SUSE-CU-2025:3072-1: Security update of bci/kiwi
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Sat May 3 07:31:31 UTC 2025
SUSE Container Update Advisory: bci/kiwi
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:3072-1
Container Tags : bci/kiwi:9 , bci/kiwi:9.24 , bci/kiwi:9.24.43 , bci/kiwi:9.24.43-23.2 , bci/kiwi:latest
Container Release : 23.2
Severity : important
Type : security
References : 1241453 1241551 CVE-2025-32414 CVE-2025-32415
-----------------------------------------------------------------
The container bci/kiwi was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: 38402
Released: Fri Apr 25 11:05:30 2025
Summary: Recommended update for freetype2
Type: recommended
Severity: important
References:
This update for freetype2 fixes the following issue:
- enable brotli support (jsc#PED-12258)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:1438-1
Released: Fri May 2 15:44:07 2025
Summary: Security update for libxml2
Type: security
Severity: moderate
References: 1241453,1241551,CVE-2025-32414,CVE-2025-32415
This update for libxml2 fixes the following issues:
- CVE-2025-32414: Fixed an out-of-bounds read when parsing text via the Python API. (bsc#1241551)
- CVE-2025-32415: Fixed a crafted XML document may lead to a heap-based buffer under-read. (bsc#1241453)
The following package changes have been done:
- libxml2-tools-2.10.3-150500.5.26.1 updated
- libfreetype6-2.10.4-150000.4.22.1 updated
- java-21-openjdk-headless-21.0.7.0-150600.3.12.1 updated
- libxml2-devel-2.10.3-150500.5.26.1 updated
More information about the sle-container-updates
mailing list