SUSE Container Update Advisory: ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2023:90-1 Container Tags : suse/sle-micro-rancher/5.3:latest Container Release : 7.2.76 Severity : moderate Type : security References : 1195391 1199467 1200107 1200791 1203092 1204423 1204585 1205502 1206579 CVE-2022-47629 ----------------------------------------------------------------- The container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:45-1 Released: Mon Jan 9 10:32:26 2023 Summary: Recommended update for libxml2 Type: recommended Severity: moderate References: 1204585 This update for libxml2 fixes the following issues: - Add W3C conformance tests to the testsuite (bsc#1204585): * Added file xmlts20080827.tar.gz ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:48-1 Released: Mon Jan 9 10:37:54 2023 Summary: Recommended update for libtirpc Type: recommended Severity: moderate References: 1199467 This update for libtirpc fixes the following issues: - Consider /proc/sys/net/ipv4/ip_local_reserved_ports, before binding to a random port (bsc#1199467) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:50-1 Released: Mon Jan 9 10:42:21 2023 Summary: Recommended update for shadow Type: recommended Severity: moderate References: 1205502 This update for shadow fixes the following issues: - Fix issue with user id field that cannot be interpreted (bsc#1205502) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:51-1 Released: Mon Jan 9 10:42:58 2023 Summary: Recommended update for suse-module-tools Type: recommended Severity: moderate References: 1195391,1200107,1203092,1204423 This update for suse-module-tools fixes the following issues: - 80-hotplug-cpu-mem.rules: Restrict udev rule for Hotplug physical CPU to x86_64 architecture (bsc#1204423) - driver-check.sh, unblacklist: Convert `egrep` to `grep -E` (bsc#1203092) - driver-check.sh: Avoid false positive error messages (bsc#1200107) - kernel-scriptlets: Don't pass flags to weak-modules2 (bsc#1195391) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:54-1 Released: Mon Jan 9 10:49:19 2023 Summary: Recommended update for bash-completion Type: recommended Severity: moderate References: 1200791 This update for bash-completion fixes the following issues: - Fix curl help completion (bsc#1200791) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:56-1 Released: Mon Jan 9 11:13:43 2023 Summary: Security update for libksba Type: security Severity: moderate References: 1206579,CVE-2022-47629 This update for libksba fixes the following issues: - CVE-2022-47629: Fixed an integer overflow vulnerability in the CRL signature parser (bsc#1206579). The following package changes have been done: - bash-completion-2.7-150400.13.3.1 updated - libksba8-1.3.5-150000.4.6.1 updated - libtirpc-netconfig-1.2.6-150300.3.17.1 updated - libtirpc3-1.2.6-150300.3.17.1 updated - libxml2-2-2.9.14-150400.5.13.1 updated - login_defs-4.8.1-150400.10.3.1 updated - shadow-4.8.1-150400.10.3.1 updated - suse-module-tools-15.4.15-150400.3.5.1 updated