SUSE-IU-2026:5015-1: Security update of suse/sl-micro/6.2/baremetal-os-container
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Thu Jun 25 07:55:29 UTC 2026
SUSE Image Update Advisory: suse/sl-micro/6.2/baremetal-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2026:5015-1
Image Tags : suse/sl-micro/6.2/baremetal-os-container:2.3.1 , suse/sl-micro/6.2/baremetal-os-container:2.3.1-8.24 , suse/sl-micro/6.2/baremetal-os-container:latest
Image Release : 8.24
Severity : moderate
Type : security
References : 1259642 1261441 1264568 CVE-2026-3497 CVE-2026-35388
-----------------------------------------------------------------
The container suse/sl-micro/6.2/baremetal-os-container was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: 1057
Released: Wed Jun 24 17:22:37 2026
Summary: Security update for openssh
Type: security
Severity: moderate
References: 1259642,1261441,1264568,CVE-2026-3497,CVE-2026-35388
This update for openssh fixes the following issues
Security fixes:
- CVE-2026-3497: information disclosure or denial of service due to uninitialized variables (bsc#1259642).
- CVE-2026-35388: omitted connection multiplexing confirmation for proxy-mode multiplexing sessions (bsc#1261441).
- openssh potential security issue when validating mac or ciphers (bsc#1264568).
Other fixes:
- Improve %prep LDAP regex to preserve subdirectories (e.g., openbsd-compat/) and handle optional [ab]/ prefixes.
The following package changes have been done:
- openssh-common-10.0p2-160000.6.1 updated
- openssh-server-10.0p2-160000.6.1 updated
- openssh-clients-10.0p2-160000.6.1 updated
- openssh-10.0p2-160000.6.1 updated
More information about the sle-container-updates
mailing list