SUSE-CU-2025:3710-1: Security update of rancher/elemental-channel/sl-micro
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Tue May 27 07:05:34 UTC 2025
SUSE Container Update Advisory: rancher/elemental-channel/sl-micro
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:3710-1
Container Tags : rancher/elemental-channel/sl-micro:6.1-base , rancher/elemental-channel/sl-micro:6.1-base-8.1
Container Release : 8.1
Severity : critical
Type : security
References : 1234128 1239883 1243317 CVE-2025-4802
-----------------------------------------------------------------
The container rancher/elemental-channel/sl-micro was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: 328
Released: Wed May 21 13:04:20 2025
Summary: Security update for glibc
Type: security
Severity: critical
References: 1234128,1239883,1243317,CVE-2025-4802
This update for glibc fixes the following issues:
- CVE-2025-4802: Fixed local root exploits when using static built setuid root applications. (elf: Ignore LD_LIBRARY_PATH and debug env var for setuid for static) (bsc#1243317)
- pthreads NPTL: lost wakeup fix 2 (bsc#1234128, BZ #25847)
- Mark functions in libc_nonshared.a as hidden (bsc#1239883)
The following package changes have been done:
- glibc-2.38-9.1 updated
- container:suse-toolbox-image-1.0.0-8.7 updated
More information about the sle-container-updates
mailing list