SUSE-CU-2025:6921-1: Security update of private-registry/harbor-nginx

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Fri Sep 19 07:11:09 UTC 2025 

SUSE Container Update Advisory: private-registry/harbor-nginx
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:6921-1
Container Tags        : private-registry/harbor-nginx:1.21 , private-registry/harbor-nginx:1.21.5 , private-registry/harbor-nginx:1.21.5-2.40 , private-registry/harbor-nginx:latest
Container Release     : 2.40
Severity              : important
Type                  : security
References            : 1246197 1249191 1249348 1249367 CVE-2025-10148 CVE-2025-9086
-----------------------------------------------------------------

The container private-registry/harbor-nginx was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:3268-1
Released:    Thu Sep 18 13:08:10 2025
Summary:     Security update for curl
Type:        security
Severity:    important
References:  1246197,1249191,1249348,1249367,CVE-2025-10148,CVE-2025-9086
This update for curl fixes the following issues:

Security issues fixed:

- CVE-2025-9086: bug in patch comparison logic when processing cookies can lead to out-of-bounds read in heap buffer
  (bsc#1249191).
- CVE-2025-10148: predictable websocket mask can lead to proxy cache poisoning by malicious server (bsc#1249348).
    
Other issues fixed:
    
- Fix the --ftp-pasv option in curl v8.14.1 (bsc#1246197).
  * tool_getparam: fix --ftp-pasv [5f805ee]

- Update to version 8.14.1 (jsc#PED-13055, jsc#PED-13056).
  * TLS: add CURLOPT_SSL_SIGNATURE_ALGORITHMS and --sigalgs.
  * websocket: add option to disable auto-pong reply.
  * huge number of bugfixes.

  Please see https://curl.se/ch/ for full changelogs.



The following package changes have been done:

- libbrotlicommon1-1.0.7-150200.3.5.1 updated
- libbrotlidec1-1.0.7-150200.3.5.1 updated
- container:suse-sle15-15.6-d13d6758550c72c08b54298b7fb20e8d426127b4692f4b115373e2175184ada8-0 updated

More information about the sle-container-updates mailing list