SUSE Container Update Advisory: suse/sles/15.4/libguestfs-tools ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2022:843-1 Container Tags : suse/sles/15.4/libguestfs-tools:0.49.0 , suse/sles/15.4/libguestfs-tools:0.49.0-150400.1.28 , suse/sles/15.4/libguestfs-tools:0.49.0.12.6 Container Release : 12.6 Severity : important Type : security References : 1194883 1195258 1196093 1197024 1197459 1198062 CVE-2018-25032 CVE-2021-22570 CVE-2022-1271 ----------------------------------------------------------------- The container suse/sles/15.4/libguestfs-tools was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:1040-1 Released: Wed Mar 30 09:40:58 2022 Summary: Security update for protobuf Type: security Severity: moderate References: 1195258,CVE-2021-22570 This update for protobuf fixes the following issues: - CVE-2021-22570: Fix incorrect parsing of nullchar in the proto symbol (bsc#1195258). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:1047-1 Released: Wed Mar 30 16:20:56 2022 Summary: Recommended update for pam Type: recommended Severity: moderate References: 1196093,1197024 This update for pam fixes the following issues: - Define _pam_vendordir as the variable is needed by systemd and others. (bsc#1196093) - Between allocating the variable 'ai' and free'ing them, there are two 'return NO' were we don't free this variable. This patch inserts freaddrinfo() calls before the 'return NO;'s. (bsc#1197024) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:1061-1 Released: Wed Mar 30 18:27:06 2022 Summary: Security update for zlib Type: security Severity: important References: 1197459,CVE-2018-25032 This update for zlib fixes the following issues: - CVE-2018-25032: Fixed memory corruption on deflate (bsc#1197459). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:1099-1 Released: Mon Apr 4 12:53:05 2022 Summary: Recommended update for aaa_base Type: recommended Severity: moderate References: 1194883 This update for aaa_base fixes the following issues: - Set net.ipv4.ping_group_range to allow ICMP ping (bsc#1194883) - Include all fixes and changes for systemwide inputrc to remove the 8 bit escape sequence which interfere with UTF-8 multi byte characters as well as support the vi mode of readline library ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:1158-1 Released: Tue Apr 12 14:44:43 2022 Summary: Security update for xz Type: security Severity: important References: 1198062,CVE-2022-1271 This update for xz fixes the following issues: - CVE-2022-1271: Fixed an incorrect escaping of malicious filenames (ZDI-CAN-16587). (bsc#1198062) The following package changes have been done: - libssh-config-0.9.6-150400.1.2 updated - libzstd1-1.5.0-150400.1.58 updated - libuuid1-2.37.2-150400.6.12 updated - libudev1-249.11-150400.5.4 updated - libsmartcols1-2.37.2-150400.6.12 updated - libsepol1-3.1-150400.1.54 updated - libeconf0-0.4.4+git20220104.962774f-150400.1.26 updated - libcom_err2-1.46.4-150400.1.66 updated - libbz2-1-1.0.8-150400.1.105 updated - libblkid1-2.37.2-150400.6.12 updated - libaudit1-3.0.6-150400.1.35 updated - libgcrypt20-1.9.4-150400.4.1 updated - libgcrypt20-hmac-1.9.4-150400.4.1 updated - libfdisk1-2.37.2-150400.6.12 updated - libz1-1.2.11-150000.3.30.1 updated - liblzma5-5.2.3-150000.4.7.1 updated - libopenssl1_1-1.1.1l-150400.4.7 updated - libopenssl1_1-hmac-1.1.1l-150400.4.7 updated - libelf1-0.185-150400.3.22 updated - libselinux1-3.1-150400.1.54 updated - libxml2-2-2.9.12-150400.3.1 updated - libsystemd0-249.11-150400.5.4 updated - libyaml-cpp0_6-0.6.3-150400.2.1 updated - libreadline7-7.0-150400.25.10 updated - libdw1-0.185-150400.3.22 updated - libsemanage1-3.1-150400.1.51 updated - libmount1-2.37.2-150400.6.12 updated - krb5-1.19.2-150400.1.6 updated - bash-4.4-150400.25.10 updated - bash-sh-4.4-150400.25.10 updated - libssh4-0.9.6-150400.1.2 updated - login_defs-4.8.1-150400.8.42 updated - cpio-2.13-150400.1.84 updated - libprotobuf-lite20-3.9.2-4.12.1 updated - sles-release-15.4-150400.51.3 updated - rpm-config-SUSE-1-150400.12.25 updated - permissions-20201225-150400.2.1 updated - libgpgme11-1.16.0-150400.1.73 updated - pam-1.3.0-150000.6.55.3 updated - libsolv-tools-0.7.22-150400.1.1 updated - shadow-4.8.1-150400.8.42 updated - libzypp-17.30.0-150400.1.1 updated - sysuser-shadow-3.1-150400.1.19 updated - zypper-1.14.52-150400.1.3 updated - system-group-hardware-20170617-150400.22.17 updated - util-linux-2.37.2-150400.6.12 updated - aaa_base-84.87+git20180409.04c9dae-3.57.1 updated - btrfsprogs-udev-rules-5.14-150400.3.2 updated - libguestfs-devel-1.44.2-150400.1.10 updated - guestfs-winsupport-1.44.2-150400.1.10 updated - libapparmor1-3.0.4-150400.2.1 updated - libasm1-0.185-150400.3.22 updated - libdbus-1-3-1.12.2-150400.16.45 updated - libdevmapper1_03-1.02.163-150400.15.66 updated - libexpat1-2.4.4-150400.2.10 updated - libext2fs2-1.46.4-150400.1.66 updated - libnettle8-3.7.3-150400.2.16 updated - libpcre2-8-0-10.39-150400.1.5 updated - linux-glibc-devel-5.14-150400.4.29 updated - qemu-accel-tcg-x86-6.2.0-150400.34.14 updated - qemu-ipxe-1.0.0+-150400.34.14 updated - qemu-seabios-1.15.0_0_g2dd4b9b-150400.34.14 updated - qemu-sgabios-8-150400.34.14 updated - qemu-vgabios-1.15.0_0_g2dd4b9b-150400.34.14 updated - system-group-kvm-20170617-150400.22.17 updated - xz-5.2.3-150000.4.7.1 updated - zstd-1.5.0-150400.1.58 updated - elfutils-0.185-150400.3.22 updated - e2fsprogs-1.46.4-150400.1.66 updated - libcryptsetup12-2.4.3-150400.1.82 updated - libcryptsetup12-hmac-2.4.3-150400.1.82 updated - libndctl6-71.1-150400.8.2 updated - libhogweed6-3.7.3-150400.2.16 updated - btrfsprogs-5.14-150400.3.2 updated - libblkid-devel-2.37.2-150400.6.12 updated - system-user-qemu-20170617-150400.22.17 updated - dbus-1-1.12.2-150400.16.45 updated - python3-evtx-0.5.3b-150400.13.1 updated - cryptsetup-2.4.3-150400.1.82 updated - libgnutls30-3.7.3-150400.2.7 updated - libgnutls30-hmac-3.7.3-150400.2.7 updated - xen-libs-4.16.0_08-150400.2.5 updated - systemd-249.11-150400.5.4 updated - qemu-tools-6.2.0-150400.34.14 updated - zlib-devel-1.2.11-150000.3.30.1 updated - libsepol-devel-3.1-150400.1.54 updated - systemd-sysvinit-249.11-150400.5.4 updated - libvirt-libs-8.0.0-150400.5.1 updated - wicked-0.6.69-150400.1.1 updated - wicked-service-0.6.69-150400.1.1 updated - dracut-mkinitrd-deprecated-055+suse.248.g92d06110-150400.1.6 updated - udev-249.11-150400.5.4 updated - dracut-055+suse.248.g92d06110-150400.1.6 updated - kernel-kvmsmall-5.14.21-150400.19.1 updated - rdma-core-38.1-150400.4.2 updated - dracut-fips-055+suse.248.g92d06110-150400.1.6 updated - libselinux-devel-3.1-150400.1.54 updated - libibverbs1-38.1-150400.4.2 updated - libmlx5-1-38.1-150400.4.2 updated - libmount-devel-2.37.2-150400.6.12 updated - libmlx4-1-38.1-150400.4.2 updated - libefa1-38.1-150400.4.2 updated - libibverbs-38.1-150400.4.2 updated - librdmacm1-38.1-150400.4.2 updated - qemu-x86-6.2.0-150400.34.14 updated - qemu-6.2.0-150400.34.14 updated - guestfs-data-1.44.2-150400.1.10 updated - libguestfs0-1.44.2-150400.1.10 updated - perl-Sys-Guestfs-1.44.2-150400.1.10 updated - guestfs-tools-1.44.2-150400.1.10 updated - container:sles15-image-15.0.0-24.46 updated - fipscheck-1.4.1-3.3.1 removed - libfipscheck1-1.4.1-3.3.1 removed - rpm-ndb-4.14.3-150400.41.6 removed