SUSE-IU-2025:3891-1: Security update of sles-15-sp6-chost-byos-v20251211-arm64
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Sat Dec 13 08:03:41 UTC 2025
SUSE Image Update Advisory: sles-15-sp6-chost-byos-v20251211-arm64
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2025:3891-1
Image Tags : sles-15-sp6-chost-byos-v20251211-arm64:20251211
Image Release :
Severity : critical
Type : security
References : 1001888 1006827 1012628 1027519 1029961 1098094 1098228 1170554
1192862 1206798 1214954 1215143 1215199 1216396 1220419 1224138
1224386 1229750 1231055 1232526 1233529 1236743 1236744 1237236
1237240 1237241 1237242 1238491 1239206 1239566 1239938 1240788
1241132 1241219 1243381 1243794 1243991 1244050 1244939 1245190
1245199 1245953 1246544 1246914 1247498 1248211 1248230 1248501
1248517 1248630 1248754 1248807 1248816 1248886 1249055 1249161
1249182 1249224 1249286 1249302 1249317 1249319 1249320 1249512
1249595 1249608 1250032 1250119 1250202 1250205 1250237 1250274
1250296 1250379 1250400 1250455 1250491 1250519 1250593 1250650
1250702 1250704 1250721 1250742 1250754 1250946 1251024 1251027
1251028 1251031 1251035 1251038 1251043 1251045 1251052 1251053
1251054 1251056 1251057 1251059 1251060 1251065 1251066 1251067
1251068 1251071 1251076 1251079 1251081 1251083 1251084 1251100
1251105 1251106 1251108 1251113 1251114 1251119 1251123 1251126
1251132 1251134 1251143 1251146 1251150 1251152 1251153 1251159
1251161 1251170 1251177 1251180 1251198 1251199 1251206 1251215
1251216 1251222 1251230 1251232 1251233 1251247 1251268 1251269
1251270 1251271 1251282 1251283 1251286 1251290 1251305 1251319
1251321 1251323 1251328 1251529 1251721 1251732 1251742 1251743
1251746 1251748 1251749 1251750 1251754 1251755 1251756 1251758
1251759 1251760 1251762 1251763 1251764 1251769 1251771 1251772
1251777 1251780 1251804 1251810 1251930 1251967 1252033 1252035
1252039 1252044 1252047 1252051 1252052 1252056 1252060 1252062
1252064 1252065 1252069 1252070 1252072 1252074 1252075 1252078
1252079 1252082 1252083 1252110 1252148 1252160 1252232 1252232
1252236 1252265 1252269 1252269 1252332 1252336 1252346 1252348
1252349 1252364 1252378 1252379 1252380 1252425 1252479 1252481
1252489 1252490 1252492 1252495 1252496 1252499 1252534 1252536
1252537 1252550 1252553 1252559 1252561 1252564 1252565 1252566
1252632 1252668 1252678 1252679 1252685 1252688 1252772 1252774
1252775 1252785 1252787 1252789 1252797 1252822 1252826 1252841
1252848 1252849 1252850 1252851 1252854 1252858 1252865 1252866
1252873 1252902 1252904 1252909 1252918 1252930 1252931 1252932
1252933 1252934 1252935 1252939 1252974 1253043 1253126 1253132
1253741 1253757 1254132 1254362 529469 837347 CVE-2023-53538
CVE-2023-53539 CVE-2023-53540 CVE-2023-53541 CVE-2023-53543 CVE-2023-53545
CVE-2023-53546 CVE-2023-53548 CVE-2023-53550 CVE-2023-53552 CVE-2023-53553
CVE-2023-53554 CVE-2023-53555 CVE-2023-53556 CVE-2023-53557 CVE-2023-53558
CVE-2023-53559 CVE-2023-53560 CVE-2023-53563 CVE-2023-53568 CVE-2023-53570
CVE-2023-53572 CVE-2023-53574 CVE-2023-53575 CVE-2023-53577 CVE-2023-53579
CVE-2023-53580 CVE-2023-53581 CVE-2023-53583 CVE-2023-53585 CVE-2023-53588
CVE-2023-53593 CVE-2023-53596 CVE-2023-53597 CVE-2023-53599 CVE-2023-53600
CVE-2023-53601 CVE-2023-53602 CVE-2023-53603 CVE-2023-53611 CVE-2023-53613
CVE-2023-53615 CVE-2023-53616 CVE-2023-53617 CVE-2023-53618 CVE-2023-53619
CVE-2023-53621 CVE-2023-53622 CVE-2023-53631 CVE-2023-53632 CVE-2023-53633
CVE-2023-53638 CVE-2023-53645 CVE-2023-53646 CVE-2023-53647 CVE-2023-53648
CVE-2023-53649 CVE-2023-53650 CVE-2023-53652 CVE-2023-53653 CVE-2023-53654
CVE-2023-53656 CVE-2023-53657 CVE-2023-53658 CVE-2023-53659 CVE-2023-53660
CVE-2023-53662 CVE-2023-53663 CVE-2023-53665 CVE-2023-53666 CVE-2023-53668
CVE-2023-53670 CVE-2023-53672 CVE-2023-53673 CVE-2023-53674 CVE-2023-53681
CVE-2023-53686 CVE-2023-53687 CVE-2023-53693 CVE-2023-53697 CVE-2023-53698
CVE-2023-53699 CVE-2023-53703 CVE-2023-53704 CVE-2023-53707 CVE-2023-53708
CVE-2023-53711 CVE-2023-53713 CVE-2023-53718 CVE-2023-53721 CVE-2023-53722
CVE-2023-53725 CVE-2023-53726 CVE-2023-53727 CVE-2023-53728 CVE-2023-53729
CVE-2023-53730 CVE-2023-53731 CVE-2023-53733 CVE-2024-25621 CVE-2025-11563
CVE-2025-1352 CVE-2025-1372 CVE-2025-1376 CVE-2025-1377 CVE-2025-27466
CVE-2025-31133 CVE-2025-31133 CVE-2025-3576 CVE-2025-38008 CVE-2025-38539
CVE-2025-38552 CVE-2025-38653 CVE-2025-38699 CVE-2025-38700 CVE-2025-38718
CVE-2025-39673 CVE-2025-39676 CVE-2025-39683 CVE-2025-39697 CVE-2025-39702
CVE-2025-39756 CVE-2025-39794 CVE-2025-39797 CVE-2025-39812 CVE-2025-39813
CVE-2025-39828 CVE-2025-39841 CVE-2025-39851 CVE-2025-39866 CVE-2025-39876
CVE-2025-39881 CVE-2025-39895 CVE-2025-39902 CVE-2025-39911 CVE-2025-39931
CVE-2025-39934 CVE-2025-39937 CVE-2025-39938 CVE-2025-39945 CVE-2025-39946
CVE-2025-39947 CVE-2025-39948 CVE-2025-39949 CVE-2025-39952 CVE-2025-39955
CVE-2025-39957 CVE-2025-39965 CVE-2025-39967 CVE-2025-39968 CVE-2025-39969
CVE-2025-39970 CVE-2025-39971 CVE-2025-39972 CVE-2025-39973 CVE-2025-39978
CVE-2025-39981 CVE-2025-39982 CVE-2025-39985 CVE-2025-39986 CVE-2025-39987
CVE-2025-39988 CVE-2025-39991 CVE-2025-39993 CVE-2025-39994 CVE-2025-39995
CVE-2025-39996 CVE-2025-39997 CVE-2025-40000 CVE-2025-40005 CVE-2025-40010
CVE-2025-40011 CVE-2025-40013 CVE-2025-40016 CVE-2025-40018 CVE-2025-40019
CVE-2025-40020 CVE-2025-40029 CVE-2025-40032 CVE-2025-40035 CVE-2025-40036
CVE-2025-40043 CVE-2025-40044 CVE-2025-40049 CVE-2025-40051 CVE-2025-40052
CVE-2025-40056 CVE-2025-40058 CVE-2025-40060 CVE-2025-40061 CVE-2025-40062
CVE-2025-40071 CVE-2025-40078 CVE-2025-40080 CVE-2025-40082 CVE-2025-40085
CVE-2025-40087 CVE-2025-40088 CVE-2025-40096 CVE-2025-40100 CVE-2025-40778
CVE-2025-40780 CVE-2025-52565 CVE-2025-52565 CVE-2025-52881 CVE-2025-52881
CVE-2025-54770 CVE-2025-54771 CVE-2025-58142 CVE-2025-58143 CVE-2025-58147
CVE-2025-58148 CVE-2025-6075 CVE-2025-61661 CVE-2025-61662 CVE-2025-61663
CVE-2025-61664 CVE-2025-61984 CVE-2025-61985 CVE-2025-64329 CVE-2025-7039
CVE-2025-8291 CVE-2025-8677 CVE-2025-9820
-----------------------------------------------------------------
The container sles-15-sp6-chost-byos-v20251211-arm64 was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:3699-1
Released: Tue Oct 21 12:07:47 2025
Summary: Security update for krb5
Type: security
Severity: moderate
References: 1241219,CVE-2025-3576
This update for krb5 fixes the following issues:
- CVE-2025-3576: weakness in the MD5 checksum design allows for spoofing of GSSAPI-protected messages that are using
RC4-HMAC-MD5 (bsc#1241219).
Krb5 as very old protocol supported quite a number of ciphers
that are not longer up to current cryptographic standards.
To avoid problems with those, SUSE has by default now disabled
those alorithms.
The following algorithms have been removed from valid krb5 enctypes:
- des3-cbc-sha1
- arcfour-hmac-md5
To reenable those algorithms, you can use allow options in krb5.conf:
[libdefaults]
allow_des3 = true
allow_rc4 = true
to reenable them.
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:3794-1
Released: Fri Oct 24 17:36:29 2025
Summary: Security update for chrony
Type: security
Severity: moderate
References: 1246544
This update for chrony fixes the following issues:
- Race condition during socket creation by chronyc allows privilege escalation from user chrony to root (bsc#1246544).
This update also ships chrony-pool-empty to SLE Micro 5.x (jsc#SMO-587)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:3798-1
Released: Mon Oct 27 08:58:14 2025
Summary: Security update for xen
Type: security
Severity: important
References: 1027519,1248807,1251271,CVE-2025-27466,CVE-2025-58142,CVE-2025-58143,CVE-2025-58147,CVE-2025-58148
This update for xen fixes the following issues:
- CVE-2025-58147, CVE-2025-58148: Fixed incorrect input sanitisation in Viridian hypercalls (bsc#1251271, XSA-475)
- CVE-2025-27466, CVE-2025-58142, CVE-2025-58143: Fixed mutiple vulnerabilities in the Viridian interface (bsc#1248807, XSA-472)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:3836-1
Released: Tue Oct 28 11:38:00 2025
Summary: Recommended update for bash
Type: recommended
Severity: important
References: 1245199
This update for bash fixes the following issues:
- Fix histfile missing timestamp for the oldest record (bsc#1245199)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:3847-1
Released: Wed Oct 29 06:05:59 2025
Summary: Recommended update for python-kiwi
Type: recommended
Severity: critical
References: 1243381,1245190,1250754
This update for python-kiwi, appx-util, python-docopt, python-xmltodict, libsolv fixes the following issues:
python-kiwi:
- Switch to Python 3.11 based python-kiwi (jsc#PED-13168)
- Fixed system booting to Emergency Mode on first reboot using qcow2 (bsc#1250754)
- Fixed get_partition_node_name (bsc#1245190)
- Added new eficsm type attribute (bsc#1243381)
- Included support for older schemas
- New binary packages:
* kiwi-bash-completion
* kiwi-systemdeps-containers-wsl
appx-util:
- Implementation as dependency required by kiwi-systemdeps-containers-wsl
python-docopt, python-xmltodict, libsolv:
- Implementation of Python 3.11 flavours required by python311-kiwi (no source changes)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:3851-1
Released: Wed Oct 29 15:04:32 2025
Summary: Recommended update for vim
Type: recommended
Severity: moderate
References: 1229750,1250593
This update for vim fixes the following issues:
- Fix regression in vim: xxd -a shows no output (bsc#1250593).
Backported from 9.1.1683 (xxd: Avoid null dereference in autoskip colorless).
- Fix vim compatible mode is not switched off earlier (bsc#1229750).
Nocompatible must be set before the syntax highlighting is turned on.
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:3854-1
Released: Wed Oct 29 15:10:39 2025
Summary: Recommended update for cifs-utils
Type: recommended
Severity: moderate
References: 1248816
This update for cifs-utils fixes the following issues:
- Fix: cifs.upcall program in the cifs-utils package fails to use a valid service ticket
from the credential cache if the TGT is expired or not exist (bsc#1248816)
* cifs-utils: Skip TGT check if there is a valid service ticket
* cifs-utils: avoid using mktemp when updating mtab
* cifs-utils: add documentation for upcall_target
* setcifsacl: fix memory allocation for struct cifs_ace
* cifs.upcall: fix UAF in get_cachename_from_process_en
* cifs.upcall: fix memory leaks in check_service_ticket
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:3877-1
Released: Fri Oct 31 05:29:41 2025
Summary: Recommended update for libselinux
Type: recommended
Severity: important
References: 1252160
This update for libselinux fixes the following issues:
- Ship license file (bsc#1252160)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:3930-1
Released: Tue Nov 4 09:26:22 2025
Summary: Recommended update for gcc15
Type: recommended
Severity: moderate
References: 1232526,1238491,1239566,1239938,1240788,1243794,1243991,1244050
This update for gcc15 fixes the following issues:
This update ships the GNU Compiler Collection GCC 15.2. (jsc#PED-12029)
The compiler runtime libraries are provided for all SUSE Linux Enterprise 15
versions and replace the same named GCC 14 ones.
The new compilers for C, C++, and Fortran are provided for SUSE Linux
Enterprise 15 SP6 and SP7, and provided in the 'Development Tools' module.
The Go, D, Ada and Modula 2 language compiler parts are available
unsupported via the PackageHub repositories.
To use gcc15 compilers use:
- install 'gcc15' or 'gcc15-c++' or one of the other 'gcc15-COMPILER' frontend packages.
- override your Makefile to use CC=gcc15, CXX=g++15 and similar overrides for the other languages.
For a full changelog with all new GCC15 features, check out
https://gcc.gnu.org/gcc-15/changes.html
Update to GCC 15.2 release:
* the GCC 15.2 release contains regression fixes accumulated since
the GCC 15.1 release
- Prune the use of update-alternatives from openSUSE Factory and
SLFO.
- Adjust crosses to conflict consistently where they did not
already and make them use unsuffixed binaries.
- Tune for power10 for SLES 16. [jsc#PED-12029]
- Tune for z15 for SLES 16. [jsc#PED-253]
- Fix PR120827, ICE due to splitter emitting constant loads directly
- Exclude shared objects present for link editing in the GCC specific
subdirectory from provides processing via __provides_exclude_from.
[bsc#1244050][bsc#1243991]
- Make cross-*-gcc15-bootstrap package conflict with the non-bootstrap
variant conflict with the unversioned cross-*-gcc package.
- Enable C++ for offload compilers. [bsc#1243794]
- Add libgcobol and libquadmath-devel dependence to the cobol frontend
package.
Update to GCC 15 branch head, 15.1.1+git9595
* includes GCC 15.1 release
- Enable gfx9-generic, gfx10-3-generic and gfx11-generic multilibs
for the AMD GCN offload compiler when llvm is new enough.
- Make sure link editing is done against our own shared library
copy rather than the installed system runtime. [bsc#1240788]
- Fix newlib libm miscompilation for GCN offloading.
Update to GCC trunk head, 15.0.1+git9001
* includes -msplit-patch-nops required for user-space livepatching
on powerpc
* includes fix for Ada build with --enable-host-pie
- Build GCC executables PIE on SLE. [bsc#1239938]
- Includes change to also record -D_FORTIFY_SOURCE=2 in the DWARF
debug info DW_AT_producer string. [bsc#1239566]
- Package GCC COBOL compiler for openSUSE Factory for supported
targets which are x86_64, aarch64 and ppc64le.
- Disable profiling during build when %want_reproducible_builds is set
[bsc#1238491]
- Includes fix for emacs JIT use
- Bumps libgo SONAME to libgo24 which should fix go1.9 build
- Adjust cross compiler requirements to use %requires_ge
- For cross compilers require the same or newer binutils, newlib
or cross-glibc that was used at build time. [bsc#1232526]
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:3934-1
Released: Tue Nov 4 12:23:11 2025
Summary: Recommended update for cyrus-sasl
Type: recommended
Severity: moderate
References: 1247498
This update for cyrus-sasl fixes the following issue:
- Replace insecure MD5 with ephemeral HMAC-SHA256 (bsc#1247498).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:3950-1
Released: Wed Nov 5 11:22:31 2025
Summary: Security update for runc
Type: security
Severity: important
References: 1252232,CVE-2025-31133,CVE-2025-52565,CVE-2025-52881
This update for runc fixes the following issues:
- CVE-2025-31133: Fixed container escape via 'masked path' abuse due to mount race conditions (bsc#1252232).
- CVE-2025-52565: Fixed container escape with malicious config due to /dev/console mount and related races (bsc#1252232).
- CVE-2025-52881: Fixed container escape and denial of service due to arbitrary write gadgets and procfs write redirects (bsc#1252232).
Update to runc v1.2.7.
- Upstream changelog is available from <https://github.com/opencontainers/runc/releases/tag/v1.2.7>
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:3969-1
Released: Thu Nov 6 12:08:20 2025
Summary: Recommended update for SLES-release
Type: recommended
Severity: low
References:
This update for SLES-release provides the following fix:
- Adjust the EOL date for the product.
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4067-1
Released: Wed Nov 12 09:03:26 2025
Summary: Security update for openssh
Type: security
Severity: moderate
References: 1251198,1251199,CVE-2025-61984,CVE-2025-61985
This update for openssh fixes the following issues:
- CVE-2025-61984: Fixed code execution via control characters in usernames when a ProxyCommand is used (bsc#1251198)
- CVE-2025-61985: Fixed code execution via '\0' character in ssh:// URI when a ProxyCommand is used (bsc#1251199)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4073-1
Released: Wed Nov 12 11:34:27 2025
Summary: Security update for runc
Type: security
Severity: important
References: 1252110,1252232,CVE-2025-31133,CVE-2025-52565,CVE-2025-52881
This update for runc fixes the following issues:
Update to runc v1.3.3. Upstream changelog is available from
<https://github.com/opencontainers/runc/releases/tag/v1.3.3>. bsc#1252232
* CVE-2025-31133
* CVE-2025-52565
* CVE-2025-52881
Update to runc v1.3.2. Upstream changelog is available from
<https://github.com/opencontainers/runc/releases/tag/v1.3.2> bsc#1252110
- Includes an important fix for the CPUSet translation for cgroupv2.
Update to runc v1.3.1. Upstream changelog is available from
<https://github.com/opencontainers/runc/releases/tag/v1.3.1>
Update to runc v1.3.0. Upstream changelog is available from
<https://github.com/opencontainers/runc/releases/tag/v1.3.0>
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4110-1
Released: Fri Nov 14 16:56:18 2025
Summary: Security update for bind
Type: security
Severity: important
References: 1252378,1252379,1252380,CVE-2025-40778,CVE-2025-40780,CVE-2025-8677
This update for bind fixes the following issues:
- CVE-2025-8677: DNSSEC validation fails if matching but invalid DNSKEY is found (bsc#1252378).
- CVE-2025-40778: Address various spoofing attacks (bsc#1252379).
- CVE-2025-40780: Cache-poisoning due to weak pseudo-random number generator (bsc#1252380).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:4118-1
Released: Mon Nov 17 09:06:55 2025
Summary: Recommended update for freetype2
Type: recommended
Severity: important
References: 1252148
This update for freetype2 fixes the following issues:
- Fix the %licence tag (bsc#1252148)
* package FTL.TXT and GPLv2.TXT as %license
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:4120-1
Released: Mon Nov 17 10:45:27 2025
Summary: Recommended update for SLES-release, sle-module-python3-release
Type: recommended
Severity: moderate
References:
This update for SLES-release, sle-module-python3-release fixes the following issue:
- SLES-release: Clear codestream EOL info for better readability.
- sle-module-python3-release: Clear EOL as this follow the product EOL.
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:4138-1
Released: Wed Nov 19 11:15:12 2025
Summary: Recommended update for systemd
Type: recommended
Severity: moderate
References: 1224386,1248501
This update for systemd fixes the following issues:
- systemd.spec: use %sysusers_generate_pre so that some systemd users are
already available in %pre. This is important because D-Bus automatically
reloads its configuration whenever new configuration files are installed,
i.e. between %pre and %post. (bsc#1248501)
No needs for systemd and udev packages as they are always installed during
the initial installation.
- Split systemd-network into two new sub-packages: systemd-networkd and
systemd-resolved (bsc#1224386 jsc#PED-12669)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4140-1
Released: Wed Nov 19 14:15:25 2025
Summary: Security update for the Linux Kernel
Type: security
Severity: important
References: 1012628,1214954,1215143,1215199,1216396,1220419,1236743,1239206,1244939,1248211,1248230,1248517,1248630,1248754,1248886,1249161,1249182,1249224,1249286,1249302,1249317,1249319,1249320,1249512,1249595,1249608,1250032,1250119,1250202,1250205,1250237,1250274,1250296,1250379,1250400,1250455,1250491,1250519,1250650,1250702,1250704,1250721,1250742,1250946,1251024,1251027,1251028,1251031,1251035,1251038,1251043,1251045,1251052,1251053,1251054,1251056,1251057,1251059,1251060,1251065,1251066,1251067,1251068,1251071,1251076,1251079,1251081,1251083,1251084,1251100,1251105,1251106,1251108,1251113,1251114,1251119,1251123,1251126,1251132,1251134,1251143,1251146,1251150,1251152,1251153,1251159,1251161,1251170,1251177,1251180,1251206,1251215,1251216,1251222,1251230,1251232,1251233,1251247,1251268,1251269,1251270,1251282,1251283,1251286,1251290,1251319,1251321,1251323,1251328,1251529,1251721,1251732,1251742,1251743,1251746,1251748,1251749,1251750,1251754,1251755,1251756,1251758,1251759,1
251760,1251762,1251763,1251764,1251769,1251771,1251772,1251777,1251780,1251804,1251810,1251930,1251967,1252033,1252035,1252039,1252044,1252047,1252051,1252052,1252056,1252060,1252062,1252064,1252065,1252069,1252070,1252072,1252074,1252075,1252078,1252079,1252082,1252083,1252236,1252265,1252269,1252332,1252336,1252346,1252348,1252349,1252364,1252479,1252481,1252489,1252490,1252492,1252495,1252496,1252499,1252534,1252536,1252537,1252550,1252553,1252559,1252561,1252564,1252565,1252566,1252632,1252668,1252678,1252679,1252685,1252688,1252772,1252774,1252775,1252785,1252787,1252789,1252797,1252822,1252826,1252841,1252848,1252849,1252850,1252851,1252854,1252858,1252865,1252866,1252873,1252902,1252904,1252909,1252918,1252939,CVE-2023-53538,CVE-2023-53539,CVE-2023-53540,CVE-2023-53541,CVE-2023-53543,CVE-2023-53545,CVE-2023-53546,CVE-2023-53548,CVE-2023-53550,CVE-2023-53552,CVE-2023-53553,CVE-2023-53554,CVE-2023-53555,CVE-2023-53556,CVE-2023-53557,CVE-2023-53558,CVE-2023-53559,CVE-2023-53560,
CVE-2023-53563,CVE-2023-53568,CVE-2023-53570,CVE-2023-53572,CVE-2023-53574,CVE-2023-53575,CVE-2023-53577,CVE-2023-53579,CVE-2023-53580,CVE-2023-53581,CVE-2023-53583,CVE-2023-53585,CVE-2023-53588,CVE-2023-53593,CVE-2023-53596,CVE-2023-53597,CVE-2023-53599,CVE-2023-53600,CVE-2023-53601,CVE-2023-53602,CVE-2023-53603,CVE-2023-53611,CVE-2023-53613,CVE-2023-53615,CVE-2023-53616,CVE-2023-53617,CVE-2023-53618,CVE-2023-53619,CVE-2023-53621,CVE-2023-53622,CVE-2023-53631,CVE-2023-53632,CVE-2023-53633,CVE-2023-53638,CVE-2023-53645,CVE-2023-53646,CVE-2023-53647,CVE-2023-53648,CVE-2023-53649,CVE-2023-53650,CVE-2023-53652,CVE-2023-53653,CVE-2023-53654,CVE-2023-53656,CVE-2023-53657,CVE-2023-53658,CVE-2023-53659,CVE-2023-53660,CVE-2023-53662,CVE-2023-53663,CVE-2023-53665,CVE-2023-53666,CVE-2023-53668,CVE-2023-53670,CVE-2023-53672,CVE-2023-53673,CVE-2023-53674,CVE-2023-53681,CVE-2023-53686,CVE-2023-53687,CVE-2023-53693,CVE-2023-53697,CVE-2023-53698,CVE-2023-53699,CVE-2023-53703,CVE-2023-53704,CVE-202
3-53707,CVE-2023-53708,CVE-2023-53711,CVE-2023-53713,CVE-2023-53718,CVE-2023-53721,CVE-2023-53722,CVE-2023-53725,CVE-2023-53726,CVE-2023-53727,CVE-2023-53728,CVE-2023-53729,CVE-2023-53730,CVE-2023-53731,CVE-2023-53733,CVE-2025-38008,CVE-2025-38539,CVE-2025-38552,CVE-2025-38653,CVE-2025-38699,CVE-2025-38700,CVE-2025-38718,CVE-2025-39673,CVE-2025-39676,CVE-2025-39683,CVE-2025-39697,CVE-2025-39702,CVE-2025-39756,CVE-2025-39794,CVE-2025-39797,CVE-2025-39812,CVE-2025-39813,CVE-2025-39828,CVE-2025-39841,CVE-2025-39851,CVE-2025-39866,CVE-2025-39876,CVE-2025-39881,CVE-2025-39895,CVE-2025-39902,CVE-2025-39911,CVE-2025-39931,CVE-2025-39934,CVE-2025-39937,CVE-2025-39938,CVE-2025-39945,CVE-2025-39946,CVE-2025-39947,CVE-2025-39948,CVE-2025-39949,CVE-2025-39952,CVE-2025-39955,CVE-2025-39957,CVE-2025-39965,CVE-2025-39967,CVE-2025-39968,CVE-2025-39969,CVE-2025-39970,CVE-2025-39971,CVE-2025-39972,CVE-2025-39973,CVE-2025-39978,CVE-2025-39981,CVE-2025-39982,CVE-2025-39985,CVE-2025-39986,CVE-2025-39987
,CVE-2025-39988,CVE-2025-39991,CVE-2025-39993,CVE-2025-39994,CVE-2025-39995,CVE-2025-39996,CVE-2025-39997,CVE-2025-40000,CVE-2025-40005,CVE-2025-40010,CVE-2025-40011,CVE-2025-40013,CVE-2025-40016,CVE-2025-40018,CVE-2025-40019,CVE-2025-40020,CVE-2025-40029,CVE-2025-40032,CVE-2025-40035,CVE-2025-40036,CVE-2025-40043,CVE-2025-40044,CVE-2025-40049,CVE-2025-40051,CVE-2025-40052,CVE-2025-40056,CVE-2025-40058,CVE-2025-40060,CVE-2025-40061,CVE-2025-40062,CVE-2025-40071,CVE-2025-40078,CVE-2025-40080,CVE-2025-40082,CVE-2025-40085,CVE-2025-40087,CVE-2025-40088,CVE-2025-40096,CVE-2025-40100
The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues
The following security issues were fixed:
- CVE-2025-38008: mm/page_alloc: fix race condition in unaccepted memory handling (bsc#1244939).
- CVE-2025-38539: trace/fgraph: Fix the warning caused by missing unregister notifier (bsc#1248211).
- CVE-2025-38552: mptcp: plug races between subflow fail and subflow creation (bsc#1248230).
- CVE-2025-38653: proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al (bsc#1248630).
- CVE-2025-38699: scsi: bfa: Double-free fix (bsc#1249224).
- CVE-2025-38700: scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated (bsc#1249182).
- CVE-2025-38718: sctp: linearize cloned gso packets in sctp_rcv (bsc#1249161).
- CVE-2025-39673: ppp: fix race conditions in ppp_fill_forward_path (bsc#1249320).
- CVE-2025-39676: scsi: qla4xxx: Prevent a potential error pointer dereference (bsc#1249302).
- CVE-2025-39683: tracing: Limit access to parser->buffer when trace_get_user failed (bsc#1249286).
- CVE-2025-39697: nfs: remove dead code for the old swap over NFS implementation (bsc#1249319).
- CVE-2025-39702: ipv6: sr: Fix MAC comparison to be constant-time (bsc#1249317).
- CVE-2025-39756: fs: Prevent file descriptor table allocations exceeding INT_MAX (bsc#1249512).
- CVE-2025-39794: ARM: tegra: Use I/O memcpy to write to IRAM (bsc#1249595).
- CVE-2025-39812: sctp: initialize more fields in sctp_v6_from_sk() (bsc#1250202).
- CVE-2025-39813: ftrace: Fix potential warning in trace_printk_seq during ftrace_dump (bsc#1250032).
- CVE-2025-39828: atm: atmtcp: Prevent arbitrary write in atmtcp_recv_control() (bsc#1250205).
- CVE-2025-39851: vxlan: Fix NPD when refreshing an FDB entry with a nexthop object (bsc#1250296).
- CVE-2025-39866: fs: writeback: fix use-after-free in __mark_inode_dirty() (bsc#1250455).
- CVE-2025-39876: net: fec: Fix possible NPD in fec_enet_phy_reset_after_clk_enable() (bsc#1250400).
- CVE-2025-39881: kernfs: Fix UAF in polling when open file is released (bsc#1250379).
- CVE-2025-39895: sched: Fix sched_numa_find_nth_cpu() if mask offline (bsc#1250721).
- CVE-2025-39902: mm/slub: avoid accessing metadata when pointer is invalid in object_err() (bsc#1250702).
- CVE-2025-39911: i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path (bsc#1250704).
- CVE-2025-39945: cnic: Fix use-after-free bugs in cnic_delete_task (bsc#1251230).
- CVE-2025-39946: tls: make sure to abort the stream if headers are bogus (bsc#1251114).
- CVE-2025-39947: net/mlx5e: Harden uplink netdev access against device unbind (bsc#1251232).
- CVE-2025-39948: ice: fix Rx page leak on multi-buffer frames (bsc#1251233).
- CVE-2025-39949: qed: Don't collect too many protection override GRC elements (bsc#1251177).
- CVE-2025-39955: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect() (bsc#1251804).
- CVE-2025-39968: i40e: add max boundary check for VF filters (bsc#1252047).
- CVE-2025-39969: i40e: fix validation of VF state in get resources (bsc#1252044).
- CVE-2025-39970: i40e: fix input validation logic for action_meta (bsc#1252051).
- CVE-2025-39971: i40e: fix idx validation in config queues msg (bsc#1252052).
- CVE-2025-39972: i40e: fix idx validation in i40e_validate_queue_map (bsc#1252039).
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252035).
- CVE-2025-39978: octeontx2-pf: Fix potential use after free in otx2_tc_add_flow() (bsc#1252069).
- CVE-2025-40000: wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait() (bsc#1252062).
- CVE-2025-40005: spi: cadence-quadspi: Implement refcount to handle unbind during busy (bsc#1252349).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252688).
- CVE-2025-40051: vhost: vringh: Modify the return value check (bsc#1252858).
- CVE-2025-40056: vhost: vringh: Fix copy_to_iter return value check (bsc#1252826).
- CVE-2025-40060: coresight: trbe: Return NULL pointer for allocation failures (bsc#1252848).
- CVE-2025-40078: bpf: Explicitly check accesses to bpf_sock_addr (bsc#1252789).
- CVE-2025-40080: nbd: restrict sockets to TCP and UDP (bsc#1252774).
- CVE-2025-40100: btrfs: do not assert we found block group item when creating free space tree (bsc#1252918).
The following non security issues were fixed:
- ACPI: battery: Add synchronization between interface updates (git-fixes).
- KVM: PPC: Fix misleading interrupts comment in kvmppc_prepare_to_enter() (bsc#1215199).
- KVM: x86: Plumb in the vCPU to kvm_x86_ops.hwapic_isr_update() (git-fixes).
- KVM: x86: Process 'guest stopped request' once per guest time update (git-fixes).
- bpf: Allow helper bpf_get_[ns_]current_pid_tgid() for all prog types (bsc#1252364).
- cpufreq: intel_pstate: Fix object lifecycle issue in update_qos_request() (stable-fixes git-fixes).
- drm/amd/pm: fix smu table id bound check issue in smu_cmn_update_table() (git-fixes).
- ext4: fix checks for orphan inodes (bsc#1250119).
- hfsplus: fix KMSAN uninit-value issue in hfsplus_delete_cat() (git-fixes).
- kdb: Replace deprecated strcpy() with memmove() in vkdb_printf() (bsc#1252939).
- module: Prevent silent truncation of module name in delete_module(2) (git-fixes).
- net: mana: Use page pool fragments for RX buffers instead of full pages to improve memory efficiency (bsc#1248754).
- netfilter: nft_objref: validate objref and objrefmap expressions (bsc#1250237).
- perf/x86/intel: Allow to update user space GPRs from PEBS records (git-fixes).
- perf/x86/intel: Fix crash in icl_update_topdown_event() (git-fixes).
- phy: cadence: cdns-dphy: Update calibration wait time for startup state machine (git-fixes).
- powerpc/boot: Fix build with gcc 15 (bsc#1215199).
- powerpc/kvm: Fix ifdef to remove build warning (bsc#1215199).
- powerpc/powernv/pci: Fix underflow and leak issue (bsc#1215199).
- powerpc/pseries/msi: Fix potential underflow and leak issue (bsc#1215199).
- powerpc: export MIN RMA size (bsc#1236743 ltc#211409).
- powerpc: floppy: Add missing checks after DMA map (bsc#1215199).
- powerpc: increase MIN RMA size for CAS negotiation (bsc#1236743 ltc#211409 bsc#1252269 ltc#215957).
- proc: fix missing pde_set_flags() for net proc files (bsc#1248630)
- proc: fix type confusion in pde_set_flags() (bsc#1248630)
- sched/idle: Conditionally handle tick broadcast in default_idle_call() (bsc#1248517).
- skmsg: Return copied bytes in sk_msg_memcopy_from_iter (bsc#1250650).
- smb: client: fix crypto buffers in non-linear memory (bsc#1250491, bsc#1239206).
- smb: client: fix potential cfid UAF in smb2_query_info_compound (bsc#1248886).
- tcp_bpf: Fix copied value in tcp_bpf_sendmsg (bsc#1250650).
- tracing: Remove unneeded goto out logic (bsc#1249286).
- x86/idle: Sanitize X86_BUG_AMD_E400 handling (bsc#1248517).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:4155-1
Released: Fri Nov 21 15:09:44 2025
Summary: Recommended update for cyrus-sasl
Type: recommended
Severity: moderate
References: 1233529
This update for cyrus-sasl fixes the following issues:
- Python3 error log upon importing pycurl (bsc#1233529)
* Remove senceless log message.
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4092-1
Released: Mon Nov 24 10:08:22 2025
Summary: Security update for elfutils
Type: security
Severity: moderate
References: 1237236,1237240,1237241,1237242,CVE-2025-1352,CVE-2025-1372,CVE-2025-1376,CVE-2025-1377
This update for elfutils fixes the following issues:
- Fixing build/testsuite for more recent glibc and kernels.
- Fixing denial of service and general buffer overflow errors
(bsc#1237236, bsc#1237240, bsc#1237241, bsc#1237242):
- CVE-2025-1376: Fixed denial of service in function elf_strptr in the library /libelf/elf_strptr.c of the component eu-strip
- CVE-2025-1377: Fixed denial of service in function gelf_getsymshndx of the file strip.c of the component eu-strip
- CVE-2025-1372: Fixed buffer overflow in function dump_data_section/print_string_section of the file readelf.c of the component eu-readelf
- CVE-2025-1352: Fixed SEGV (illegal read access) in function __libdw_thread_tail in the library libdw_alloc.c of the component eu-readelf
- Fixing testsuite race conditions in run-debuginfod-find.sh.
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4196-1
Released: Mon Nov 24 11:54:23 2025
Summary: Security update for grub2
Type: security
Severity: moderate
References: 1236744,1241132,1245953,1252269,1252930,1252931,1252932,1252933,1252934,1252935,CVE-2025-54770,CVE-2025-54771,CVE-2025-61661,CVE-2025-61662,CVE-2025-61663,CVE-2025-61664
This update for grub2 fixes the following issues:
- CVE-2025-54770: Fixed missing unregister call for net_set_vlan command may lead to use-after-free (bsc#1252930)
- CVE-2025-54771: Fixed rub_file_close() does not properly controls the fs refcount (bsc#1252931)
- CVE-2025-61661: Fixed out-of-bounds write in grub_usb_get_string() function (bsc#1252932)
- CVE-2025-61662: Fixed missing unregister call for gettext command may lead to use-after-free (bsc#1252933)
- CVE-2025-61663: Fixed missing unregister call for normal commands may lead to use-after-free (bsc#1252934)
- CVE-2025-61664: Fixed missing unregister call for normal_exit command may lead to use-after-free (bsc#1252935)
Other fixes:
- Bump upstream SBAT generation to 6
- Fix timeout when loading initrd via http after PPC CAS reboot (bsc#1245953)
- Fix PPC CAS reboot failure work when initiated via submenu (bsc#1241132)
- Fix out of memory issue on PowerPC by increasing RMA size (bsc#1236744, bsc#1252269)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4236-1
Released: Tue Nov 25 17:02:19 2025
Summary: Security update for curl
Type: security
Severity: moderate
References: 1253757,CVE-2025-11563
This update for curl fixes the following issues:
- CVE-2025-11563: Fixed wcurl path traversal with percent-encoded slashes (bsc#1253757)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4288-1
Released: Fri Nov 28 09:25:32 2025
Summary: Security update for containerd
Type: security
Severity: important
References: 1253126,1253132,CVE-2024-25621,CVE-2025-64329
This update for containerd fixes the following issues:
- Update to containerd v1.7.29
- CVE-2024-25621: Fixed an overly broad default permission vulnerability. (bsc#1253126)
- CVE-2025-64329: Fixed a goroutine leaks which can lead to memory exhaustion on the host. (bsc#1253132)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:4293-1
Released: Fri Nov 28 10:10:49 2025
Summary: Recommended update for gpgme
Type: recommended
Severity: important
References: 1231055,1252425
This update for gpgme fixes the following issues:
- Treat empty DISPLAY variable as unset (bsc#1252425, bsc#1231055)
* To avoid gpgme constructing an invalid gpg command line when
the DISPLAY variable is empty it can be treated as unset.
* Reported upstream: dev.gnupg.org/T7919
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:4303-1
Released: Fri Nov 28 14:11:38 2025
Summary: Recommended update for kmod
Type: recommended
Severity: important
References: 1253741
This update for kmod fixes the following issues:
- Fix modprobe.d confusion on man page (bsc#1253741):
* document the config file order handling
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4308-1
Released: Fri Nov 28 16:38:46 2025
Summary: Security update for glib2
Type: security
Severity: moderate
References: 1249055,CVE-2025-7039
This update for glib2 fixes the following issues:
- CVE-2025-7039: Fixed buffer under-read on glib through glib/gfileutils.c via get_tmp_file() (bsc#1249055)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:4321-1
Released: Fri Dec 5 08:07:53 2025
Summary: Recommended update for pciutils
Type: recommended
Severity: moderate
References: 1001888,1006827,1029961,1098094,1098228,1170554,1192862,1206798,1224138,529469,837347
This update for pciutils fixes the following issues:
pciutils was updated from version 3.5.6 to 3.13.0 (jsc#PED-8402, jsc#PED-8393, bsc#1224138):
- Highlights of issues fixed:
* Fixed LnkCap speed recognition in `lspci` for multi PCIe ports such as
the ML110 Gen11 (bsc#1192862)
* Included several non-standard extensions to VPD decoder (bsc#1170554, bsc#1098228)
* Fixed the display of the gen4 speed for GEN 4 cards like Mellanox CX5 (bsc#1098094)
* Replaced dependency on pciutil-ids with hwdata
* Potentially disruptive change of PCI IDs Cache:
+ The local cache of PCI IDs (.pci-ids) was moved to the XDG standard location: `$XDG_CACHE_HOME/pci-ids` (v3.11.0)
This could be a disruptive change if users or scripts are relying on the old path.
- Key New Features and Utilities:
* New `pcilmr` Utility: A new tool, `pcilmr`, was added for 'PCIe lane margining,' which is a low-level
diagnostic feature (v3.11.0)
* New `lspci` Path Flag: You can now use `lspci -P` (or -PP) to see the path of bridges leading to a specific device
(v3.6.2)
* ECAM Support: Added support for the ECAM (Enhanced Configuration Access Mechanism), a standard way to access PCIe
configuration space (v3.10.0)
* IOMMU Group Display: lspci can now display IOMMU groups on Linux (v3.7.0)
- New Hardware and Protocol Decoding:
* Added support for decoding CXL capabilities (v3.9.0)
* Decoding for Advanced Error Reporting (AER) (v3.13.0)
* Decoding for IDE (Integrity and Data Encryption) and TEE-IO extended capabilities (v3.12.0)
* Decoding for Data Object Exchange (DOE) (v3.8.0)
* Decoding for standard and VF (Virtual Function) Resizable BARs (v3.7.0)
* Decoding for Multicast capabilities (v3.6.3)
- Improved Output Clarity:
* PCIe link speeds running below their maximum are now clearly marked as 'downgraded' (v3.6.0)
* BARs (Base Address Registers) reported by the OS but not actually set on the device are marked as
'[virtual]' (v3.6.0)
- Command Behavior and System Changes:
* `lspci` Tree View (-t):
+ Can now be combined with `-s` to show only a specific sub-tree (v3.6.3)
+ Improved filtering options (v3.9.0)
+ Improved support of multi-domain systems (v3.10.0)
* `setpci`:
+ Can now check if a named register exists for that device's header type (v3.9.0)
* `update-pciids`:
+ Now supports XZ compression when downloading new ID lists (v3.11.0)
* Database Update:
+ The pci.ids device database was continuously updated across all versions.
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4323-1
Released: Mon Dec 8 19:14:15 2025
Summary: Security update for gnutls
Type: security
Severity: moderate
References: 1254132,CVE-2025-9820
This update for gnutls fixes the following issues:
- CVE-2025-9820: Fixed buffer overflow in gnutls_pkcs11_token_init. (bsc#1254132)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:4326-1
Released: Tue Dec 9 11:31:28 2025
Summary: Recommended update for runc
Type: recommended
Severity: moderate
References: 1254362
This update for runc fixes the following issues:
- Update to runc v1.3.4 (bsc#1254362)
- libct: fix mips compilation:
* When configuring a tmpfs mount, only set the mode= argument if the
target path already existed.
* Fix various file descriptor leaks and add additional tests to detect them as
comprehensively as possible.
- Downgrade github.com/cyphar/filepath-securejoin dependency to v0.5.2,
which should make it easier for some downstreams to import runc without
pulling in too many extra packages.
- The runc binary distributed with this release are statically linked with the following
GNU LGPL-2.1 licensed libraries, with runc acting as a 'work that uses the Library':
* libseccomp: The versions of these libraries were not modified from their upstream versions
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:4332-1
Released: Tue Dec 9 12:56:58 2025
Summary: Recommended update for libnvme, nvme-cli
Type: recommended
Severity: important
References: 1246914
This update for libnvme, nvme-cli fixes the following issues:
Fix: libnvme/nvme-cli TLS PSK generation logic not compliant to RFC 8446: (bsc#1246914)
* linux: use EVP_PKEY_CTX_add1_hkdf_info only once in compat function
* nvme/linux: check for empty digest in gen_tls_identity()
* nvme/linux: add fallback implementation for nvme_insert_tls_key_compat()
* linux: fix HKDF TLS key derivation back to OpenSSL 3.0.8
* libnvme: TLS PSK derivation fixes
* linux: rename __nvme_insert_tls_key_versioned() to __nvme_insert_tls_key()
* linux: rename __nvme_insert_tls_key() to __nvme_import_tls_key()
* test/psk: add testcase for TLS identity derivation
* linux: set errno when nvme_generate_tls_key_identity() fails
* nvme: add --compat flag for 'gen-tls-key' and 'check-tls-key'
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:4362-1
Released: Thu Dec 11 11:08:27 2025
Summary: Recommended update for gcc15
Type: recommended
Severity: moderate
References: 1253043
This update for gcc15 fixes the following issues:
- Enable the use of _dl_find_object even when not available at build time. [bsc#1253043]
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4368-1
Released: Thu Dec 11 16:12:16 2025
Summary: Security update for python3
Type: security
Severity: low
References: 1251305,1252974,CVE-2025-6075,CVE-2025-8291
This update for python3 fixes the following issues:
- CVE-2025-6075: quadratic complexity in `os.path.expandvars()` can lead to performance degradation when values passed
to it are user-controlled (bsc#1252974).
- CVE-2025-8291: lack of validity checks on the ZIP64 End of Central Directory (EOCD) record allows for the creation of
ZIP archives that are processed inconsistently by the `zipfile` module (bsc#1251305).
The following package changes have been done:
- bash-sh-4.4-150400.27.6.1 updated
- bash-4.4-150400.27.6.1 updated
- bind-utils-9.18.33-150600.3.18.1 updated
- chrony-pool-suse-4.1-150400.21.8.1 updated
- chrony-4.1-150400.21.8.1 updated
- cifs-utils-6.15-150400.3.18.1 updated
- containerd-ctr-1.7.29-150000.128.1 updated
- containerd-1.7.29-150000.128.1 updated
- curl-8.14.1-150600.4.31.1 updated
- e2fsprogs-1.47.0-150600.4.6.2 added
- elfutils-0.185-150400.5.8.3 updated
- glib2-tools-2.78.6-150600.4.22.1 updated
- grub2-i386-pc-2.12-150600.8.44.2 updated
- grub2-x86_64-efi-2.12-150600.8.44.2 updated
- grub2-2.12-150600.8.44.2 updated
- kernel-default-6.4.0-150600.23.78.1 updated
- kmod-29-150600.13.3.1 updated
- krb5-1.20.1-150600.11.14.1 updated
- libasm1-0.185-150400.5.8.3 updated
- libcurl4-8.14.1-150600.4.31.1 updated
- libdw1-0.185-150400.5.8.3 updated
- libelf1-0.185-150400.5.8.3 updated
- libext2fs2-1.47.0-150600.4.6.2 added
- libfreetype6-2.10.4-150000.4.25.1 updated
- libgcc_s1-15.2.0+git10201-150000.1.6.1 updated
- libgio-2_0-0-2.78.6-150600.4.22.1 updated
- libglib-2_0-0-2.78.6-150600.4.22.1 updated
- libgmodule-2_0-0-2.78.6-150600.4.22.1 updated
- libgnutls30-3.8.3-150600.4.12.1 updated
- libgobject-2_0-0-2.78.6-150600.4.22.1 updated
- libgpgme11-1.23.0-150600.3.5.1 updated
- libkmod2-29-150600.13.3.1 updated
- libnvme-mi1-1.8+93.g5986a5a7-150600.3.21.1 updated
- libnvme1-1.8+93.g5986a5a7-150600.3.21.1 updated
- libpci3-3.13.0-150300.13.9.1 updated
- libpython3_6m1_0-3.6.15-150300.10.100.1 updated
- libreadline7-7.0-150400.27.6.1 updated
- libsasl2-3-2.1.28-150600.7.14.1 updated
- libselinux1-3.5-150600.3.3.1 updated
- libsolv-tools-base-0.7.34-150600.8.19.2 updated
- libstdc++6-15.2.0+git10201-150000.1.6.1 updated
- libsystemd0-254.27-150600.4.46.2 updated
- libudev1-254.27-150600.4.46.2 updated
- nvme-cli-2.8+95.g1a0c2083-150600.3.24.1 updated
- openssh-clients-9.6p1-150600.6.34.1 updated
- openssh-common-9.6p1-150600.6.34.1 updated
- openssh-server-config-disallow-rootlogin-9.6p1-150600.6.34.1 updated
- openssh-server-9.6p1-150600.6.34.1 updated
- openssh-9.6p1-150600.6.34.1 updated
- pciutils-3.13.0-150300.13.9.1 updated
- python3-base-3.6.15-150300.10.100.1 updated
- runc-1.3.4-150000.88.1 updated
- sles-release-15.6-150600.64.9.2 updated
- systemd-254.27-150600.4.46.2 updated
- udev-254.27-150600.4.46.2 updated
- vim-data-common-9.1.1629-150500.20.38.1 updated
- vim-9.1.1629-150500.20.38.1 updated
- xen-libs-4.18.5_06-150600.3.31.2 updated
- catatonit-0.2.0-150500.3.3.1 removed
- docker-28.3.3_ce-150000.230.1 removed
- iptables-1.8.7-1.1 removed
- libip6tc2-1.8.7-1.1 removed
- libnftnl11-1.2.0-150400.1.6 removed
- xtables-plugins-1.8.7-1.1 removed
More information about the sle-container-updates
mailing list