SUSE-IU-2025:836-1: Security update of suse/sl-micro/6.0/kvm-os-container
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Thu Apr 3 07:04:48 UTC 2025
SUSE Image Update Advisory: suse/sl-micro/6.0/kvm-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2025:836-1
Image Tags : suse/sl-micro/6.0/kvm-os-container:2.1.3 , suse/sl-micro/6.0/kvm-os-container:2.1.3-6.5 , suse/sl-micro/6.0/kvm-os-container:latest
Image Release : 6.5
Severity : moderate
Type : security
References : 1222834 1224113 1231472 1233289 1233322 1236619 1237498 CVE-2025-24528
-----------------------------------------------------------------
The container suse/sl-micro/6.0/kvm-os-container was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: 244
Released: Fri Mar 14 12:51:07 2025
Summary: Recommended update for findutils
Type: recommended
Severity: moderate
References: 1231472
This update for findutils fixes the following issues:
- do not crash when file system loop was encountered (bsc#1231472)
- added patches
- modified patches
-----------------------------------------------------------------
Advisory ID: 245
Released: Fri Mar 14 12:55:02 2025
Summary: Recommended update for elemental-toolkit
Type: recommended
Severity: moderate
References: 1233289,1233322
This update for elemental-toolkit fixes the following issues:
- Bump yip to v1.9.6 (bsc#1233322)
- Make lint happy
- Fixes squashfs images creation (bsc#1233289)
-----------------------------------------------------------------
Advisory ID: 251
Released: Wed Mar 19 11:42:10 2025
Summary: Security update for krb5
Type: security
Severity: moderate
References: 1236619,CVE-2025-24528
This update for krb5 fixes the following issues:
- CVE-2025-24528: Prevent overflow when calculating ulog block size.
An authenticated attacker can cause kadmind to write beyond the end
of the mapped region for the iprop log file, likely causing a process
crash (bsc#1236619).
-----------------------------------------------------------------
Advisory ID: 262
Released: Mon Mar 31 08:37:17 2025
Summary: Recommended update for elemental-operator
Type: recommended
Severity: moderate
References: 1237498
This update for elemental-operator fixes the following issues:
- Update to version 1.6.7:
* Bump default operator channel to Micro 6.1 images
* [v1.6.x][BACKPORT] seedimage: clean-up service on image download deadline (bsc#1237498)
* No need to install yq neither to create a GH release
-----------------------------------------------------------------
Advisory ID: 269
Released: Wed Apr 2 16:29:28 2025
Summary: Recommended update for mozilla-nss
Type: recommended
Severity: moderate
References: 1222834,1224113
This update for mozilla-nss fixes the following issues:
- FIPS: Do not pass in bad targetKeyLength parameters when checking for
FIPS approval after keygen. This was causing false rejections.
- FIPS: Approve RSA signature verification mechanisms with PKCS padding and
legacy moduli (bsc#1222834).
- FIPS: enforce approved curves with the CKK_EC_MONTGOMERY key type (bsc#1224113).
The following package changes have been done:
- findutils-4.9.0-4.1 updated
- SL-Micro-release-6.0-25.12 updated
- libfreebl3-3.101.2-2.1 updated
- krb5-1.20.1-6.1 updated
- mozilla-nss-certs-3.101.2-2.1 updated
- mozilla-nss-3.101.2-2.1 updated
- libsoftokn3-3.101.2-2.1 updated
- elemental-register-1.6.7-1.1 updated
- elemental-support-1.6.7-1.1 updated
- elemental-toolkit-2.1.2-1.1 updated
- container:SL-Micro-base-container-2.1.3-6.5 updated
More information about the sle-container-updates
mailing list