SUSE-CU-2025:5799-1: Security update of suse/samba-client

Fri Aug 1 07:18:17 UTC 2025

SUSE Container Update Advisory: suse/samba-client
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:5799-1
Container Tags        : suse/samba-client:4.21 , suse/samba-client:4.21 , suse/samba-client:4.21-63.1 , suse/samba-client:latest
Container Release     : 63.1
Severity              : moderate
Type                  : security
References            : 1244270 1244272 1244273 1244279 1244336 CVE-2025-5914 CVE-2025-5915
                        CVE-2025-5916 CVE-2025-5917 CVE-2025-5918 
-----------------------------------------------------------------

The container suse/samba-client was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:2566-1
Released:    Thu Jul 31 09:18:44 2025
Summary:     Security update for libarchive
Type:        security
Severity:    moderate
References:  1244270,1244272,1244273,1244279,1244336,CVE-2025-5914,CVE-2025-5915,CVE-2025-5916,CVE-2025-5917,CVE-2025-5918
This update for libarchive fixes the following issues:

- CVE-2025-5914: Fixed double free due to an integer overflow in the archive_read_format_rar_seek_data() function (bsc#1244272)
- CVE-2025-5915: Fixed heap buffer over read in copy_from_lzss_window() at archive_read_support_format_rar.c (bsc#1244273)
- CVE-2025-5916: Fixed integer overflow while reading warc files at archive_read_support_format_warc.c (bsc#1244270)
- CVE-2025-5917: Fixed off by one error in build_ustar_entry_name() at archive_write_set_format_pax.c (bsc#1244336)
- CVE-2025-5918: Fixed reading past EOF may be triggered for piped file streams (bsc#1244279)

The following package changes have been done:

- libarchive13-3.7.2-150600.3.17.1 updated
- container:suse-sle15-15.7-4232c2790095361d6776af20382c431e7222f9956d773c3790d57cf7e94a7911-0 updated