SUSE-IU-2026:5017-1: Security update of suse/sl-micro/6.2/baremetal-os-container
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Thu Jun 25 07:55:33 UTC 2026
SUSE Image Update Advisory: suse/sl-micro/6.2/baremetal-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2026:5017-1
Image Tags : suse/sl-micro/6.2/baremetal-os-container:2.3.1 , suse/sl-micro/6.2/baremetal-os-container:2.3.1-8.26 , suse/sl-micro/6.2/baremetal-os-container:latest
Image Release : 8.26
Severity : important
Type : security
References : 1245524 1262693 1268322 CVE-2026-41990 CVE-2026-6893
-----------------------------------------------------------------
The container suse/sl-micro/6.2/baremetal-os-container was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: 1060
Released: Wed Jun 24 23:36:29 2026
Summary: Security update for libgcrypt
Type: security
Severity: low
References: 1262693,CVE-2026-41990
This update for libgcrypt fixes the following issue
- CVE-2026-41990: lack of bound check can lead to mishandling of Dilithium signing (bsc#1262693).
-----------------------------------------------------------------
Advisory ID: 1067
Released: Wed Jun 24 23:37:46 2026
Summary: Security update for dracut
Type: security
Severity: important
References: 1268322,CVE-2026-6893
This update for dracut fixes the following issue
- CVE-2026-6893: Root code execution via DHCP options command injection (bsc#1268322).
Changes for dracut:
- Update to version 059+suse.722.gdd9d67ff5:
* fix(network-legacy): sanitize DHCP values in dhclient-script.sh (bsc#1268322, CVE-2026-6893)
* fix(network-legacy): add input validation to RFC 3442 route parser
-----------------------------------------------------------------
Advisory ID: 1064
Released: Wed Jun 24 23:38:49 2026
Summary: Recommended update for pam
Type: recommended
Severity: moderate
References: 1245524
This update for pam fixes the following issues:
- pam_mkhomedir: building with vendordir option allows fetching skeleton directory
from the vendor directory when creating the user home directory (bsc#1245524)
- disable unix_chkpwd by default, only used as fallback again
- pam_modutil_get*: overwrite password at free
-----------------------------------------------------------------
Advisory ID: 1065
Released: Wed Jun 24 23:52:58 2026
Summary: Recommended update for glib2
Type: recommended
Severity: moderate
References:
This update for glib2 fixes the following issues:
- Install the /usr/share/applications/gnome-mimeapps.list symlink
from the package instead of creating it from systemd-tmpfiles
since /usr is mounted read-only in immutble systems.
* This forces to also install an empty file as the symlink target.
- Use systemd-tmpfiles to create the default mimeapps lists instead
of writing to /var in %post to fix immutable systems (jsc#PED-14839)
The following package changes have been done:
- libgcrypt20-1.12.1-160000.2.1 updated
- pam-1.7.1-160000.4.1 updated
- pam-extra-1.7.1-160000.4.1 updated
- dracut-059+suse.722.gdd9d67ff5-160000.1.1 updated
- libglib-2_0-0-2.84.4-160000.3.1 updated
- libgobject-2_0-0-2.84.4-160000.3.1 updated
- libgmodule-2_0-0-2.84.4-160000.3.1 updated
- libgio-2_0-0-2.84.4-160000.3.1 updated
- glib2-tools-2.84.4-160000.3.1 updated
- container:suse-sl-micro-6.2-base-os-container-latest-1c03de53691ce2124048c32a897d811f6b92a9420350210372df3ea8a9b27993-0 updated
More information about the sle-container-updates
mailing list