SUSE-IU-2026:1174-1: Security update of suse/sl-micro/6.1/baremetal-os-container

[sle-container-updates at lists.suse.com]

SUSE Image Update Advisory: suse/sl-micro/6.1/baremetal-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2026:1174-1
Image Tags        : suse/sl-micro/6.1/baremetal-os-container:2.2.1 , suse/sl-micro/6.1/baremetal-os-container:2.2.1-7.59 , suse/sl-micro/6.1/baremetal-os-container:latest
Image Release     : 7.59
Severity          : moderate
Type              : security
References        : 1240414 1258045 1258049 1258054 1258080 1258081 CVE-2025-31115
                        CVE-2026-0964 CVE-2026-0965 CVE-2026-0966 CVE-2026-0967 CVE-2026-0968
-----------------------------------------------------------------

The container suse/sl-micro/6.1/baremetal-os-container was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: 412
Released:    Thu Feb 26 12:33:24 2026
Summary:     Security update for libssh
Type:        security
Severity:    moderate
References:  1240414,1258045,1258049,1258054,1258080,1258081,CVE-2025-31115,CVE-2026-0964,CVE-2026-0965,CVE-2026-0966,CVE-2026-0967,CVE-2026-0968
This update for libssh fixes the following issues:

- CVE-2026-0964: improper sanitation of paths received from SCP servers can cause path traversal (bsc#1258049).
- CVE-2026-0965: possible denial of service when parsing unexpected configuration files (bsc#1258045).
- CVE-2026-0966: buffer underflow in ssh_get_hexa() on invalid input (bsc#1258054).
- CVE-2026-0967: specially crafted patterns could cause denial of service (bsc#1258081).
- CVE-2026-0968: malformed SFTP message can lead to out of bound read (bsc#1258080).


The following package changes have been done:

- SL-Micro-release-6.1-slfo.1.12.11 updated
- libssh-config-0.10.6-slfo.1.1_4.1 updated
- libssh4-0.10.6-slfo.1.1_4.1 updated
- container:SL-Micro-base-container-2.2.1-5.80 updated