SUSE: 2022:3033-1 trento/trento-runner Security Update
Summary
Advisory ID: SUSE-RU-2022:2735-1 Released: Wed Aug 10 04:31:41 2022 Summary: Recommended update for tar Type: recommended Severity: moderate Advisory ID: SUSE-SU-2022:2831-1 Released: Wed Aug 17 14:41:07 2022 Summary: Recommended update for aws-efs-utils, python-ansi2html, python-py, python-pytest-html, python-pytest-metadata, python-pytest-rerunfailures, python-coverage, python-oniconfig, python-unittest-mixins Type: security Severity: moderate Advisory ID: SUSE-RU-2022:2844-1 Released: Thu Aug 18 14:41:25 2022 Summary: Recommended update for tar Type: recommended Severity: important Advisory ID: SUSE-RU-2022:2853-1 Released: Fri Aug 19 15:59:42 2022 Summary: Recommended update for sle-module-legacy-release Type: recommended Severity: low Advisory ID: SUSE-RU-2022:2943-1 Released: Tue Aug 30 15:42:16 2022 Summary: Recommended update for python-iniconfig Type: recommended Severity: low Advisory ID: SUSE-RU-2022:3028-1 Released: Mon Sep 5 16:31:24 2022 Summary: Recommended update for python-pytz Type: recommended Severity: low Advisory ID: SUSE-RU-2022:3156-1 Released: Wed Sep 7 14:32:26 2022 Summary: Recommended update for go1.16 Type: recommended Severity: moderate Advisory ID: SUSE-RU-2022:3215-1 Released: Thu Sep 8 15:58:27 2022 Summary: Recommended update for rpm Type: recommended Severity: moderate Advisory ID: SUSE-RU-2022:3262-1 Released: Tue Sep 13 15:34:29 2022 Summary: Recommended update for gcc11 Type: recommended Severity: moderate Advisory ID: SUSE-RU-2022:3452-1 Released: Wed Sep 28 12:13:43 2022 Summary: Recommended update for glibc Type: recommended Severity: moderate Advisory ID: SUSE-SU-2022:3544-1 Released: Thu Oct 6 13:48:42 2022 Summary: Security update for python3 Type: security Severity: important Advisory ID: SUSE-SU-2022:3597-1 Released: Mon Oct 17 13:13:16 2022 Summary: Security update for expat Type: security Severity: important Advisory ID: SUSE-RU-2022:3904-1 Released: Tue Nov 8 10:52:13 2022 Summary: Recommended update for openssh Type: recommended Severity: moderate Advisory ID: SUSE-SU-2022:3912-1 Released: Tue Nov 8 13:38:11 2022 Summary: Security update for expat Type: security Severity: important Advisory ID: SUSE-RU-2022:3985-1 Released: Tue Nov 15 12:54:11 2022 Summary: Recommended update for python-apipkg Type: recommended Severity: moderate
References
References : 1182345 1192439 1195916 1196696 1199140 1200657 1201942 1202436
1202498 1202498 1202624 1203438 1204145 1204708 CVE-2020-29651
CVE-2021-28861 CVE-2022-40674 CVE-2022-43680
1200657
This update for tar fixes the following issues:
- Fix race condition while creating intermediate subdirectories (bsc#1200657)
1195916,1196696,CVE-2020-29651
This update for aws-efs-utils, python-ansi2html, python-py, python-pytest-html, python-pytest-metadata, python-pytest-rerunfailures fixes the following issues:
- Update in SLE-15 (bsc#1196696, bsc#1195916, jsc#SLE-23972)
- Remove redundant python3 dependency from Requires
- Update regular expression to fix python shebang
- Style is enforced upstream and triggers unnecessary build version requirements
- Allow specifying fs_id in cloudwatch log group name
- Includes fix for stunnel path
- Added hardening to systemd service(s).
- Raise minimal pytest version
- Fix typo in the ansi2html Requires
- Cleanup with spec-cleaner
- Make sure the tests are really executed
- Remove useless devel dependency
- Multiprocessing support in Python 3.8 was broken, but is now fixed
- Bumpy the URL to point to github rather than to docs
1202436
This update for tar fixes the following issues:
- A regression in a previous update lead to potential deadlocks when extracting an archive. (bsc#1202436)
1202498
This update for python-iniconfig provides the following fix:
- Ship python3-iniconfig also to openSUSE 15.3 and 15.4 (bsc#1202498)
1202498
This update for python-iniconfig provides the following fix:
- Ship missing python2-iniconfig to openSUSE 15.3 (bsc#1202498)
This update for python-pytz fixes the following issues:
- update to 2022.1:
matches tzdata 2022a
- declare python 3.10 compatibility
1182345
This update for go1.16 fixes the following issues:
- Bootstrap using Go 1.12 on SUSE Linux Enterprise 15 and newer and Go 1.11 elsewhere (bsc#1182345)
- Bootstrap using gcc-go any version
This update for rpm fixes the following issues:
- Support Ed25519 RPM signatures [jsc#SLE-24714]
1199140
This update for gcc11 ships some missing 32bit libraries for s390x. (bsc#1199140)
1201942
This update for glibc fixes the following issues:
- Reversing calculation of __x86_shared_non_temporal_threshold (bsc#1201942)
- powerpc: Optimized memcmp for power10 (jsc#PED-987)
1202624,CVE-2021-28861
This update for python3 fixes the following issues:
- CVE-2021-28861: Fixed an open redirection vulnerability in the HTTP server when an URI path starts with // (bsc#1202624).
1203438,CVE-2022-40674
This update for expat fixes the following issues:
- CVE-2022-40674: Fixed use-after-free in the doContent function in xmlparse.c (bsc#1203438).
1192439
This update for openssh fixes the following issue:
- Prevent empty messages from being sent. (bsc#1192439)
1204708,CVE-2022-43680
This update for expat fixes the following issues:
- CVE-2022-43680: Fixed use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate (bsc#1204708).
1204145
This update fixes for python3-apipkg the following issues:
The following package changes have been done:
- libatomic1-11.3.0+git1637-150000.1.11.2 updated
- libgomp1-11.3.0+git1637-150000.1.11.2 updated
- libitm1-11.3.0+git1637-150000.1.11.2 updated
- liblsan0-11.3.0+git1637-150000.1.11.2 updated
- libtsan0-11.3.0+git1637-150000.1.11.2 updated
- tar-1.34-150000.3.18.1 updated
- glibc-devel-2.31-150300.41.1 updated
- go1.16-1.16.15-150000.1.49.1 updated
- libexpat1-2.2.5-150000.3.25.1 updated
- openssh-common-8.4p1-150300.3.12.2 updated
- python3-base-3.6.15-150300.10.30.1 updated
- libpython3_6m1_0-3.6.15-150300.10.30.1 updated
- openssh-fips-8.4p1-150300.3.12.2 updated
- python3-3.6.15-150300.10.30.1 updated
- openssh-server-8.4p1-150300.3.12.2 updated
- openssh-clients-8.4p1-150300.3.12.2 updated
- python3-rpm-4.14.3-150300.49.1 updated
- python3-pytz-2022.1-150300.3.6.1 updated
- python3-iniconfig-1.1.1-150000.1.9.1 added
- python3-apipkg-1.4-150000.3.4.1 added
- openssh-8.4p1-150300.3.12.2 updated
- python3-py-1.10.0-150000.5.9.2 updated