SUSE-CU-2026:6693-1: Security update of bci/ruby
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Thu Jul 2 08:13:19 UTC 2026
SUSE Container Update Advisory: bci/ruby
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2026:6693-1
Container Tags : bci/ruby:3 , bci/ruby:3.4 , bci/ruby:3.4-25.6 , bci/ruby:3.4-sles15 , bci/ruby:latest
Container Release : 25.6
Severity : important
Type : security
References : 1266340 1266341 1266342 1266343 1266345 1266349 1266350 1266351
1266352 1266353 1266355 1266356 1266357 CVE-2026-34180 CVE-2026-34181
CVE-2026-34183 CVE-2026-42766 CVE-2026-42767 CVE-2026-42768 CVE-2026-42769
CVE-2026-42770 CVE-2026-45445 CVE-2026-45446 CVE-2026-45447 CVE-2026-7383
CVE-2026-9076
-----------------------------------------------------------------
The container bci/ruby was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:2648-1
Released: Fri Jun 26 13:05:57 2026
Summary: Security update for openssl-3
Type: security
Severity: important
References: 1266340,1266341,1266342,1266343,1266345,1266349,1266350,1266351,1266352,1266353,1266355,1266356,1266357,CVE-2026-34180,CVE-2026-34181,CVE-2026-34183,CVE-2026-42766,CVE-2026-42767,CVE-2026-42768,CVE-2026-42769,CVE-2026-42770,CVE-2026-45445,CVE-2026-45446,CVE-2026-45447,CVE-2026-7383,CVE-2026-9076
This update for openssl-3 fixes the following issues
- CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion (bsc#1266340).
- CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption (bsc#1266341).
- CVE-2026-34180: Heap Buffer Over-read in ASN.1 Content Parsing (bsc#1266342).
- CVE-2026-34181: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys (bsc#1266343).
- CVE-2026-34183: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler (bsc#1266345).
- CVE-2026-42766: Possible NULL Dereference in Password-Based CMS Decryption (bsc#1266349).
- CVE-2026-42767: NULL Pointer Dereference in CRMF EncryptedValue Decryption (bsc#1266350).
- CVE-2026-42768: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt() (bsc#1266351).
- CVE-2026-42769: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate (bsc#1266352).
- CVE-2026-42770: FFC-DH Peer Validation Uses Attacker-Supplied q (bsc#1266353).
- CVE-2026-45445: AES-OCB IV Ignored on EVP_Cipher() Path (bsc#1266355).
- CVE-2026-45446: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes (bsc#1266356).
- CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7_verify() (bsc#1266357).
The following package changes have been done:
- libopenssl3-3.2.3-150700.5.36.1 updated
- libopenssl-3-fips-provider-3.2.3-150700.5.36.1 updated
- libcurl4-8.14.1-150700.7.17.1 updated
- container:registry.suse.com-bci-bci-base-15.7-d2aab68ae05470b62bbe38c4ca03ff5bf72b405197482ed96e34dd0087d7bde2-0 updated
More information about the sle-container-updates
mailing list