SUSE-CU-2025:2063-1: Security update of suse/hpc/warewulf4-x86_64/sle-hpc-node

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Wed Mar 26 08:11:52 UTC 2025 

SUSE Container Update Advisory: suse/hpc/warewulf4-x86_64/sle-hpc-node
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:2063-1
Container Tags        : suse/hpc/warewulf4-x86_64/sle-hpc-node:15.6 , suse/hpc/warewulf4-x86_64/sle-hpc-node:15.6.17.8.18 , suse/hpc/warewulf4-x86_64/sle-hpc-node:latest
Container Release     : 17.8.18
Severity              : important
Type                  : security
References            : 1234015 1236643 1236826 1236886 1239465 CVE-2025-27363 
-----------------------------------------------------------------

The container suse/hpc/warewulf4-x86_64/sle-hpc-node was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:997-1
Released:    Mon Mar 24 18:52:00 2025
Summary:     Recommended update for openssh
Type:        recommended
Severity:    moderate
References:  1236826
This update for openssh fixes the following issue:

- Fix ssh client segfault with GSSAPIKeyExchange=yes in ssh_kex2
  due to gssapi proposal not being correctly initialized (bsc#1236826).
  The problem was introduced in the rebase of the patch for 9.6p1

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:998-1
Released:    Tue Mar 25 03:07:02 2025
Summary:     Security update for freetype2
Type:        security
Severity:    important
References:  1239465,CVE-2025-27363
This update for freetype2 fixes the following issues:

- CVE-2025-27363: Fixed out-of-bounds write when attempting to parse font 
  subglyph structures related to TrueType GX and variable font files (bsc#1239465).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:1016-1
Released:    Tue Mar 25 15:59:05 2025
Summary:     Recommended update for systemd
Type:        recommended
Severity:    important
References:  1234015,1236643,1236886
This update for systemd fixes the following issues:

- udev: allow/denylist for reading sysfs attributes when composing a NIC name (bsc#1234015)
- journald: close runtime journals before their parent directory removed
- journald: reset runtime seqnum data when flushing to system journal (bsc#1236886)
- Move systemd-userwork from the experimental sub-package to the main package (bsc#1236643)
  It is likely an oversight from when systemd-userdb was migrated from the
  experimental package to the main one.
  

The following package changes have been done:

- libfreetype6-2.10.4-150000.4.18.1 updated
- libsystemd0-254.24-150600.4.28.1 updated
- libudev1-254.24-150600.4.28.1 updated
- openssh-clients-9.6p1-150600.6.18.4 updated
- openssh-common-9.6p1-150600.6.18.4 updated
- openssh-server-9.6p1-150600.6.18.4 updated
- openssh-9.6p1-150600.6.18.4 updated
- systemd-254.24-150600.4.28.1 updated
- udev-254.24-150600.4.28.1 updated

More information about the sle-container-updates mailing list