SUSE-IU-2025:3790-1: Security update of suse/sl-micro/6.2/baremetal-os-container
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Sat Nov 29 08:37:27 UTC 2025
SUSE Image Update Advisory: suse/sl-micro/6.2/baremetal-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2025:3790-1
Image Tags : suse/sl-micro/6.2/baremetal-os-container:2.3.0 , suse/sl-micro/6.2/baremetal-os-container:2.3.0-6.10 , suse/sl-micro/6.2/baremetal-os-container:latest
Image Release : 6.10
Severity : moderate
Type : security
References : 1251198 1251199 CVE-2025-61984 CVE-2025-61985
-----------------------------------------------------------------
The container suse/sl-micro/6.2/baremetal-os-container was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: 81
Released: Fri Nov 28 08:46:24 2025
Summary: Security update for openssh
Type: security
Severity: moderate
References: 1251198,1251199,CVE-2025-61984,CVE-2025-61985
This update for openssh fixes the following issues:
- CVE-2025-61984: code execution via control characters in usernames when a ProxyCommand is used (bsc#1251198).
- CVE-2025-61985: code execution via '\0' character in ssh:// URI when a ProxyCommand is used (bsc#1251199).
The following package changes have been done:
- openssh-common-10.0p2-160000.3.1 updated
- openssh-server-10.0p2-160000.3.1 updated
- openssh-clients-10.0p2-160000.3.1 updated
- openssh-10.0p2-160000.3.1 updated
More information about the sle-container-updates
mailing list