SUSE-IU-2026:140-1: Security update of suse/sl-micro/6.0/base-os-container

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Fri Jan 16 08:06:39 UTC 2026 

SUSE Image Update Advisory: suse/sl-micro/6.0/base-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2026:140-1
Image Tags        : suse/sl-micro/6.0/base-os-container:2.1.3 , suse/sl-micro/6.0/base-os-container:2.1.3-7.86 , suse/sl-micro/6.0/base-os-container:latest
Image Release     : 7.86
Severity          : important
Type              : security
References        : 1241826 1241857 1251511 1251679 1253581 1253901 1254079 CVE-2025-22872
                        CVE-2025-47911 CVE-2025-47913 CVE-2025-47914 CVE-2025-58181 CVE-2025-58190
-----------------------------------------------------------------

The container suse/sl-micro/6.0/base-os-container was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: 561
Released:    Thu Jan 15 12:08:38 2026
Summary:     Security update for elemental-toolkit, elemental-operator
Type:        security
Severity:    important
References:  1241826,1241857,1251511,1251679,1253581,1253901,1254079,CVE-2025-22872,CVE-2025-47911,CVE-2025-47913,CVE-2025-47914,CVE-2025-58181,CVE-2025-58190
This update for elemental-toolkit, elemental-operator fixes the following issues:

elemental-operator:

  - Update to version 1.6.10:

    * Remove 'latest' tag as this overlaps with the latest branch
    * Bump github.com/rancher-sandbox/go-tpm and its dependencies
      This bump includes fixes to some CVEs:
      * bsc#1241826 (CVE-2025-22872)
      * bsc#1241857 (CVE-2025-22872)
      * bsc#1251511 (CVE-2025-47911)
      * bsc#1251679 (CVE-2025-58190)

elemental-toolkit:

  - Update to version 2.1.5:

    * Update headers for new year 2026
    * Disable selinux in installer media

  - Update to version 2.1.4:

    * Remove leftovers in installer integration test
    * Bump to build against go 1.24
    * Bump golang.org/x/crypto library
      This bump includes fixes to some CVEs:

      * bsc#1241826 (CVE-2025-22872)
      * bsc#1241857 (CVE-2025-22872)
      * bsc#1251511 (CVE-2025-47911)
      * bsc#1251679 (CVE-2025-58190)
      * bsc#1253581 (CVE-2025-47913)
      * bsc#1253901 (CVE-2025-58181)
      * bsc#1254079 (CVE-2025-47914)



The following package changes have been done:

- elemental-register-1.6.10-1.1 updated
- elemental-support-1.6.10-1.1 updated
- elemental-toolkit-2.1.5-1.1 updated

More information about the sle-container-updates mailing list