SUSE-IU-2026:5463-1: Security update of suse/sl-micro/6.2/rt-os-container
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Sat Jul 4 07:42:16 UTC 2026
SUSE Image Update Advisory: suse/sl-micro/6.2/rt-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2026:5463-1
Image Tags : suse/sl-micro/6.2/rt-os-container:2.3.1 , suse/sl-micro/6.2/rt-os-container:2.3.1-7.47 , suse/sl-micro/6.2/rt-os-container:latest
Image Release : 7.47
Severity : important
Type : security
References : 1245551 1248261 1251948 1254924 1259071 1260357 1261982 1261983
1262305 1263117 1263656 1263658 1267644 1267647 CVE-2026-5435
CVE-2026-6238
-----------------------------------------------------------------
The container suse/sl-micro/6.2/rt-os-container was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: 1151
Released: Fri Jul 3 10:55:00 2026
Summary: Security update for systemd
Type: security
Severity: important
References: 1245551,1248261,1251948,1254924,1259071,1260357,1261982,1261983,1262305,1263117,1267644,1267647
This update for systemd fixes the following issues:
Changes in systemd:
- Better handle TLS allocation failure (bsc#1254924).
- Disable mounting `debugfs` by default (jsc#PED-8812).
- Import commit 9e8b5afe0fb2061f4a17a3022469dd62f2683960 (bsc#1267647 bsc#1267644 bsc#1262305 bsc#1263117).
- Move `systemd-pcrlock` out from the experimental sub-package to `udev` (bsc#1248261 jsc#PED-15946).
- Add a weak runtime dependency on `libtss2-tcti-device0` (bsc#1260357).
- Import commit 59336000ef7850eba0963c6a690ff3371c425929 (bsc#1261982 bsc#1261983).
- Add a weak runtime dependency on `polkit` (bsc#1259071).
- systemd-update-helper: fix the clean-state command only removing `$STATE_DIR/system` instead of `$STATE_DIR/`.
- systemd-update-helper: add `--root` option for testing convenience.
- systemd-update-helper: fix incorrect skipping of `systemctl disable` during package removal (bsc#1245551).
- systemd-update-helper: fix `do_install_units()` incorrectly returning 1 when no units need preset.
- systemd.spec: introduce `%bcond_without` docs to allow skipping man pages and `devel-doc`.
- systemd.spec: drop the `%{release}` number from the SBAT version (bsc#1251948).
-----------------------------------------------------------------
Advisory ID: 1157
Released: Fri Jul 3 15:19:16 2026
Summary: Security update for glibc
Type: security
Severity: moderate
References: 1263656,1263658,CVE-2026-5435,CVE-2026-6238
This update for glibc fixes the following issues
- CVE-2026-5435: unchecked buffer writing in TSIG handling can lead to an out-of-bounds write (bsc#1263656).
- CVE-2026-6238: insufficient RDATA length validation can lead to application crashes or uninitialized memory disclosure
(bsc#1263658).
The following package changes have been done:
- glibc-2.40-160000.6.1 updated
- libudev1-257.13-160000.2.1 updated
- libsystemd0-257.13-160000.2.1 updated
- systemd-257.13-160000.2.1 updated
- udev-257.13-160000.2.1 updated
- glibc-gconv-modules-extra-2.40-160000.6.1 updated
- glibc-locale-base-2.40-160000.6.1 updated
- container:suse-sl-micro-6.2-baremetal-os-container-latest-dfdc712cf93100a930a2bb1831f17d9022f041496bd6e585d6b00849e21502b0-0 updated
More information about the sle-container-updates
mailing list