SUSE Container Update Advisory: rancher/elemental-teal/5.3 ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2023:1282-1 Container Tags : rancher/elemental-teal/5.3:1.1.4 , rancher/elemental-teal/5.3:1.1.4-3.2.13 , rancher/elemental-teal/5.3:latest Container Release : 3.2.13 Severity : critical Type : security References : 1141883 1187810 1189036 1191546 1196125 1201225 1201590 1204357 1206579 1207064 1207209 1208242 1208999 1209165 1209234 1209372 1209667 CVE-2022-34903 CVE-2022-3515 CVE-2022-47629 ----------------------------------------------------------------- The container rancher/elemental-teal/5.3 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2019:2218-1 Released: Mon Aug 26 11:29:57 2019 Summary: Recommended update for pinentry Type: recommended Severity: moderate References: 1141883 This update for pinentry fixes the following issues: - Fix a dangling pointer in qt/main.cpp that caused crashes. (bsc#1141883) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:2546-1 Released: Mon Jul 25 14:43:22 2022 Summary: Security update for gpg2 Type: security Severity: important References: 1196125,1201225,CVE-2022-34903 This update for gpg2 fixes the following issues: - CVE-2022-34903: Fixed a status injection vulnerability (bsc#1201225). - Use AES as default cipher instead of 3DES when we are in FIPS mode. (bsc#1196125) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:3304-1 Released: Mon Sep 19 11:43:25 2022 Summary: Recommended update for libassuan Type: recommended Severity: moderate References: This update for libassuan fixes the following issues: - Add a timeout for writing to a SOCKS5 proxy - Add workaround for a problem with LD_LIBRARY_PATH on newer systems - Fix issue in the logging code - Fix some build trivialities - Upgrade autoconf ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:3683-1 Released: Fri Oct 21 11:48:39 2022 Summary: Security update for libksba Type: security Severity: critical References: 1204357,CVE-2022-3515 This update for libksba fixes the following issues: - CVE-2022-3515: Fixed a possible overflow in the TLV parser (bsc#1204357). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:4062-1 Released: Fri Nov 18 09:05:07 2022 Summary: Recommended update for libusb-1_0 Type: recommended Severity: moderate References: 1201590 This update for libusb-1_0 fixes the following issues: - Fix regression where some devices no longer work if they have a configuration value of 0 (bsc#1201590) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:56-1 Released: Mon Jan 9 11:13:43 2023 Summary: Security update for libksba Type: security Severity: moderate References: 1206579,CVE-2022-47629 This update for libksba fixes the following issues: - CVE-2022-47629: Fixed an integer overflow vulnerability in the CRL signature parser (bsc#1206579). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:1939-1 Released: Fri Apr 21 11:14:30 2023 Summary: Recommended update for mozilla-nss Type: recommended Severity: moderate References: 1191546,1207209,1208242,1208999 This update for mozilla-nss fixes the following issues: - FIPS 140-3: Adjust SLI reporting for PBKDF2 parameter validation (bsc#1208999) - FIPS 140-3: Update session->lastOpWasFIPS before destroying the key after derivation in the CKM_TLS12_KEY_AND_MAC_DERIVE, CKM_NSS_TLS_KEY_AND_MAC_DERIVE_SHA256, CKM_TLS_KEY_AND_MAC_DERIVE and CKM_SSL3_KEY_AND_MAC_DERIVE cases. (bsc#1191546) - FIPS 140-3: more changes for pairwise consistency checks. (bsc#1207209) - Add manpages to mozilla-nss-tools (bsc#1208242) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:1963-1 Released: Mon Apr 24 15:03:10 2023 Summary: Recommended update for grub2 Type: recommended Severity: moderate References: 1187810,1189036,1207064,1209165,1209234,1209372,1209667 This update for grub2 fixes the following issues: - Fix aarch64 kiwi image's file not found due to '/@' prepended to path in btrfs filesystem. (bsc#1209165) - Make grub more robust against storage race condition causing system boot failures (bsc#1189036) - Fix unknown filesystem error on disks with 4096 sector size (bsc#1207064, bsc#1209234) - Fix installation over serial console ends up in infinite boot loop (bsc#1187810, bsc#1209667, bsc#1209372) The following package changes have been done: - libusb-1_0-0-1.0.24-150400.3.3.1 added - libksba8-1.3.5-150000.4.6.1 added - libassuan0-2.5.5-150000.4.3.1 added - libnpth0-1.5-2.11 added - mozilla-nss-certs-3.79.4-150400.3.29.1 updated - libfreebl3-3.79.4-150400.3.29.1 updated - libsoftokn3-3.79.4-150400.3.29.1 updated - mozilla-nss-3.79.4-150400.3.29.1 updated - pinentry-1.1.0-4.3.1 added - grub2-2.06-150400.11.30.1 updated - grub2-i386-pc-2.06-150400.11.30.1 updated - gpg2-2.2.27-150300.3.5.1 added - libgpgme11-1.16.0-150400.1.80 added - container:micro-for-rancher-image-5.3.0-7.2.137 updated