SUSE Container Update Advisory: ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2023:2521-1 Container Tags : suse/sle-micro-rancher/5.2:latest Container Release : 7.5.175 Severity : moderate Type : security References : 1201399 1201627 1207534 1208003 1210799 1213487 CVE-2022-4304 CVE-2023-3446 ----------------------------------------------------------------- The container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:3173-1 Released: Thu Aug 3 08:56:10 2023 Summary: Recommended update for perl-Bootloader Type: recommended Severity: moderate References: 1201399,1208003,1210799 This update for perl-Bootloader fixes the following issues: - Use signed grub EFI binary when updating grub in default EFI location (bsc#1210799) - UEFI: update also default location, if it is controlled by SUSE (bsc#1210799, bsc#1201399) - Use `fw_platform_size` to distinguish between 32 bit and 64 bit UEFI platforms (bsc#1208003) - Add basic support for systemd-boot ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:3179-1 Released: Thu Aug 3 13:59:38 2023 Summary: Security update for openssl-1_1 Type: security Severity: moderate References: 1201627,1207534,1213487,CVE-2022-4304,CVE-2023-3446 This update for openssl-1_1 fixes the following issues: - CVE-2022-4304: Reworked the fix for the Timing-Oracle in RSA decryption. The previous fix for this timing side channel turned out to cause a severe 2-3x performance regression in the typical use case (bsc#1207534). - CVE-2023-3446: Fixed DH_check() excessive time with over sized modulus (bsc#1213487). - Update further expiring certificates that affect tests [bsc#1201627] The following package changes have been done: - libopenssl1_1-1.1.1d-150200.11.72.1 updated - openssl-1_1-1.1.1d-150200.11.72.1 updated - perl-Bootloader-0.944-150300.3.9.1 updated