SUSE Container Update Advisory: ses/7/cephcsi/cephcsi ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2021:254-1 Container Tags : ses/7/cephcsi/cephcsi:3.2.2 , ses/7/cephcsi/cephcsi:3.2.2.0.3.471 , ses/7/cephcsi/cephcsi:latest , ses/7/cephcsi/cephcsi:sle15.2.octopus , ses/7/cephcsi/cephcsi:v3.2.2 , ses/7/cephcsi/cephcsi:v3.2.2.0 Container Release : 3.471 Severity : important Type : security References : 1040589 1047218 1099521 1172389 1175448 1175449 1182604 1184124 1184124 1184527 1184961 1185208 1185221 1185505 1185540 1185797 1186049 1186110 1186561 1186642 1186642 1186706 1186806 1187060 1187210 1187212 CVE-2020-13757 CVE-2020-24370 CVE-2020-24371 CVE-2021-33560 CVE-2021-3580 ----------------------------------------------------------------- The container ses/7/cephcsi/cephcsi was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:1973-1 Released: Tue Jun 15 12:10:54 2021 Summary: Recommended update for libreoffice and xmlsec1 Type: recommended Severity: important References: 1184527,1184961,1185505,1185797,1186110,1186706 This update for libreoffice and xmlsec1 fixes the following issues: libreoffice: Update from version 7.1.2.2 to version 7.1.3.2 - Searching in PPTX document makes LibreOffice crash. (bsc#1185797) - Fix a text highlight issue when saving as PPTX. (bsc#1185505) - Recommend `libreoffice-qt5` only when it is actually created - Fix a build error with GCC11. (bsc#1186110) - LibreOffice requires at least java 1.8.0 to run properly. - Fix a potential dataloss in LibreOffice Math. (bsc#1184961, bsc#1184527) The issue occurred only while trying to close the document via shortcuts. In this case LibreOffice Math was closed without asking to save the document. xmlsec1: - Provide missing binaries to SUSE Linux Enterprise 15-SP3 with l3 support level. (bsc#1186706) myspell-dictionaries: - Provide missing binaries to SUSE Linux Enterprise 15-SP3 with l2 support level. (bsc#1186706) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:2001-1 Released: Thu Jun 17 16:54:07 2021 Summary: Recommended update for python-pycryptodome Type: recommended Severity: moderate References: 1186642 This update for python-pycryptodome fixes the following issue: - python-pycryptodome had a lower release number in 15 sp2 and sp3 than in 15 sp1, which could lead to migration issues. (bsc#1186642) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2021:2008-1 Released: Thu Jun 17 18:07:45 2021 Summary: Security update for python-rsa Type: security Severity: important References: 1172389,CVE-2020-13757 This update for python-rsa fixes the following issues: - CVE-2020-13757: Proper handling of leading '\0' bytes during decryption of ciphertext (bsc#1172389) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:2096-1 Released: Mon Jun 21 13:35:38 2021 Summary: Recommended update for python-six Type: recommended Severity: moderate References: 1186642 This update for python-six fixes the following issue: - python-six had a lower release number in 15 sp2 and sp3 than in 15 sp1, which could lead to migration issues. (bsc#1186642) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2021:2143-1 Released: Wed Jun 23 16:27:04 2021 Summary: Security update for libnettle Type: security Severity: important References: 1187060,CVE-2021-3580 This update for libnettle fixes the following issues: - CVE-2021-3580: Fixed a remote denial of service in the RSA decryption via manipulated ciphertext (bsc#1187060). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2021:2157-1 Released: Thu Jun 24 15:40:14 2021 Summary: Security update for libgcrypt Type: security Severity: important References: 1187212,CVE-2021-33560 This update for libgcrypt fixes the following issues: - CVE-2021-33560: Fixed a side-channel against ElGamal encryption, caused by missing exponent blinding (bsc#1187212). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:2173-1 Released: Mon Jun 28 14:59:45 2021 Summary: Recommended update for automake Type: recommended Severity: moderate References: 1040589,1047218,1182604,1185540,1186049 This update for automake fixes the following issues: - Implement generated autoconf makefiles reproducible (bsc#1182604) - Add fix to avoid date variations in docs. (bsc#1047218, jsc#SLE-17848) - Avoid bashisms in test-driver script. (bsc#1185540) This update for pcre fixes the following issues: - Do not run profiling 'check' in parallel to make package build reproducible. (bsc#1040589) This update for brp-check-suse fixes the following issues: - Add fixes to support reproducible builds. (bsc#1186049) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:2178-1 Released: Mon Jun 28 15:56:15 2021 Summary: Recommended update for systemd-presets-common-SUSE Type: recommended Severity: moderate References: 1186561 This update for systemd-presets-common-SUSE fixes the following issues: When installing the systemd-presets-common-SUSE package for the first time in a new system, it might happen that some services are installed before systemd so the %systemd_pre/post macros would not work. This is handled by enabling all preset services in this package's %posttrans section but it wasn't enabling user services, just system services. Now it enables also the user services installed before this package (bsc#1186561) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:2179-1 Released: Mon Jun 28 17:36:37 2021 Summary: Recommended update for thin-provisioning-tools Type: recommended Severity: moderate References: 1184124 This update for thin-provisioning-tools fixes the following issues: - Link as position-independent executable (bsc#1184124) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2021:2196-1 Released: Tue Jun 29 09:41:39 2021 Summary: Security update for lua53 Type: security Severity: moderate References: 1175448,1175449,CVE-2020-24370,CVE-2020-24371 This update for lua53 fixes the following issues: Update to version 5.3.6: - CVE-2020-24371: lgc.c mishandles the interaction between barriers and the sweep phase, leading to a memory access violation involving collectgarbage (bsc#1175449) - CVE-2020-24370: ldebug.c allows a negation overflow and segmentation fault in getlocal and setlocal (bsc#1175448) - Long brackets with a huge number of '=' overflow some internal buffer arithmetic. ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:2205-1 Released: Wed Jun 30 09:17:41 2021 Summary: Recommended update for openldap2 Type: recommended Severity: important References: 1187210 This update for openldap2 fixes the following issues: - Resolve issues in the idle / connection 'TTL' timeout implementation in OpenLDAP. (bsc#1187210) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:2210-1 Released: Wed Jun 30 13:00:09 2021 Summary: Recommended update for lvm2 Type: recommended Severity: moderate References: 1184124 This update for lvm2 fixes the following issues: - Link test as position independent executable and update packages with non-PIE binaries. (bsc#1184124) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:2224-1 Released: Thu Jul 1 13:48:44 2021 Summary: Recommended update for psmisc Type: recommended Severity: important References: 1185208 This update for psmisc fixes the following issues: - It does no longer list all processes from different private namespaces when fuser is run on an NFS mount. This led to an issue where the wrong processes were terminated in an SAP application cluster environment (bsc#1185208) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:2229-1 Released: Thu Jul 1 20:40:37 2021 Summary: Recommended update for release packages Type: recommended Severity: moderate References: 1099521,1185221 This update for the release packages provides the following fix: - Fix grub menu entries after migration from SLE-12*. (bsc#1099521) - Adjust the sles-release changelog to include an entry for the previous release that was reverting a broken change. (bsc#1185221) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:2230-1 Released: Fri Jul 2 07:44:11 2021 Summary: Recommended update for ceph-csi Type: recommended Severity: moderate References: 1186806 This update for ceph-csi fixes the following issues: - Fixed a bug where NodeUnpublishVolume tried to acquire a lock. This prevented mass deletions of pods to work properly (bsc#1186806) The following package changes have been done: - ceph-csi-3.2.2+git0.d719986ca-5.18.1 updated - device-mapper-1.02.163-8.33.1 updated - libdevmapper-event1_03-1.02.163-8.33.1 updated - libdevmapper1_03-1.02.163-8.33.1 updated - libgcrypt20-1.8.2-8.39.1 updated - libhogweed4-3.4.1-4.18.1 updated - libldap-2_4-2-2.4.46-9.56.1 updated - libldap-data-2.4.46-9.56.1 updated - liblua5_3-5-5.3.6-3.6.1 updated - liblvm2cmd2_03-2.03.05-8.33.1 updated - libnettle6-3.4.1-4.18.1 updated - libpcre1-8.41-6.4.2 updated - libxmlsec1-1-1.2.28-7.7.1 updated - libxmlsec1-openssl1-1.2.28-7.7.1 updated - lvm2-2.03.05-8.33.1 updated - psmisc-23.0-6.16.1 updated - python3-pycryptodome-3.9.0-6.1 updated - python3-rsa-3.4.2-3.4.1 updated - python3-six-1.14.0-10.1 updated - sles-release-15.2-52.8.2 updated - systemd-presets-common-SUSE-15-8.9.1 updated - thin-provisioning-tools-0.7.5-3.3.1 updated - container:ceph-image-1.0.0-4.253 updated