SUSE-CU-2026:6783-1: Security update of suse/sl-micro/6.0/toolbox

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Tue Jul 7 07:18:14 UTC 2026


SUSE Container Update Advisory: suse/sl-micro/6.0/toolbox
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2026:6783-1
Container Tags        : suse/sl-micro/6.0/toolbox:13.2 , suse/sl-micro/6.0/toolbox:13.2-9.129 , suse/sl-micro/6.0/toolbox:latest
Container Release     : 9.129
Severity              : moderate
Type                  : security
References            : 1263656 1263658 CVE-2026-5435 CVE-2026-6238 
-----------------------------------------------------------------

The container suse/sl-micro/6.0/toolbox was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: 782
Released:    Mon Jul  6 11:55:13 2026
Summary:     Recommended update for kmod
Type:        recommended
Severity:    moderate
References:  
This update for kmod fixes the following issues:

- Use in-kernel decompression if available (jsc#PED-16303):
    * libkmod:
        + Add a separate function to load the file contents when it's needed.
          When it's not needed on the path of loading modules via finit_module(),
          there is no need to mmap the file.
        + Extract 2 functions to handle finit_module vs init_modules differences,
          with a fallback from the former to the latter.
        + Don't only set the type as direct, but also keep track of the compression being used.
        + When creating the context, read /sys/kernel/compression to check
          what's the compression type supported by the kernel.
        + Use kernel decompression when available
        + add fallback MODULE_INIT_COMPRESSED_FILE define

-----------------------------------------------------------------
Advisory ID: 784
Released:    Mon Jul  6 15:38:37 2026
Summary:     Security update for glibc
Type:        security
Severity:    moderate
References:  1263656,1263658,CVE-2026-5435,CVE-2026-6238
This update for glibc fixes the following issues

- CVE-2026-5435: unchecked buffer writing in TSIG handling can lead to an out-of-bounds write (bsc#1263656).
- CVE-2026-6238: insufficient RDATA length validation can lead to application crashes or uninitialized memory disclosure
  (bsc#1263658).


The following package changes have been done:

- SL-Micro-release-6.0-25.106 updated
- glibc-locale-base-2.38-14.1 updated
- glibc-locale-2.38-14.1 updated
- glibc-2.38-14.1 updated
- libkmod2-30-12.1 updated
- skelcd-EULA-SL-Micro-2024.01.19-8.105 updated


More information about the sle-container-updates mailing list