SUSE-CU-2025:9044-1: Security update of suse/sles/16.0/toolbox

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Tue Dec 16 08:16:06 UTC 2025 

SUSE Container Update Advisory: suse/sles/16.0/toolbox
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:9044-1
Container Tags        : suse/sles/16.0/toolbox:16.3 , suse/sles/16.0/toolbox:16.3-1.6 , suse/sles/16.0/toolbox:latest
Container Release     : 1.6
Severity              : important
Type                  : security
References            : 1231055 1250232 1250233 1250234 1252425 CVE-2025-9230 CVE-2025-9231
                        CVE-2025-9232 
-----------------------------------------------------------------

The container suse/sles/16.0/toolbox was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: 77
Released:    Thu Nov 27 20:50:12 2025
Summary:     Recommended update for gpgme
Type:        recommended
Severity:    important
References:  1231055,1252425
This update for gpgme fixes the following issues:

- Treat empty DISPLAY variable as unset (bsc#1252425, bsc#1231055)
    * To avoid gpgme constructing an invalid gpg command line when
      the DISPLAY variable is empty it can be treated as unset.
    * Reported upstream: dev.gnupg.org/T7919

-----------------------------------------------------------------
Advisory ID: 107
Released:    Mon Dec 15 19:16:15 2025
Summary:     Security update for openssl-3
Type:        security
Severity:    important
References:  1250232,1250233,1250234,CVE-2025-9230,CVE-2025-9231,CVE-2025-9232
This update for openssl-3 fixes the following issues:

- CVE-2025-9230: Fixed out-of-bounds read & write in RFC 3211 KEK unwrap (bsc#1250232)
- CVE-2025-9231: Fixedk timing side-channel in SM2 algorithm on 64 bit ARM (bsc#1250233)
- CVE-2025-9232: Fixed out-of-bounds read in HTTP client no_proxy handling (bsc#1250234)


The following package changes have been done:

- libgpgme11-1.24.3-160000.3.1 updated
- libopenssl-3-fips-provider-3.5.0-160000.4.1 updated
- libopenssl3-3.5.0-160000.4.1 updated

More information about the sle-container-updates mailing list