SUSE-CU-2025:5626-1: Security update of suse/manager/5.0/x86_64/server-hub-xmlrpc-api

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Wed Jul 23 20:18:40 UTC 2025 

SUSE Container Update Advisory: suse/manager/5.0/x86_64/server-hub-xmlrpc-api
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:5626-1
Container Tags        : suse/manager/5.0/x86_64/server-hub-xmlrpc-api:5.0.5 , suse/manager/5.0/x86_64/server-hub-xmlrpc-api:5.0.5.6.23.1 , suse/manager/5.0/x86_64/server-hub-xmlrpc-api:latest
Container Release     : 6.23.1
Severity              : important
Type                  : security
References            : 1242827 1243226 1243935 CVE-2025-4598 CVE-2025-6018 
-----------------------------------------------------------------

The container suse/manager/5.0/x86_64/server-hub-xmlrpc-api was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:2080-1
Released:    Tue Jun 24 12:26:23 2025
Summary:     Security update for pam-config
Type:        security
Severity:    important
References:  1243226,CVE-2025-6018
This update for pam-config fixes the following issues:

- CVE-2025-6018: Stop adding pam_env in AUTH stack, and be sure to put this module at the really end of the SESSION stack (bsc#1243226).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:2244-1
Released:    Tue Jul  8 10:44:02 2025
Summary:     Security update for systemd
Type:        security
Severity:    moderate
References:  1242827,1243935,CVE-2025-4598
This update for systemd fixes the following issues:

- CVE-2025-4598: Fixed race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump (bsc#1243935).

Other bugfixes:

- logs-show: get timestamp and boot ID only when necessary (bsc#1242827).


The following package changes have been done:

- pam-config-1.1-150600.16.8.1 updated
- libsystemd0-254.25-150600.4.40.1 updated
- systemd-254.25-150600.4.40.1 updated

More information about the sle-container-updates mailing list