SUSE-CU-2023:2216-1: Security update of suse/sle15

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Wed Jul 5 07:09:37 UTC 2023 

SUSE Container Update Advisory: suse/sle15
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2023:2216-1
Container Tags        : bci/bci-base:15.4 , bci/bci-base:15.4.27.14.75 , suse/sle15:15.4 , suse/sle15:15.4.27.14.75
Container Release     : 27.14.75
Severity              : moderate
Type                  : security
References            : 1202234 1209565 1211261 1211261 1211418 1211419 1212187 1212187
                        1212222 1212222 CVE-2023-2602 CVE-2023-2603 
-----------------------------------------------------------------

The container suse/sle15 was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2742-1
Released:    Fri Jun 30 11:40:56 2023
Summary:     Recommended update for autoyast2, libzypp, yast2-pkg-bindings, yast2-update, zypper
Type:        recommended
Severity:    moderate
References:  1202234,1209565,1211261,1212187,1212222
This update for yast2-pkg-bindings fixes the following issues:

libzypp was updated to version 17.31.14 (22):

- Curl: trim all custom headers (bsc#1212187)
  HTTP/2 RFC 9113 forbids fields ending with a space. So we make
  sure all custom headers are trimmed. This also includes headers
  returned by URL-Resolver plugins.
- build: honor libproxy.pc's includedir (bsc#1212222)

zypper was updated to version 1.14.61:

- targetos: Add an error note if XPath:/product/register/target
  is not defined in /etc/products.d/baseproduct (bsc#1211261)
- targetos: Update help and man page (bsc#1211261)

yast2-pkg-bindings, autoyast:

- Added a new option for rebuilding the RPM database (--rebuilddb) (bsc#1209565)
- Selected products are not installed after resetting the package manager internally (bsc#1202234)

yast2-update:

- Rebuild the RPM database during upgrade (--rebuilddb) (bsc#1209565)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:2765-1
Released:    Mon Jul  3 20:28:14 2023
Summary:     Security update for libcap
Type:        security
Severity:    moderate
References:  1211418,1211419,CVE-2023-2602,CVE-2023-2603
This update for libcap fixes the following issues:

- CVE-2023-2602: Fixed improper memory release in libcap/psx/psx.c:__wrap_pthread_create() (bsc#1211418).
- CVE-2023-2603: Fixed an integer overflow or wraparound in libcap/cap_alloc.c:_libcap_strdup() (bsc#1211419).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:2772-1
Released:    Tue Jul  4 09:54:23 2023
Summary:     Recommended update for libzypp, zypper
Type:        recommended
Severity:    moderate
References:  1211261,1212187,1212222
This update for libzypp, zypper fixes the following issues:

libzypp was updated to version 17.31.14 (22):

- Curl: trim all custom headers (bsc#1212187)
  HTTP/2 RFC 9113 forbids fields ending with a space. So we make
  sure all custom headers are trimmed. This also includes headers
  returned by URL-Resolver plugins.
- build: honor libproxy.pc's includedir (bsc#1212222)

zypper was updated to version 1.14.61:

- targetos: Add an error note if XPath:/product/register/target
  is not defined in /etc/products.d/baseproduct (bsc#1211261)
- targetos: Update help and man page (bsc#1211261)


The following package changes have been done:

- libcap2-2.63-150400.3.3.1 updated
- libprotobuf-lite20-3.9.2-150200.4.21.1 updated
- libzypp-17.31.14-150400.3.35.1 updated
- zypper-1.14.61-150400.3.24.1 updated

More information about the sle-security-updates mailing list