SUSE-CU-2026:6393-1: Security update of suse/manager/4.3/proxy-httpd

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Thu Jun 25 08:45:43 UTC 2026


SUSE Container Update Advisory: suse/manager/4.3/proxy-httpd
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2026:6393-1
Container Tags        : suse/manager/4.3/proxy-httpd:4.3.18 , suse/manager/4.3/proxy-httpd:4.3.18.9.79.10 , suse/manager/4.3/proxy-httpd:latest
Container Release     : 9.79.10
Severity              : important
Type                  : security
References            : 1248586 1254670 1254670 1259619 1268012 1268013 CVE-2025-70873
                        CVE-2025-7709 CVE-2025-7709 CVE-2026-11822 CVE-2026-11824 
-----------------------------------------------------------------

The container suse/manager/4.3/proxy-httpd was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:432-1
Released:    Wed Feb 11 10:11:56 2026
Summary:     Security update for sqlite3
Type:        security
Severity:    moderate
References:  1248586,1254670,CVE-2025-7709
This update for sqlite3 fixes the following issues:

- Update to v3.51.2:
- CVE-2025-7709: Fixed an integer overflow in the FTS5 extension. (bsc#1254670)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:1065-1
Released:    Thu Mar 26 11:38:12 2026
Summary:     Security update for sqlite3
Type:        security
Severity:    moderate
References:  1254670,1259619,CVE-2025-70873,CVE-2025-7709
This update for sqlite3 fixes the following issues:

Update sqlite3 to 3.51.3:

- CVE-2025-7709: Integer Overflow in FTS5 Extension (bsc#1254670).
- CVE-2025-70873: SQLite zipfile extension may disclose uninitialized heap memory during inflation (bsc#1259619).

Changelog:

 * Fix the WAL-reset database corruption bug:
   https://sqlite.org/wal.html#walresetbug

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:2528-1
Released:    Tue Jun 23 11:06:07 2026
Summary:     Security update for sqlite3
Type:        security
Severity:    important
References:  1268012,1268013,CVE-2026-11822,CVE-2026-11824
This update for sqlite3 fixes the following issues

Update to 3.53.2:

- CVE-2026-11822: memory corruption vulnerabilities in the FTS5 full-text search extension that allow attackers to cause
  process crashes, memory exhaustion, or arbitrary code execution (bsc#1268012).
- CVE-2026-11824: heap-based buffer overflow vulnerability in the FTS5 full-text search extension that allows attackers
  to cause a crash or execute arbitrary code (bsc#1268013).


The following package changes have been done:

- libsqlite3-0-3.53.2-150000.3.42.1 updated
- container:sles15-ltss-image-15.4.0-6.27 updated


More information about the sle-container-updates mailing list