SUSE Container Update Advisory: suse/ltss/sle15.4/sle15 ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2024:926-1 Container Tags : suse/ltss/sle15.4/bci-base:15.4 , suse/ltss/sle15.4/bci-base:15.4.3.10 , suse/ltss/sle15.4/sle15:15.4 , suse/ltss/sle15.4/sle15:15.4.3.10 Container Release : 3.10 Severity : moderate Type : security References : 1219243 1220117 CVE-2024-0727 ----------------------------------------------------------------- The container suse/ltss/sle15.4/sle15 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:792-1 Released: Thu Mar 7 09:55:23 2024 Summary: Recommended update for timezone Type: recommended Severity: moderate References: This update for timezone fixes the following issues: - Update to version 2024a - Kazakhstan unifies on UTC+5 - Palestine springs forward a week later than previously predicted in 2024 and 2025 - Asia/Ho_Chi_Minh's 1955-07-01 transition occurred at 01:00 not 00:00 - From 1947 through 1949, Toronto's transitions occurred at 02:00 not 00:00 - In 1911 Miquelon adopted standard time on June 15, not May 15 - The FROM and TO columns of Rule lines can no longer be 'minimum' - localtime no longer mishandle some timestamps - strftime %s now uses tm_gmtoff if available - Ittoqqortoormiit, Greenland changes time zones on 2024-03-31 - Vostok, Antarctica changed time zones on 2023-12-18 - Casey, Antarctica changed time zones five times since 2020 - Code and data fixes for Palestine timestamps starting in 2072 - A new data file zonenow.tab for timestamps starting now - Much of Greenland changed its standard time from -03 to -02 on 2023-03-25 - localtime.c no longer mishandles TZif files that contain a single transition into a DST regime - tzselect no longer creates temporary files - tzselect no longer mishandles the following: * Spaces and most other special characters in BUGEMAIL, PACKAGE, TZDIR, and VERSION. * TZ strings when using mawk 1.4.3, which mishandles regular expressions of the form /X{2,}/ * ISO 6709 coordinates when using an awk that lacks the GNU extension of newlines in -v option-arguments * Non UTF-8 locales when using an iconv command that lacks the GNU //TRANSLIT extension * zic no longer mishandles data for Palestine after the year 2075 ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:833-1 Released: Mon Mar 11 10:31:14 2024 Summary: Security update for openssl-1_1 Type: security Severity: moderate References: 1219243,CVE-2024-0727 This update for openssl-1_1 fixes the following issues: - CVE-2024-0727: Denial of service when processing a maliciously formatted PKCS12 file (bsc#1219243). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:838-1 Released: Tue Mar 12 06:46:28 2024 Summary: Recommended update for util-linux Type: recommended Severity: moderate References: 1220117 This update for util-linux fixes the following issues: - Processes not cleaned up after failed SSH session are using up 100% CPU (bsc#1220117) The following package changes have been done: - libblkid1-2.37.2-150400.8.26.1 updated - libfdisk1-2.37.2-150400.8.26.1 updated - libmount1-2.37.2-150400.8.26.1 updated - libopenssl1_1-hmac-1.1.1l-150400.7.63.1 updated - libopenssl1_1-1.1.1l-150400.7.63.1 updated - libsmartcols1-2.37.2-150400.8.26.1 updated - libuuid1-2.37.2-150400.8.26.1 updated - openssl-1_1-1.1.1l-150400.7.63.1 updated - timezone-2024a-150000.75.28.1 updated - util-linux-2.37.2-150400.8.26.1 updated