SUSE-IU-2026:5036-1: Security update of suse/sl-micro/6.2/rt-os-container

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Thu Jun 25 08:12:54 UTC 2026


SUSE Image Update Advisory: suse/sl-micro/6.2/rt-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2026:5036-1
Image Tags        : suse/sl-micro/6.2/rt-os-container:2.3.1 , suse/sl-micro/6.2/rt-os-container:2.3.1-7.25 , suse/sl-micro/6.2/rt-os-container:latest
Image Release     : 7.25
Severity          : important
Type              : security
References        : 1257055 1259652 1261606 1262144 1263366 1263367 1266340 1266341
                        1266342 1266344 1266345 1266347 1266349 1266350 1266351 1266352
                        1266353 1266355 1266356 1266357 CVE-2026-2673 CVE-2026-27456
                        CVE-2026-34180 CVE-2026-34182 CVE-2026-34183 CVE-2026-40355 CVE-2026-40356
                        CVE-2026-42764 CVE-2026-42766 CVE-2026-42767 CVE-2026-42768 CVE-2026-42769
                        CVE-2026-42770 CVE-2026-45445 CVE-2026-45446 CVE-2026-45447 CVE-2026-5958
                        CVE-2026-7383 CVE-2026-9076 
-----------------------------------------------------------------

The container suse/sl-micro/6.2/rt-os-container was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: 1017
Released:    Mon Jun 22 14:26:17 2026
Summary:     Security update for openssl-3
Type:        security
Severity:    important
References:  1259652,1266340,1266341,1266342,1266344,1266345,1266347,1266349,1266350,1266351,1266352,1266353,1266355,1266356,1266357,CVE-2026-2673,CVE-2026-34180,CVE-2026-34182,CVE-2026-34183,CVE-2026-42764,CVE-2026-42766,CVE-2026-42767,CVE-2026-42768,CVE-2026-42769,CVE-2026-42770,CVE-2026-45445,CVE-2026-45446,CVE-2026-45447,CVE-2026-7383,CVE-2026-9076
This update for openssl-3 fixes the following issues

- CVE-2026-2673: TLS 1.3 servers may choose unexpected key agreement group (bsc#1259652).
- CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion (bsc#1266340).
- CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption (bsc#1266341).
- CVE-2026-34180: Heap Buffer Over-read in ASN.1 Content Parsing (bsc#1266342).
- CVE-2026-34182: CMS AuthEnvelopedData Processing May Accept Forged Messages (bsc#1266344).
- CVE-2026-34183: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler (bsc#1266345).
- CVE-2026-42764: NULL pointer dereference in QUIC server initial packet handling (bsc#1266347).
- CVE-2026-42766: Possible NULL Dereference in Password-Based CMS Decryption (bsc#1266349).
- CVE-2026-42767: NULL Pointer Dereference in CRMF EncryptedValue Decryption (bsc#1266350).
- CVE-2026-42768: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt() (bsc#1266351).
- CVE-2026-42769: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate (bsc#1266352).
- CVE-2026-42770: FFC-DH Peer Validation Uses Attacker-Supplied q (bsc#1266353).
- CVE-2026-45445: AES-OCB IV Ignored on EVP_Cipher() Path (bsc#1266355).
- CVE-2026-45446: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes (bsc#1266356).
- CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7_verify() (bsc#1266357).

-----------------------------------------------------------------
Advisory ID: 1036
Released:    Mon Jun 22 16:30:37 2026
Summary:     Security update for sed
Type:        security
Severity:    moderate
References:  1262144,CVE-2026-5958
This update for sed fixes the following issue

- CVE-2026-5958: a TOCTOU race can allow to read attacker-controlled content and write it to an unintended file
  (bsc#1262144).

-----------------------------------------------------------------
Advisory ID: 1033
Released:    Mon Jun 22 16:30:37 2026
Summary:     Security update for krb5
Type:        security
Severity:    moderate
References:  1263366,1263367,CVE-2026-40355,CVE-2026-40356
This update for krb5 fixes the following issues

- CVE-2026-40355: Denial of Service via NULL pointer dereference in NegoEx mechanism (bsc#1263366).
- CVE-2026-40356: Denial of Service via integer underflow and out-of-bounds read (bsc#1263367).

-----------------------------------------------------------------
Advisory ID: 1040
Released:    Mon Jun 22 16:34:40 2026
Summary:     Security update for util-linux
Type:        security
Severity:    moderate
References:  1261606,CVE-2026-27456
This update for util-linux fixes the following issue

- CVE-2026-27456: TOCTOU in the mount program when setting up loop devices (bsc#1261606).

-----------------------------------------------------------------
Advisory ID: 1047
Released:    Mon Jun 22 17:08:34 2026
Summary:     Recommended update for suse-module-tools
Type:        recommended
Severity:    moderate
References:  1257055
This update for suse-module-tools fixes the following issues:

- Update to version 16.0.65:
    * Remove erofs from the list of blacklisted file systems (jsc#PED-14573)
    * weak-modules2: don't remove symlinks in the rpm --reinstall case (bsc#1257055)


The following package changes have been done:

- libuuid1-2.41.1-160000.4.1 updated
- libsmartcols1-2.41.1-160000.4.1 updated
- liblastlog2-2-2.41.1-160000.4.1 updated
- libblkid1-2.41.1-160000.4.1 updated
- sed-4.9-160000.3.1 updated
- libmount1-2.41.1-160000.4.1 updated
- libfdisk1-2.41.1-160000.4.1 updated
- libopenssl3-3.5.0-160000.8.1 updated
- util-linux-2.41.1-160000.4.1 updated
- util-linux-systemd-2.41.1-160000.4.1 updated
- suse-module-tools-16.0.65-160000.1.1 updated
- suse-module-tools-scriptlets-16.0.65-160000.1.1 updated
- krb5-1.21.3-160000.3.1 updated
- container:suse-sl-micro-6.2-baremetal-os-container-latest-acb7e7a6e97826684963c51689e6c35f1116359c9a25d751487fe76582553446-0 updated


More information about the sle-container-updates mailing list