SUSE-CU-2025:9650-1: Security update of suse/manager/4.3/proxy-salt-broker

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Tue Dec 23 08:32:24 UTC 2025 

SUSE Container Update Advisory: suse/manager/4.3/proxy-salt-broker
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:9650-1
Container Tags        : suse/manager/4.3/proxy-salt-broker:4.3.16.2 , suse/manager/4.3/proxy-salt-broker:4.3.16.2.9.63.4 , suse/manager/4.3/proxy-salt-broker:latest
Container Release     : 9.63.4
Severity              : important
Type                  : security
References            : 1249055 1254297 1254662 1254878 CVE-2025-13601 CVE-2025-14087
                        CVE-2025-14512 CVE-2025-7039 
-----------------------------------------------------------------

The container suse/manager/4.3/proxy-salt-broker was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4347-1
Released:    Wed Dec 10 14:02:26 2025
Summary:     Security update for glib2
Type:        security
Severity:    moderate
References:  1249055,CVE-2025-7039
This update for glib2 fixes the following issues:

- CVE-2025-7039: Fixed buffer under-read on glib through glib/gfileutils.c via get_tmp_file() (bsc#1249055)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4504-1
Released:    Mon Dec 22 17:29:14 2025
Summary:     Security update for glib2
Type:        security
Severity:    important
References:  1254297,1254662,1254878,CVE-2025-13601,CVE-2025-14087,CVE-2025-14512
This update for glib2 fixes the following issues:

- CVE-2025-14512: integer overflow in the GIO `escape_byte_string()` function when processing malicious files or remote
  filesystem attribute values can lead to denial-of-service (bsc#1254878).
- CVE-2025-14087: buffer underflow in the GVariant parser `bytestring_parse()` and `string_parse()` functions when
  processing attacker-influenced data may lead to crash or code execution (bsc#1254662).
- CVE-2025-13601: heap-based buffer overflow in the `g_escape_uri_string()` function when processing strings with a
  large number of unacceptable characters may lead to crash or code execution (bsc#1254297).

  

The following package changes have been done:

- libglib-2_0-0-2.70.5-150400.3.29.1 updated
- container:sles15-ltss-image-15.4.0-5.4 updated

More information about the sle-container-updates mailing list