SUSE-CU-2021:563-1: Security update of bci/golang
sle-updates at lists.suse.com
sle-updates at lists.suse.com
Sun Dec 5 07:57:25 UTC 2021
SUSE Container Update Advisory: bci/golang
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2021:563-1
Container Tags : bci/golang:1.17
Container Release : 3.21
Severity : important
Type : security
References : 1186071 1187153 1187273 1188623 1190356 1190440 1190649 1190984
1191286 1191324 1191370 1191609 1191736 1192160 1192161 1192337
1192377 1192378 1192436 CVE-2021-41771 CVE-2021-41772
-----------------------------------------------------------------
The container bci/golang was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3786-1
Released: Wed Nov 24 05:59:13 2021
Summary: Recommended update for rpm-config-SUSE
Type: recommended
Severity: important
References: 1192160
This update for rpm-config-SUSE fixes the following issues:
- Add support for the kernel xz-compressed firmware files (bsc#1192160)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3798-1
Released: Wed Nov 24 18:01:36 2021
Summary: Recommended update for gcc7
Type: recommended
Severity: moderate
References:
This update for gcc7 fixes the following issues:
- Fixed a build issue when built with recent kernel headers.
- Backport the '-fpatchable-function-entry' feature from newer GCC. (jsc#SLE-20049)
- do not handle exceptions in std::thread (jsc#CAR-1182)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3799-1
Released: Wed Nov 24 18:07:54 2021
Summary: Recommended update for gcc11
Type: recommended
Severity: moderate
References: 1187153,1187273,1188623
This update for gcc11 fixes the following issues:
The additional GNU compiler collection GCC 11 is provided:
To select these compilers install the packages:
- gcc11
- gcc-c++11
- and others with 11 prefix.
to select them for building:
- CC='gcc-11'
- CXX='g++-11'
The compiler baselibraries (libgcc_s1, libstdc++6 and others) are being replaced by the GCC 11 variants.
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3808-1
Released: Fri Nov 26 00:30:54 2021
Summary: Recommended update for systemd
Type: recommended
Severity: moderate
References: 1186071,1190440,1190984,1192161
This update for systemd fixes the following issues:
- Add timestamp to D-Bus events to improve traceability (jsc#SLE-17798)
- Fix fd_is_mount_point() when both the parent and directory are network file systems (bsc#1190984)
- Support detection for ARM64 Hyper-V guests (bsc#1186071)
- Fix systemd-detect-virt not detecting Amazon EC2 Nitro instance (bsc#1190440)
- Enable support for Portable Services in openSUSE Leap only (jsc#SLE-21694)
- Fix IO scheduler udev rules to address performance issues (jsc#SLE-21032, bsc#1192161)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:3833-1
Released: Wed Dec 1 16:04:48 2021
Summary: Security update for go1.17
Type: security
Severity: moderate
References: 1190649,1192377,1192378,CVE-2021-41771,CVE-2021-41772
This update for go1.17 fixes the following issues:
Security update go1.17.3 (released 2021-11-04) (bsc#1190649).
- CVE-2021-41771: Fixed invalid dynamic symbol table command that could have caused panic (bsc#1192377).
- CVE-2021-41772: Fixed panic on (*Reader).Open (bsc#1192378).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3870-1
Released: Thu Dec 2 07:11:50 2021
Summary: Recommended update for libzypp, zypper
Type: recommended
Severity: moderate
References: 1190356,1191286,1191324,1191370,1191609,1192337,1192436
This update for libzypp, zypper fixes the following issues:
libzypp:
- Check log writer before accessing it (bsc#1192337)
- Zypper should keep cached files if transaction is aborted (bsc#1190356)
- Require a minimum number of mirrors for multicurl (bsc#1191609)
- Fixed slowdowns when rlimit is too high by using procfs to detect niumber of
open file descriptors (bsc#1191324)
- Fixed zypper incomplete messages when using non English localization (bsc#1191370)
- RepoManager: Don't probe for plaindir repository if the URL schema is a plugin (bsc#1191286)
- Disable logger in the child process after fork (bsc#1192436)
zypper:
- Fixed Zypper removing a kernel explicitely pinned that uses uname -r output format as name (openSUSE/zypper#418)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3872-1
Released: Thu Dec 2 07:25:55 2021
Summary: Recommended update for cracklib
Type: recommended
Severity: moderate
References: 1191736
This update for cracklib fixes the following issues:
- Enable build time tests (bsc#1191736)
The following package changes have been done:
- cpp7-7.5.0+r278197-4.30.1 updated
- cracklib-dict-small-2.9.7-11.6.1 updated
- cracklib-2.9.7-11.6.1 updated
- gcc7-7.5.0+r278197-4.30.1 updated
- go1.17-1.17.3-1.9.1 updated
- libasan4-7.5.0+r278197-4.30.1 updated
- libatomic1-11.2.1+git610-1.3.9 updated
- libcilkrts5-7.5.0+r278197-4.30.1 updated
- libcrack2-2.9.7-11.6.1 updated
- libgcc_s1-11.2.1+git610-1.3.9 updated
- libgomp1-11.2.1+git610-1.3.9 updated
- libitm1-11.2.1+git610-1.3.9 updated
- liblsan0-11.2.1+git610-1.3.9 updated
- libstdc++6-11.2.1+git610-1.3.9 updated
- libsystemd0-246.16-7.21.1 updated
- libtsan0-11.2.1+git610-1.3.9 updated
- libubsan0-7.5.0+r278197-4.30.1 updated
- libudev1-246.16-7.21.1 updated
- libzypp-17.28.8-20.1 updated
- rpm-config-SUSE-1-5.6.1 updated
- zypper-1.14.50-21.1 updated
- container:sles15-image-15.0.0-17.8.39 updated
More information about the sle-updates
mailing list