SUSE-IU-2026:111-1: Security update of suse/sl-micro/6.0/baremetal-os-container
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Thu Jan 15 08:06:17 UTC 2026
SUSE Image Update Advisory: suse/sl-micro/6.0/baremetal-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2026:111-1
Image Tags : suse/sl-micro/6.0/baremetal-os-container:2.1.3 , suse/sl-micro/6.0/baremetal-os-container:2.1.3-6.118 , suse/sl-micro/6.0/baremetal-os-container:latest
Image Release : 6.118
Severity : important
Type : security
References : 1255715 1256243 1256244 1256246 1256390 CVE-2025-68973
-----------------------------------------------------------------
The container suse/sl-micro/6.0/baremetal-os-container was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: 560
Released: Wed Jan 14 10:44:10 2026
Summary: Security update for gpg2
Type: security
Severity: important
References: 1255715,1256243,1256244,1256246,1256390,CVE-2025-68973
This update for gpg2 fixes the following issues:
- CVE-2025-68973: out-of-bounds write when processing specially crafted input in the armor parser can lead to memory corruption (bsc#1255715).
Other security fixes:
- gpg: Avoid potential downgrade to SHA1 in 3rd party key signatures (bsc#1256246).
- gpg: Error out on unverified output for non-detached signatures (bsc#1256244).
- agent: Fix a memory leak (bsc#1256243).
- gpg: Deprecate the option --not-dash-escaped (bsc#1256390).
The following package changes have been done:
- SL-Micro-release-6.0-25.64 updated
- gpg2-2.4.4-6.1 updated
- container:SL-Micro-base-container-2.1.3-7.85 updated
More information about the sle-container-updates
mailing list