SUSE-IU-2026:577-1: Security update of suse/sl-micro/6.2/baremetal-os-container

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Fri Jan 30 08:08:41 UTC 2026 

SUSE Image Update Advisory: suse/sl-micro/6.2/baremetal-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2026:577-1
Image Tags        : suse/sl-micro/6.2/baremetal-os-container:2.3.0 , suse/sl-micro/6.2/baremetal-os-container:2.3.0-7.32 , suse/sl-micro/6.2/baremetal-os-container:latest
Image Release     : 7.32
Severity          : important
Type              : security
References        : 1236282 1241826 1241857 1251511 1251679 1253581 1253901 1254079
                        1256389 1256436 1256766 1256822 1257005 1257395 1257396 CVE-2025-0395
                        CVE-2025-15281 CVE-2025-22872 CVE-2025-47911 CVE-2025-47913 CVE-2025-47914
                        CVE-2025-58181 CVE-2025-58190 CVE-2026-0861 CVE-2026-0915 CVE-2026-24882
                        CVE-2026-24883 
-----------------------------------------------------------------

The container suse/sl-micro/6.2/baremetal-os-container was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: 217
Released:    Thu Jan 29 16:32:26 2026
Summary:     Security update for elemental-register, elemental-toolkit
Type:        security
Severity:    important
References:  1241826,1241857,1251511,1251679,1253581,1253901,1254079,CVE-2025-22872,CVE-2025-47911,CVE-2025-47913,CVE-2025-47914,CVE-2025-58181,CVE-2025-58190
This update for elemental-register, elemental-toolkit fixes the following issues:

elemental-register was updated to 1.8.1:

Changes on top of v1.8.1:

  * Update headers to 2026
  * Update questions to include SL Micro 6.2

Update to v1.8.1:

  * Install yip config files in before-install step
  * Bump github.com/rancher-sandbox/go-tpm and its dependencies
    This includes few CVE fixes:
    * bsc#1241826 (CVE-2025-22872)
    * bsc#1241857 (CVE-2025-22872)
    * bsc#1251511 (CVE-2025-47911)
    * bsc#1251679 (CVE-2025-58190)

elemental-toolkit was updated to v2.3.2:

  * Bump golang.org/x/crypto library
    This includes few CVE fixes:
    * bsc#1241826 (CVE-2025-22872)
    * bsc#1241857 (CVE-2025-22872)
    * bsc#1251511 (CVE-2025-47911)
    * bsc#1251679 (CVE-2025-58190)
    * bsc#1253581 (CVE-2025-47913)
    * bsc#1253901 (CVE-2025-58181)
    * bsc#1254079 (CVE-2025-47914)

-----------------------------------------------------------------
Advisory ID: 221
Released:    Thu Jan 29 17:14:38 2026
Summary:     Security update for gpg2
Type:        security
Severity:    important
References:  1256389,1257395,1257396,CVE-2026-24882,CVE-2026-24883
This update for gpg2 fixes the following issues:

- CVE-2026-24882: stack-based buffer overflow in TPM2 PKDECRYPT for TPM-backed RSA and ECC keys (bsc#1257396).
- CVE-2026-24883: denial of service due to long signature packet length causing parse_signature to return success with sig->data[] set to a NULL value (bsc#1257395).
- gpg.fail/filename: GnuPG Accepts Path Separators and Path Traversals in Literal Data 'Filename' Field (bsc#1256389).

-----------------------------------------------------------------
Advisory ID: 218
Released:    Thu Jan 29 18:44:57 2026
Summary:     Security update for glibc
Type:        security
Severity:    important
References:  1236282,1256436,1256766,1256822,1257005,CVE-2025-0395,CVE-2025-15281,CVE-2026-0861,CVE-2026-0915
This update for glibc fixes the following issues:

Security fixes:

- CVE-2025-0395: Fixed buffer overflow in the assert() function (bsc#1236282).
- CVE-2026-0861: Fixed inadequate size check in the memalign suite may result in an integer overflow (bsc#1256766).
- CVE-2026-0915: Fixed uninitialized stack buffer used as DNS query name when net==0 in _nss_dns_getnetbyaddr_r (bsc#1256822).
- CVE-2025-15281: Fixed uninitialized memory may cause the process abort (bsc#1257005).

Other fixes:

- NPTL: Optimize trylock for high cache contention workloads (bsc#1256436)


The following package changes have been done:

- glibc-2.40-160000.3.1 updated
- elemental-register-1.8.1-160000.1.1 updated
- elemental-support-1.8.1-160000.1.1 updated
- glibc-gconv-modules-extra-2.40-160000.3.1 updated
- glibc-locale-base-2.40-160000.3.1 updated
- elemental-toolkit-2.3.2-160000.1.1 updated
- gpg2-2.5.5-160000.4.1 updated
- container:suse-sl-micro-6.2-base-os-container-latest-e9cfd969c3c5fd78a09678865fbed96d8d124c381761efffca11c1b7cb64e48f-0 updated

More information about the sle-container-updates mailing list