SUSE-IU-2026:134-1: Security update of suse/sl-micro/6.2/rt-os-container
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Thu Jan 15 08:25:31 UTC 2026
SUSE Image Update Advisory: suse/sl-micro/6.2/rt-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2026:134-1
Image Tags : suse/sl-micro/6.2/rt-os-container:2.3.0 , suse/sl-micro/6.2/rt-os-container:2.3.0-6.9 , suse/sl-micro/6.2/rt-os-container:latest
Image Release : 6.9
Severity : important
Type : security
References : 1233282 1236217 1244156 1244157 1244158 1255731 1255732 1255733
1255734 1256105 CVE-2024-52533 CVE-2025-0913 CVE-2025-14017 CVE-2025-14524
CVE-2025-14819 CVE-2025-15079 CVE-2025-15224 CVE-2025-22874 CVE-2025-4673
-----------------------------------------------------------------
The container suse/sl-micro/6.2/rt-os-container was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: 140
Released: Mon Jun 9 22:13:41 2025
Summary: Security update for go1.24
Type: security
Severity: important
References: 1233282,1236217,1244156,1244157,1244158,1255731,1255732,1255733,1255734,1256105,CVE-2024-52533,CVE-2025-0913,CVE-2025-14017,CVE-2025-14524,CVE-2025-14819,CVE-2025-15079,CVE-2025-15224,CVE-2025-22874,CVE-2025-4673
This update for go1.24 fixes the following issues:
go1.24.4 (released 2025-06-05) includes security fixes to the
crypto/x509, net/http, and os packages, as well as bug fixes to
the linker, the go command, and the hash/maphash and os packages.
( bsc#1236217 go1.24 release tracking CVE-2025-22874 CVE-2025-0913 CVE-2025-4673)
* bsc#1244158 security: fix CVE-2025-22874 crypto/x509: ExtKeyUsageAny bypasses policy validation
* bsc#1244157 security: fix CVE-2025-0913 os: inconsistent handling of O_CREATE|O_EXCL on Unix and Windows
* bsc#1244156 security: fix CVE-2025-4673 net/http: sensitive headers not cleared on cross-origin redirect
* os: Root.Mkdir creates directories with zero permissions on OpenBSD
* hash/maphash: hashing channels with purego impl. of maphash.Comparable panics
* runtime/debug: BuildSetting does not document DefaultGODEBUG
* cmd/go: add fips140 module selection mechanism
* cmd/link: Go 1.24.3 and 1.23.9 regression - duplicated definition of symbol dlopen
The following package changes have been done:
- libcurl4-8.14.1-160000.4.1 updated
- container:suse-sl-micro-6.2-baremetal-os-container-latest-6c8b99ad4601b3fb872184a44edc24d4fd3e2a4215d81eb6f5cc3bfc0e5cf207-0 updated
More information about the sle-container-updates
mailing list