SUSE: 2023:1229-1 rancher/elemental-builder-image/5.3 Security Upda...

What Are You Looking For?

Popular Tags

Sign Up
SUSE Container Update Advisory: rancher/elemental-builder-image/5.3
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2023:1229-1
Container Tags        : rancher/elemental-builder-image/5.3:0.2.5 , rancher/elemental-builder-image/5.3:0.2.5-4.2.2 , rancher/elemental-builder-image/5.3:latest
Container Release     : 4.2.2
Severity              : important
Type                  : security
References            : 1121365 1177460 1177460 1180995 1190651 1190651 1190651 1190653
                        1190888 1193859 1194038 1194047 1198165 1198471 1198472 1199467
                        1201293 1201959 1202148 1202148 1202324 1202870 1203046 1203069
                        1203537 1203652 1203652 1203911 1204211 1204366 1204367 1204383
                        1204386 1204585 1204649 1205126 1205156 1205502 1205646 1206308
                        1206309 1207182 1207533 1207534 1207536 1207538 1207789 1207990
                        1207991 1207992 1207994 1208079 1208432 1208924 1208925 1208926
                        1208998 1209209 1209210 1209211 1209212 1209214 1209533 1209624
                        1209873 1209878 CVE-2022-32221 CVE-2022-40303 CVE-2022-40304
                        CVE-2022-42898 CVE-2022-42916 CVE-2022-4304 CVE-2022-43551 CVE-2022-43552
                        CVE-2022-4450 CVE-2022-4899 CVE-2023-0215 CVE-2023-0286 CVE-2023-0464
                        CVE-2023-0465 CVE-2023-0466 CVE-2023-23914 CVE-2023-23915 CVE-2023-23916
                        CVE-2023-27533 CVE-2023-27534 CVE-2023-27535 CVE-2023-27536 CVE-2023-27538
-----------------------------------------------------------------

The container rancher/elemental-builder-image/5.3 was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:2796-1
Released:    Fri Aug 12 14:34:31 2022
Summary:     Recommended update for jitterentropy
Type:        recommended
Severity:    moderate
References:  
This update for jitterentropy fixes the following issues:

jitterentropy is included in version 3.4.0 (jsc#SLE-24941):

This is a FIPS 140-3 / NIST 800-90b compliant userspace jitter entropy generator library, 
used by other FIPS libraries.
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3328-1
Released:    Wed Sep 21 12:48:56 2022
Summary:     Recommended update for jitterentropy
Type:        recommended
Severity:    moderate
References:  1202870
This update for jitterentropy fixes the following issues:

- Hide the non-GNUC constructs that are library internal from the 
  exported header, to make it usable in builds with strict C99
  compliance. (bsc#1202870)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3663-1
Released:    Wed Oct 19 19:05:21 2022
Summary:     Recommended update for openssl-1_1
Type:        recommended
Severity:    moderate
References:  1121365,1180995,1190651,1190653,1190888,1193859,1198471,1198472,1201293,1202148,1203046,1203069
This update for openssl-1_1 fixes the following issues:

- FIPS: Default to RFC-7919 groups for genparam and dhparam
- FIPS: list only FIPS approved digest and public key algorithms
  [bsc#1121365, bsc#1190888, bsc#1193859, bsc#1198471, bsc#1198472]
- FIPS: Add KAT for the RAND_DRBG implementation [bsc#1203069]
- FIPS: openssl: RAND api should call into FIPS DRBG [bsc#1201293]
  * The FIPS_drbg implementation is not FIPS validated anymore. To
    provide backwards compatibility for applications that need FIPS
    compliant RNG number generation and use FIPS_drbg_generate,
    this function was re-wired to call the FIPS validated DRBG
    instance instead through the RAND_bytes() call.
- FIPS: Fix minor memory leaks by FIPS patch [bsc#1203046]
- FIPS: OpenSSL: Port openssl to use jitterentropy [bsc#1202148, jsc#SLE-24941]
  libcrypto.so now requires libjitterentropy3 library.
- FIPS: OpenSSL Provide a service-level indicator [bsc#1190651]
- FIPS: Add zeroization of temporary variables to the hmac integrity
  function FIPSCHECK_verify(). [bsc#1190653]

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3692-1
Released:    Fri Oct 21 16:15:07 2022
Summary:     Security update for libxml2
Type:        security
Severity:    important
References:  1204366,1204367,CVE-2022-40303,CVE-2022-40304
This update for libxml2 fixes the following issues:

  - CVE-2022-40303: Fixed integer overflows with XML_PARSE_HUGE (bsc#1204366).
  - CVE-2022-40304: Fixed dict corruption caused by entity reference cycles (bsc#1204367).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:3785-1
Released:    Wed Oct 26 20:20:19 2022
Summary:     Security update for curl
Type:        security
Severity:    important
References:  1204383,1204386,CVE-2022-32221,CVE-2022-42916
This update for curl fixes the following issues:

  - CVE-2022-32221: Fixed POST following PUT confusion (bsc#1204383).
  - CVE-2022-42916: Fixed HSTS bypass via IDN (bsc#1204386).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3787-1
Released:    Thu Oct 27 04:41:09 2022
Summary:     Recommended update for permissions
Type:        recommended
Severity:    important
References:  1194047,1203911
This update for permissions fixes the following issues:

- Fix regression introduced by backport of security fix (bsc#1203911)
- Add permissions for enlightenment helper on 32bit arches (bsc#1194047)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3870-1
Released:    Fri Nov  4 11:12:08 2022
Summary:     Recommended update for openssl-1_1
Type:        recommended
Severity:    moderate
References:  1190651,1202148
This update for openssl-1_1 fixes the following issues:

- FIPS: Add a missing dependency on jitterentropy-devel for libopenssl-1_1-devel (bsc#1202148)
- FIPS: OpenSSL service-level indicator:  Allow AES XTS 256 (bsc#1190651)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3910-1
Released:    Tue Nov  8 13:05:04 2022
Summary:     Recommended update for pam
Type:        recommended
Severity:    moderate
References:  
This update for pam fixes the following issue:

- Update pam_motd to the most current version. (PED-1712)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3961-1
Released:    Mon Nov 14 07:33:50 2022
Summary:     Recommended update for zlib
Type:        recommended
Severity:    important
References:  1203652
This update for zlib fixes the following issues:

- Fix updating strm.adler with inflate() if DFLTCC is used (bsc#1203652)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:3974-1
Released:    Mon Nov 14 15:39:20 2022
Summary:     Recommended update for util-linux
Type:        recommended
Severity:    moderate
References:  1201959,1204211
This update for util-linux fixes the following issues:

- Fix file conflict during upgrade (bsc#1204211)
- libuuid improvements (bsc#1201959, PED-1150):
  libuuid: Fix range when parsing UUIDs.
  Improve cache handling for short running applications-increment the cache size over runtime.
  Implement continuous clock handling for time based UUIDs.
  Check clock value from clock file to provide seamless libuuid.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4066-1
Released:    Fri Nov 18 10:43:00 2022
Summary:     Recommended update for timezone
Type:        recommended
Severity:    important
References:  1177460,1202324,1204649,1205156
This update for timezone fixes the following issues:

Update timezone version from 2022a to 2022f (bsc#1177460, bsc#1204649, bsc#1205156):

- Mexico will no longer observe DST except near the US border
- Chihuahua moves to year-round -06 on 2022-10-30
- Fiji no longer observes DST
- In vanguard form, GMT is now a Zone and Etc/GMT a link
- zic now supports links to links, and vanguard form uses this
- Simplify four Ontario zones
- Fix a Y2438 bug when reading TZif data
- Enable 64-bit time_t on 32-bit glibc platforms
- Omit large-file support when no longer needed
- Jordan and Syria switch from +02/+03 with DST to year-round +03
- Palestine transitions are now Saturdays at 02:00
- Simplify three Ukraine zones into one
- Improve tzselect on intercontinental Zones
- Chile's DST is delayed by a week in September 2022 (bsc#1202324)
- Iran no longer observes DST after 2022
- Rename Europe/Kiev to Europe/Kyiv
- New `zic -R` command option
- Vanguard form now uses %z

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4135-1
Released:    Mon Nov 21 00:13:40 2022
Summary:     Recommended update for libeconf
Type:        recommended
Severity:    moderate
References:  1198165
This update for libeconf fixes the following issues:

- Update to version 0.4.6+git
  - econftool:
    Parsing error: Reporting file and line nr. --delimeters=spaces accepting all kind of spaces for delimiter.
  - libeconf:
    Parse files correctly on space characters (1198165)

- Update to version 0.4.5+git
  - econftool:
    New call 'syntax' for checking the configuration files only. Returns an error string with line number if error.
    New options '--comment' and '--delimeters'

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4153-1
Released:    Mon Nov 21 14:34:09 2022
Summary:     Security update for krb5
Type:        security
Severity:    important
References:  1205126,CVE-2022-42898
This update for krb5 fixes the following issues:

- CVE-2022-42898: Fixed integer overflow in PAC parsing (bsc#1205126).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4212-1
Released:    Thu Nov 24 15:53:48 2022
Summary:     Recommended update for openssl-1_1
Type:        recommended
Severity:    moderate
References:  1190651
This update for openssl-1_1 fixes the following issues:

- FIPS: Mark PBKDF2 with key shorter than 112 bits as non-approved (bsc#1190651)
- FIPS: Consider RSA siggen/sigver with PKCS1 padding also approved (bsc#1190651)
- FIPS: Return the correct indicator for a given EC group order bits (bsc#1190651)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4256-1
Released:    Mon Nov 28 12:36:32 2022
Summary:     Recommended update for gcc12
Type:        recommended
Severity:    moderate
References:  
This update for gcc12 fixes the following issues:

This update ship the GCC 12 compiler suite and its base libraries.

The compiler baselibraries are provided for all SUSE Linux Enterprise 15
versions and replace the same named GCC 11 ones.

The new compilers for C, C++, and Fortran are provided for SUSE Linux
Enterprise 15 SP3 and SP4, and provided in the 'Development Tools' module.

The Go, D and Ada language compiler parts are available unsupported via the
PackageHub repositories.

To use gcc12 compilers use:

- install 'gcc12' or 'gcc12-c++' or one of the other 'gcc12-COMPILER' frontend packages.
- override your Makefile to use CC=gcc12, CXX=g++12 and similar overrides for the other languages.

For a full changelog with all new GCC12 features, check out

	https://gcc.gnu.org/gcc-12/changes.html


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4597-1
Released:    Wed Dec 21 10:13:11 2022
Summary:     Security update for curl
Type:        security
Severity:    important
References:  1206308,1206309,CVE-2022-43551,CVE-2022-43552
This update for curl fixes the following issues:

- CVE-2022-43552: HTTP Proxy deny use-after-free (bsc#1206309).
- CVE-2022-43551: Fixed HSTS bypass via IDN (bsc#1206308).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:25-1
Released:    Thu Jan  5 09:51:41 2023
Summary:     Recommended update for timezone
Type:        recommended
Severity:    moderate
References:  1177460
This update for timezone fixes the following issues:

Version update from 2022f to 2022g (bsc#1177460):

- In the Mexican state of Chihuahua:
  * The border strip near the US will change to agree with nearby US locations on 2022-11-30.
  * The strip's western part, represented by Ciudad Juarez, switches from -06 all year to -07/-06 with US DST rules,
    like El Paso, TX.
  * The eastern part, represented by Ojinaga, will observe US DST next year, like Presidio, TX.
  * A new Zone America/Ciudad_Juarez splits from America/Ojinaga.
- Much of Greenland, represented by America/Nuuk, stops observing winter time after March 2023, so its daylight saving
  time becomes standard time.
- Changes for pre-1996 northern Canada
- Update to past DST transition in Colombia (1993), Singapore (1981)
- 'timegm' is now supported by default

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:45-1
Released:    Mon Jan  9 10:32:26 2023
Summary:     Recommended update for libxml2
Type:        recommended
Severity:    moderate
References:  1204585
This update for libxml2 fixes the following issues:

- Add W3C conformance tests to the testsuite (bsc#1204585):
  * Added file xmlts20080827.tar.gz 

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:48-1
Released:    Mon Jan  9 10:37:54 2023
Summary:     Recommended update for libtirpc
Type:        recommended
Severity:    moderate
References:  1199467
This update for libtirpc fixes the following issues:

- Consider /proc/sys/net/ipv4/ip_local_reserved_ports, before binding to a random port (bsc#1199467)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:50-1
Released:    Mon Jan  9 10:42:21 2023
Summary:     Recommended update for shadow
Type:        recommended
Severity:    moderate
References:  1205502
This update for shadow fixes the following issues:

- Fix issue with user id field that cannot be interpreted (bsc#1205502)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:177-1
Released:    Thu Jan 26 20:57:35 2023
Summary:     Recommended update for util-linux
Type:        recommended
Severity:    moderate
References:  1194038,1205646
This update for util-linux fixes the following issues:

- Fix tests not passing when '@' character is in build path: 
  Fixes rpmbuild %checks fail when @ in the directory path (bsc#1194038).
- libuuid continuous clock handling for time based UUIDs:
  Prevent use of the new libuuid ABI by uuidd %post before update
  of libuuid1 (bsc#1205646).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:178-1
Released:    Thu Jan 26 20:58:21 2023
Summary:     Recommended update for openssl-1_1
Type:        recommended
Severity:    moderate
References:  1207182
This update for openssl-1_1 fixes the following issues:

- FIPS: Add Pair-wise Consistency Test when generating DH key [bsc#1207182]

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:188-1
Released:    Fri Jan 27 12:07:19 2023
Summary:     Recommended update for zlib
Type:        recommended
Severity:    important
References:  1203652
This update for zlib fixes the following issues:

- Follow up fix for bug bsc#1203652 due to libxml2 issues

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:311-1
Released:    Tue Feb  7 17:36:32 2023
Summary:     Security update for openssl-1_1
Type:        security
Severity:    important
References:  1207533,1207534,1207536,1207538,CVE-2022-4304,CVE-2022-4450,CVE-2023-0215,CVE-2023-0286
This update for openssl-1_1 fixes the following issues:

- CVE-2023-0286: Fixed X.400 address type confusion in X.509 GENERAL_NAME_cmp for x400Address (bsc#1207533).
- CVE-2023-0215: Fixed use-after-free following BIO_new_NDEF() (bsc#1207536).
- CVE-2022-4450: Fixed double free after calling PEM_read_bio_ex() (bsc#1207538).
- CVE-2022-4304: Fixed timing Oracle in RSA Decryption (bsc#1207534).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:429-1
Released:    Wed Feb 15 17:41:22 2023
Summary:     Security update for curl
Type:        security
Severity:    important
References:  1207990,1207991,1207992,CVE-2023-23914,CVE-2023-23915,CVE-2023-23916
This update for curl fixes the following issues:

- CVE-2023-23914: Fixed HSTS ignored on multiple requests (bsc#1207990).
- CVE-2023-23915: Fixed HSTS amnesia with --parallel (bsc#1207991).
- CVE-2023-23916: Fixed HTTP multi-header compression denial of service (bsc#1207992).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:563-1
Released:    Tue Feb 28 10:51:46 2023
Summary:     Recommended update for openssl-1_1
Type:        recommended
Severity:    moderate
References:  1207994
This update for openssl-1_1 fixes the following issues:

- FIPS: Serialize jitterentropy calls to avoid thread safety issues [bsc#1207994]

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:617-1
Released:    Fri Mar  3 16:49:06 2023
Summary:     Recommended update for jitterentropy
Type:        recommended
Severity:    moderate
References:  1207789
This update for jitterentropy fixes the following issues:

- build jitterentropy library with debuginfo (bsc#1207789)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:776-1
Released:    Thu Mar 16 17:29:23 2023
Summary:     Recommended update for gcc12
Type:        recommended
Severity:    moderate
References:  
This update for gcc12 fixes the following issues:

This update ships gcc12 also to the SUSE Linux Enterprise 15 SP1 LTSS and 15 SP2 LTSS products.

SUSE Linux Enterprise 15 SP3 and SP4 get only refreshed builds without changes


This update ship the GCC 12 compiler suite and its base libraries.

The compiler baselibraries are provided for all SUSE Linux Enterprise 15
versions and replace the same named GCC 11 ones.

The new compilers for C, C++, and Fortran are provided in the SUSE Linux
Enterprise Module for Development Tools.

To use gcc12 compilers use:

- install 'gcc12' or 'gcc12-c++' or one of the other 'gcc12-COMPILER' frontend packages.
- override your makefile to use CC=gcc12, CXX=g++12 and similar overrides for the other languages.

For a full changelog with all new GCC12 features, check out

	https://gcc.gnu.org/gcc-12/changes.html


-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:782-1
Released:    Thu Mar 16 19:08:34 2023
Summary:     Recommended update for libgcrypt
Type:        recommended
Severity:    moderate
References:  1208924,1208925,1208926
This update for libgcrypt fixes the following issues:

- FIPS: ECC: Transition to error-state if PCT fail [bsc#1208925]
- FIPS: ECDSA: Avoid no-keytest in ECDSA keygen [bsc#1208924]
- FIPS: PBKDF2: Added additional checks for the minimum key length,
  salt length, iteration count and passphrase length to the kdf
  FIPS indicator in _gcry_fips_indicator_kdf() [bsc#1208926]

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:783-1
Released:    Thu Mar 16 19:09:03 2023
Summary:     Recommended update for openssl-1_1
Type:        recommended
Severity:    moderate
References:  1208998
This update for openssl-1_1 fixes the following issues:

FIPS: Service-level indicator changes [bsc#1208998]

* Add additional checks required by FIPS 140-3. Minimum values for
  PBKDF2 are: 112 bits for key, 128 bits for salt, 1000 for
  iteration count and 20 characters for password.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1582-1
Released:    Mon Mar 27 10:31:52 2023
Summary:     Security update for curl
Type:        security
Severity:    moderate
References:  1209209,1209210,1209211,1209212,1209214,CVE-2023-27533,CVE-2023-27534,CVE-2023-27535,CVE-2023-27536,CVE-2023-27538
This update for curl fixes the following issues:
  
- CVE-2023-27533: Fixed TELNET option IAC injection (bsc#1209209).
- CVE-2023-27534: Fixed SFTP path ~ resolving discrepancy (bsc#1209210).
- CVE-2023-27535: Fixed FTP too eager connection reuse (bsc#1209211).
- CVE-2023-27536: Fixed GSS delegation too eager connection reuse (bsc#1209212).
- CVE-2023-27538: Fixed SSH connection too eager reuse still (bsc#1209214).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1662-1
Released:    Wed Mar 29 10:36:23 2023
Summary:     Recommended update for patterns-base
Type:        recommended
Severity:    moderate
References:  1203537
This update for patterns-base fixes the following issues:

- change label of FIPS 140-2 to 140-3 to reflect our current certifications (bsc#1203537)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1688-1
Released:    Wed Mar 29 18:19:10 2023
Summary:     Security update for zstd
Type:        security
Severity:    moderate
References:  1209533,CVE-2022-4899
This update for zstd fixes the following issues:

- CVE-2022-4899: Fixed buffer overrun in util.c (bsc#1209533).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1745-1
Released:    Tue Apr  4 09:05:23 2023
Summary:     Security update for openssl-1_1
Type:        security
Severity:    moderate
References:  1209624,CVE-2023-0464
This update for openssl-1_1 fixes the following issues:

- CVE-2023-0464: Fixed excessive Resource Usage Verifying X.509 Policy Constraints (bsc#1209624).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1779-1
Released:    Thu Apr  6 08:16:58 2023
Summary:     Recommended update for systemd
Type:        recommended
Severity:    moderate
References:  1208432
This update for systemd fixes the following issues:

- Fix return non-zero value when disabling SysVinit service (bsc#1208432)
- Drop build requirement on libpci, it's not no longer needed
- Move systemd-boot and all components managing (secure) UEFI boot into udev
  sub-package, so they aren't installed in systemd based containers

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1805-1
Released:    Tue Apr 11 10:12:41 2023
Summary:     Recommended update for timezone
Type:        recommended
Severity:    important
References:  
This update for timezone fixes the following issues:

- Version update from 2022g to 2023c:
  * Egypt now uses DST again, from April through October.
  * This year Morocco springs forward April 23, not April 30.
  * Palestine delays the start of DST this year.
  * Much of Greenland still uses DST from 2024 on.
  * America/Yellowknife now links to America/Edmonton.
  * tzselect can now use current time to help infer timezone.
  * The code now defaults to C99 or later.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:1880-1
Released:    Tue Apr 18 11:11:27 2023
Summary:     Recommended update for systemd-rpm-macros
Type:        recommended
Severity:    low
References:  1208079
This update for systemd-rpm-macros fixes the following issue:

- Don't emit a warning when the flag file in /var/lib/systemd/migrated/ is not present as it's expected (bsc#1208079).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:1911-1
Released:    Wed Apr 19 13:02:33 2023
Summary:     Security update for openssl-1_1
Type:        security
Severity:    moderate
References:  1209873,1209878,CVE-2023-0465,CVE-2023-0466
This update for openssl-1_1 fixes the following issues:

- CVE-2023-0465: Invalid certificate policies in leaf certificates were silently ignored (bsc#1209878).
- CVE-2023-0466: Certificate policy check were not enabled (bsc#1209873).


The following package changes have been done:

- libtirpc-netconfig-1.2.6-150300.3.17.1 updated
- glibc-2.31-150300.46.1 updated
- libzstd1-1.5.0-150400.3.3.1 updated
- libuuid1-2.37.2-150400.8.14.1 updated
- libudev1-249.16-150400.8.25.7 updated
- libsmartcols1-2.37.2-150400.8.14.1 updated
- libeconf0-0.4.6+git20220427.3016f4e-150400.3.3.1 updated
- libblkid1-2.37.2-150400.8.14.1 updated
- libgcrypt20-1.9.4-150400.6.8.1 updated
- libgcrypt20-hmac-1.9.4-150400.6.8.1 updated
- libfdisk1-2.37.2-150400.8.14.1 updated
- libz1-1.2.11-150000.3.39.1 updated
- libjitterentropy3-3.4.0-150000.1.9.1 added
- libgcc_s1-12.2.1+git416-150000.1.7.1 updated
- libstdc++6-12.2.1+git416-150000.1.7.1 updated
- libxml2-2-2.9.14-150400.5.13.1 updated
- libsystemd0-249.16-150400.8.25.7 updated
- libopenssl1_1-1.1.1l-150400.7.34.1 updated
- libopenssl1_1-hmac-1.1.1l-150400.7.34.1 updated
- patterns-base-fips-20200124-150400.20.4.1 updated
- libmount1-2.37.2-150400.8.14.1 updated
- krb5-1.19.2-150400.3.3.1 updated
- login_defs-4.8.1-150400.10.3.1 updated
- libtirpc3-1.2.6-150300.3.17.1 updated
- libcurl4-7.79.1-150400.5.18.1 updated
- permissions-20201225-150400.5.16.1 updated
- pam-1.3.0-150000.6.61.1 updated
- shadow-4.8.1-150400.10.3.1 updated
- util-linux-2.37.2-150400.8.14.1 updated
- timezone-2023c-150000.75.23.1 updated
- systemd-rpm-macros-12-150000.7.30.1 updated
- systemd-249.16-150400.8.25.7 updated
- udev-249.16-150400.8.25.7 updated
- elemental-cli-0.2.5-150400.1.1 updated
- container:sles15-image-15.0.0-27.14.53 updated

SUSE: 2023:1229-1 rancher/elemental-builder-image/5.3 Security Update

April 22, 2023
The container rancher/elemental-builder-image/5.3 was updated

Summary

Advisory ID: SUSE-RU-2022:2796-1 Released: Fri Aug 12 14:34:31 2022 Summary: Recommended update for jitterentropy Type: recommended Severity: moderate Advisory ID: SUSE-RU-2022:3328-1 Released: Wed Sep 21 12:48:56 2022 Summary: Recommended update for jitterentropy Type: recommended Severity: moderate Advisory ID: SUSE-RU-2022:3663-1 Released: Wed Oct 19 19:05:21 2022 Summary: Recommended update for openssl-1_1 Type: recommended Severity: moderate Advisory ID: SUSE-SU-2022:3692-1 Released: Fri Oct 21 16:15:07 2022 Summary: Security update for libxml2 Type: security Severity: important Advisory ID: SUSE-SU-2022:3785-1 Released: Wed Oct 26 20:20:19 2022 Summary: Security update for curl Type: security Severity: important Advisory ID: SUSE-RU-2022:3787-1 Released: Thu Oct 27 04:41:09 2022 Summary: Recommended update for permissions Type: recommended Severity: important Advisory ID: SUSE-RU-2022:3870-1 Released: Fri Nov 4 11:12:08 2022 Summary: Recommended update for openssl-1_1 Type: recommended Severity: moderate Advisory ID: SUSE-RU-2022:3910-1 Released: Tue Nov 8 13:05:04 2022 Summary: Recommended update for pam Type: recommended Severity: moderate Advisory ID: SUSE-RU-2022:3961-1 Released: Mon Nov 14 07:33:50 2022 Summary: Recommended update for zlib Type: recommended Severity: important Advisory ID: SUSE-RU-2022:3974-1 Released: Mon Nov 14 15:39:20 2022 Summary: Recommended update for util-linux Type: recommended Severity: moderate Advisory ID: SUSE-RU-2022:4066-1 Released: Fri Nov 18 10:43:00 2022 Summary: Recommended update for timezone Type: recommended Severity: important Advisory ID: SUSE-RU-2022:4135-1 Released: Mon Nov 21 00:13:40 2022 Summary: Recommended update for libeconf Type: recommended Severity: moderate Advisory ID: SUSE-SU-2022:4153-1 Released: Mon Nov 21 14:34:09 2022 Summary: Security update for krb5 Type: security Severity: important Advisory ID: SUSE-RU-2022:4212-1 Released: Thu Nov 24 15:53:48 2022 Summary: Recommended update for openssl-1_1 Type: recommended Severity: moderate Advisory ID: SUSE-RU-2022:4256-1 Released: Mon Nov 28 12:36:32 2022 Summary: Recommended update for gcc12 Type: recommended Severity: moderate Advisory ID: SUSE-SU-2022:4597-1 Released: Wed Dec 21 10:13:11 2022 Summary: Security update for curl Type: security Severity: important Advisory ID: SUSE-RU-2023:25-1 Released: Thu Jan 5 09:51:41 2023 Summary: Recommended update for timezone Type: recommended Severity: moderate Advisory ID: SUSE-RU-2023:45-1 Released: Mon Jan 9 10:32:26 2023 Summary: Recommended update for libxml2 Type: recommended Severity: moderate Advisory ID: SUSE-RU-2023:48-1 Released: Mon Jan 9 10:37:54 2023 Summary: Recommended update for libtirpc Type: recommended Severity: moderate Advisory ID: SUSE-RU-2023:50-1 Released: Mon Jan 9 10:42:21 2023 Summary: Recommended update for shadow Type: recommended Severity: moderate Advisory ID: SUSE-RU-2023:177-1 Released: Thu Jan 26 20:57:35 2023 Summary: Recommended update for util-linux Type: recommended Severity: moderate Advisory ID: SUSE-RU-2023:178-1 Released: Thu Jan 26 20:58:21 2023 Summary: Recommended update for openssl-1_1 Type: recommended Severity: moderate Advisory ID: SUSE-RU-2023:188-1 Released: Fri Jan 27 12:07:19 2023 Summary: Recommended update for zlib Type: recommended Severity: important Advisory ID: SUSE-SU-2023:311-1 Released: Tue Feb 7 17:36:32 2023 Summary: Security update for openssl-1_1 Type: security Severity: important Advisory ID: SUSE-SU-2023:429-1 Released: Wed Feb 15 17:41:22 2023 Summary: Security update for curl Type: security Severity: important Advisory ID: SUSE-RU-2023:563-1 Released: Tue Feb 28 10:51:46 2023 Summary: Recommended update for openssl-1_1 Type: recommended Severity: moderate Advisory ID: SUSE-RU-2023:617-1 Released: Fri Mar 3 16:49:06 2023 Summary: Recommended update for jitterentropy Type: recommended Severity: moderate Advisory ID: SUSE-RU-2023:776-1 Released: Thu Mar 16 17:29:23 2023 Summary: Recommended update for gcc12 Type: recommended Severity: moderate Advisory ID: SUSE-RU-2023:782-1 Released: Thu Mar 16 19:08:34 2023 Summary: Recommended update for libgcrypt Type: recommended Severity: moderate Advisory ID: SUSE-RU-2023:783-1 Released: Thu Mar 16 19:09:03 2023 Summary: Recommended update for openssl-1_1 Type: recommended Severity: moderate Advisory ID: SUSE-SU-2023:1582-1 Released: Mon Mar 27 10:31:52 2023 Summary: Security update for curl Type: security Severity: moderate Advisory ID: SUSE-RU-2023:1662-1 Released: Wed Mar 29 10:36:23 2023 Summary: Recommended update for patterns-base Type: recommended Severity: moderate Advisory ID: SUSE-SU-2023:1688-1 Released: Wed Mar 29 18:19:10 2023 Summary: Security update for zstd Type: security Severity: moderate Advisory ID: SUSE-SU-2023:1745-1 Released: Tue Apr 4 09:05:23 2023 Summary: Security update for openssl-1_1 Type: security Severity: moderate Advisory ID: SUSE-RU-2023:1779-1 Released: Thu Apr 6 08:16:58 2023 Summary: Recommended update for systemd Type: recommended Severity: moderate Advisory ID: SUSE-RU-2023:1805-1 Released: Tue Apr 11 10:12:41 2023 Summary: Recommended update for timezone Type: recommended Severity: important Advisory ID: SUSE-RU-2023:1880-1 Released: Tue Apr 18 11:11:27 2023 Summary: Recommended update for systemd-rpm-macros Type: recommended Severity: low Advisory ID: SUSE-SU-2023:1911-1 Released: Wed Apr 19 13:02:33 2023 Summary: Security update for openssl-1_1 Type: security Severity: moderate

References

References : 1121365 1177460 1177460 1180995 1190651 1190651 1190651 1190653

1190888 1193859 1194038 1194047 1198165 1198471 1198472 1199467

1201293 1201959 1202148 1202148 1202324 1202870 1203046 1203069

1203537 1203652 1203652 1203911 1204211 1204366 1204367 1204383

1204386 1204585 1204649 1205126 1205156 1205502 1205646 1206308

1206309 1207182 1207533 1207534 1207536 1207538 1207789 1207990

1207991 1207992 1207994 1208079 1208432 1208924 1208925 1208926

1208998 1209209 1209210 1209211 1209212 1209214 1209533 1209624

1209873 1209878 CVE-2022-32221 CVE-2022-40303 CVE-2022-40304

CVE-2022-42898 CVE-2022-42916 CVE-2022-4304 CVE-2022-43551 CVE-2022-43552

CVE-2022-4450 CVE-2022-4899 CVE-2023-0215 CVE-2023-0286 CVE-2023-0464

CVE-2023-0465 CVE-2023-0466 CVE-2023-23914 CVE-2023-23915 CVE-2023-23916

CVE-2023-27533 CVE-2023-27534 CVE-2023-27535 CVE-2023-27536 CVE-2023-27538

This update for jitterentropy fixes the following issues:

jitterentropy is included in version 3.4.0 (jsc#SLE-24941):

This is a FIPS 140-3 / NIST 800-90b compliant userspace jitter entropy generator library,

used by other FIPS libraries.

1202870

This update for jitterentropy fixes the following issues:

- Hide the non-GNUC constructs that are library internal from the

exported header, to make it usable in builds with strict C99

compliance. (bsc#1202870)

1121365,1180995,1190651,1190653,1190888,1193859,1198471,1198472,1201293,1202148,1203046,1203069

This update for openssl-1_1 fixes the following issues:

- FIPS: Default to RFC-7919 groups for genparam and dhparam

- FIPS: list only FIPS approved digest and public key algorithms

[bsc#1121365, bsc#1190888, bsc#1193859, bsc#1198471, bsc#1198472]

- FIPS: Add KAT for the RAND_DRBG implementation [bsc#1203069]

- FIPS: openssl: RAND api should call into FIPS DRBG [bsc#1201293]

* The FIPS_drbg implementation is not FIPS validated anymore. To

provide backwards compatibility for applications that need FIPS

compliant RNG number generation and use FIPS_drbg_generate,

this function was re-wired to call the FIPS validated DRBG

instance instead through the RAND_bytes() call.

- FIPS: Fix minor memory leaks by FIPS patch [bsc#1203046]

- FIPS: OpenSSL: Port openssl to use jitterentropy [bsc#1202148, jsc#SLE-24941]

libcrypto.so now requires libjitterentropy3 library.

- FIPS: OpenSSL Provide a service-level indicator [bsc#1190651]

- FIPS: Add zeroization of temporary variables to the hmac integrity

function FIPSCHECK_verify(). [bsc#1190653]

1204366,1204367,CVE-2022-40303,CVE-2022-40304

This update for libxml2 fixes the following issues:

- CVE-2022-40303: Fixed integer overflows with XML_PARSE_HUGE (bsc#1204366).

- CVE-2022-40304: Fixed dict corruption caused by entity reference cycles (bsc#1204367).

1204383,1204386,CVE-2022-32221,CVE-2022-42916

This update for curl fixes the following issues:

- CVE-2022-32221: Fixed POST following PUT confusion (bsc#1204383).

- CVE-2022-42916: Fixed HSTS bypass via IDN (bsc#1204386).

1194047,1203911

This update for permissions fixes the following issues:

- Fix regression introduced by backport of security fix (bsc#1203911)

- Add permissions for enlightenment helper on 32bit arches (bsc#1194047)

1190651,1202148

This update for openssl-1_1 fixes the following issues:

- FIPS: Add a missing dependency on jitterentropy-devel for libopenssl-1_1-devel (bsc#1202148)

- FIPS: OpenSSL service-level indicator: Allow AES XTS 256 (bsc#1190651)

This update for pam fixes the following issue:

- Update pam_motd to the most current version. (PED-1712)

1203652

This update for zlib fixes the following issues:

- Fix updating strm.adler with inflate() if DFLTCC is used (bsc#1203652)

1201959,1204211

This update for util-linux fixes the following issues:

- Fix file conflict during upgrade (bsc#1204211)

- libuuid improvements (bsc#1201959, PED-1150):

libuuid: Fix range when parsing UUIDs.

Improve cache handling for short running applications-increment the cache size over runtime.

Implement continuous clock handling for time based UUIDs.

Check clock value from clock file to provide seamless libuuid.

1177460,1202324,1204649,1205156

This update for timezone fixes the following issues:

Update timezone version from 2022a to 2022f (bsc#1177460, bsc#1204649, bsc#1205156):

- Mexico will no longer observe DST except near the US border

- Chihuahua moves to year-round -06 on 2022-10-30

- Fiji no longer observes DST

- In vanguard form, GMT is now a Zone and Etc/GMT a link

- zic now supports links to links, and vanguard form uses this

- Simplify four Ontario zones

- Fix a Y2438 bug when reading TZif data

- Enable 64-bit time_t on 32-bit glibc platforms

- Omit large-file support when no longer needed

- Jordan and Syria switch from +02/+03 with DST to year-round +03

- Palestine transitions are now Saturdays at 02:00

- Simplify three Ukraine zones into one

- Improve tzselect on intercontinental Zones

- Chile's DST is delayed by a week in September 2022 (bsc#1202324)

- Iran no longer observes DST after 2022

- Rename Europe/Kiev to Europe/Kyiv

- New `zic -R` command option

- Vanguard form now uses %z

1198165

This update for libeconf fixes the following issues:

- Update to version 0.4.6+git

- econftool:

Parsing error: Reporting file and line nr. --delimeters=spaces accepting all kind of spaces for delimiter.

- libeconf:

Parse files correctly on space characters (1198165)

- Update to version 0.4.5+git

- econftool:

New call 'syntax' for checking the configuration files only. Returns an error string with line number if error.

New options '--comment' and '--delimeters'

1205126,CVE-2022-42898

This update for krb5 fixes the following issues:

- CVE-2022-42898: Fixed integer overflow in PAC parsing (bsc#1205126).

1190651

This update for openssl-1_1 fixes the following issues:

- FIPS: Mark PBKDF2 with key shorter than 112 bits as non-approved (bsc#1190651)

- FIPS: Consider RSA siggen/sigver with PKCS1 padding also approved (bsc#1190651)

- FIPS: Return the correct indicator for a given EC group order bits (bsc#1190651)

This update for gcc12 fixes the following issues:

This update ship the GCC 12 compiler suite and its base libraries.

The compiler baselibraries are provided for all SUSE Linux Enterprise 15

versions and replace the same named GCC 11 ones.

The new compilers for C, C++, and Fortran are provided for SUSE Linux

Enterprise 15 SP3 and SP4, and provided in the 'Development Tools' module.

The Go, D and Ada language compiler parts are available unsupported via the

PackageHub repositories.

To use gcc12 compilers use:

- install 'gcc12' or 'gcc12-c++' or one of the other 'gcc12-COMPILER' frontend packages.

- override your Makefile to use CC=gcc12, CXX=g++12 and similar overrides for the other languages.

For a full changelog with all new GCC12 features, check out

https://gcc.gnu.org/gcc-12/changes.html

1206308,1206309,CVE-2022-43551,CVE-2022-43552

This update for curl fixes the following issues:

- CVE-2022-43552: HTTP Proxy deny use-after-free (bsc#1206309).

- CVE-2022-43551: Fixed HSTS bypass via IDN (bsc#1206308).

1177460

This update for timezone fixes the following issues:

Version update from 2022f to 2022g (bsc#1177460):

- In the Mexican state of Chihuahua:

* The border strip near the US will change to agree with nearby US locations on 2022-11-30.

* The strip's western part, represented by Ciudad Juarez, switches from -06 all year to -07/-06 with US DST rules,

like El Paso, TX.

* The eastern part, represented by Ojinaga, will observe US DST next year, like Presidio, TX.

* A new Zone America/Ciudad_Juarez splits from America/Ojinaga.

- Much of Greenland, represented by America/Nuuk, stops observing winter time after March 2023, so its daylight saving

time becomes standard time.

- Changes for pre-1996 northern Canada

- Update to past DST transition in Colombia (1993), Singapore (1981)

- 'timegm' is now supported by default

1204585

This update for libxml2 fixes the following issues:

- Add W3C conformance tests to the testsuite (bsc#1204585):

* Added file xmlts20080827.tar.gz

1199467

This update for libtirpc fixes the following issues:

- Consider /proc/sys/net/ipv4/ip_local_reserved_ports, before binding to a random port (bsc#1199467)

1205502

This update for shadow fixes the following issues:

- Fix issue with user id field that cannot be interpreted (bsc#1205502)

1194038,1205646

This update for util-linux fixes the following issues:

- Fix tests not passing when '@' character is in build path:

Fixes rpmbuild %checks fail when @ in the directory path (bsc#1194038).

- libuuid continuous clock handling for time based UUIDs:

Prevent use of the new libuuid ABI by uuidd %post before update

of libuuid1 (bsc#1205646).

1207182

This update for openssl-1_1 fixes the following issues:

- FIPS: Add Pair-wise Consistency Test when generating DH key [bsc#1207182]

1203652

This update for zlib fixes the following issues:

- Follow up fix for bug bsc#1203652 due to libxml2 issues

1207533,1207534,1207536,1207538,CVE-2022-4304,CVE-2022-4450,CVE-2023-0215,CVE-2023-0286

This update for openssl-1_1 fixes the following issues:

- CVE-2023-0286: Fixed X.400 address type confusion in X.509 GENERAL_NAME_cmp for x400Address (bsc#1207533).

- CVE-2023-0215: Fixed use-after-free following BIO_new_NDEF() (bsc#1207536).

- CVE-2022-4450: Fixed double free after calling PEM_read_bio_ex() (bsc#1207538).

- CVE-2022-4304: Fixed timing Oracle in RSA Decryption (bsc#1207534).

1207990,1207991,1207992,CVE-2023-23914,CVE-2023-23915,CVE-2023-23916

This update for curl fixes the following issues:

- CVE-2023-23914: Fixed HSTS ignored on multiple requests (bsc#1207990).

- CVE-2023-23915: Fixed HSTS amnesia with --parallel (bsc#1207991).

- CVE-2023-23916: Fixed HTTP multi-header compression denial of service (bsc#1207992).

1207994

This update for openssl-1_1 fixes the following issues:

- FIPS: Serialize jitterentropy calls to avoid thread safety issues [bsc#1207994]

1207789

This update for jitterentropy fixes the following issues:

- build jitterentropy library with debuginfo (bsc#1207789)

This update for gcc12 fixes the following issues:

This update ships gcc12 also to the SUSE Linux Enterprise 15 SP1 LTSS and 15 SP2 LTSS products.

SUSE Linux Enterprise 15 SP3 and SP4 get only refreshed builds without changes

This update ship the GCC 12 compiler suite and its base libraries.

The compiler baselibraries are provided for all SUSE Linux Enterprise 15

versions and replace the same named GCC 11 ones.

The new compilers for C, C++, and Fortran are provided in the SUSE Linux

Enterprise Module for Development Tools.

To use gcc12 compilers use:

- install 'gcc12' or 'gcc12-c++' or one of the other 'gcc12-COMPILER' frontend packages.

- override your makefile to use CC=gcc12, CXX=g++12 and similar overrides for the other languages.

For a full changelog with all new GCC12 features, check out

https://gcc.gnu.org/gcc-12/changes.html

1208924,1208925,1208926

This update for libgcrypt fixes the following issues:

- FIPS: ECC: Transition to error-state if PCT fail [bsc#1208925]

- FIPS: ECDSA: Avoid no-keytest in ECDSA keygen [bsc#1208924]

- FIPS: PBKDF2: Added additional checks for the minimum key length,

salt length, iteration count and passphrase length to the kdf

FIPS indicator in _gcry_fips_indicator_kdf() [bsc#1208926]

1208998

This update for openssl-1_1 fixes the following issues:

FIPS: Service-level indicator changes [bsc#1208998]

* Add additional checks required by FIPS 140-3. Minimum values for

PBKDF2 are: 112 bits for key, 128 bits for salt, 1000 for

iteration count and 20 characters for password.

1209209,1209210,1209211,1209212,1209214,CVE-2023-27533,CVE-2023-27534,CVE-2023-27535,CVE-2023-27536,CVE-2023-27538

This update for curl fixes the following issues:

- CVE-2023-27533: Fixed TELNET option IAC injection (bsc#1209209).

- CVE-2023-27534: Fixed SFTP path ~ resolving discrepancy (bsc#1209210).

- CVE-2023-27535: Fixed FTP too eager connection reuse (bsc#1209211).

- CVE-2023-27536: Fixed GSS delegation too eager connection reuse (bsc#1209212).

- CVE-2023-27538: Fixed SSH connection too eager reuse still (bsc#1209214).

1203537

This update for patterns-base fixes the following issues:

- change label of FIPS 140-2 to 140-3 to reflect our current certifications (bsc#1203537)

1209533,CVE-2022-4899

This update for zstd fixes the following issues:

- CVE-2022-4899: Fixed buffer overrun in util.c (bsc#1209533).

1209624,CVE-2023-0464

This update for openssl-1_1 fixes the following issues:

- CVE-2023-0464: Fixed excessive Resource Usage Verifying X.509 Policy Constraints (bsc#1209624).

1208432

This update for systemd fixes the following issues:

- Fix return non-zero value when disabling SysVinit service (bsc#1208432)

- Drop build requirement on libpci, it's not no longer needed

- Move systemd-boot and all components managing (secure) UEFI boot into udev

sub-package, so they aren't installed in systemd based containers

This update for timezone fixes the following issues:

- Version update from 2022g to 2023c:

* Egypt now uses DST again, from April through October.

* This year Morocco springs forward April 23, not April 30.

* Palestine delays the start of DST this year.

* Much of Greenland still uses DST from 2024 on.

* America/Yellowknife now links to America/Edmonton.

* tzselect can now use current time to help infer timezone.

* The code now defaults to C99 or later.

1208079

This update for systemd-rpm-macros fixes the following issue:

- Don't emit a warning when the flag file in /var/lib/systemd/migrated/ is not present as it's expected (bsc#1208079).

1209873,1209878,CVE-2023-0465,CVE-2023-0466

This update for openssl-1_1 fixes the following issues:

- CVE-2023-0465: Invalid certificate policies in leaf certificates were silently ignored (bsc#1209878).

- CVE-2023-0466: Certificate policy check were not enabled (bsc#1209873).

The following package changes have been done:

- libtirpc-netconfig-1.2.6-150300.3.17.1 updated

- glibc-2.31-150300.46.1 updated

- libzstd1-1.5.0-150400.3.3.1 updated

- libuuid1-2.37.2-150400.8.14.1 updated

- libudev1-249.16-150400.8.25.7 updated

- libsmartcols1-2.37.2-150400.8.14.1 updated

- libeconf0-0.4.6+git20220427.3016f4e-150400.3.3.1 updated

- libblkid1-2.37.2-150400.8.14.1 updated

- libgcrypt20-1.9.4-150400.6.8.1 updated

- libgcrypt20-hmac-1.9.4-150400.6.8.1 updated

- libfdisk1-2.37.2-150400.8.14.1 updated

- libz1-1.2.11-150000.3.39.1 updated

- libjitterentropy3-3.4.0-150000.1.9.1 added

- libgcc_s1-12.2.1+git416-150000.1.7.1 updated

- libstdc++6-12.2.1+git416-150000.1.7.1 updated

- libxml2-2-2.9.14-150400.5.13.1 updated

- libsystemd0-249.16-150400.8.25.7 updated

- libopenssl1_1-1.1.1l-150400.7.34.1 updated

- libopenssl1_1-hmac-1.1.1l-150400.7.34.1 updated

- patterns-base-fips-20200124-150400.20.4.1 updated

- libmount1-2.37.2-150400.8.14.1 updated

- krb5-1.19.2-150400.3.3.1 updated

- login_defs-4.8.1-150400.10.3.1 updated

- libtirpc3-1.2.6-150300.3.17.1 updated

- libcurl4-7.79.1-150400.5.18.1 updated

- permissions-20201225-150400.5.16.1 updated

- pam-1.3.0-150000.6.61.1 updated

- shadow-4.8.1-150400.10.3.1 updated

- util-linux-2.37.2-150400.8.14.1 updated

- timezone-2023c-150000.75.23.1 updated

- systemd-rpm-macros-12-150000.7.30.1 updated

- systemd-249.16-150400.8.25.7 updated

- udev-249.16-150400.8.25.7 updated

- elemental-cli-0.2.5-150400.1.1 updated

- container:sles15-image-15.0.0-27.14.53 updated

Severity
Container Advisory ID : SUSE-CU-2023:1229-1
Container Tags : rancher/elemental-builder-image/5.3:0.2.5 , rancher/elemental-builder-image/5.3:0.2.5-4.2.2 , rancher/elemental-builder-image/5.3:latest
Container Release : 4.2.2
Severity : important
Type : security

Related News

Important runC Privilege Escalation Flaws Fixed

New Patches Aim To Tackle Linux x86_64 PIE Support

What eBPF Means for Container Threat Detection

Kubernetes Architecture and its Security

News

Advisories

HOWTOs

Features

Is Linux A More Secure Option Than Windows For Businesses?
How Secure Is Linux?
How To Secure Against WordPress Vulnerabilities with Predictive Analysis Detection & Automated Remediation
Best Practices for PHP Security
Why Cloud Linux Is Beneficial for E-Commerce Stores

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy