SUSE-CU-2025:1916-1: Security update of containers/open-webui

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Fri Mar 21 08:05:04 UTC 2025 

SUSE Container Update Advisory: containers/open-webui
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:1916-1
Container Tags        : containers/open-webui:0 , containers/open-webui:0.5.14 , containers/open-webui:0.5.14-9.6
Container Release     : 9.6
Severity              : important
Type                  : security
References            : 1186586 1209934 1215309 1238879 CVE-2020-22021 CVE-2020-22046
                        CVE-2022-48434 CVE-2025-27516 
-----------------------------------------------------------------

The container containers/open-webui was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:956-1
Released:    Wed Mar 19 17:12:25 2025
Summary:     Security update for python-Jinja2
Type:        security
Severity:    moderate
References:  1238879,CVE-2025-27516
This update for python-Jinja2 fixes the following issues:

- CVE-2025-27516: Fixed sandbox breakout through attr filter selecting format method (bsc#1238879)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:958-1
Released:    Wed Mar 19 17:55:55 2025
Summary:     Security update for ffmpeg-4
Type:        security
Severity:    important
References:  1186586,1209934,1215309,CVE-2020-22021,CVE-2020-22046,CVE-2022-48434
This update for ffmpeg-4 fixes the following issues:

- CVE-2022-48434: Fixed use after free in libavcodec/pthread_frame.c (bsc#1209934)
- CVE-2020-22021: Fixed Buffer Overflow vulnerability in filter_edges function in libavfilter/vf_yadif.c (bsc#1186586)
 

The following package changes have been done:

- opencv4-cascades-data-4.11.0-150600.1.6 updated
- python311-rapidocr-onnxruntime-1.3.24-150600.1.18 updated
- python311-peewee-3.17.8-150600.1.4 updated
- python311-langsmith-0.1.52-150600.1.22 updated
- python311-django-cache-url-3.4.5-150600.1.19 updated
- python311-Jinja2-3.1.2-150400.12.14.1 updated
- python311-marshmallow-3.20.2-150600.1.8 updated
- python311-aiocache-0.12.3-150600.1.5 updated
- python311-Flask-3.0.3-150600.1.11 updated
- libavutil56_70-4.4.5-150600.13.19.1 updated
- python311-langchain-core-0.3.37-150600.1.8 updated
- python311-dataclasses-json-0.6.7-150600.1.19 updated
- python311-typer-slim-0.12.5-150600.1.19 updated
- python311-fastapi-0.115.8-150600.1.17 updated
- python311-Flask-Cors-5.0.0-150600.1.11 updated
- python311-torch-2.5.0-150600.1.15 updated
- python311-scipy-1.14.1-150600.1.26 updated
- python311-pgvector-0.3.6-150600.1.8 updated
- libswscale5_9-4.4.5-150600.13.19.1 updated
- libswresample3_9-4.4.5-150600.13.19.1 updated
- libpostproc55_9-4.4.5-150600.13.19.1 updated
- libavresample4_0-4.4.5-150600.13.19.1 updated
- python311-langchain-text_splitters-0.3.19-150600.1.7 updated
- python311-Django-5.1.1-150600.1.18 updated
- python311-typer-0.12.5-150600.1.19 updated
- python311-scikit-learn-1.5.1-150600.1.28 updated
- libavcodec58_134-4.4.5-150600.13.19.1 updated
- python311-dj-database-url-2.3.0-150600.1.18 updated
- python311-fpdf2-2.8.2-150600.1.9 updated
- libavformat58_76-4.4.5-150600.13.19.1 updated
- libopencv411-4.11.0-150600.1.6 updated
- python311-nltk-3.9.1-150600.1.20 updated
- python311-google-auth-2.34.0-150600.1.18 updated
- python311-Authlib-1.4.1-150600.1.8 updated
- python311-environs-11.0.0-150600.1.20 updated
- libavfilter7_110-4.4.5-150600.13.19.1 updated
- libopencv_objdetect411-4.11.0-150600.1.6 updated
- libopencv_imgcodecs411-4.11.0-150600.1.6 updated
- python311-langchain-community-0.3.18-150600.1.8 updated
- python311-langchain-0.3.19-150600.1.7 updated
- python311-kubernetes-28.1.0-150600.1.19 updated
- python311-google-auth-oauthlib-1.2.1-150600.1.9 updated
- python311-google-auth-httplib2-0.2.0-150600.1.18 updated
- python311-google-api-core-2.19.2-150600.1.23 updated
- libavdevice58_13-4.4.5-150600.13.19.1 updated
- libopencv_face411-4.11.0-150600.1.6 updated
- libopencv_aruco411-4.11.0-150600.1.6 updated
- libopencv_ximgproc411-4.11.0-150600.1.6 updated
- python311-google-api-python-client-2.143.0-150600.1.23 updated
- python311-google-ai-generativelanguage-0.6.10-150600.1.23 updated
- python311-av-11.0.0-150600.1.18 updated
- ffmpeg-4-4.4.5-150600.13.19.1 updated
- libopencv_optflow411-4.11.0-150600.1.6 updated
- libopencv_highgui411-4.11.0-150600.1.6 updated
- python311-google-generativeai-0.8.2-150600.1.25 updated
- python311-datasets-3.0.1-150600.1.25 updated
- python311-pydub-0.25.1-150600.1.22 updated
- libopencv_gapi411-4.11.0-150600.1.6 updated
- python311-colbert-ai-0.2.21-150600.1.27 updated
- libopencv_videoio411-4.11.0-150600.1.6 updated
- python311-opencv-4.11.0-150600.1.6 updated
- python311-open-webui-0.5.14-150600.1.7 updated

More information about the sle-container-updates mailing list