SUSE Container Update Advisory: suse/sle15 ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2022:31-1 Container Tags : suse/sle15:15.4 , suse/sle15:15.4.150400.21.61 Container Release : 150400.21.61 Severity : moderate Type : recommended References : 1029961 1113013 1180603 1187654 ----------------------------------------------------------------- The container suse/sle15 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:220-1 Released: Tue Jan 26 14:00:51 2021 Summary: Recommended update for keyutils Type: recommended Severity: moderate References: 1180603 This update for keyutils fixes the following issues: - Adjust the library license to be LPGL-2.1+ only (the tools are GPL2+, the library is just LGPL-2.1+) (bsc#1180603) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:3891-1 Released: Fri Dec 3 10:21:49 2021 Summary: Recommended update for keyutils Type: recommended Severity: moderate References: 1029961,1113013,1187654 This update for keyutils fixes the following issues: - Add /etc/keys/ and /usr/etc/keys/ directory (bsc#1187654) keyutils was updated to 1.6.3 (jsc#SLE-20016): * Revert the change notifications that were using /dev/watch_queue. * Apply the change notifications that use pipe2(O_NOTIFICATION_PIPE). * Allow 'keyctl supports' to retrieve raw capability data. * Allow 'keyctl id' to turn a symbolic key ID into a numeric ID. * Allow 'keyctl new_session' to name the keyring. * Allow 'keyctl add/padd/etc.' to take hex-encoded data. * Add 'keyctl watch*' to expose kernel change notifications on keys. * Add caps for namespacing and notifications. * Set a default TTL on keys that upcall for name resolution. * Explicitly clear memory after it's held sensitive information. * Various manual page fixes. * Fix C++-related errors. * Add support for keyctl_move(). * Add support for keyctl_capabilities(). * Make key=val list optional for various public-key ops. * Fix system call signature for KEYCTL_PKEY_QUERY. * Fix 'keyctl pkey_query' argument passing. * Use keyctl_read_alloc() in dump_key_tree_aux(). * Various manual page fixes. Updated to 1.6: * Apply various specfile cleanups from Fedora. * request-key: Provide a command line option to suppress helper execution. * request-key: Find least-wildcard match rather than first match. * Remove the dependency on MIT Kerberos. * Fix some error messages * keyctl_dh_compute.3: Suggest /proc/crypto for list of available hashes. * Fix doc and comment typos. * Add public key ops for encrypt, decrypt, sign and verify (needs linux-4.20). * Add pkg-config support for finding libkeyutils. * upstream isn't offering PGP signatures for the source tarballs anymore Updated to 1.5.11 (bsc#1113013) * Add keyring restriction support. * Add KDF support to the Diffie-Helman function. * DNS: Add support for AFS config files and SRV records The following package changes have been done: - bash-4.4-150400.23.43 updated - cpio-2.13-150400.1.30 updated - crypto-policies-20210917.c9d86d1-150400.1.3 updated - libblkid1-2.37.2-150400.2.15 updated - libbz2-1-1.0.8-150400.1.44 updated - libcom_err2-1.46.4-150400.1.16 updated - libdw1-0.185-150400.2.44 updated - libelf1-0.185-150400.2.44 updated - libfdisk1-2.37.2-150400.2.15 updated - libgcrypt20-hmac-1.9.4-150400.1.56 updated - libgcrypt20-1.9.4-150400.1.56 updated - libglib-2_0-0-2.70.1-150400.1.1 updated - libgpg-error0-1.42-150400.1.54 updated - libgpgme11-1.16.0-150400.1.29 updated - libkeyutils1-1.6.3-5.6.1 updated - libmount1-2.37.2-150400.2.15 updated - libopenssl1_1-hmac-1.1.1l-150400.2.28 updated - libopenssl1_1-1.1.1l-150400.2.28 updated - libreadline7-7.0-150400.23.43 updated - libsmartcols1-2.37.2-150400.2.15 updated - libsolv-tools-0.7.20-150400.1.7 updated - libsystemd0-249.7-150400.1.21 updated - libudev1-249.7-150400.1.21 updated - libuuid1-2.37.2-150400.2.15 updated - libzstd1-1.5.0-150400.1.10 updated - login_defs-4.8.1-150400.7.19 updated - openssl-1_1-1.1.1l-150400.2.28 updated - rpm-config-SUSE-1-150400.11.20 updated - shadow-4.8.1-150400.7.19 updated - sles-release-15.4-150400.30.2 updated - system-group-hardware-20170617-150400.21.19 updated - util-linux-2.37.2-150400.2.15 updated