SUSE-CU-2025:4359-1: Security update of suse/kiosk/xorg

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Wed Jun 18 07:15:53 UTC 2025 

SUSE Container Update Advisory: suse/kiosk/xorg
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:4359-1
Container Tags        : suse/kiosk/xorg:21 , suse/kiosk/xorg:21.1 , suse/kiosk/xorg:21.1-46.1 , suse/kiosk/xorg:notaskbar
Container Release     : 46.1
Severity              : important
Type                  : security
References            : 1244082 1244084 1244085 1244087 1244089 1244090 CVE-2025-49175
                        CVE-2025-49176 CVE-2025-49177 CVE-2025-49178 CVE-2025-49179 CVE-2025-49180
-----------------------------------------------------------------

The container suse/kiosk/xorg was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:1980-1
Released:    Tue Jun 17 17:30:26 2025
Summary:     Security update for xorg-x11-server
Type:        security
Severity:    important
References:  1244082,1244084,1244085,1244087,1244089,1244090,CVE-2025-49175,CVE-2025-49176,CVE-2025-49177,CVE-2025-49178,CVE-2025-49179,CVE-2025-49180
This update for xorg-x11-server fixes the following issues:

- CVE-2025-49175: Out-of-bounds access in X Rendering extension (Animated cursors) (bsc#1244082).
- CVE-2025-49176: Integer overflow in Big Requests Extension (bsc#1244084).
- CVE-2025-49177: Data leak in XFIXES Extension 6 (XFixesSetClientDisconnectMode) (bsc#1244085).
- CVE-2025-49178: Unprocessed client request via bytes to ignore (bsc#1244087).
- CVE-2025-49179: Integer overflow in X Record extension (bsc#1244089).
- CVE-2025-49180: Integer overflow in RandR extension (RRChangeProviderProperty) (bsc#1244090).


The following package changes have been done:

- xorg-x11-server-Xvfb-21.1.11-150600.5.12.1 updated
- xorg-x11-server-21.1.11-150600.5.12.1 updated
- container:suse-sle15-15.6-9915f065a551ffb0d36733cc7815ef280d67263747176daae70f34a7daf3aeb2-0 updated
- container:registry.suse.com-bci-bci-micro-15.6-7896824d92030b8aaeb301b0bf4ef37ab2d17e60882d32079d3f45e182f305dc-0 updated

More information about the sle-container-updates mailing list