SUSE Container Update Advisory: suse/sles/15.4/virt-launcher ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2022:842-1 Container Tags : suse/sles/15.4/virt-launcher:0.49.0 , suse/sles/15.4/virt-launcher:0.49.0-150400.1.28 , suse/sles/15.4/virt-launcher:0.49.0.14.7 Container Release : 14.7 Severity : important Type : security References : 1198062 CVE-2022-1271 ----------------------------------------------------------------- The container suse/sles/15.4/virt-launcher was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:1158-1 Released: Tue Apr 12 14:44:43 2022 Summary: Security update for xz Type: security Severity: important References: 1198062,CVE-2022-1271 This update for xz fixes the following issues: - CVE-2022-1271: Fixed an incorrect escaping of malicious filenames (ZDI-CAN-16587). (bsc#1198062) The following package changes have been done: - libzstd1-1.5.0-150400.1.58 updated - libuuid1-2.37.2-150400.6.12 updated - libudev1-249.11-150400.5.4 updated - libsmartcols1-2.37.2-150400.6.12 updated - libsepol1-3.1-150400.1.54 updated - libeconf0-0.4.4+git20220104.962774f-150400.1.26 updated - libcom_err2-1.46.4-150400.1.66 updated - libbz2-1-1.0.8-150400.1.105 updated - libblkid1-2.37.2-150400.6.12 updated - libaudit1-3.0.6-150400.1.35 updated - libgcrypt20-1.9.4-150400.4.1 updated - libgcrypt20-hmac-1.9.4-150400.4.1 updated - libfdisk1-2.37.2-150400.6.12 updated - liblzma5-5.2.3-150000.4.7.1 updated - libopenssl1_1-1.1.1l-150400.4.7 updated - libopenssl1_1-hmac-1.1.1l-150400.4.7 updated - libelf1-0.185-150400.3.22 updated - libselinux1-3.1-150400.1.54 updated - libxml2-2-2.9.12-150400.3.1 updated - libsystemd0-249.11-150400.5.4 updated - libreadline7-7.0-150400.25.10 updated - libdw1-0.185-150400.3.22 updated - libsemanage1-3.1-150400.1.51 updated - libmount1-2.37.2-150400.6.12 updated - bash-4.4-150400.25.10 updated - bash-sh-4.4-150400.25.10 updated - login_defs-4.8.1-150400.8.42 updated - cpio-2.13-150400.1.84 updated - sles-release-15.4-150400.51.3 updated - rpm-config-SUSE-1-150400.12.25 updated - shadow-4.8.1-150400.8.42 updated - sysuser-shadow-3.1-150400.1.19 updated - system-group-hardware-20170617-150400.22.17 updated - util-linux-2.37.2-150400.6.12 updated - bzip2-1.0.8-150400.1.105 updated - kubevirt-container-disk-0.49.0-150400.1.28 updated - libapparmor1-3.0.4-150400.2.1 updated - libdbus-1-3-1.12.2-150400.16.45 updated - libdevmapper1_03-1.02.163-150400.15.66 updated - libexpat1-2.4.4-150400.2.10 updated - libnettle8-3.7.3-150400.2.16 updated - libusbredirparser1-0.7.1-1.29 added - qemu-accel-tcg-x86-6.2.0-150400.34.14 updated - qemu-ipxe-1.0.0+-150400.34.14 updated - qemu-seabios-1.15.0_0_g2dd4b9b-150400.34.14 updated - qemu-sgabios-8-150400.34.14 updated - qemu-vgabios-1.15.0_0_g2dd4b9b-150400.34.14 updated - system-group-kvm-20170617-150400.22.17 updated - system-group-libvirt-20170617-150400.22.17 updated - system-user-nobody-20170617-150400.22.17 updated - system-user-tss-20170617-150400.22.17 updated - xz-5.2.3-150000.4.7.1 updated - libdevmapper-event1_03-1.02.163-150400.15.66 updated - libcryptsetup12-2.4.3-150400.1.82 updated - libcryptsetup12-hmac-2.4.3-150400.1.82 updated - libhogweed6-3.7.3-150400.2.16 updated - qemu-hw-usb-redirect-6.2.0-150400.34.14 added - libopeniscsiusr0_2_0-2.1.6-150400.37.1 updated - system-user-qemu-20170617-150400.22.17 updated - dbus-1-1.12.2-150400.16.45 updated - device-mapper-1.02.163-150400.15.66 updated - libgnutls30-3.7.3-150400.2.7 updated - libgnutls30-hmac-3.7.3-150400.2.7 updated - xen-libs-4.16.0_08-150400.2.5 updated - systemd-249.11-150400.5.4 updated - gnutls-3.7.3-150400.2.7 updated - qemu-tools-6.2.0-150400.34.14 updated - udev-249.11-150400.5.4 updated - systemd-container-249.11-150400.5.4 updated - open-iscsi-2.1.6-150400.37.1 updated - kubevirt-virt-launcher-0.49.0-150400.1.28 updated - qemu-x86-6.2.0-150400.34.14 updated - qemu-6.2.0-150400.34.14 updated - librados2-16.2.7.654+gd5a90ff46f0-150400.1.1 updated - librbd1-16.2.7.654+gd5a90ff46f0-150400.1.1 updated - container:sles15-image-15.0.0-24.46 updated - libpmemobj1-1.11.1-150400.1.5 removed - rpm-ndb-4.14.3-150300.46.1 removed