SUSE-IU-2025:1344-1: Security update of suse/sl-micro/6.1/base-os-container
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Fri May 16 07:05:52 UTC 2025
SUSE Image Update Advisory: suse/sl-micro/6.1/base-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2025:1344-1
Image Tags : suse/sl-micro/6.1/base-os-container:2.2.0 , suse/sl-micro/6.1/base-os-container:2.2.0-4.35 , suse/sl-micro/6.1/base-os-container:latest
Image Release : 4.35
Severity : important
Type : security
References : 1238700 1239335 CVE-2025-22869 CVE-2025-22870
-----------------------------------------------------------------
The container suse/sl-micro/6.1/base-os-container was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: 111
Released: Thu May 15 19:45:43 2025
Summary: Security update for elemental-operator
Type: security
Severity: important
References: 1238700,1239335,CVE-2025-22869,CVE-2025-22870
This update for elemental-operator fixes the following issues:
- Updated to v1.7.2:
* Updated header year
* CVE-2025-22870: golang.org/x/net/proxy: Fixed proxy bypass using IPv6 zone IDs (bsc#1238700)
* CVE-2025-22869: golang.org/x/crypto/ssh: Fixed Denial of Service in the Key Exchange of golang.org/x/crypto/ssh (bsc#1239335)
* Label Templates: add IP addresses to the Network variables (#885, #894)
* Fixed generation of already present resources (#892, #893)
The following package changes have been done:
- elemental-register-1.7.2-slfo.1.1_1.1 updated
- elemental-support-1.7.2-slfo.1.1_1.1 updated
More information about the sle-container-updates
mailing list