SUSE-CU-2025:8244-1: Security update of suse/hpc/warewulf4-x86_64/sle-hpc-node

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Thu Nov 13 08:16:32 UTC 2025 

SUSE Container Update Advisory: suse/hpc/warewulf4-x86_64/sle-hpc-node
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:8244-1
Container Tags        : suse/hpc/warewulf4-x86_64/sle-hpc-node:15.6 , suse/hpc/warewulf4-x86_64/sle-hpc-node:15.6.17.8.126 , suse/hpc/warewulf4-x86_64/sle-hpc-node:latest
Container Release     : 17.8.126
Severity              : moderate
Type                  : security
References            : 1082318 1133233 1181869 1243195 1251198 1251199 CVE-2025-61984
                        CVE-2025-61985 
-----------------------------------------------------------------

The container suse/hpc/warewulf4-x86_64/sle-hpc-node was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:3968-1
Released:    Thu Nov  6 11:58:36 2025
Summary:     Recommended update for libaio
Type:        recommended
Severity:    moderate
References:  1082318,1133233,1181869,1243195
This update for libaio fixes the following issues:

libaio was updated to 0.3.113 (jsc#PED-13433):

* Fix struct io_iocb_vector padding for 32bit architectures
* struct io_iocb_sockaddr padding for 32bit architectures
* Verify structure padding is correct at build time
* harness: add test for aio poll missed events
* Various patches for architectures/etc

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:3969-1
Released:    Thu Nov  6 12:08:20 2025
Summary:     Recommended update for SLES-release
Type:        recommended
Severity:    low
References:  
This update for SLES-release provides the following fix:

- Adjust the EOL date for the product.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4067-1
Released:    Wed Nov 12 09:03:26 2025
Summary:     Security update for openssh
Type:        security
Severity:    moderate
References:  1251198,1251199,CVE-2025-61984,CVE-2025-61985
This update for openssh fixes the following issues:

- CVE-2025-61984: Fixed code execution via control characters in usernames when a ProxyCommand is used (bsc#1251198)
- CVE-2025-61985: Fixed code execution via '\0' character in ssh:// URI when a ProxyCommand is used (bsc#1251199)


The following package changes have been done:

- libaio1-0.3.113-150600.15.3.1 updated
- openssh-clients-9.6p1-150600.6.34.1 updated
- openssh-common-9.6p1-150600.6.34.1 updated
- openssh-server-9.6p1-150600.6.34.1 updated
- openssh-9.6p1-150600.6.34.1 updated
- sles-release-15.6-150600.64.6.1 updated

More information about the sle-container-updates mailing list