SUSE-CU-2026:368-1: Security update of suse/sle-micro/5.2/toolbox

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Fri Jan 23 08:30:34 UTC 2026 

SUSE Container Update Advisory: suse/sle-micro/5.2/toolbox
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2026:368-1
Container Tags        : suse/sle-micro/5.2/toolbox:14.2 , suse/sle-micro/5.2/toolbox:14.2-7.11.228 , suse/sle-micro/5.2/toolbox:latest
Container Release     : 7.11.228
Severity              : important
Type                  : security
References            : 1255715 1256244 1256246 1256341 1256390 CVE-2025-13151 CVE-2025-68973
-----------------------------------------------------------------

The container suse/sle-micro/5.2/toolbox was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:214-1
Released:    Thu Jan 22 13:09:26 2026
Summary:     Security update for gpg2
Type:        security
Severity:    important
References:  1255715,1256244,1256246,1256390,CVE-2025-68973
This update for gpg2 fixes the following issues:

- CVE-2025-68973: Fix possible memory corruption in the armor parser (gpg.fail/memcpy)(bsc#1255715).
- Avoid potential downgrade to SHA1 in 3rd party key signatures (gpg.fail/sha1) (bsc#1256246).
- Error out on unverified output for non-detached signatures (gpg.fail/detached) (bsc#1256244).
- Fix Cleartext Signature Forgery in the NotDashEscaped header implementation in GnuPG (gpg.fail/notdash) (bsc#1256390).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:224-1
Released:    Thu Jan 22 13:18:20 2026
Summary:     Security update for libtasn1
Type:        security
Severity:    moderate
References:  1256341,CVE-2025-13151

This update for libtasn1 fixes the following issues:

- CVE-2025-13151: stack-based buffer overflow in `asn1_expend_octet_string` (bsc#1256341).


The following package changes have been done:

- gpg2-2.2.27-150300.3.16.1 updated
- libtasn1-6-4.13-150000.4.14.1 updated
- libtasn1-4.13-150000.4.14.1 updated

More information about the sle-container-updates mailing list