SUSE-SU-2025:20844-1: moderate: Security update for aaa_base

[SLE-SECURITY-UPDATES]

# Security update for aaa_base

Announcement ID: SUSE-SU-2025:20844-1  
Release Date: 2025-10-09T14:42:20Z  
Rating: moderate  
References:

  * bsc#1159103
  * bsc#1211721
  * bsc#1219038
  * bsc#1221763
  * bsc#1227117
  * jsc#PED-264
  * jsc#PED-266

  
Affected Products:

  * SUSE Linux Micro 6.0
  * SUSE Linux Micro Extras 6.0

  
  
An update that contains two features and has five fixes can now be installed.

## Description:

This update for aaa_base fixes the following issues:

Update to version 84.87+git20240906.742565b:

  * yama-enable-ptrace: enforce changed behavior upon installation (bsc#1221763)
  * Avoid unnecessary /bin/bash dependency
  * sysctl: Fixup of not setting kernel.pid_max on 32b archs (bsc#1227117)

Update to version 84.87+git20240821.fbabe1d:

  * Add helper service for soft-reboot

Update to version 84.87+git20240809.5d13eb4:

  * cleanup aaa_base.post and fold back into specfile

Update to version 84.87+git20240805.7513b28:

  * Remove obsolete resolv+ manual page
  * Remove obsolete defaultdomain.5 manual page
  * Move /etc/skel to /usr/etc/skel (hermetic-usr)
  * Remove obsolete refresh_initrd
  * Add deprecation notice for service [jsc#PED-266]

Update to version 84.87+git20240801.75f05dd:

  * sysctl: Don't set kernel.pid_max on 32b archs (bsc#1227117)

Update to version 84.87+git20240620.57ee9e1:

  * Remove legacy-actions support [jsc#PED-264]

Update to version 84.87+git20240617.f5ff27f:

  * add /usr/bin/nu to etc/shells for nushell

Update to version 84.87+git20240614.332933e:

  * Do not save/restore cursor for foot at status line
  * Add tmux and others to DIR_COLORS (Issue #116)
  * Remove kernel.pid_max limit (bsc#1219038)
  * Add subpackge to enable ptrace

Update to version 84.87+git20240523.10a5692:

  * Add tmpfiles.d/soft-reboot-cleanup.conf

Update to version 84.87+git20240415.e6815bf:

  * drop obsolete 50-default-s390.conf (bsc#1211721)
  * fix typo in alljava.csh and drop stderr redirection

Update to version 84.87+git20240402.16596d1:

  * add alacritty to DIR_COLORS
  * Make sure tput it present before resetting TERM
  * Add mc helpers for both tcsh and bash resources
  * Do not overwrite escape sequences for xterm like
  * Check for valid TERM

Update to version 84.87+git20240202.9526d46:

  * properly shorten the variable when setting JAVA_HOME and JRE_HOME
  * silence output of alljava
  * Restrict ptrace with Yama LSM by default
  * patch alljava.sh and alljava.csh, use the links from update alternatives

Update to version 84.87+git20231023.f347d36:

  * Remove %ghost lastlog entry, lastlog is long gone
  * Remove shaky safe-rm and safe-rmdir helpers (bsc#1159103)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Micro 6.0  
    zypper in -t patch SUSE-SLE-Micro-6.0-485=1

  * SUSE Linux Micro Extras 6.0  
    zypper in -t patch SUSE-SLE-Micro-6.0-485=1

## Package List:

  * SUSE Linux Micro 6.0 (aarch64 s390x x86_64)
    * aaa_base-debugsource-84.87+git20240906.742565b-1.1
    * aaa_base-84.87+git20240906.742565b-1.1
    * aaa_base-debuginfo-84.87+git20240906.742565b-1.1
  * SUSE Linux Micro Extras 6.0 (aarch64 s390x x86_64)
    * aaa_base-debugsource-84.87+git20240906.742565b-1.1
    * aaa_base-malloccheck-84.87+git20240906.742565b-1.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1159103
  * https://bugzilla.suse.com/show_bug.cgi?id=1211721
  * https://bugzilla.suse.com/show_bug.cgi?id=1219038
  * https://bugzilla.suse.com/show_bug.cgi?id=1221763
  * https://bugzilla.suse.com/show_bug.cgi?id=1227117
  * https://jira.suse.com/browse/PED-264
  * https://jira.suse.com/browse/PED-266

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20251024/f580430f/attachment.htm>