SUSE-IU-2025:1435-1: Security update of suse/sl-micro/6.1/kvm-os-container
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Tue May 27 16:15:36 UTC 2025
SUSE Image Update Advisory: suse/sl-micro/6.1/kvm-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2025:1435-1
Image Tags : suse/sl-micro/6.1/kvm-os-container:2.2.0 , suse/sl-micro/6.1/kvm-os-container:2.2.0-4.38 , suse/sl-micro/6.1/kvm-os-container:latest
Image Release : 4.38
Severity : critical
Type : security
References : 1234128 1234665 1239883 1243317 CVE-2025-4802
-----------------------------------------------------------------
The container suse/sl-micro/6.1/kvm-os-container was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: 122
Released: Tue May 27 11:28:57 2025
Summary: Security update for glibc
Type: security
Severity: critical
References: 1234128,1234665,1239883,1243317,CVE-2025-4802
This update for glibc fixes the following issues:
- CVE-2025-4802: elf: Ignore LD_LIBRARY_PATH and debug env var for setuid for static (bsc#1243317)
- pthreads NPTL: lost wakeup fix 2 (bsc#1234128, BZ #25847)
- Mark functions in libc_nonshared.a as hidden (bsc#1239883)
- Linux: Switch back to assembly syscall wrapper for prctl (bsc#1234665, BZ #29770)
The following package changes have been done:
- glibc-2.38-slfo.1.1_4.1 updated
- SL-Micro-release-6.1-slfo.1.11.32 updated
- glibc-locale-base-2.38-slfo.1.1_4.1 updated
- container:SL-Micro-base-container-2.2.0-4.38 updated
More information about the sle-container-updates
mailing list