SUSE-IU-2026:2115-1: Security update of suse/sl-micro/6.0/base-os-container

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Fri Apr 10 07:15:46 UTC 2026 

SUSE Image Update Advisory: suse/sl-micro/6.0/base-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2026:2115-1
Image Tags        : suse/sl-micro/6.0/base-os-container:2.1.3 , suse/sl-micro/6.0/base-os-container:2.1.3-7.125 , suse/sl-micro/6.0/base-os-container:latest
Image Release     : 7.125
Severity          : important
Type              : security
References        : 1260078 1260082 1260754 1260755 CVE-2026-33416 CVE-2026-33636
                        CVE-2026-4437 CVE-2026-4438 
-----------------------------------------------------------------

The container suse/sl-micro/6.0/base-os-container was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: 660
Released:    Thu Apr  9 12:16:32 2026
Summary:     Security update for libpng16
Type:        security
Severity:    important
References:  1260754,1260755,CVE-2026-33416,CVE-2026-33636
This update for libpng16 fixes the following issues:

- CVE-2026-33416: use-after-free via pointer aliasing in `png_set_tRNS` and `png_set_PLTE` can lead to arbitrary code
  execution (bsc#1260754).
- CVE-2026-33636: out-of-bounds read/write in the palette expansion on ARM Neon can lead to information leak and
  crashes (bsc#1260755).

-----------------------------------------------------------------
Advisory ID: 659
Released:    Thu Apr  9 13:02:01 2026
Summary:     Security update for glibc
Type:        security
Severity:    important
References:  1260078,1260082,CVE-2026-4437,CVE-2026-4438
This update for glibc fixes the following issues:

- CVE-2026-4437: incorrect DNS response parsing via crafted DNS server response (bsc#1260078).
- CVE-2026-4438: invalid DNS hostname returned via gethostbyaddr functions (bsc#1260082).


The following package changes have been done:

- glibc-2.38-12.1 updated
- libpng16-16-1.6.43-4.1 updated
- SL-Micro-release-6.0-25.84 updated
- glibc-locale-base-2.38-12.1 updated
- container:suse-toolbox-image-1.0.0-9.93 updated

More information about the sle-container-updates mailing list