Container summary for suse/sl-micro/6.0/toolbox
SUSE-CU-2024:5304-1
| Container Advisory ID | SUSE-CU-2024:5304-1 |
| Container Tags | suse/sl-micro/6.0/toolbox:13.2 , suse/sl-micro/6.0/toolbox:13.2-6.22 , suse/sl-micro/6.0/toolbox:latest |
| Container Release | 6.22 |
The following patches have been included in this update:
SUSE-CU-2024:5155-1
| Container Advisory ID | SUSE-CU-2024:5155-1 |
| Container Tags | suse/sl-micro/6.0/toolbox:13.2 , suse/sl-micro/6.0/toolbox:13.2-6.21 , suse/sl-micro/6.0/toolbox:latest |
| Container Release | 6.21 |
The following patches have been included in this update:
SUSE-CU-2024:5130-1
| Container Advisory ID | SUSE-CU-2024:5130-1 |
| Container Tags | suse/sl-micro/6.0/toolbox:13.2 , suse/sl-micro/6.0/toolbox:13.2-6.19 , suse/sl-micro/6.0/toolbox:latest |
| Container Release | 6.19 |
The following patches have been included in this update:
SUSE-CU-2024:5129-1
| Container Advisory ID | SUSE-CU-2024:5129-1 |
| Container Tags | suse/sl-micro/6.0/toolbox:13.2 , suse/sl-micro/6.0/toolbox:13.2-6.18 , suse/sl-micro/6.0/toolbox:latest |
| Container Release | 6.18 |
The following patches have been included in this update:
SUSE-CU-2024:4897-1
| Container Advisory ID | SUSE-CU-2024:4897-1 |
| Container Tags | suse/sl-micro/6.0/toolbox:13.2 , suse/sl-micro/6.0/toolbox:13.2-6.16 , suse/sl-micro/6.0/toolbox:latest |
| Container Release | 6.16 |
The following patches have been included in this update:
SUSE-CU-2024:4736-1
| Container Advisory ID | SUSE-CU-2024:4736-1 |
| Container Tags | suse/sl-micro/6.0/toolbox:13.2 , suse/sl-micro/6.0/toolbox:13.2-6.15 , suse/sl-micro/6.0/toolbox:latest |
| Container Release | 6.15 |
The following patches have been included in this update:
SUSE-CU-2024:4196-1
| Container Advisory ID | SUSE-CU-2024:4196-1 |
| Container Tags | suse/sl-micro/6.0/toolbox:13.2 , suse/sl-micro/6.0/toolbox:13.2-6.14 , suse/sl-micro/6.0/toolbox:latest |
| Container Release | 6.14 |
The following patches have been included in this update:
| Advisory ID | 45
|
| Released | Wed Sep 11 13:41:31 2024 |
| Summary | Security update for libxml2 |
| Type | security |
| Severity | moderate |
| References | 1224282,CVE-2024-34459 |
Description:
This update for libxml2 fixes the following issues:
- CVE-2024-34459: Fixed buffer over-read in (bsc#1224282)
SUSE-CU-2024:4019-1
| Container Advisory ID | SUSE-CU-2024:4019-1 |
| Container Tags | suse/sl-micro/6.0/toolbox:13.2 , suse/sl-micro/6.0/toolbox:13.2-6.13 , suse/sl-micro/6.0/toolbox:latest |
| Container Release | 6.13 |
The following patches have been included in this update:
| Advisory ID | 32
|
| Released | Thu Sep 5 12:12:35 2024 |
| Summary | Security update for glibc |
| Type | security |
| Severity | important |
| References | 1221482,1221940,1222992,1223423,1223424,1223425,1228041,CVE-2024-2961,CVE-2024-33599,CVE-2024-33600,CVE-2024-33601,CVE-2024-33602 |
Description:
This update for glibc fixes the following issues:
Fixed security issues:
- CVE-2024-33602: Use time_t for return type of addgetnetgrentX (bsc#1223425)
- CVE-2024-33599: nscd: Stack-based buffer overflow in netgroup cache (bsc#1223423)
- CVE-2024-33600: nscd: Avoid null pointer crashes after notfound response (bsc#1223424)
- CVE-2024-33600: nscd: Do not send missing not-found response in addgetnetgrentX (bsc#1223424)
- CVE-2024-33601, CVE-2024-33602: netgroup: Use two buffers in addgetnetgrentX (bsc#1223425)
- CVE-2024-2961: iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence (bsc#1222992)
Fixed non-security issues:
- Add workaround for invalid use of libc_nonshared.a with non-SUSE libc (bsc#1221482)
- Fix segfault in wcsncmp (bsc#1228041)
- Also include stat64 in the 32-bit libc_nonshared.a workaround (bsc#1221482)
- Avoid creating ULP prologue for _start routine (bsc#1221940)
- Also add libc_nonshared.a workaround to 32-bit x86 compat package (bsc#1221482)
- malloc: Use __get_nprocs on arena_get2
- linux: Use rseq area unconditionally in sched_getcpu
SUSE-CU-2024:3986-1
| Container Advisory ID | SUSE-CU-2024:3986-1 |
| Container Tags | suse/sl-micro/6.0/toolbox:13.2 , suse/sl-micro/6.0/toolbox:13.2-6.11 , suse/sl-micro/6.0/toolbox:latest |
| Container Release | 6.11 |
The following patches have been included in this update:
| Advisory ID | 29
|
| Released | Wed Sep 4 12:41:35 2024 |
| Summary | Recommended update for gcc13 |
| Type | recommended |
| Severity | important |
| References | 1188441,1220724,1221239 |
Description:
This update for gcc13 fixes the following issues:
- Update to GCC 13.3 release
- Removed Fiji support from the GCN offload compiler as that is requiring
Code Object version 3 which is no longer supported by llvm18.
- Avoid combine spending too much compile-time and memory doing nothing
on s390x. [bsc#1188441]
- Make requirement to lld version specific to avoid requiring the
meta-package.
- Fix unwinding for JIT code. [bsc#1221239]
- Revert libgccjit dependency change. [bsc#1220724]
SUSE-CU-2024:3968-1
| Container Advisory ID | SUSE-CU-2024:3968-1 |
| Container Tags | suse/sl-micro/6.0/toolbox:13.2 , suse/sl-micro/6.0/toolbox:13.2-6.9 , suse/sl-micro/6.0/toolbox:latest |
| Container Release | 6.9 |
The following patches have been included in this update:
| Advisory ID | 27
|
| Released | Tue Sep 3 14:16:21 2024 |
| Summary | Security update for glib2 |
| Type | security |
| Severity | low |
| References | 1224044,CVE-2024-34397 |
Description:
This update for glib2 fixes the following issues:
- Fixed a possible use after free regression introduced by CVE-2024-34397 patch (bsc#1224044).
SUSE-CU-2024:3914-1
| Container Advisory ID | SUSE-CU-2024:3914-1 |
| Container Tags | suse/sl-micro/6.0/toolbox:13.2 , suse/sl-micro/6.0/toolbox:13.2-6.8 , suse/sl-micro/6.0/toolbox:latest |
| Container Release | 6.8 |
The following patches have been included in this update:
| Advisory ID | 26
|
| Released | Fri Aug 30 11:28:02 2024 |
| Summary | Recommended update for suse-build-key |
| Type | recommended |
| Severity | critical |
| References | 1229339 |
Description:
This update for suse-build-key fixes the following issues:
Extended 2048 bit SUSE SLE 12, 15 GA-SP5 key until 2028. (bsc#1229339)
SUSE-CU-2024:3900-1
| Container Advisory ID | SUSE-CU-2024:3900-1 |
| Container Tags | suse/sl-micro/6.0/toolbox:13.2 , suse/sl-micro/6.0/toolbox:13.2-6.6 , suse/sl-micro/6.0/toolbox:latest |
| Container Release | 6.6 |
The following patches have been included in this update:
| Advisory ID | 24
|
| Released | Wed Aug 28 13:31:01 2024 |
| Summary | Security update for ca-certificates-mozilla |
| Type | security |
| Severity | important |
| References | 1199079,1220356,1227525 |
Description:
This update for ca-certificates-mozilla fixes the following issues:
- Updated to 2.68 state of Mozilla SSL root CAs (bsc#1227525)
- Added: FIRMAPROFESIONAL CA ROOT-A WEB
- Distrust: GLOBALTRUST 2020
- Updated to 2.66 state of Mozilla SSL root CAs (bsc#1220356)
Added:
- CommScope Public Trust ECC Root-01
- CommScope Public Trust ECC Root-02
- CommScope Public Trust RSA Root-01
- CommScope Public Trust RSA Root-02
- D-Trust SBR Root CA 1 2022
- D-Trust SBR Root CA 2 2022
- Telekom Security SMIME ECC Root 2021
- Telekom Security SMIME RSA Root 2023
- Telekom Security TLS ECC Root 2020
- Telekom Security TLS RSA Root 2023
- TrustAsia Global Root CA G3
- TrustAsia Global Root CA G4
Removed:
- Autoridad de Certificacion Firmaprofesional CIF A62634068
- Chambers of Commerce Root - 2008
- Global Chambersign Root - 2008
- Security Communication Root CA
- Symantec Class 1 Public Primary Certification Authority - G6
- Symantec Class 2 Public Primary Certification Authority - G6
- TrustCor ECA-1
- TrustCor RootCert CA-1
- TrustCor RootCert CA-2
- VeriSign Class 1 Public Primary Certification Authority - G3
- VeriSign Class 2 Public Primary Certification Authority - G3
SUSE-CU-2024:3890-1
| Container Advisory ID | SUSE-CU-2024:3890-1 |
| Container Tags | suse/sl-micro/6.0/toolbox:13.2 , suse/sl-micro/6.0/toolbox:13.2-6.4 , suse/sl-micro/6.0/toolbox:latest |
| Container Release | 6.4 |
The following patches have been included in this update:
| Advisory ID | 18
|
| Released | Tue Aug 20 13:47:06 2024 |
| Summary | Security update for nghttp2 |
| Type | security |
| Severity | important |
| References | 1221399,CVE-2024-28182 |
Description:
This update for nghttp2 fixes the following issues:
- CVE-2024-28182: Fixed denial of service via http/2 continuation frames (bsc#1221399)
| Advisory ID | 23
|
| Released | Tue Aug 27 18:49:42 2024 |
| Summary | Security update for python311, python-rpm-macros |
| Type | security |
| Severity | important |
| References | 1174091,1189495,1221854,1226447,1226448,1227378,1228780,831629,CVE-2019-20907,CVE-2019-9947,CVE-2020-15523,CVE-2020-15801,CVE-2022-25236,CVE-2023-52425,CVE-2024-0397,CVE-2024-0450,CVE-2024-4032,CVE-2024-6923 |
Description:
This update for python311, python-rpm-macros fixes the following issues:
python311:
- CVE-2024-0450: Fixed zipfile module vulnerability with 'quoted-overlap' zipbomb (bsc#1221854)
- CVE-2024-4032: Fixed incorrect IPv4 and IPv6 private ranges (bsc#1226448)
- CVE-2024-0397: Fixed memory race condition in ssl.SSLContext certificate store methods (bsc#1226447)
- CVE-2024-6923: Prevent email header injection due to unquoted newlines (bsc#1228780)
- Fixed executable bits for /usr/bin/idle* (bsc#1227378).
python-rpm-macros:
- Update to version 20240618.c146b29:
* Add %FLAVOR_pytest and %FLAVOR_pyunittest variants
- Update to version 20240618.1e386da:
* Fix python_clone sed regex
- Update to version 20240614.02920b8:
* Make sure that RPM_BUILD_ROOT env is set
* don't eliminate any cmdline arguments in the shebang line
* Create python313 macros
- Update to version 20240415.c664b45:
* Fix typo 310 -> 312 in default-prjconf
- Update to version 20240202.501440e:
* SPEC0: Drop python39, add python312 to buildset (#169)
- Update to version 20231220.98427f3:
* fix python2_compile macro
- Update to version 20231207.46c2ec3:
* make FLAVOR_compile compatible with python2
- Update to version 20231204.dd64e74:
* Combine fix_shebang in one line
* New macro FLAVOR_fix_shebang_path
* Use realpath in %python_clone macro shebang replacement
* Compile and fix_shebang in %python_install macros
- Update to version 20231010.0a1f0d9:
* Revert 'Compile and fix_shebang in %python_install macros'
* gh#openSUSE/python-rpm-macros#163
- Update to version 20231010.a32e110:
* Compile and fix_shebang in %python_install macros
- Update to version 20231005.bf2d3ab:
* Fix shebang also in sbin with macro _fix_shebang
SUSE-CU-2024:3280-1
| Container Advisory ID | SUSE-CU-2024:3280-1 |
| Container Tags | suse/sl-micro/6.0/toolbox:13.2 , suse/sl-micro/6.0/toolbox:13.2-6.2 , suse/sl-micro/6.0/toolbox:latest |
| Container Release | 6.2 |
The following patches have been included in this update:
SUSE-CU-2024:3223-1
| Container Advisory ID | SUSE-CU-2024:3223-1 |
| Container Tags | suse/sl-micro/6.0/toolbox:13.2 , suse/sl-micro/6.0/toolbox:13.2-6.1 , suse/sl-micro/6.0/toolbox:latest |
| Container Release | 6.1 |
The following patches have been included in this update:
| Advisory ID | 7
|
| Released | Mon Jul 15 13:04:11 2024 |
| Summary | Security update for less |
| Type | security |
| Severity | important |
| References | 1222849,CVE-2024-32487 |
Description:
This update for less fixes the following issues:
- CVE-2024-32487: Fix a bug where mishandling of \n character in paths when LESSOPEN is set leads to OS command execution. (bsc#1222849)
| Advisory ID | 9
|
| Released | Fri Aug 9 10:33:34 2024 |
| Summary | Recommended update for bash, libcap-ng, libselinux, libselinux-bindings, libsemanage, zypper |
| Type | recommended |
| Severity | low |
| References | |
Description:
This update fixes the following issues:
- No change rebuild due to dependency changes.
| Advisory ID | 30
|
| Released | Wed Sep 4 16:07:40 2024 |
| Summary | Security update for curl |
| Type | security |
| Severity | moderate |
| References | 1221665,1221666,1221667,1221668,1227888,1228535,CVE-2024-2004,CVE-2024-2379,CVE-2024-2398,CVE-2024-2466,CVE-2024-6197,CVE-2024-7264 |
Description:
This update for curl fixes the following issues:
Security issues fixed:
- CVE-2024-7264: ASN.1 date parser overread (bsc#1228535)
- CVE-2024-6197: Freeing stack buffer in utf8asn1str (bsc#1227888)
- CVE-2024-2379: QUIC certificate check bypass with wolfSSL (bsc#1221666)
- CVE-2024-2466: TLS certificate check bypass with mbedTLS (bsc#1221668)
- CVE-2024-2004: Usage of disabled protocol (bsc#1221665)
- CVE-2024-2398: HTTP/2 push headers memory-leak (bsc#1221667)
Non-security issue fixed:
- Fixed various TLS related issues including FTP over SSL transmission timeouts.
| Advisory ID | 44
|
| Released | Wed Sep 11 13:33:01 2024 |
| Summary | Security update for expat |
| Type | security |
| Severity | important |
| References | 1221289,1229930,1229931,1229932,CVE-2024-28757,CVE-2024-45490,CVE-2024-45491,CVE-2024-45492 |
Description:
This update for expat fixes the following issues:
- CVE-2024-45492: detect integer overflow in function nextScaffoldPart (bsc#1229932)
- CVE-2024-45491: detect integer overflow in dtdCopy (bsc#1229931)
- CVE-2024-45490: reject negative len for XML_ParseBuffer (bsc#1229930)
- CVE-2024-28757: XML Entity Expansion attack when there is isolated use of external parsers (bsc#1221289)