SUSE-IU-2026:5206-1: Security update of suse/sle-micro/base-5.5

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Wed Jul 1 07:07:33 UTC 2026


SUSE Image Update Advisory: suse/sle-micro/base-5.5
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2026:5206-1
Image Tags        : suse/sle-micro/base-5.5:2.0.4 , suse/sle-micro/base-5.5:2.0.4-5.8.289 , suse/sle-micro/base-5.5:latest
Image Release     : 5.8.289
Severity          : important
Type              : security
References        : 1261900 1265450 1267189 CVE-2026-5704 
-----------------------------------------------------------------

The container suse/sle-micro/base-5.5 was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:2714-1
Released:    Tue Jun 30 14:02:53 2026
Summary:     Security update for tar
Type:        security
Severity:    important
References:  1261900,1265450,1267189,CVE-2026-5704
This update for tar fixes the following issues

Security fixes:

- CVE-2026-5704: crafted archives can be used to to hide file injection (bsc#1261900).

Other fixes:

- Fix tar changing dir permissions temporarily even when using --no-overwrite-dir.
- Fix --dereference/-h not working properly after CVE-2025-45582 fix (bsc#1265450).
- Fix extraction failure for paths like 'a/./b' caused by the gnulib openat2
 implementation (bsc#1267189).


The following package changes have been done:

- tar-1.34-150000.3.42.1 updated


More information about the sle-container-updates mailing list