SUSE-IU-2025:3485-1: Security update of suse/sle-micro/5.5

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Tue Oct 28 08:10:21 UTC 2025 

SUSE Image Update Advisory: suse/sle-micro/5.5
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2025:3485-1
Image Tags        : suse/sle-micro/5.5:2.0.4 , suse/sle-micro/5.5:2.0.4-5.5.390 , suse/sle-micro/5.5:latest
Image Release     : 5.5.390
Severity          : important
Type              : security
References        : 1246974 1249154 1249375 1251263 CVE-2025-8114 CVE-2025-8277 CVE-2025-9187
                        CVE-2025-9566 
-----------------------------------------------------------------

The container suse/sle-micro/5.5 was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:3782-1
Released:    Fri Oct 24 15:27:36 2025
Summary:     Security update for podman
Type:        security
Severity:    important
References:  1249154,CVE-2025-9566
This update for podman fixes the following issues:

- CVE-2025-9566: fixed a case when kube play command could overwrite host files (bsc#1249154).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:3788-1
Released:    Fri Oct 24 15:28:50 2025
Summary:     Security update for libssh
Type:        security
Severity:    moderate
References:  1246974,1249375,CVE-2025-8114,CVE-2025-8277
This update for libssh fixes the following issues:

- CVE-2025-8277: memory exhaustion leading to client-side DoS due to improper memory management when KEX process is
  repeated with incorrect guesses (bsc#1249375).
- CVE-2025-8114: NULL pointer dereference when an allocation error happens during the calculation of the KEX session ID
  (bsc#1246974).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:3804-1
Released:    Mon Oct 27 12:35:04 2025
Summary:     Security update for mozilla-nss
Type:        security
Severity:    important
References:  1251263,CVE-2025-9187
This update for mozilla-nss fixes the following issues:

- Move NSS DB password hash away from SHA-1

Update to NSS 3.112.2:

  * Prevent leaks during pkcs12 decoding.
  * SEC_ASN1Decode* should ensure it has read as many bytes as each length field indicates

Update to NSS 3.112.1:

  * restore support for finding certificates by decoded serial number.



The following package changes have been done:

- libfreebl3-3.112.2-150400.3.60.1 updated
- libssh-config-0.9.8-150400.3.12.1 updated
- libssh4-0.9.8-150400.3.12.1 updated
- mozilla-nss-certs-3.112.2-150400.3.60.1 updated
- mozilla-nss-3.112.2-150400.3.60.1 updated
- libsoftokn3-3.112.2-150400.3.60.1 updated
- podman-4.9.5-150500.3.49.1 updated
- container:suse-sle-micro-base-5.5-latest-2.0.4-5.8.215 updated

More information about the sle-container-updates mailing list