-2.37.2-150400.6.2 updated
- libaudit1-3.0.6-150400.1.25 updated
- libgcrypt20-1.9.4-150400.2.21 updated
- libgcrypt20-hmac-1.9.4-150400.2.21 updated
- libfdisk1-2.37.2-150400.6.2 updated
- libz1-1.2.11-3.26.10 updated
- libldap-2_4-2-2.4.46-9.64.1 updated
- libelf1-0.185-150400.3.12 updated
- libselinux1-3.1-150400.1.43 updated
- libsystemd0-249.11-150400.1.4 updated
- libreadline7-7.0-150400.24.7 updated
- libdw1-0.185-150400.3.12 updated
- libsemanage1-3.1-150400.1.41 updated
- libmount1-2.37.2-150400.6.2 updated
- bash-sh-4.4-150400.24.7 added
- bash-4.4-150400.24.7 updated
- login_defs-4.8.1-150400.8.31 updated
- cpio-2.13-150400.1.73 updated
- coreutils-8.32-150400.7.2 updated
- sles-release-15.4-150400.45.1 updated
- rpm-config-SUSE-1-150400.12.14 updated
- permissions-20201225-150400.1.2 updated
- shadow-4.8.1-150400.8.31 updated
- sysuser-shadow-3.1-150400.1.8 updated
- system-group-hardware-20170617-150400.22.7 updated
- util-linux-2.37.2-150400.6.2 updated
- container:sles15-image-15.0.0-25.2.18 updated
- update-alternatives-1.19.0.4-2.48 removed


More information about the sle-security-updates mailing list