SUSE-CU-2026:2846-1: Security update of suse/manager/4.3/proxy-tftpd
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Fri Apr 3 08:31:01 UTC 2026
SUSE Container Update Advisory: suse/manager/4.3/proxy-tftpd
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2026:2846-1
Container Tags : suse/manager/4.3/proxy-tftpd:4.3.17 , suse/manager/4.3/proxy-tftpd:4.3.17.9.66.5 , suse/manager/4.3/proxy-tftpd:latest
Container Release : 9.66.5
Severity : important
Type : security
References : 1259711 1259726 1259729 CVE-2026-32776 CVE-2026-32777 CVE-2026-32778
-----------------------------------------------------------------
The container suse/manager/4.3/proxy-tftpd was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:1166-1
Released: Thu Apr 2 03:08:04 2026
Summary: Security update for expat
Type: security
Severity: important
References: 1259711,1259726,1259729,CVE-2026-32776,CVE-2026-32777,CVE-2026-32778
This update for expat fixes the following issues:
- CVE-2026-32776: NULL pointer dereference when processing empty external parameter entities inside an entity
declaration value (bsc#1259726).
- CVE-2026-32777: denial of service due to infinite loop in DTD content parsing (bsc#1259711).
- CVE-2026-32778: NULL pointer dereference in `setContext` on retry after an out-of-memory condition (bsc#1259729).
The following package changes have been done:
- libexpat1-2.7.1-150400.3.37.1 updated
More information about the sle-container-updates
mailing list