SUSE Image Update Advisory: suse/sle-micro/5.5 ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2024:600-1 Image Tags : suse/sle-micro/5.5:2.0.4 , suse/sle-micro/5.5:2.0.4-5.5.58 , suse/sle-micro/5.5:latest Image Release : 5.5.58 Severity : important Type : security References : 1224282 1225771 1227052 CVE-2024-34459 CVE-2024-5564 CVE-2024-6104 ----------------------------------------------------------------- The container suse/sle-micro/5.5 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-OU-2024:2282-1 Released: Tue Jul 2 22:41:28 2024 Summary: Optional update for openscap, scap-security-guide Type: optional Severity: moderate References: This update for scap-security-guide and openscap provides the SCAP tooling for SLE Micro 5.3, 5.4, 5.5. This includes shipping openscap dependencies libxmlsec1-1 and libxmlsec1-openssl for SLE Micro. ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:2283-1 Released: Tue Jul 2 23:12:19 2024 Summary: Security update for libndp Type: security Severity: important References: 1225771,CVE-2024-5564 This update for libndp fixes the following issues: - CVE-2024-5564: Add a check on the route information option length field. (bsc#1225771) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:2286-1 Released: Wed Jul 3 08:26:16 2024 Summary: Security update for podman Type: security Severity: moderate References: 1227052,CVE-2024-6104 This update for podman fixes the following issues: - CVE-2024-6104: Fixed a potential leak of sensitive information on HTTP log file (bsc#1227052). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:2290-1 Released: Wed Jul 3 11:35:00 2024 Summary: Security update for libxml2 Type: security Severity: low References: 1224282,CVE-2024-34459 This update for libxml2 fixes the following issues: - CVE-2024-34459: Fixed buffer over-read in xmlHTMLPrintFileContext in xmllint.c (bsc#1224282). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:2291-1 Released: Wed Jul 3 12:43:47 2024 Summary: Recommended update for elemental-operator1.5, elemental-operator1.5-crds-helm, elemental-operator1.5-helm, operator-image1.5, seedimage-builder1.5 Type: recommended Severity: moderate References: This update for elemental-operator1.5, elemental-operator1.5-crds-helm, elemental-operator1.5-helm, operator-image1.5, seedimage-builder1.5 contains the following fixes: Changes in elemental-operator1.5: - Update to version 1.5.4: * [BACKPORT] Ensure re-sync is triggered * [BACKPORT] operator: fix ManagedOSVersionChannel sync Changes in elemental-operator1.5-crds-helm, elemental-operator1.5-helm, operator-image1.5, seedimage-builder1.5: - Update to version 1.5.4. The following package changes have been done: - libxml2-2-2.10.3-150500.5.17.1 updated - libndp0-1.6-150000.3.3.1 updated - elemental-register1.5-1.5.4-150500.1.11.1 updated - elemental-support1.5-1.5.4-150500.1.11.1 updated - libltdl7-2.4.6-150000.3.8.1 updated - libprocps8-3.3.17-150000.7.39.1 updated - procps-3.3.17-150000.7.39.1 updated - libxmlsec1-1-1.2.37-150400.14.5.1 updated - libxmlsec1-openssl1-1.2.37-150400.14.5.1 updated - podman-4.9.5-150500.3.15.1 updated - container:suse-sle-micro-base-5.5-latest-2.0.4-5.8.34 updated