SUSE-CU-2025:9148-1: Security update of suse/kiosk/xorg

[sle-container-updates at lists.suse.com]

SUSE Container Update Advisory: suse/kiosk/xorg
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:9148-1
Container Tags        : suse/kiosk/xorg:21 , suse/kiosk/xorg:21.1 , suse/kiosk/xorg:21.1-72.2 , suse/kiosk/xorg:latest , suse/kiosk/xorg:notaskbar
Container Release     : 72.2
Severity              : moderate
Type                  : security
References            : 1105832 CVE-2018-15853 CVE-2018-15859 CVE-2018-15861 CVE-2018-15863
-----------------------------------------------------------------

The container suse/kiosk/xorg was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4426-1
Released:    Wed Dec 17 12:22:40 2025
Summary:     Security update for xkbcomp
Type:        security
Severity:    moderate
References:  1105832,CVE-2018-15853,CVE-2018-15859,CVE-2018-15861,CVE-2018-15863
This update for xkbcomp fixes the following issues:

- CVE-2018-15863: NULL pointer dereference triggered by a a crafted keymap file with a no-op modmask expression can
  lead to a crash (bsc#1105832).
- CVE-2018-15861: NULL pointer dereference triggered by a crafted keymap file that induces an `xkb_intern_atom` failure
  can lead to a crash (bsc#1105832).
- CVE-2018-15859: NULL pointer dereference triggered by a specially a crafted keymap file can lead to a crash
  (bsc#1105832).
- CVE-2018-15853: endless recursion triggered by a crafted keymap file that induces boolean negation can lead to a
  crash (bsc#1105832).


The following package changes have been done:

- xkbcomp-1.4.1-150000.3.6.1 updated
- container:suse-sle15-15.7-22eecbe106e03d71cdd8de187d9a2d4b7c88b48ec4ee60fe1a88057b046b3f00-0 updated