SUSE-CU-2026:408-1: Security update of suse/nginx

Wed Jan 28 08:19:17 UTC 2026

SUSE Container Update Advisory: suse/nginx
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2026:408-1
Container Tags        : suse/nginx:1.21 , suse/nginx:1.21-70.8 , suse/nginx:latest
Container Release     : 70.8
Severity              : moderate
Type                  : security
References            : 1252895 1256105 1256525 1256526 CVE-2025-14017 CVE-2026-22695
                        CVE-2026-22801 
-----------------------------------------------------------------

The container suse/nginx was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:221-1
Released:    Thu Jan 22 13:15:35 2026
Summary:     Security update for curl
Type:        security
Severity:    moderate
References:  1256105,CVE-2025-14017
This update for curl fixes the following issues:

- CVE-2025-14017: Fixed broken TLS options for threaded LDAPS (bsc#1256105).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:234-1
Released:    Thu Jan 22 13:24:43 2026
Summary:     Security update for libpng16
Type:        security
Severity:    moderate
References:  1256525,1256526,CVE-2026-22695,CVE-2026-22801
This update for libpng16 fixes the following issues:

- CVE-2026-22695: Fixed heap buffer over-read in png_image_finish_read (bsc#1256525)
- CVE-2026-22801: Fixed integer truncation causing heap buffer over-read in png_image_write_* (bsc#1256526).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2026:249-1
Released:    Thu Jan 22 16:23:36 2026
Summary:     Recommended update for libwebp
Type:        recommended
Severity:    moderate
References:  1252895

This update for libwebp ships the commandline tools to Package Hub.

The following package changes have been done:

- patterns-base-fips-20200124-150700.36.1 added
- libwebp7-1.0.3-150200.3.14.1 updated
- libpng16-16-1.6.40-150600.3.6.1 updated
- libopenssl-3-fips-provider-3.2.3-150700.5.21.1 added
- libcurl4-8.14.1-150700.7.11.1 updated
- curl-8.14.1-150700.7.11.1 updated
- container:suse-sle15-15.7-7970b1398395a13b38e858c60a7b75db5f5265dd7c0ecdabe8919a458b2f34e5-0 updated
- container:registry.suse.com-bci-bci-micro-15.7-55883c76f750bdb0fa8cf3fe2e43f19f9babc501efce9801e94a9c0c8d115a20-0 updated