SUSE-IU-2026:115-1: Security update of suse/sl-micro/6.1/baremetal-os-container
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Thu Jan 15 08:13:51 UTC 2026
SUSE Image Update Advisory: suse/sl-micro/6.1/baremetal-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2026:115-1
Image Tags : suse/sl-micro/6.1/baremetal-os-container:2.2.1 , suse/sl-micro/6.1/baremetal-os-container:2.2.1-7.46 , suse/sl-micro/6.1/baremetal-os-container:latest
Image Release : 7.46
Severity : important
Type : security
References : 1236931 1239119 1243069 1255715 1256243 1256244 1256246 1256390
CVE-2025-30258 CVE-2025-68973
-----------------------------------------------------------------
The container suse/sl-micro/6.1/baremetal-os-container was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: 374
Released: Wed Jan 14 10:32:14 2026
Summary: Security update for gpg2
Type: security
Severity: important
References: 1236931,1239119,1243069,1255715,1256243,1256244,1256246,1256390,CVE-2025-30258,CVE-2025-68973
This update for gpg2 fixes the following issues:
- CVE-2025-68973: out-of-bounds write when processing specially crafted input in the armor parser can lead to memory corruption (bsc#1255715).
Other security fixes:
- gpg: Avoid potential downgrade to SHA1 in 3rd party key signatures (bsc#1256246).
- gpg: Error out on unverified output for non-detached signatures (bsc#1256244).
- agent: Fix a memory leak (bsc#1256243).
- gpg: Deprecate the option --not-dash-escaped (bsc#1256390).
The following package changes have been done:
- SL-Micro-release-6.1-slfo.1.12.4 updated
- gpg2-2.4.4-slfo.1.1_6.1 updated
- container:SL-Micro-base-container-2.2.1-5.68 updated
More information about the sle-container-updates
mailing list