SUSE Image Update Advisory: suse/sle-micro/kvm-5.5 ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2024:1293-1 Image Tags : suse/sle-micro/kvm-5.5:2.0.4 , suse/sle-micro/kvm-5.5:2.0.4-3.5.157 , suse/sle-micro/kvm-5.5:latest Image Release : 3.5.157 Severity : moderate Type : security References : 1229476 1229930 1229931 1229932 CVE-2024-45490 CVE-2024-45491 CVE-2024-45492 ----------------------------------------------------------------- The container suse/sle-micro/kvm-5.5 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:3216-1 Released: Thu Sep 12 13:05:20 2024 Summary: Security update for expat Type: security Severity: moderate References: 1229930,1229931,1229932,CVE-2024-45490,CVE-2024-45491,CVE-2024-45492 This update for expat fixes the following issues: - CVE-2024-45492: integer overflow in function nextScaffoldPart. (bsc#1229932) - CVE-2024-45491: integer overflow in dtdCopy. (bsc#1229931) - CVE-2024-45490: negative length for XML_ParseBuffer not rejected. (bsc#1229930) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:3237-1 Released: Fri Sep 13 11:49:56 2024 Summary: Recommended update for util-linux Type: recommended Severity: moderate References: 1229476 This update for util-linux fixes the following issue: - Skip aarch64 decode path for rest of the architectures (bsc#1229476). The following package changes have been done: - libuuid1-2.37.4-150500.9.17.2 updated - libsmartcols1-2.37.4-150500.9.17.2 updated - libexpat1-2.4.4-150400.3.22.1 updated - libblkid1-2.37.4-150500.9.17.2 updated - libfdisk1-2.37.4-150500.9.17.2 updated - libmount1-2.37.4-150500.9.17.2 updated - util-linux-2.37.4-150500.9.17.2 updated - util-linux-systemd-2.37.4-150500.9.17.2 updated - container:suse-sle-micro-base-5.5-latest-2.0.4-5.8.78 updated