SUSE-IU-2025:658-1: Security update of suse/sl-micro/6.1/baremetal-os-container
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Thu Feb 27 08:13:55 UTC 2025
SUSE Image Update Advisory: suse/sl-micro/6.1/baremetal-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2025:658-1
Image Tags : suse/sl-micro/6.1/baremetal-os-container:2.2.0 , suse/sl-micro/6.1/baremetal-os-container:2.2.0-4.5 , suse/sl-micro/6.1/baremetal-os-container:latest
Image Release : 4.5
Severity : important
Type : security
References : 1219458 1219563 1222319 1224123 1225600 1225601 1227456 1229010
1229069 1229072 1229272 1229449 1230007 1230596 1234027 1236826
1237040 1237041 CVE-2023-31315 CVE-2023-38417 CVE-2023-47210
CVE-2024-28180 CVE-2024-3727 CVE-2025-26465 CVE-2025-26466
-----------------------------------------------------------------
The container suse/sl-micro/6.1/baremetal-os-container was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: 21
Released: Wed Feb 26 14:46:04 2025
Summary: Security update for openssh
Type: security
Severity: important
References: 1219563,1224123,1227456,1229010,1229072,1229449,1236826,1237040,1237041,CVE-2024-28180,CVE-2024-3727,CVE-2025-26465,CVE-2025-26466
This update for openssh fixes the following issues:
Security issues fixed:
- CVE-2025-26465: Fixed a MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client (bsc#1237040)
- CVE-2025-26466: Fixed a DoS attack against OpenSSH's client and server (bsc#1237041)
Other issues fixed:
- Fix ssh client segfault with GSSAPIKeyExchange=yes in ssh_kex2
due to gssapi proposal not being correctly initialized
(bsc#1236826).
- Add a patch to fix a regression introduced in 9.6 that makes X11
forwarding very slow. (bsc#1229449)
- Fixed RFC4256 implementation so that keyboard-interactive authentication method can send
instructions and sshd shows them to users even before a prompt
is requested. This fixes MFA push notifications (bsc#1229010).
- Fix a dbus connection leaked in the logind patch that was
missing a sd_bus_unref call
- Add a patch that fixes a small memory leak when parsing the
subsystem configuration option:
- Remove empty line at the end of sshd-sle.pamd (bsc#1227456)
-----------------------------------------------------------------
Advisory ID: 20
Released: Wed Feb 26 14:57:21 2025
Summary: Security update for kernel-firmware
Type: security
Severity: important
References: 1219458,1222319,1225600,1225601,1229069,1229272,1230007,1230596,1234027,CVE-2023-31315,CVE-2023-38417,CVE-2023-47210
This update for kernel-firmware fixes the following issues:
- Update to version 20241128 (git commit ea71da6f0690):
* i915: Update Xe2LPD DMC to v2.24
* cirrus: cs35l56: Add firmware for Cirrus CS35L56 for various Dell laptops
* iwlwifi: add Bz-gf FW for core89-91 release
* amdgpu: update smu 13.0.10 firmware
* amdgpu: update sdma 6.0.3 firmware
* amdgpu: update psp 13.0.10 firmware
* amdgpu: update gc 11.0.3 firmware
* amdgpu: add smu 13.0.14 firmware
* amdgpu: add sdma 4.4.5 firmware
* amdgpu: add psp 13.0.14 firmware
* amdgpu: add gc 9.4.4 firmware
* amdgpu: update vcn 3.1.2 firmware
* amdgpu: update psp 13.0.5 firmware
* amdgpu: update psp 13.0.8 firmware
* amdgpu: update vega20 firmware
* amdgpu: update vega12 firmware
* amdgpu: update psp 14.0.4 firmware
* amdgpu: update gc 11.5.2 firmware
* amdgpu: update vega10 firmware
* amdgpu: update vcn 4.0.0 firmware
* amdgpu: update smu 13.0.0 firmware
* amdgpu: update psp 13.0.0 firmware
* amdgpu: update gc 11.0.0 firmware
* amdgpu: update beige goby firmware
* amdgpu: update vangogh firmware
* amdgpu: update dimgrey cavefish firmware
* amdgpu: update navy flounder firmware
* amdgpu: update psp 13.0.11 firmware
* amdgpu: update gc 11.0.4 firmware
* amdgpu: update vcn 4.0.2 firmware
* amdgpu: update psp 13.0.4 firmware
* amdgpu: update gc 11.0.1 firmware
* amdgpu: update sienna cichlid firmware
* amdgpu: update vpe 6.1.1 firmware
* amdgpu: update vcn 4.0.6 firmware
* amdgpu: update psp 14.0.1 firmware
* amdgpu: update gc 11.5.1 firmware
* amdgpu: update vcn 4.0.5 firmware
* amdgpu: update psp 14.0.0 firmware
* amdgpu: update gc 11.5.0 firmware
* amdgpu: update navi14 firmware
* amdgpu: update arcturus firmware
* amdgpu: update renoir firmware
* amdgpu: update navi12 firmware
* amdgpu: update sdma 4.4.2 firmware
* amdgpu: update psp 13.0.6 firmware
* amdgpu: update gc 9.4.3 firmware
* amdgpu: update vcn 4.0.4 firmware
* amdgpu: update psp 13.0.7 firmware
* amdgpu: update gc 11.0.2 firmware
* amdgpu: update navi10 firmware
* amdgpu: update aldebaran firmware
- Update aliases from 6.13-rc1
- Update to version 20241125 (git commit 508d770ee6f3):
* ice: update ice DDP wireless_edge package to 1.3.20.0
* ice: update ice DDP comms package to 1.3.52.0
* ice: update ice DDP package to ice-1.3.41.0
* amdgpu: update DMCUB to v9.0.10.0 for DCN314
* amdgpu: update DMCUB to v9.0.10.0 for DCN351
- Update to version 20241121 (git commit 48bb90cceb88):
* linux-firmware: Update AMD cpu microcode
* xe: Update GUC to v70.36.0 for BMG, LNL
* i915: Update GUC to v70.36.0 for ADL-P, DG1, DG2, MTL, TGL
- Update to version 20241119 (git commit 60cdfe1831e8):
* iwlwifi: add Bz-gf FW for core91-69 release
- Update aliases from 6.12
- Update to version 20241113 (git commit 1727aceef4d2):
* qcom: venus-5.4: add venus firmware file for qcs615
* qcom: update venus firmware file for SC7280
* QCA: Add 22 bluetooth firmware nvm files for QCA2066
- Update to version 20241112 (git commit c57a0a42468b):
* mediatek MT7922: update bluetooth firmware to 20241106163512
* mediatek MT7921: update bluetooth firmware to 20241106151414
* linux-firmware: update firmware for MT7922 WiFi device
* linux-firmware: update firmware for MT7921 WiFi device
* qcom: Add QDU100 firmware image files.
* qcom: Update aic100 firmware files
* dedup-firmware.sh: fix infinite loop for --verbose
* rtl_bt: Update RTL8852BT/RTL8852BE-VT BT USB FW to 0x04D7_63F7
* cnm: update chips&media wave521c firmware.
* mediatek MT7920: update bluetooth firmware to 20241104091246
* linux-firmware: update firmware for MT7920 WiFi device
* copy-firmware.sh: Run check_whence.py only if in a git repo
* cirrus: cs35l56: Add firmware for Cirrus CS35L56 for various Dell laptops
* amdgpu: update DMCUB to v9.0.10.0 for DCN351
* rtw89: 8852a: update fw to v0.13.36.2
* rtw88: Add firmware v52.14.0 for RTL8812AU
* i915: Update Xe2LPD DMC to v2.23
* linux-firmware: update firmware for mediatek bluetooth chip (MT7925)
* linux-firmware: update firmware for MT7925 WiFi device
* WHENCE: Add sof-tolg for mt8195
* linux-firmware: Update firmware file for Intel BlazarI core
* qcom: Add link for QCS6490 GPU firmware
* qcom: update gpu firmwares for qcs615 chipset
* cirrus: cs35l56: Update firmware for Cirrus Amps for some HP laptops
* mediatek: Add sof-tolg for mt8195
- Update to version 20241029 (git commit 048795eef350):
* ath11k: move WCN6750 firmware to the device-specific subdir
* xe: Update LNL GSC to v104.0.0.1263
* i915: Update MTL/ARL GSC to v102.1.15.1926
- Update to version 20241028 (git commit 987607d681cb):
* amdgpu: DMCUB updates for various AMDGPU ASICs
* i915: Add Xe3LPD DMC
* cnm: update chips&media wave521c firmware.
* linux-firmware: Add firmware for Cirrus CS35L41
* linux-firmware: Update firmware file for Intel BlazarU core
* Makefile: error out of 'install' if COPYOPTS is set
- Update to version 20241018 (git commit 2f0464118f40):
* check_whence.py: skip some validation if git ls-files fails
* qcom: Add Audio firmware for X1E80100 CRD/QCPs
* amdgpu: DMCUB updates forvarious AMDGPU ASICs
* brcm: replace NVRAM for Jetson TX1
* rtlwifi: Update firmware for RTL8192FU to v7.3
* make: separate installation and de-duplication targets
* check_whence.py: check the permissions
* Remove execute bit from firmware files
* configure: remove unused file
* rtl_nic: add firmware rtl8125d-1
- Update to version 20241014 (git commit 99f9c7ed1f4a):
* iwlwifi: add gl/Bz FW for core91-69 release
* iwlwifi: update ty/So/Ma firmwares for core91-69 release
* iwlwifi: update cc/Qu/QuZ firmwares for core91-69 release
* cirrus: cs35l56: Add firmware for Cirrus CS35L56 for a Lenovo Laptop
* cirrus: cs35l56: Add firmware for Cirrus CS35L56 for some ASUS laptops
* cirrus: cs35l56: Add firmware for Cirrus Amps for some HP laptops
* linux-firmware: update firmware for en8811h 2.5G ethernet phy
* QCA: Add Bluetooth firmwares for WCN785x with UART transport
- Update to version 20241011 (git commit 808cba847c70):
* mtk_wed: add firmware for mt7988 Wireless Ethernet Dispatcher
* ath12k: WCN7850 hw2.0: update board-2.bin (bsc#1230596)
* ath12k: QCN9274 hw2.0: add to WLAN.WBE.1.3.1-00162-QCAHKSWPL_SILICONZ-1
* ath12k: QCN9274 hw2.0: add board-2.bin
* copy-firmware.sh: rename variables in symlink hanlding
* copy-firmware.sh: remove no longer reachable test -L
* copy-firmware.sh: remove no longer reachable test -f
* copy-firmware.sh: call ./check_whence.py before parsing the file
* copy-firmware.sh: warn if the destination folder is not empty
* copy-firmware.sh: add err() helper
* copy-firmware.sh: fix indentation
* copy-firmware.sh: reset and consistently handle destdir
* Revert 'copy-firmware: Support additional compressor options'
* copy-firmware.sh: flesh out and fix dedup-firmware.sh
* Style update yaml files
* editorconfig: add initial config file
* check_whence.py: annotate replacement strings as raw
* check_whence.py: LC_ALL=C sort -u the filelist
* check_whence.py: ban link-to-a-link
* check_whence.py: use consistent naming
* Add a link from TAS2XXX1EB3.bin -> ti/tas2781/TAS2XXX1EB30.bin
* tas2781: Upload dsp firmware for ASUS laptop 1EB30 & 1EB31
- Drop obsoleted --ignore-duplicates option to copy-firmware.sh
- Drop the ath12k workaround again
- Update to version 20241010 (git commit d4e688aa74a0):
* rtlwifi: Add firmware v39.0 for RTL8192DU
* Revert 'ath12k: WCN7850 hw2.0: update board-2.bin'
(replaced with a newer firmware in this package instead)
- update aliases
- Update to version 20241004 (git commit bbb77872a8a7):
* amdgpu: DMCUB DCN35 update
* brcm: Add BCM4354 NVRAM for Jetson TX1
* brcm: Link FriendlyElec NanoPi M4 to AP6356S nvram
- Update to version 20241001 (git commit 51e5af813eaf):
* linux-firmware: add firmware for MediaTek Bluetooth chip (MT7920)
* linux-firmware: add firmware for MT7920
* amdgpu: update raven firmware
* amdgpu: update SMU 13.0.10 firmware
* amdgpu: update PSP 13.0.10 firmware
* amdgpu: update GC 11.0.3 firmware
* amdgpu: update VCN 3.1.2 firmware
* amdgpu: update PSP 13.0.5 firmware
* amdgpu: update PSP 13.0.8 firmware
* amdgpu: update vega12 firmware
* amdgpu: update PSP 14.0.4 firmware
* amdgpu: update GC 11.5.2 firmware
* amdgpu: update vega10 firmware
* amdgpu: update VCN 4.0.0 firmware
* amdgpu: update PSP 13.0.0 firmware
* amdgpu: update GC 11.0.0 firmware
* amdgpu: update picasso firmware
* amdgpu: update beige goby firmware
* amdgpu: update vangogh firmware
* amdgpu: update dimgrey cavefish firmware
* amdgpu: update navy flounder firmware
* amdgpu: update green sardine firmware
* amdgpu: update VCN 4.0.2 firmware
* amdgpu: update PSP 13.0.4 firmware
* amdgpu: update GC 11.0.1 firmware
* amdgpu: update sienna cichlid firmware
* amdgpu: update VCN 4.0.6 firmware
* amdgpu: update PSP 14.0.1 firmware
* amdgpu: update GC 11.5.1 firmware
* amdgpu: update VCN 4.0.5 firmware
* amdgpu: update PSP 14.0.0 firmware
* amdgpu: update GC 11.5.0 firmware
* amdgpu: update navi14 firmware
* amdgpu: update renoir firmware
* amdgpu: update navi12 firmware
* amdgpu: update SMU 13.0.6 firmware
* amdgpu: update SDMA 4.4.2 firmware
* amdgpu: update PSP 13.0.6 firmware
* amdgpu: update GC 9.4.3 firmware
* amdgpu: update yellow carp firmware
* amdgpu: update VCN 4.0.4 firmware
* amdgpu: update PSP 13.0.7 firmware
* amdgpu: update GC 11.0.2 firmware
* amdgpu: update navi10 firmware
* amdgpu: update aldebaran firmware
* qcom: update gpu firmwares for qcm6490 chipset
* mt76: mt7996: add firmware files for mt7992 chipset
* mt76: mt7996: add firmware files for mt7996 chipset variants
* qcom: add gpu firmwares for sa8775p chipset
* rtw89: 8922a: add fw format-2 v0.35.42.1
- Pick up the fixed ath12k firmware from
https://git.codelinaro.org/clo/ath-firmware/ath12k-firmware
(bsc#1230596)
- Update aliases from 6.11.x and 6.12-rc1
- Update to version 20240913 (git commit bcbdd1670bc3):
* amdgpu: update DMCUB to v0.0.233.0 DCN351
* copy-firmware: Handle links to uncompressed files
* WHENCE: Fix battmgr.jsn entry type
- Temporary revert for ath12k firmware (bsc#1230596)
- Update to version 20240912 (git commit 47c72fee8fe3):
* amdgpu: Add VPE 6.1.3 microcode
* amdgpu: add SDMA 6.1.2 microcode
* amdgpu: Add support for PSP 14.0.4
* amdgpu: add GC 11.5.2 microcode
* qcom: qcm6490: add ADSP and CDSP firmware
* linux-firmware: Update firmware file for Intel Bluetooth Magnetor core
* linux-firmware: Update firmware file for Intel BlazarU core
* linux-firmware: Update firmware file for Intel Bluetooth Solar core
- Update to version 20240911 (git commit 59def907425d):
* rtl_bt: Update RTL8852B BT USB FW to 0x0447_9301 (bsc#1229272)
- Update to version 20240910 (git commit 2a7b69a3fa30):
* realtek: rt1320: Add patch firmware of MCU
* i915: Update MTL DMC v2.23
* cirrus: cs35l56: Add firmware for Cirrus CS35L54 for some HP laptops
- Update to version 20240903 (git commit 96af55bd3d0b):
* amdgpu: Revert sienna cichlid dmcub firmware update (bsc#1230007)
* iwlwifi: add Bz FW for core89-58 release
* rtl_nic: add firmware rtl8126a-3
* linux-firmware: update firmware for MT7921 WiFi device
* linux-firmware: update firmware for mediatek bluetooth chip (MT7921)
- Update to version 20240830 (git commit d6c600d46981):
* amdgpu: update DMCUB to v0.0.232.0 for DCN314 and DCN351
* qcom: vpu: restore compatibility with kernels before 6.6
- Update to version 20240826 (git commit bec4fd18cc57):
(including ath11k f/w updates for bsc#1234027)
* amdgpu: DMCUB updates forvarious AMDGPU ASICs
* rtw89: 8922a: add fw format-1 v0.35.41.0
* linux-firmware: update firmware for MT7925 WiFi device
* linux-firmware: update firmware for mediatek bluetooth chip (MT7925)
* rtl_bt: Add firmware and config files for RTL8922A
* rtl_bt: Add firmware file for the the RTL8723CS Bluetooth part
* rtl_bt: de-dupe identical config.bin files
* rename rtl8723bs_config-OBDA8723.bin -> rtl_bt/rtl8723bs_config.bin
* linux-firmware: Update AMD SEV firmware
* linux-firmware: update firmware for MT7996
* Revert 'i915: Update MTL DMC v2.22'
* ath12k: WCN7850 hw2.0: update board-2.bin
* ath11k: WCN6855 hw2.0: update to WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3.6510.41
* ath11k: WCN6855 hw2.0: update board-2.bin
* ath11k: QCA2066 hw2.1: add to WLAN.HSP.1.1-03926.13-QCAHSPSWPL_V2_SILICONZ_CE-2.52297.3
* ath11k: QCA2066 hw2.1: add board-2.bin
* ath11k: IPQ5018 hw1.0: update to WLAN.HK.2.6.0.1-01291-QCAHKSWPL_SILICONZ-1
* qcom: vpu: add video firmware for sa8775p
* amdgpu: DMCUB updates for various AMDGPU ASICs
- Update to version 20240809 (git commit 36db650dae03):
* qcom: update path for video firmware for vpu-1/2/3.0
* QCA: Update Bluetooth WCN685x 2.1 firmware to 2.1.0-00642
* rtw89: 8852c: add fw format-1 v0.27.97.0
* rtw89: 8852bt: add firmware 0.29.91.0
* amdgpu: Update ISP FW for isp v4.1.1
* mediatek: Update mt8195 SOF firmware
* amdgpu: DMCUB updates for DCN314
* xe: First GuC release v70.29.2 for BMG
* xe: Add GuC v70.29.2 for LNL
* i915: Add GuC v70.29.2 for ADL-P, DG1, DG2, MTL, and TGL
* i915: Update MTL DMC v2.22
* i915: update MTL GSC to v102.0.10.1878
* xe: Add BMG HuC 8.2.10
* xe: Add GSC 104.0.0.1161 for LNL
* xe: Add LNL HuC 9.4.13
* i915: update DG2 HuC to v7.10.16
* amdgpu: Update ISP FW for isp v4.1.1
* QCA: Update Bluetooth QCA2066 firmware to 2.1.0-00641
The following package changes have been done:
- kernel-firmware-amdgpu-20241128-slfo.1.1_1.1 updated
- kernel-firmware-ath10k-20241128-slfo.1.1_1.1 updated
- kernel-firmware-ath11k-20241128-slfo.1.1_1.1 updated
- kernel-firmware-ath12k-20241128-slfo.1.1_1.1 updated
- kernel-firmware-atheros-20241128-slfo.1.1_1.1 updated
- kernel-firmware-bluetooth-20241128-slfo.1.1_1.1 updated
- kernel-firmware-bnx2-20241128-slfo.1.1_1.1 updated
- kernel-firmware-brcm-20241128-slfo.1.1_1.1 updated
- kernel-firmware-chelsio-20241128-slfo.1.1_1.1 updated
- kernel-firmware-dpaa2-20241128-slfo.1.1_1.1 updated
- kernel-firmware-i915-20241128-slfo.1.1_1.1 updated
- kernel-firmware-intel-20241128-slfo.1.1_1.1 updated
- kernel-firmware-iwlwifi-20241128-slfo.1.1_1.1 updated
- kernel-firmware-liquidio-20241128-slfo.1.1_1.1 updated
- kernel-firmware-marvell-20241128-slfo.1.1_1.1 updated
- kernel-firmware-media-20241128-slfo.1.1_1.1 updated
- kernel-firmware-mediatek-20241128-slfo.1.1_1.1 updated
- kernel-firmware-mellanox-20241128-slfo.1.1_1.1 updated
- kernel-firmware-mwifiex-20241128-slfo.1.1_1.1 updated
- kernel-firmware-network-20241128-slfo.1.1_1.1 updated
- kernel-firmware-nfp-20241128-slfo.1.1_1.1 updated
- kernel-firmware-nvidia-20241128-slfo.1.1_1.1 updated
- kernel-firmware-platform-20241128-slfo.1.1_1.1 updated
- kernel-firmware-prestera-20241128-slfo.1.1_1.1 updated
- kernel-firmware-qcom-20241128-slfo.1.1_1.1 updated
- kernel-firmware-qlogic-20241128-slfo.1.1_1.1 updated
- kernel-firmware-radeon-20241128-slfo.1.1_1.1 updated
- kernel-firmware-realtek-20241128-slfo.1.1_1.1 updated
- kernel-firmware-serial-20241128-slfo.1.1_1.1 updated
- kernel-firmware-sound-20241128-slfo.1.1_1.1 updated
- kernel-firmware-ti-20241128-slfo.1.1_1.1 updated
- kernel-firmware-ueagle-20241128-slfo.1.1_1.1 updated
- kernel-firmware-usb-network-20241128-slfo.1.1_1.1 updated
- openssh-common-9.6p1-slfo.1.1_2.1 updated
- kernel-firmware-all-20241128-slfo.1.1_1.1 updated
- openssh-server-9.6p1-slfo.1.1_2.1 updated
- openssh-clients-9.6p1-slfo.1.1_2.1 updated
- openssh-9.6p1-slfo.1.1_2.1 updated
More information about the sle-container-updates
mailing list