SUSE-IU-2026:2400-1: Security update of suse/sl-micro/6.1/base-os-container

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Wed Apr 22 07:32:25 UTC 2026 

SUSE Image Update Advisory: suse/sl-micro/6.1/base-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2026:2400-1
Image Tags        : suse/sl-micro/6.1/base-os-container:2.2.1 , suse/sl-micro/6.1/base-os-container:2.2.1-5.118 , suse/sl-micro/6.1/base-os-container:latest
Image Release     : 5.118
Severity          : important
Type              : security
References        : 1084929 1215720 1216355 1221126 1244485 1249385 1249584 1250952
                        1258022 1258664 1259543 1259924 1261957 CVE-2025-59375 CVE-2025-69720
                        CVE-2026-34757 
-----------------------------------------------------------------

The container suse/sl-micro/6.1/base-os-container was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: 500
Released:    Tue Apr 21 10:29:18 2026
Summary:     Security update for ncurses
Type:        security
Severity:    moderate
References:  1249584,1259924,CVE-2025-59375,CVE-2025-69720
This update for ncurses fixes the following issue:

- CVE-2025-69720: buffer overflow in function `analyze_string()`of `progs/infocmp.c` (bsc#1259924).

-----------------------------------------------------------------
Advisory ID: 499
Released:    Tue Apr 21 10:33:03 2026
Summary:     Security update for libpng16
Type:        security
Severity:    moderate
References:  1084929,1215720,1216355,1258664,1261957,CVE-2026-34757
This update for libpng16 fixes the following issue:

- CVE-2026-34757: libpng: Information disclosure and data corruption via use-after-free vulnerability (bsc#1261957).

-----------------------------------------------------------------
Advisory ID: 497
Released:    Tue Apr 21 10:42:57 2026
Summary:     Recommended update for grub2
Type:        recommended
Severity:    important
References:  1221126,1244485,1249385,1250952,1258022,1259543
This update for grub2 fixes the following issues:

- Fix missing install device check in grub2-install on PowerPC which could lead
  to bootlist corruption (bsc#1221126)
    * add mandatory install device check for PowerPC
- Fix PowerPC network boot prefix to correctly locate grub.cfg (bsc#1249385)
    * use net config for boot location instead of
- Fix double free in xen booting if root filesystem is Btrfs (bsc#1259543)
    * btrfs: add ability to boot from subvolumes
    * btrfs: get default subvolume
- Backport upstream's commit to prevent BIOS assert (bsc#1258022)


The following package changes have been done:

- libpng16-16-1.6.43-slfo.1.1_5.1 updated
- libncurses6-6.4.20240224-slfo.1.1_2.1 updated
- terminfo-base-6.4.20240224-slfo.1.1_2.1 updated
- ncurses-utils-6.4.20240224-slfo.1.1_2.1 updated
- grub2-2.12-slfo.1.1_5.1 updated
- grub2-i386-pc-2.12-slfo.1.1_5.1 updated
- grub2-x86_64-efi-2.12-slfo.1.1_5.1 updated
- SL-Micro-release-6.1-slfo.1.12.32 updated
- container:suse-toolbox-image-1.0.0-5.43 updated

More information about the sle-container-updates mailing list