SUSE-CU-2025:5147-1: Security update of bci/spack
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Thu Jul 10 07:28:09 UTC 2025
SUSE Container Update Advisory: bci/spack
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:5147-1
Container Tags : bci/spack:0.23 , bci/spack:0.23.1 , bci/spack:0.23.1-11.16
Container Release : 11.16
Severity : low
Type : security
References : 1236931 1239119 1239817 CVE-2025-30258
-----------------------------------------------------------------
The container bci/spack was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:2259-1
Released: Wed Jul 9 17:18:02 2025
Summary: Recommended update for gpg2
Type: security
Severity: low
References: 1236931,1239119,1239817,CVE-2025-30258
This update for gpg2 fixes the following issues:
- CVE-2025-30258: Fixed DoS due to a malicious subkey in the keyring (bsc#1239119).
Other bugfixes:
- Do not install expired sks certificate (bsc#1243069).
- gpg hangs when importing a key (bsc#1236931).
The following package changes have been done:
- gpg2-2.4.4-150600.3.9.1 updated
- container:registry.suse.com-bci-bci-base-15.6-c1c42c1525decb5b65e08df368b6579fc6b164f8c3d906605353bce7c3fd6694-0 updated
More information about the sle-container-updates
mailing list