SUSE-CU-2025:7339-1: Security update of bci/kiwi

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Wed Oct 15 07:16:14 UTC 2025 

SUSE Container Update Advisory: bci/kiwi
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:7339-1
Container Tags        : bci/kiwi:9 , bci/kiwi:9.24 , bci/kiwi:9.24.43 , bci/kiwi:9.24.43-20.6 , bci/kiwi:latest
Container Release     : 20.6
Severity              : important
Type                  : security
References            : 1230267 1246912 1249584 1250343 CVE-2025-59375 
-----------------------------------------------------------------

The container bci/kiwi was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:3489-1
Released:    Wed Oct  8 08:23:53 2025
Summary:     Recommended update for libsolv, libzypp, zypper
Type:        recommended
Severity:    important
References:  1230267,1246912,1250343
This update for libsolv, libzypp, zypper fixes the following issues:

- fixed rare crash in the handling of allowuninstall in combination with forcebest updates
- new pool_satisfieddep_map feature to test if a set of packages satisfies a dependency
- runposttrans: strip root prefix from tmppath (bsc#1250343)
- fixup! Make ld.so ignore the subarch packages during install (bsc#1246912)
- Make ld.so ignore the subarch packages during install (bsc#1246912)
- Fixed `bash-completion`: `zypper refresh` now ignores repository priority lines.
- Changes to support building against restructured libzypp in stack build (bsc#1230267)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:3508-1
Released:    Thu Oct  9 10:32:56 2025
Summary:     Security update for expat
Type:        security
Severity:    important
References:  1249584,CVE-2025-59375
This update for expat fixes the following issues:

- CVE-2025-59375: memory amplification vulnerability allows attackers to trigger excessive dynamic memory allocations
  by submitting crafted XML input (bsc#1249584).


The following package changes have been done:

- libsolv-tools-base-0.7.35-150700.11.3.1 updated
- libzypp-17.37.18-150700.6.3.1 updated
- zypper-1.14.94-150700.13.3.1 updated
- libexpat1-2.7.1-150700.3.6.1 updated
- container:registry.suse.com-bci-bci-base-15.7-5b0ddc1b793392d929e479d905c39f68b1dbff898fbc8834c86033bcc2277d34-0 updated

More information about the sle-container-updates mailing list