SUSE-CU-2025:6950-1: Security update of suse/sle15

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Fri Sep 19 12:35:39 UTC 2025 

SUSE Container Update Advisory: suse/sle15
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:6950-1
Container Tags        : bci/bci-base:15.7 , bci/bci-base:15.7-5.8.32 , bci/bci-base:latest , suse/sle15:15.7 , suse/sle15:15.7-5.8.32 , suse/sle15:latest
Container Release     : 5.8.32
Severity              : important
Type                  : security
References            : 1246197 1249191 1249348 1249367 CVE-2025-10148 CVE-2025-9086
-----------------------------------------------------------------

The container suse/sle15 was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:3265-1
Released:    Thu Sep 18 12:34:39 2025
Summary:     Recommended update for container-suseconnect
Type:        recommended
Severity:    moderate
References:  

This update of container-suseconnect rebuilds it against current go1.25.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:3268-1
Released:    Thu Sep 18 13:08:10 2025
Summary:     Security update for curl
Type:        security
Severity:    important
References:  1246197,1249191,1249348,1249367,CVE-2025-10148,CVE-2025-9086
This update for curl fixes the following issues:

Security issues fixed:

- CVE-2025-9086: bug in patch comparison logic when processing cookies can lead to out-of-bounds read in heap buffer
  (bsc#1249191).
- CVE-2025-10148: predictable websocket mask can lead to proxy cache poisoning by malicious server (bsc#1249348).
    
Other issues fixed:
    
- Fix the --ftp-pasv option in curl v8.14.1 (bsc#1246197).
  * tool_getparam: fix --ftp-pasv [5f805ee]

- Update to version 8.14.1 (jsc#PED-13055, jsc#PED-13056).
  * TLS: add CURLOPT_SSL_SIGNATURE_ALGORITHMS and --sigalgs.
  * websocket: add option to disable auto-pong reply.
  * huge number of bugfixes.

  Please see https://curl.se/ch/ for full changelogs.



The following package changes have been done:

- container-suseconnect-2.5.5-150000.4.71.1 updated
- libbrotlicommon1-1.0.7-150200.3.5.1 updated
- libbrotlidec1-1.0.7-150200.3.5.1 updated

More information about the sle-container-updates mailing list