SUSE Container Update Advisory: bci/php-apache
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2024:1460-1
Container Tags        : bci/php-apache:8 , bci/php-apache:8-12.46
Container Release     : 12.46
Severity              : moderate
Type                  : security
References            : 1210959 1214934 1217450 1217667 1218492 1219031 1219520 1220724
                        1221239 1221242 1221746 1221747 CVE-2024-28834 CVE-2024-28835
-----------------------------------------------------------------

The container bci/php-apache was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1253-1
Released:    Fri Apr 12 08:15:18 2024
Summary:     Recommended update for gcc13
Type:        recommended
Severity:    moderate
References:  1210959,1214934,1217450,1217667,1218492,1219031,1219520,1220724,1221239
This update for gcc13 fixes the following issues:

- Fix unwinding for JIT code.  [bsc#1221239] 
- Revert libgccjit dependency change.  [bsc#1220724]
- Remove crypt and crypt_r interceptors. The crypt API change in SLE15 SP3
  breaks them.  [bsc#1219520]
- Add support for -fmin-function-alignment.  [bsc#1214934]
- Use %{_target_cpu} to determine host and build.
- Fix for building TVM.  [bsc#1218492]
- Add cross-X-newlib-devel requires to newlib cross compilers.
  [bsc#1219031]
- Package m2rte.so plugin in the gcc13-m2 sub-package rather than in gcc13-devel.  [bsc#1210959]
- Require libstdc++6-devel-gcc13 from gcc13-m2 as m2 programs are linked against libstdc++6.
- Fixed building mariadb on i686.  [bsc#1217667]
- Avoid update-alternatives dependency for accelerator crosses.
- Package tool links to llvm in cross-amdgcn-gcc13 rather than in
  cross-amdgcn-newlib13-devel since that also has the dependence.
- Depend on llvmVER instead of llvm with VER equal to
  %product_libs_llvm_ver where available and adjust tool discovery
  accordingly.  This should also properly trigger re-builds when
  the patchlevel version of llvmVER changes, possibly changing
  the binary names we link to.  [bsc#1217450]

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1271-1
Released:    Fri Apr 12 15:35:55 2024
Summary:     Security update for gnutls
Type:        security
Severity:    moderate
References:  1221242,1221746,1221747,CVE-2024-28834,CVE-2024-28835
This update for gnutls fixes the following issues:

- CVE-2024-28834: Fixed side-channel in the deterministic ECDSA (bsc#1221746)
- CVE-2024-28835: Fixed denial of service during certificate chain verification (bsc#1221747)

Other fixes:
  - jitterentropy: Release the memory of the entropy collector when
    using jitterentropy with phtreads as there is also a
    pre-intitization done in the main thread (bsc#1221242)


The following package changes have been done:

- libgcc_s1-13.2.1+git8285-150000.1.9.1 updated
- libstdc++6-13.2.1+git8285-150000.1.9.1 updated
- libgnutls30-3.7.3-150400.4.44.1 updated
- libgnutls30-hmac-3.7.3-150400.4.44.1 updated
- container:sles15-image-15.0.0-36.11.24 updated