SUSE Container Update Advisory: suse/sles/15.7/libguestfs-tools ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2024:4104-1 Container Tags : suse/sles/15.7/libguestfs-tools:1.1.1 , suse/sles/15.7/libguestfs-tools:1.1.1-150700.9.8 , suse/sles/15.7/libguestfs-tools:1.1.1.28.24 Container Release : 28.24 Severity : moderate Type : security References : 1159034 1194818 1194818 1218609 1222285 1225907 1226463 1227138 CVE-2024-5535 ----------------------------------------------------------------- The container suse/sles/15.7/libguestfs-tools was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:2888-1 Released: Tue Aug 13 11:07:41 2024 Summary: Recommended update for util-linux Type: recommended Severity: moderate References: 1159034,1194818,1218609,1222285 This update for util-linux fixes the following issues: - agetty: Prevent login cursor escape (bsc#1194818). - Document unexpected side effects of lazy destruction (bsc#1159034). - Don't delete binaries not common for all architectures. Create an util-linux-extra subpackage instead, so users of third party tools can use them (bsc#1222285). - Improved man page for chcpu (bsc#1218609). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:2933-1 Released: Thu Aug 15 12:12:50 2024 Summary: Security update for openssl-1_1 Type: security Severity: moderate References: 1225907,1226463,1227138,CVE-2024-5535 This update for openssl-1_1 fixes the following issues: - CVE-2024-5535: Fixed a buffer overread in function SSL_select_next_proto() with an empty supported client protocols buffer (bsc#1227138) Other fixes: - Build with no-afalgeng. (bsc#1226463) - Fixed C99 violations to allow the package to build with GCC 14. (bsc#1225907) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:2967-1 Released: Mon Aug 19 15:41:29 2024 Summary: Recommended update for pam Type: recommended Severity: moderate References: 1194818 This update for pam fixes the following issue: - Prevent cursor escape from the login prompt (bsc#1194818). The following package changes have been done: - libuuid1-2.39.3-150600.4.9.4 updated - libsmartcols1-2.39.3-150600.4.9.4 updated - libblkid1-2.39.3-150600.4.9.4 updated - libfdisk1-2.39.3-150600.4.9.4 updated - libmount1-2.39.3-150600.4.9.4 updated - sles-release-15.7-150700.5.1 updated - pam-1.3.0-150000.6.71.2 updated - util-linux-2.39.3-150600.4.9.4 updated - qemu-accel-tcg-x86-8.2.6-150700.6.1 updated - qemu-ipxe-8.2.6-150700.6.1 updated - qemu-seabios-8.2.61.16.3_3_ga95067eb-150700.6.1 updated - qemu-vgabios-8.2.61.16.3_3_ga95067eb-150700.6.1 updated - libopenssl1_1-1.1.1w-150600.5.6.1 updated - libndctl6-79-150700.1.1 updated - xen-libs-4.19.0_02-150700.1.1 updated - qemu-pr-helper-8.2.6-150700.6.1 updated - qemu-img-8.2.6-150700.6.1 updated - util-linux-systemd-2.39.3-150600.4.9.4 updated - libvirt-libs-10.6.0-150700.1.2 updated - qemu-tools-8.2.6-150700.6.1 updated - qemu-x86-8.2.6-150700.6.1 updated - qemu-8.2.6-150700.6.1 updated - container:sles15-image-15.0.0-50.13 updated