SUSE-CU-2025:6334-1: Security update of suse/hpc/warewulf4-x86_64/sle-hpc-node

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Wed Aug 20 07:27:55 UTC 2025 

SUSE Container Update Advisory: suse/hpc/warewulf4-x86_64/sle-hpc-node
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:6334-1
Container Tags        : suse/hpc/warewulf4-x86_64/sle-hpc-node:15.6 , suse/hpc/warewulf4-x86_64/sle-hpc-node:15.6.17.8.98 , suse/hpc/warewulf4-x86_64/sle-hpc-node:latest
Container Release     : 17.8.98
Severity              : important
Type                  : security
References            : 1218459 1244116 1245220 1245985 1246038 1246149 1246466 1247054
                        1247690 CVE-2025-48060 
-----------------------------------------------------------------

The container suse/hpc/warewulf4-x86_64/sle-hpc-node was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:2915-1
Released:    Tue Aug 19 14:56:35 2025
Summary:     Security update for jq
Type:        security
Severity:    moderate
References:  1244116,CVE-2025-48060
This update for jq fixes the following issues:

- CVE-2025-48060: Fixed stack-buffer-overflow in jq_fuzz_execute (bsc#1244116)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:2921-1
Released:    Tue Aug 19 16:54:12 2025
Summary:     Recommended update for libzypp, zypper
Type:        recommended
Severity:    important
References:  1218459,1245220,1245985,1246038,1246149,1246466,1247054,1247690
This update for libzypp, zypper fixes the following issues:

- Fix evaluation of libproxy results (bsc#1247690)
- Replace URL variables inside mirrorlist/metalink files
- Append RepoInfo::path() to the mirror URLs in Preloader (bsc#1247054)
- During installation indicate the backend being used (bsc#1246038)
  If some package actually needs to know, it should test for
  ZYPP_CLASSIC_RPMTRANS being set in the environment.
  Otherwise the transaction is driven by librpm.
- Workaround 'rpm -vv' leaving scriptlets /var/tmp (bsc#1218459)
- Verbose log libproxy results if PX_DEBUG=1 is set.
- BuildRequires:  cmake >= 3.17.
- Allow explicit request to probe an added repo's URL (bsc#1246466)
- Fix tests with -DISABLE_MEDIABACKEND_TESTS=1 
- Add runtime check for a broken rpm-4.18.0 --runpostrans (bsc#1246149)
- Add regression test for (bsc#1245220) and some other filesize related tests.
- Fix addrepo to handle explicit --check and --no-check requests (bsc#1246466)
- Accept 'show' as alias for 'info' (bsc#1245985)


The following package changes have been done:

- jq-1.6-150000.3.9.1 updated
- libjq1-1.6-150000.3.9.1 updated
- libzypp-17.37.16-150600.3.79.1 updated
- zypper-1.14.93-150600.10.49.2 updated

More information about the sle-container-updates mailing list