SUSE Container Update Advisory: 
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2024:1390-1
Container Tags        : suse/sle-micro-rancher/5.2:latest
Container Release     : 7.5.320
Severity              : important
Type                  : security
References            : 1194038 1207987 1217301 1217302 1219901 1221831 CVE-2022-48624
                        CVE-2024-28085 
-----------------------------------------------------------------

The container  was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1170-1
Released:    Tue Apr  9 09:51:25 2024
Summary:     Security update for util-linux
Type:        security
Severity:    important
References:  1194038,1207987,1221831,CVE-2024-28085
This update for util-linux fixes the following issues:

- CVE-2024-28085: Properly neutralize escape sequences in wall. (bsc#1221831)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1180-1
Released:    Tue Apr  9 21:13:49 2024
Summary:     Recommended update for python-azure-agent
Type:        recommended
Severity:    important
References:  1217301,1217302
This update for python-azure-agent contains the following fixes:

- Recognise SLE-Micro as a SLE based distro.

- Create sub-packages for the config (jsc#PED-7869)
  + Remove config manipulation from image building
  + Set up a config for SLE-Micro
  + Makes deafult upstream config available

- Update to 2.9.1.1 (bsc#1217301, bsc#1217302)
  + Update unittest.mock
  + Download certificates when goal state source is fast track #2761
  + Increase the max number of extension events by 20% #2785
  + Remove version suffix from extension slice #2782
  + Support int type for eventPid and eventTid fields #2786
  + Improve log for swap counter not found #2789
  + Remove cgroup files during deprovisioning #2790
  + Log VM architecture in heartbeat telemetry for arm64 adoption
     monitoring #2818
  + Enforce memory usage for agent #2671
  + Use common download logic for agent downloads #2682
  + Implement Fedora distro #2642
  + Report message in handler heartbeat #2688
  + Remove dependency on pathlib from makepkg #2717
  + Do not fetch extensions goal state in log collector #2713
  + Update log collector unit file to remove memory limit #2757
  + Fix bug in get_dhcp_pid (CoreOS) #2784
  + Fetch full distro version for mariner #2773

From 2.9.04
  + Resource Governance on extensions (CPU monitoring and enforcing & Memory
    monitoring) #2632 #2581 #2555
  + Agent resource governance #2597 #2591 #2546
  + monitor system-wide memory metrics (#2610)
  + Additional telemetry for goal state (#2675)
  + HostGAPlugin usage improvements #2662 #2673 #2655 #2651
  + Add logging statements for mrseq migration during update (#2667)
  + Logcollector memory usage #2658 #2637
  + Update Log Collector default in Comments and Readme (#2608)
  + Improve telemetry success and failure markers (#2605) #2604 #2599
  + Fix formatting of exceptions on Python 3.10
    (traceback.format's etype argument) (#2663)
  + Fix UNKNOWN(Zombie) Process in unexpected processes check (#2644)
  + SUSE: Fix valid values for DHCLIENT_HOSTNAME_OPTION (#2643)
  + Debian - string conversion for systemd service (#2574)
  + Do not set a CPU quota on the agent for RHEL and Centos (#2685) #2689 #2693
  + support rhel distro (#2620) #2598
  + Added support for devuan linux distribution (#2553)

No incremental updates between 2.8.011 and 2.9.0.4

- Clean up conditions in spec file:
  + There is no maintained distro > 1315 (SLE12) AND < 1500
    (SLE15). Only openSUSE 13.2 and 13.3 lived in that space, but
    they are clearly not the target of this spec file.
  + if 0%{?Suse_version} && 0{?suse_version} > 1315: no need to
    first validate suse_version being defined: whenever it
    is > 1315, must be defined.

- Add patch to use unittest.mock first, falling back to mock if required.
- Tighten Requires against python3-mock.
  
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1190-1
Released:    Wed Apr 10 03:28:33 2024
Summary:     Security update for less
Type:        security
Severity:    important
References:  1219901,CVE-2022-48624
This update for less fixes the following issues:

- CVE-2022-48624: Fixed LESSCLOSE handling in less that does not quote shell metacharacters (bsc#1219901).


The following package changes have been done:

- less-530-150000.3.6.2 updated
- libblkid1-2.36.2-150300.4.41.1 updated
- libfdisk1-2.36.2-150300.4.41.1 updated
- libmount1-2.36.2-150300.4.41.1 updated
- libsmartcols1-2.36.2-150300.4.41.1 updated
- libuuid1-2.36.2-150300.4.41.1 updated
- python-azure-agent-2.9.1.1-150100.3.29.1 updated
- util-linux-systemd-2.36.2-150300.4.41.1 updated
- util-linux-2.36.2-150300.4.41.1 updated