SUSE-CU-2026:6390-1: Security update of suse/sles/16.0/toolbox

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Thu Jun 25 08:42:52 UTC 2026


SUSE Container Update Advisory: suse/sles/16.0/toolbox
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2026:6390-1
Container Tags        : suse/sles/16.0/toolbox:16.3 , suse/sles/16.0/toolbox:16.3-1.86 , suse/sles/16.0/toolbox:latest
Container Release     : 1.86
Severity              : moderate
Type                  : security
References            : 1245524 1256709 1257383 1258069 1259520 1262693 CVE-2026-41990
-----------------------------------------------------------------

The container suse/sles/16.0/toolbox was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: 1060
Released:    Wed Jun 24 23:36:29 2026
Summary:     Security update for libgcrypt
Type:        security
Severity:    low
References:  1262693,CVE-2026-41990
This update for libgcrypt fixes the following issue

- CVE-2026-41990: lack of bound check can lead to mishandling of Dilithium signing (bsc#1262693).

-----------------------------------------------------------------
Advisory ID: 1063
Released:    Wed Jun 24 23:37:46 2026
Summary:     Recommended update for supportutils
Type:        recommended
Severity:    moderate
References:  1256709,1257383,1258069,1259520
This update for supportutils fixes the following issues:

- Changes to version 3.2.14:
    * Integrates supportutils-scrub for data obfuscation, use -j (PED-7324, bsc#1259520)
    * Santize env.txt
    * ha.txt: Collect hacluster passwd entry
    * Added systemd cat unit.service output
    * Added softirqs to proc (bsc#1258069)
    * Check for /usr/lib/pam.d
    * Ignore deprecated crash variable message
    * Update supportconfig with note about bpftool
    * Added /boot/grub2/grubenv (bsc#1257383)
    * Verify procps pkg
- scplugin.rc is restored in package 3.2.12.1 for continued compatibility.
   There is no furture development for scplugin.rc. Use supportconfig.rc.
   Package version 3.2.12.2 does not have scplugin.rc. (bsc#1256709)

-----------------------------------------------------------------
Advisory ID: 1064
Released:    Wed Jun 24 23:38:49 2026
Summary:     Recommended update for pam
Type:        recommended
Severity:    moderate
References:  1245524
This update for pam fixes the following issues:

- pam_mkhomedir: building with vendordir option allows fetching skeleton directory
  from the vendor directory when creating the user home directory (bsc#1245524)
- disable unix_chkpwd by default, only used as fallback again
- pam_modutil_get*: overwrite password at free

-----------------------------------------------------------------
Advisory ID: 1065
Released:    Wed Jun 24 23:52:58 2026
Summary:     Recommended update for glib2
Type:        recommended
Severity:    moderate
References:  
This update for glib2 fixes the following issues:

- Install the /usr/share/applications/gnome-mimeapps.list symlink
  from the package instead of creating it from systemd-tmpfiles
  since /usr is mounted read-only in immutble systems.
    * This forces to also install an empty file as the symlink target.
- Use systemd-tmpfiles to create the default mimeapps lists instead
  of writing to /var in %post to fix immutable systems (jsc#PED-14839)


The following package changes have been done:

- libgcrypt20-1.12.1-160000.2.1 updated
- libglib-2_0-0-2.84.4-160000.3.1 updated
- libgmodule-2_0-0-2.84.4-160000.3.1 updated
- pam-1.7.1-160000.4.1 updated
- supportutils-3.2.14.2-160000.1.1 updated


More information about the sle-container-updates mailing list