SUSE Image Update Advisory: suse/sl-micro/6.0/base-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2024:705-1 Image Tags : suse/sl-micro/6.0/base-os-container:2.1.1 , suse/sl-micro/6.0/base-os-container:2.1.1-3.18 , suse/sl-micro/6.0/base-os-container:latest Image Release : 3.18 Severity : important Type : security References : 1221289 1221665 1221666 1221667 1221668 1227888 1228535 1229930 1229931 1229932 CVE-2024-2004 CVE-2024-2379 CVE-2024-2398 CVE-2024-2466 CVE-2024-28757 CVE-2024-45490 CVE-2024-45491 CVE-2024-45492 CVE-2024-6197 CVE-2024-7264 ----------------------------------------------------------------- The container suse/sl-micro/6.0/base-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 9 Released: Fri Aug 9 10:33:34 2024 Summary: Recommended update for bash, libcap-ng, libselinux, libselinux-bindings, libsemanage, zypper Type: recommended Severity: low References: This update fixes the following issues: - No change rebuild due to dependency changes. ----------------------------------------------------------------- Advisory ID: 30 Released: Wed Sep 4 16:07:40 2024 Summary: Security update for curl Type: security Severity: moderate References: 1221665,1221666,1221667,1221668,1227888,1228535,CVE-2024-2004,CVE-2024-2379,CVE-2024-2398,CVE-2024-2466,CVE-2024-6197,CVE-2024-7264 This update for curl fixes the following issues: Security issues fixed: - CVE-2024-7264: ASN.1 date parser overread (bsc#1228535) - CVE-2024-6197: Freeing stack buffer in utf8asn1str (bsc#1227888) - CVE-2024-2379: QUIC certificate check bypass with wolfSSL (bsc#1221666) - CVE-2024-2466: TLS certificate check bypass with mbedTLS (bsc#1221668) - CVE-2024-2004: Usage of disabled protocol (bsc#1221665) - CVE-2024-2398: HTTP/2 push headers memory-leak (bsc#1221667) Non-security issue fixed: - Fixed various TLS related issues including FTP over SSL transmission timeouts. ----------------------------------------------------------------- Advisory ID: 44 Released: Wed Sep 11 13:33:01 2024 Summary: Security update for expat Type: security Severity: important References: 1221289,1229930,1229931,1229932,CVE-2024-28757,CVE-2024-45490,CVE-2024-45491,CVE-2024-45492 This update for expat fixes the following issues: - CVE-2024-45492: detect integer overflow in function nextScaffoldPart (bsc#1229932) - CVE-2024-45491: detect integer overflow in dtdCopy (bsc#1229931) - CVE-2024-45490: reject negative len for XML_ParseBuffer (bsc#1229930) - CVE-2024-28757: XML Entity Expansion attack when there is isolated use of external parsers (bsc#1221289) The following package changes have been done: - boost-license1_84_0-1.84.0-1.4 added - compat-usrmerge-tools-84.87-2.195 added - crypto-policies-20230920.570ea89-1.50 added - file-magic-5.44-4.151 added - kbd-legacy-2.6.4-1.3 added - libsemanage-conf-3.5-3.1 added - libssh-config-0.10.6-1.12 added - pkgconf-m4-1.8.0-2.205 added - system-user-root-20190513-2.208 added - filesystem-84.87-5.2 added - glibc-2.38-6.4 added - libzstd1-1.5.5-8.142 added - libz1-1.2.13-6.138 added - libxtables12-1.8.9-2.9 added - libverto1-0.3.2-12.5 added - libuuid1-2.39.3-2.7 added - libunistring5-1.1-2.8 added - libtasn1-6-4.19.0-2.7 added - libsqlite3-0-3.44.2-1.2 added - libsmartcols1-2.39.3-2.7 added - libsepol2-3.5-2.196 added - libseccomp2-2.5.4-2.199 added - libsasl2-3-2.1.28-5.7 added - libpopt0-1.19-2.184 added - libpkgconf3-1.8.0-2.205 added - libpcre2-8-0-10.42-2.179 added - libnss_usrfiles2-2.27-2.185 added - libnpth0-1.6-2.5 added - libnghttp2-14-1.52.0-4.12 added - libmnl0-1.0.5-2.7 added - liblzma5-5.4.3-4.166 added - liblz4-1-1.9.4-2.8 added - liblua5_4-5-5.4.6-1.68 added - libkeyutils1-1.6.3-2.8 added - libip4tc2-1.8.9-2.9 added - libgpg-error0-1.47-4.136 added - libgmp10-6.3.0-1.119 added - libgcc_s1-13.2.1+git8285-1.15 added - libffi8-3.4.4-2.182 added - libfa1-1.14.1-1.8 added - libexpat1-2.5.0-2.188 added - libeconf0-0.6.1-1.13 added - libcrypt1-4.4.36-1.134 added - libcom_err2-1.47.0-2.3 added - libcap2-2.69-2.83 added - libcap-ng0-0.8.3-4.1 added - libbz2-1-1.0.8-2.191 added - libbrotlicommon1-1.1.0-1.6 added - libblkid1-2.39.3-2.7 added - libaudit1-3.0.9-3.143 added - libattr1-2.5.1-2.193 added - libalternatives1-1.2+30.a5431e9-2.12 added - libacl1-2.3.1-2.187 added - fillup-1.42-2.7 added - diffutils-3.10-2.101 added - libelf1-0.189-4.143 added - libidn2-0-2.3.4-2.6 added - pkgconf-1.8.0-2.205 added - libselinux1-3.5-3.1 added - libglib-2_0-0-2.76.2-4.12 added - netcfg-11.6-4.42 added - libxml2-2-2.11.6-2.1 added - libksba8-1.6.4-1.4 added - libgcrypt20-1.10.3-1.37 added - libassuan0-2.5.6-1.4 added - libmpfr6-4.2.1-1.117 added - libstdc++6-13.2.1+git8285-1.15 added - libncurses6-6.4.20240224-10.2 added - terminfo-base-6.4.20240224-10.2 added - libp11-kit0-0.25.3-1.6 added - perl-base-5.38.2-1.52 added - libudev1-254.9-1.9 added - chkstat-1600_20240206-1.8 added - libzio1-1.08-2.192 added - libmagic1-5.44-4.151 added - libbrotlidec1-1.1.0-1.6 added - libfdisk1-2.39.3-2.7 added - alts-1.2+30.a5431e9-2.12 added - libdw1-0.189-4.143 added - libbpf1-1.2.0-3.8 added - libpsl5-0.21.2-2.5 added - sed-4.9-2.9 added - libsubid4-4.15.1-1.1 added - libsemanage2-3.5-3.1 added - libmount1-2.39.3-2.7 added - findutils-4.9.0-2.181 added - libgmodule-2_0-0-2.76.2-4.12 added - libaugeas0-1.14.1-1.8 added - libsystemd0-254.9-1.9 added - libreadline8-8.2-2.180 added - bash-5.2.15-3.1 added - p11-kit-0.25.3-1.6 added - p11-kit-tools-0.25.3-1.6 added - libusb-1_0-0-1.0.27-1.2 added - file-5.44-4.151 added - libprocps8-3.3.17-4.7 added - ncurses-utils-6.4.20240224-10.2 added - libyaml-cpp0_8-0.8.0-1.11 added - libsigc-2_0-0-2.12.0-3.6 added - libproxy1-0.4.18-5.12 added - libboost_thread1_84_0-1.84.0-1.4 added - libabsl2308_0_0-20230802.1-1.6 added - bash-sh-5.2.15-3.1 added - procps-3.3.17-4.7 added - libprotobuf-lite23_4_0-23.4-7.24 added - xz-5.4.3-4.166 added - systemd-default-settings-branding-openSUSE-0.7-2.4 added - systemd-default-settings-0.7-2.4 added - pkgconf-pkg-config-1.8.0-2.205 added - pinentry-1.2.1-3.6 added - login_defs-4.15.1-1.1 added - iproute2-6.3-3.11 added - grep-3.11-4.8 added - gawk-5.3.0-1.53 added - coreutils-9.4-4.8 added - tar-1.35-1.1 added - gpg2-2.4.4-1.2 added - systemd-presets-common-SUSE-15-5.1 added - rpm-config-SUSE-20240214-1.1 added - rpm-4.18.0-6.133 added - permissions-config-1600_20240206-1.8 added - glibc-locale-base-2.38-6.4 added - ca-certificates-2+git20230406.2dae8b7-2.8 added - ca-certificates-mozilla-2.62-1.3 added - libgpgme11-1.23.0-1.37 added - libsolv-tools-0.7.28-1.3 added - permissions-1600_20240206-1.8 added - libopenssl3-3.1.4-5.6 added - pam-1.6.0-2.22 added - iputils-20221126-2.10 added - libzck1-1.3.2-1.7 added - libldap2-2.6.4-4.12 added - libkmod2-30-10.56 added - krb5-1.20.1-4.11 added - util-linux-2.39.3-2.7 added - shadow-4.15.1-1.1 added - pam-config-2.11-1.1 added - kbd-2.6.4-1.3 added - libssh4-0.10.6-1.12 added - libcurl4-8.6.0-1.2 added - libzypp-17.31.31-1.4 added - curl-8.6.0-1.2 added - zypper-1.14.68-2.1 added - SL-Micro-release-6.0-24.5 added - aaa_base-84.87+git20230815.cab7b44-1.8 added - dbus-1-daemon-1.14.10-1.11 added - dbus-1-tools-1.14.10-1.11 added - systemd-254.9-1.9 added - sysuser-shadow-3.1-2.197 added - dbus-1-common-1.14.10-1.11 added - libdbus-1-3-1.14.10-1.11 added - dbus-1-1.14.10-1.11 added - container:suse-toolbox-image-1.0.0-6.39 added