SUSE-CU-2025:5494-1: Security update of suse/kiosk/xorg-client

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Sat Jul 19 10:24:15 UTC 2025 

SUSE Container Update Advisory: suse/kiosk/xorg-client
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:5494-1
Container Tags        : suse/kiosk/xorg-client:21 , suse/kiosk/xorg-client:21-62.11 , suse/kiosk/xorg-client:latest
Container Release     : 62.11
Severity              : moderate
Type                  : security
References            : 1234018 1234019 1234020 1243767 CVE-2024-36616 CVE-2024-36617
                        CVE-2024-36618 CVE-2025-5278 
-----------------------------------------------------------------

The container suse/kiosk/xorg-client was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:2362-1
Released:    Fri Jul 18 11:07:24 2025
Summary:     Security update for coreutils
Type:        security
Severity:    moderate
References:  1243767,CVE-2025-5278
This update for coreutils fixes the following issues:

- CVE-2025-5278: Fixed heap buffer under-read may lead to a crash or leak sensitive data (bsc#1243767)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:2381-1
Released:    Fri Jul 18 16:58:38 2025
Summary:     Security update for ffmpeg-4
Type:        security
Severity:    moderate
References:  1234018,1234019,1234020,CVE-2024-36616,CVE-2024-36617,CVE-2024-36618
This update for ffmpeg-4 fixes the following issues:

- CVE-2024-36618: Fixed integer overflow iff ULONG_MAX < INT64_MAX (bsc#1234020).

New CVE references, fixed in previous release:

- CVE-2024-36617: avformat/cafdec: dont seek beyond 64bit (bsc#1234019).
- CVE-2024-36616: avformat/westwood_vqa: Fix 2g packets (bsc#1234018).


The following package changes have been done:

- coreutils-8.32-150400.9.9.1 updated
- libavutil56_70-4.4.6-150600.13.27.1 updated
- libswresample3_9-4.4.6-150600.13.27.1 updated
- libavcodec58_134-4.4.6-150600.13.27.1 updated
- container:suse-sle15-15.7-dde0e654ff7210b2ec2a12a2c047df8fc61e112cd702d19129b98a5885bf0e40-0 updated
- container:registry.suse.com-bci-bci-micro-15.7-83a881a41ea31cd0e8edae1e3893c1e645ad112da30e2e9489718b11f43c4c4f-0 updated

More information about the sle-container-updates mailing list