SUSE-CU-2026:6702-1: Security update of suse/samba-server
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Fri Jul 3 07:34:25 UTC 2026
SUSE Container Update Advisory: suse/samba-server
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2026:6702-1
Container Tags : suse/samba-server:4.21 , suse/samba-server:4.21 , suse/samba-server:4.21-75.8 , suse/samba-server:latest
Container Release : 75.8
Severity : moderate
Type : security
References : 1261569 1261570 1261571 1261572 1261742 1261743 CVE-2026-27447
CVE-2026-34978 CVE-2026-34979 CVE-2026-34980 CVE-2026-39314 CVE-2026-39316
-----------------------------------------------------------------
The container suse/samba-server was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:2732-1
Released: Thu Jul 2 19:41:27 2026
Summary: Security update for cups
Type: security
Severity: moderate
References: 1261569,1261570,1261571,1261572,1261742,1261743,CVE-2026-27447,CVE-2026-34978,CVE-2026-34979,CVE-2026-34980,CVE-2026-39314,CVE-2026-39316
This update for cups fixes the following issues
- CVE-2026-27447: Authorization bypass via case-insensitive group-member lookup (bsc#1261572).
- CVE-2026-34978: Path traversal in RSS notify-recipient-uri enables file write outside CacheDir/rss (bsc#1261571).
- CVE-2026-34979: Heap overflow in `get_options()` (bsc#1261570).
- CVE-2026-34980: Shared PostScript queue lets anonymous Print-Job requests reach `lp` code execution over the network
(bsc#1261569).
- CVE-2026-39314: negative `job-password-supported` attribute can lead to a denial of service (bsc#1261743).
- CVE-2026-39316: dangling subscription pointer can lead to a denial of service (1261742).
The following package changes have been done:
- cups-config-2.2.7-150000.3.93.1 updated
- libcups2-2.2.7-150000.3.93.1 updated
- container:suse-sle15-15.7-d2aab68ae05470b62bbe38c4ca03ff5bf72b405197482ed96e34dd0087d7bde2-0 updated
More information about the sle-container-updates
mailing list