SUSE-CU-2025:5537-1: Security update of suse/ltss/sle15.5/sle15

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Tue Jul 22 07:21:27 UTC 2025 

SUSE Container Update Advisory: suse/ltss/sle15.5/sle15
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:5537-1
Container Tags        : suse/ltss/sle15.5/bci-base:15.5 , suse/ltss/sle15.5/bci-base:15.5-5.12 , suse/ltss/sle15.5/sle15:15.5 , suse/ltss/sle15.5/sle15:15.5-5.12 , suse/ltss/sle15.5/sle15:latest
Container Release     : 5.12
Severity              : moderate
Type                  : security
References            : 1242844 1243767 CVE-2025-4373 CVE-2025-5278 
-----------------------------------------------------------------

The container suse/ltss/sle15.5/sle15 was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:2362-1
Released:    Fri Jul 18 11:07:24 2025
Summary:     Security update for coreutils
Type:        security
Severity:    moderate
References:  1243767,CVE-2025-5278
This update for coreutils fixes the following issues:

- CVE-2025-5278: Fixed heap buffer under-read may lead to a crash or leak sensitive data (bsc#1243767)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:2375-1
Released:    Fri Jul 18 15:16:14 2025
Summary:     Security update for glib2
Type:        security
Severity:    moderate
References:  1242844,CVE-2025-4373
This update for glib2 fixes the following issues:

- CVE-2025-4373: integer overflow in the `g_string_insert_unichar()` function can lead to buffer underwrite and memory
  corruption (bsc#1242844).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:2453-1
Released:    Mon Jul 21 20:04:02 2025
Summary:     Recommended update for container-suseconnect
Type:        recommended
Severity:    moderate
References:  
This update for container-suseconnect fixes the following issues:

- Do not log credentials errors
- Switch to the go native fips 140-3 module


The following package changes have been done:

- container-suseconnect-2.5.5-150000.4.67.1 updated
- coreutils-8.32-150400.9.9.1 updated
- libglib-2_0-0-2.70.5-150400.3.23.1 updated

More information about the sle-container-updates mailing list