{"affected":[{"ecosystem_specific":{"binaries":[{"skopeo":"1.14.4-1.1"}]},"package":{"ecosystem":"SUSE:Linux Micro 6.0","name":"skopeo","purl":"pkg:rpm/suse/skopeo&distro=SUSE%20Linux%20Micro%206.0"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.14.4-1.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for skopeo fixes the following issues:\n\n- Update to version 1.14.4:\n  * CVE-2024-3727: digest type does not guarantee valid type (bsc#1224123)\n  * Packit: update packit targets\n  * Bump gopkg.in/go-jose to v2.6.3\n  * Bump ocicrypt and go-jose CVE-2024-28180\n  * Freeze the fedora-minimal image reference at Fedora 38\n  * Bump c/common to v0.57.4\n  * Bump google.golang.org/protobuf to v1.33.0\n  * Bump Skopeo to v1.14.3-dev\n\n- Update to version 1.14.2:\n  * Bump c/image to v5.29.2, c/common to v0.57.3 (fixes bsc#1219563)\n\n- Update to version 1.14.1:\n  * fix(deps): update module github.com/containers/common to v0.57.2\n  * fix(deps): update module github.com/containers/image/v5 to v5.29.1\n  * chore(deps): update dependency containers/automation_images to v20240102\n  * Fix libsubid detection\n  * fix(deps): update module golang.org/x/term to v0.16.0\n  * fix(deps): update golang.org/x/exp digest to 02704c9\n  * chore(deps): update dependency containers/automation_images to v20231208\n  * [skip-ci] Update actions/stale action to v9\n  * fix(deps): update module github.com/containers/common to v0.57.1\n  * fix(deps): update golang.org/x/exp digest to 6522937\n  * fix(deps): update module golang.org/x/term to v0.15.0\n","id":"SUSE-SU-2025:20019-1","modified":"2025-02-03T08:48:38Z","published":"2025-02-03T08:48:38Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2025/suse-su-202520019-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1219563"},{"type":"REPORT","url":"https://bugzilla.suse.com/1224123"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-28180"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-3727"}],"related":["CVE-2024-28180","CVE-2024-3727"],"summary":"Security update for skopeo","upstream":["CVE-2024-28180","CVE-2024-3727"]}