SUSE-CU-2025:5129-1: Security update of rancher/elemental-channel/sl-micro

Thu Jul 10 07:05:01 UTC 2025

SUSE Container Update Advisory: rancher/elemental-channel/sl-micro
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:5129-1
Container Tags        : rancher/elemental-channel/sl-micro:6.1-base , rancher/elemental-channel/sl-micro:6.1-base-3.4
Container Release     : 3.4
Severity              : critical
Type                  : security
References            : 1219503 1225365 1234128 1234665 1239883 1243317 CVE-2023-32324
                        CVE-2023-32360 CVE-2023-34241 CVE-2023-4504 CVE-2024-35235 CVE-2025-4802
-----------------------------------------------------------------

The container rancher/elemental-channel/sl-micro was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: 122
Released:    Tue May 27 11:28:57 2025
Summary:     Security update for glibc
Type:        security
Severity:    critical
References:  1219503,1225365,1234128,1234665,1239883,1243317,CVE-2023-32324,CVE-2023-32360,CVE-2023-34241,CVE-2023-4504,CVE-2024-35235,CVE-2025-4802
This update for glibc fixes the following issues:

- CVE-2025-4802: elf: Ignore LD_LIBRARY_PATH and debug env var for setuid for static (bsc#1243317)
- pthreads NPTL: lost wakeup fix 2 (bsc#1234128, BZ #25847)
- Mark functions in libc_nonshared.a as hidden (bsc#1239883)
- Linux: Switch back to assembly syscall wrapper for prctl (bsc#1234665, BZ #29770)

The following package changes have been done:

- compat-usrmerge-tools-84.87-slfo.1.1_1.5 updated
- system-user-root-20190513-slfo.1.1_1.2 updated
- filesystem-84.87-slfo.1.1_1.2 updated
- glibc-2.38-slfo.1.1_4.1 updated
- libsepol2-3.5-slfo.1.1_1.3 updated
- libpcre2-8-0-10.42-slfo.1.1_1.4 updated
- libcrypt1-4.4.36-slfo.1.1_1.4 updated
- libselinux1-3.5-slfo.1.1_1.3 updated
- busybox-1.36.1-slfo.1.1_1.2 updated
- container:suse-toolbox-image-1.0.0-4.50 updated