SUSE-IU-2026:500-1: Security update of suse/sl-micro/6.2/baremetal-os-container

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Tue Jan 27 08:08:10 UTC 2026 

SUSE Image Update Advisory: suse/sl-micro/6.2/baremetal-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2026:500-1
Image Tags        : suse/sl-micro/6.2/baremetal-os-container:2.3.0 , suse/sl-micro/6.2/baremetal-os-container:2.3.0-7.26 , suse/sl-micro/6.2/baremetal-os-container:latest
Image Release     : 7.26
Severity          : important
Type              : security
References        : 1254362 1256498 1256499 1256500 CVE-2025-68276 CVE-2025-68468
                        CVE-2025-68471 
-----------------------------------------------------------------

The container suse/sl-micro/6.2/baremetal-os-container was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: 192
Released:    Mon Jan 26 10:22:47 2026
Summary:     Recommended update for runc
Type:        recommended
Severity:    important
References:  1254362
This update for runc fixes the following issues:

Changes in runc:

- Update to runc v1.3.4. Upstream changelog is available from
  <https://github.com/opencontainers/runc/releases/tag/v1.3.4>. bsc#1254362


-----------------------------------------------------------------
Advisory ID: 193
Released:    Mon Jan 26 11:20:39 2026
Summary:     Security update for avahi
Type:        security
Severity:    moderate
References:  1256498,1256499,1256500,CVE-2025-68276,CVE-2025-68468,CVE-2025-68471
This update for avahi fixes the following issues:

- CVE-2025-68276: Fixed refuse to create wide-area record browsers when
  wide-area is off (bsc#1256498)
- CVE-2025-68471: Fixed DoS bug by changing assert to return (bsc#1256500)
- CVE-2025-68468: Fixed DoS bug by removing incorrect assertion (bsc#1256499)


The following package changes have been done:

- libavahi-common3-0.8-160000.4.1 updated
- runc-1.3.4-160000.1.1 updated
- libavahi-core7-0.8-160000.4.1 updated
- libavahi-client3-0.8-160000.4.1 updated
- avahi-0.8-160000.4.1 updated

More information about the sle-container-updates mailing list