SUSE-IU-2026:4253-1: Security update of suse/sl-micro/6.1/baremetal-os-container

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Sat Jun 6 07:43:09 UTC 2026 

SUSE Image Update Advisory: suse/sl-micro/6.1/baremetal-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2026:4253-1
Image Tags        : suse/sl-micro/6.1/baremetal-os-container:2.2.1 , suse/sl-micro/6.1/baremetal-os-container:2.2.1-7.116 , suse/sl-micro/6.1/baremetal-os-container:latest
Image Release     : 7.116
Severity          : moderate
Type              : security
References        : 1117217 1237543 1267212 CVE-2025-0838 
-----------------------------------------------------------------

The container suse/sl-micro/6.1/baremetal-os-container was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: 565
Released:    Thu Jun  4 15:00:55 2026
Summary:     Security update for rpcbind
Type:        security
Severity:    moderate
References:  1117217,1237543,1267212,CVE-2025-0838
This update for rpcbind fixes the following issues
  
Update to rpcbind 1.2.9:

Security issue:

- Fix several memory leaks and buffer overflows (bsc#1267212).

Non security issue:

- rpcbind fails to start (tumbleweed snapshot 20181120) (bsc#1117217).

Changes:

 * rpcinfo: stack buffer overflow in rpcinfo rpcbaddrlist()
 * rpcbind: Stop unauthenticated oversized allocation in PMAPPROC_CALLIT decode
 * rpcbind: fix memory leak in read_warmstart()
 * rpcbind: fix memory leaks in network_init()
 * rpcbind: fix memory leak in init_transport()
 * Added -v (print version and compile flags)
 * rpcinfo: Removed a number of 'old-style function definition' warnings
 * man/rpcbind: Update list of options
 * Comment out ListenStream=@/run/rpcbind.sock
 * [nfs/nfs-utils/rpcbind] rpcbind: avoid dereferencing NULL from realloc()
 * systemd/rpcbind.service.in: Add various hardenings options
 * man/rpcbind: Add Files section to manpage
 * Moved rpcbind.lock and default configs to /run instead of /var/run
 * rpcinfo: try connecting using abstract address
 * Listen on an AF_UNIX abstract address if supported
 * autotools/systemd: call rpcbind with -w only on enabled warm starts
 * rpcbind: fix double free in init_transport


The following package changes have been done:

- rpcbind-1.2.9-slfo.1.1_1.1 updated

More information about the sle-container-updates mailing list