SUSE-CU-2025:8588-1: Security update of suse/sle-micro-rancher/5.4
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Tue Nov 25 16:39:01 UTC 2025
SUSE Container Update Advisory: suse/sle-micro-rancher/5.4
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:8588-1
Container Tags : suse/sle-micro-rancher/5.4:5.4.4.5.96 , suse/sle-micro-rancher/5.4:latest
Container Release : 4.5.96
Severity : moderate
Type : security
References : 1252931 1252932 1252933 1252934 1252935 CVE-2025-54771 CVE-2025-61661
CVE-2025-61662 CVE-2025-61663 CVE-2025-61664
-----------------------------------------------------------------
The container suse/sle-micro-rancher/5.4 was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4224-1
Released: Tue Nov 25 10:53:48 2025
Summary: Security update for grub2
Type: security
Severity: moderate
References: 1252931,1252932,1252933,1252934,1252935,CVE-2025-54771,CVE-2025-61661,CVE-2025-61662,CVE-2025-61663,CVE-2025-61664
This update for grub2 fixes the following issues:
- CVE-2025-54771: Fixed rub_file_close() does not properly controls the fs refcount (bsc#1252931)
- CVE-2025-61661: Fixed out-of-bounds write in grub_usb_get_string() function (bsc#1252932)
- CVE-2025-61662: Fixed missing unregister call for gettext command may lead to use-after-free (bsc#1252933)
- CVE-2025-61663: Fixed missing unregister call for normal commands may lead to use-after-free (bsc#1252934)
- CVE-2025-61664: Fixed missing unregister call for normal_exit command may lead to use-after-free (bsc#1252935)
Other fixes:
- Bump upstream SBAT generation to 6
The following package changes have been done:
- grub2-i386-pc-2.06-150400.11.66.1 updated
- grub2-x86_64-efi-2.06-150400.11.66.1 updated
- grub2-2.06-150400.11.66.1 updated
More information about the sle-container-updates
mailing list