SUSE-IU-2025:1549-1: Security update of suse/sl-micro/6.0/kvm-os-container

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Thu Jun 12 11:34:34 UTC 2025 

SUSE Image Update Advisory: suse/sl-micro/6.0/kvm-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2025:1549-1
Image Tags        : suse/sl-micro/6.0/kvm-os-container:2.1.3 , suse/sl-micro/6.0/kvm-os-container:2.1.3-6.35 , suse/sl-micro/6.0/kvm-os-container:latest
Image Release     : 6.35
Severity          : moderate
Type              : security
References        : 1236177 1237496 1241190 1242938 CVE-2025-4598 
-----------------------------------------------------------------

The container suse/sl-micro/6.0/kvm-os-container was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: 352
Released:    Thu Jun 12 09:16:56 2025
Summary:     Security update for systemd
Type:        security
Severity:    moderate
References:  1236177,1237496,1241190,1242938,CVE-2025-4598
This update for systemd fixes the following issues:

- coredump: use %d in kernel core pattern (CVE-2025-4598)
- Revert 'macro: terminate the temporary VA_ARGS_FOREACH() array with a sentinel' (SUSE specific)
- umount: do not move busy network mounts (bsc#1236177)
- man/pstore.conf: pstore.conf template is not always installed in /etc
- man: coredump.conf template is not always installed in /etc (bsc#1237496)
- Don't write messages sent from users with UID falling into the container UID
  range to the system journal. Daemons in the container don't talk to the
  outside journald as they talk to the inner one directly, which does its
  journal splitting based on shifted uids. (bsc#1242938)
- This re-adds back the support for the persistent net name rules as well as
  their generator since predictable naming scheme is still disabled by default
  on Micro (via the `net.ifnames=0` boot option). (bsc#1241190)


The following package changes have been done:

- libudev1-254.25-1.1 updated
- libsystemd0-254.25-1.1 updated
- SL-Micro-release-6.0-25.29 updated
- systemd-254.25-1.1 updated
- udev-254.25-1.1 updated
- container:SL-Micro-base-container-2.1.3-7.8 updated

More information about the sle-container-updates mailing list