SUSE-CU-2025:5538-1: Security update of suse/hpc/warewulf4-x86_64/sle-hpc-node
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Tue Jul 22 07:22:28 UTC 2025
SUSE Container Update Advisory: suse/hpc/warewulf4-x86_64/sle-hpc-node
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:5538-1
Container Tags : suse/hpc/warewulf4-x86_64/sle-hpc-node:15.6 , suse/hpc/warewulf4-x86_64/sle-hpc-node:15.6.17.8.82 , suse/hpc/warewulf4-x86_64/sle-hpc-node:latest
Container Release : 17.8.82
Severity : important
Type : security
References : 1221107 1243450 1243767 1243772 1244553 CVE-2024-2236 CVE-2024-23337
CVE-2025-48964 CVE-2025-5278
-----------------------------------------------------------------
The container suse/hpc/warewulf4-x86_64/sle-hpc-node was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:2327-1
Released: Wed Jul 16 09:05:37 2025
Summary: Recommended update for sysstat
Type: recommended
Severity: important
References: 1244553
This update for sysstat fixes the following issues:
- Find command option -H added in /usr/lib64/sa/sa2.
- Automatically enable systemd timers upon installation (bsc#1244553).
- Determine whether the current readahead window tuning is appropriate
for contemporary hardware(PED#12914).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:2362-1
Released: Fri Jul 18 11:07:24 2025
Summary: Security update for coreutils
Type: security
Severity: moderate
References: 1243767,CVE-2025-5278
This update for coreutils fixes the following issues:
- CVE-2025-5278: Fixed heap buffer under-read may lead to a crash or leak sensitive data (bsc#1243767)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:2384-1
Released: Fri Jul 18 18:45:53 2025
Summary: Security update for jq
Type: security
Severity: moderate
References: 1243450,CVE-2024-23337
This update for jq fixes the following issues:
- CVE-2024-23337: Fixed signed integer overflow in jv.c:jvp_array_write (bsc#1243450).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:2430-1
Released: Mon Jul 21 13:23:17 2025
Summary: Security update for iputils
Type: security
Severity: moderate
References: 1243772,CVE-2025-48964
This update for iputils fixes the following issues:
- CVE-2025-48964: Fixed integer overflow in ping statistics via zero timestamp (bsc#1243772).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:2447-1
Released: Mon Jul 21 16:45:25 2025
Summary: Security update for libgcrypt
Type: security
Severity: moderate
References: 1221107,CVE-2024-2236
This update for libgcrypt fixes the following issues:
- CVE-2024-2236: Fixed timing based side-channel in RSA implementation. (bsc#1221107)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:2453-1
Released: Mon Jul 21 20:04:02 2025
Summary: Recommended update for container-suseconnect
Type: recommended
Severity: moderate
References:
This update for container-suseconnect fixes the following issues:
- Do not log credentials errors
- Switch to the go native fips 140-3 module
The following package changes have been done:
- container-suseconnect-2.5.5-150000.4.67.1 updated
- coreutils-8.32-150400.9.9.1 updated
- iputils-20221126-150500.3.14.1 updated
- jq-1.6-150000.3.6.1 updated
- libgcrypt20-1.10.3-150600.3.9.1 updated
- libjq1-1.6-150000.3.6.1 updated
- sysstat-12.0.2-150000.3.45.3 updated
More information about the sle-container-updates
mailing list