SUSE Container Update Advisory: caasp/v4/hyperkube ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2019:211-1 Container Tags : caasp/v4/hyperkube:v1.15.2 , caasp/v4/hyperkube:v1.15.2-rev5 , caasp/v4/hyperkube:v1.15.2-rev5-build1.1 Container Release : 1.1 Severity : moderate Type : recommended References : 1135205 1137261 1140647 1140737 1141322 1141883 ----------------------------------------------------------------- The container caasp/v4/hyperkube was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2019:2108-1 Released: Mon Aug 12 07:09:07 2019 Summary: Recommended update for ceph Type: recommended Severity: moderate References: 1135205,1137261,1140737 This update for ceph fixes the following issues: - Add CephFS library to create subvolumes properly. (bsc#1135205) - Include a warning message that in certain situtations the RBD client recommends creating a tcmu-runner. (bsc#1137261) - Add, update and remove translations. (bsc#1140737) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2019:2142-1 Released: Wed Aug 14 18:14:04 2019 Summary: Recommended update for mozilla-nspr, mozilla-nss Type: recommended Severity: moderate References: 1141322 This update for mozilla-nspr, mozilla-nss fixes the following issues: mozilla-nss was updated to NSS 3.45 (bsc#1141322) : * New function in pk11pub.h: PK11_FindRawCertsWithSubject * The following CA certificates were Removed: CN = Certinomis - Root CA (bmo#1552374) * Implement Delegated Credentials (draft-ietf-tls-subcerts) (bmo#1540403) This adds a new experimental function SSL_DelegateCredential Note: In 3.45, selfserv does not yet support delegated credentials (See bmo#1548360). Note: In 3.45 the SSLChannelInfo is left unmodified, while an upcoming change in 3.46 will set SSLChannelInfo.authKeyBits to that of the delegated credential for better policy enforcement (See bmo#1563078). * Replace ARM32 Curve25519 implementation with one from fiat-crypto (bmo#1550579) * Expose a function PK11_FindRawCertsWithSubject for finding certificates with a given subject on a given slot (bmo#1552262) * Add IPSEC IKE support to softoken (bmo#1546229) * Add support for the Elbrus lcc compiler (<=1.23) (bmo#1554616) * Expose an external clock for SSL (bmo#1543874) This adds new experimental functions: SSL_SetTimeFunc, SSL_CreateAntiReplayContext, SSL_SetAntiReplayContext, and SSL_ReleaseAntiReplayContext. The experimental function SSL_InitAntiReplay is removed. * Various changes in response to the ongoing FIPS review (bmo#1546477) Note: The source package size has increased substantially due to the new FIPS test vectors. This will likely prompt follow-on work, but please accept our apologies in the meantime. mozilla-nspr was updated to version 4.21 * Changed prbit.h to use builtin function on aarch64. * Removed Gonk/B2G references. ----------------------------------------------------------------- Advisory ID: SUSE-RU-2019:2188-1 Released: Wed Aug 21 10:10:29 2019 Summary: Recommended update for aaa_base Type: recommended Severity: moderate References: 1140647 This update for aaa_base fixes the following issues: - Make systemd detection cgroup oblivious. (bsc#1140647) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2019:2218-1 Released: Mon Aug 26 11:29:57 2019 Summary: Recommended update for pinentry Type: recommended Severity: moderate References: 1141883 This update for pinentry fixes the following issues: - Fix a dangling pointer in qt/main.cpp that caused crashes. (bsc#1141883) The following package changes have been done: - aaa_base-84.87+git20180409.04c9dae-3.12.1 updated - babeltrace-1.5.3-2.22 added - blog-2.18-4.11 added - ceph-common-14.2.2.348+gf6da3d1d18-3.6.1 added - dbus-1-1.12.2-8.3.1 added - kbd-legacy-2.0.4-8.3.1 added - kbd-2.0.4-8.3.1 added - kmod-25-6.7.1 added - kubernetes-common-1.15.2-1.3 updated - libapparmor1-2.12.3-7.20.1 added - libargon2-1-0.0+git20171227.670229c-2.14 added - libcephfs2-14.2.2.348+gf6da3d1d18-3.6.1 added - libcryptsetup12-2.0.5-2.1 added - libdbus-1-3-1.12.2-8.3.1 added - libdevmapper1_03-1.02.149-10.13 added - libexpat1-2.2.5-3.3.1 added - libfreebl3-3.45-3.19.1 added - libglib-2_0-0-2.54.3-4.18.1 added - libgmodule-2_0-0-2.54.3-4.18.1 added - libibverbs1-22.3-4.3.1 added - libibverbs-22.3-4.3.1 added - libjson-c3-0.13-1.19 added - libkmod2-25-6.7.1 added - liblttng-ust0-2.10.1-2.15 added - libmlx4-1-22.3-4.3.1 added - libmlx5-1-22.3-4.3.1 added - libnl-config-3.3.0-1.29 added - libnl3-200-3.3.0-1.29 added - liboath0-2.6.2-1.15 added - libpython3_6m1_0-3.6.8-3.23.1 added - libqrencode4-4.0.0-1.17 added - librados2-14.2.2.348+gf6da3d1d18-3.6.1 added - librbd1-14.2.2.348+gf6da3d1d18-3.6.1 added - librdmacm1-22.3-4.3.1 added - librgw2-14.2.2.348+gf6da3d1d18-3.6.1 added - libseccomp2-2.3.2-1.26 added - libsoftokn3-3.45-3.19.1 added - liburcu6-0.10.0-2.20 added - mozilla-nspr-4.21-3.6.1 added - mozilla-nss-certs-3.45-3.19.1 added - mozilla-nss-3.45-3.19.1 added - oath-toolkit-xml-2.6.2-1.15 added - pam-config-0.96-5.17 added - pinentry-1.1.0-4.3.1 updated - pkg-config-0.29.2-1.436 added - python-rpm-macros-20190408.32abece-3.5.1 added - python3-PrettyTable-0.7.2-3.23 added - python3-base-3.6.8-3.23.1 added - python3-ceph-argparse-14.2.2.348+gf6da3d1d18-3.6.1 added - python3-cephfs-14.2.2.348+gf6da3d1d18-3.6.1 added - python3-certifi-2018.1.18-1.18 added - python3-chardet-3.0.4-3.23 added - python3-idna-2.6-1.20 added - python3-py-1.5.2-1.24 added - python3-rados-14.2.2.348+gf6da3d1d18-3.6.1 added - python3-rbd-14.2.2.348+gf6da3d1d18-3.6.1 added - python3-requests-2.20.1-6.3.2 added - python3-rgw-14.2.2.348+gf6da3d1d18-3.6.1 added - python3-urllib3-1.24-7.24 added - python3-3.6.8-3.23.1 added - rdma-core-22.3-4.3.1 added - systemd-presets-branding-SLE-15.1-18.10 added - systemd-presets-common-SUSE-15-6.10 added - systemd-234-24.33.1 added - sysvinit-tools-2.88+-1.26 added - udev-234-24.33.1 added - update-alternatives-1.19.0.4-2.48 added - container:sles15-image-15.0.0-6.2.66 updated