SUSE-IU-2026:1010-1: Security update of suse/sl-micro/6.1/baremetal-os-container

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Tue Feb 17 08:13:53 UTC 2026 

SUSE Image Update Advisory: suse/sl-micro/6.1/baremetal-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2026:1010-1
Image Tags        : suse/sl-micro/6.1/baremetal-os-container:2.2.1 , suse/sl-micro/6.1/baremetal-os-container:2.2.1-7.56 , suse/sl-micro/6.1/baremetal-os-container:latest
Image Release     : 7.56
Severity          : moderate
Type              : security
References        : 1236621 1236877 1238686 1238849 1238929 1240626 1240698 1242174
                        1243105 1243268 1243274 1243297 1243802 1244561 1244564 1244565
                        1244566 1244567 1244568 1244570 1244571 1244572 1244574 1244575
                        1256805 CVE-2024-38822 CVE-2024-38823 CVE-2024-38824 CVE-2024-38825
                        CVE-2025-22236 CVE-2025-22237 CVE-2025-22238 CVE-2025-22239 CVE-2025-22240
                        CVE-2025-22241 CVE-2025-22242 CVE-2025-22870 CVE-2025-47287 CVE-2026-0989
-----------------------------------------------------------------

The container suse/sl-micro/6.1/baremetal-os-container was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: 392
Released:    Mon Feb 16 09:18:45 2026
Summary:     Security update for libxml2
Type:        security
Severity:    moderate
References:  1236621,1236877,1238686,1238849,1238929,1240626,1240698,1242174,1243105,1243268,1243274,1243297,1243802,1244561,1244564,1244565,1244566,1244567,1244568,1244570,1244571,1244572,1244574,1244575,1256805,CVE-2024-38822,CVE-2024-38823,CVE-2024-38824,CVE-2024-38825,CVE-2025-22236,CVE-2025-22237,CVE-2025-22238,CVE-2025-22239,CVE-2025-22240,CVE-2025-22241,CVE-2025-22242,CVE-2025-22870,CVE-2025-47287,CVE-2026-0989
This update for libxml2 fixes the following issues:
  
- CVE-2026-0989: Fixed call stack exhaustion leading to application crash 
  due to RelaxNG parser not limiting the recursion depth when 
  resolving `<include>` directives (bsc#1256805).


The following package changes have been done:

- libxml2-2-2.11.6-slfo.1.1_7.1 updated
- libopenssl3-3.1.4-slfo.1.1_8.1 updated
- SL-Micro-release-6.1-slfo.1.12.9 updated
- python311-base-3.11.14-slfo.1.1_2.1 updated
- libpython3_11-1_0-3.11.14-slfo.1.1_2.1 updated
- python311-3.11.14-slfo.1.1_2.1 updated
- container:SL-Micro-base-container-2.2.1-5.77 updated

More information about the sle-container-updates mailing list