SUSE Container Update Advisory: 
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2022:1962-1
Container Tags        : suse/sle-micro-rancher/5.3:latest
Container Release     : 2.2.20
Severity              : important
Type                  : security
References            : 1041090 1183308 1192616 1195881 1196017 1196212 1196499 1197017
                        1202310 1202657 1202733 CVE-2022-31676 
-----------------------------------------------------------------

The container  was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-feature-2022:2926-1
Released:    Mon Aug 29 10:38:54 2022
Summary:     Feature update for LibreOffice
Type:        feature
Severity:    moderate
References:  1041090,1183308,1192616,1195881,1196017,1196212,1196499,1197017
This feature update for LibreOffice provides the following fixes:

abseil-cpp:

- Provide abseil-cpp version 20211102.0 as LibreOffice 7.3 dependency. (jsc#SLE-23447)
- Mention already fixed issues. (fate#326485, bsc#1041090)

libcuckoo:

- Provide libcuckoo version 0.3 as LibreOffice dependency. (jsc#SLE-23447)

libixion:

- Update libixion from version 0.16.1 to version 0.17.0. (jsc#SLE-23447)
- Build with mdds-2_0 instead of mdds-1.5. (jsc#SLE-23447)
- Build with gcc11 and gcc11-c++. (jsc#SLE-23447)
- Remove unneeded vulkan dependency
- Provide binaries for non x86_64 architectures directly to SUSE Package Hub. (ijsc#MSC-303)
 
libreoffice:

- Update LibreOffice from version 7.2.5.1 to version 7.3.3.1. (jsc#SLE-23447, jsc#SLE-24021)
  * Update bundled dependencies:
    * gpgme from version 1.13.1 to version 1.16.0
    * libgpg-error from version 1.37 to version 1.43
    * libassuan from version 2.5.3 to version 2.5.5
    * pdfium from version 4500 to version 4699
    * skia from version m90-45c57e116ee0ce214bdf78405a4762722e4507d9 to version m97-a7230803d64ae9d44f4e1282444801119a3ae967
    * boost from version 1_75 to version 1_77
    * icu4c from version 69_1 to version 70_1
    * On SUSE Linux Enterprise 15 SP3 and newer require curl-devel 7.68.0 or newer
  * New build dependencies:
    * abseil-cpp-devel
    * libassuan0
    * libcuckoo-devel
    * libopenjp2
    * requrire liborcus-0.17 instead of liborcus-0.16
    * requrire mdds-2.0 instead of mdds-1.5
  * Do not use serf-1 anymore but use curl instead.
  * Other fixes:
    * Extraneous/missing lines in table in Impress versus PowerPoint (bsc#1192616)
    * Text with tabs appears quite different in Impress than in PowerPoint (bsc#1196212)
    * Bullets appear larger and green instead of black. (bsc#1195881)
    * Enable gtk3_kde5 and make it possible to use gtk3 in kde with the kde filepicker (bsc#1197017)
    * Mention already fixed issues. (bsc#1183308, bsc#1196017, bsc#1196499)

liborcus:

- Update liborcus from version 0.16.1 to version 0.17.2. (jsc#SLE-23447)
- Require mdds-2_0 instead of mdds-1.5. (jsc#SLE-23447)
- Require libixion-0.17 instead of libixion-0.16. (jsc#SLE-23447)
- Build with libtool and use autotools. (jsc#SLE-23447)
- Provide binaries for non x86_64 architectures directly to SUSE Package Hub. (ijsc#MSC-303)

mdds-2_0:

- Provide mdds-2_0 version 2.0.2 as LibreOffice dependency. (jsc#SLE-23447)

myspell-dictionaries:

- Provide binaries for non x86_64 architectures directly to SUSE Package Hub. (ijsc#MSC-303)
- There are no visible changes for the final user.

ucpp:

- Provide binaries for non x86_64 architectures directly to SUSE Package Hub. (ijsc#MSC-303)
- There are no visible changes for the final user.

xmlsec1:

- Provide binaries for non x86_64 architectures directly to SUSE Package Hub. (ijsc#MSC-303)
- There are no visible changes for the final user.
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2929-1
Released:    Mon Aug 29 11:21:47 2022
Summary:     Recommended update for timezone
Type:        recommended
Severity:    important
References:  1202310
This update for timezone fixes the following issue:

- Reflect new Chile DST change (bsc#1202310)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2936-1
Released:    Mon Aug 29 14:34:13 2022
Summary:     Security update for open-vm-tools
Type:        security
Severity:    important
References:  1202657,1202733,CVE-2022-31676
This update for open-vm-tools fixes the following issues:

- Updated to version 12.1.0 (build 20219665) (bsc#1202733):
  - CVE-2022-31676: Fixed an issue that could allow unprivileged users
    inside a virtual machine to escalate privileges (bsc#1202657).


The following package changes have been done:

- libvmtools0-12.1.0-150300.19.1 updated
- libxmlsec1-1-1.2.28-150100.7.11.1 updated
- libxmlsec1-openssl1-1.2.28-150100.7.11.1 updated
- open-vm-tools-12.1.0-150300.19.1 updated
- timezone-2022a-150000.75.10.1 updated