SUSE Container Update Advisory: suse/rmt-server ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2024:2793-1 Container Tags : suse/rmt-server:2.17 , suse/rmt-server:2.17-23.5 , suse/rmt-server:latest Container Release : 23.5 Severity : important Type : security References : 1209627 1225551 CVE-2024-4741 ----------------------------------------------------------------- The container suse/rmt-server was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:2024-1 Released: Thu Jun 13 16:15:18 2024 Summary: Recommended update for jitterentropy Type: recommended Severity: moderate References: 1209627 This update for jitterentropy fixes the following issues: - Fixed a stack corruption on s390x: [bsc#1209627] * Output size of the STCKE command on s390x is 16 bytes, compared to 8 bytes of the STCK command. Fix a stack corruption in the s390x version of jent_get_nstime(). Add some more detailed information on the STCKE command. Updated to 3.4.1 * add FIPS 140 hints to man page * simplify the test tool to search for optimal configurations * fix: jent_loop_shuffle: re-add setting the time that was lost with 3.4.0 * enhancement: add ARM64 assembler code to read high-res timer ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:2051-1 Released: Tue Jun 18 09:16:01 2024 Summary: Security update for openssl-1_1 Type: security Severity: important References: 1225551,CVE-2024-4741 This update for openssl-1_1 fixes the following issues: - CVE-2024-4741: Fixed a use-after-free with SSL_free_buffers. (bsc#1225551) The following package changes have been done: - libjitterentropy3-3.4.1-150000.1.12.1 updated - libopenssl1_1-1.1.1l-150500.17.31.1 updated - libopenssl1_1-hmac-1.1.1l-150500.17.31.1 updated - container:sles15-image-15.0.0-36.11.43 updated