SUSE-IU-2026:1020-1: Security update of suse/sl-micro/6.1/baremetal-os-container

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Tue Feb 17 14:07:21 UTC 2026 

SUSE Image Update Advisory: suse/sl-micro/6.1/baremetal-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2026:1020-1
Image Tags        : suse/sl-micro/6.1/baremetal-os-container:2.2.1 , suse/sl-micro/6.1/baremetal-os-container:2.2.1-7.57 , suse/sl-micro/6.1/baremetal-os-container:latest
Image Release     : 7.57
Severity          : important
Type              : security
References        : 1198146 1219386 1233421 1243767 1248988 1254297 1254662 1254878
                        1256389 1256483 1257049 1257353 1257354 1257355 1257396 619225
                        CVE-2022-1210 CVE-2022-31022 CVE-2023-42818 CVE-2023-5992 CVE-2024-10975
                        CVE-2024-52615 CVE-2025-0913 CVE-2025-1296 CVE-2025-13601 CVE-2025-14087
                        CVE-2025-14512 CVE-2025-22874 CVE-2025-25207 CVE-2025-25208 CVE-2025-4128
                        CVE-2025-4573 CVE-2025-46721 CVE-2025-4673 CVE-2025-47950 CVE-2025-49011
                        CVE-2025-49136 CVE-2025-49140 CVE-2025-5278 CVE-2026-0988 CVE-2026-1484
                        CVE-2026-1485 CVE-2026-1489 CVE-2026-24882 
-----------------------------------------------------------------

The container suse/sl-micro/6.1/baremetal-os-container was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: 407
Released:    Tue Feb 17 10:37:09 2026
Summary:     Security update for gpg2
Type:        security
Severity:    important
References:  1256389,1257396,CVE-2026-24882
This update for gpg2 fixes the following issues:

- CVE-2026-24882: stack-based buffer overflow in TPM2 PKDECRYPT for TPM-backed RSA and ECC keys (bsc#1257396).
- gpg.fail/filename: GnuPG Accepts Path Separators and Path Traversals in Literal Data 'Filename' Field (bsc#1256389).

-----------------------------------------------------------------
Advisory ID: 397
Released:    Tue Feb 17 10:42:11 2026
Summary:     Security update for avahi
Type:        security
Severity:    moderate
References:  1198146,1233421,CVE-2022-1210,CVE-2024-52615
This update for avahi fixes the following issues:

- CVE-2024-52615: Fixed possible DNS response injection via the use of fixed source ports for wide-area DNS queries (bsc#1233421).

-----------------------------------------------------------------
Advisory ID: 406
Released:    Tue Feb 17 10:43:04 2026
Summary:     Recommended update for podman
Type:        recommended
Severity:    moderate
References:  1219386,1248988,CVE-2023-5992
This update for podman fixes the following issues:

- Add symlink to catatonit in /usr/libexec/podman (bsc#1248988)

-----------------------------------------------------------------
Advisory ID: 405
Released:    Tue Feb 17 10:46:35 2026
Summary:     Security update for glib2
Type:        security
Severity:    important
References:  1243767,1254297,1254662,1254878,1257049,1257353,1257354,1257355,CVE-2025-13601,CVE-2025-14087,CVE-2025-14512,CVE-2025-5278,CVE-2026-0988,CVE-2026-1484,CVE-2026-1485,CVE-2026-1489
This update for glib2 fixes the following issues:

- CVE-2025-13601: Fixed integer overflow in in g_escape_uri_string() (bsc#1254297).
- CVE-2025-14087: Fixed buffer underflow in GVariant parser leads to heap corruption (bsc#1254662).
- CVE-2025-14512: Fixed integer Overflow in GLib GIO Attribute Escaping Causes Heap Buffer Overflow (bsc#1254878).
- CVE-2026-1485: Fixed buffer underflow and out-of-bounds access due to integer wraparound in content type parsing (bsc#1257354).
- CVE-2026-1484: Fixed buffer underflow and out-of-bounds access due to miscalculated buffer boundaries in the Base64 encoding routine (bsc#1257355).
- CVE-2026-1489: Fixed undersized heap allocation followed by out-of-bounds access due to integer overflow in Unicode case conversion (bsc#1257353).
- CVE-2026-0988: Fixed a potential integer overflow in g_buffered_input_stream_peek (bsc#1257049).

-----------------------------------------------------------------
Advisory ID: 396
Released:    Tue Feb 17 10:52:11 2026
Summary:     Security update for kernel-firmware
Type:        security
Severity:    important
References:  1256483,619225,CVE-2022-31022,CVE-2023-42818,CVE-2024-10975,CVE-2025-0913,CVE-2025-1296,CVE-2025-22874,CVE-2025-25207,CVE-2025-25208,CVE-2025-4128,CVE-2025-4573,CVE-2025-46721,CVE-2025-4673,CVE-2025-47950,CVE-2025-49011,CVE-2025-49136,CVE-2025-49140
This update for kernel-firmware fixes the following issues:

- Update AMD ucode to 20251203 (bsc#1256483)


The following package changes have been done:

- libexpat1-2.7.1-slfo.1.1_4.1 updated
- SL-Micro-release-6.1-slfo.1.12.10 updated
- libglib-2_0-0-2.78.6-slfo.1.1_6.1 updated
- libgobject-2_0-0-2.78.6-slfo.1.1_6.1 updated
- libgmodule-2_0-0-2.78.6-slfo.1.1_6.1 updated
- libgio-2_0-0-2.78.6-slfo.1.1_6.1 updated
- glib2-tools-2.78.6-slfo.1.1_6.1 updated
- gpg2-2.4.4-slfo.1.1_7.1 updated
- kernel-firmware-amdgpu-20241128-slfo.1.1_2.1 updated
- kernel-firmware-ath10k-20241128-slfo.1.1_2.1 updated
- kernel-firmware-ath11k-20241128-slfo.1.1_2.1 updated
- kernel-firmware-ath12k-20241128-slfo.1.1_2.1 updated
- kernel-firmware-atheros-20241128-slfo.1.1_2.1 updated
- kernel-firmware-bluetooth-20241128-slfo.1.1_2.1 updated
- kernel-firmware-bnx2-20241128-slfo.1.1_2.1 updated
- kernel-firmware-brcm-20241128-slfo.1.1_2.1 updated
- kernel-firmware-chelsio-20241128-slfo.1.1_2.1 updated
- kernel-firmware-dpaa2-20241128-slfo.1.1_2.1 updated
- kernel-firmware-i915-20241128-slfo.1.1_2.1 updated
- kernel-firmware-intel-20241128-slfo.1.1_2.1 updated
- kernel-firmware-iwlwifi-20241128-slfo.1.1_2.1 updated
- kernel-firmware-liquidio-20241128-slfo.1.1_2.1 updated
- kernel-firmware-marvell-20241128-slfo.1.1_2.1 updated
- kernel-firmware-media-20241128-slfo.1.1_2.1 updated
- kernel-firmware-mediatek-20241128-slfo.1.1_2.1 updated
- kernel-firmware-mellanox-20241128-slfo.1.1_2.1 updated
- kernel-firmware-mwifiex-20241128-slfo.1.1_2.1 updated
- kernel-firmware-network-20241128-slfo.1.1_2.1 updated
- kernel-firmware-nfp-20241128-slfo.1.1_2.1 updated
- kernel-firmware-nvidia-20241128-slfo.1.1_2.1 updated
- kernel-firmware-platform-20241128-slfo.1.1_2.1 updated
- kernel-firmware-prestera-20241128-slfo.1.1_2.1 updated
- kernel-firmware-qcom-20241128-slfo.1.1_2.1 updated
- kernel-firmware-qlogic-20241128-slfo.1.1_2.1 updated
- kernel-firmware-radeon-20241128-slfo.1.1_2.1 updated
- kernel-firmware-realtek-20241128-slfo.1.1_2.1 updated
- kernel-firmware-serial-20241128-slfo.1.1_2.1 updated
- kernel-firmware-sound-20241128-slfo.1.1_2.1 updated
- kernel-firmware-ti-20241128-slfo.1.1_2.1 updated
- kernel-firmware-ueagle-20241128-slfo.1.1_2.1 updated
- kernel-firmware-usb-network-20241128-slfo.1.1_2.1 updated
- libavahi-common3-0.8-slfo.1.1_4.1 updated
- kernel-firmware-all-20241128-slfo.1.1_2.1 updated
- libavahi-core7-0.8-slfo.1.1_4.1 updated
- libavahi-client3-0.8-slfo.1.1_4.1 updated
- avahi-0.8-slfo.1.1_4.1 updated
- podman-5.4.2-slfo.1.1_3.1 updated
- container:SL-Micro-base-container-2.2.1-5.78 updated

More information about the sle-container-updates mailing list