SUSE: 2021:563-1 bci/golang Security Update
Summary
Advisory ID: SUSE-RU-2021:3786-1 Released: Wed Nov 24 05:59:13 2021 Summary: Recommended update for rpm-config-SUSE Type: recommended Severity: important Advisory ID: SUSE-RU-2021:3798-1 Released: Wed Nov 24 18:01:36 2021 Summary: Recommended update for gcc7 Type: recommended Severity: moderate Advisory ID: SUSE-RU-2021:3799-1 Released: Wed Nov 24 18:07:54 2021 Summary: Recommended update for gcc11 Type: recommended Severity: moderate Advisory ID: SUSE-RU-2021:3808-1 Released: Fri Nov 26 00:30:54 2021 Summary: Recommended update for systemd Type: recommended Severity: moderate Advisory ID: SUSE-SU-2021:3833-1 Released: Wed Dec 1 16:04:48 2021 Summary: Security update for go1.17 Type: security Severity: moderate Advisory ID: SUSE-RU-2021:3870-1 Released: Thu Dec 2 07:11:50 2021 Summary: Recommended update for libzypp, zypper Type: recommended Severity: moderate Advisory ID: SUSE-RU-2021:3872-1 Released: Thu Dec 2 07:25:55 2021 Summary: Recommended update for cracklib Type: recommended Severity: moderate
References
References : 1186071 1187153 1187273 1188623 1190356 1190440 1190649 1190984
1191286 1191324 1191370 1191609 1191736 1192160 1192161 1192337
1192377 1192378 1192436 CVE-2021-41771 CVE-2021-41772
1192160
This update for rpm-config-SUSE fixes the following issues:
- Add support for the kernel xz-compressed firmware files (bsc#1192160)
This update for gcc7 fixes the following issues:
- Fixed a build issue when built with recent kernel headers.
- Backport the '-fpatchable-function-entry' feature from newer GCC. (jsc#SLE-20049)
- do not handle exceptions in std::thread (jsc#CAR-1182)
1187153,1187273,1188623
This update for gcc11 fixes the following issues:
The additional GNU compiler collection GCC 11 is provided:
To select these compilers install the packages:
- gcc11
- gcc-c++11
- and others with 11 prefix.
to select them for building:
- CC='gcc-11'
- CXX='g++-11'
The compiler baselibraries (libgcc_s1, libstdc++6 and others) are being replaced by the GCC 11 variants.
1186071,1190440,1190984,1192161
This update for systemd fixes the following issues:
- Add timestamp to D-Bus events to improve traceability (jsc#SLE-17798)
- Fix fd_is_mount_point() when both the parent and directory are network file systems (bsc#1190984)
- Support detection for ARM64 Hyper-V guests (bsc#1186071)
- Fix systemd-detect-virt not detecting Amazon EC2 Nitro instance (bsc#1190440)
- Enable support for Portable Services in openSUSE Leap only (jsc#SLE-21694)
- Fix IO scheduler udev rules to address performance issues (jsc#SLE-21032, bsc#1192161)
1190649,1192377,1192378,CVE-2021-41771,CVE-2021-41772
This update for go1.17 fixes the following issues:
Security update go1.17.3 (released 2021-11-04) (bsc#1190649).
- CVE-2021-41771: Fixed invalid dynamic symbol table command that could have caused panic (bsc#1192377).
- CVE-2021-41772: Fixed panic on (*Reader).Open (bsc#1192378).
1190356,1191286,1191324,1191370,1191609,1192337,1192436
This update for libzypp, zypper fixes the following issues:
libzypp:
- Check log writer before accessing it (bsc#1192337)
- Zypper should keep cached files if transaction is aborted (bsc#1190356)
- Require a minimum number of mirrors for multicurl (bsc#1191609)
- Fixed slowdowns when rlimit is too high by using procfs to detect niumber of
open file descriptors (bsc#1191324)
- Fixed zypper incomplete messages when using non English localization (bsc#1191370)
- RepoManager: Don't probe for plaindir repository if the URL schema is a plugin (bsc#1191286)
- Disable logger in the child process after fork (bsc#1192436)
zypper:
- Fixed Zypper removing a kernel explicitely pinned that uses uname -r output format as name (openSUSE/zypper#418)
1191736
This update for cracklib fixes the following issues:
- Enable build time tests (bsc#1191736)
The following package changes have been done:
- cpp7-7.5.0+r278197-4.30.1 updated
- cracklib-dict-small-2.9.7-11.6.1 updated
- cracklib-2.9.7-11.6.1 updated
- gcc7-7.5.0+r278197-4.30.1 updated
- go1.17-1.17.3-1.9.1 updated
- libasan4-7.5.0+r278197-4.30.1 updated
- libatomic1-11.2.1+git610-1.3.9 updated
- libcilkrts5-7.5.0+r278197-4.30.1 updated
- libcrack2-2.9.7-11.6.1 updated
- libgcc_s1-11.2.1+git610-1.3.9 updated
- libgomp1-11.2.1+git610-1.3.9 updated
- libitm1-11.2.1+git610-1.3.9 updated
- liblsan0-11.2.1+git610-1.3.9 updated
- libstdc++6-11.2.1+git610-1.3.9 updated
- libsystemd0-246.16-7.21.1 updated
- libtsan0-11.2.1+git610-1.3.9 updated
- libubsan0-7.5.0+r278197-4.30.1 updated
- libudev1-246.16-7.21.1 updated
- libzypp-17.28.8-20.1 updated
- rpm-config-SUSE-1-5.6.1 updated
- zypper-1.14.50-21.1 updated
- container:sles15-image-15.0.0-17.8.39 updated