SUSE-CU-2025:5830-1: Security update of suse/samba-server

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Sat Aug 2 07:16:53 UTC 2025 

SUSE Container Update Advisory: suse/samba-server
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:5830-1
Container Tags        : suse/samba-server:4.21 , suse/samba-server:4.21 , suse/samba-server:4.21-64.1 , suse/samba-server:latest
Container Release     : 64.1
Severity              : important
Type                  : security
References            : 1230959 1231748 1232326 1246232 1246233 1246267 1246299 1246428
                        CVE-2025-32988 CVE-2025-32989 CVE-2025-32990 CVE-2025-6395 
-----------------------------------------------------------------

The container suse/samba-server was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:2595-1
Released:    Fri Aug  1 17:13:59 2025
Summary:     Security update for gnutls
Type:        security
Severity:    important
References:  1246232,1246233,1246267,1246299,CVE-2025-32988,CVE-2025-32989,CVE-2025-32990,CVE-2025-6395
This update for gnutls fixes the following issues:

- CVE-2025-6395: Fix NULL pointer dereference when 2nd Client Hello omits PSK (bsc#1246299)
- CVE-2025-32988: Fix double-free due to incorrect ownership handling in the export logic of SAN entries containing an otherName (bsc#1246232)
- CVE-2025-32989: Fix heap buffer overread when handling the CT SCT extension during X.509 certificate parsing (bsc#1246233)
- CVE-2025-32990: Fix 1-byte heap buffer overflow when parsing templates with certtool (bsc#1246267)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:2599-1
Released:    Fri Aug  1 17:35:01 2025
Summary:     Recommended update for openssl-3
Type:        recommended
Severity:    important
References:  1230959,1231748,1232326,1246428
This update for openssl-3 fixes the following issues:

- FIPS: Fix EMS in crypto-policies FIPS:NO-ENFORCE-EMS (bsc#1230959, bsc#1232326, bsc#1231748, bsc#1246428)


The following package changes have been done:

- libopenssl3-3.2.3-150700.5.15.1 updated
- libgnutls30-3.8.3-150600.4.9.1 updated

More information about the sle-container-updates mailing list