SUSE-CU-2026:6584-1: Security update of suse/sle-micro-rancher/5.4
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Wed Jul 1 07:48:53 UTC 2026
SUSE Container Update Advisory: suse/sle-micro-rancher/5.4
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2026:6584-1
Container Tags : suse/sle-micro-rancher/5.4:5.4.4.5.139 , suse/sle-micro-rancher/5.4:latest
Container Release : 4.5.139
Severity : important
Type : security
References : 1261900 1265450 1267189 1267823 CVE-2026-5704
-----------------------------------------------------------------
The container suse/sle-micro-rancher/5.4 was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:2691-1
Released: Tue Jun 30 10:24:30 2026
Summary: Security update for sg3_utils
Type: security
Severity: important
References: 1267823
This update for sg3_utils fixes the following issue
Update to version 1.47+16.aad0b411:
- sg_inq: --export output conformance for SCSI name string and ATA fields (bsc#1267823).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:2714-1
Released: Tue Jun 30 14:02:53 2026
Summary: Security update for tar
Type: security
Severity: important
References: 1261900,1265450,1267189,CVE-2026-5704
This update for tar fixes the following issues
Security fixes:
- CVE-2026-5704: crafted archives can be used to to hide file injection (bsc#1261900).
Other fixes:
- Fix tar changing dir permissions temporarily even when using --no-overwrite-dir.
- Fix --dereference/-h not working properly after CVE-2025-45582 fix (bsc#1265450).
- Fix extraction failure for paths like 'a/./b' caused by the gnulib openat2
implementation (bsc#1267189).
The following package changes have been done:
- libsgutils2-1_47-2-1.47+16.aad0b411-150400.3.14.1 updated
- sg3_utils-1.47+16.aad0b411-150400.3.14.1 updated
- tar-1.34-150000.3.42.1 updated
More information about the sle-container-updates
mailing list