SUSE-CU-2025:5450-1: Security update of containers/open-webui

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Sat Jul 19 09:56:09 UTC 2025 

SUSE Container Update Advisory: containers/open-webui
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:5450-1
Container Tags        : containers/open-webui:0 , containers/open-webui:0.6.9 , containers/open-webui:0.6.9-10.41
Container Release     : 10.41
Severity              : moderate
Type                  : security
References            : 1234018 1234019 1234020 1243767 CVE-2024-36616 CVE-2024-36617
                        CVE-2024-36618 CVE-2025-5278 
-----------------------------------------------------------------

The container containers/open-webui was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:2362-1
Released:    Fri Jul 18 11:07:24 2025
Summary:     Security update for coreutils
Type:        security
Severity:    moderate
References:  1243767,CVE-2025-5278
This update for coreutils fixes the following issues:

- CVE-2025-5278: Fixed heap buffer under-read may lead to a crash or leak sensitive data (bsc#1243767)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:2381-1
Released:    Fri Jul 18 16:58:38 2025
Summary:     Security update for ffmpeg-4
Type:        security
Severity:    moderate
References:  1234018,1234019,1234020,CVE-2024-36616,CVE-2024-36617,CVE-2024-36618
This update for ffmpeg-4 fixes the following issues:

- CVE-2024-36618: Fixed integer overflow iff ULONG_MAX < INT64_MAX (bsc#1234020).

New CVE references, fixed in previous release:

- CVE-2024-36617: avformat/cafdec: dont seek beyond 64bit (bsc#1234019).
- CVE-2024-36616: avformat/westwood_vqa: Fix 2g packets (bsc#1234018).


The following package changes have been done:

- coreutils-8.32-150400.9.9.1 updated
- libavutil56_70-4.4.6-150600.13.27.1 updated
- libswscale5_9-4.4.6-150600.13.27.1 updated
- libswresample3_9-4.4.6-150600.13.27.1 updated
- libpostproc55_9-4.4.6-150600.13.27.1 updated
- libavresample4_0-4.4.6-150600.13.27.1 updated
- libavcodec58_134-4.4.6-150600.13.27.1 updated
- libavformat58_76-4.4.6-150600.13.27.1 updated
- libavfilter7_110-4.4.6-150600.13.27.1 updated
- libavdevice58_13-4.4.6-150600.13.27.1 updated
- ffmpeg-4-4.4.6-150600.13.27.1 updated
- python311-open-webui-0.6.9-150600.2.14 updated
- container:registry.suse.com-bci-bci-base-15.6-92ffb62e2965d56d2a210b9aa94d6684f092405e7032f2d4b48bc86f1952d0eb-0 updated

More information about the sle-container-updates mailing list