SUSE Image Update Advisory: ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2024:1184-1 Image Tags : Image Release : Severity : critical Type : security References : 1027519 1159034 1194818 1194818 1214855 1218609 1219267 1219268 1219438 1220356 1220523 1220690 1220693 1220696 1221243 1221365 1221677 1221751 1221752 1221753 1221760 1221786 1221787 1221821 1221822 1221824 1221827 1221916 1222021 1222285 1222985 1223409 1223535 1223571 1224014 1224016 1224117 1225907 1226100 1226463 1227127 1227138 1227308 1227525 1228105 1228124 1228159 1228265 1228324 1228398 1228574 1228575 1228732 1228847 1228968 1229160 1229329 1229339 1229465 1229975 CVE-2024-1753 CVE-2024-23651 CVE-2024-23652 CVE-2024-23653 CVE-2024-24786 CVE-2024-28180 CVE-2024-31145 CVE-2024-31146 CVE-2024-3727 CVE-2024-41110 CVE-2024-5535 CVE-2024-6119 CVE-2024-6345 ----------------------------------------------------------------- The container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:2869-1 Released: Fri Aug 9 15:59:29 2024 Summary: Security update for ca-certificates-mozilla Type: security Severity: important References: 1220356,1227525 This update for ca-certificates-mozilla fixes the following issues: - Updated to 2.68 state of Mozilla SSL root CAs (bsc#1227525) - Added: FIRMAPROFESIONAL CA ROOT-A WEB - Distrust: GLOBALTRUST 2020 - Updated to 2.66 state of Mozilla SSL root CAs (bsc#1220356) Added: - CommScope Public Trust ECC Root-01 - CommScope Public Trust ECC Root-02 - CommScope Public Trust RSA Root-01 - CommScope Public Trust RSA Root-02 - D-Trust SBR Root CA 1 2022 - D-Trust SBR Root CA 2 2022 - Telekom Security SMIME ECC Root 2021 - Telekom Security SMIME RSA Root 2023 - Telekom Security TLS ECC Root 2020 - Telekom Security TLS RSA Root 2023 - TrustAsia Global Root CA G3 - TrustAsia Global Root CA G4 Removed: - Autoridad de Certificacion Firmaprofesional CIF A62634068 - Chambers of Commerce Root - 2008 - Global Chambersign Root - 2008 - Security Communication Root CA - Symantec Class 1 Public Primary Certification Authority - G6 - Symantec Class 2 Public Primary Certification Authority - G6 - TrustCor ECA-1 - TrustCor RootCert CA-1 - TrustCor RootCert CA-2 - VeriSign Class 1 Public Primary Certification Authority - G3 - VeriSign Class 2 Public Primary Certification Authority - G3 ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:2886-1 Released: Tue Aug 13 09:46:48 2024 Summary: Recommended update for dmidecode Type: recommended Severity: moderate References: This update for dmidecode fixes the following issues: - Version update (jsc#PED-8574): * Support for SMBIOS 3.6.0. This includes new memory device types, new processor upgrades, and Loongarch support * Support for SMBIOS 3.7.0. This includes new port types, new processor upgrades, new slot characteristics and new fields for memory modules * Add bash completion * Decode HPE OEM records 197, 216, 224, 230, 238, 239, 242 and 245 * Implement options --list-strings and --list-types * Update HPE OEM records 203, 212, 216, 221, 233 and 236 * Update Redfish support * Bug fixes: - Fix enabled slot characteristics not being printed * Minor improvements: - Print slot width on its own line - Use standard strings for slot width * Add a --no-quirks option * Drop the CPUID exception list * Obsoletes patches removed : dmidecode-do-not-let-dump-bin-overwrite-an-existing-file, dmidecode-fortify-entry-point-length-checks, dmidecode-split-table-fetching-from-decoding, dmidecode-write-the-whole-dump-file-at-once, dmioem-fix-segmentation-fault-in-dmi_hp_240_attr, dmioem-hpe-oem-record-237-firmware-change, dmioem-typo-fix-virutal-virtual, ensure-dev-mem-is-a-character-device-file, news-fix-typo, use-read_file-to-read-from-dump Update for HPE servers from upstream: - dmioem-update-hpe-oem-type-238 patch: Decode PCI bus segment in HPE type 238 records ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:2888-1 Released: Tue Aug 13 11:07:41 2024 Summary: Recommended update for util-linux Type: recommended Severity: moderate References: 1159034,1194818,1218609,1222285 This update for util-linux fixes the following issues: - agetty: Prevent login cursor escape (bsc#1194818). - Document unexpected side effects of lazy destruction (bsc#1159034). - Don't delete binaries not common for all architectures. Create an util-linux-extra subpackage instead, so users of third party tools can use them (bsc#1222285). - Improved man page for chcpu (bsc#1218609). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:2912-1 Released: Wed Aug 14 20:20:13 2024 Summary: Recommended update for cloud-regionsrv-client Type: recommended Severity: important References: 1222985,1223571,1224014,1224016,1227308 This update for cloud-regionsrv-client contains the following fixes: - Update to version 10.3.0 (bsc#1227308, bsc#1222985) + Add support for sidecar registry Podman and rootless Docker support to set up the necessary configuration for the container engines to run as defined + Add running command as root through sudoers file - Update to version 10.2.0 (bsc#1223571, bsc#1224014, bsc#1224016) + In addition to logging, write message to stderr when registration fails + Detect transactional-update system with read only setup and use the transactional-update command to register + Handle operation in a different target root directory for credentials checking ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:2918-1 Released: Thu Aug 15 06:59:39 2024 Summary: Recommended update for grub2 Type: recommended Severity: important References: 1223535,1226100,1228124 This update for grub2 fixes the following issues: - Fix btrfs subvolume for platform modules not mounting at runtime when the default subvolume is the topmost root tree (bsc#1228124) - Fix error in grub-install when root is on tmpfs (bsc#1226100) - Fix input handling in ppc64le grub2 has high latency (bsc#1223535) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:2932-1 Released: Thu Aug 15 12:05:04 2024 Summary: Recommended update for supportutils Type: recommended Severity: moderate References: 1222021,1227127,1228265 This update for supportutils fixes the following issues: Changes to version 3.2.8 + Avoid getting duplicate kernel verifications in boot.text (pr#190) + lvm: suppress file descriptor leak warnings from lvm commands (pr#191) + docker_info: Add timestamps to container logs (pr#196) + Key value pairs and container log timestamps (bsc#1222021 PED-8211, pr#198) + Update supportconfig get pam.d sorted (pr#199) + yast_files: Exclude .zcat (pr#201) + Sanitize grub bootloader (bsc#1227127, pr#203) + Sanitize regcodes (pr#204) + Improve product detection (pr#205) + Add read_values for s390x (bsc#1228265, pr#206) + hardware_info: Remove old alsa ver check (pr#209) + drbd_info: Fix incorrect escape of quotes (pr#210) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:2933-1 Released: Thu Aug 15 12:12:50 2024 Summary: Security update for openssl-1_1 Type: security Severity: moderate References: 1225907,1226463,1227138,CVE-2024-5535 This update for openssl-1_1 fixes the following issues: - CVE-2024-5535: Fixed a buffer overread in function SSL_select_next_proto() with an empty supported client protocols buffer (bsc#1227138) Other fixes: - Build with no-afalgeng. (bsc#1226463) - Fixed C99 violations to allow the package to build with GCC 14. (bsc#1225907) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:2952-1 Released: Fri Aug 16 17:05:34 2024 Summary: Recommended update for nfs-utils Type: recommended Severity: moderate References: 1228159 This update for nfs-utils fixes the following issues: - Include source for libnfsidmap 0.26 and build that. This is needed for compatability with SLE15-SP5 and earlier. - Copied from old nfsidmap package (bsc#1228159). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:2957-1 Released: Mon Aug 19 10:48:01 2024 Summary: Recommended update for ldb, samba Type: recommended Severity: moderate References: 1228732 This update for ldb, samba fixes the following issues: - Many qsort() comparisons are non-transitive, which can lead to out-of-bounds access in some circumstances. - Fix a crash when joining offline and 'kerberos method' includes keytab (bsc#1228732). - Fix reading the password from STDIN or environment vars if it was already given in the command line (bsc#1228732). - netr_LogonSamLogonEx returns NR_STATUS_ACCESS_DENIED with SysvolReady=0. - Anonymous smb3 signing/encryption should be allowed (similar to Windows Server 2022). - Panic in dreplsrv_op_pull_source_apply_changes_trigger. - winbindd, net ads join and other things don't work on an ipv6 only host. - Smbcacls incorrectly propagates inheritance with Inherit-Only flag. - http library doesn't support 'chunked transfer encoding'. - fd_handle_destructor() panics within an smbd_smb2_close() if vfs_stat_fsp() fails in fd_close() - samba-gpupdate: Correctly implement site support. - libgpo: Segfault in python bindings. ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:2967-1 Released: Mon Aug 19 15:41:29 2024 Summary: Recommended update for pam Type: recommended Severity: moderate References: 1194818 This update for pam fixes the following issue: - Prevent cursor escape from the login prompt (bsc#1194818). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:3054-1 Released: Wed Aug 28 14:48:31 2024 Summary: Security update for python3-setuptools Type: security Severity: important References: 1228105,CVE-2024-6345 This update for python3-setuptools fixes the following issues: - CVE-2024-6345: Fixed code execution via download functions in the package_index module (bsc#1228105) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:3071-1 Released: Mon Sep 2 15:17:11 2024 Summary: Recommended update for suse-build-key Type: recommended Severity: moderate References: 1229339 This update for suse-build-key fixes the following issue: - extended 2048 bit SUSE SLE 12, 15 GA-SP5 key until 2028 (bsc#1229339). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:3103-1 Released: Tue Sep 3 16:59:06 2024 Summary: Recommended update for xfsprogs Type: recommended Severity: moderate References: 1229160 This update for xfsprogs fixes the following issue: - xfs_repair: allow symlinks with short remote targets (bsc#1229160) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:3106-1 Released: Tue Sep 3 17:00:40 2024 Summary: Security update for openssl-3 Type: security Severity: moderate References: 1220523,1220690,1220693,1220696,1221365,1221751,1221752,1221753,1221760,1221786,1221787,1221821,1221822,1221824,1221827,1229465,CVE-2024-6119 This update for openssl-3 fixes the following issues: - CVE-2024-6119: Fixed denial of service in X.509 name checks (bsc#1229465) Other fixes: - FIPS: Deny SHA-1 signature verification in FIPS provider (bsc#1221365). - FIPS: RSA keygen PCT requirements. - FIPS: Check that the fips provider is available before setting it as the default provider in FIPS mode (bsc#1220523). - FIPS: Port openssl to use jitterentropy (bsc#1220523). - FIPS: Block non-Approved Elliptic Curves (bsc#1221786). - FIPS: Service Level Indicator (bsc#1221365). - FIPS: Output the FIPS-validation name and module version which uniquely identify the FIPS validated module (bsc#1221751). - FIPS: Add required selftests: (bsc#1221760). - FIPS: DH: Disable FIPS 186-4 Domain Parameters (bsc#1221821). - FIPS: Recommendation for Password-Based Key Derivation (bsc#1221827). - FIPS: Zero initialization required (bsc#1221752). - FIPS: Reseed DRBG (bsc#1220690, bsc#1220693, bsc#1220696). - FIPS: NIST SP 800-56Brev2 (bsc#1221824). - FIPS: Approved Modulus Sizes for RSA Digital Signature for FIPS 186-4 (bsc#1221787). - FIPS: Port openssl to use jitterentropy (bsc#1220523). - FIPS: NIST SP 800-56Arev3 (bsc#1221822). - FIPS: Error state has to be enforced (bsc#1221753). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:3113-1 Released: Tue Sep 3 17:04:05 2024 Summary: Security update for xen Type: security Severity: important References: 1027519,1228574,1228575,CVE-2024-31145,CVE-2024-31146 This update for xen fixes the following issues: - CVE-2024-31145: Fixed error handling in x86 IOMMU identity mapping (XSA-460, bsc#1228574) - CVE-2024-31146: Fixed PCI device pass-through with shared resources (XSA-461, bsc#1228575) Other fixes: - Update to Xen 4.18.3 security bug fix release (bsc#1027519) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:3120-1 Released: Tue Sep 3 17:12:57 2024 Summary: Security update for buildah, docker Type: security Severity: critical References: 1214855,1219267,1219268,1219438,1221243,1221677,1221916,1223409,1224117,1228324,CVE-2024-1753,CVE-2024-23651,CVE-2024-23652,CVE-2024-23653,CVE-2024-24786,CVE-2024-28180,CVE-2024-3727,CVE-2024-41110 This update for buildah, docker fixes the following issues: Changes in docker: - CVE-2024-23651: Fixed arbitrary files write due to race condition on mounts (bsc#1219267) - CVE-2024-23652: Fixed insufficient validation of parent directory on mount (bsc#1219268) - CVE-2024-23653: Fixed insufficient validation on entitlement on container creation via buildkit (bsc#1219438) - CVE-2024-41110: A Authz zero length regression that could lead to authentication bypass was fixed (bsc#1228324) Other fixes: - Update to Docker 25.0.6-ce. See upstream changelog online at - Update to Docker 25.0.5-ce (bsc#1223409) - Fix BuildKit's symlink resolution logic to correctly handle non-lexical symlinks. (bsc#1221916) - Write volume options atomically so sudden system crashes won't result in future Docker starts failing due to empty files. (bsc#1214855) Changes in buildah: - Update to version 1.35.4: * [release-1.35] Bump to Buildah v1.35.4 * [release-1.35] CVE-2024-3727 updates (bsc#1224117) * integration test: handle new labels in 'bud and test --unsetlabel' * [release-1.35] Bump go-jose CVE-2024-28180 * [release-1.35] Bump ocicrypt and go-jose CVE-2024-28180 - Update to version 1.35.3: * [release-1.35] Bump to Buildah v1.35.3 * [release-1.35] correctly configure /etc/hosts and resolv.conf * [release-1.35] buildah: refactor resolv/hosts setup. * [release-1.35] rename the hostFile var to reflect * [release-1.35] Bump c/common to v0.58.1 * [release-1.35] Bump Buildah to v1.35.2 * [release-1.35] CVE-2024-24786 protobuf to 1.33 * [release-1.35] Bump to v1.35.2-dev - Update to version 1.35.1: * [release-1.35] Bump to v1.35.1 * [release-1.35] CVE-2024-1753 container escape fix (bsc#1221677) - Buildah dropped cni support, require netavark instead (bsc#1221243) - Remove obsolete requires libcontainers-image & libcontainers-storage - Require passt for rootless networking (poo#156955) Buildah moved to passt/pasta for rootless networking from slirp4netns (https://github.com/containers/common/pull/1846) - Update to version 1.35.0: * Bump v1.35.0 * Bump c/common v0.58.0, c/image v5.30.0, c/storage v1.53.0 * conformance tests: don't break on trailing zeroes in layer blobs * Add a conformance test for copying to a mounted prior stage * fix(deps): update module github.com/stretchr/testify to v1.9.0 * cgroups: reuse version check from c/common * Update vendor of containers/(common,image) * fix(deps): update github.com/containers/storage digest to eadc620 * fix(deps): update github.com/containers/luksy digest to ceb12d4 * fix(deps): update github.com/containers/image/v5 digest to cdc6802 * manifest add: complain if we get artifact flags without --artifact * Use retry logic from containers/common * Vendor in containers/(storage,image,common) * Update module golang.org/x/crypto to v0.20.0 * Add comment re: Total Success task name * tests: skip_if_no_unshare(): check for --setuid * Properly handle build --pull=false * [skip-ci] Update tim-actions/get-pr-commits action to v1.3.1 * Update module go.etcd.io/bbolt to v1.3.9 * Revert 'Reduce official image size' * Update module github.com/opencontainers/image-spec to v1.1.0 * Reduce official image size * Build with CNI support on FreeBSD * build --all-platforms: skip some base 'image' platforms * Bump main to v1.35.0-dev * Vendor in latest containers/(storage,image,common) * Split up error messages for missing --sbom related flags * `buildah manifest`: add artifact-related options * cmd/buildah/manifest.go: lock lists before adding/annotating/pushing * cmd/buildah/manifest.go: don't make struct declarations aliases * Use golang.org/x/exp/slices.Contains * Disable loong64 again * Fix a couple of typos in one-line comments * egrep is obsolescent; use grep -E * Try Cirrus with a newer VM version * Set CONTAINERS_CONF in the chroot-mount-flags integration test * Update to match dependency API update * Update github.com/openshift/imagebuilder and containers/common * docs: correct default authfile path * fix(deps): update module github.com/containerd/containerd to v1.7.13 * tests: retrofit test for heredoc summary * build, heredoc: show heredoc summary in build output * manifest, push: add support for --retry and --retry-delay * fix(deps): update github.com/openshift/imagebuilder digest to b767bc3 * imagebuildah: fix crash with empty RUN * fix(deps): update github.com/containers/luksy digest to b62d551 * fix(deps): update module github.com/opencontainers/runc to v1.1.12 [security] * fix(deps): update module github.com/moby/buildkit to v0.12.5 [security] * Make buildah match podman for handling of ulimits * docs: move footnotes to where they're applicable * Allow users to specify no-dereference * Run codespell on code * Fix FreeBSD version parsing * Fix a build break on FreeBSD * Remove a bad FROM line * fix(deps): update module github.com/onsi/gomega to v1.31.1 * fix(deps): update module github.com/opencontainers/image-spec to v1.1.0-rc6 * docs: use reversed logo for dark theme in README * build,commit: add --sbom to scan and produce SBOMs when committing * commit: force omitHistory if the parent has layers but no history * docs: fix a couple of typos * internal/mkcw.Archive(): handle extra image content * stage_executor,heredoc: honor interpreter in heredoc * stage_executor,layers: burst cache if heredoc content is changed * fix(deps): update module golang.org/x/crypto to v0.18.0 * Replace map[K]bool with map[K]struct{} where it makes sense * fix(deps): update module golang.org/x/sync to v0.6.0 * fix(deps): update module golang.org/x/term to v0.16.0 * Bump CI VMs * Replace strings.SplitN with strings.Cut * fix(deps): update github.com/containers/storage digest to ef81e9b * fix(deps): update github.com/containers/image/v5 digest to 1b221d4 * fix(deps): update module github.com/fsouza/go-dockerclient to v1.10.1 * Document use of containers-transports values in buildah * fix(deps): update module golang.org/x/crypto to v0.17.0 [security] * chore(deps): update dependency containers/automation_images to v20231208 * manifest: addCompression use default from containers.conf * commit: add a --add-file flag * mkcw: populate the rootfs using an overlay * chore(deps): update dependency containers/automation_images to v20230517 * [skip-ci] Update actions/stale action to v9 * fix(deps): update module github.com/containernetworking/plugins to v1.4.0 * fix(deps): update github.com/containers/image/v5 digest to 7a40fee * Bump to v1.34.1-dev * Ignore errors if label.Relabel returns ENOSUP ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:3124-1 Released: Tue Sep 3 17:38:34 2024 Summary: Recommended update for cryptsetup Type: recommended Severity: moderate References: 1229975 This update for cryptsetup fixes the following issues: - FIPS: Extend the password for PBKDF2 benchmarking to be more than 20 chars to meet FIPS 140-3 requirements (bsc#1229975) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:3132-1 Released: Tue Sep 3 17:43:10 2024 Summary: Recommended update for permissions Type: recommended Severity: moderate References: 1228968,1229329 This update for permissions fixes the following issues: - Update to version 20240826: * permissions: remove outdated entries (bsc#1228968) - Update to version 20240826: * cockpit: revert path change (bsc#1229329) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:3135-1 Released: Wed Sep 4 08:36:23 2024 Summary: Recommended update for rsyslog Type: recommended Severity: moderate References: This update for rsyslog fixes the following issues: - Version upgrade - patches replaced by upgrade (details in upgrade logs) * Revert 'Update omlibdbi.c' * imkmsg: add params 'readMode' and 'expectedBootCompleteSeconds' * testbench: fix 'typo' in test case * omazureeventhubs: Corrected handling of transport closed failures * imkmsg: add module param parseKernelTimestamp * imfile: remove state file on file delete fix * imklog bugfix: keepKernelTimestamp=off config param did not work * Netstreamdriver: deallocate certificate related resources * TLS subsystem: add remote hostname to error reporting * Fix forking issue do to close_range call * replace debian sample systemd service file by readme * testbench: bump zookeeper version to match current offering * Update rsyslog.service sample unit to the latest version used in Debian Trixie * Only keep a single rsyslog.service for Debian * Remove no longer used --with-systemdsystemunitdir configure switch * use logind instead of utmp for wall messages with systemd * Typo fixes * Drop CAP_IPC_LOCK capability * Add CAP_NET_RAW capability due to the omudpspoof module * Add new global config option 'libcapng.enable' * tcp net subsystem: handle data race gracefully * Avoid crash on restart in imrelp SIGTTIN handler - patches replaced by upgrade * fix startup issue on modern systemd systems * Fix misspeling in message. * tcpflood bugfix: plain tcp send error not properly reported * omprog bugfix: Add CAP_DAC_OVERRIDE to the bounding set * testbench: cleanup and improve some more imfile tests * lookup tables: fix static analyzer issue * lookup tables bugfix: reload on HUP did not work when backgrounded * CI: fix and cleaup github workflow * imjournal: Support input module * testbench: make test more reliable * tcpflood: add -A option to NOT abort when sending fails * tcpflood: fix today's programming error * openssl: Replaced depreceated method SSLv23_method with TLS_method * testbench improvement: define state file directories for imfile tests * testbench: cleanup a test and some nitfixes to it * tcpflood bugfix: TCP sending was not implemented properly * testbench: make waiting for HUP processing more reliable * build system: make rsyslogd execute when --disable-inet is configured * CI: update zookeper download to newer version * ossl driver: Using newer INIT API for OpenSSL 1.1+ Versions * ossl: Fix CRL File Expire from 1 day to 100 years. * PR5175: Add TLS CRL Support for GnuTLS driver and OpenSSL 1.0.2+ * omazureeventhubs: Initial implementation of new output module * TLS CRL Support Issue 5081 * action.resumeintervalmax: the parameter was not respected * IMHIREDIS::FIXED:: Restore compatiblity with hiredis < v1.0.0 * Add the 'batchsize' parameter to imhiredis * Clear undefined behavior in libgcry.c (GH #5167) * Do not try to drop capabilities when we don't have any * testbench: use newer zookeeper version in tests * build system: more precise error message on too-old lib * Fix quoting for omprog, improg, mmexternal ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:3147-1 Released: Thu Sep 5 09:30:37 2024 Summary: Recommended update for dracut Type: recommended Severity: moderate References: 1228398,1228847 This update for dracut fixes the following issues: - Version update with: * feat(systemd*) include systemd config files from /usr/lib/systemd (bsc#1228398) * fix(convertfs) error in conditional expressions (bsc#1228847) The following package changes have been done: - ca-certificates-mozilla-2.68-150200.33.1 updated - dmidecode-3.6-150400.16.11.2 updated - docker-25.0.6_ce-150000.207.1 updated - dracut-059+suse.531.g48487c31-150600.3.6.2 updated - grub2-i386-pc-2.12-150600.8.3.1 updated - grub2-x86_64-efi-2.12-150600.8.3.1 updated - grub2-2.12-150600.8.3.1 updated - libblkid1-2.39.3-150600.4.9.4 updated - libcryptsetup12-2.7.0-150600.3.3.1 updated - libfdisk1-2.39.3-150600.4.9.4 updated - libldb2-2.8.1-150600.3.3.4 updated - libmount1-2.39.3-150600.4.9.4 updated - libnfsidmap1-1.0-150600.28.3.2 updated - libopenssl1_1-1.1.1w-150600.5.6.1 updated - libopenssl3-3.1.4-150600.5.15.1 updated - libsmartcols1-2.39.3-150600.4.9.4 updated - libuuid1-2.39.3-150600.4.9.4 updated - libyaml-0-2-0.1.7-150000.3.2.1 added - nfs-client-2.6.4-150600.28.3.2 updated - openssl-3-3.1.4-150600.5.15.1 updated - pam-1.3.0-150000.6.71.2 updated - permissions-20240826-150600.10.9.1 updated - python-azure-agent-config-server-2.9.1.1-150100.3.44.2 updated - python-azure-agent-2.9.1.1-150100.3.44.2 updated - python3-PyYAML-5.4.1-150300.3.3.1 updated - python3-setuptools-44.1.1-150400.9.9.1 updated - rsyslog-module-relp-8.2406.0-150600.12.3.2 updated - rsyslog-8.2406.0-150600.12.3.2 updated - samba-client-libs-4.19.7+git.357.1d7950ebd62-150600.3.3.2 updated - supportutils-3.2.8-150600.3.3.1 updated - suse-build-key-12.0-150000.8.52.3 updated - util-linux-systemd-2.39.3-150600.4.9.4 updated - util-linux-2.39.3-150600.4.9.4 updated - xen-libs-4.18.3_02-150600.3.6.1 updated - xfsprogs-6.7.0-150600.3.6.2 updated - haveged-1.9.14-150600.9.5 removed - libhavege2-1.9.14-150600.9.5 removed