SUSE-RU-2024:0958-1: moderate: Recommended update for google-guest-agent, google-guest-oslogin

[SLE-UPDATES]

# Recommended update for google-guest-agent, google-guest-oslogin

Announcement ID: SUSE-RU-2024:0958-1  
Rating: moderate  
References:

  * bsc#1191036
  * bsc#1202100
  * bsc#1202101
  * bsc#1216546
  * bsc#1216547
  * bsc#1216548
  * bsc#1216750
  * bsc#1216751
  * bsc#1219642

  
Affected Products:

  * Public Cloud Module 12
  * SUSE Linux Enterprise High Performance Computing 12 SP2
  * SUSE Linux Enterprise High Performance Computing 12 SP3
  * SUSE Linux Enterprise High Performance Computing 12 SP4
  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12
  * SUSE Linux Enterprise Server 12 SP1
  * SUSE Linux Enterprise Server 12 SP2
  * SUSE Linux Enterprise Server 12 SP3
  * SUSE Linux Enterprise Server 12 SP4
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server for SAP Applications 12
  * SUSE Linux Enterprise Server for SAP Applications 12 SP1
  * SUSE Linux Enterprise Server for SAP Applications 12 SP2
  * SUSE Linux Enterprise Server for SAP Applications 12 SP3
  * SUSE Linux Enterprise Server for SAP Applications 12 SP4
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that has nine fixes can now be installed.

## Description:

This update for google-guest-agent, google-guest-oslogin fixes the following
issues:

  * Add explicit versioned dependency on google-guest-oslogin (bsc#1219642)
  * Update to version 20231031.01 (bsc#1216547, bsc#1216751, bsc#1216548,
    bsc#1216750, bsc#1202100, bsc#1202101)
  * Enable mTLS by default
  * Rotate MDS root certificate
  * Don't try to schedule mTLS job twice
  * Bump the golang compiler version to 1.21 (bsc#1216546)
  * Instance setup: trust/rely on metadata package's retry
  * Update known cert dirs for updaters
  * Verify cert refresher is enabled before running
  * Add support for the SSH key options
  * Events interface improvement
  * Refactor script runner to use common metadata package
  * Schedule MTLS job before notifying systemd
  * Refactor authorized keys to use metadata package
  * docs update: Add configuration and event manager's docs
  * oslogin: Resort ssh configuration keys
  * sshca: Make sure to restore SELinux context of the pipe
  * Notify systemd after scheduling required jobs
  * Use pam_moduledir (bsc#1191036)
  * pam login: Split conditions for logging

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * Public Cloud Module 12  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2024-958=1

## Package List:

  * Public Cloud Module 12 (aarch64 ppc64le s390x x86_64)
    * google-guest-oslogin-debugsource-20231101.00-1.29.1
    * google-guest-agent-20231031.01-1.35.1
    * google-guest-oslogin-debuginfo-20231101.00-1.29.1
    * google-guest-oslogin-20231101.00-1.29.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1191036
  * https://bugzilla.suse.com/show_bug.cgi?id=1202100
  * https://bugzilla.suse.com/show_bug.cgi?id=1202101
  * https://bugzilla.suse.com/show_bug.cgi?id=1216546
  * https://bugzilla.suse.com/show_bug.cgi?id=1216547
  * https://bugzilla.suse.com/show_bug.cgi?id=1216548
  * https://bugzilla.suse.com/show_bug.cgi?id=1216750
  * https://bugzilla.suse.com/show_bug.cgi?id=1216751
  * https://bugzilla.suse.com/show_bug.cgi?id=1219642

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20240322/9797bd59/attachment.htm>