SUSE Container Update Advisory: ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2024:1293-1 Container Tags : suse/sle-micro-rancher/5.3:latest Container Release : 7.2.358 Severity : important Type : security References : 1207987 1212440 1213809 1219142 1220117 1220374 1221831 CVE-2024-28085 ----------------------------------------------------------------- The container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:1169-1 Released: Tue Apr 9 09:50:32 2024 Summary: Security update for util-linux Type: security Severity: important References: 1207987,1220117,1221831,CVE-2024-28085 This update for util-linux fixes the following issues: - CVE-2024-28085: Properly neutralize escape sequences in wall. (bsc#1221831) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:1177-1 Released: Tue Apr 9 11:01:35 2024 Summary: Recommended update for multipath-tools Type: recommended Severity: moderate References: 1212440,1213809,1219142,1220374 This update for multipath-tools fixes the following issues: - Fixed activation of LVM volume groups during coldplug (bsc#1219142) - Avoid changing SCSI timeouts in 'multipath -d' (bsc#1213809) - Fixed dev_loss_tmo even if not set in configuration (bsc#1212440) - Backport of upstream bug fixes (bsc#1220374): * Avoid setting queue_if_no_path on multipath maps for which the no_path_retry timeout has expired * Fixed memory and error handling for code using aio (marginal path code, directio path checker) * libmultipath: fixed max_sectors_kb on adding path * Fixed warnings reported by udevadm verify * libmultipath: use directio checker for LIO targets * multipathd.service: remove 'Also=multipathd.socket' * libmultipathd: avoid parsing errors due to unsupported designators * libmultipath: return 'pending' state when port is in transition * multipath.rules: fixed 'smart' bug with failed valid path check * libmpathpersist: fixed resource leak in update_map_pr() * libmultipath: keep renames from stopping other multipath actions The following package changes have been done: - kpartx-0.9.0+161+suse.a26bd4c-150400.4.19.1 updated - libblkid1-2.37.2-150400.8.29.1 updated - libfdisk1-2.37.2-150400.8.29.1 updated - libmount1-2.37.2-150400.8.29.1 updated - libmpath0-0.9.0+161+suse.a26bd4c-150400.4.19.1 updated - libsmartcols1-2.37.2-150400.8.29.1 updated - libuuid1-2.37.2-150400.8.29.1 updated - multipath-tools-0.9.0+161+suse.a26bd4c-150400.4.19.1 updated - util-linux-systemd-2.37.2-150400.8.29.1 updated - util-linux-2.37.2-150400.8.29.1 updated