SUSE-CU-2026:6441-1: Security update of suse/manager/4.3/proxy-tftpd
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Fri Jun 26 07:59:26 UTC 2026
SUSE Container Update Advisory: suse/manager/4.3/proxy-tftpd
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2026:6441-1
Container Tags : suse/manager/4.3/proxy-tftpd:4.3.18 , suse/manager/4.3/proxy-tftpd:4.3.18.9.69.9 , suse/manager/4.3/proxy-tftpd:latest
Container Release : 9.69.9
Severity : important
Type : security
References : 1248586 1254670 1254670 1259619 1268012 1268013 CVE-2025-70873
CVE-2025-7709 CVE-2025-7709 CVE-2026-11822 CVE-2026-11824
-----------------------------------------------------------------
The container suse/manager/4.3/proxy-tftpd was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:432-1
Released: Wed Feb 11 10:11:56 2026
Summary: Security update for sqlite3
Type: security
Severity: moderate
References: 1248586,1254670,CVE-2025-7709
This update for sqlite3 fixes the following issues:
- Update to v3.51.2:
- CVE-2025-7709: Fixed an integer overflow in the FTS5 extension. (bsc#1254670)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:1065-1
Released: Thu Mar 26 11:38:12 2026
Summary: Security update for sqlite3
Type: security
Severity: moderate
References: 1254670,1259619,CVE-2025-70873,CVE-2025-7709
This update for sqlite3 fixes the following issues:
Update sqlite3 to 3.51.3:
- CVE-2025-7709: Integer Overflow in FTS5 Extension (bsc#1254670).
- CVE-2025-70873: SQLite zipfile extension may disclose uninitialized heap memory during inflation (bsc#1259619).
Changelog:
* Fix the WAL-reset database corruption bug:
https://sqlite.org/wal.html#walresetbug
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:2528-1
Released: Tue Jun 23 11:06:07 2026
Summary: Security update for sqlite3
Type: security
Severity: important
References: 1268012,1268013,CVE-2026-11822,CVE-2026-11824
This update for sqlite3 fixes the following issues
Update to 3.53.2:
- CVE-2026-11822: memory corruption vulnerabilities in the FTS5 full-text search extension that allow attackers to cause
process crashes, memory exhaustion, or arbitrary code execution (bsc#1268012).
- CVE-2026-11824: heap-based buffer overflow vulnerability in the FTS5 full-text search extension that allows attackers
to cause a crash or execute arbitrary code (bsc#1268013).
The following package changes have been done:
- libsqlite3-0-3.53.2-150000.3.42.1 updated
- container:sles15-ltss-image-15.4.0-6.27 updated
More information about the sle-container-updates
mailing list