SUSE-IU-2026:1170-1: Security update of suse/sl-micro/6.0/baremetal-os-container

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Fri Feb 27 08:05:44 UTC 2026 

SUSE Image Update Advisory: suse/sl-micro/6.0/baremetal-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2026:1170-1
Image Tags        : suse/sl-micro/6.0/baremetal-os-container:2.1.3 , suse/sl-micro/6.0/baremetal-os-container:2.1.3-6.129 , suse/sl-micro/6.0/baremetal-os-container:latest
Image Release     : 6.129
Severity          : important
Type              : security
References        : 1233421 1246965 1256498 1256499 1256500 1256766 1256822 1257005
                        CVE-2024-52615 CVE-2025-15281 CVE-2025-68276 CVE-2025-68468 CVE-2025-68471
                        CVE-2025-8058 CVE-2026-0861 CVE-2026-0915 
-----------------------------------------------------------------

The container suse/sl-micro/6.0/baremetal-os-container was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: 595
Released:    Thu Feb 26 11:54:54 2026
Summary:     Security update for avahi
Type:        security
Severity:    moderate
References:  1233421,1256498,1256499,1256500,CVE-2024-52615,CVE-2025-68276,CVE-2025-68468,CVE-2025-68471
This update for avahi fixes the following issues:

- CVE-2024-52615: Resolve fixed source ports for wide-area DNS queries cause DNS responses be injected. (bsc#1233421)
- CVE-2025-68468: Fixed DoS bug by removing incorrect assertion. (bsc#1256499)
- CVE-2025-68471: Fixed DoS bug by changing assert to return. (bsc#1256500)
- CVE-2025-68276: Refuse to create wide-area record browsers when wide-area is off. (bsc#1256498)

-----------------------------------------------------------------
Advisory ID: 597
Released:    Thu Feb 26 12:33:53 2026
Summary:     Security update for glibc
Type:        security
Severity:    important
References:  1246965,1256766,1256822,1257005,CVE-2025-15281,CVE-2025-8058,CVE-2026-0861,CVE-2026-0915
This update for glibc fixes the following issues:

- CVE-2026-0861: inadequate size check in the memalign suite may result in an integer overflow (bsc#1256766).
- CVE-2026-0915: uninitialized stack buffer used as DNS query name when net==0 in _nss_dns_getnetbyaddr_r (bsc#1256822).
- CVE-2025-15281: uninitialized memory may cause the process abort (bsc#1257005).
- CVE-2025-8058: a malloc failure in regcomp function can lead to a double free (bsc#1246965).



The following package changes have been done:

- glibc-2.38-11.1 updated
- SL-Micro-release-6.0-25.70 updated
- glibc-locale-base-2.38-11.1 updated
- libavahi-common3-0.8-7.1 updated
- libavahi-core7-0.8-7.1 updated
- libavahi-client3-0.8-7.1 updated
- avahi-0.8-7.1 updated
- container:SL-Micro-base-container-2.1.3-7.96 updated

More information about the sle-container-updates mailing list