From sle-container-updates at lists.suse.com Wed Apr 1 07:20:14 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Wed, 1 Apr 2026 09:20:14 +0200 (CEST) Subject: SUSE-CU-2026:2267-1: Security update of suse/sl-micro/6.0/toolbox Message-ID: <20260401072014.3B1CEFD12@maintenance.suse.de> SUSE Container Update Advisory: suse/sl-micro/6.0/toolbox ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:2267-1 Container Tags : suse/sl-micro/6.0/toolbox:13.2 , suse/sl-micro/6.0/toolbox:13.2-9.86 , suse/sl-micro/6.0/toolbox:latest Container Release : 9.86 Severity : important Type : security References : 1257181 1259240 CVE-2026-1299 CVE-2026-2297 ----------------------------------------------------------------- The container suse/sl-micro/6.0/toolbox was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 647 Released: Tue Mar 31 11:07:43 2026 Summary: Security update for python311 Type: security Severity: important References: 1257181,1259240,CVE-2026-1299,CVE-2026-2297 This update for python311 fixes the following issues: - CVE-2026-1299: header injection when an email is serialized due to improper newline quoting (bsc#1257181). - CVE-2026-2297: validation bypass via incorrectly handled hook in FileLoader (bsc#1259240). The following package changes have been done: - SL-Micro-release-6.0-25.80 updated - libpython3_11-1_0-3.11.15-2.1 updated - python311-base-3.11.15-2.1 updated - skelcd-EULA-SL-Micro-2024.01.19-8.79 updated From sle-container-updates at lists.suse.com Wed Apr 1 07:21:16 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Wed, 1 Apr 2026 09:21:16 +0200 (CEST) Subject: SUSE-IU-2026:1666-1: Security update of suse/sl-micro/6.1/baremetal-os-container Message-ID: <20260401072116.69213FD1A@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.1/baremetal-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1666-1 Image Tags : suse/sl-micro/6.1/baremetal-os-container:2.2.1 , suse/sl-micro/6.1/baremetal-os-container:2.2.1-7.81 , suse/sl-micro/6.1/baremetal-os-container:latest Image Release : 7.81 Severity : important Type : security References : 1244485 1246118 1247719 1247720 1247816 1248082 1249141 1257181 1258008 1258009 1258010 1258011 1258754 1259240 CVE-2025-4674 CVE-2025-47906 CVE-2025-47907 CVE-2025-47910 CVE-2026-1299 CVE-2026-2003 CVE-2026-2004 CVE-2026-2005 CVE-2026-2006 CVE-2026-2297 ----------------------------------------------------------------- The container suse/sl-micro/6.1/baremetal-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 465 Released: Tue Mar 31 11:07:06 2026 Summary: Security update for python311 Type: security Severity: important References: 1244485,1246118,1247719,1247720,1247816,1248082,1249141,1257181,1258008,1258009,1258010,1258011,1258754,1259240,CVE-2025-4674,CVE-2025-47906,CVE-2025-47907,CVE-2025-47910,CVE-2026-1299,CVE-2026-2003,CVE-2026-2004,CVE-2026-2005,CVE-2026-2006,CVE-2026-2297 This update for python311 fixes the following issues: - CVE-2026-1299: header injection when an email is serialized due to improper newline quoting (bsc#1257181). - CVE-2026-2297: validation bypass via incorrectly handled hook in FileLoader (bsc#1259240). The following package changes have been done: - SL-Micro-release-6.1-slfo.1.12.23 updated - python311-base-3.11.15-slfo.1.1_2.1 updated - libpython3_11-1_0-3.11.15-slfo.1.1_2.1 updated - python311-3.11.15-slfo.1.1_2.1 updated - container:SL-Micro-base-container-2.2.1-5.104 updated From sle-container-updates at lists.suse.com Wed Apr 1 07:29:47 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Wed, 1 Apr 2026 09:29:47 +0200 (CEST) Subject: SUSE-IU-2026:1670-1: Security update of suse/sl-micro/6.2/baremetal-os-container Message-ID: <20260401072947.C5543FD12@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.2/baremetal-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1670-1 Image Tags : suse/sl-micro/6.2/baremetal-os-container:2.3.0 , suse/sl-micro/6.2/baremetal-os-container:2.3.0-7.89 , suse/sl-micro/6.2/baremetal-os-container:latest Image Release : 7.89 Severity : moderate Type : security References : CVE-2024-52284 CVE-2024-58259 CVE-2025-47906 CVE-2025-4953 CVE-2025-51667 CVE-2025-5187 CVE-2025-53884 CVE-2025-54123 CVE-2025-54376 CVE-2025-54467 CVE-2025-55190 CVE-2025-56760 CVE-2025-56761 CVE-2025-58058 CVE-2025-58063 CVE-2025-58157 CVE-2025-58158 CVE-2025-58355 CVE-2025-58430 CVE-2025-58437 CVE-2025-58445 CVE-2025-58450 CVE-2025-59358 CVE-2025-59359 CVE-2025-59360 CVE-2025-59361 CVE-2025-6203 CVE-2025-7445 CVE-2025-8077 CVE-2025-8396 CVE-2025-9072 CVE-2025-9076 CVE-2025-9078 CVE-2025-9084 CVE-2025-9566 ----------------------------------------------------------------- The container suse/sl-micro/6.2/baremetal-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 468 Released: Sun Sep 21 11:22:17 2025 Summary: Security update for govulncheck-vulndb Type: security Severity: moderate References: CVE-2024-52284,CVE-2024-58259,CVE-2025-47906,CVE-2025-4953,CVE-2025-51667,CVE-2025-5187,CVE-2025-53884,CVE-2025-54123,CVE-2025-54376,CVE-2025-54467,CVE-2025-55190,CVE-2025-56760,CVE-2025-56761,CVE-2025-58058,CVE-2025-58063,CVE-2025-58157,CVE-2025-58158,CVE-2025-58355,CVE-2025-58430,CVE-2025-58437,CVE-2025-58445,CVE-2025-58450,CVE-2025-59358,CVE-2025-59359,CVE-2025-59360,CVE-2025-59361,CVE-2025-6203,CVE-2025-7445,CVE-2025-8077,CVE-2025-8396,CVE-2025-9072,CVE-2025-9076,CVE-2025-9078,CVE-2025-9084,CVE-2025-9566 This update for govulncheck-vulndb fixes the following issues: - Update to version 0.0.20250918T182144 2025-09-18T18:21:44Z. Refs jsc#PED-11136 Go CVE Numbering Authority IDs added or updated with aliases: * GO-2025-3915 CVE-2025-5187 GHSA-4x4m-3c2p-qppc * GO-2025-3956 CVE-2025-47906 CVE-2025-47906 - Update to version 0.0.20250917T170349 2025-09-17T17:03:49Z. Refs jsc#PED-11136 Go CVE Numbering Authority IDs added or updated with aliases: * GO-2025-3922 CVE-2025-58058 GHSA-jc7w-c686-c4v9 * GO-2025-3926 CVE-2025-58158 GHSA-w469-hj2f-jpr5 * GO-2025-3929 CVE-2025-58157 GHSA-9fvj-xqr2-xwg8 * GO-2025-3938 CVE-2025-58437 GHSA-j6xf-jwrj-v5qp * GO-2025-3939 CVE-2025-7445 GHSA-rcw7-pqfp-735x * GO-2025-3940 CVE-2025-58445 GHSA-xh7v-965r-23f7 * GO-2025-3941 CVE-2025-58450 GHSA-p46v-f2x8-qp98 * GO-2025-3942 CVE-2025-58063 GHSA-93mf-426m-g6x9 * GO-2025-3943 CVE-2025-58430 GHSA-rf24-wg77-gq7w * GO-2025-3944 CVE-2025-54123 GHSA-r4h8-hfp2-ggmf * GO-2025-3945 CVE-2025-54376 GHSA-jxmr-2h4q-rhxp * GO-2025-3949 CVE-2025-59361 GHSA-2gcv-3qpf-c5qr * GO-2025-3950 CVE-2025-9076 GHSA-3vcm-c42p-3hhf * GO-2025-3951 CVE-2025-59358 GHSA-2gg8-85m5-8r2p * GO-2025-3952 CVE-2025-59359 GHSA-369h-6j28-wwcg * GO-2025-3953 CVE-2025-8396 GHSA-p768-c3pr-6459 * GO-2025-3954 CVE-2025-59360 GHSA-xv9f-728h-9jgv * GO-2025-3958 CVE-2025-9072 GHSA-69j8-prx2-vx98 * GO-2025-3959 CVE-2025-9078 GHSA-9p92-x77w-9fw2 * GO-2025-3960 CVE-2025-9084 GHSA-hm95-jx66-g2gh * GO-2025-3961 CVE-2025-4953 GHSA-m68q-4hqr-mc6f - Update to version 0.0.20250908T141310 2025-09-08T14:13:10Z. Refs jsc#PED-11136 Go CVE Numbering Authority IDs added or updated with aliases: * GO-2025-3916 CVE-2025-51667 GHSA-f2m2-4q6r-cwc4 * GO-2025-3917 CVE-2025-53884 GHSA-8ff6-pc43-jwv3 * GO-2025-3918 CVE-2025-8077 GHSA-8pxw-9c75-6w56 * GO-2025-3919 CVE-2025-54467 GHSA-w54x-xfxg-4gxq * GO-2025-3920 GHSA-vxg3-w9rv-rhr2 * GO-2025-3921 GHSA-3rw9-wmc8-8948 * GO-2025-3923 CVE-2024-58259 GHSA-4h45-jpvh-6p5j * GO-2025-3924 CVE-2025-6203 GHSA-8f82-53h8-2p34 * GO-2025-3925 GHSA-v2ch-c8v8-fgr7 * GO-2025-3927 CVE-2024-52284 GHSA-6h9x-9j5v-7w9h * GO-2025-3930 CVE-2025-58355 GHSA-33pr-m977-5w97 * GO-2025-3934 CVE-2025-55190 GHSA-786q-9hcg-v9ff * GO-2025-3935 CVE-2025-9566 GHSA-wp3j-xq48-xpjw * GO-2025-3936 CVE-2025-56760 GHSA-78j5-8vq7-jxv5 * GO-2025-3937 CVE-2025-56761 GHSA-cgrg-86m5-xm4w The following package changes have been done: - kernel-firmware-amdgpu-20251203-160000.1.1 updated - container:suse-sl-micro-6.2-base-os-container-latest-69b3b467c45d1f4faa773879707d6a94b5f102670806ceff1eb415644fa01dec-0 updated From sle-container-updates at lists.suse.com Wed Apr 1 07:39:20 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Wed, 1 Apr 2026 09:39:20 +0200 (CEST) Subject: SUSE-CU-2026:2272-1: Security update of suse/ltss/sle12.5/sles12sp5 Message-ID: <20260401073920.6C0F5FD12@maintenance.suse.de> SUSE Container Update Advisory: suse/ltss/sle12.5/sles12sp5 ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:2272-1 Container Tags : suse/ltss/sle12.5/sles12sp5:8.5.217 , suse/ltss/sle12.5/sles12sp5:latest Container Release : 8.5.217 Severity : important Type : security References : 1259711 1259726 1259729 CVE-2026-32776 CVE-2026-32777 CVE-2026-32778 ----------------------------------------------------------------- The container suse/ltss/sle12.5/sles12sp5 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2026:1159-1 Released: Tue Mar 31 17:03:45 2026 Summary: Security update for expat Type: security Severity: important References: 1259711,1259726,1259729,CVE-2026-32776,CVE-2026-32777,CVE-2026-32778 This update for expat fixes the following issues: - CVE-2026-32776: NULL pointer dereference when processing empty external parameter entities inside an entity declaration value (bsc#1259726). - CVE-2026-32777: denial of service due to infinite loop in DTD content parsing (bsc#1259711). - CVE-2026-32778: NULL pointer dereference in `setContext` on retry after an out-of-memory condition (bsc#1259729). The following package changes have been done: - libexpat1-2.7.1-21.52.1 updated From sle-container-updates at lists.suse.com Wed Apr 1 07:53:29 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Wed, 1 Apr 2026 09:53:29 +0200 (CEST) Subject: SUSE-CU-2026:2288-1: Security update of suse/manager/4.3/proxy-httpd Message-ID: <20260401075329.4F2CCFD12@maintenance.suse.de> SUSE Container Update Advisory: suse/manager/4.3/proxy-httpd ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:2288-1 Container Tags : suse/manager/4.3/proxy-httpd:4.3.17 , suse/manager/4.3/proxy-httpd:4.3.17.9.76.4 , suse/manager/4.3/proxy-httpd:latest Container Release : 9.76.4 Severity : important Type : security References : 1259803 CVE-2026-30922 ----------------------------------------------------------------- The container suse/manager/4.3/proxy-httpd was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2026:1158-1 Released: Tue Mar 31 13:55:47 2026 Summary: Security update for python-pyasn1 Type: security Severity: important References: 1259803,CVE-2026-30922 This update for python-pyasn1 fixes the following issues: - CVE-2026-30922: Denial of Service via Unbounded Recursion (bsc#1259803). The following package changes have been done: - python3-pyasn1-0.4.2-150000.3.16.1 updated From sle-container-updates at lists.suse.com Wed Apr 1 07:55:13 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Wed, 1 Apr 2026 09:55:13 +0200 (CEST) Subject: SUSE-CU-2026:2289-1: Security update of suse/manager/4.3/proxy-tftpd Message-ID: <20260401075513.C15C4FD12@maintenance.suse.de> SUSE Container Update Advisory: suse/manager/4.3/proxy-tftpd ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:2289-1 Container Tags : suse/manager/4.3/proxy-tftpd:4.3.17 , suse/manager/4.3/proxy-tftpd:4.3.17.9.66.4 , suse/manager/4.3/proxy-tftpd:latest Container Release : 9.66.4 Severity : important Type : security References : 1259803 CVE-2026-30922 ----------------------------------------------------------------- The container suse/manager/4.3/proxy-tftpd was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2026:1158-1 Released: Tue Mar 31 13:55:47 2026 Summary: Security update for python-pyasn1 Type: security Severity: important References: 1259803,CVE-2026-30922 This update for python-pyasn1 fixes the following issues: - CVE-2026-30922: Denial of Service via Unbounded Recursion (bsc#1259803). The following package changes have been done: - python3-pyasn1-0.4.2-150000.3.16.1 updated From sle-container-updates at lists.suse.com Thu Apr 2 07:11:50 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Thu, 2 Apr 2026 09:11:50 +0200 (CEST) Subject: SUSE-IU-2026:1683-1: Security update of suse/sl-micro/6.0/baremetal-os-container Message-ID: <20260402071150.0936EFD57@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.0/baremetal-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1683-1 Image Tags : suse/sl-micro/6.0/baremetal-os-container:2.1.3 , suse/sl-micro/6.0/baremetal-os-container:2.1.3-6.152 , suse/sl-micro/6.0/baremetal-os-container:latest Image Release : 6.152 Severity : important Type : security References : 1246399 CVE-2025-45582 ----------------------------------------------------------------- The container suse/sl-micro/6.0/baremetal-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 650 Released: Wed Apr 1 12:05:58 2026 Summary: Security update for tar Type: security Severity: important References: 1246399,CVE-2025-45582 This update for tar fixes the following issue: - CVE-2025-45582: file overwrite via directory traversal in crafted TAR archives (bsc#1246399). The following package changes have been done: - tar-1.35-3.1 updated - container:SL-Micro-base-container-2.1.3-7.119 updated From sle-container-updates at lists.suse.com Thu Apr 2 07:13:10 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Thu, 2 Apr 2026 09:13:10 +0200 (CEST) Subject: SUSE-IU-2026:1684-1: Security update of suse/sl-micro/6.0/base-os-container Message-ID: <20260402071310.0F3D5FD57@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.0/base-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1684-1 Image Tags : suse/sl-micro/6.0/base-os-container:2.1.3 , suse/sl-micro/6.0/base-os-container:2.1.3-7.119 , suse/sl-micro/6.0/base-os-container:latest Image Release : 7.119 Severity : important Type : security References : 1246399 CVE-2025-45582 ----------------------------------------------------------------- The container suse/sl-micro/6.0/base-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 650 Released: Wed Apr 1 12:05:58 2026 Summary: Security update for tar Type: security Severity: important References: 1246399,CVE-2025-45582 This update for tar fixes the following issue: - CVE-2025-45582: file overwrite via directory traversal in crafted TAR archives (bsc#1246399). The following package changes have been done: - tar-1.35-3.1 updated - container:suse-toolbox-image-1.0.0-9.87 updated From sle-container-updates at lists.suse.com Thu Apr 2 07:20:32 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Thu, 2 Apr 2026 09:20:32 +0200 (CEST) Subject: SUSE-CU-2026:2295-1: Security update of suse/sl-micro/6.0/toolbox Message-ID: <20260402072032.C4C74FD12@maintenance.suse.de> SUSE Container Update Advisory: suse/sl-micro/6.0/toolbox ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:2295-1 Container Tags : suse/sl-micro/6.0/toolbox:13.2 , suse/sl-micro/6.0/toolbox:13.2-9.87 , suse/sl-micro/6.0/toolbox:latest Container Release : 9.87 Severity : important Type : security References : 1246399 CVE-2025-45582 ----------------------------------------------------------------- The container suse/sl-micro/6.0/toolbox was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 650 Released: Wed Apr 1 12:05:58 2026 Summary: Security update for tar Type: security Severity: important References: 1246399,CVE-2025-45582 This update for tar fixes the following issue: - CVE-2025-45582: file overwrite via directory traversal in crafted TAR archives (bsc#1246399). The following package changes have been done: - tar-1.35-3.1 updated From sle-container-updates at lists.suse.com Thu Apr 2 07:22:00 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Thu, 2 Apr 2026 09:22:00 +0200 (CEST) Subject: SUSE-IU-2026:1687-1: Security update of suse/sl-micro/6.1/baremetal-os-container Message-ID: <20260402072200.E41F2FD12@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.1/baremetal-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1687-1 Image Tags : suse/sl-micro/6.1/baremetal-os-container:2.2.1 , suse/sl-micro/6.1/baremetal-os-container:2.2.1-7.82 , suse/sl-micro/6.1/baremetal-os-container:latest Image Release : 7.82 Severity : important Type : security References : 1246399 CVE-2024-52284 CVE-2024-58259 CVE-2025-45582 CVE-2025-47906 CVE-2025-4953 CVE-2025-51667 CVE-2025-5187 CVE-2025-53884 CVE-2025-54123 CVE-2025-54376 CVE-2025-54467 CVE-2025-55190 CVE-2025-56760 CVE-2025-56761 CVE-2025-58058 CVE-2025-58063 CVE-2025-58157 CVE-2025-58158 CVE-2025-58355 CVE-2025-58430 CVE-2025-58437 CVE-2025-58445 CVE-2025-58450 CVE-2025-59358 CVE-2025-59359 CVE-2025-59360 CVE-2025-59361 CVE-2025-6203 CVE-2025-7445 CVE-2025-8077 CVE-2025-8396 CVE-2025-9072 CVE-2025-9076 CVE-2025-9078 CVE-2025-9084 CVE-2025-9566 ----------------------------------------------------------------- The container suse/sl-micro/6.1/baremetal-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 468 Released: Wed Apr 1 11:39:38 2026 Summary: Security update for tar Type: security Severity: important References: 1246399,CVE-2024-52284,CVE-2024-58259,CVE-2025-45582,CVE-2025-47906,CVE-2025-4953,CVE-2025-51667,CVE-2025-5187,CVE-2025-53884,CVE-2025-54123,CVE-2025-54376,CVE-2025-54467,CVE-2025-55190,CVE-2025-56760,CVE-2025-56761,CVE-2025-58058,CVE-2025-58063,CVE-2025-58157,CVE-2025-58158,CVE-2025-58355,CVE-2025-58430,CVE-2025-58437,CVE-2025-58445,CVE-2025-58450,CVE-2025-59358,CVE-2025-59359,CVE-2025-59360,CVE-2025-59361,CVE-2025-6203,CVE-2025-7445,CVE-2025-8077,CVE-2025-8396,CVE-2025-9072,CVE-2025-9076,CVE-2025-9078,CVE-2025-9084,CVE-2025-9566 This update for tar fixes the following issue: - CVE-2025-45582: file overwrite via directory traversal in crafted TAR archives (bsc#1246399). The following package changes have been done: - tar-1.35-slfo.1.1_3.1 updated - container:SL-Micro-base-container-2.2.1-5.105 updated From sle-container-updates at lists.suse.com Thu Apr 2 07:23:16 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Thu, 2 Apr 2026 09:23:16 +0200 (CEST) Subject: SUSE-IU-2026:1688-1: Security update of suse/sl-micro/6.1/base-os-container Message-ID: <20260402072316.58259FD12@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.1/base-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1688-1 Image Tags : suse/sl-micro/6.1/base-os-container:2.2.1 , suse/sl-micro/6.1/base-os-container:2.2.1-5.105 , suse/sl-micro/6.1/base-os-container:latest Image Release : 5.105 Severity : important Type : security References : 1246399 CVE-2024-52284 CVE-2024-58259 CVE-2025-45582 CVE-2025-47906 CVE-2025-4953 CVE-2025-51667 CVE-2025-5187 CVE-2025-53884 CVE-2025-54123 CVE-2025-54376 CVE-2025-54467 CVE-2025-55190 CVE-2025-56760 CVE-2025-56761 CVE-2025-58058 CVE-2025-58063 CVE-2025-58157 CVE-2025-58158 CVE-2025-58355 CVE-2025-58430 CVE-2025-58437 CVE-2025-58445 CVE-2025-58450 CVE-2025-59358 CVE-2025-59359 CVE-2025-59360 CVE-2025-59361 CVE-2025-6203 CVE-2025-7445 CVE-2025-8077 CVE-2025-8396 CVE-2025-9072 CVE-2025-9076 CVE-2025-9078 CVE-2025-9084 CVE-2025-9566 ----------------------------------------------------------------- The container suse/sl-micro/6.1/base-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 468 Released: Wed Apr 1 11:39:38 2026 Summary: Security update for tar Type: security Severity: important References: 1246399,CVE-2024-52284,CVE-2024-58259,CVE-2025-45582,CVE-2025-47906,CVE-2025-4953,CVE-2025-51667,CVE-2025-5187,CVE-2025-53884,CVE-2025-54123,CVE-2025-54376,CVE-2025-54467,CVE-2025-55190,CVE-2025-56760,CVE-2025-56761,CVE-2025-58058,CVE-2025-58063,CVE-2025-58157,CVE-2025-58158,CVE-2025-58355,CVE-2025-58430,CVE-2025-58437,CVE-2025-58445,CVE-2025-58450,CVE-2025-59358,CVE-2025-59359,CVE-2025-59360,CVE-2025-59361,CVE-2025-6203,CVE-2025-7445,CVE-2025-8077,CVE-2025-8396,CVE-2025-9072,CVE-2025-9076,CVE-2025-9078,CVE-2025-9084,CVE-2025-9566 This update for tar fixes the following issue: - CVE-2025-45582: file overwrite via directory traversal in crafted TAR archives (bsc#1246399). The following package changes have been done: - tar-1.35-slfo.1.1_3.1 updated - container:suse-toolbox-image-1.0.0-5.30 updated From sle-container-updates at lists.suse.com Thu Apr 2 07:30:35 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Thu, 2 Apr 2026 09:30:35 +0200 (CEST) Subject: SUSE-IU-2026:1691-1: Recommended update of suse/sl-micro/6.2/baremetal-os-container Message-ID: <20260402073035.C8BA2FD12@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.2/baremetal-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1691-1 Image Tags : suse/sl-micro/6.2/baremetal-os-container:2.3.0 , suse/sl-micro/6.2/baremetal-os-container:2.3.0-7.90 , suse/sl-micro/6.2/baremetal-os-container:latest Image Release : 7.90 Severity : moderate Type : recommended References : 1230267 1237375 1246912 1250343 1255024 1255725 1259438 1259704 ----------------------------------------------------------------- The container suse/sl-micro/6.2/baremetal-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 472 Released: Wed Sep 24 11:12:01 2025 Summary: Recommended update for zypper, libzypp Type: recommended Severity: moderate References: 1230267,1237375,1246912,1250343,1255024,1255725,1259438,1259704 This update for zypper, libzypp fixes the following issues: libzypp was updated to 17.37.18: - runposttrans: strip root prefix from tmppath (bsc#1250343) - Make ld.so ignore the subarch packages during install (bsc#1246912) zypper was updated to 1.14.94: - Fixed `bash-completion`: `zypper refresh` now ignores repository priority lines. - Changes to support building against restructured libzypp in stack build (bsc#1230267) The following package changes have been done: - selinux-policy-20250627+git355.5249ba7d5-160000.1.1 updated - selinux-policy-targeted-20250627+git355.5249ba7d5-160000.1.1 updated From sle-container-updates at lists.suse.com Fri Apr 3 07:05:48 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Fri, 3 Apr 2026 09:05:48 +0200 (CEST) Subject: SUSE-IU-2026:1693-1: Security update of suse/sle-micro/base-5.5 Message-ID: <20260403070548.2AA75FD1A@maintenance.suse.de> SUSE Image Update Advisory: suse/sle-micro/base-5.5 ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1693-1 Image Tags : suse/sle-micro/base-5.5:2.0.4 , suse/sle-micro/base-5.5:2.0.4-5.8.257 , suse/sle-micro/base-5.5:latest Image Release : 5.8.257 Severity : important Type : security References : 1222465 1234736 1254670 1259418 1259619 1259650 1259697 1259711 1259726 1259729 CVE-2025-70873 CVE-2025-7709 CVE-2026-29111 CVE-2026-32776 CVE-2026-32777 CVE-2026-32778 CVE-2026-4105 ----------------------------------------------------------------- The container suse/sle-micro/base-5.5 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2026:1061-1 Released: Thu Mar 26 11:35:08 2026 Summary: Security update for systemd Type: security Severity: important References: 1259418,1259650,1259697,CVE-2026-29111,CVE-2026-4105 This update for systemd fixes the following issues: - CVE-2026-4105: privilege escalation due to improper access control in RegisterMachine D-Bus method (bsc#1259650). - CVE-2026-29111: local unprivileged user can trigger an assert in systemd (bsc#1259418). - udev: check for invalid chars in various fields received from the kernel (bsc#1259697). Changelog: - 6a38d88a42 machined: reject invalid class types when registering machines - 8c9a592e5a udev: fix review mixup - b57007a917 udev-builtin-net-id: print cescaped bad attributes - ee23c7604b udev-builtin-net_id: do not assume the current interface name is ethX - 0f63e799e6 udev: ensure tag parsing stays within bounds - 046f52ec12 udev: ensure there is space for trailing NUL before calling sprintf - 5be21460ce udev: check for invalid chars in various fields received from the kernel - 9559607b16 core/cgroup: avoid one unnecessary strjoina() - fcae348ca4 core: validate input cgroup path more prudently - a3ca6b3031 alloc-util: add strdupa_safe() + strndupa_safe() and use it everywhere - 08125d6b06 units: add dep on systemd-logind.service by user at .service ----------------------------------------------------------------- Advisory ID: SUSE-SU-2026:1065-1 Released: Thu Mar 26 11:38:12 2026 Summary: Security update for sqlite3 Type: security Severity: moderate References: 1254670,1259619,CVE-2025-70873,CVE-2025-7709 This update for sqlite3 fixes the following issues: Update sqlite3 to 3.51.3: - CVE-2025-7709: Integer Overflow in FTS5 Extension (bsc#1254670). - CVE-2025-70873: SQLite zipfile extension may disclose uninitialized heap memory during inflation (bsc#1259619). Changelog: * Fix the WAL-reset database corruption bug: https://sqlite.org/wal.html#walresetbug ----------------------------------------------------------------- Advisory ID: SUSE-RU-2026:1087-1 Released: Thu Mar 26 16:20:57 2026 Summary: Recommended update for util-linux Type: recommended Severity: moderate References: 1222465,1234736 This update for util-linux fixes the following issues: - recognize fuse 'portal' as a virtual file system (bsc#1234736). - fdisk: Fix possible partition overlay and data corruption if EBR gap is missing (bsc#1222465). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2026:1166-1 Released: Thu Apr 2 03:08:04 2026 Summary: Security update for expat Type: security Severity: important References: 1259711,1259726,1259729,CVE-2026-32776,CVE-2026-32777,CVE-2026-32778 This update for expat fixes the following issues: - CVE-2026-32776: NULL pointer dereference when processing empty external parameter entities inside an entity declaration value (bsc#1259726). - CVE-2026-32777: denial of service due to infinite loop in DTD content parsing (bsc#1259711). - CVE-2026-32778: NULL pointer dereference in `setContext` on retry after an out-of-memory condition (bsc#1259729). The following package changes have been done: - libuuid1-2.37.4-150500.9.26.1 updated - libudev1-249.17-150400.8.55.1 updated - libsmartcols1-2.37.4-150500.9.26.1 updated - libexpat1-2.7.1-150400.3.37.1 updated - libblkid1-2.37.4-150500.9.26.1 updated - libfdisk1-2.37.4-150500.9.26.1 updated - libmount1-2.37.4-150500.9.26.1 updated - libsystemd0-249.17-150400.8.55.1 updated - util-linux-2.37.4-150500.9.26.1 updated - systemd-249.17-150400.8.55.1 updated - util-linux-systemd-2.37.4-150500.9.26.1 updated - systemd-sysvinit-249.17-150400.8.55.1 updated - udev-249.17-150400.8.55.1 updated - libsqlite3-0-3.51.3-150000.3.39.1 updated From sle-container-updates at lists.suse.com Fri Apr 3 07:05:50 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Fri, 3 Apr 2026 09:05:50 +0200 (CEST) Subject: SUSE-IU-2026:1696-1: Security update of suse/sle-micro/base-5.5 Message-ID: <20260403070550.942A1FD1A@maintenance.suse.de> SUSE Image Update Advisory: suse/sle-micro/base-5.5 ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1696-1 Image Tags : suse/sle-micro/base-5.5:2.0.4 , suse/sle-micro/base-5.5:2.0.4-5.8.258 , suse/sle-micro/base-5.5:latest Image Release : 5.8.258 Severity : important Type : security References : 1246399 CVE-2025-45582 ----------------------------------------------------------------- The container suse/sle-micro/base-5.5 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2026:1177-1 Released: Thu Apr 2 17:00:30 2026 Summary: Security update for tar Type: security Severity: important References: 1246399,CVE-2025-45582 This update for tar fixes the following issue: - CVE-2025-45582: file overwrite via directory traversal in crafted TAR archives (bsc#1246399). The following package changes have been done: - tar-1.34-150000.3.37.1 updated From sle-container-updates at lists.suse.com Fri Apr 3 07:07:41 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Fri, 3 Apr 2026 09:07:41 +0200 (CEST) Subject: SUSE-IU-2026:1705-1: Security update of suse/sle-micro/kvm-5.5 Message-ID: <20260403070741.86D87FD1A@maintenance.suse.de> SUSE Image Update Advisory: suse/sle-micro/kvm-5.5 ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1705-1 Image Tags : suse/sle-micro/kvm-5.5:2.0.4 , suse/sle-micro/kvm-5.5:2.0.4-3.5.495 , suse/sle-micro/kvm-5.5:latest Image Release : 3.5.495 Severity : important Type : security References : 1222465 1234736 1254670 1259418 1259619 1259650 1259697 1259711 1259726 1259729 CVE-2025-70873 CVE-2025-7709 CVE-2026-29111 CVE-2026-32776 CVE-2026-32777 CVE-2026-32778 CVE-2026-4105 ----------------------------------------------------------------- The container suse/sle-micro/kvm-5.5 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2026:1061-1 Released: Thu Mar 26 11:35:08 2026 Summary: Security update for systemd Type: security Severity: important References: 1259418,1259650,1259697,CVE-2026-29111,CVE-2026-4105 This update for systemd fixes the following issues: - CVE-2026-4105: privilege escalation due to improper access control in RegisterMachine D-Bus method (bsc#1259650). - CVE-2026-29111: local unprivileged user can trigger an assert in systemd (bsc#1259418). - udev: check for invalid chars in various fields received from the kernel (bsc#1259697). Changelog: - 6a38d88a42 machined: reject invalid class types when registering machines - 8c9a592e5a udev: fix review mixup - b57007a917 udev-builtin-net-id: print cescaped bad attributes - ee23c7604b udev-builtin-net_id: do not assume the current interface name is ethX - 0f63e799e6 udev: ensure tag parsing stays within bounds - 046f52ec12 udev: ensure there is space for trailing NUL before calling sprintf - 5be21460ce udev: check for invalid chars in various fields received from the kernel - 9559607b16 core/cgroup: avoid one unnecessary strjoina() - fcae348ca4 core: validate input cgroup path more prudently - a3ca6b3031 alloc-util: add strdupa_safe() + strndupa_safe() and use it everywhere - 08125d6b06 units: add dep on systemd-logind.service by user at .service ----------------------------------------------------------------- Advisory ID: SUSE-SU-2026:1065-1 Released: Thu Mar 26 11:38:12 2026 Summary: Security update for sqlite3 Type: security Severity: moderate References: 1254670,1259619,CVE-2025-70873,CVE-2025-7709 This update for sqlite3 fixes the following issues: Update sqlite3 to 3.51.3: - CVE-2025-7709: Integer Overflow in FTS5 Extension (bsc#1254670). - CVE-2025-70873: SQLite zipfile extension may disclose uninitialized heap memory during inflation (bsc#1259619). Changelog: * Fix the WAL-reset database corruption bug: https://sqlite.org/wal.html#walresetbug ----------------------------------------------------------------- Advisory ID: SUSE-RU-2026:1087-1 Released: Thu Mar 26 16:20:57 2026 Summary: Recommended update for util-linux Type: recommended Severity: moderate References: 1222465,1234736 This update for util-linux fixes the following issues: - recognize fuse 'portal' as a virtual file system (bsc#1234736). - fdisk: Fix possible partition overlay and data corruption if EBR gap is missing (bsc#1222465). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2026:1166-1 Released: Thu Apr 2 03:08:04 2026 Summary: Security update for expat Type: security Severity: important References: 1259711,1259726,1259729,CVE-2026-32776,CVE-2026-32777,CVE-2026-32778 This update for expat fixes the following issues: - CVE-2026-32776: NULL pointer dereference when processing empty external parameter entities inside an entity declaration value (bsc#1259726). - CVE-2026-32777: denial of service due to infinite loop in DTD content parsing (bsc#1259711). - CVE-2026-32778: NULL pointer dereference in `setContext` on retry after an out-of-memory condition (bsc#1259729). The following package changes have been done: - libuuid1-2.37.4-150500.9.26.1 updated - libudev1-249.17-150400.8.55.1 updated - libsmartcols1-2.37.4-150500.9.26.1 updated - libexpat1-2.7.1-150400.3.37.1 updated - libblkid1-2.37.4-150500.9.26.1 updated - libfdisk1-2.37.4-150500.9.26.1 updated - libmount1-2.37.4-150500.9.26.1 updated - libsystemd0-249.17-150400.8.55.1 updated - util-linux-2.37.4-150500.9.26.1 updated - systemd-249.17-150400.8.55.1 updated - util-linux-systemd-2.37.4-150500.9.26.1 updated - udev-249.17-150400.8.55.1 updated - libsqlite3-0-3.51.3-150000.3.39.1 updated - container:suse-sle-micro-base-5.5-latest-2.0.4-5.8.257 updated From sle-container-updates at lists.suse.com Fri Apr 3 07:10:16 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Fri, 3 Apr 2026 09:10:16 +0200 (CEST) Subject: SUSE-IU-2026:1717-1: Security update of suse/sle-micro/rt-5.5 Message-ID: <20260403071016.C77E3FD1A@maintenance.suse.de> SUSE Image Update Advisory: suse/sle-micro/rt-5.5 ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1717-1 Image Tags : suse/sle-micro/rt-5.5:2.0.4 , suse/sle-micro/rt-5.5:2.0.4-4.5.570 , suse/sle-micro/rt-5.5:latest Image Release : 4.5.570 Severity : important Type : security References : 1238917 1255075 1256645 1257231 1257473 1257732 1257735 1257749 1257790 1258340 1258395 1258518 1258849 1258850 1259857 CVE-2025-21738 CVE-2025-40242 CVE-2025-71066 CVE-2026-23004 CVE-2026-23054 CVE-2026-23060 CVE-2026-23074 CVE-2026-23089 CVE-2026-23191 CVE-2026-23204 CVE-2026-23209 CVE-2026-23268 CVE-2026-23269 ----------------------------------------------------------------- The container suse/sle-micro/rt-5.5 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2026:1077-1 Released: Thu Mar 26 13:42:29 2026 Summary: Security update for the Linux Kernel Type: security Severity: important References: 1238917,1255075,1256645,1257231,1257473,1257732,1257735,1257749,1257790,1258340,1258395,1258518,1258849,1258850,1259857,CVE-2025-21738,CVE-2025-40242,CVE-2025-71066,CVE-2026-23004,CVE-2026-23054,CVE-2026-23060,CVE-2026-23074,CVE-2026-23089,CVE-2026-23191,CVE-2026-23204,CVE-2026-23209,CVE-2026-23268,CVE-2026-23269 The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-21738: ata: libata-sff: Ensure that we cannot write outside the allocated buffer (bsc#1238917). - CVE-2025-40242: gfs2: Fix unlikely race in gdlm_put_lock (bsc#1255075). - CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1256645). - CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1257231). - CVE-2026-23060: crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (bsc#1257735). - CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1257749). - CVE-2026-23089: ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free() (bsc#1257790). - CVE-2026-23191: ALSA: aloop: Fix racy access at PCM trigger (bsc#1258395). - CVE-2026-23204: net: add skb_header_pointer_careful() helper (bsc#1258340). - CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258518). - CVE-2026-23268: apparmor: fix unprivileged local user can do privileged policy management (bsc#1258850). - CVE-2026-23269: apparmor: validate DFA start states are in bounds in unpack_pdb (bsc#1259857). The following non security issues were fixed: - apparmor: fix differential encoding verification (bsc#1258849). - apparmor: Fix double free of ns_name in aa_replace_profiles() (bsc#1258849). - apparmor: fix memory leak in verify_header (bsc#1258849). - apparmor: fix missing bounds check on DEFAULT table in verify_dfa() (bsc#1258849). - apparmor: fix race between freeing data and fs accessing it (bsc#1258849). - apparmor: fix race on rawdata dereference (bsc#1258849). - apparmor: fix side-effect bug in match_char() macro usage (bsc#1258849). - apparmor: fix unprivileged local user can do privileged policy management (bsc#1258849). - apparmor: fix: limit the number of levels of policy namespaces (bsc#1258849). - apparmor: replace recursive profile removal with iterative approach (bsc#1258849). - apparmor: validate DFA start states are in bounds in unpack_pdb (bsc#1258849). The following package changes have been done: - kernel-rt-5.14.21-150500.13.124.1 updated From sle-container-updates at lists.suse.com Fri Apr 3 07:26:40 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Fri, 3 Apr 2026 09:26:40 +0200 (CEST) Subject: SUSE-IU-2026:1751-1: Recommended update of suse/sl-micro/6.0/baremetal-os-container Message-ID: <20260403072640.0EBA6FD12@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.0/baremetal-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1751-1 Image Tags : suse/sl-micro/6.0/baremetal-os-container:2.1.3 , suse/sl-micro/6.0/baremetal-os-container:2.1.3-6.154 , suse/sl-micro/6.0/baremetal-os-container:latest Image Release : 6.154 Severity : important Type : recommended References : 1258311 1259825 ----------------------------------------------------------------- The container suse/sl-micro/6.0/baremetal-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 651 Released: Thu Apr 2 14:55:24 2026 Summary: Recommended update for crypto-policies Type: recommended Severity: important References: 1258311,1259825 This update for crypto-policies fixes the following issues: - Add PQC support for OpenSSH (bsc#1258311, bsc#1259825) * Enable and prioritize sntrup761x25519-sha512 for OpenSSH by default The following package changes have been done: - crypto-policies-20230920.570ea89-2.1 updated - SL-Micro-release-6.0-25.81 updated - container:SL-Micro-base-container-2.1.3-7.121 updated From sle-container-updates at lists.suse.com Fri Apr 3 07:28:28 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Fri, 3 Apr 2026 09:28:28 +0200 (CEST) Subject: SUSE-IU-2026:1766-1: Recommended update of suse/sl-micro/6.0/base-os-container Message-ID: <20260403072828.84F04FD12@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.0/base-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1766-1 Image Tags : suse/sl-micro/6.0/base-os-container:2.1.3 , suse/sl-micro/6.0/base-os-container:2.1.3-7.121 , suse/sl-micro/6.0/base-os-container:latest Image Release : 7.121 Severity : important Type : recommended References : 1258311 1259825 ----------------------------------------------------------------- The container suse/sl-micro/6.0/base-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 651 Released: Thu Apr 2 14:55:24 2026 Summary: Recommended update for crypto-policies Type: recommended Severity: important References: 1258311,1259825 This update for crypto-policies fixes the following issues: - Add PQC support for OpenSSH (bsc#1258311, bsc#1259825) * Enable and prioritize sntrup761x25519-sha512 for OpenSSH by default The following package changes have been done: - crypto-policies-20230920.570ea89-2.1 updated - SL-Micro-release-6.0-25.81 updated - container:suse-toolbox-image-1.0.0-9.89 updated From sle-container-updates at lists.suse.com Fri Apr 3 07:30:21 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Fri, 3 Apr 2026 09:30:21 +0200 (CEST) Subject: SUSE-IU-2026:1781-1: Recommended update of suse/sl-micro/6.0/kvm-os-container Message-ID: <20260403073021.79C0EFD12@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.0/kvm-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1781-1 Image Tags : suse/sl-micro/6.0/kvm-os-container:2.1.3 , suse/sl-micro/6.0/kvm-os-container:2.1.3-6.139 , suse/sl-micro/6.0/kvm-os-container:latest Image Release : 6.139 Severity : important Type : recommended References : 1258311 1259825 ----------------------------------------------------------------- The container suse/sl-micro/6.0/kvm-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 651 Released: Thu Apr 2 14:55:24 2026 Summary: Recommended update for crypto-policies Type: recommended Severity: important References: 1258311,1259825 This update for crypto-policies fixes the following issues: - Add PQC support for OpenSSH (bsc#1258311, bsc#1259825) * Enable and prioritize sntrup761x25519-sha512 for OpenSSH by default The following package changes have been done: - crypto-policies-20230920.570ea89-2.1 updated - SL-Micro-release-6.0-25.81 updated - container:SL-Micro-base-container-2.1.3-7.121 updated From sle-container-updates at lists.suse.com Fri Apr 3 07:32:20 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Fri, 3 Apr 2026 09:32:20 +0200 (CEST) Subject: SUSE-IU-2026:1796-1: Recommended update of suse/sl-micro/6.0/rt-os-container Message-ID: <20260403073220.D6964FD12@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.0/rt-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1796-1 Image Tags : suse/sl-micro/6.0/rt-os-container:2.1.3 , suse/sl-micro/6.0/rt-os-container:2.1.3-7.152 , suse/sl-micro/6.0/rt-os-container:latest Image Release : 7.152 Severity : important Type : recommended References : 1258311 1259825 ----------------------------------------------------------------- The container suse/sl-micro/6.0/rt-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 651 Released: Thu Apr 2 14:55:24 2026 Summary: Recommended update for crypto-policies Type: recommended Severity: important References: 1258311,1259825 This update for crypto-policies fixes the following issues: - Add PQC support for OpenSSH (bsc#1258311, bsc#1259825) * Enable and prioritize sntrup761x25519-sha512 for OpenSSH by default The following package changes have been done: - crypto-policies-20230920.570ea89-2.1 updated - SL-Micro-release-6.0-25.81 updated - container:SL-Micro-container-2.1.3-6.154 updated From sle-container-updates at lists.suse.com Fri Apr 3 07:38:22 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Fri, 3 Apr 2026 09:38:22 +0200 (CEST) Subject: SUSE-CU-2026:2425-1: Recommended update of suse/sl-micro/6.0/toolbox Message-ID: <20260403073822.49511FD12@maintenance.suse.de> SUSE Container Update Advisory: suse/sl-micro/6.0/toolbox ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:2425-1 Container Tags : suse/sl-micro/6.0/toolbox:13.2 , suse/sl-micro/6.0/toolbox:13.2-9.89 , suse/sl-micro/6.0/toolbox:latest Container Release : 9.89 Severity : important Type : recommended References : 1258311 1259825 ----------------------------------------------------------------- The container suse/sl-micro/6.0/toolbox was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 651 Released: Thu Apr 2 14:55:24 2026 Summary: Recommended update for crypto-policies Type: recommended Severity: important References: 1258311,1259825 This update for crypto-policies fixes the following issues: - Add PQC support for OpenSSH (bsc#1258311, bsc#1259825) * Enable and prioritize sntrup761x25519-sha512 for OpenSSH by default The following package changes have been done: - SL-Micro-release-6.0-25.81 updated - crypto-policies-20230920.570ea89-2.1 updated - skelcd-EULA-SL-Micro-2024.01.19-8.80 updated From sle-container-updates at lists.suse.com Fri Apr 3 07:51:19 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Fri, 3 Apr 2026 09:51:19 +0200 (CEST) Subject: SUSE-IU-2026:1875-1: Recommended update of suse/sl-micro/6.2/baremetal-os-container Message-ID: <20260403075119.DBA0AFD12@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.2/baremetal-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1875-1 Image Tags : suse/sl-micro/6.2/baremetal-os-container:2.3.0 , suse/sl-micro/6.2/baremetal-os-container:2.3.0-7.91 , suse/sl-micro/6.2/baremetal-os-container:latest Image Release : 7.91 Severity : moderate Type : recommended References : 1214960 1246923 ----------------------------------------------------------------- The container suse/sl-micro/6.2/baremetal-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 476 Released: Thu Sep 25 12:41:35 2025 Summary: Recommended update for runc Type: recommended Severity: moderate References: 1214960,1246923 This update for runc fixes the following issues: Update to runc v1.3.1: Upstream changelog is available from Update to runc v1.3.0: Upstream changelog is available from The following package changes have been done: - bash-completion-2.12.0-160000.3.1 updated From sle-container-updates at lists.suse.com Fri Apr 3 08:24:03 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Fri, 3 Apr 2026 10:24:03 +0200 (CEST) Subject: SUSE-CU-2026:2788-1: Security update of suse/manager/4.3/proxy-httpd Message-ID: <20260403082403.7FCF5FD12@maintenance.suse.de> SUSE Container Update Advisory: suse/manager/4.3/proxy-httpd ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:2788-1 Container Tags : suse/manager/4.3/proxy-httpd:4.3.17 , suse/manager/4.3/proxy-httpd:4.3.17.9.76.5 , suse/manager/4.3/proxy-httpd:latest Container Release : 9.76.5 Severity : important Type : security References : 1259711 1259726 1259729 CVE-2026-32776 CVE-2026-32777 CVE-2026-32778 ----------------------------------------------------------------- The container suse/manager/4.3/proxy-httpd was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2026:1166-1 Released: Thu Apr 2 03:08:04 2026 Summary: Security update for expat Type: security Severity: important References: 1259711,1259726,1259729,CVE-2026-32776,CVE-2026-32777,CVE-2026-32778 This update for expat fixes the following issues: - CVE-2026-32776: NULL pointer dereference when processing empty external parameter entities inside an entity declaration value (bsc#1259726). - CVE-2026-32777: denial of service due to infinite loop in DTD content parsing (bsc#1259711). - CVE-2026-32778: NULL pointer dereference in `setContext` on retry after an out-of-memory condition (bsc#1259729). The following package changes have been done: - libexpat1-2.7.1-150400.3.37.1 updated From sle-container-updates at lists.suse.com Fri Apr 3 08:25:53 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Fri, 3 Apr 2026 10:25:53 +0200 (CEST) Subject: SUSE-CU-2026:2807-1: Security update of suse/manager/4.3/proxy-salt-broker Message-ID: <20260403082553.D7863FD12@maintenance.suse.de> SUSE Container Update Advisory: suse/manager/4.3/proxy-salt-broker ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:2807-1 Container Tags : suse/manager/4.3/proxy-salt-broker:4.3.17 , suse/manager/4.3/proxy-salt-broker:4.3.17.9.66.5 , suse/manager/4.3/proxy-salt-broker:latest Container Release : 9.66.5 Severity : important Type : security References : 1259711 1259726 1259729 CVE-2026-32776 CVE-2026-32777 CVE-2026-32778 ----------------------------------------------------------------- The container suse/manager/4.3/proxy-salt-broker was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2026:1166-1 Released: Thu Apr 2 03:08:04 2026 Summary: Security update for expat Type: security Severity: important References: 1259711,1259726,1259729,CVE-2026-32776,CVE-2026-32777,CVE-2026-32778 This update for expat fixes the following issues: - CVE-2026-32776: NULL pointer dereference when processing empty external parameter entities inside an entity declaration value (bsc#1259726). - CVE-2026-32777: denial of service due to infinite loop in DTD content parsing (bsc#1259711). - CVE-2026-32778: NULL pointer dereference in `setContext` on retry after an out-of-memory condition (bsc#1259729). The following package changes have been done: - libexpat1-2.7.1-150400.3.37.1 updated From sle-container-updates at lists.suse.com Fri Apr 3 08:29:07 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Fri, 3 Apr 2026 10:29:07 +0200 (CEST) Subject: SUSE-CU-2026:2827-1: Security update of suse/manager/4.3/proxy-ssh Message-ID: <20260403082907.7C6A2FD12@maintenance.suse.de> SUSE Container Update Advisory: suse/manager/4.3/proxy-ssh ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:2827-1 Container Tags : suse/manager/4.3/proxy-ssh:4.3.17 , suse/manager/4.3/proxy-ssh:4.3.17.9.66.4 , suse/manager/4.3/proxy-ssh:latest Container Release : 9.66.4 Severity : important Type : security References : 1259711 1259726 1259729 CVE-2026-32776 CVE-2026-32777 CVE-2026-32778 ----------------------------------------------------------------- The container suse/manager/4.3/proxy-ssh was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2026:1166-1 Released: Thu Apr 2 03:08:04 2026 Summary: Security update for expat Type: security Severity: important References: 1259711,1259726,1259729,CVE-2026-32776,CVE-2026-32777,CVE-2026-32778 This update for expat fixes the following issues: - CVE-2026-32776: NULL pointer dereference when processing empty external parameter entities inside an entity declaration value (bsc#1259726). - CVE-2026-32777: denial of service due to infinite loop in DTD content parsing (bsc#1259711). - CVE-2026-32778: NULL pointer dereference in `setContext` on retry after an out-of-memory condition (bsc#1259729). The following package changes have been done: - libexpat1-2.7.1-150400.3.37.1 updated From sle-container-updates at lists.suse.com Fri Apr 3 08:31:01 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Fri, 3 Apr 2026 10:31:01 +0200 (CEST) Subject: SUSE-CU-2026:2846-1: Security update of suse/manager/4.3/proxy-tftpd Message-ID: <20260403083101.700C0FD12@maintenance.suse.de> SUSE Container Update Advisory: suse/manager/4.3/proxy-tftpd ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:2846-1 Container Tags : suse/manager/4.3/proxy-tftpd:4.3.17 , suse/manager/4.3/proxy-tftpd:4.3.17.9.66.5 , suse/manager/4.3/proxy-tftpd:latest Container Release : 9.66.5 Severity : important Type : security References : 1259711 1259726 1259729 CVE-2026-32776 CVE-2026-32777 CVE-2026-32778 ----------------------------------------------------------------- The container suse/manager/4.3/proxy-tftpd was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2026:1166-1 Released: Thu Apr 2 03:08:04 2026 Summary: Security update for expat Type: security Severity: important References: 1259711,1259726,1259729,CVE-2026-32776,CVE-2026-32777,CVE-2026-32778 This update for expat fixes the following issues: - CVE-2026-32776: NULL pointer dereference when processing empty external parameter entities inside an entity declaration value (bsc#1259726). - CVE-2026-32777: denial of service due to infinite loop in DTD content parsing (bsc#1259711). - CVE-2026-32778: NULL pointer dereference in `setContext` on retry after an out-of-memory condition (bsc#1259729). The following package changes have been done: - libexpat1-2.7.1-150400.3.37.1 updated From sle-container-updates at lists.suse.com Fri Apr 3 08:38:06 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Fri, 3 Apr 2026 10:38:06 +0200 (CEST) Subject: SUSE-CU-2026:2861-1: Security update of suse/sle-micro/5.2/toolbox Message-ID: <20260403083806.02851FD1A@maintenance.suse.de> SUSE Container Update Advisory: suse/sle-micro/5.2/toolbox ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:2861-1 Container Tags : suse/sle-micro/5.2/toolbox:14.2 , suse/sle-micro/5.2/toolbox:14.2-7.11.266 , suse/sle-micro/5.2/toolbox:latest Container Release : 7.11.266 Severity : important Type : security References : 1246399 CVE-2025-45582 ----------------------------------------------------------------- The container suse/sle-micro/5.2/toolbox was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2026:1177-1 Released: Thu Apr 2 17:00:30 2026 Summary: Security update for tar Type: security Severity: important References: 1246399,CVE-2025-45582 This update for tar fixes the following issue: - CVE-2025-45582: file overwrite via directory traversal in crafted TAR archives (bsc#1246399). The following package changes have been done: - tar-1.34-150000.3.37.1 updated