SUSE-CU-2025:4480-1: Security update of suse/rmt-server
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Thu Jun 19 07:43:27 UTC 2025
SUSE Container Update Advisory: suse/rmt-server
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:4480-1
Container Tags : suse/rmt-server:2 , suse/rmt-server:2.21 , suse/rmt-server:2.21-71.2 , suse/rmt-server:latest
Container Release : 71.2
Severity : important
Type : security
References : 1236177 1237496 1241020 1241078 1241189 1242060 1242938 1243259
1243317 CVE-2025-29087 CVE-2025-29088 CVE-2025-3277 CVE-2025-4802
-----------------------------------------------------------------
The container suse/rmt-server was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:1456-1
Released: Wed May 7 17:13:32 2025
Summary: Security update for sqlite3
Type: security
Severity: moderate
References: 1241020,1241078,1241189,CVE-2025-29087,CVE-2025-29088,CVE-2025-3277
This update for sqlite3 fixes the following issues:
- CVE-2025-29087,CVE-2025-3277: Fixed integer overflow in sqlite concat function (bsc#1241020)
- CVE-2025-29088: Fixed integer overflow through the SQLITE_DBCONFIG_LOOKASIDE component (bsc#1241078)
Other fixes:
- Updated to version 3.49.1 from Factory (jsc#SLE-16032)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:1702-1
Released: Sat May 24 11:50:53 2025
Summary: Security update for glibc
Type: security
Severity: important
References: 1243317,CVE-2025-4802
This update for glibc fixes the following issues:
- CVE-2025-4802: possible execution of attacker controlled code when statically linked setuid binaries using dlopen
search for libraries to load in LD_LIBRARY_PATH (bsc#1243317).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:1714-1
Released: Tue May 27 13:23:20 2025
Summary: Recommended update for ncurses
Type: recommended
Severity: moderate
References:
This update for ncurses fixes the following issues:
- Backport sclp terminfo description entry if for s390 sclp terminal lines
- Add a further sclp entry for qemu s390 based systems
- Make use of dumb
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:1733-1
Released: Wed May 28 17:59:52 2025
Summary: Recommended update for krb5
Type: recommended
Severity: moderate
References: 1242060
This update for krb5 fixes the following issue:
- Remove references to the LMDB backend in the kdc.conf manpage (bsc#1242060).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:1739-1
Released: Thu May 29 11:40:51 2025
Summary: Recommended update for systemd
Type: recommended
Severity: important
References: 1236177,1237496,1242938,1243259
This update for systemd fixes the following issues:
- Add missing 'systemd-journal-remote' package
to 15-SP7 (bsc#1243259)
- umount: do not move busy network mounts (bsc#1236177)
- Apply coredump sysctl settings on systemd-coredump updates/removals.
- Fix the issue with journalctl not working
for users in Container UID range (bsc#1242938)
Don't write messages sent from users with UID falling into the container UID
range to the system journal. Daemons in the container don't talk to the
outside journald as they talk to the inner one directly, which does its
journal splitting based on shifted uids.
- man/pstore.conf: pstore.conf template is not always installed in /etc
- man: coredump.conf template is not always installed in /etc (bsc#1237496)
The following package changes have been done:
- glibc-2.38-150600.14.32.1 updated
- libsqlite3-0-3.49.1-150000.3.27.1 updated
- libncurses6-6.1-150000.5.30.1 updated
- terminfo-base-6.1-150000.5.30.1 updated
- libudev1-254.24-150600.4.33.1 updated
- krb5-1.20.1-150600.11.11.2 updated
- container:registry.suse.com-bci-bci-base-15.7-326ae997c362daa3b5b65be5c8d31f20bb0d8f24682614e3eb6ff9b79092c7e2-0 updated
More information about the sle-container-updates
mailing list