SUSE-CU-2025:8853-1: Security update of suse/sle15

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Thu Dec 11 08:40:06 UTC 2025 

SUSE Container Update Advisory: suse/sle15
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:8853-1
Container Tags        : bci/bci-base:15.6 , bci/bci-base:15.6.47.26.15 , suse/sle15:15.6 , suse/sle15:15.6.47.26.15
Container Release     : 47.26.15
Severity              : important
Type                  : security
References            : 1231055 1249055 1252425 1253757 CVE-2025-11563 CVE-2025-7039
-----------------------------------------------------------------

The container suse/sle15 was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4236-1
Released:    Tue Nov 25 17:02:19 2025
Summary:     Security update for curl
Type:        security
Severity:    moderate
References:  1253757,CVE-2025-11563
This update for curl fixes the following issues:

- CVE-2025-11563: Fixed wcurl path traversal with percent-encoded slashes (bsc#1253757)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:4293-1
Released:    Fri Nov 28 10:10:49 2025
Summary:     Recommended update for gpgme
Type:        recommended
Severity:    important
References:  1231055,1252425
This update for gpgme fixes the following issues:

- Treat empty DISPLAY variable as unset (bsc#1252425, bsc#1231055)
    * To avoid gpgme constructing an invalid gpg command line when
      the DISPLAY variable is empty it can be treated as unset.
    * Reported upstream: dev.gnupg.org/T7919

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4308-1
Released:    Fri Nov 28 16:38:46 2025
Summary:     Security update for glib2
Type:        security
Severity:    moderate
References:  1249055,CVE-2025-7039
This update for glib2 fixes the following issues:

- CVE-2025-7039: Fixed buffer under-read on glib through glib/gfileutils.c via get_tmp_file() (bsc#1249055)


The following package changes have been done:

- curl-8.14.1-150600.4.31.1 updated
- libcurl4-8.14.1-150600.4.31.1 updated
- libglib-2_0-0-2.78.6-150600.4.22.1 updated
- libgpgme11-1.23.0-150600.3.5.1 updated

More information about the sle-container-updates mailing list