SUSE-CU-2025:8585-1: Security update of suse/sle-micro/5.2/toolbox

[sle-container-updates at lists.suse.com]

SUSE Container Update Advisory: suse/sle-micro/5.2/toolbox
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:8585-1
Container Tags        : suse/sle-micro/5.2/toolbox:14.2 , suse/sle-micro/5.2/toolbox:14.2-7.11.204 , suse/sle-micro/5.2/toolbox:latest
Container Release     : 7.11.204
Severity              : moderate
Type                  : security
References            : 1249055 1253757 CVE-2025-11563 CVE-2025-7039 
-----------------------------------------------------------------

The container suse/sle-micro/5.2/toolbox was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4180-1
Released:    Mon Nov 24 08:54:45 2025
Summary:     Security update for curl
Type:        security
Severity:    moderate
References:  1253757,CVE-2025-11563
This update for curl fixes the following issues:

- CVE-2025-11563: Fixed wcurl path traversal with percent-encoded slashes (bsc#1253757)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4186-1
Released:    Mon Nov 24 08:57:53 2025
Summary:     Security update for glib2
Type:        security
Severity:    moderate
References:  1249055,CVE-2025-7039
This update for glib2 fixes the following issues:

- CVE-2025-7039: Fixed buffer under-read on glib through glib/gfileutils.c via get_tmp_file() (bsc#1249055)


The following package changes have been done:

- curl-8.14.1-150200.4.94.1 updated
- libcurl4-8.14.1-150200.4.94.1 updated
- libglib-2_0-0-2.62.6-150200.3.33.1 updated
- libgmodule-2_0-0-2.62.6-150200.3.33.1 updated