SUSE-IU-2026:5516-1: Security update of suse/sl-micro/6.2/baremetal-os-container

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Tue Jul 7 07:32:57 UTC 2026


SUSE Image Update Advisory: suse/sl-micro/6.2/baremetal-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2026:5516-1
Image Tags        : suse/sl-micro/6.2/baremetal-os-container:2.3.1 , suse/sl-micro/6.2/baremetal-os-container:2.3.1-8.43 , suse/sl-micro/6.2/baremetal-os-container:latest
Image Release     : 8.43
Severity          : important
Type              : security
References        : 1262856 1266125 CVE-2025-22869 CVE-2025-47913 CVE-2025-47914
                        CVE-2025-52881 CVE-2025-6032 CVE-2025-9566 CVE-2026-34986 CVE-2026-39827
                        CVE-2026-39828 CVE-2026-39829 CVE-2026-39830 CVE-2026-39831 CVE-2026-39832
                        CVE-2026-39833 CVE-2026-39834 CVE-2026-39835 CVE-2026-42508 CVE-2026-46595
                        CVE-2026-46597 CVE-2026-46598 
-----------------------------------------------------------------

The container suse/sl-micro/6.2/baremetal-os-container was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: 1165
Released:    Mon Jul  6 17:38:19 2026
Summary:     Security update for podman
Type:        security
Severity:    important
References:  1262856,1266125,CVE-2025-22869,CVE-2025-47913,CVE-2025-47914,CVE-2025-52881,CVE-2025-6032,CVE-2025-9566,CVE-2026-34986,CVE-2026-39827,CVE-2026-39828,CVE-2026-39829,CVE-2026-39830,CVE-2026-39831,CVE-2026-39832,CVE-2026-39833,CVE-2026-39834,CVE-2026-39835,CVE-2026-42508,CVE-2026-46595,CVE-2026-46597,CVE-2026-46598
This update for podman fixes the following issues

- CVE-2026-34986: github.com/go-jose/go-jose/v4,github.com/go-jose/go-jose/v3: crafted JWE input with a missing
  encrypted key can lead to a denial of service (bsc#1262856).
- CVE-2026-39827: Invoking memory leak when rejecting channels can lead to DoS in golang.org/x/crypto/ssh (bsc#1266125).
- CVE-2026-39828: Invoking bypass of certificate restrictions in golang.org/x/crypto/ssh (bsc#1266125).
- CVE-2026-39829: Invoking pathological RSA/DSA parameters may cause DoS in golang.org/x/crypto/ssh (bsc#1266125).
- CVE-2026-39830: Invoking client can cause server deadlock on unexpected responses in golang.org/x/crypto/ssh
  (bsc#1266125).
- CVE-2026-39831: Invoking bypass of FIDO/U2F security keys physical interaction in golang.org/x/crypto/ssh
  (bsc#1266125).
- CVE-2026-39832: Invoking agent constraints dropped when forwarding keys in golang.org/x/crypto/ssh/agent
  (bsc#1266125).
- CVE-2026-39833: Invoking key constraints not enforced in golang.org/x/crypto/ssh/agent (bsc#1266125).
- CVE-2026-39834: Invoking infinite loop on large channel writes in golang.org/x/crypto/ssh (bsc#1266125).
- CVE-2026-39835: Invoking server panic during CheckHostKey/Authenticate in golang.org/x/crypto/ssh (bsc#1266125).
- CVE-2026-42508: Invoking auth bypass via unenforced @revoked status in golang.org/x/crypto/ssh/knownhosts
  (bsc#1266125).
- CVE-2026-46595: Invoking VerifiedPublicKeyCallback permissions skip enforcement in golang.org/x/crypto/ssh
  (bsc#1266125).
- CVE-2026-46597: Invoking byte arithmetic causes underflow and panic in golang.org/x/crypto/ssh (bsc#1266125).
- CVE-2026-46598: Invoking pathological inputs can lead to client panic in golang.org/x/crypto/ssh/agent (bsc#1266125).


The following package changes have been done:

- podman-5.4.2-160000.5.1 updated


More information about the sle-container-updates mailing list