SUSE-IU-2025:1776-1: Security update of suse/sl-micro/6.1/base-os-container
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Wed Jul 9 07:05:42 UTC 2025
SUSE Image Update Advisory: suse/sl-micro/6.1/base-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2025:1776-1
Image Tags : suse/sl-micro/6.1/base-os-container:2.2.1 , suse/sl-micro/6.1/base-os-container:2.2.1-5.5 , suse/sl-micro/6.1/base-os-container:latest
Image Release : 5.5
Severity : moderate
Type : security
References : 1236931 1239119 1243069 CVE-2025-30258
-----------------------------------------------------------------
The container suse/sl-micro/6.1/base-os-container was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: 173
Released: Tue Jul 8 18:15:02 2025
Summary: Security update for gpg2
Type: security
Severity: moderate
References: 1236931,1239119,1243069,CVE-2025-30258
This update for gpg2 fixes the following issues:
- CVE-2025-30258: Fix a verification DoS due to a malicious subkey in the keyring: [bsc#1239119, bsc#1236931]]
* gpg: Fix regression for the recent malicious subkey DoS fix.
* gpg: Fix another regression due to the T7547 fix.
* gpg: Allow the use of an ADSK subkey as ADSK subkey.
- Don't install expired sks certificate [bsc#1243069]
The following package changes have been done:
- SL-Micro-release-6.1-slfo.1.11.42 updated
- gpg2-2.4.4-slfo.1.1_5.1 updated
- container:suse-toolbox-image-1.0.0-4.49 updated
More information about the sle-container-updates
mailing list