<div class="container">
<h1>Recommended update for libcontainers-common</h1>
<table class="table table-striped table-bordered">
<tbody>
<tr>
<th>Announcement ID:</th>
<td>SUSE-RU-2024:1623-1</td>
</tr>
<tr>
<th>Rating:</th>
<td>moderate</td>
</tr>
<tr>
<th>References:</th>
<td>
<ul>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1197030">bsc#1197030</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213556">bsc#1213556</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1216443">bsc#1216443</a>
</li>
</ul>
</td>
</tr>
<tr>
<th>Affected Products:</th>
<td>
<ul class="list-group">
<li class="list-group-item">Basesystem Module 15-SP5</li>
<li class="list-group-item">openSUSE Leap 15.5</li>
<li class="list-group-item">SUSE Linux Enterprise Desktop 15 SP5</li>
<li class="list-group-item">SUSE Linux Enterprise High Performance Computing 15 SP5</li>
<li class="list-group-item">SUSE Linux Enterprise Micro 5.5</li>
<li class="list-group-item">SUSE Linux Enterprise Real Time 15 SP5</li>
<li class="list-group-item">SUSE Linux Enterprise Server 15 SP5</li>
<li class="list-group-item">SUSE Linux Enterprise Server for SAP Applications 15 SP5</li>
</ul>
</td>
</tr>
</tbody>
</table>
<p>An update that has three fixes can now be installed.</p>
<h2>Description:</h2>
<p>This update for libcontainers-common fixes the following issues:</p>
<p>New release 20240206:</p>
<ul>
<li>bump bundled c/common to 0.57.4</li>
<li>bump bundled c/image to 0.29.2</li>
<li>conditionally require libcontainers-sles-mounds for product(SLE-Micro) as well
(SLE Micro 6.0 now no longer provides product(SUSE_SLE) and instead only
provides product(SLE-Micro)), fixes bsc#1216443</li>
</ul>
<p>New release 20231204:</p>
<ul>
<li>
<p>bump c/common to 0.57.0</p>
</li>
<li>
<p>Fix specification of unix:///run</p>
</li>
<li>libimage/layer_tree: if parent is empty and a manifest list then ignore check.</li>
<li>Split up util package into pkg/password, pkg/copy, pkg/version</li>
<li>Remove ActiveDestination method to move into podman</li>
<li>Default machine CPUs to Cores/2</li>
<li>pkg/config: do NOT set StaticDir and VolumeDir</li>
<li>Implement negated label match function</li>
<li>
<p>chore: import packages only once</p>
</li>
<li>
<p>bump c/storage to 1.51.0</p>
</li>
<li>
<p>overlay, composefs: mount loop device RO</p>
</li>
<li>Run codespell on code</li>
<li>store: serialize container deletion</li>
<li>pkg/system: reduce retry timeout for EnsureRemoveAll</li>
<li>overlay, composefs: use data-only lower layers</li>
<li>
<p>store: call RecordWrite() before graphDriver Cleanup()</p>
</li>
<li>
<p>bump c/image to 5.29.0</p>
</li>
<li>
<p>Use constants and types from opencontainers/image-spec/specs-go/v1</p>
</li>
<li>progress: set Current before Refill</li>
<li>copy: fix nil pointer dereference when checking compression algorithm</li>
<li>ociarchive: Add new ArchiveFileNotFoundError</li>
</ul>
<p>New release 20230913:</p>
<ul>
<li>
<p>bump c/image to 5.28.0</p>
</li>
<li>
<p>Adding IO decorator to copy progress bar</p>
</li>
<li>Ensure we close HTTP connections on all paths</li>
<li>manifest: ListUpdate add imgspecv1.Platform field</li>
<li>pkg/docker: use the same default auth path as macOS on FreeBSD</li>
<li>blob: TryReusingBlobWithOptions consider RequiredCompression if set</li>
<li>Fix tests of the ostree transport</li>
<li>helpers_test,cleanup: correct argument order</li>
<li>Make temporary names container/image specific</li>
<li>listupdate,oci: instance show read-only annotations and CompressionAlgorithmNames</li>
<li>Fix TestOCI1IndexChooseInstanc</li>
<li>Refactor data passing in c/image/copy</li>
<li>Update module github.com/sigstore/fulcio to v1.4.0</li>
<li>copy/multiple: instanceCopyCopy honor UpdateCompressionAlgorithms</li>
<li>Update vendor of containers/storage</li>
<li>copy/single: accept custom *Options and wrap arguments in copySingleImageOptions</li>
<li>Improve transport documentation</li>
<li>copy: implement instanceCopyClone for zstd compression</li>
<li>copy/multiple: priority of instanceCopyCopy must be higher than instanceCopyClone</li>
<li>Clarify where mirrors are used</li>
<li>Update x/exp/slices, and some small slice-related cleanups</li>
<li>Use consistent example domains in #2069</li>
<li>copy: add support for ForceCompressionFormat</li>
<li>storage.storageImageDestination.Commit(): leverage image options</li>
<li>Rename SKOPEO_CI_TAG to SKOPEO_CI_BRANCH</li>
<li>[CI:DOCS] Add cirrus-cron retry/monitor jobs</li>
<li>[release-5.27] Fix the branch we use for determining a git-validation starting point</li>
<li>OCI image-spec / distribution-spec v1.1 updates, first round</li>
<li>Merge release branch into main</li>
<li>BREAKING: Update for move of github.com/theupdateframework/go-tuf/encrypted</li>
<li>Update module github.com/containers/ocicrypt to v1.1.8</li>
<li>fix removal of temp file in GetBlob on Windows</li>
<li>Fix build with golangci-lint 1.54.2</li>
<li>Implement, and default to, a SQLite BlobInfoCache instead of BoltDB</li>
<li>Update dependencies of docker/docker</li>
<li>Correctly handle encryption/decryption changes in non-OCI formats</li>
</ul>
<p>New release 20230814:</p>
<ul>
<li>
<p>bump c/storage to 1.48.0</p>
</li>
<li>
<p>Fix error if continueWrite/continueRead pipe open fails</p>
</li>
<li>pkg/regexp: make sure that &Regexp implements the interfaces</li>
<li>
<p>Remove use of fillGo18FileTypeBits</p>
</li>
<li>
<p>bump c/image to 5.27.0</p>
</li>
<li>
<p>Don't completely silently ignore non-OCI manifests in OCI layouts</p>
</li>
<li>
<p>bump c/common to 0.55.3</p>
</li>
<li>
<p>Change default image volume mode to "nullfs" on FreeBSD</p>
</li>
<li>[v0.55][CI-DOCS] remove zstd:chunked from docs</li>
<li>libimage: harden lookup by digest</li>
<li>
<p>libimage: HasDifferentDigest: add InsecureSkipTLSVerify option</p>
</li>
<li>
<p>Disable CNI related configs on ALP (bsc#1213556)</p>
</li>
</ul>
<p>(https://github.com/containers/podman/issues/19327)</p>
<ul>
<li>
<p>Resolve choice on openSUSE distributions for libcontainer-policy
by suggesting the libcontainers-openSUSE-policy explicitly.</p>
</li>
<li>
<p>Enforce BCI verification via Podman on openSUSE distributions
using the already shipped container signing keys.
(bsc#1197030)</p>
</li>
</ul>
<h2>Patch Instructions:</h2>
<p>
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".<br/>
Alternatively you can run the command listed for your product:
</p>
<ul class="list-group">
<li class="list-group-item">
openSUSE Leap 15.5
<br/>
<code>zypper in -t patch SUSE-2024-1623=1 openSUSE-SLE-15.5-2024-1623=1</code>
</li>
<li class="list-group-item">
SUSE Linux Enterprise Micro 5.5
<br/>
<code>zypper in -t patch SUSE-SLE-Micro-5.5-2024-1623=1</code>
</li>
<li class="list-group-item">
Basesystem Module 15-SP5
<br/>
<code>zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1623=1</code>
</li>
</ul>
<h2>Package List:</h2>
<ul>
<li>
openSUSE Leap 15.5 (noarch)
<ul>
<li>libcontainers-openSUSE-policy-20240206-150500.4.9.2</li>
<li>libcontainers-common-20240206-150500.4.9.2</li>
<li>libcontainers-sles-mounts-20240206-150500.4.9.2</li>
<li>libcontainers-default-policy-20240206-150500.4.9.2</li>
</ul>
</li>
<li>
SUSE Linux Enterprise Micro 5.5 (noarch)
<ul>
<li>libcontainers-openSUSE-policy-20240206-150500.4.9.2</li>
<li>libcontainers-common-20240206-150500.4.9.2</li>
<li>libcontainers-sles-mounts-20240206-150500.4.9.2</li>
<li>libcontainers-default-policy-20240206-150500.4.9.2</li>
</ul>
</li>
<li>
Basesystem Module 15-SP5 (noarch)
<ul>
<li>libcontainers-openSUSE-policy-20240206-150500.4.9.2</li>
<li>libcontainers-common-20240206-150500.4.9.2</li>
<li>libcontainers-sles-mounts-20240206-150500.4.9.2</li>
<li>libcontainers-default-policy-20240206-150500.4.9.2</li>
</ul>
</li>
</ul>
<h2>References:</h2>
<ul>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1197030">https://bugzilla.suse.com/show_bug.cgi?id=1197030</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213556">https://bugzilla.suse.com/show_bug.cgi?id=1213556</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1216443">https://bugzilla.suse.com/show_bug.cgi?id=1216443</a>
</li>
</ul>
</div>