SUSE-IU-2026:4969-1: Security update of suse/sl-micro/6.2/kvm-os-container
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Tue Jun 23 07:19:07 UTC 2026
SUSE Image Update Advisory: suse/sl-micro/6.2/kvm-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2026:4969-1
Image Tags : suse/sl-micro/6.2/kvm-os-container:2.3.1 , suse/sl-micro/6.2/kvm-os-container:2.3.1-8.21 , suse/sl-micro/6.2/kvm-os-container:latest
Image Release : 8.21
Severity : important
Type : security
References : 1257055 1259652 1261606 1262144 1263366 1263367 1266340 1266341
1266342 1266344 1266345 1266347 1266349 1266350 1266351 1266352
1266353 1266355 1266356 1266357 CVE-2026-2673 CVE-2026-27456
CVE-2026-34180 CVE-2026-34182 CVE-2026-34183 CVE-2026-40355 CVE-2026-40356
CVE-2026-42764 CVE-2026-42766 CVE-2026-42767 CVE-2026-42768 CVE-2026-42769
CVE-2026-42770 CVE-2026-45445 CVE-2026-45446 CVE-2026-45447 CVE-2026-5958
CVE-2026-7383 CVE-2026-9076
-----------------------------------------------------------------
The container suse/sl-micro/6.2/kvm-os-container was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: 1017
Released: Mon Jun 22 14:26:17 2026
Summary: Security update for openssl-3
Type: security
Severity: important
References: 1259652,1266340,1266341,1266342,1266344,1266345,1266347,1266349,1266350,1266351,1266352,1266353,1266355,1266356,1266357,CVE-2026-2673,CVE-2026-34180,CVE-2026-34182,CVE-2026-34183,CVE-2026-42764,CVE-2026-42766,CVE-2026-42767,CVE-2026-42768,CVE-2026-42769,CVE-2026-42770,CVE-2026-45445,CVE-2026-45446,CVE-2026-45447,CVE-2026-7383,CVE-2026-9076
This update for openssl-3 fixes the following issues
- CVE-2026-2673: TLS 1.3 servers may choose unexpected key agreement group (bsc#1259652).
- CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion (bsc#1266340).
- CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption (bsc#1266341).
- CVE-2026-34180: Heap Buffer Over-read in ASN.1 Content Parsing (bsc#1266342).
- CVE-2026-34182: CMS AuthEnvelopedData Processing May Accept Forged Messages (bsc#1266344).
- CVE-2026-34183: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler (bsc#1266345).
- CVE-2026-42764: NULL pointer dereference in QUIC server initial packet handling (bsc#1266347).
- CVE-2026-42766: Possible NULL Dereference in Password-Based CMS Decryption (bsc#1266349).
- CVE-2026-42767: NULL Pointer Dereference in CRMF EncryptedValue Decryption (bsc#1266350).
- CVE-2026-42768: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt() (bsc#1266351).
- CVE-2026-42769: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate (bsc#1266352).
- CVE-2026-42770: FFC-DH Peer Validation Uses Attacker-Supplied q (bsc#1266353).
- CVE-2026-45445: AES-OCB IV Ignored on EVP_Cipher() Path (bsc#1266355).
- CVE-2026-45446: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes (bsc#1266356).
- CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7_verify() (bsc#1266357).
-----------------------------------------------------------------
Advisory ID: 1033
Released: Mon Jun 22 16:30:37 2026
Summary: Security update for krb5
Type: security
Severity: moderate
References: 1263366,1263367,CVE-2026-40355,CVE-2026-40356
This update for krb5 fixes the following issues
- CVE-2026-40355: Denial of Service via NULL pointer dereference in NegoEx mechanism (bsc#1263366).
- CVE-2026-40356: Denial of Service via integer underflow and out-of-bounds read (bsc#1263367).
-----------------------------------------------------------------
Advisory ID: 1036
Released: Mon Jun 22 16:30:37 2026
Summary: Security update for sed
Type: security
Severity: moderate
References: 1262144,CVE-2026-5958
This update for sed fixes the following issue
- CVE-2026-5958: a TOCTOU race can allow to read attacker-controlled content and write it to an unintended file
(bsc#1262144).
-----------------------------------------------------------------
Advisory ID: 1040
Released: Mon Jun 22 16:34:40 2026
Summary: Security update for util-linux
Type: security
Severity: moderate
References: 1261606,CVE-2026-27456
This update for util-linux fixes the following issue
- CVE-2026-27456: TOCTOU in the mount program when setting up loop devices (bsc#1261606).
-----------------------------------------------------------------
Advisory ID: 1047
Released: Mon Jun 22 17:08:34 2026
Summary: Recommended update for suse-module-tools
Type: recommended
Severity: moderate
References: 1257055
This update for suse-module-tools fixes the following issues:
- Update to version 16.0.65:
* Remove erofs from the list of blacklisted file systems (jsc#PED-14573)
* weak-modules2: don't remove symlinks in the rpm --reinstall case (bsc#1257055)
The following package changes have been done:
- libuuid1-2.41.1-160000.4.1 updated
- libsmartcols1-2.41.1-160000.4.1 updated
- liblastlog2-2-2.41.1-160000.4.1 updated
- libblkid1-2.41.1-160000.4.1 updated
- sed-4.9-160000.3.1 updated
- libmount1-2.41.1-160000.4.1 updated
- libfdisk1-2.41.1-160000.4.1 updated
- libopenssl3-3.5.0-160000.8.1 updated
- util-linux-2.41.1-160000.4.1 updated
- util-linux-systemd-2.41.1-160000.4.1 updated
- suse-module-tools-16.0.65-160000.1.1 updated
- suse-module-tools-scriptlets-16.0.65-160000.1.1 updated
- krb5-1.21.3-160000.3.1 updated
- container:suse-sl-micro-6.2-base-os-container-latest-bdeb35c74f784c0949737c967de685b6cb91178f9ea8798bf1f8a20ecbbbe8fe-0 updated
More information about the sle-container-updates
mailing list