SUSE-CU-2025:5285-1: Security update of containers/open-webui

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Tue Jul 15 07:04:58 UTC 2025 

SUSE Container Update Advisory: containers/open-webui
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:5285-1
Container Tags        : containers/open-webui:0 , containers/open-webui:0.6.9 , containers/open-webui:0.6.9-10.33
Container Release     : 10.33
Severity              : moderate
Type                  : security
References            : 1229655 1244403 1244404 1244407 CVE-2025-47806 CVE-2025-47807
                        CVE-2025-47808 
-----------------------------------------------------------------

The container containers/open-webui was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:2301-1
Released:    Mon Jul 14 11:48:57 2025
Summary:     Recommended update for cyrus-sasl
Type:        recommended
Severity:    moderate
References:  1229655
This update for cyrus-sasl fixes the following issues:

- Add Channel Binding support for GSSAPI/GSS-SPNEGO (bsc#1229655, jsc#PED-12097)
- Add support for setting max ssf 0 to GSS-SPNEGO (bsc#1229655, jsc#PED-12097).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:2302-1
Released:    Mon Jul 14 12:50:21 2025
Summary:     Security update for gstreamer-plugins-base
Type:        security
Severity:    moderate
References:  1244403,1244404,1244407,CVE-2025-47806,CVE-2025-47807,CVE-2025-47808
This update for gstreamer-plugins-base fixes the following issues:

- CVE-2025-47808: Fixed NULL-pointer dereference in TMPlayer subtitle parser (bsc#1244404).
- CVE-2025-47807: Fixed NULL-pointer dereference in SubRip subtitle parser (bsc#1244403).
- CVE-2025-47806: Fixed stack buffer overflow in SubRip subtitle parser (bsc#1244407).


The following package changes have been done:

- libsasl2-3-2.1.28-150600.7.6.2 updated
- python311-pandas-2.2.3-150600.1.52 updated
- gstreamer-plugins-base-1.24.0-150600.3.11.1 updated
- libgstvideo-1_0-0-1.24.0-150600.3.11.1 updated
- libgsttag-1_0-0-1.24.0-150600.3.11.1 updated
- libgstaudio-1_0-0-1.24.0-150600.3.11.1 updated
- libgstapp-1_0-0-1.24.0-150600.3.11.1 updated
- libgstpbutils-1_0-0-1.24.0-150600.3.11.1 updated
- libgstallocators-1_0-0-1.24.0-150600.3.11.1 updated
- libgstgl-1_0-0-1.24.0-150600.3.11.1 updated
- libgstriff-1_0-0-1.24.0-150600.3.11.1 updated
- python311-open-webui-0.6.9-150600.2.10 updated
- container:registry.suse.com-bci-bci-base-15.6-8eeeceaa5112b1ed4a1366daca1c5c30b0fb89b0ea28b2a90b41e1aa01aeef21-0 updated

More information about the sle-container-updates mailing list