SUSE-IU-2026:5023-1: Security update of suse/sl-micro/6.2/base-os-container

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Thu Jun 25 08:01:37 UTC 2026


SUSE Image Update Advisory: suse/sl-micro/6.2/base-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2026:5023-1
Image Tags        : suse/sl-micro/6.2/base-os-container:2.3.1 , suse/sl-micro/6.2/base-os-container:2.3.1-8.17 , suse/sl-micro/6.2/base-os-container:latest
Image Release     : 8.17
Severity          : important
Type              : security
References        : 1245524 1262693 1268322 CVE-2026-41990 CVE-2026-6893 
-----------------------------------------------------------------

The container suse/sl-micro/6.2/base-os-container was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: 1060
Released:    Wed Jun 24 23:36:29 2026
Summary:     Security update for libgcrypt
Type:        security
Severity:    low
References:  1262693,CVE-2026-41990
This update for libgcrypt fixes the following issue

- CVE-2026-41990: lack of bound check can lead to mishandling of Dilithium signing (bsc#1262693).

-----------------------------------------------------------------
Advisory ID: 1067
Released:    Wed Jun 24 23:37:46 2026
Summary:     Security update for dracut
Type:        security
Severity:    important
References:  1268322,CVE-2026-6893
This update for dracut fixes the following issue

- CVE-2026-6893: Root code execution via DHCP options command injection (bsc#1268322).

Changes for dracut:

- Update to version 059+suse.722.gdd9d67ff5:
 * fix(network-legacy): sanitize DHCP values in dhclient-script.sh (bsc#1268322, CVE-2026-6893)
 * fix(network-legacy): add input validation to RFC 3442 route parser

-----------------------------------------------------------------
Advisory ID: 1064
Released:    Wed Jun 24 23:38:49 2026
Summary:     Recommended update for pam
Type:        recommended
Severity:    moderate
References:  1245524
This update for pam fixes the following issues:

- pam_mkhomedir: building with vendordir option allows fetching skeleton directory
  from the vendor directory when creating the user home directory (bsc#1245524)
- disable unix_chkpwd by default, only used as fallback again
- pam_modutil_get*: overwrite password at free

-----------------------------------------------------------------
Advisory ID: 1065
Released:    Wed Jun 24 23:52:58 2026
Summary:     Recommended update for glib2
Type:        recommended
Severity:    moderate
References:  
This update for glib2 fixes the following issues:

- Install the /usr/share/applications/gnome-mimeapps.list symlink
  from the package instead of creating it from systemd-tmpfiles
  since /usr is mounted read-only in immutble systems.
    * This forces to also install an empty file as the symlink target.
- Use systemd-tmpfiles to create the default mimeapps lists instead
  of writing to /var in %post to fix immutable systems (jsc#PED-14839)


The following package changes have been done:

- libgcrypt20-1.12.1-160000.2.1 updated
- pam-1.7.1-160000.4.1 updated
- pam-extra-1.7.1-160000.4.1 updated
- dracut-059+suse.722.gdd9d67ff5-160000.1.1 updated
- libglib-2_0-0-2.84.4-160000.3.1 updated
- libgobject-2_0-0-2.84.4-160000.3.1 updated
- libgmodule-2_0-0-2.84.4-160000.3.1 updated
- libgio-2_0-0-2.84.4-160000.3.1 updated
- glib2-tools-2.84.4-160000.3.1 updated


More information about the sle-container-updates mailing list