SUSE-CU-2025:6193-1: Security update of bci/spack
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Mon Aug 18 09:14:40 UTC 2025
SUSE Container Update Advisory: bci/spack
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:6193-1
Container Tags : bci/spack:0.23 , bci/spack:0.23.1 , bci/spack:0.23.1-11.43
Container Release : 11.43
Severity : important
Type : security
References : 1246296 CVE-2025-7425
-----------------------------------------------------------------
The container bci/spack was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:2720-1
Released: Thu Aug 7 05:38:44 2025
Summary: Recommended update for crypto-policies
Type: recommended
Severity: moderate
References:
This update for crypto-policies fixes the following issues:
- Update the BSI policy (jsc#PED-12880)
* BSI: switch to 3072 minimum RSA key size
* BSI: Update BSI policy for new 2024 minimum
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:2758-1
Released: Tue Aug 12 12:05:22 2025
Summary: Security update for libxml2
Type: security
Severity: important
References: 1246296,CVE-2025-7425
This update for libxml2 fixes the following issues:
- CVE-2025-7425: Fixed heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr (bsc#1246296)
The following package changes have been done:
- crypto-policies-20230920.570ea89-150600.3.12.1 updated
- libxml2-2-2.10.3-150500.5.32.1 updated
- libgcc_s1-14.3.0+git11799-150000.1.11.1 updated
- libstdc++6-14.3.0+git11799-150000.1.11.1 updated
- container:registry.suse.com-bci-bci-base-15.6-0e61584d4e062db1a7fd6948555ef62a18541b35ec80af43af0239064a91c65d-0 updated
More information about the sle-container-updates
mailing list