SUSE-CU-2020:368-1: Security update of suse/sle15

sle-updates at lists.suse.com sle-updates at lists.suse.com
Sat Jul 25 11:58:34 MDT 2020 

SUSE Container Update Advisory: suse/sle15
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2020:368-1
Container Tags        : suse/sle15:15.1 , suse/sle15:15.1.6.2.271
Container Release     : 6.2.271
Severity              : moderate
Type                  : security
References            : 1082318 1133297 1170801 1171224 1172135 1173106 1174011 
-----------------------------------------------------------------

The container suse/sle15 was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:1396-1
Released:    Fri Jul  3 12:33:05 2020
Summary:     Security update for zstd
Type:        security
Severity:    moderate
References:  1082318,1133297
This update for zstd fixes the following issues:

- Fix for build error caused by wrong static libraries. (bsc#1133297)
- Correction in spec file marking the license as documentation. (bsc#1082318)
- Add new package for SLE-15. (jsc#ECO-1886)
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:2040-1
Released:    Fri Jul 24 13:58:53 2020
Summary:     Recommended update for libsolv, libzypp
Type:        recommended
Severity:    moderate
References:  1170801,1171224,1172135,1173106,1174011
This update for libsolv, libzypp fixes the following issues:

libsolv was updated to version 0.7.14:

- Enable zstd compression support for sle15
- Support blacklisted packages in solver_findproblemrule() (bsc#1172135)
- Support rules with multiple negative literals in choice rule
  generation

libzypp was updated to version 17.24.0:

- Enable zchunk metadata download if libsolv supports it.
- Older kernel-devel packages are not properly purged (bsc#1171224)
- doc: enhance service plugin example.
- Fix core dump with corrupted history file (bsc#1170801)
- Better handling of the purge-kernels algorithm. (bsc#1173106)
- Proactively send credentials if the URL specifes '?auth=basic' and a username.
  (bsc#1174011)
- ZYPP_MEDIA_CURL_DEBUG: Strip credentials in header log. (bsc#1174011)

More information about the sle-updates mailing list