SUSE-CU-2025:7238-1: Security update of suse/kiosk/pulseaudio
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Thu Oct 2 11:29:04 UTC 2025
SUSE Container Update Advisory: suse/kiosk/pulseaudio
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:7238-1
Container Tags : suse/kiosk/pulseaudio:17 , suse/kiosk/pulseaudio:17.0 , suse/kiosk/pulseaudio:17.0-64.4 , suse/kiosk/pulseaudio:latest
Container Release : 64.4
Severity : low
Type : security
References : 1247589 CVE-2025-50422
-----------------------------------------------------------------
The container suse/kiosk/pulseaudio was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:3449-1
Released: Thu Oct 2 09:15:17 2025
Summary: Security update for cairo
Type: security
Severity: low
References: 1247589,CVE-2025-50422
This update for cairo fixes the following issues:
- CVE-2025-50422: Fixed Poppler crash on malformed input (bsc#1247589)
- Update to version 1.18.4:
+ The dependency on LZO has been made optional through a build
time configuration toggle.
+ You can build Cairo against a Freetype installation that does
not have the FT_Color type.
+ Cairo tests now build on Solaris 11.4 with GCC 14.
+ The DirectWrite backend now builds on MINGW 11.
+ The DirectWrite backend now supports font variations and proper
glyph coverage.
- Use tarball in lieu of source service due to freedesktop gitlab
migration, will switch back at next release at the latest.
- Add pkgconfig(lzo2) BuildRequires: New optional dependency, build
lzo2 support feature.
- Convert to source service: allows for easier upgrades by the
GNOME team.
- Update to version 1.18.2:
+ The malloc-stats code has been removed from the tests directory
+ Cairo now requires a version of pixman equal to, or newer than,
0.40.
+ There have been multiple build fixes for newer versions of GCC
for MSVC; for Solaris; and on macOS 10.7.
+ PNG errors caused by loading malformed data are correctly
propagated to callers, so they can handle the case.
+ Both stroke and fill colors are now set when showing glyphs on
a PDF surface.
+ All the font options are copied when creating a fallback font
object.
+ When drawing text on macOS, Cairo now tries harder to select
the appropriate font name.
+ Cairo now prefers the COLRv1 table inside a font, if one is
available.
+ Cairo requires a C11 toolchain when building.
The following package changes have been done:
- libcairo2-1.18.4-150600.3.3.1 updated
- container:suse-sle15-15.7-c748b740034bd7faee2a71a60ccfdc9e27e13d317b6e9823dbac93189c7f6c8f-0 updated
- container:registry.suse.com-bci-bci-micro-15.7-c1aae46db7c54cb25fdee08057b82408d4ca85fec3670a0a866563002a249177-0 updated
More information about the sle-container-updates
mailing list