SUSE-IU-2026:144-1: Security update of suse/sl-micro/6.1/base-os-container
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Fri Jan 16 08:12:34 UTC 2026
SUSE Image Update Advisory: suse/sl-micro/6.1/base-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2026:144-1
Image Tags : suse/sl-micro/6.1/base-os-container:2.2.1 , suse/sl-micro/6.1/base-os-container:2.2.1-5.69 , suse/sl-micro/6.1/base-os-container:latest
Image Release : 5.69
Severity : important
Type : security
References : 1241826 1241857 1242987 1249435 1251511 1251679 1253581 1253901
1254079 CVE-2025-22872 CVE-2025-47911 CVE-2025-47913 CVE-2025-47914
CVE-2025-58181 CVE-2025-58190
-----------------------------------------------------------------
The container suse/sl-micro/6.1/base-os-container was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: 375
Released: Thu Jan 15 10:23:45 2026
Summary: Security update for elemental-toolkit, elemental-operator
Type: security
Severity: important
References: 1241826,1241857,1242987,1251511,1251679,1253581,1253901,1254079,CVE-2025-22872,CVE-2025-47911,CVE-2025-47913,CVE-2025-47914,CVE-2025-58181,CVE-2025-58190
This update for elemental-toolkit, elemental-operator fixes the following issues:
elemental-operator:
- Update to v1.7.4:
* Bump github.com/rancher-sandbox/go-tpm and its dependencies
This bump includes few CVE fixes:
* bsc#1241826 (CVE-2025-22872)
* bsc#1241857 (CVE-2025-22872)
* bsc#1251511 (CVE-2025-47911)
* bsc#1251679 (CVE-2025-58190)
* Install yip config files in before-install step
* Revert 'Do not delete ManagedOSVersions by default'
* Set default channel variable names consistent with OS version
* Do not delete ManagedOSVersions by default
* Include -channel suffix to channel names
* OS channel: enable baremetal channel by default
elemental-toolkit:
- Update to v2.2.7:
* Bump toolkit build to go 1.24
* Bump golang.org/x/crypto library
This bumg includes few CVE fixes:
* bsc#1241826 (CVE-2025-22872)
* bsc#1241857 (CVE-2025-22872)
* bsc#1251511 (CVE-2025-47911)
* bsc#1251679 (CVE-2025-58190)
* bsc#1253581 (CVE-2025-47913)
* bsc#1253901 (CVE-2025-58181)
* bsc#1254079 (CVE-2025-47914)
- Update to v2.2.5:
* Permissive mode for green selinux
* Adapt code and unit tests
* Minor change to lookup devices using blkid
-----------------------------------------------------------------
Advisory ID: 376
Released: Thu Jan 15 11:19:12 2026
Summary: Recommended update for libzypp, libsolv
Type: recommended
Severity: moderate
References: 1249435
This update for libzypp, libsolv fixes the following issues:
libsolv was updated to 0.7.35:
- fixed rare crash in the handling of allowuninstall in combination
with forcebest updates
- new pool_satisfieddep_map feature to test if a set of packages
satisfies a dependency
libzypp was updated to 17.38.0:
- zypp.conf: follow the UAPI configuration file specification
(PED-14658)
In short terms it means we will no longer ship an
/etc/zypp/zypp.conf, but store our own defaults in
/usr/etc/zypp/zypp.conf. The systems administrator may choose to
keep a full copy in /etc/zypp/zypp.conf ignoring our config file
settings completely, or - the preferred way - to overwrite
specific settings via /etc/zypp/zypp.conf.d/*.conf overlay files.
See the ZYPP.CONF(5) man page for details.
- cmake: correctly detect rpm6 (fixes #689)
- Use 'zypp.tmp' as temp directory component to ease setting up
SELinux policies (bsc#1249435)
- zyppng: Update Provider to current MediaCurl2 download
approach, drop Metalink ( fixes #682 )
The following package changes have been done:
- SL-Micro-release-6.1-slfo.1.12.5 updated
- libcurl4-8.14.1-slfo.1.1_5.1 updated
- curl-8.14.1-slfo.1.1_5.1 updated
- elemental-register-1.7.4-slfo.1.1_1.1 updated
- elemental-support-1.7.4-slfo.1.1_1.1 updated
- elemental-toolkit-2.2.7-slfo.1.1_1.1 updated
- libsolv-tools-base-0.7.35-slfo.1.1_1.1 updated
- libzypp-17.38.0-slfo.1.1_1.1 updated
More information about the sle-container-updates
mailing list