SUSE-CU-2025:8708-1: Security update of suse/kiosk/firefox-esr

[sle-container-updates at lists.suse.com]

SUSE Container Update Advisory: suse/kiosk/firefox-esr
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:8708-1
Container Tags        : suse/kiosk/firefox-esr:140.5 , suse/kiosk/firefox-esr:140.5-69.14 , suse/kiosk/firefox-esr:esr , suse/kiosk/firefox-esr:latest
Container Release     : 69.14
Severity              : moderate
Type                  : security
References            : 1249055 1253757 CVE-2025-11563 CVE-2025-7039 
-----------------------------------------------------------------

The container suse/kiosk/firefox-esr was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4300-1
Released:    Fri Nov 28 13:57:41 2025
Summary:     Security update for curl
Type:        security
Severity:    moderate
References:  1253757,CVE-2025-11563
This update for curl fixes the following issues:

- CVE-2025-11563: Fixed wcurl path traversal with percent-encoded slashes (bsc#1253757)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4308-1
Released:    Fri Nov 28 16:38:46 2025
Summary:     Security update for glib2
Type:        security
Severity:    moderate
References:  1249055,CVE-2025-7039
This update for glib2 fixes the following issues:

- CVE-2025-7039: Fixed buffer under-read on glib through glib/gfileutils.c via get_tmp_file() (bsc#1249055)


The following package changes have been done:

- libglib-2_0-0-2.78.6-150600.4.22.1 updated
- libgthread-2_0-0-2.78.6-150600.4.22.1 updated
- libgobject-2_0-0-2.78.6-150600.4.22.1 updated
- libgmodule-2_0-0-2.78.6-150600.4.22.1 updated
- libgio-2_0-0-2.78.6-150600.4.22.1 updated
- glib2-tools-2.78.6-150600.4.22.1 updated
- libcurl4-8.14.1-150700.7.5.1 updated