SUSE-IU-2025:3713-1: Security update of suse/sle-micro/base-5.5
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Sat Nov 22 08:05:06 UTC 2025
SUSE Image Update Advisory: suse/sle-micro/base-5.5
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2025:3713-1
Image Tags : suse/sle-micro/base-5.5:2.0.4 , suse/sle-micro/base-5.5:2.0.4-5.8.221 , suse/sle-micro/base-5.5:latest
Image Release : 5.8.221
Severity : moderate
Type : security
References : 1252931 1252932 1252933 1252934 1252935 CVE-2025-54771 CVE-2025-61661
CVE-2025-61662 CVE-2025-61663 CVE-2025-61664
-----------------------------------------------------------------
The container suse/sle-micro/base-5.5 was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4152-1
Released: Fri Nov 21 10:10:35 2025
Summary: Security update for grub2
Type: security
Severity: moderate
References: 1252931,1252932,1252933,1252934,1252935,CVE-2025-54771,CVE-2025-61661,CVE-2025-61662,CVE-2025-61663,CVE-2025-61664
This update for grub2 fixes the following issues:
- CVE-2025-54771: Fixed rub_file_close() does not properly controls the fs refcount (bsc#1252931)
- CVE-2025-61662: Fixed missing unregister call for gettext command may lead to use-after-free (bsc#1252933)
- CVE-2025-61663: Fixed missing unregister call for normal commands may lead to use-after-free (bsc#1252934)
- CVE-2025-61664: Fixed missing unregister call for normal_exit command may lead to use-after-free (bsc#1252935)
- CVE-2025-61661: Fixed out-of-bounds write in grub_usb_get_string() function (bsc#1252932)
Other fixes:
- Bump upstream SBAT generation to 6
The following package changes have been done:
- grub2-2.06-150500.29.59.1 updated
- grub2-i386-pc-2.06-150500.29.59.1 updated
- grub2-x86_64-efi-2.06-150500.29.59.1 updated
More information about the sle-container-updates
mailing list