SUSE Container Update Advisory: suse/manager/5.0/x86_64/server-migration-14-16 ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2024:3213-1 Container Tags : suse/manager/5.0/x86_64/server-migration-14-16:5.0.0 , suse/manager/5.0/x86_64/server-migration-14-16:5.0.0.5.27 , suse/manager/5.0/x86_64/server-migration-14-16:latest Container Release : 5.27 Severity : important Type : security References : 1209627 1221482 1221632 1224038 1224038 1224051 1224051 1225551 CVE-2024-4317 CVE-2024-4317 CVE-2024-4741 ----------------------------------------------------------------- The container suse/manager/5.0/x86_64/server-migration-14-16 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:1665-1 Released: Thu May 16 08:00:09 2024 Summary: Recommended update for coreutils Type: recommended Severity: moderate References: 1221632 This update for coreutils fixes the following issues: - ls: avoid triggering automounts (bsc#1221632) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:1954-1 Released: Fri Jun 7 18:01:06 2024 Summary: Recommended update for glibc Type: recommended Severity: moderate References: 1221482 This update for glibc fixes the following issues: - Also include stat64 in the 32-bit libc_nonshared.a workaround (bsc#1221482) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:2024-1 Released: Thu Jun 13 16:15:18 2024 Summary: Recommended update for jitterentropy Type: recommended Severity: moderate References: 1209627 This update for jitterentropy fixes the following issues: - Fixed a stack corruption on s390x: [bsc#1209627] * Output size of the STCKE command on s390x is 16 bytes, compared to 8 bytes of the STCK command. Fix a stack corruption in the s390x version of jent_get_nstime(). Add some more detailed information on the STCKE command. Updated to 3.4.1 * add FIPS 140 hints to man page * simplify the test tool to search for optimal configurations * fix: jent_loop_shuffle: re-add setting the time that was lost with 3.4.0 * enhancement: add ARM64 assembler code to read high-res timer ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:2059-1 Released: Tue Jun 18 13:11:29 2024 Summary: Security update for openssl-1_1 Type: security Severity: important References: 1225551,CVE-2024-4741 This update for openssl-1_1 fixes the following issues: - CVE-2024-4741: Fixed a use-after-free with SSL_free_buffers. (bsc#1225551) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:2262-1 Released: Tue Jul 2 10:04:07 2024 Summary: Security update for postgresql14 Type: security Severity: moderate References: 1224038,1224051,CVE-2024-4317 This update for postgresql14 fixes the following issues: - Upgrade to 14.12 (bsc#1224051): - CVE-2024-4317: Restrict visibility of pg_stats_ext and pg_stats_ext_exprs entries to the table owner. See release notes for the steps that have to be taken to fix existing PostgreSQL instances. (bsc#1224038) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:2266-1 Released: Tue Jul 2 10:14:58 2024 Summary: Security update for postgresql16 Type: security Severity: moderate References: 1224038,1224051,CVE-2024-4317 This update for postgresql16 fixes the following issues: PostgreSQL upgrade to version 16.3 (bsc#1224051): - CVE-2024-4317: Fixed visibility restriction of pg_stats_ext and pg_stats_ext_exprs entries to the table owner (bsc#1224038). Bug fixes: - Fix incompatibility with LLVM 18. - Prepare for PostgreSQL 17. - Make sure all compilation and doc generation happens in %build. - Require LLVM <= 17 for now, because LLVM 18 doesn't seem to work. - Remove constraints file because improved memory usage for s390x - Use %patch -P N instead of deprecated %patchN. Release notes: - https://www.postgresql.org/docs/release/16.3/ The following package changes have been done: - perl-base-5.26.1-150300.17.17.1 updated - coreutils-8.32-150400.9.6.1 updated - libjitterentropy3-3.4.1-150000.1.12.1 updated - glibc-locale-base-2.38-150600.14.5.1 updated - libpq5-16.2-150600.16.2.1 updated - glibc-locale-2.38-150600.14.5.1 updated - libopenssl1_1-1.1.1w-150600.5.3.1 updated - postgresql14-14.12-150600.16.3.1 updated - postgresql16-16.2-150600.16.2.1 updated - postgresql14-server-14.12-150600.16.3.1 updated - postgresql16-server-16.2-150600.16.2.1 updated - postgresql16-contrib-16.2-150600.16.2.1 updated - postgresql14-contrib-14.12-150600.16.3.1 updated - container:suse-manager-5.0-init-5.0.0-5.0.0-5.19 added - container:suse-manager-5.0-init-5.0.0-rc-5.0.0-rc-4.58 removed