SUSE-IU-2025:594-1: Security update of suse/sle-micro/5.5

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Thu Feb 13 12:15:06 UTC 2025


SUSE Image Update Advisory: suse/sle-micro/5.5
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2025:594-1
Image Tags        : suse/sle-micro/5.5:2.0.4 , suse/sle-micro/5.5:2.0.4-5.5.238 , suse/sle-micro/5.5:latest
Image Release     : 5.5.238
Severity          : moderate
Type              : security
References        : 1227052 1236507 CVE-2023-45288 CVE-2024-6104 
-----------------------------------------------------------------

The container suse/sle-micro/5.5 was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:458-1
Released:    Wed Feb 12 13:02:25 2025
Summary:     Security update for podman
Type:        security
Severity:    moderate
References:  1227052,1236507,CVE-2023-45288,CVE-2024-6104
This update for podman fixes the following issues:

- CVE-2024-6104: possible sensitive data exposure due to hashicorp/go-retryablehttp not sanitizing URLs when writing
  them to log files. (bsc#1227052)
- CVE-2023-45288: possible excessive CPU consumption due to no limit being set on the number of CONTINUATION frames
  read for an HTTP/2 request in golang.org/x/net/http2. (bsc#1236507)  


The following package changes have been done:

- podman-4.9.5-150500.3.34.2 updated


More information about the sle-container-updates mailing list