SUSE-CU-2025:6127-1: Security update of suse/mariadb

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Wed Aug 13 07:28:47 UTC 2025 

SUSE Container Update Advisory: suse/mariadb
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:6127-1
Container Tags        : suse/mariadb:10.11 , suse/mariadb:10.11.11 , suse/mariadb:10.11.11-70.13
Container Release     : 70.13
Severity              : important
Type                  : security
References            : 1244183 1245573 1246296 CVE-2025-6297 CVE-2025-7425 
-----------------------------------------------------------------

The container suse/mariadb was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:2720-1
Released:    Thu Aug  7 05:38:44 2025
Summary:     Recommended update for crypto-policies
Type:        recommended
Severity:    moderate
References:  
This update for crypto-policies fixes the following issues:

- Update the BSI policy (jsc#PED-12880)
    * BSI: switch to 3072 minimum RSA key size
    * BSI: Update BSI policy for new 2024 minimum

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:2731-1
Released:    Fri Aug  8 06:51:47 2025
Summary:     Recommended update for perl-DBI
Type:        recommended
Severity:    moderate
References:  1244183
This update for perl-DBI fixes the following issues:

- Dependency submission for the openQA stack (bsc#1244183)
- Updated to 1.647.0 (1.647)
  * Remove 'experimental' tag from statistics_info
  * RT tickets moved to github issues (rwfranks++)
  * Fix install issue

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:2734-1
Released:    Fri Aug  8 10:05:10 2025
Summary:     Security update for dpkg
Type:        security
Severity:    moderate
References:  1245573,CVE-2025-6297
This update for dpkg fixes the following issues:

- CVE-2025-6297: Fixed an improper sanitization of directory permissions that could lead to DoS. (bsc#1245573)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:2758-1
Released:    Tue Aug 12 12:05:22 2025
Summary:     Security update for libxml2
Type:        security
Severity:    important
References:  1246296,CVE-2025-7425
This update for libxml2 fixes the following issues:

- CVE-2025-7425: Fixed heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr (bsc#1246296)


The following package changes have been done:

- crypto-policies-20230920.570ea89-150600.3.12.1 updated
- update-alternatives-1.19.0.4-150000.4.7.1 updated
- libxml2-2-2.10.3-150500.5.32.1 updated
- perl-DBI-1.647.0-150600.12.6.1 updated
- container:suse-sle15-15.6-005770759dcf00d155a6a603323da3e031fdf5f080aa25f945a31477a5127659-0 updated

More information about the sle-container-updates mailing list