SUSE: 2022:2125-1 suse/manager/4.3/proxy-ssh Security Update | Linu...

Advisories

SUSE Container Update Advisory: suse/manager/4.3/proxy-ssh
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2022:2125-1
Container Tags        : suse/manager/4.3/proxy-ssh:4.3.1 , suse/manager/4.3/proxy-ssh:4.3.1.9.6.1 , suse/manager/4.3/proxy-ssh:latest
Container Release     : 9.6.1
Severity              : important
Type                  : security
References            : 1040589 1073299 1093392 1104700 1112310 1113554 1120402 1130557
                        1137373 1140016 1150451 1169582 1172055 1177460 1177460 1177460
                        1177460 1177460 1177460 1178346 1178350 1178353 1181658 1185637
                        1188127 1192951 1193282 1193659 1194708 1195059 1195157 1195283
                        1196025 1196026 1196168 1196169 1196171 1196490 1196784 1196861
                        1197065 1197178 1197570 1197718 1197771 1197794 1198176 1198341
                        1198446 1198511 1198627 1198720 1198731 1198732 1198751 1199132
                        1199140 1199166 1199232 1199240 1200170 1200334 1200550 1200734
                        1200735 1200736 1200737 1200747 1200855 1200855 1201099 1201276
                        1201385 1201560 1201640 1201795 1202175 1202310 1202593 CVE-2015-20107
                        CVE-2022-1292 CVE-2022-1304 CVE-2022-1586 CVE-2022-2068 CVE-2022-2097
                        CVE-2022-23308 CVE-2022-25235 CVE-2022-25236 CVE-2022-25313 CVE-2022-25314
                        CVE-2022-25315 CVE-2022-29155 CVE-2022-29458 CVE-2022-29824 CVE-2022-32205
                        CVE-2022-32206 CVE-2022-32207 CVE-2022-32208 CVE-2022-35252 CVE-2022-37434
-----------------------------------------------------------------

The container suse/manager/4.3/proxy-ssh was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:1332-1
Released:    Tue Jul 17 09:01:19 2018
Summary:     Recommended update for timezone
Type:        recommended
Severity:    moderate
References:  1073299,1093392
This update for timezone provides the following fixes:

- North Korea switches back from +0830 to +09 on 2018-05-05.
- Ireland's standard time is in the summer, with negative DST offset to standard time used
  in Winter. (bsc#1073299)
- yast2-country is no longer setting TIMEZONE in /etc/sysconfig/clock and is calling systemd
  timedatectl instead. Do not set /etc/localtime on timezone package updates to avoid
  setting an incorrect timezone. (bsc#1093392)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2463-1
Released:    Thu Oct 25 14:48:34 2018
Summary:     Recommended update for timezone, timezone-java
Type:        recommended
Severity:    moderate
References:  1104700,1112310

  
This update for timezone, timezone-java fixes the following issues:

The timezone database was updated to 2018f:

- Volgograd moves from +03 to +04 on 2018-10-28.
- Fiji ends DST 2019-01-13, not 2019-01-20.
- Most of Chile changes DST dates, effective 2019-04-06 (bsc#1104700)
- Corrections to past timestamps of DST transitions
- Use 'PST' and 'PDT' for Philippine time
- minor code changes to zic handling of the TZif format
- documentation updates

Other bugfixes:

- Fixed a zic problem with the 1948-1951 DST transition in Japan (bsc#1112310)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2018:2550-1
Released:    Wed Oct 31 16:16:56 2018
Summary:     Recommended update for timezone, timezone-java
Type:        recommended
Severity:    moderate
References:  1113554
This update provides the latest time zone definitions (2018g), including the following change:

- Morocco switched from +00/+01 to permanent +01 effective 2018-10-28 (bsc#1113554)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:102-1
Released:    Tue Jan 15 18:02:58 2019
Summary:     Recommended update for timezone
Type:        recommended
Severity:    moderate
References:  1120402
This update for timezone fixes the following issues:

- Update 2018i:
  S?o Tom? and Pr?ncipe switches from +01 to +00 on 2019-01-01. (bsc#1120402)
- Update 2018h:
  Qyzylorda, Kazakhstan moved from +06 to +05 on 2018-12-21
  New zone Asia/Qostanay because Qostanay, Kazakhstan didn't move
  Metlakatla, Alaska observes PST this winter only
  Guess Morocco will continue to adjust clocks around Ramadan
  Add predictions for Iran from 2038 through 2090
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:790-1
Released:    Thu Mar 28 12:06:17 2019
Summary:     Recommended update for timezone
Type:        recommended
Severity:    moderate
References:  1130557
This update for timezone fixes the following issues:

timezone was updated 2019a:

* Palestine 'springs forward' on 2019-03-30 instead of 2019-03-23
* Metlakatla 'fell back' to rejoin Alaska Time on 2019-01-20 at 02:00
* Israel observed DST in 1980 (08-02/09-13) and 1984 (05-05/08-25)
* zic now has an -r option to limit the time range of output data


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:1815-1
Released:    Thu Jul 11 07:47:55 2019
Summary:     Recommended update for timezone
Type:        recommended
Severity:    moderate
References:  1140016
This update for timezone fixes the following issues:

- Timezone update 2019b. (bsc#1140016):
  - Brazil no longer observes DST.
  - 'zic -b slim' outputs smaller TZif files.
  - Palestine's 2019 spring-forward transition was on 03-29, not 03-30.
  - Add info about the Crimea situation.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2019:2762-1
Released:    Thu Oct 24 07:08:44 2019
Summary:     Recommended update for timezone
Type:        recommended
Severity:    moderate
References:  1150451
This update for timezone fixes the following issues:

- Fiji observes DST from 2019-11-10 to 2020-01-12.
- Norfolk Island starts observing Australian-style DST.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1303-1
Released:    Mon May 18 09:40:36 2020
Summary:     Recommended update for timezone
Type:        recommended
Severity:    moderate
References:  1169582
This update for timezone fixes the following issues:

- timezone update 2020a. (bsc#1169582)
  * Morocco springs forward on 2020-05-31, not 2020-05-24.
  * Canada's Yukon advanced to -07 year-round on 2020-03-08.
  * America/Nuuk renamed from America/Godthab.
  * zic now supports expiration dates for leap second lists.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:1542-1
Released:    Thu Jun  4 13:24:37 2020
Summary:     Recommended update for timezone
Type:        recommended
Severity:    moderate
References:  1172055
This update for timezone fixes the following issue:

- zdump --version reported 'unknown' (bsc#1172055)
 
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3099-1
Released:    Thu Oct 29 19:33:41 2020
Summary:     Recommended update for timezone
Type:        recommended
Severity:    moderate
References:  1177460
This update for timezone fixes the following issues:

- timezone update 2020b (bsc#1177460)
  * Revised predictions for Morocco's changes starting in 2023.
  * Canada's Yukon changes to -07 on 2020-11-01, not 2020-03-08.
  * Macquarie Island has stayed in sync with Tasmania since 2011.
  * Casey, Antarctica is at +08 in winter and +11 in summer.
  * zic no longer supports -y, nor the TYPE field of Rules.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3123-1
Released:    Tue Nov  3 09:48:13 2020
Summary:     Recommended update for timezone
Type:        recommended
Severity:    important
References:  1177460,1178346,1178350,1178353
This update for timezone fixes the following issues:

- Generate 'fat' timezone files (was default before 2020b). (bsc#1178346, bsc#1178350, bsc#1178353)
- Palestine ends DST earlier than predicted, on 2020-10-24. (bsc#1177460)
- Fiji starts DST later than usual, on 2020-12-20. (bsc#1177460)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:179-1
Released:    Wed Jan 20 13:38:51 2021
Summary:     Recommended update for timezone
Type:        recommended
Severity:    moderate
References:  1177460
This update for timezone fixes the following issues:

- timezone update 2020f (bsc#1177460)
  * 'make rearguard_tarballs' no longer generates a bad rearguard.zi,
    fixing a 2020e bug.

- timezone update 2020e (bsc#1177460)
  * Volgograd switches to Moscow time on 2020-12-27 at 02:00.

- timezone update 2020f (bsc#1177460)
  * 'make rearguard_tarballs' no longer generates a bad rearguard.zi,
    fixing a 2020e bug.

- timezone update 2020e (bsc#1177460)
  * Volgograd switches to Moscow time on 2020-12-27 at 02:00.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:301-1
Released:    Thu Feb  4 08:46:27 2021
Summary:     Recommended update for timezone
Type:        recommended
Severity:    moderate
References:  1177460
This update for timezone fixes the following issues:

- timezone update 2021a (bsc#1177460)
  * South Sudan changes from +03 to +02 on 2021-02-01 at 00:00.

- timezone update 2021a (bsc#1177460)
  * South Sudan changes from +03 to +02 on 2021-02-01 at 00:00.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2573-1
Released:    Thu Jul 29 14:21:52 2021
Summary:     Recommended update for timezone
Type:        recommended
Severity:    moderate
References:  1188127
This update for timezone fixes the following issue:
- From systemd v249: when enumerating time zones the timedatectl tool will now consult the 'tzdata.zi' file shipped by
the IANA time zone database package, in addition to 'zone1970.tab', as before. This makes sure time zone aliases are
now correctly supported. This update adds the 'tzdata.zi' file (bsc#1188127).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3883-1
Released:    Thu Dec  2 11:47:07 2021
Summary:     Recommended update for timezone
Type:        recommended
Severity:    moderate
References:  1177460
This update for timezone fixes the following issues:

Update timezone to 2021e (bsc#1177460)

- Palestine will fall back 10-29 (not 10-30) at 01:00
- Fiji suspends DST for the 2021/2022 season
- 'zic -r' marks unspecified timestamps with '-00'
- Fix a bug in 'zic -b fat' that caused old timestamps to be mishandled in 32-bit-only readers
- Refresh timezone info for china

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1118-1
Released:    Tue Apr  5 18:34:06 2022
Summary:     Recommended update for timezone
Type:        recommended
Severity:    moderate
References:  1177460
This update for timezone fixes the following issues:

- timezone update 2022a (bsc#1177460):
  * Palestine will spring forward on 2022-03-27, not on 03-26
  * `zdump -v` now outputs better failure indications
  * Bug fixes for code that reads corrupted TZif data

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1655-1
Released:    Fri May 13 15:36:10 2022
Summary:     Recommended update for pam
Type:        recommended
Severity:    moderate
References:  1197794
This update for pam fixes the following issue:

- Do not include obsolete header files (bsc#1197794)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1658-1
Released:    Fri May 13 15:40:20 2022
Summary:     Recommended update for libpsl
Type:        recommended
Severity:    important
References:  1197771
This update for libpsl fixes the following issues:

- Fix libpsl compilation issues (bsc#1197771)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1670-1
Released:    Mon May 16 10:06:30 2022
Summary:     Security update for openldap2
Type:        security
Severity:    important
References:  1199240,CVE-2022-29155
This update for openldap2 fixes the following issues:

- CVE-2022-29155: Fixed SQL injection in back-sql (bsc#1199240).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:1718-1
Released:    Tue May 17 17:44:43 2022
Summary:     Security update for e2fsprogs
Type:        security
Severity:    important
References:  1198446,CVE-2022-1304
This update for e2fsprogs fixes the following issues:

- CVE-2022-1304: Fixed out-of-bounds read/write leading to segmentation fault
  and possibly arbitrary code execution. (bsc#1198446)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1887-1
Released:    Tue May 31 09:24:18 2022
Summary:     Recommended update for grep
Type:        recommended
Severity:    moderate
References:  1040589
This update for grep fixes the following issues:

- Make profiling deterministic. (bsc#1040589, SLE-24115)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1899-1
Released:    Wed Jun  1 10:43:22 2022
Summary:     Recommended update for libtirpc
Type:        recommended
Severity:    important
References:  1198176
This update for libtirpc fixes the following issues:

- Add a check for nullpointer in check_address to prevent client from crashing (bsc#1198176)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:1909-1
Released:    Wed Jun  1 16:25:35 2022
Summary:     Recommended update for glibc
Type:        recommended
Severity:    moderate
References:  1198751
This update for glibc fixes the following issues:

- Add the correct name for the IBM Z16 (bsc#1198751).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2019-1
Released:    Wed Jun  8 16:50:07 2022
Summary:     Recommended update for gcc11
Type:        recommended
Severity:    moderate
References:  1192951,1193659,1195283,1196861,1197065
This update for gcc11 fixes the following issues:

Update to the GCC 11.3.0 release.

* includes SLS hardening backport on x86_64.  [bsc#1195283]
* includes change to adjust gnats idea of the target, fixing the build of gprbuild.  [bsc#1196861]
* fixed miscompile of embedded premake in 0ad on i586.  [bsc#1197065]
* use --with-cpu rather than specifying --with-arch/--with-tune 
* Fix D memory corruption in -M output.
* Fix ICE in is_this_parameter with coroutines.  [bsc#1193659]
* fixes issue with debug dumping together with -o /dev/null
* fixes libgccjit issue showing up in emacs build  [bsc#1192951]
* Package mwaitintrin.h

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2294-1
Released:    Wed Jul  6 13:34:15 2022
Summary:     Security update for expat
Type:        security
Severity:    important
References:  1196025,1196026,1196168,1196169,1196171,1196784,CVE-2022-25235,CVE-2022-25236,CVE-2022-25313,CVE-2022-25314,CVE-2022-25315
This update for expat fixes the following issues:

- CVE-2022-25236: Fixed possible namespace-separator characters insertion into namespace URIs (bsc#1196025).
- Fixed a regression caused by the patch for CVE-2022-25236 (bsc#1196784).
- CVE-2022-25235: Fixed UTF-8 character validation in a certain context (bsc#1196026).
- CVE-2022-25313: Fixed stack exhaustion in build_model() via uncontrolled recursion (bsc#1196168).
- CVE-2022-25314: Fixed integer overflow in copyString (bsc#1196169).
- CVE-2022-25315: Fixed integer overflow in storeRawNames (bsc#1196171).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2305-1
Released:    Wed Jul  6 13:38:42 2022
Summary:     Security update for curl
Type:        security
Severity:    important
References:  1200734,1200735,1200736,1200737,CVE-2022-32205,CVE-2022-32206,CVE-2022-32207,CVE-2022-32208
This update for curl fixes the following issues:

- CVE-2022-32205: Set-Cookie denial of service (bsc#1200734)
- CVE-2022-32206: HTTP compression denial of service (bsc#1200735)
- CVE-2022-32207: Unpreserved file permissions (bsc#1200736)
- CVE-2022-32208: FTP-KRB bad message verification (bsc#1200737)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2308-1
Released:    Wed Jul  6 14:15:13 2022
Summary:     Security update for openssl-1_1
Type:        security
Severity:    important
References:  1185637,1199166,1200550,1201099,CVE-2022-1292,CVE-2022-2068,CVE-2022-2097
This update for openssl-1_1 fixes the following issues:

- CVE-2022-1292: Fixed command injection in c_rehash (bsc#1199166).
- CVE-2022-2068: Fixed more shell code injection issues in c_rehash. (bsc#1200550)
- CVE-2022-2097: Fixed partial missing encryption in AES OCB mode (bsc#1201099).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2357-1
Released:    Mon Jul 11 20:34:20 2022
Summary:     Security update for python3
Type:        security
Severity:    important
References:  1198511,CVE-2015-20107
This update for python3 fixes the following issues:

- CVE-2015-20107: avoid command injection in the mailcap module (bsc#1198511).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2361-1
Released:    Tue Jul 12 12:05:01 2022
Summary:     Security update for pcre
Type:        security
Severity:    important
References:  1199232,CVE-2022-1586
This update for pcre fixes the following issues:

- CVE-2022-1586: Fixed unicode property matching issue. (bsc#1199232)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2406-1
Released:    Fri Jul 15 11:49:01 2022
Summary:     Recommended update for glibc
Type:        recommended
Severity:    moderate
References:  1197718,1199140,1200334,1200855
This update for glibc fixes the following issues:

- powerpc: Fix VSX register number on __strncpy_power9 (bsc#1200334)
- Disable warnings due to deprecated libselinux symbols used by nss and nscd (bsc#1197718)
- i386: Remove broken CAN_USE_REGISTER_ASM_EBP (bsc#1197718)
- rtld: Avoid using up static TLS surplus for optimizations (bsc#1200855, BZ #25051)

This readds the s390 32bit glibc and libcrypt1 libraries (glibc-32bit, glibc-locale-base-32bit, libcrypt1-32bit).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2469-1
Released:    Thu Jul 21 04:38:31 2022
Summary:     Recommended update for systemd
Type:        recommended
Severity:    important
References:  1137373,1181658,1194708,1195157,1197570,1198732,1200170,1201276
This update for systemd fixes the following issues:

- Make {/etc,/usr/lib}/systemd/network owned by both udev and systemd-network. The configuration files put in these
  directories are read by both udevd and systemd-networkd (bsc#1201276)
- Allow control characters in environment variable values (bsc#1200170)
- Fix issues with multipath setup (bsc#1137373, bsc#1181658, bsc#1194708, bsc#1195157, bsc#1197570)
- Fix parsing error in s390 udev rules conversion script (bsc#1198732)
- core/device: device_coldplug(): don't set DEVICE_DEAD
- core/device: do not downgrade device state if it is already enumerated
- core/device: drop unnecessary condition

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2493-1
Released:    Thu Jul 21 14:35:08 2022
Summary:     Recommended update for rpm-config-SUSE
Type:        recommended
Severity:    moderate
References:  1193282
This update for rpm-config-SUSE fixes the following issues:

- Add SBAT values macros for other packages (bsc#1193282)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2494-1
Released:    Thu Jul 21 15:16:42 2022
Summary:     Recommended update for glibc
Type:        recommended
Severity:    important
References:  1200855,1201560,1201640
This update for glibc fixes the following issues:

- Remove tunables from static tls surplus patch which caused crashes (bsc#1200855)
- i386: Disable check_consistency for GCC 5 and above (bsc#1201640, BZ #25788)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2552-1
Released:    Tue Jul 26 14:55:40 2022
Summary:     Security update for libxml2
Type:        security
Severity:    important
References:  1196490,1199132,CVE-2022-23308,CVE-2022-29824
This update for libxml2 fixes the following issues:

Update to 2.9.14:

- CVE-2022-29824: Fixed integer overflow that could have led to an out-of-bounds write in buf.c (xmlBuf*) and tree.c (xmlBuffer*) (bsc#1199132).

Update to version 2.9.13:

- CVE-2022-23308: Fixed a use-after-free of ID and IDREF attributes. (bsc#1196490)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2632-1
Released:    Wed Aug  3 09:51:00 2022
Summary:     Security update for permissions
Type:        security
Severity:    important
References:  1198720,1200747,1201385
This update for permissions fixes the following issues:

* apptainer: fix starter-suid location (bsc#1198720)
* static permissions: remove deprecated bind / named chroot entries (bsc#1200747)
* postfix: add postlog setgid for maildrop binary (bsc#1201385)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2717-1
Released:    Tue Aug  9 12:54:16 2022
Summary:     Security update for ncurses
Type:        security
Severity:    moderate
References:  1198627,CVE-2022-29458
This update for ncurses fixes the following issues:

- CVE-2022-29458: Fixed segfaulting out-of-bounds read in convert_strings in tinfo/read_entry.c (bsc#1198627).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2901-1
Released:    Fri Aug 26 03:34:23 2022
Summary:     Recommended update for elfutils
Type:        recommended
Severity:    moderate
References:  
This update for elfutils fixes the following issues:

- Fix runtime dependency for devel package

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2904-1
Released:    Fri Aug 26 05:28:34 2022
Summary:     Recommended update for openldap2
Type:        recommended
Severity:    moderate
References:  1198341
This update for openldap2 fixes the following issues:

- Prevent memory reuse which may lead to instability (bsc#1198341)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2920-1
Released:    Fri Aug 26 15:17:02 2022
Summary:     Recommended update for systemd
Type:        recommended
Severity:    important
References:  1195059,1201795
This update for systemd fixes the following issues:

- Don't replace /etc/systemd/system/tmp.mount symlink with a dangling one pointing to /usr/lib/systemd/ (bsc#1201795)
- Drop or soften some of the deprecation warnings (jsc#PED-944)
- Ensure root user can login even if systemd-user-sessions.service is not activated yet (bsc#1195059)
- Avoid applying presets to any services shipped by the experimental sub-package, as they aren't enabled by default
- analyze: Fix offline check for syscal filter
- calendarspec: Fix timer skipping the next elapse
- core: Allow command argument to be longer
- hwdb: Add AV production controllers to hwdb and add uaccess
- hwdb: Allow console users access to rfkill
- hwdb: Allow end-users root-less access to TL866 EPROM readers
- hwdb: Permit unsetting power/persist for USB devices
- hwdb: Tag IR cameras as such
- hwdb: Fix parsing issue
- hwdb: Make usb match patterns uppercase
- hwdb: Update the hardware database
- journal-file: Stop using the event loop if it's already shutting down
- journal-remote: Disable `--trust` option when gnutls is disabled and check_permission() should not be called
- journald: Ensure resources are properly allocated for SIGTERM handling
- kernel-install: Ensure modules.builtin.alias.bin is removed when no longer needed
- macro: Account for negative values in DECIMAL_STR_WIDTH()
- manager: Disallow clone3() function call in seccomp filters 
- missing-syscall: Define MOVE_MOUNT_T_EMPTY_PATH if missing
- pid1,cgroup-show: Prevent failure if cgroup.procs in some subcgroups is not readable
- resolve: Fix typo in dns_class_is_pseudo()
- sd-event: Improve handling of process events and termination of processes
- sd-ipv4acd: Fix ARP packet conflicts occurring when sender hardware is one of the host's interfaces
- stdio-bridge: Improve the meaning of the error message  
- tmpfiles: Check for the correct directory

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2929-1
Released:    Mon Aug 29 11:21:47 2022
Summary:     Recommended update for timezone
Type:        recommended
Severity:    important
References:  1202310
This update for timezone fixes the following issue:

- Reflect new Chile DST change (bsc#1202310)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:2947-1
Released:    Wed Aug 31 09:16:21 2022
Summary:     Security update for zlib
Type:        security
Severity:    important
References:  1202175,CVE-2022-37434
This update for zlib fixes the following issues:

- CVE-2022-37434: Fixed heap-based buffer over-read or buffer overflow via large gzip header extra field (bsc#1202175).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2977-1
Released:    Thu Sep  1 12:30:19 2022
Summary:     Recommended update for util-linux
Type:        recommended
Severity:    moderate
References:  1197178,1198731
This update for util-linux fixes the following issues:

- agetty: Resolve tty name even if stdin is specified (bsc#1197178)
- libmount: When moving a mount point, update all sub mount entries in utab (bsc#1198731)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3003-1
Released:    Fri Sep  2 15:01:44 2022
Summary:     Security update for curl
Type:        security
Severity:    low
References:  1202593,CVE-2022-35252
This update for curl fixes the following issues:

- CVE-2022-35252: Fixed a potential injection of control characters
  into cookies, which could be exploited by sister sites to cause a
  denial of service (bsc#1202593).


The following package changes have been done:

- libldap-data-2.4.46-150200.14.11.2 updated
- libtirpc-netconfig-1.2.6-150300.3.6.1 updated
- glibc-2.31-150300.37.1 updated
- libcrypt1-4.4.15-150300.4.4.3 updated
- libuuid1-2.37.2-150400.8.3.1 updated
- libudev1-249.12-150400.8.10.1 updated
- libsmartcols1-2.37.2-150400.8.3.1 updated
- libcom_err2-1.46.4-150400.3.3.1 updated
- libblkid1-2.37.2-150400.8.3.1 updated
- libfdisk1-2.37.2-150400.8.3.1 updated
- libz1-1.2.11-150000.3.33.1 updated
- libpcre1-8.45-150000.20.13.1 updated
- libgcc_s1-11.3.0+git1637-150000.1.9.1 updated
- libstdc++6-11.3.0+git1637-150000.1.9.1 updated
- libpsl5-0.20.1-150000.3.3.1 updated
- libncurses6-6.1-150000.5.12.1 updated
- terminfo-base-6.1-150000.5.12.1 updated
- ncurses-utils-6.1-150000.5.12.1 updated
- libopenssl1_1-1.1.1l-150400.7.7.1 updated
- libopenssl1_1-hmac-1.1.1l-150400.7.7.1 updated
- libelf1-0.185-150400.5.3.1 updated
- libxml2-2-2.9.14-150400.5.7.1 updated
- libsystemd0-249.12-150400.8.10.1 updated
- libmount1-2.37.2-150400.8.3.1 updated
- libdw1-0.185-150400.5.3.1 updated
- libldap-2_4-2-2.4.46-150200.14.11.2 updated
- sles-release-15.4-150400.55.1 updated
- grep-3.1-150000.4.6.1 updated
- libtirpc3-1.2.6-150300.3.6.1 updated
- libcurl4-7.79.1-150400.5.6.1 updated
- rpm-config-SUSE-1-150400.14.3.1 updated
- permissions-20201225-150400.5.8.1 updated
- pam-1.3.0-150000.6.58.3 updated
- util-linux-2.37.2-150400.8.3.1 updated
- timezone-2022a-150000.75.10.1 added
- libexpat1-2.4.4-150400.3.6.9 updated
- libpython3_6m1_0-3.6.15-150300.10.27.1 updated
- python3-base-3.6.15-150300.10.27.1 updated
- python3-3.6.15-150300.10.27.1 updated

SUSE: 2022:2125-1 suse/manager/4.3/proxy-ssh Security Update

September 8, 2022
The container suse/manager/4.3/proxy-ssh was updated

Summary

Advisory ID: SUSE-RU-2018:1332-1 Released: Tue Jul 17 09:01:19 2018 Summary: Recommended update for timezone Type: recommended Severity: moderate Advisory ID: SUSE-RU-2018:2463-1 Released: Thu Oct 25 14:48:34 2018 Summary: Recommended update for timezone, timezone-java Type: recommended Severity: moderate Advisory ID: SUSE-RU-2018:2550-1 Released: Wed Oct 31 16:16:56 2018 Summary: Recommended update for timezone, timezone-java Type: recommended Severity: moderate Advisory ID: SUSE-RU-2019:102-1 Released: Tue Jan 15 18:02:58 2019 Summary: Recommended update for timezone Type: recommended Severity: moderate Advisory ID: SUSE-RU-2019:790-1 Released: Thu Mar 28 12:06:17 2019 Summary: Recommended update for timezone Type: recommended Severity: moderate Advisory ID: SUSE-RU-2019:1815-1 Released: Thu Jul 11 07:47:55 2019 Summary: Recommended update for timezone Type: recommended Severity: moderate Advisory ID: SUSE-RU-2019:2762-1 Released: Thu Oct 24 07:08:44 2019 Summary: Recommended update for timezone Type: recommended Severity: moderate Advisory ID: SUSE-RU-2020:1303-1 Released: Mon May 18 09:40:36 2020 Summary: Recommended update for timezone Type: recommended Severity: moderate Advisory ID: SUSE-RU-2020:1542-1 Released: Thu Jun 4 13:24:37 2020 Summary: Recommended update for timezone Type: recommended Severity: moderate Advisory ID: SUSE-RU-2020:3099-1 Released: Thu Oct 29 19:33:41 2020 Summary: Recommended update for timezone Type: recommended Severity: moderate Advisory ID: SUSE-RU-2020:3123-1 Released: Tue Nov 3 09:48:13 2020 Summary: Recommended update for timezone Type: recommended Severity: important Advisory ID: SUSE-RU-2021:179-1 Released: Wed Jan 20 13:38:51 2021 Summary: Recommended update for timezone Type: recommended Severity: moderate Advisory ID: SUSE-RU-2021:301-1 Released: Thu Feb 4 08:46:27 2021 Summary: Recommended update for timezone Type: recommended Severity: moderate Advisory ID: SUSE-RU-2021:2573-1 Released: Thu Jul 29 14:21:52 2021 Summary: Recommended update for timezone Type: recommended Severity: moderate Advisory ID: SUSE-RU-2021:3883-1 Released: Thu Dec 2 11:47:07 2021 Summary: Recommended update for timezone Type: recommended Severity: moderate Advisory ID: SUSE-RU-2022:1118-1 Released: Tue Apr 5 18:34:06 2022 Summary: Recommended update for timezone Type: recommended Severity: moderate Advisory ID: SUSE-RU-2022:1655-1 Released: Fri May 13 15:36:10 2022 Summary: Recommended update for pam Type: recommended Severity: moderate Advisory ID: SUSE-RU-2022:1658-1 Released: Fri May 13 15:40:20 2022 Summary: Recommended update for libpsl Type: recommended Severity: important Advisory ID: SUSE-SU-2022:1670-1 Released: Mon May 16 10:06:30 2022 Summary: Security update for openldap2 Type: security Severity: important Advisory ID: SUSE-SU-2022:1718-1 Released: Tue May 17 17:44:43 2022 Summary: Security update for e2fsprogs Type: security Severity: important Advisory ID: SUSE-RU-2022:1887-1 Released: Tue May 31 09:24:18 2022 Summary: Recommended update for grep Type: recommended Severity: moderate Advisory ID: SUSE-RU-2022:1899-1 Released: Wed Jun 1 10:43:22 2022 Summary: Recommended update for libtirpc Type: recommended Severity: important Advisory ID: SUSE-RU-2022:1909-1 Released: Wed Jun 1 16:25:35 2022 Summary: Recommended update for glibc Type: recommended Severity: moderate Advisory ID: SUSE-RU-2022:2019-1 Released: Wed Jun 8 16:50:07 2022 Summary: Recommended update for gcc11 Type: recommended Severity: moderate Advisory ID: SUSE-SU-2022:2294-1 Released: Wed Jul 6 13:34:15 2022 Summary: Security update for expat Type: security Severity: important Advisory ID: SUSE-SU-2022:2305-1 Released: Wed Jul 6 13:38:42 2022 Summary: Security update for curl Type: security Severity: important Advisory ID: SUSE-SU-2022:2308-1 Released: Wed Jul 6 14:15:13 2022 Summary: Security update for openssl-1_1 Type: security Severity: important Advisory ID: SUSE-SU-2022:2357-1 Released: Mon Jul 11 20:34:20 2022 Summary: Security update for python3 Type: security Severity: important Advisory ID: SUSE-SU-2022:2361-1 Released: Tue Jul 12 12:05:01 2022 Summary: Security update for pcre Type: security Severity: important Advisory ID: SUSE-RU-2022:2406-1 Released: Fri Jul 15 11:49:01 2022 Summary: Recommended update for glibc Type: recommended Severity: moderate Advisory ID: SUSE-RU-2022:2469-1 Released: Thu Jul 21 04:38:31 2022 Summary: Recommended update for systemd Type: recommended Severity: important Advisory ID: SUSE-RU-2022:2493-1 Released: Thu Jul 21 14:35:08 2022 Summary: Recommended update for rpm-config-SUSE Type: recommended Severity: moderate Advisory ID: SUSE-RU-2022:2494-1 Released: Thu Jul 21 15:16:42 2022 Summary: Recommended update for glibc Type: recommended Severity: important Advisory ID: SUSE-SU-2022:2552-1 Released: Tue Jul 26 14:55:40 2022 Summary: Security update for libxml2 Type: security Severity: important Advisory ID: SUSE-SU-2022:2632-1 Released: Wed Aug 3 09:51:00 2022 Summary: Security update for permissions Type: security Severity: important Advisory ID: SUSE-SU-2022:2717-1 Released: Tue Aug 9 12:54:16 2022 Summary: Security update for ncurses Type: security Severity: moderate Advisory ID: SUSE-RU-2022:2901-1 Released: Fri Aug 26 03:34:23 2022 Summary: Recommended update for elfutils Type: recommended Severity: moderate Advisory ID: SUSE-RU-2022:2904-1 Released: Fri Aug 26 05:28:34 2022 Summary: Recommended update for openldap2 Type: recommended Severity: moderate Advisory ID: SUSE-RU-2022:2920-1 Released: Fri Aug 26 15:17:02 2022 Summary: Recommended update for systemd Type: recommended Severity: important Advisory ID: SUSE-RU-2022:2929-1 Released: Mon Aug 29 11:21:47 2022 Summary: Recommended update for timezone Type: recommended Severity: important Advisory ID: SUSE-SU-2022:2947-1 Released: Wed Aug 31 09:16:21 2022 Summary: Security update for zlib Type: security Severity: important Advisory ID: SUSE-RU-2022:2977-1 Released: Thu Sep 1 12:30:19 2022 Summary: Recommended update for util-linux Type: recommended Severity: moderate Advisory ID: SUSE-SU-2022:3003-1 Released: Fri Sep 2 15:01:44 2022 Summary: Security update for curl Type: security Severity: low

References

References : 1040589 1073299 1093392 1104700 1112310 1113554 1120402 1130557

1137373 1140016 1150451 1169582 1172055 1177460 1177460 1177460

1177460 1177460 1177460 1178346 1178350 1178353 1181658 1185637

1188127 1192951 1193282 1193659 1194708 1195059 1195157 1195283

1196025 1196026 1196168 1196169 1196171 1196490 1196784 1196861

1197065 1197178 1197570 1197718 1197771 1197794 1198176 1198341

1198446 1198511 1198627 1198720 1198731 1198732 1198751 1199132

1199140 1199166 1199232 1199240 1200170 1200334 1200550 1200734

1200735 1200736 1200737 1200747 1200855 1200855 1201099 1201276

1201385 1201560 1201640 1201795 1202175 1202310 1202593 CVE-2015-20107

CVE-2022-1292 CVE-2022-1304 CVE-2022-1586 CVE-2022-2068 CVE-2022-2097

CVE-2022-23308 CVE-2022-25235 CVE-2022-25236 CVE-2022-25313 CVE-2022-25314

CVE-2022-25315 CVE-2022-29155 CVE-2022-29458 CVE-2022-29824 CVE-2022-32205

CVE-2022-32206 CVE-2022-32207 CVE-2022-32208 CVE-2022-35252 CVE-2022-37434

1073299,1093392

This update for timezone provides the following fixes:

- North Korea switches back from +0830 to +09 on 2018-05-05.

- Ireland's standard time is in the summer, with negative DST offset to standard time used

in Winter. (bsc#1073299)

- yast2-country is no longer setting TIMEZONE in /etc/sysconfig/clock and is calling systemd

timedatectl instead. Do not set /etc/localtime on timezone package updates to avoid

setting an incorrect timezone. (bsc#1093392)

1104700,1112310

This update for timezone, timezone-java fixes the following issues:

The timezone database was updated to 2018f:

- Volgograd moves from +03 to +04 on 2018-10-28.

- Fiji ends DST 2019-01-13, not 2019-01-20.

- Most of Chile changes DST dates, effective 2019-04-06 (bsc#1104700)

- Corrections to past timestamps of DST transitions

- Use 'PST' and 'PDT' for Philippine time

- minor code changes to zic handling of the TZif format

- documentation updates

Other bugfixes:

- Fixed a zic problem with the 1948-1951 DST transition in Japan (bsc#1112310)

1113554

This update provides the latest time zone definitions (2018g), including the following change:

- Morocco switched from +00/+01 to permanent +01 effective 2018-10-28 (bsc#1113554)

1120402

This update for timezone fixes the following issues:

- Update 2018i:

S?o Tom? and Pr?ncipe switches from +01 to +00 on 2019-01-01. (bsc#1120402)

- Update 2018h:

Qyzylorda, Kazakhstan moved from +06 to +05 on 2018-12-21

New zone Asia/Qostanay because Qostanay, Kazakhstan didn't move

Metlakatla, Alaska observes PST this winter only

Guess Morocco will continue to adjust clocks around Ramadan

Add predictions for Iran from 2038 through 2090

1130557

This update for timezone fixes the following issues:

timezone was updated 2019a:

* Palestine 'springs forward' on 2019-03-30 instead of 2019-03-23

* Metlakatla 'fell back' to rejoin Alaska Time on 2019-01-20 at 02:00

* Israel observed DST in 1980 (08-02/09-13) and 1984 (05-05/08-25)

* zic now has an -r option to limit the time range of output data

1140016

This update for timezone fixes the following issues:

- Timezone update 2019b. (bsc#1140016):

- Brazil no longer observes DST.

- 'zic -b slim' outputs smaller TZif files.

- Palestine's 2019 spring-forward transition was on 03-29, not 03-30.

- Add info about the Crimea situation.

1150451

This update for timezone fixes the following issues:

- Fiji observes DST from 2019-11-10 to 2020-01-12.

- Norfolk Island starts observing Australian-style DST.

1169582

This update for timezone fixes the following issues:

- timezone update 2020a. (bsc#1169582)

* Morocco springs forward on 2020-05-31, not 2020-05-24.

* Canada's Yukon advanced to -07 year-round on 2020-03-08.

* America/Nuuk renamed from America/Godthab.

* zic now supports expiration dates for leap second lists.

1172055

This update for timezone fixes the following issue:

- zdump --version reported 'unknown' (bsc#1172055)

1177460

This update for timezone fixes the following issues:

- timezone update 2020b (bsc#1177460)

* Revised predictions for Morocco's changes starting in 2023.

* Canada's Yukon changes to -07 on 2020-11-01, not 2020-03-08.

* Macquarie Island has stayed in sync with Tasmania since 2011.

* Casey, Antarctica is at +08 in winter and +11 in summer.

* zic no longer supports -y, nor the TYPE field of Rules.

1177460,1178346,1178350,1178353

This update for timezone fixes the following issues:

- Generate 'fat' timezone files (was default before 2020b). (bsc#1178346, bsc#1178350, bsc#1178353)

- Palestine ends DST earlier than predicted, on 2020-10-24. (bsc#1177460)

- Fiji starts DST later than usual, on 2020-12-20. (bsc#1177460)

1177460

This update for timezone fixes the following issues:

- timezone update 2020f (bsc#1177460)

* 'make rearguard_tarballs' no longer generates a bad rearguard.zi,

fixing a 2020e bug.

- timezone update 2020e (bsc#1177460)

* Volgograd switches to Moscow time on 2020-12-27 at 02:00.

- timezone update 2020f (bsc#1177460)

* 'make rearguard_tarballs' no longer generates a bad rearguard.zi,

fixing a 2020e bug.

- timezone update 2020e (bsc#1177460)

* Volgograd switches to Moscow time on 2020-12-27 at 02:00.

1177460

This update for timezone fixes the following issues:

- timezone update 2021a (bsc#1177460)

* South Sudan changes from +03 to +02 on 2021-02-01 at 00:00.

- timezone update 2021a (bsc#1177460)

* South Sudan changes from +03 to +02 on 2021-02-01 at 00:00.

1188127

This update for timezone fixes the following issue:

- From systemd v249: when enumerating time zones the timedatectl tool will now consult the 'tzdata.zi' file shipped by

the IANA time zone database package, in addition to 'zone1970.tab', as before. This makes sure time zone aliases are

now correctly supported. This update adds the 'tzdata.zi' file (bsc#1188127).

1177460

This update for timezone fixes the following issues:

Update timezone to 2021e (bsc#1177460)

- Palestine will fall back 10-29 (not 10-30) at 01:00

- Fiji suspends DST for the 2021/2022 season

- 'zic -r' marks unspecified timestamps with '-00'

- Fix a bug in 'zic -b fat' that caused old timestamps to be mishandled in 32-bit-only readers

- Refresh timezone info for china

1177460

This update for timezone fixes the following issues:

- timezone update 2022a (bsc#1177460):

* Palestine will spring forward on 2022-03-27, not on 03-26

* `zdump -v` now outputs better failure indications

* Bug fixes for code that reads corrupted TZif data

1197794

This update for pam fixes the following issue:

- Do not include obsolete header files (bsc#1197794)

1197771

This update for libpsl fixes the following issues:

- Fix libpsl compilation issues (bsc#1197771)

1199240,CVE-2022-29155

This update for openldap2 fixes the following issues:

- CVE-2022-29155: Fixed SQL injection in back-sql (bsc#1199240).

1198446,CVE-2022-1304

This update for e2fsprogs fixes the following issues:

- CVE-2022-1304: Fixed out-of-bounds read/write leading to segmentation fault

and possibly arbitrary code execution. (bsc#1198446)

1040589

This update for grep fixes the following issues:

- Make profiling deterministic. (bsc#1040589, SLE-24115)

1198176

This update for libtirpc fixes the following issues:

- Add a check for nullpointer in check_address to prevent client from crashing (bsc#1198176)

1198751

This update for glibc fixes the following issues:

- Add the correct name for the IBM Z16 (bsc#1198751).

1192951,1193659,1195283,1196861,1197065

This update for gcc11 fixes the following issues:

Update to the GCC 11.3.0 release.

* includes SLS hardening backport on x86_64. [bsc#1195283]

* includes change to adjust gnats idea of the target, fixing the build of gprbuild. [bsc#1196861]

* fixed miscompile of embedded premake in 0ad on i586. [bsc#1197065]

* use --with-cpu rather than specifying --with-arch/--with-tune

* Fix D memory corruption in -M output.

* Fix ICE in is_this_parameter with coroutines. [bsc#1193659]

* fixes issue with debug dumping together with -o /dev/null

* fixes libgccjit issue showing up in emacs build [bsc#1192951]

* Package mwaitintrin.h

1196025,1196026,1196168,1196169,1196171,1196784,CVE-2022-25235,CVE-2022-25236,CVE-2022-25313,CVE-2022-25314,CVE-2022-25315

This update for expat fixes the following issues:

- CVE-2022-25236: Fixed possible namespace-separator characters insertion into namespace URIs (bsc#1196025).

- Fixed a regression caused by the patch for CVE-2022-25236 (bsc#1196784).

- CVE-2022-25235: Fixed UTF-8 character validation in a certain context (bsc#1196026).

- CVE-2022-25313: Fixed stack exhaustion in build_model() via uncontrolled recursion (bsc#1196168).

- CVE-2022-25314: Fixed integer overflow in copyString (bsc#1196169).

- CVE-2022-25315: Fixed integer overflow in storeRawNames (bsc#1196171).

1200734,1200735,1200736,1200737,CVE-2022-32205,CVE-2022-32206,CVE-2022-32207,CVE-2022-32208

This update for curl fixes the following issues:

- CVE-2022-32205: Set-Cookie denial of service (bsc#1200734)

- CVE-2022-32206: HTTP compression denial of service (bsc#1200735)

- CVE-2022-32207: Unpreserved file permissions (bsc#1200736)

- CVE-2022-32208: FTP-KRB bad message verification (bsc#1200737)

1185637,1199166,1200550,1201099,CVE-2022-1292,CVE-2022-2068,CVE-2022-2097

This update for openssl-1_1 fixes the following issues:

- CVE-2022-1292: Fixed command injection in c_rehash (bsc#1199166).

- CVE-2022-2068: Fixed more shell code injection issues in c_rehash. (bsc#1200550)

- CVE-2022-2097: Fixed partial missing encryption in AES OCB mode (bsc#1201099).

1198511,CVE-2015-20107

This update for python3 fixes the following issues:

- CVE-2015-20107: avoid command injection in the mailcap module (bsc#1198511).

1199232,CVE-2022-1586

This update for pcre fixes the following issues:

- CVE-2022-1586: Fixed unicode property matching issue. (bsc#1199232)

1197718,1199140,1200334,1200855

This update for glibc fixes the following issues:

- powerpc: Fix VSX register number on __strncpy_power9 (bsc#1200334)

- Disable warnings due to deprecated libselinux symbols used by nss and nscd (bsc#1197718)

- i386: Remove broken CAN_USE_REGISTER_ASM_EBP (bsc#1197718)

- rtld: Avoid using up static TLS surplus for optimizations (bsc#1200855, BZ #25051)

This readds the s390 32bit glibc and libcrypt1 libraries (glibc-32bit, glibc-locale-base-32bit, libcrypt1-32bit).

1137373,1181658,1194708,1195157,1197570,1198732,1200170,1201276

This update for systemd fixes the following issues:

- Make {/etc,/usr/lib}/systemd/network owned by both udev and systemd-network. The configuration files put in these

directories are read by both udevd and systemd-networkd (bsc#1201276)

- Allow control characters in environment variable values (bsc#1200170)

- Fix issues with multipath setup (bsc#1137373, bsc#1181658, bsc#1194708, bsc#1195157, bsc#1197570)

- Fix parsing error in s390 udev rules conversion script (bsc#1198732)

- core/device: device_coldplug(): don't set DEVICE_DEAD

- core/device: do not downgrade device state if it is already enumerated

- core/device: drop unnecessary condition

1193282

This update for rpm-config-SUSE fixes the following issues:

- Add SBAT values macros for other packages (bsc#1193282)

1200855,1201560,1201640

This update for glibc fixes the following issues:

- Remove tunables from static tls surplus patch which caused crashes (bsc#1200855)

- i386: Disable check_consistency for GCC 5 and above (bsc#1201640, BZ #25788)

1196490,1199132,CVE-2022-23308,CVE-2022-29824

This update for libxml2 fixes the following issues:

Update to 2.9.14:

- CVE-2022-29824: Fixed integer overflow that could have led to an out-of-bounds write in buf.c (xmlBuf*) and tree.c (xmlBuffer*) (bsc#1199132).

Update to version 2.9.13:

- CVE-2022-23308: Fixed a use-after-free of ID and IDREF attributes. (bsc#1196490)

1198720,1200747,1201385

This update for permissions fixes the following issues:

* apptainer: fix starter-suid location (bsc#1198720)

* static permissions: remove deprecated bind / named chroot entries (bsc#1200747)

* postfix: add postlog setgid for maildrop binary (bsc#1201385)

1198627,CVE-2022-29458

This update for ncurses fixes the following issues:

- CVE-2022-29458: Fixed segfaulting out-of-bounds read in convert_strings in tinfo/read_entry.c (bsc#1198627).

This update for elfutils fixes the following issues:

- Fix runtime dependency for devel package

1198341

This update for openldap2 fixes the following issues:

- Prevent memory reuse which may lead to instability (bsc#1198341)

1195059,1201795

This update for systemd fixes the following issues:

- Don't replace /etc/systemd/system/tmp.mount symlink with a dangling one pointing to /usr/lib/systemd/ (bsc#1201795)

- Drop or soften some of the deprecation warnings (jsc#PED-944)

- Ensure root user can login even if systemd-user-sessions.service is not activated yet (bsc#1195059)

- Avoid applying presets to any services shipped by the experimental sub-package, as they aren't enabled by default

- analyze: Fix offline check for syscal filter

- calendarspec: Fix timer skipping the next elapse

- core: Allow command argument to be longer

- hwdb: Add AV production controllers to hwdb and add uaccess

- hwdb: Allow console users access to rfkill

- hwdb: Allow end-users root-less access to TL866 EPROM readers

- hwdb: Permit unsetting power/persist for USB devices

- hwdb: Tag IR cameras as such

- hwdb: Fix parsing issue

- hwdb: Make usb match patterns uppercase

- hwdb: Update the hardware database

- journal-file: Stop using the event loop if it's already shutting down

- journal-remote: Disable `--trust` option when gnutls is disabled and check_permission() should not be called

- journald: Ensure resources are properly allocated for SIGTERM handling

- kernel-install: Ensure modules.builtin.alias.bin is removed when no longer needed

- macro: Account for negative values in DECIMAL_STR_WIDTH()

- manager: Disallow clone3() function call in seccomp filters

- missing-syscall: Define MOVE_MOUNT_T_EMPTY_PATH if missing

- pid1,cgroup-show: Prevent failure if cgroup.procs in some subcgroups is not readable

- resolve: Fix typo in dns_class_is_pseudo()

- sd-event: Improve handling of process events and termination of processes

- sd-ipv4acd: Fix ARP packet conflicts occurring when sender hardware is one of the host's interfaces

- stdio-bridge: Improve the meaning of the error message

- tmpfiles: Check for the correct directory

1202310

This update for timezone fixes the following issue:

- Reflect new Chile DST change (bsc#1202310)

1202175,CVE-2022-37434

This update for zlib fixes the following issues:

- CVE-2022-37434: Fixed heap-based buffer over-read or buffer overflow via large gzip header extra field (bsc#1202175).

1197178,1198731

This update for util-linux fixes the following issues:

- agetty: Resolve tty name even if stdin is specified (bsc#1197178)

- libmount: When moving a mount point, update all sub mount entries in utab (bsc#1198731)

1202593,CVE-2022-35252

This update for curl fixes the following issues:

- CVE-2022-35252: Fixed a potential injection of control characters

into cookies, which could be exploited by sister sites to cause a

denial of service (bsc#1202593).

The following package changes have been done:

- libldap-data-2.4.46-150200.14.11.2 updated

- libtirpc-netconfig-1.2.6-150300.3.6.1 updated

- glibc-2.31-150300.37.1 updated

- libcrypt1-4.4.15-150300.4.4.3 updated

- libuuid1-2.37.2-150400.8.3.1 updated

- libudev1-249.12-150400.8.10.1 updated

- libsmartcols1-2.37.2-150400.8.3.1 updated

- libcom_err2-1.46.4-150400.3.3.1 updated

- libblkid1-2.37.2-150400.8.3.1 updated

- libfdisk1-2.37.2-150400.8.3.1 updated

- libz1-1.2.11-150000.3.33.1 updated

- libpcre1-8.45-150000.20.13.1 updated

- libgcc_s1-11.3.0+git1637-150000.1.9.1 updated

- libstdc++6-11.3.0+git1637-150000.1.9.1 updated

- libpsl5-0.20.1-150000.3.3.1 updated

- libncurses6-6.1-150000.5.12.1 updated

- terminfo-base-6.1-150000.5.12.1 updated

- ncurses-utils-6.1-150000.5.12.1 updated

- libopenssl1_1-1.1.1l-150400.7.7.1 updated

- libopenssl1_1-hmac-1.1.1l-150400.7.7.1 updated

- libelf1-0.185-150400.5.3.1 updated

- libxml2-2-2.9.14-150400.5.7.1 updated

- libsystemd0-249.12-150400.8.10.1 updated

- libmount1-2.37.2-150400.8.3.1 updated

- libdw1-0.185-150400.5.3.1 updated

- libldap-2_4-2-2.4.46-150200.14.11.2 updated

- sles-release-15.4-150400.55.1 updated

- grep-3.1-150000.4.6.1 updated

- libtirpc3-1.2.6-150300.3.6.1 updated

- libcurl4-7.79.1-150400.5.6.1 updated

- rpm-config-SUSE-1-150400.14.3.1 updated

- permissions-20201225-150400.5.8.1 updated

- pam-1.3.0-150000.6.58.3 updated

- util-linux-2.37.2-150400.8.3.1 updated

- timezone-2022a-150000.75.10.1 added

- libexpat1-2.4.4-150400.3.6.9 updated

- libpython3_6m1_0-3.6.15-150300.10.27.1 updated

- python3-base-3.6.15-150300.10.27.1 updated

- python3-3.6.15-150300.10.27.1 updated

Severity
Container Advisory ID : SUSE-CU-2022:2125-1
Container Tags : suse/manager/4.3/proxy-ssh:4.3.1 , suse/manager/4.3/proxy-ssh:4.3.1.9.6.1 , suse/manager/4.3/proxy-ssh:latest
Container Release : 9.6.1
Severity : important
Type : security

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.