SUSE-IU-2025:2135-1: Security update of suse/sl-micro/6.1/base-os-container

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Tue Jul 29 07:22:43 UTC 2025 

SUSE Image Update Advisory: suse/sl-micro/6.1/base-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2025:2135-1
Image Tags        : suse/sl-micro/6.1/base-os-container:2.2.1 , suse/sl-micro/6.1/base-os-container:2.2.1-5.12 , suse/sl-micro/6.1/base-os-container:latest
Image Release     : 5.12
Severity          : important
Type              : security
References        : 1223880 1233785 1241083 1243226 1244079 CVE-2024-11498 CVE-2024-34062
                        CVE-2024-56406 CVE-2025-40909 CVE-2025-6018 
-----------------------------------------------------------------

The container suse/sl-micro/6.1/base-os-container was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: 191
Released:    Mon Jul 28 16:35:09 2025
Summary:     Security update for perl
Type:        security
Severity:    important
References:  1233785,1241083,1244079,CVE-2024-11498,CVE-2024-56406,CVE-2025-40909
This update for perl fixes the following issues:

- CVE-2024-56406: Fixed heap buffer overflow when transliterating 
  non-ASCII bytes (bsc#1241083)
- CVE-2025-40909: Fixed a working directory race condition causing
  file operations to target unintended paths (bsc#1244079)

-----------------------------------------------------------------
Advisory ID: 192
Released:    Mon Jul 28 16:36:18 2025
Summary:     Security update for pam-config
Type:        security
Severity:    important
References:  1223880,1243226,CVE-2024-34062,CVE-2025-6018
This update for pam-config fixes the following issues:

- CVE-2025-6018: Stop adding pam_env in AUTH stack, and be sure to put
  this module at the really end of the SESSION stack.  (bsc#1243226)


The following package changes have been done:

- perl-base-5.38.2-slfo.1.1_2.1 updated
- pam-config-2.11+git.20240906-slfo.1.1_2.1 updated
- SL-Micro-release-6.1-slfo.1.11.44 updated
- container:suse-toolbox-image-1.0.0-4.55 updated

More information about the sle-container-updates mailing list