SUSE-CU-2025:1418-1: Security update of containers/open-webui
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Sat Mar 1 08:03:37 UTC 2025
SUSE Container Update Advisory: containers/open-webui
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:1418-1
Container Tags : containers/open-webui:0.3 , containers/open-webui:0.3.32 , containers/open-webui:0.3.32-7.45
Container Release : 7.45
Severity : important
Type : security
References : 1212607 1214290 1219213 1236834 1236842 1237363 1237370 1237418
1237431 CVE-2023-25435 CVE-2023-4016 CVE-2023-52356 CVE-2024-56171
CVE-2025-24928 CVE-2025-26597 CVE-2025-27113
-----------------------------------------------------------------
The container containers/open-webui was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:739-1
Released: Fri Feb 28 11:09:44 2025
Summary: Security update for libX11
Type: security
Severity: moderate
References: 1237431,CVE-2025-26597
This update for libX11 fixes the following issues:
- CVE-2025-26597: improper resizing of key actions when nGroups is 0 can lead to buffer overflows in
XkbChangeTypesOfKey() (bsc#1237431).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:741-1
Released: Fri Feb 28 11:15:50 2025
Summary: Security update for procps
Type: security
Severity: important
References: 1214290,1236842,CVE-2023-4016
This update for procps fixes the following issues:
- Integer overflow due to incomplete fix for CVE-2023-4016 can lead to segmentation fault in ps command when pid
argument has a leading space (bsc#1236842, bsc#1214290).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:746-1
Released: Fri Feb 28 17:10:22 2025
Summary: Security update for libxml2
Type: security
Severity: important
References: 1237363,1237370,1237418,CVE-2024-56171,CVE-2025-24928,CVE-2025-27113
This update for libxml2 fixes the following issues:
- CVE-2024-56171: use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c
(bsc#1237363).
- CVE-2025-24928: stack-based buffer overflow in xmlSnprintfElements in valid.c (bsc#1237370).
- CVE-2025-27113: NULL pointer dereference in xmlPatMatch in pattern.c (bsc#1237418).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:753-1
Released: Fri Feb 28 17:30:35 2025
Summary: Security update for tiff
Type: security
Severity: moderate
References: 1212607,1219213,1236834,CVE-2023-25435,CVE-2023-52356
This update for tiff fixes the following issues:
- CVE-2023-25435: Heap-buffer-overflow in extractContigSamplesShifted8bits() in tiffcrop.c (bsc#1212607).
- CVE-2023-52356: Segment fault in libtiff in TIFFReadRGBATileExt() leading to denial of service (bsc#1219213).
Other bugfixes:
- Fixed tiff build issue on s390x as test 12 test_directory fails (bsc#1236834).
The following package changes have been done:
- python311-rank-bm25-0.2.2-150600.1.9 updated
- libxml2-2-2.10.3-150500.5.23.1 updated
- libX11-data-1.8.7-150600.3.3.1 updated
- libtbb12-2021.13.0-150600.1.9 updated
- libthrift-0_17_0-0.17.0-150600.1.11 updated
- opencv4-cascades-data-4.10.0-150600.1.16 updated
- libX11-xcb1-1.8.7-150600.3.3.1 updated
- libprotobuf25_5_0-25.5-150600.2.38 updated
- libtiff6-4.7.0-150600.3.8.1 updated
- libX11-6-1.8.7-150600.3.3.1 updated
- python311-threadpoolctl-3.5.0-150600.1.8 updated
- python311-regex-2024.5.15-150600.1.11 updated
- python311-rapidocr-onnxruntime-1.3.24-150600.1.10 updated
- python311-psycopg2-2.9.9-150600.1.15 updated
- python311-protobuf-4.25.5-150600.2.38 updated
- python311-primp-0.6.3-150600.1.12 updated
- python311-orjson-3.10.7-150600.1.14 updated
- python311-onnxruntime-1.19.2-150600.1.9 updated
- python311-mmh3-4.1.0-150600.1.12 updated
- python311-langsmith-0.1.52-150600.1.11 updated
- python311-importlib-resources-6.1.1-150600.1.11 updated
- python311-greenlet-3.1.0-150600.1.14 updated
- python311-einops-0.8.0-150600.1.8 updated
- python311-ebcdic-1.1.1-150600.1.10 updated
- python311-django-cache-url-3.4.5-150600.1.12 updated
- python311-dill-0.3.8-150600.1.13 updated
- python311-defusedxml-0.7.1-150600.1.10 updated
- libprocps8-3.3.17-150000.7.42.1 updated
- python311-pypandoc-1.14-150600.1.9 updated
- python311-lark-1.1.9-150600.1.10 updated
- python311-proto-plus-1.24.0-150600.1.13 updated
- python311-opentelemetry-proto-1.27.0-150600.1.12 updated
- python311-Pillow-10.4.0-150600.1.12 updated
- python311-fake-useragent-1.5.1-150600.1.9 updated
- python311-anyio-4.4.0-150600.1.11 updated
- python311-SQLAlchemy-2.0.32-150600.1.13 updated
- python311-multiprocess-0.70.16-150600.1.10 updated
- python311-redis-5.0.8-150600.1.10 updated
- python311-uvicorn-0.30.6-150600.1.10 updated
- libarrow1700-17.0.0-150600.2.14 updated
- procps-3.3.17-150000.7.42.1 updated
- python311-opentelemetry-exporter-otlp-proto-common-1.27.0-150600.1.12 updated
- python311-aiohttp-3.10.8-150600.1.10 updated
- python311-python-pptx-1.0.2-150600.1.9 updated
- python311-et_xmlfile-1.0.1-150600.1.10 updated
- python311-pytest-docker-3.1.1-150600.1.11 updated
- python311-duckduckgo-search-6.2.13-150600.1.9 updated
- python311-APScheduler-3.10.4-150600.1.12 updated
- python311-alembic-1.13.2-150600.1.10 updated
- python311-googleapis-common-protos-1.63.2-150600.1.13 updated
- libparquet1700-17.0.0-150600.2.14 updated
- libarrow_acero1700-17.0.0-150600.2.14 updated
- python311-psutil-6.0.0-150600.1.12 updated
- python311-numpy1-1.26.4-150600.1.22 updated
- python311-dataclasses-json-0.6.7-150600.1.11 updated
- python311-typer-slim-0.12.5-150600.1.10 updated
- python311-fastapi-0.114.2-150600.1.11 updated
- python311-black-24.8.0-150600.1.9 updated
- python311-openpyxl-3.1.5-150600.1.9 updated
- libarrow_flight1700-17.0.0-150600.2.14 updated
- libarrow_dataset1700-17.0.0-150600.2.14 updated
- python311-torch-2.5.0-150600.1.5 updated
- python311-scipy-1.14.1-150600.1.18 updated
- python311-pandas-2.2.3-150600.1.23 updated
- python311-joblib-1.4.2-150600.1.10 updated
- python311-chroma-hnswlib-0.7.6-150600.2.8 updated
- python311-Django-5.1.1-150600.1.11 updated
- python311-typer-0.12.5-150600.1.10 updated
- python311-openai-1.40.8-150600.1.11 updated
- python311-pyarrow-17.0.0-150600.2.26 updated
- python311-scikit-learn-1.5.1-150600.1.20 updated
- python311-opentelemetry-exporter-otlp-proto-grpc-1.27.0-150600.1.13 updated
- python311-RTFDE-0.1.1-150600.1.9 updated
- python311-dj-database-url-2.3.0-150600.1.11 updated
- python311-fpdf2-2.7.9-150600.1.12 updated
- libopencv410-4.10.0-150600.1.16 updated
- python311-tiktoken-0.7.0-150600.1.12 updated
- python311-python-engineio-4.8.0-150600.1.11 updated
- python311-nltk-3.9.1-150600.1.11 updated
- python311-google-auth-2.34.0-150600.1.10 updated
- python311-extract-msg-0.49.0-150600.1.9 updated
- python311-environs-11.0.0-150600.1.11 updated
- libopencv_objdetect410-4.10.0-150600.1.16 updated
- libopencv_imgcodecs410-4.10.0-150600.1.16 updated
- python311-python-socketio-5.11.4-150600.1.11 updated
- python311-kubernetes-28.1.0-150600.1.9 updated
- python311-google-auth-httplib2-0.2.0-150600.1.10 updated
- python311-google-api-core-2.19.2-150600.1.13 updated
- libopencv_face410-4.10.0-150600.1.16 updated
- libopencv_aruco410-4.10.0-150600.1.16 updated
- libopencv_ximgproc410-4.10.0-150600.1.16 updated
- python311-google-api-python-client-2.143.0-150600.1.13 updated
- python311-google-ai-generativelanguage-0.6.10-150600.1.13 updated
- python311-av-11.0.0-150600.1.12 updated
- libopencv_optflow410-4.10.0-150600.1.16 updated
- libopencv_highgui410-4.10.0-150600.1.16 updated
- python311-google-generativeai-0.8.2-150600.1.13 updated
- python311-datasets-3.0.1-150600.1.15 updated
- python311-transformers-4.44.2-150600.1.9 updated
- python311-anthropic-0.33.1-150600.1.10 updated
- python311-pydub-0.25.1-150600.1.11 updated
- libopencv_gapi410-4.10.0-150600.1.16 updated
- python311-colbert-ai-0.2.21-150600.1.15 updated
- libopencv_videoio410-4.10.0-150600.1.16 updated
- python311-opencv-4.10.0-150600.1.16 updated
- python311-open-webui-0.3.32-150600.1.58 updated
- container:registry.suse.com-bci-bci-base-15.6-98ba7d35f2614b8a698ef17e02f667dc830a6aea65fd6f99ca5d1cb2bb78435f-0 updated
More information about the sle-container-updates
mailing list