SUSE-CU-2025:1703-1: Security update of suse/ltss/sle12.5/sles12sp5
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Wed Mar 12 08:17:53 UTC 2025
SUSE Container Update Advisory: suse/ltss/sle12.5/sles12sp5
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:1703-1
Container Tags : suse/ltss/sle12.5/sles12sp5:8.5.55 , suse/ltss/sle12.5/sles12sp5:latest
Container Release : 8.5.55
Severity : important
Type : security
References : 1214290 1228044 1236282 1236588 1236590 1236619 1236842 1236878
1237363 1237370 1237418 CVE-2023-4016 CVE-2024-12133 CVE-2024-56171
CVE-2025-0167 CVE-2025-0395 CVE-2025-0725 CVE-2025-24528 CVE-2025-24928
CVE-2025-27113
-----------------------------------------------------------------
The container suse/ltss/sle12.5/sles12sp5 was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:351-1
Released: Tue Feb 4 10:28:20 2025
Summary: Security update for krb5
Type: security
Severity: moderate
References: 1236619,CVE-2025-24528
This update for krb5 fixes the following issues:
- CVE-2025-24528: Fixed out-of-bounds write caused by overflow when calculating ulog block size can lead to process crash (bsc#1236619).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:371-1
Released: Wed Feb 5 16:34:53 2025
Summary: Security update for curl
Type: security
Severity: moderate
References: 1236588,1236590,CVE-2025-0167,CVE-2025-0725
This update for curl fixes the following issues:
- CVE-2025-0725: Fixed gzip integer overflow (bsc#1236590)
- CVE-2025-0167: Fixed netrc and default credential leak (bsc#1236588)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:510-1
Released: Thu Feb 13 12:33:40 2025
Summary: Security update for glibc
Type: security
Severity: moderate
References: 1228044,1236282,CVE-2025-0395
This update for glibc fixes the following issue:
- CVE-2025-0395: Fix underallocation of abort_msg_s struct (bsc#1236282, BZ #32582))
- s390x-wcsncmp patch: s390x: Fix segfault in wcsncmp (bsc#1228044).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:512-1
Released: Thu Feb 13 12:47:08 2025
Summary: Security update for libtasn1
Type: security
Severity: important
References: 1236878,CVE-2024-12133
This update for libtasn1 fixes the following issues:
- CVE-2024-12133: the processing of input DER data containing a large number of SEQUENCE OF or SET OF elements takes
quadratic time to complete. (bsc#1236878)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:725-1
Released: Wed Feb 26 14:36:41 2025
Summary: Security update for procps
Type: security
Severity: important
References: 1214290,1236842,CVE-2023-4016
This update for procps fixes the following issues:
- Integer overflow due to incomplete fix for CVE-2023-4016 can lead to segmentation fault in ps command when pid
argument has a leading space (bsc#1236842, bsc#1214290).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:747-1
Released: Fri Feb 28 17:11:44 2025
Summary: Security update for libxml2
Type: security
Severity: important
References: 1237363,1237370,1237418,CVE-2024-56171,CVE-2025-24928,CVE-2025-27113
This update for libxml2 fixes the following issues:
- CVE-2024-56171: use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c
(bsc#1237363).
- CVE-2025-24928: stack-based buffer overflow in xmlSnprintfElements in valid.c (bsc#1237370).
- CVE-2025-27113: NULL pointer dereference in xmlPatMatch in pattern.c (bsc#1237418).
The following package changes have been done:
- glibc-2.22-114.40.1 updated
- krb5-1.16.3-46.18.1 updated
- libcurl4-8.0.1-11.105.1 updated
- libprocps3-3.3.9-11.33.1 updated
- libtasn1-6-4.9-3.16.1 updated
- libtasn1-4.9-3.16.1 updated
- libxml2-2-2.9.4-46.81.1 updated
- procps-3.3.9-11.33.1 updated
More information about the sle-container-updates
mailing list