SUSE Container Update Advisory: 
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2023:2752-1
Container Tags        : suse/sle-micro-rancher/5.4:latest
Container Release     : 3.2.83
Severity              : important
Type                  : recommended
References            : 1198666 1200085 1201519 1204040 1204844 1209242 1210687 1211746
                        CVE-2023-0950 CVE-2023-2255 
-----------------------------------------------------------------

The container  was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:3410-1
Released:    Thu Aug 24 06:56:32 2023
Summary:     Recommended update for audit
Type:        recommended
Severity:    moderate
References:  1201519,1204844
This update for audit fixes the following issues:

- Create symbolic link from /sbin/audisp-syslog to /usr/sbin/audisp-syslog (bsc#1201519)
- Fix rules not loaded when restarting auditd.service (bsc#1204844)

-----------------------------------------------------------------
Advisory ID: SUSE-feature-2023:3413-1
Released:    Thu Aug 24 07:32:09 2023
Summary:     Feature update for LibreOffice and xmlsec1
Type:        feature
Severity:    important
References:  1198666,1200085,1204040,1209242,1210687,1211746,CVE-2023-0950,CVE-2023-2255
This update for LibreOffice and xmlsec1 fixes the following issue:
    
libreoffice:

- Version update from 7.4.3.2 to 7.5.4.1 (jsc#PED-3561, jsc#PED-3550, jsc#3549):
  * For the highlights of changes of version 7.5 please consult the official release notes:
    https://wiki.documentfoundation.org/ReleaseNotes/7.5
  * Security issues fixed:
    + CVE-2023-0950: Fixed stack underflow in ScInterpreter (bsc#1209242)
    + CVE-2023-2255: Fixed vulnerability where remote documents could be loaded without prompt via IFrame (bsc#1211746)
  * Bug fixes:
    + Fix PPTX shadow effect for table offset (bsc#1204040)
    + Fix ability to set the default tab size for each text object (bsc#1198666)
    + Fix PPTX extra vertical space between different text formats (bsc#1200085)
    + Do not use binutils-gold as the package is unmaintained and will be removed in the future (boo#1210687)
  * Updated bundled dependencies:
    * boost version update from 1_77_0 to 1_80_0
    * curl version update from 7.83.1 to 8.0.1
    * gpgme version update from 1.16.0 to 1.18.0
    * icu4c-data version update from 70_1 to 72_1
    * icu4c version update from 70_1 to 72_1
    * pdfium version update from 4699 to 5408
    * poppler version update from 21.11.0 to 22.12.0

xmlsec1:
    
- Version update from 1.2.28 to 1.2.37 required by LibreOffice 7.5.2.2 (jsc#PED-3561, jsc#PED-3550):
  * Retired the XMLSec mailing list 'xmlsec@aleksey.com' and the XMLSec Online Signature Verifier.
  * Migration to OpenSSL 3.0 API Note that OpenSSL engines are disabled by default when XMLSec library is compiled
    against OpenSSL 3.0.
    To re-enable OpenSSL engines, use `--enable-openssl3-engines` configure flag 
    (there will be a lot of deprecation warnings).
  * The OpenSSL before 1.1.0 and LibreSSL before 2.7.0 are now deprecated and will be removed in the future versions of
    XMLSec Library.
  * Refactored all the integer casts to ensure cast-safety. Fixed all warnings and enabled `-Werror` and `-pedantic` 
    flags on CI builds.
  * Added configure flag to use size_t for xmlSecSize (currently disabled by default for backward compatibility).
  * Support for OpenSSL compiled with OPENSSL_NO_ERR.
  * Full support for LibreSSL 3.5.0 and above
  * Several other small fixes
  * Fix decrypting session key for two recipients 
  * Added `--privkey-openssl-engine` option to enhance openssl engine support
  * Remove MD5 for NSS 3.59 and above
  * Fix PKCS12_parse return code handling
  * Fix OpenSSL lookup
  * xmlSecX509DataGetNodeContent(): don't return 0 for non-empty elements - fix for LibreOffice
  * Unload error strings in OpenSSL shutdown.
  * Make userData available when executing preExecCallback function
  * Add an option to use secure memset.
  * Enabled XML_PARSE_HUGE for all xml parsers.
  * Various build and tests fixes and improvements.
  * Move remaining private header files away from xmlsec/include/`` folder
- Other packaging changes:
  * Relax the crypto policies for the test-suite. It allows the tests using certificates with small key lengths to pass.
  * Pass `--disable-md5` to configure: The cryptographic strength of the MD5 algorithm is sufficiently doubtful that its
    use is discouraged at this time. It is not listed as an algorithm in [XMLDSIG-CORE1]
    https://www.w3.org/TR/xmlsec-algorithms/#bib-XMLDSIG-CORE1


The following package changes have been done:

- libaudit1-3.0.6-150400.4.13.1 updated
- libxmlsec1-1-1.2.37-150400.14.3.4 updated
- libxmlsec1-openssl1-1.2.37-150400.14.3.4 updated