SUSE-IU-2025:3163-1: Security update of suse/sl-micro/6.1/kvm-os-container
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Thu Oct 23 07:18:28 UTC 2025
SUSE Image Update Advisory: suse/sl-micro/6.1/kvm-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2025:3163-1
Image Tags : suse/sl-micro/6.1/kvm-os-container:2.2.1 , suse/sl-micro/6.1/kvm-os-container:2.2.1-5.45 , suse/sl-micro/6.1/kvm-os-container:latest
Image Release : 5.45
Severity : important
Type : security
References : 1236217 1240764 1242715 1249584 1250232 CVE-2017-14992 CVE-2017-9232
CVE-2019-11243 CVE-2019-15119 CVE-2023-32198 CVE-2024-22031 CVE-2025-1386
CVE-2025-22871 CVE-2025-22872 CVE-2025-22873 CVE-2025-23390 CVE-2025-2424
CVE-2025-24358 CVE-2025-2475 CVE-2025-24839 CVE-2025-24866 CVE-2025-2564
CVE-2025-27538 CVE-2025-27571 CVE-2025-27936 CVE-2025-30204 CVE-2025-30206
CVE-2025-30215 CVE-2025-31363 CVE-2025-31483 CVE-2025-31489 CVE-2025-32024
CVE-2025-32025 CVE-2025-32093 CVE-2025-32386 CVE-2025-32387 CVE-2025-32431
CVE-2025-32445 CVE-2025-32777 CVE-2025-32793 CVE-2025-32963 CVE-2025-35965
CVE-2025-3801 CVE-2025-3879 CVE-2025-41395 CVE-2025-41423 CVE-2025-4166
CVE-2025-4210 CVE-2025-43970 CVE-2025-43971 CVE-2025-43972 CVE-2025-43973
CVE-2025-46327 CVE-2025-46342 CVE-2025-46569 CVE-2025-46599 CVE-2025-59375
CVE-2025-9230
-----------------------------------------------------------------
The container suse/sl-micro/6.1/kvm-os-container was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: 315
Released: Wed Oct 22 14:12:39 2025
Summary: Security update for expat
Type: security
Severity: important
References: 1249584,CVE-2017-14992,CVE-2017-9232,CVE-2019-11243,CVE-2019-15119,CVE-2023-32198,CVE-2024-22031,CVE-2025-1386,CVE-2025-22871,CVE-2025-22872,CVE-2025-23390,CVE-2025-2424,CVE-2025-24358,CVE-2025-2475,CVE-2025-24839,CVE-2025-24866,CVE-2025-2564,CVE-2025-27538,CVE-2025-27571,CVE-2025-27936,CVE-2025-30204,CVE-2025-30206,CVE-2025-30215,CVE-2025-31363,CVE-2025-31483,CVE-2025-31489,CVE-2025-32024,CVE-2025-32025,CVE-2025-32093,CVE-2025-32386,CVE-2025-32387,CVE-2025-32431,CVE-2025-32445,CVE-2025-32777,CVE-2025-32793,CVE-2025-32963,CVE-2025-35965,CVE-2025-3801,CVE-2025-3879,CVE-2025-41395,CVE-2025-41423,CVE-2025-4166,CVE-2025-4210,CVE-2025-43970,CVE-2025-43971,CVE-2025-43972,CVE-2025-43973,CVE-2025-46327,CVE-2025-46342,CVE-2025-46569,CVE-2025-46599,CVE-2025-59375
This update for expat fixes the following issues:
- CVE-2025-59375: memory amplification vulnerability allows attackers to trigger excessive dynamic memory allocations
by submitting crafted XML input (bsc#1249584).
-----------------------------------------------------------------
Advisory ID: 316
Released: Wed Oct 22 14:12:39 2025
Summary: Security update for openssl-3
Type: security
Severity: important
References: 1236217,1240764,1242715,1250232,CVE-2025-22873,CVE-2025-9230
This update for openssl-3 fixes the following issues:
Security issues:
- CVE-2025-9230: Fix out-of-bounds read & write in RFC 3211 KEK unwrap (bsc#1250232)
- Disable LTO for userspace livepatching [jsc#PED-13245]
The following package changes have been done:
- libexpat1-2.7.1-slfo.1.1_3.1 updated
- libopenssl3-3.1.4-slfo.1.1_7.1 updated
- SL-Micro-release-6.1-slfo.1.11.62 updated
- container:SL-Micro-base-container-2.2.1-5.43 updated
More information about the sle-container-updates
mailing list