SUSE-CU-2026:675-1: Security update of suse/ltss/sle12.5/sles12sp5
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Thu Feb 5 08:14:31 UTC 2026
SUSE Container Update Advisory: suse/ltss/sle12.5/sles12sp5
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2026:675-1
Container Tags : suse/ltss/sle12.5/sles12sp5:8.5.193 , suse/ltss/sle12.5/sles12sp5:latest
Container Release : 8.5.193
Severity : important
Type : security
References : 1255715 1256244 1256389 1256390 CVE-2025-68973
-----------------------------------------------------------------
The container suse/ltss/sle12.5/sles12sp5 was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:378-1
Released: Wed Feb 4 08:38:11 2026
Summary: Security update for gpg2
Type: security
Severity: important
References: 1255715,1256244,1256389,1256390,CVE-2025-68973
This update for gpg2 fixes the following issues:
- CVE-2025-68973: Fixed possile memory corruption in the armor
parser [T7906] (bsc#1255715)
- Fixed GnuPG Accepting Path Separators and Path Traversals
in Literal Data (bsc#1256389)
- Fixed Cleartext Signature Forgery in the NotDashEscaped header
implementation in GnuPG (bsc#1256390)
- Fixed error out on unverified output for non-detached
signatures [T7903] (bsc#1256244)
The following package changes have been done:
- gpg2-2.0.24-9.17.1 updated
More information about the sle-container-updates
mailing list