SUSE-CU-2022:1967-1: Recommended update of suse/389-ds

sle-updates at sle-updates at
Tue Aug 30 07:39:07 UTC 2022

SUSE Container Update Advisory: suse/389-ds
Container Advisory ID : SUSE-CU-2022:1967-1
Container Tags        : suse/389-ds:2.0 , suse/389-ds:2.0-15.13 , suse/389-ds:latest
Container Release     : 15.13
Severity              : important
Type                  : recommended
References            : 1195059 1198341 1201298 1201795 1202310 1202645 

The container suse/389-ds was updated. The following patches have been included in this update:

Advisory ID: SUSE-RU-2022:2901-1
Released:    Fri Aug 26 03:34:23 2022
Summary:     Recommended update for elfutils
Type:        recommended
Severity:    moderate
This update for elfutils fixes the following issues:

- Fix runtime dependency for devel package

Advisory ID: SUSE-RU-2022:2904-1
Released:    Fri Aug 26 05:28:34 2022
Summary:     Recommended update for openldap2
Type:        recommended
Severity:    moderate
References:  1198341
This update for openldap2 fixes the following issues:

- Prevent memory reuse which may lead to instability (bsc#1198341)

Advisory ID: SUSE-RU-2022:2920-1
Released:    Fri Aug 26 15:17:02 2022
Summary:     Recommended update for systemd
Type:        recommended
Severity:    important
References:  1195059,1201795
This update for systemd fixes the following issues:

- Don't replace /etc/systemd/system/tmp.mount symlink with a dangling one pointing to /usr/lib/systemd/ (bsc#1201795)
- Drop or soften some of the deprecation warnings (jsc#PED-944)
- Ensure root user can login even if systemd-user-sessions.service is not activated yet (bsc#1195059)
- Avoid applying presets to any services shipped by the experimental sub-package, as they aren't enabled by default
- analyze: Fix offline check for syscal filter
- calendarspec: Fix timer skipping the next elapse
- core: Allow command argument to be longer
- hwdb: Add AV production controllers to hwdb and add uaccess
- hwdb: Allow console users access to rfkill
- hwdb: Allow end-users root-less access to TL866 EPROM readers
- hwdb: Permit unsetting power/persist for USB devices
- hwdb: Tag IR cameras as such
- hwdb: Fix parsing issue
- hwdb: Make usb match patterns uppercase
- hwdb: Update the hardware database
- journal-file: Stop using the event loop if it's already shutting down
- journal-remote: Disable `--trust` option when gnutls is disabled and check_permission() should not be called
- journald: Ensure resources are properly allocated for SIGTERM handling
- kernel-install: Ensure modules.builtin.alias.bin is removed when no longer needed
- macro: Account for negative values in DECIMAL_STR_WIDTH()
- manager: Disallow clone3() function call in seccomp filters 
- missing-syscall: Define MOVE_MOUNT_T_EMPTY_PATH if missing
- pid1,cgroup-show: Prevent failure if cgroup.procs in some subcgroups is not readable
- resolve: Fix typo in dns_class_is_pseudo()
- sd-event: Improve handling of process events and termination of processes
- sd-ipv4acd: Fix ARP packet conflicts occurring when sender hardware is one of the host's interfaces
- stdio-bridge: Improve the meaning of the error message  
- tmpfiles: Check for the correct directory

Advisory ID: SUSE-RU-2022:2929-1
Released:    Mon Aug 29 11:21:47 2022
Summary:     Recommended update for timezone
Type:        recommended
Severity:    important
References:  1202310
This update for timezone fixes the following issue:

- Reflect new Chile DST change (bsc#1202310)

Advisory ID: SUSE-RU-2022:2939-1
Released:    Mon Aug 29 14:49:17 2022
Summary:     Recommended update for mozilla-nss
Type:        recommended
Severity:    moderate
References:  1201298,1202645
This update for mozilla-nss fixes the following issues:

Update to NSS 3.79.1 (bsc#1202645)

* compare signature and signatureAlgorithm fields in legacy certificate verifier.
* Uninitialized value in cert_ComputeCertType.
* protect SFTKSlot needLogin with slotLock.
* avoid data race on primary password change.
* check for null template in sec_asn1{d,e}_push_state.

- FIPS: unapprove the rest of the DSA ciphers, keeping signature verification only (bsc#1201298).

The following package changes have been done:

- libldap-data-2.4.46-150200.14.11.2 updated
- libelf1-0.185-150400.5.3.1 updated
- libsystemd0-249.12-150400.8.10.1 updated
- libdw1-0.185-150400.5.3.1 updated
- libldap-2_4-2-2.4.46-150200.14.11.2 updated
- timezone-2022a-150000.75.10.1 updated
- libfreebl3-3.79.1-150400.3.10.2 updated
- libfreebl3-hmac-3.79.1-150400.3.10.2 updated
- mozilla-nss-certs-3.79.1-150400.3.10.2 updated
- libsoftokn3-3.79.1-150400.3.10.2 updated
- mozilla-nss-3.79.1-150400.3.10.2 updated
- mozilla-nss-tools-3.79.1-150400.3.10.2 updated
- libsoftokn3-hmac-3.79.1-150400.3.10.2 updated
- container:sles15-image-15.0.0-27.11.14 updated

More information about the sle-updates mailing list