SUSE-CU-2025:6949-1: Security update of suse/samba-server
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Fri Sep 19 12:35:22 UTC 2025
SUSE Container Update Advisory: suse/samba-server
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:6949-1
Container Tags : suse/samba-server:4.21 , suse/samba-server:4.21 , suse/samba-server:4.21-64.27 , suse/samba-server:latest
Container Release : 64.27
Severity : important
Type : security
References : 1230932 1246533 1249049 1249128 CVE-2024-47175 CVE-2025-58060
CVE-2025-58364
-----------------------------------------------------------------
The container suse/samba-server was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:3261-1
Released: Thu Sep 18 06:35:19 2025
Summary: Security update for cups
Type: security
Severity: important
References: 1230932,1246533,1249049,1249128,CVE-2024-47175,CVE-2025-58060,CVE-2025-58364
This update for cups fixes the following issues:
- CVE-2024-47175: no validation of IPP attributes in `ppdCreatePPDFromIPP2` when writing to a temporary PPD file allows
for the injection of attacker-controlled data to the resulting PPD (bsc#1230932).
- CVE-2025-58060: no password check when `AuthType` is set to anything but `Basic` and a request is made with an
`Authorization: Basic` header (bsc#1249049).
- CVE-2025-58364: unsafe deserialization and validation of printer attributes leads to NULL pointer dereference
(bsc#1249128).
The following package changes have been done:
- cups-config-2.2.7-150000.3.72.1 updated
- libcups2-2.2.7-150000.3.72.1 updated
More information about the sle-container-updates
mailing list