SUSE Container Update Advisory: suse/sle15 ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2024:2602-1 Container Tags : bci/bci-base:15.6 , bci/bci-base:15.6.47.5.4 , suse/sle15:15.6 , suse/sle15:15.6.47.5.4 Container Release : 47.5.4 Severity : important Type : security References : 1218609 1220117 1221482 1221831 1223605 1224044 CVE-2024-28085 CVE-2024-34397 ----------------------------------------------------------------- The container suse/sle15 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:1943-1 Released: Fri Jun 7 17:04:06 2024 Summary: Security update for util-linux Type: security Severity: important References: 1218609,1220117,1221831,1223605,CVE-2024-28085 This update for util-linux fixes the following issues: - CVE-2024-28085: Properly neutralize escape sequences in wall to avoid potential account takeover. (bsc#1221831) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:1950-1 Released: Fri Jun 7 17:20:14 2024 Summary: Security update for glib2 Type: security Severity: moderate References: 1224044,CVE-2024-34397 This update for glib2 fixes the following issues: Update to version 2.78.6: + Fix a regression with IBus caused by the fix for CVE-2024-34397 Changes in version 2.78.5: + Fix CVE-2024-34397: GDBus signal subscriptions for well-known names are vulnerable to unicast spoofing. (bsc#1224044) + Bugs fixed: - gvfs-udisks2-volume-monitor SIGSEGV in g_content_type_guess_for_tree() due to filename with bad encoding - gcontenttype: Make filename valid utf-8 string before processing. - gdbusconnection: Don't deliver signals if the sender doesn't match. Changes in version 2.78.4: + Bugs fixed: - Fix generated RST anchors for methods, signals and properties. - docs/reference: depend on a native gtk-doc. - gobject_gdb.py: Do not break bt on optimized build. - gregex: clean up usage of _GRegex.jit_status. ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:1954-1 Released: Fri Jun 7 18:01:06 2024 Summary: Recommended update for glibc Type: recommended Severity: moderate References: 1221482 This update for glibc fixes the following issues: - Also include stat64 in the 32-bit libc_nonshared.a workaround (bsc#1221482) The following package changes have been done: - gio-branding-SLE-15-150600.35.2.1 updated - glib2-tools-2.78.6-150600.4.3.1 updated - glibc-2.38-150600.14.5.1 updated - libblkid1-2.39.3-150600.4.3.1 updated - libfdisk1-2.39.3-150600.4.3.1 updated - libgio-2_0-0-2.78.6-150600.4.3.1 updated - libglib-2_0-0-2.78.6-150600.4.3.1 updated - libgmodule-2_0-0-2.78.6-150600.4.3.1 updated - libgobject-2_0-0-2.78.6-150600.4.3.1 updated - libmount1-2.39.3-150600.4.3.1 updated - libsmartcols1-2.39.3-150600.4.3.1 updated - libuuid1-2.39.3-150600.4.3.1 updated - util-linux-2.39.3-150600.4.3.1 updated