SUSE-CU-2023:3168-1: Security update of suse/manager/4.3/proxy-httpd

sle-updates at lists.suse.com sle-updates at lists.suse.com
Thu Sep 28 13:05:35 UTC 2023


SUSE Container Update Advisory: suse/manager/4.3/proxy-httpd
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2023:3168-1
Container Tags        : suse/manager/4.3/proxy-httpd:4.3.8 , suse/manager/4.3/proxy-httpd:4.3.8.9.37.2 , suse/manager/4.3/proxy-httpd:latest , suse/manager/4.3/proxy-httpd:susemanager-4.3.8 , suse/manager/4.3/proxy-httpd:susemanager-4.3.8.9.37.2
Container Release     : 9.37.2
Severity              : important
Type                  : security
References            : 1158763 1186606 1193948 1194038 1194609 1194900 1195391 1201519
                        1204844 1205161 1206627 1207330 1207330 1207778 1207805 1208194
                        1208692 1208692 1209741 1210702 1210740 1210935 1210935 1211079
                        1211525 1211525 1211576 1211874 1211874 1211884 1211884 1212246
                        1212246 1212434 1212730 1212730 1212814 1212814 1212827 1212827
                        1212856 1212856 1212943 1212943 1213009 1213009 1213077 1213077
                        1213185 1213189 1213231 1213240 1213288 1213288 1213441 1213445
                        1213445 1213469 1213472 1213517 1213557 1213575 1213673 1213675
                        1213675 1213716 1213716 1213853 1213873 1213880 1213880 1214002
                        1214002 1214025 1214052 1214054 1214071 1214121 1214121 1214124
                        1214124 1214140 1214187 1214187 1214266 1214266 1214280 1214280
                        1214290 1214458 1214692 1214768 1214796 1214797 1214889 1214889
                        1214982 1214982 1215352 1215352 1215362 1215362 1215373 1215413
                        1215413 1215497 1215497 1215756 1215756 CVE-2023-20897 CVE-2023-20898
                        CVE-2023-29409 CVE-2023-29409 CVE-2023-36054 CVE-2023-3817 CVE-2023-39615
                        CVE-2023-4016 CVE-2023-40217 CVE-2023-4039 CVE-2023-4156 
-----------------------------------------------------------------

The container suse/manager/4.3/proxy-httpd was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:3217-1
Released:    Mon Aug  7 16:51:10 2023
Summary:     Recommended update for cryptsetup
Type:        recommended
Severity:    moderate
References:  1211079
This update for cryptsetup fixes the following issues:

- Handle system with low memory and no swap space (bsc#1211079)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:3275-1
Released:    Fri Aug 11 10:19:36 2023
Summary:     Recommended update for apparmor
Type:        recommended
Severity:    moderate
References:  1213472
This update for apparmor fixes the following issues:

- Add pam_apparmor README (bsc#1213472)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:3285-1
Released:    Fri Aug 11 10:30:38 2023
Summary:     Recommended update for shadow
Type:        recommended
Severity:    moderate
References:  1206627,1213189
This update for shadow fixes the following issues:

- Prevent lock files from remaining after power interruptions (bsc#1213189)
- Add --prefix support to passwd, chpasswd and chage (bsc#1206627)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:3286-1
Released:    Fri Aug 11 10:32:03 2023
Summary:     Recommended update for util-linux
Type:        recommended
Severity:    moderate
References:  1194038,1194900
This update for util-linux fixes the following issues:

- Fix blkid for floppy drives (bsc#1194900)
- Fix rpmbuild %checks fail when @ in the directory path (bsc#1194038)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:3330-1
Released:    Wed Aug 16 08:59:33 2023
Summary:     Recommended update for python-pyasn1
Type:        recommended
Severity:    important
References:  1207805
This update for python-pyasn1 fixes the following issues:

- To avoid users of this package having to recompile bytecode
  files, change the mtime of any __init__.py. (bsc#1207805)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:3363-1
Released:    Fri Aug 18 14:54:16 2023
Summary:     Security update for krb5
Type:        security
Severity:    important
References:  1214054,CVE-2023-36054
This update for krb5 fixes the following issues:

- CVE-2023-36054: Fixed a DoS that could be triggered by an authenticated remote user. (bsc#1214054)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:3397-1
Released:    Wed Aug 23 18:35:56 2023
Summary:     Security update for openssl-1_1
Type:        security
Severity:    moderate
References:  1213517,1213853,CVE-2023-3817
This update for openssl-1_1 fixes the following issues:

- CVE-2023-3817: Fixed a potential DoS due to excessive time spent checking DH q parameter value. (bsc#1213853)
- Don't pass zero length input to EVP_Cipher because s390x assembler optimized AES cannot handle zero size. (bsc#1213517)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:3410-1
Released:    Thu Aug 24 06:56:32 2023
Summary:     Recommended update for audit
Type:        recommended
Severity:    moderate
References:  1201519,1204844
This update for audit fixes the following issues:

- Create symbolic link from /sbin/audisp-syslog to /usr/sbin/audisp-syslog (bsc#1201519)
- Fix rules not loaded when restarting auditd.service (bsc#1204844)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:3440-1
Released:    Mon Aug 28 08:57:10 2023
Summary:     Security update for gawk
Type:        security
Severity:    low
References:  1214025,CVE-2023-4156
This update for gawk fixes the following issues:

- CVE-2023-4156: Fix a heap out of bound read by validating the index into argument list. (bsc#1214025)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:3451-1
Released:    Mon Aug 28 12:15:22 2023
Summary:     Recommended update for systemd
Type:        recommended
Severity:    moderate
References:  1186606,1194609,1208194,1209741,1210702,1211576,1212434,1213185,1213575,1213873
This update for systemd fixes the following issues:

- Fix reboot and shutdown issues by getting only active MD arrays (bsc#1211576, bsc#1212434, bsc#1213575)
- Decrease devlink priority for iso disks (bsc#1213185)
- Do not ignore mount point paths longer than 255 characters (bsc#1208194)
- Refuse hibernation if there's no possible way to resume (bsc#1186606)
- Update 'korean' and 'arabic' keyboard layouts (bsc#1210702)
- Drop some entries no longer needed by YaST (bsc#1194609)
- The 'systemd --user' instances get their own session keyring instead of the user default one (bsc#1209741)
- Dynamically allocate receive buffer to handle large amount of mounts (bsc#1213873)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:3468-1
Released:    Tue Aug 29 09:22:18 2023
Summary:     Recommended update for python3
Type:        recommended
Severity:    low
References:  
This update for python3 fixes the following issue:

- Rename sources in preparation of python3.11 (jsc#PED-68)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:3472-1
Released:    Tue Aug 29 10:55:16 2023
Summary:     Security update for procps
Type:        security
Severity:    low
References:  1214290,CVE-2023-4016
This update for procps fixes the following issues:

  - CVE-2023-4016: Fixed ps buffer overflow (bsc#1214290).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:3486-1
Released:    Tue Aug 29 14:25:23 2023
Summary:     Recommended update for lvm2
Type:        recommended
Severity:    moderate
References:  1214071
This update for lvm2 fixes the following issues:

- blkdeactivate calls wrong mountpoint cmd (bsc#1214071)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:3514-1
Released:    Fri Sep  1 15:48:52 2023
Summary:     Recommended update for libzypp, zypper
Type:        recommended
Severity:    moderate
References:  1158763,1210740,1213231,1213557,1213673
This update for libzypp, zypper fixes the following issues:

- Fix occasional isue with downloading very small files (bsc#1213673)
- Fix negative ZYPP_LOCK_TIMEOUT not waiting forever (bsc#1213231)
- Fix OES synchronization issues when cookie file has mode 0600 (bsc#1158763)
- Don't cleanup orphaned dirs if read-only mode was promised (bsc#1210740)
- Revised explanation of --force-resolution in man page (bsc#1213557)
- Print summary hint if policies were violated due to --force-resolution (bsc#1213557)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:3611-1
Released:    Fri Sep 15 09:28:36 2023
Summary:     Recommended update for sysuser-tools
Type:        recommended
Severity:    moderate
References:  1195391,1205161,1207778,1213240,1214140
This update for sysuser-tools fixes the following issues:

- Update to version 3.2
- Always create a system group of the same name as the system user (bsc#1205161, bsc#1207778, bsc#1213240)
- Add 'quilt setup' friendly hint to %sysusers_requires usage
- Use append so if a pre file already exists it isn't overridden
- Invoke bash for bash scripts (bsc#1195391) 
- Remove all systemd requires not supported on SLE15 (bsc#1214140)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:3661-1
Released:    Mon Sep 18 21:44:09 2023
Summary:     Security update for gcc12
Type:        security
Severity:    important
References:  1214052,CVE-2023-4039
This update for gcc12 fixes the following issues:

- CVE-2023-4039: Fixed incorrect stack protector for C99 VLAs on Aarch64 (bsc#1214052).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:3699-1
Released:    Wed Sep 20 11:02:50 2023
Summary:     Security update for libxml2
Type:        security
Severity:    important
References:  1214768,CVE-2023-39615
This update for libxml2 fixes the following issues:

- CVE-2023-39615: Fixed crafted xml can cause global buffer overflow (bsc#1214768).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:3828-1
Released:    Wed Sep 27 19:07:38 2023
Summary:     Security update for python3
Type:        security
Severity:    important
References:  1214692,CVE-2023-40217
This update for python3 fixes the following issues:

- CVE-2023-40217: Fixed TLS handshake bypass on closed sockets (bsc#1214692).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:3856-1
Released:    Thu Sep 28 09:42:16 2023
Summary:     Recommended update for apparmor
Type:        recommended
Severity:    moderate
References:  1214458
This update for apparmor fixes the following issues:

- Update zgrep profile to allow egrep helper use (bsc#1214458)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:3861-1
Released:    Thu Sep 28 13:37:55 2023
Summary:     Maintenance update for SUSE Manager 4.3: Server, Proxy and Retail Branch Server
Type:        security
Severity:    important
References:  1207330,1208692,1210935,1211525,1211874,1211884,1212246,1212730,1212814,1212827,1212856,1212943,1213009,1213077,1213288,1213445,1213675,1213716,1213880,1214002,1214121,1214124,1214187,1214266,1214280,1214889,1214982,1215352,1215362,1215373,1215413,1215497,1215756,CVE-2023-29409


This is a codestream only update

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:3885-1
Released:    Thu Sep 28 13:51:58 2023
Summary:     Maintenance update for SUSE Manager 4.3.8 Release Notes
Type:        security
Severity:    important
References:  1193948,1207330,1208692,1210935,1211525,1211874,1211884,1212246,1212730,1212814,1212827,1212856,1212943,1213009,1213077,1213288,1213441,1213445,1213469,1213675,1213716,1213880,1214002,1214121,1214124,1214187,1214266,1214280,1214796,1214797,1214889,1214982,1215352,1215362,1215413,1215497,1215756,CVE-2023-20897,CVE-2023-20898,CVE-2023-29409
Maintenance update for SUSE Manager 4.3.8 Release Notes:

This is a codestream only update
  

The following package changes have been done:

- libuuid1-2.37.2-150400.8.20.1 updated
- libudev1-249.16-150400.8.33.1 updated
- libsmartcols1-2.37.2-150400.8.20.1 updated
- libblkid1-2.37.2-150400.8.20.1 updated
- libaudit1-3.0.6-150400.4.13.1 updated
- libfdisk1-2.37.2-150400.8.20.1 updated
- libgcc_s1-12.3.0+git1204-150000.1.16.1 updated
- libstdc++6-12.3.0+git1204-150000.1.16.1 updated
- libxml2-2-2.9.14-150400.5.22.1 updated
- libsystemd0-249.16-150400.8.33.1 updated
- libopenssl1_1-1.1.1l-150400.7.53.1 updated
- libopenssl1_1-hmac-1.1.1l-150400.7.53.1 updated
- libprocps7-3.3.15-150000.7.34.1 updated
- procps-3.3.15-150000.7.34.1 updated
- libmount1-2.37.2-150400.8.20.1 updated
- krb5-1.19.2-150400.3.6.1 updated
- login_defs-4.8.1-150400.10.9.1 updated
- shadow-4.8.1-150400.10.9.1 updated
- libzypp-17.31.20-150400.3.40.1 updated
- sysuser-shadow-3.2-150400.3.5.3 updated
- zypper-1.14.63-150400.3.29.1 updated
- util-linux-2.37.2-150400.8.20.1 updated
- libapparmor1-3.0.4-150400.5.9.1 updated
- libdevmapper1_03-2.03.05_1.02.163-150400.188.1 updated
- release-notes-susemanager-proxy-4.3.8-150400.3.61.2 updated
- python3-base-3.6.15-150300.10.51.1 updated
- libpython3_6m1_0-3.6.15-150300.10.51.1 updated
- libcryptsetup12-2.4.3-150400.3.3.1 updated
- libcryptsetup12-hmac-2.4.3-150400.3.3.1 updated
- gawk-4.2.1-150000.3.3.1 updated
- python3-3.6.15-150300.10.51.1 updated
- systemd-249.16-150400.8.33.1 updated
- python3-uyuni-common-libs-4.3.9-150400.3.15.13 updated
- python3-pyasn1-0.4.2-150000.3.5.1 updated
- python3-ordered-set-4.0.2-150400.8.34 updated
- python3-pyudev-0.22.0+git.1642212208.d5630bf-150400.5.50 updated
- python3-libxml2-2.9.14-150400.5.22.1 updated
- python3-gobject-3.42.2-150400.10.23 updated
- python3-dmidecode-3.12.2-150400.18.64 updated
- python3-pyOpenSSL-21.0.0-150400.7.62 updated
- spacewalk-backend-4.3.23-150400.3.27.19 updated


More information about the sle-updates mailing list