From sle-container-updates at lists.suse.com Tue Mar 3 08:06:10 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Tue, 3 Mar 2026 09:06:10 +0100 (CET) Subject: SUSE-IU-2026:1220-1: Security update of suse/sle-micro/base-5.5 Message-ID: <20260303080611.03929FF04@maintenance.suse.de> SUSE Image Update Advisory: suse/sle-micro/base-5.5 ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1220-1 Image Tags : suse/sle-micro/base-5.5:2.0.4 , suse/sle-micro/base-5.5:2.0.4-5.8.244 , suse/sle-micro/base-5.5:latest Image Release : 5.8.244 Severity : moderate Type : security References : 1240871 1247432 CVE-2024-2312 ----------------------------------------------------------------- The container suse/sle-micro/base-5.5 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2026:741-1 Released: Mon Mar 2 09:11:04 2026 Summary: Security update for shim Type: security Severity: moderate References: 1240871,1247432,CVE-2024-2312 This update for shim fixes the following issues: shim is updated to version 16.1: - shim_start_image(): fix guid/handle pairing when uninstalling protocols - Fix uncompressed ipv6 netboot - fix test segfaults caused by uninitialized memory - SbatLevel_Variable.txt: minor typo fix. - Realloc() needs to allocate one more byte for sprintf() - IPv6: Add more check to avoid multiple double colon and illegal char - Loader proto v2 - loader-protocol: add workaround for EDK2 2025.02 page fault on FreePages - Generate Authenticode for the entire PE file - README: mention new loader protocol and interaction with UKIs - shim: change automatically enable MOK_POLICY_REQUIRE_NX - Save var info - add SbatLevel entry 2025051000 for PSA-2025-00012-1 - Coverity fixes 20250804 - fix http boot - Fix double free and leak in the loader protocol shim is updated to version 16.0: - Validate that a supplied vendor cert is not in PEM format - sbat: Add grub.peimage,2 to latest (CVE-2024-2312) - sbat: Also bump latest for grub,4 (and to todays date) - undo change that limits certificate files to a single file - shim: don't set second_stage to the empty string - Fix SBAT.md for today's consensus about numbers - Update Code of Conduct contact address - make-certs: Handle missing OpenSSL installation - Update MokVars.txt - export DEFINES for sub makefile - Drop unused EFI_IMAGE_SECURITY_DATABASE_GUID definition - Null-terminate 'arguments' in fallback - Fix 'Verifiying' typo in error message - Update Fedora CI targets - Force gcc to produce DWARF4 so that gdb can use it - Minor housekeeping 2024121700 - Discard load-options that start with WINDOWS - Fix the issue that the gBS->LoadImage pointer was empty. - shim: Allow data after the end of device path node in load options - Handle network file not found like disks - Update gnu-efi submodule for EFI_HTTP_ERROR - Increase EFI file alignment - avoid EFIv2 runtime services on Apple x86 machines - Improve shortcut performance when comparing two boolean expressions - Provide better error message when MokManager is not found - tpm: Boot with a warning if the event log is full - MokManager: remove redundant logical constraints - Test import_mok_state() when MokListRT would be bigger than available size - test-mok-mirror: minor bug fix - Fix file system browser hang when enrolling MOK from disk - Ignore a minor clang-tidy nit - Allow fallback to default loader when encountering errors on network boot - test.mk: don't use a temporary random.bin - pe: Enhance debug report for update_mem_attrs - Multiple certificate handling improvements - Generate SbatLevel Metadata from SbatLevel_Variable.txt - Apply EKU check with compile option - Add configuration option to boot an alternative 2nd stage - Loader protocol (with Device Path resolution support) - netboot cleanup for additional files - Document how revocations can be delivered - post-process-pe: add tests to validate NX compliance - regression: CopyMem() in ad8692e copies out of bounds - Save the debug and error logs in mok-variables - Add features for the Host Security ID program - Mirror some more efi variables to mok-variables - This adds DXE Services measurements to HSI and uses them for NX - Add shim's current NX_COMPAT status to HSIStatus - README.tpm: reflect that vendor_db is in fact logged as 'vendor_db' - Reject HTTP message with duplicate Content-Length header fields - Disable log saving - fallback: don't add new boot order entries backwards - README.tpm: Update MokList entry to MokListRT - SBAT Level update for February 2025 GRUB CVEs The following package changes have been done: - shim-16.1-150300.4.31.3 updated From sle-container-updates at lists.suse.com Tue Mar 3 08:19:14 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Tue, 3 Mar 2026 09:19:14 +0100 (CET) Subject: SUSE-IU-2026:1226-1: Security update of suse/sl-micro/6.1/baremetal-os-container Message-ID: <20260303081914.AC1B2FB9A@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.1/baremetal-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1226-1 Image Tags : suse/sl-micro/6.1/baremetal-os-container:2.2.1 , suse/sl-micro/6.1/baremetal-os-container:2.2.1-7.60 , suse/sl-micro/6.1/baremetal-os-container:latest Image Release : 7.60 Severity : important Type : security References : 1240385 1244933 1246965 1256766 1256822 1257005 CVE-2025-15281 CVE-2025-8058 CVE-2026-0861 CVE-2026-0915 ----------------------------------------------------------------- The container suse/sl-micro/6.1/baremetal-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 417 Released: Mon Mar 2 15:52:11 2026 Summary: Security update for glibc Type: security Severity: important References: 1240385,1244933,1246965,1256766,1256822,1257005,CVE-2025-15281,CVE-2025-8058,CVE-2026-0861,CVE-2026-0915 This update for glibc fixes the following issues: - CVE-2026-0861: inadequate size check in the memalign suite may result in an integer overflow (bsc#1256766). - CVE-2026-0915: uninitialized stack buffer used as DNS query name when net==0 in _nss_dns_getnetbyaddr_r (bsc#1256822). - CVE-2025-15281: uninitialized memory may cause the process abort (bsc#1257005). - CVE-2025-8058: a malloc failure in regcomp function can lead to a double free (bsc#1246965). The following package changes have been done: - glibc-2.38-slfo.1.1_6.1 updated - SL-Micro-release-6.1-slfo.1.12.12 updated - glibc-locale-base-2.38-slfo.1.1_6.1 updated - container:SL-Micro-base-container-2.2.1-5.82 updated From sle-container-updates at lists.suse.com Tue Mar 3 08:20:21 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Tue, 3 Mar 2026 09:20:21 +0100 (CET) Subject: SUSE-IU-2026:1227-1: Security update of suse/sl-micro/6.1/base-os-container Message-ID: <20260303082021.16607FB9A@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.1/base-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1227-1 Image Tags : suse/sl-micro/6.1/base-os-container:2.2.1 , suse/sl-micro/6.1/base-os-container:2.2.1-5.82 , suse/sl-micro/6.1/base-os-container:latest Image Release : 5.82 Severity : important Type : security References : 1240385 1244933 1246965 1256766 1256822 1257005 CVE-2025-15281 CVE-2025-8058 CVE-2026-0861 CVE-2026-0915 ----------------------------------------------------------------- The container suse/sl-micro/6.1/base-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 417 Released: Mon Mar 2 15:52:11 2026 Summary: Security update for glibc Type: security Severity: important References: 1240385,1244933,1246965,1256766,1256822,1257005,CVE-2025-15281,CVE-2025-8058,CVE-2026-0861,CVE-2026-0915 This update for glibc fixes the following issues: - CVE-2026-0861: inadequate size check in the memalign suite may result in an integer overflow (bsc#1256766). - CVE-2026-0915: uninitialized stack buffer used as DNS query name when net==0 in _nss_dns_getnetbyaddr_r (bsc#1256822). - CVE-2025-15281: uninitialized memory may cause the process abort (bsc#1257005). - CVE-2025-8058: a malloc failure in regcomp function can lead to a double free (bsc#1246965). The following package changes have been done: - glibc-2.38-slfo.1.1_6.1 updated - SL-Micro-release-6.1-slfo.1.12.12 updated - glibc-locale-base-2.38-slfo.1.1_6.1 updated - container:suse-toolbox-image-1.0.0-5.11 updated From sle-container-updates at lists.suse.com Tue Mar 3 08:21:29 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Tue, 3 Mar 2026 09:21:29 +0100 (CET) Subject: SUSE-IU-2026:1228-1: Security update of suse/sl-micro/6.1/kvm-os-container Message-ID: <20260303082129.9446BFB9A@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.1/kvm-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1228-1 Image Tags : suse/sl-micro/6.1/kvm-os-container:2.2.1 , suse/sl-micro/6.1/kvm-os-container:2.2.1-5.86 , suse/sl-micro/6.1/kvm-os-container:latest Image Release : 5.86 Severity : important Type : security References : 1240385 1244933 1246965 1256766 1256822 1257005 CVE-2025-15281 CVE-2025-8058 CVE-2026-0861 CVE-2026-0915 ----------------------------------------------------------------- The container suse/sl-micro/6.1/kvm-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 417 Released: Mon Mar 2 15:52:11 2026 Summary: Security update for glibc Type: security Severity: important References: 1240385,1244933,1246965,1256766,1256822,1257005,CVE-2025-15281,CVE-2025-8058,CVE-2026-0861,CVE-2026-0915 This update for glibc fixes the following issues: - CVE-2026-0861: inadequate size check in the memalign suite may result in an integer overflow (bsc#1256766). - CVE-2026-0915: uninitialized stack buffer used as DNS query name when net==0 in _nss_dns_getnetbyaddr_r (bsc#1256822). - CVE-2025-15281: uninitialized memory may cause the process abort (bsc#1257005). - CVE-2025-8058: a malloc failure in regcomp function can lead to a double free (bsc#1246965). The following package changes have been done: - glibc-2.38-slfo.1.1_6.1 updated - SL-Micro-release-6.1-slfo.1.12.12 updated - glibc-locale-base-2.38-slfo.1.1_6.1 updated - container:SL-Micro-base-container-2.2.1-5.82 updated From sle-container-updates at lists.suse.com Tue Mar 3 08:22:42 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Tue, 3 Mar 2026 09:22:42 +0100 (CET) Subject: SUSE-IU-2026:1229-1: Security update of suse/sl-micro/6.1/rt-os-container Message-ID: <20260303082242.5AC64FB9A@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.1/rt-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1229-1 Image Tags : suse/sl-micro/6.1/rt-os-container:2.2.1 , suse/sl-micro/6.1/rt-os-container:2.2.1-5.74 , suse/sl-micro/6.1/rt-os-container:latest Image Release : 5.74 Severity : important Type : security References : 1240385 1244933 1246965 1256766 1256822 1257005 CVE-2025-15281 CVE-2025-8058 CVE-2026-0861 CVE-2026-0915 ----------------------------------------------------------------- The container suse/sl-micro/6.1/rt-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 417 Released: Mon Mar 2 15:52:11 2026 Summary: Security update for glibc Type: security Severity: important References: 1240385,1244933,1246965,1256766,1256822,1257005,CVE-2025-15281,CVE-2025-8058,CVE-2026-0861,CVE-2026-0915 This update for glibc fixes the following issues: - CVE-2026-0861: inadequate size check in the memalign suite may result in an integer overflow (bsc#1256766). - CVE-2026-0915: uninitialized stack buffer used as DNS query name when net==0 in _nss_dns_getnetbyaddr_r (bsc#1256822). - CVE-2025-15281: uninitialized memory may cause the process abort (bsc#1257005). - CVE-2025-8058: a malloc failure in regcomp function can lead to a double free (bsc#1246965). The following package changes have been done: - glibc-2.38-slfo.1.1_6.1 updated - SL-Micro-release-6.1-slfo.1.12.12 updated - glibc-locale-base-2.38-slfo.1.1_6.1 updated - container:SL-Micro-container-2.2.1-7.60 updated From sle-container-updates at lists.suse.com Tue Mar 3 08:23:35 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Tue, 3 Mar 2026 09:23:35 +0100 (CET) Subject: SUSE-CU-2026:1288-1: Security update of suse/sl-micro/6.1/baremetal-iso-image Message-ID: <20260303082335.21891FB9A@maintenance.suse.de> SUSE Container Update Advisory: suse/sl-micro/6.1/baremetal-iso-image ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:1288-1 Container Tags : suse/sl-micro/6.1/baremetal-iso-image:2.2.1 , suse/sl-micro/6.1/baremetal-iso-image:2.2.1-5.70 , suse/sl-micro/6.1/baremetal-iso-image:latest Container Release : 5.70 Severity : important Type : security References : 1240385 1244933 1246965 1256766 1256822 1257005 CVE-2025-15281 CVE-2025-8058 CVE-2026-0861 CVE-2026-0915 ----------------------------------------------------------------- The container suse/sl-micro/6.1/baremetal-iso-image was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 417 Released: Mon Mar 2 15:52:11 2026 Summary: Security update for glibc Type: security Severity: important References: 1240385,1244933,1246965,1256766,1256822,1257005,CVE-2025-15281,CVE-2025-8058,CVE-2026-0861,CVE-2026-0915 This update for glibc fixes the following issues: - CVE-2026-0861: inadequate size check in the memalign suite may result in an integer overflow (bsc#1256766). - CVE-2026-0915: uninitialized stack buffer used as DNS query name when net==0 in _nss_dns_getnetbyaddr_r (bsc#1256822). - CVE-2025-15281: uninitialized memory may cause the process abort (bsc#1257005). - CVE-2025-8058: a malloc failure in regcomp function can lead to a double free (bsc#1246965). The following package changes have been done: - glibc-2.38-slfo.1.1_6.1 updated - container:SL-Micro-container-2.2.1-7.60 updated From sle-container-updates at lists.suse.com Tue Mar 3 08:24:30 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Tue, 3 Mar 2026 09:24:30 +0100 (CET) Subject: SUSE-CU-2026:1289-1: Security update of suse/sl-micro/6.1/base-iso-image Message-ID: <20260303082430.0C7D6FB9A@maintenance.suse.de> SUSE Container Update Advisory: suse/sl-micro/6.1/base-iso-image ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:1289-1 Container Tags : suse/sl-micro/6.1/base-iso-image:2.2.1 , suse/sl-micro/6.1/base-iso-image:2.2.1-5.86 , suse/sl-micro/6.1/base-iso-image:latest Container Release : 5.86 Severity : important Type : security References : 1240385 1244933 1246965 1256766 1256822 1257005 CVE-2025-15281 CVE-2025-8058 CVE-2026-0861 CVE-2026-0915 ----------------------------------------------------------------- The container suse/sl-micro/6.1/base-iso-image was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 417 Released: Mon Mar 2 15:52:11 2026 Summary: Security update for glibc Type: security Severity: important References: 1240385,1244933,1246965,1256766,1256822,1257005,CVE-2025-15281,CVE-2025-8058,CVE-2026-0861,CVE-2026-0915 This update for glibc fixes the following issues: - CVE-2026-0861: inadequate size check in the memalign suite may result in an integer overflow (bsc#1256766). - CVE-2026-0915: uninitialized stack buffer used as DNS query name when net==0 in _nss_dns_getnetbyaddr_r (bsc#1256822). - CVE-2025-15281: uninitialized memory may cause the process abort (bsc#1257005). - CVE-2025-8058: a malloc failure in regcomp function can lead to a double free (bsc#1246965). The following package changes have been done: - glibc-2.38-slfo.1.1_6.1 updated - container:SL-Micro-base-container-2.2.1-5.82 updated - container:SL-Micro-container-2.2.1-7.60 updated From sle-container-updates at lists.suse.com Tue Mar 3 08:25:27 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Tue, 3 Mar 2026 09:25:27 +0100 (CET) Subject: SUSE-CU-2026:1290-1: Security update of suse/sl-micro/6.1/kvm-iso-image Message-ID: <20260303082527.EC8FAFB9A@maintenance.suse.de> SUSE Container Update Advisory: suse/sl-micro/6.1/kvm-iso-image ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:1290-1 Container Tags : suse/sl-micro/6.1/kvm-iso-image:2.2.1 , suse/sl-micro/6.1/kvm-iso-image:2.2.1-5.97 , suse/sl-micro/6.1/kvm-iso-image:latest Container Release : 5.97 Severity : important Type : security References : 1240385 1244933 1246965 1256766 1256822 1257005 CVE-2025-15281 CVE-2025-8058 CVE-2026-0861 CVE-2026-0915 ----------------------------------------------------------------- The container suse/sl-micro/6.1/kvm-iso-image was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 417 Released: Mon Mar 2 15:52:11 2026 Summary: Security update for glibc Type: security Severity: important References: 1240385,1244933,1246965,1256766,1256822,1257005,CVE-2025-15281,CVE-2025-8058,CVE-2026-0861,CVE-2026-0915 This update for glibc fixes the following issues: - CVE-2026-0861: inadequate size check in the memalign suite may result in an integer overflow (bsc#1256766). - CVE-2026-0915: uninitialized stack buffer used as DNS query name when net==0 in _nss_dns_getnetbyaddr_r (bsc#1256822). - CVE-2025-15281: uninitialized memory may cause the process abort (bsc#1257005). - CVE-2025-8058: a malloc failure in regcomp function can lead to a double free (bsc#1246965). The following package changes have been done: - glibc-2.38-slfo.1.1_6.1 updated - container:SL-Micro-kvm-container-2.2.1-5.86 updated - container:SL-Micro-container-2.2.1-7.60 updated From sle-container-updates at lists.suse.com Tue Mar 3 08:26:20 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Tue, 3 Mar 2026 09:26:20 +0100 (CET) Subject: SUSE-CU-2026:1291-1: Security update of suse/sl-micro/6.1/rt-iso-image Message-ID: <20260303082620.DCF81FB9A@maintenance.suse.de> SUSE Container Update Advisory: suse/sl-micro/6.1/rt-iso-image ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:1291-1 Container Tags : suse/sl-micro/6.1/rt-iso-image:2.2.1 , suse/sl-micro/6.1/rt-iso-image:2.2.1-5.74 , suse/sl-micro/6.1/rt-iso-image:latest Container Release : 5.74 Severity : important Type : security References : 1240385 1244933 1246965 1256766 1256822 1257005 CVE-2025-15281 CVE-2025-8058 CVE-2026-0861 CVE-2026-0915 ----------------------------------------------------------------- The container suse/sl-micro/6.1/rt-iso-image was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 417 Released: Mon Mar 2 15:52:11 2026 Summary: Security update for glibc Type: security Severity: important References: 1240385,1244933,1246965,1256766,1256822,1257005,CVE-2025-15281,CVE-2025-8058,CVE-2026-0861,CVE-2026-0915 This update for glibc fixes the following issues: - CVE-2026-0861: inadequate size check in the memalign suite may result in an integer overflow (bsc#1256766). - CVE-2026-0915: uninitialized stack buffer used as DNS query name when net==0 in _nss_dns_getnetbyaddr_r (bsc#1256822). - CVE-2025-15281: uninitialized memory may cause the process abort (bsc#1257005). - CVE-2025-8058: a malloc failure in regcomp function can lead to a double free (bsc#1246965). The following package changes have been done: - glibc-2.38-slfo.1.1_6.1 updated - container:SL-Micro-rt-container-2.2.1-5.74 updated - container:SL-Micro-container-2.2.1-7.60 updated From sle-container-updates at lists.suse.com Wed Mar 4 08:05:31 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Wed, 4 Mar 2026 09:05:31 +0100 (CET) Subject: SUSE-IU-2026:1234-1: Security update of suse/sle-micro/base-5.5 Message-ID: <20260304080531.CE39EFF04@maintenance.suse.de> SUSE Image Update Advisory: suse/sle-micro/base-5.5 ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1234-1 Image Tags : suse/sle-micro/base-5.5:2.0.4 , suse/sle-micro/base-5.5:2.0.4-5.8.245 , suse/sle-micro/base-5.5:latest Image Release : 5.8.245 Severity : moderate Type : security References : 1258392 CVE-2026-27171 ----------------------------------------------------------------- The container suse/sle-micro/base-5.5 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2026:783-1 Released: Tue Mar 3 14:36:14 2026 Summary: Security update for zlib Type: security Severity: moderate References: 1258392,CVE-2026-27171 This update for zlib fixes the following issue: - CVE-2026-27171: Fixed infinite loop via the `crc32_combine64` and `crc32_combine_gen64` functions due to missing checks for negative lengths (bsc#1258392). The following package changes have been done: - libz1-1.2.13-150500.4.6.1 updated From sle-container-updates at lists.suse.com Wed Mar 4 08:05:32 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Wed, 4 Mar 2026 09:05:32 +0100 (CET) Subject: SUSE-IU-2026:1235-1: Recommended update of suse/sle-micro/base-5.5 Message-ID: <20260304080532.C0E73FF04@maintenance.suse.de> SUSE Image Update Advisory: suse/sle-micro/base-5.5 ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1235-1 Image Tags : suse/sle-micro/base-5.5:2.0.4 , suse/sle-micro/base-5.5:2.0.4-5.8.246 , suse/sle-micro/base-5.5:latest Image Release : 5.8.246 Severity : moderate Type : recommended References : 1257463 ----------------------------------------------------------------- The container suse/sle-micro/base-5.5 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2026:791-1 Released: Tue Mar 3 16:59:33 2026 Summary: Recommended update for gcc15 Type: recommended Severity: moderate References: 1257463 This update for gcc15 fixes the following issues: - Fix bogus expression simplification (bsc#1257463) The following package changes have been done: - libgcc_s1-15.2.0+git10201-150000.1.9.1 updated - libstdc++6-15.2.0+git10201-150000.1.9.1 updated From sle-container-updates at lists.suse.com Wed Mar 4 08:06:58 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Wed, 4 Mar 2026 09:06:58 +0100 (CET) Subject: SUSE-IU-2026:1236-1: Security update of suse/sle-micro/kvm-5.5 Message-ID: <20260304080658.6B7A1FF04@maintenance.suse.de> SUSE Image Update Advisory: suse/sle-micro/kvm-5.5 ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1236-1 Image Tags : suse/sle-micro/kvm-5.5:2.0.4 , suse/sle-micro/kvm-5.5:2.0.4-3.5.471 , suse/sle-micro/kvm-5.5:latest Image Release : 3.5.471 Severity : moderate Type : security References : 1258392 CVE-2026-27171 ----------------------------------------------------------------- The container suse/sle-micro/kvm-5.5 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2026:783-1 Released: Tue Mar 3 14:36:14 2026 Summary: Security update for zlib Type: security Severity: moderate References: 1258392,CVE-2026-27171 This update for zlib fixes the following issue: - CVE-2026-27171: Fixed infinite loop via the `crc32_combine64` and `crc32_combine_gen64` functions due to missing checks for negative lengths (bsc#1258392). The following package changes have been done: - libz1-1.2.13-150500.4.6.1 updated - container:suse-sle-micro-base-5.5-latest-2.0.4-5.8.245 updated From sle-container-updates at lists.suse.com Wed Mar 4 08:06:59 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Wed, 4 Mar 2026 09:06:59 +0100 (CET) Subject: SUSE-IU-2026:1237-1: Recommended update of suse/sle-micro/kvm-5.5 Message-ID: <20260304080659.5F4AEFF04@maintenance.suse.de> SUSE Image Update Advisory: suse/sle-micro/kvm-5.5 ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1237-1 Image Tags : suse/sle-micro/kvm-5.5:2.0.4 , suse/sle-micro/kvm-5.5:2.0.4-3.5.473 , suse/sle-micro/kvm-5.5:latest Image Release : 3.5.473 Severity : moderate Type : recommended References : 1257463 ----------------------------------------------------------------- The container suse/sle-micro/kvm-5.5 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2026:791-1 Released: Tue Mar 3 16:59:33 2026 Summary: Recommended update for gcc15 Type: recommended Severity: moderate References: 1257463 This update for gcc15 fixes the following issues: - Fix bogus expression simplification (bsc#1257463) The following package changes have been done: - libgcc_s1-15.2.0+git10201-150000.1.9.1 updated - libstdc++6-15.2.0+git10201-150000.1.9.1 updated - container:suse-sle-micro-base-5.5-latest-2.0.4-5.8.246 updated From sle-container-updates at lists.suse.com Wed Mar 4 08:11:23 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Wed, 4 Mar 2026 09:11:23 +0100 (CET) Subject: SUSE-IU-2026:1240-1: Recommended update of suse/sl-micro/6.2/baremetal-os-container Message-ID: <20260304081123.240A2FF04@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.2/baremetal-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1240-1 Image Tags : suse/sl-micro/6.2/baremetal-os-container:2.3.0 , suse/sl-micro/6.2/baremetal-os-container:2.3.0-7.60 , suse/sl-micro/6.2/baremetal-os-container:latest Image Release : 7.60 Severity : moderate Type : recommended References : 1250086 ----------------------------------------------------------------- The container suse/sl-micro/6.2/baremetal-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 341 Released: Tue Mar 3 12:28:18 2026 Summary: Recommended update for NetworkManager Type: recommended Severity: moderate References: 1250086 This update for NetworkManager fixes the following issues: - Move dispatcher.d/pre-up.d/90-nm-cloud-setup.sh to cloud-setup subpackage (bsc#1250086). The following package changes have been done: - NetworkManager-wwan-1.52.0-160000.3.1 updated From sle-container-updates at lists.suse.com Wed Mar 4 08:11:23 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Wed, 4 Mar 2026 09:11:23 +0100 (CET) Subject: SUSE-IU-2026:1241-1: Security update of suse/sl-micro/6.2/baremetal-os-container Message-ID: <20260304081123.EDDBAFF04@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.2/baremetal-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1241-1 Image Tags : suse/sl-micro/6.2/baremetal-os-container:2.3.0 , suse/sl-micro/6.2/baremetal-os-container:2.3.0-7.61 , suse/sl-micro/6.2/baremetal-os-container:latest Image Release : 7.61 Severity : important Type : security References : 1248988 1249154 1252376 1253542 1253993 1254299 1254415 1258022 CVE-2025-22869 CVE-2025-31133 CVE-2025-47913 CVE-2025-47914 CVE-2025-52565 CVE-2025-52881 CVE-2025-6032 CVE-2025-9566 ----------------------------------------------------------------- The container suse/sl-micro/6.2/baremetal-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 338 Released: Tue Mar 3 09:57:47 2026 Summary: Recommended update for grub2 Type: recommended Severity: important References: 1254299,1254415,1258022 This update for grub2 fixes the following issues: - Support dm multipath bootlist on PowerPC (bsc#1254415) - Backport upstream's commit to prevent BIOS assert (bsc#1258022) - Fix error 'grub-core/script/lexer.c:352:out of memory' after PowerPC CAS Reboot (bsc#1254299) * Fix PowerPC CAS reboot to evaluate menu context ----------------------------------------------------------------- Advisory ID: 343 Released: Tue Mar 3 17:13:34 2026 Summary: Security update for podman Type: security Severity: important References: 1248988,1249154,1252376,1253542,1253993,CVE-2025-22869,CVE-2025-31133,CVE-2025-47913,CVE-2025-47914,CVE-2025-52565,CVE-2025-52881,CVE-2025-6032,CVE-2025-9566 This update for podman fixes the following issues: Changes in podman: - Add symlink to catatonit in /usr/libexec/podman (bsc#1248988) - CVE-2025-47914: Fixed golang.org/x/crypto/ssh/agent: non validated message size can cause a panic due to an out of bounds read (bsc#1253993) - CVE-2025-47913: Fixed golang.org/x/crypto/ssh/agent: client process termination when receiving an unexpected message type in response to a key listing or signing request (bsc#1253542): - CVE-2025-31133,CVE-2025-52565,CVE-2025-52881: Fixed runc: Container breakouts by bypassing runc's restrictions for writing to arbitrary /proc files (bsc#1252376): - CVE-2025-9566: Fixed that podman kube play command may overwrite host files (bsc#1249154): The following package changes have been done: - grub2-common-2.12-160000.5.1 updated - grub2-i386-pc-2.12-160000.5.1 updated - grub2-2.12-160000.5.1 updated - libnm0-1.52.0-160000.3.1 updated - NetworkManager-1.52.0-160000.3.1 updated - podman-5.4.2-160000.4.1 updated - container:suse-sl-micro-6.2-base-os-container-latest-2df60dd9c13e180ed5bfc5435e4cc6edf4450114353a264e424db6ee7a150539-0 updated From sle-container-updates at lists.suse.com Wed Mar 4 08:11:24 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Wed, 4 Mar 2026 09:11:24 +0100 (CET) Subject: SUSE-IU-2026:1242-1: Security update of suse/sl-micro/6.2/baremetal-os-container Message-ID: <20260304081124.C64A0FF04@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.2/baremetal-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1242-1 Image Tags : suse/sl-micro/6.2/baremetal-os-container:2.3.0 , suse/sl-micro/6.2/baremetal-os-container:2.3.0-7.62 , suse/sl-micro/6.2/baremetal-os-container:latest Image Release : 7.62 Severity : moderate Type : security References : 1257144 1257496 CVE-2026-24515 CVE-2026-25210 ----------------------------------------------------------------- The container suse/sl-micro/6.2/baremetal-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 344 Released: Tue Mar 3 17:13:34 2026 Summary: Security update for expat Type: security Severity: moderate References: 1257144,1257496,CVE-2026-24515,CVE-2026-25210 This update for expat fixes the following issues: - CVE-2026-24515: failure to copy the encoding handler data passed to XML_SetUnknownEncodingHandler may cause a NULL dereference (bsc#1257144). - CVE-2026-25210: lack of buffer size check can lead to an integer overflow (bsc#1257496). The following package changes have been done: - libexpat1-2.7.1-160000.4.1 updated - container:suse-sl-micro-6.2-base-os-container-latest-316b69931a2f53da09c4c080fda7dad7977133c2bf12e0e67b7e827448691c5e-0 updated From sle-container-updates at lists.suse.com Wed Mar 4 08:16:18 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Wed, 4 Mar 2026 09:16:18 +0100 (CET) Subject: SUSE-IU-2026:1253-1: Recommended update of suse/sl-micro/6.2/kvm-os-container Message-ID: <20260304081618.46CAAFB9A@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.2/kvm-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1253-1 Image Tags : suse/sl-micro/6.2/kvm-os-container:2.3.0 , suse/sl-micro/6.2/kvm-os-container:2.3.0-7.53 , suse/sl-micro/6.2/kvm-os-container:latest Image Release : 7.53 Severity : important Type : recommended References : 1250086 1254299 1254415 1258022 ----------------------------------------------------------------- The container suse/sl-micro/6.2/kvm-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 338 Released: Tue Mar 3 09:57:47 2026 Summary: Recommended update for grub2 Type: recommended Severity: important References: 1254299,1254415,1258022 This update for grub2 fixes the following issues: - Support dm multipath bootlist on PowerPC (bsc#1254415) - Backport upstream's commit to prevent BIOS assert (bsc#1258022) - Fix error 'grub-core/script/lexer.c:352:out of memory' after PowerPC CAS Reboot (bsc#1254299) * Fix PowerPC CAS reboot to evaluate menu context ----------------------------------------------------------------- Advisory ID: 341 Released: Tue Mar 3 12:28:18 2026 Summary: Recommended update for NetworkManager Type: recommended Severity: moderate References: 1250086 This update for NetworkManager fixes the following issues: - Move dispatcher.d/pre-up.d/90-nm-cloud-setup.sh to cloud-setup subpackage (bsc#1250086). The following package changes have been done: - grub2-common-2.12-160000.5.1 updated - grub2-i386-pc-2.12-160000.5.1 updated - grub2-2.12-160000.5.1 updated - libnm0-1.52.0-160000.3.1 updated - NetworkManager-1.52.0-160000.3.1 updated - container:suse-sl-micro-6.2-base-os-container-latest-2df60dd9c13e180ed5bfc5435e4cc6edf4450114353a264e424db6ee7a150539-0 updated From sle-container-updates at lists.suse.com Wed Mar 4 08:16:19 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Wed, 4 Mar 2026 09:16:19 +0100 (CET) Subject: SUSE-IU-2026:1254-1: Security update of suse/sl-micro/6.2/kvm-os-container Message-ID: <20260304081619.22F40FB9A@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.2/kvm-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1254-1 Image Tags : suse/sl-micro/6.2/kvm-os-container:2.3.0 , suse/sl-micro/6.2/kvm-os-container:2.3.0-7.54 , suse/sl-micro/6.2/kvm-os-container:latest Image Release : 7.54 Severity : moderate Type : security References : 1257144 1257496 CVE-2026-24515 CVE-2026-25210 ----------------------------------------------------------------- The container suse/sl-micro/6.2/kvm-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 344 Released: Tue Mar 3 17:13:34 2026 Summary: Security update for expat Type: security Severity: moderate References: 1257144,1257496,CVE-2026-24515,CVE-2026-25210 This update for expat fixes the following issues: - CVE-2026-24515: failure to copy the encoding handler data passed to XML_SetUnknownEncodingHandler may cause a NULL dereference (bsc#1257144). - CVE-2026-25210: lack of buffer size check can lead to an integer overflow (bsc#1257496). The following package changes have been done: - libexpat1-2.7.1-160000.4.1 updated - container:suse-sl-micro-6.2-base-os-container-latest-316b69931a2f53da09c4c080fda7dad7977133c2bf12e0e67b7e827448691c5e-0 updated From sle-container-updates at lists.suse.com Wed Mar 4 08:17:41 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Wed, 4 Mar 2026 09:17:41 +0100 (CET) Subject: SUSE-IU-2026:1261-1: Recommended update of suse/sl-micro/6.2/rt-os-container Message-ID: <20260304081741.827C9FB9A@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.2/rt-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1261-1 Image Tags : suse/sl-micro/6.2/rt-os-container:2.3.0 , suse/sl-micro/6.2/rt-os-container:2.3.0-6.68 , suse/sl-micro/6.2/rt-os-container:latest Image Release : 6.68 Severity : important Type : recommended References : 1250086 1254299 1254415 1258022 ----------------------------------------------------------------- The container suse/sl-micro/6.2/rt-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 338 Released: Tue Mar 3 09:57:47 2026 Summary: Recommended update for grub2 Type: recommended Severity: important References: 1254299,1254415,1258022 This update for grub2 fixes the following issues: - Support dm multipath bootlist on PowerPC (bsc#1254415) - Backport upstream's commit to prevent BIOS assert (bsc#1258022) - Fix error 'grub-core/script/lexer.c:352:out of memory' after PowerPC CAS Reboot (bsc#1254299) * Fix PowerPC CAS reboot to evaluate menu context ----------------------------------------------------------------- Advisory ID: 341 Released: Tue Mar 3 12:28:18 2026 Summary: Recommended update for NetworkManager Type: recommended Severity: moderate References: 1250086 This update for NetworkManager fixes the following issues: - Move dispatcher.d/pre-up.d/90-nm-cloud-setup.sh to cloud-setup subpackage (bsc#1250086). The following package changes have been done: - grub2-common-2.12-160000.5.1 updated - grub2-i386-pc-2.12-160000.5.1 updated - grub2-2.12-160000.5.1 updated - libnm0-1.52.0-160000.3.1 updated - NetworkManager-1.52.0-160000.3.1 updated - container:suse-sl-micro-6.2-baremetal-os-container-latest-0e687eac85acca6a974b9f1ec329c89e816a326afe20f3fc4085307b75362d85-0 updated From sle-container-updates at lists.suse.com Wed Mar 4 08:17:44 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Wed, 4 Mar 2026 09:17:44 +0100 (CET) Subject: SUSE-IU-2026:1262-1: Security update of suse/sl-micro/6.2/rt-os-container Message-ID: <20260304081744.1801CFB9A@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.2/rt-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1262-1 Image Tags : suse/sl-micro/6.2/rt-os-container:2.3.0 , suse/sl-micro/6.2/rt-os-container:2.3.0-6.69 , suse/sl-micro/6.2/rt-os-container:latest Image Release : 6.69 Severity : moderate Type : security References : 1257144 1257496 CVE-2026-24515 CVE-2026-25210 ----------------------------------------------------------------- The container suse/sl-micro/6.2/rt-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 344 Released: Tue Mar 3 17:13:34 2026 Summary: Security update for expat Type: security Severity: moderate References: 1257144,1257496,CVE-2026-24515,CVE-2026-25210 This update for expat fixes the following issues: - CVE-2026-24515: failure to copy the encoding handler data passed to XML_SetUnknownEncodingHandler may cause a NULL dereference (bsc#1257144). - CVE-2026-25210: lack of buffer size check can lead to an integer overflow (bsc#1257496). The following package changes have been done: - libexpat1-2.7.1-160000.4.1 updated - container:suse-sl-micro-6.2-baremetal-os-container-latest-1e00633a210dd43af4fab1d5cd996fc9d5e468ed3b5f9de54a057ae737358531-0 updated From sle-container-updates at lists.suse.com Wed Mar 4 08:19:21 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Wed, 4 Mar 2026 09:19:21 +0100 (CET) Subject: SUSE-CU-2026:1294-1: Security update of suse/ltss/sle12.5/sles12sp5 Message-ID: <20260304081921.AE8E4FB9A@maintenance.suse.de> SUSE Container Update Advisory: suse/ltss/sle12.5/sles12sp5 ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:1294-1 Container Tags : suse/ltss/sle12.5/sles12sp5:8.5.205 , suse/ltss/sle12.5/sles12sp5:latest Container Release : 8.5.205 Severity : moderate Type : security References : 1250553 1256807 1256808 1256809 1256811 1256812 1257593 1257594 1257595 1258045 1258049 1258054 1258080 1258081 CVE-2025-10911 CVE-2026-0964 CVE-2026-0965 CVE-2026-0966 CVE-2026-0967 CVE-2026-0968 CVE-2026-0990 CVE-2026-0992 CVE-2026-1757 ----------------------------------------------------------------- The container suse/ltss/sle12.5/sles12sp5 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2026:778-1 Released: Tue Mar 3 14:24:27 2026 Summary: Security update for libssh Type: security Severity: moderate References: 1258045,1258049,1258054,1258080,1258081,CVE-2026-0964,CVE-2026-0965,CVE-2026-0966,CVE-2026-0967,CVE-2026-0968 This update for libssh fixes the following issues: - CVE-2026-0964: improper sanitation of paths received from SCP servers can cause path traversal (bsc#1258049). - CVE-2026-0965: possible denial of service when parsing unexpected configuration files (bsc#1258045). - CVE-2026-0966: buffer underflow in ssh_get_hexa() on invalid input (bsc#1258054). - CVE-2026-0967: specially crafted patterns could cause denial of service (bsc#1258081). - CVE-2026-0968: malformed SFTP message can lead to out of bound read (bsc#1258080). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2026:782-1 Released: Tue Mar 3 14:35:12 2026 Summary: Security update for libxml2 Type: security Severity: moderate References: 1250553,1256807,1256808,1256809,1256811,1256812,1257593,1257594,1257595,CVE-2025-10911,CVE-2026-0990,CVE-2026-0992,CVE-2026-1757 This update for libxml2 fixes the following issues: - CVE-2026-0990: Fixed a call stack overflow leading to application crash due to infinite recursion in `xmlCatalogXMLResolveURI`. (bsc#1256807, bsc#1256811) - CVE-2026-0992: Fixed an excessive resource consumption when processing XML catalogs due to exponential behavior. (bsc#1256809, bsc#1256812) - CVE-2026-1757: Fixed a memory leak in the `xmllint` interactive shell. (bsc#1257594, bsc#1257595) - CVE-2025-10911: Fixed a use-after-free with key data stored cross-RVT. (bsc#1250553) The following package changes have been done: - libssh-config-0.9.8-3.21.1 updated - libssh4-0.9.8-3.21.1 updated - libxml2-2-2.9.4-46.99.1 updated From sle-container-updates at lists.suse.com Wed Mar 4 08:39:12 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Wed, 4 Mar 2026 09:39:12 +0100 (CET) Subject: SUSE-CU-2026:1335-1: Security update of suse/sles/16.0/toolbox Message-ID: <20260304083912.3A00DFB9A@maintenance.suse.de> SUSE Container Update Advisory: suse/sles/16.0/toolbox ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:1335-1 Container Tags : suse/sles/16.0/toolbox:16.3 , suse/sles/16.0/toolbox:16.3-1.31 , suse/sles/16.0/toolbox:latest Container Release : 1.31 Severity : moderate Type : security References : 1257144 1257496 CVE-2026-24515 CVE-2026-25210 ----------------------------------------------------------------- The container suse/sles/16.0/toolbox was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 344 Released: Tue Mar 3 17:13:34 2026 Summary: Security update for expat Type: security Severity: moderate References: 1257144,1257496,CVE-2026-24515,CVE-2026-25210 This update for expat fixes the following issues: - CVE-2026-24515: failure to copy the encoding handler data passed to XML_SetUnknownEncodingHandler may cause a NULL dereference (bsc#1257144). - CVE-2026-25210: lack of buffer size check can lead to an integer overflow (bsc#1257496). The following package changes have been done: - libexpat1-2.7.1-160000.4.1 updated From sle-container-updates at lists.suse.com Wed Mar 4 08:45:52 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Wed, 4 Mar 2026 09:45:52 +0100 (CET) Subject: SUSE-CU-2026:1337-1: Recommended update of suse/sle-micro/5.2/toolbox Message-ID: <20260304084552.A3AF3FB9A@maintenance.suse.de> SUSE Container Update Advisory: suse/sle-micro/5.2/toolbox ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:1337-1 Container Tags : suse/sle-micro/5.2/toolbox:14.2 , suse/sle-micro/5.2/toolbox:14.2-7.11.250 , suse/sle-micro/5.2/toolbox:latest Container Release : 7.11.250 Severity : moderate Type : recommended References : 1257463 ----------------------------------------------------------------- The container suse/sle-micro/5.2/toolbox was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2026:791-1 Released: Tue Mar 3 16:59:33 2026 Summary: Recommended update for gcc15 Type: recommended Severity: moderate References: 1257463 This update for gcc15 fixes the following issues: - Fix bogus expression simplification (bsc#1257463) The following package changes have been done: - libgcc_s1-15.2.0+git10201-150000.1.9.1 updated - libstdc++6-15.2.0+git10201-150000.1.9.1 updated From sle-container-updates at lists.suse.com Thu Mar 5 08:05:58 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Thu, 5 Mar 2026 09:05:58 +0100 (CET) Subject: SUSE-IU-2026:1268-1: Recommended update of suse/sl-micro/6.0/baremetal-os-container Message-ID: <20260305080558.4E0B8FB98@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.0/baremetal-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1268-1 Image Tags : suse/sl-micro/6.0/baremetal-os-container:2.1.3 , suse/sl-micro/6.0/baremetal-os-container:2.1.3-6.132 , suse/sl-micro/6.0/baremetal-os-container:latest Image Release : 6.132 Severity : moderate Type : recommended References : 1225451 1233393 1234304 1250373 1250692 1250692 1257357 CVE-2025-41244 ----------------------------------------------------------------- The container suse/sl-micro/6.0/baremetal-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 158 Released: Mon Feb 3 10:19:18 2025 Summary: Recommended update for libzypp Type: recommended Severity: moderate References: 1225451,1233393,1234304,1250373,1250692,CVE-2025-41244 This update for libzypp fixes the following issues: Version.35.15 (35) - Url query part: `=` is a safe char in value (bsc#1234304) - RpmDb: Recognize rpmdb.sqlite as database file (#593) - The 20MB download limit must not apply to non-metadata files like package URLs provided via the CLI (bsc#1233393). - BuildCache: Don't try to retrieve missing raw metadata if no permission to write the cache (bsc#1225451) - RepoManager: throw RepoNoPermissionException if the user has no permission to update(write) the caches (bsc#1225451) ----------------------------------------------------------------- Advisory ID: 605 Released: Wed Mar 4 16:49:32 2026 Summary: Recommended update for open-vm-tools Type: recommended Severity: moderate References: 1250692,1257357 This update for open-vm-tools fixes the following issues: - update to 13.0.10 based on build 25056151 (boo#1257357): * There are no new features in the open-vm-tools 13.0.10 release. * This is primarily a maintenance release that addresses a fix. * A minor enhancement has been made for Guest OS Customization. * The DeployPkg plugin has been updated to handle a new cloud-init error code that signals a recoverable error and allow cloud-init to finish running. - update to 13.0.5 based on build 24915695 (bsc#1250692). The following package changes have been done: - libvmtools0-13.0.10-1.1 updated - open-vm-tools-13.0.10-1.1 updated From sle-container-updates at lists.suse.com Thu Mar 5 08:07:13 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Thu, 5 Mar 2026 09:07:13 +0100 (CET) Subject: SUSE-IU-2026:1269-1: Security update of suse/sl-micro/6.0/base-os-container Message-ID: <20260305080713.92B0CFB98@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.0/base-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1269-1 Image Tags : suse/sl-micro/6.0/base-os-container:2.1.3 , suse/sl-micro/6.0/base-os-container:2.1.3-7.99 , suse/sl-micro/6.0/base-os-container:latest Image Release : 7.99 Severity : moderate Type : security References : 1258002 ----------------------------------------------------------------- The container suse/sl-micro/6.0/base-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 604 Released: Wed Mar 4 09:37:59 2026 Summary: Security update for ca-certificates-mozilla Type: security Severity: moderate References: 1258002 This update for ca-certificates-mozilla fixes the following issues: - Updated to 2.84 state of Mozilla SSL root CAs (bsc#1258002) - Removed: - Baltimore CyberTrust Root - CommScope Public Trust ECC Root-01 - CommScope Public Trust ECC Root-02 - CommScope Public Trust RSA Root-01 - CommScope Public Trust RSA Root-02 - DigiNotar Root CA - Added: - e-Szigno TLS Root CA 2023 - OISTE Client Root ECC G1 - OISTE Client Root RSA G1 - OISTE Server Root ECC G1 - OISTE Server Root RSA G1 - SwissSign RSA SMIME Root CA 2022 - 1 - SwissSign RSA TLS Root CA 2022 - 1 - TrustAsia SMIME ECC Root CA - TrustAsia SMIME RSA Root CA - TrustAsia TLS ECC Root CA - TrustAsia TLS RSA Root CA The following package changes have been done: - ca-certificates-mozilla-2.84-1.1 updated - container:suse-toolbox-image-1.0.0-9.70 updated From sle-container-updates at lists.suse.com Thu Mar 5 08:14:10 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Thu, 5 Mar 2026 09:14:10 +0100 (CET) Subject: SUSE-CU-2026:1361-1: Security update of suse/sl-micro/6.0/toolbox Message-ID: <20260305081410.5B6D8F77D@maintenance.suse.de> SUSE Container Update Advisory: suse/sl-micro/6.0/toolbox ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:1361-1 Container Tags : suse/sl-micro/6.0/toolbox:13.2 , suse/sl-micro/6.0/toolbox:13.2-9.70 , suse/sl-micro/6.0/toolbox:latest Container Release : 9.70 Severity : moderate Type : security References : 1258002 ----------------------------------------------------------------- The container suse/sl-micro/6.0/toolbox was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 604 Released: Wed Mar 4 09:37:59 2026 Summary: Security update for ca-certificates-mozilla Type: security Severity: moderate References: 1258002 This update for ca-certificates-mozilla fixes the following issues: - Updated to 2.84 state of Mozilla SSL root CAs (bsc#1258002) - Removed: - Baltimore CyberTrust Root - CommScope Public Trust ECC Root-01 - CommScope Public Trust ECC Root-02 - CommScope Public Trust RSA Root-01 - CommScope Public Trust RSA Root-02 - DigiNotar Root CA - Added: - e-Szigno TLS Root CA 2023 - OISTE Client Root ECC G1 - OISTE Client Root RSA G1 - OISTE Server Root ECC G1 - OISTE Server Root RSA G1 - SwissSign RSA SMIME Root CA 2022 - 1 - SwissSign RSA TLS Root CA 2022 - 1 - TrustAsia SMIME ECC Root CA - TrustAsia SMIME RSA Root CA - TrustAsia TLS ECC Root CA - TrustAsia TLS RSA Root CA The following package changes have been done: - ca-certificates-mozilla-2.84-1.1 updated From sle-container-updates at lists.suse.com Thu Mar 5 08:15:04 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Thu, 5 Mar 2026 09:15:04 +0100 (CET) Subject: SUSE-IU-2026:1273-1: Security update of suse/sl-micro/6.1/baremetal-os-container Message-ID: <20260305081504.E207BF77D@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.1/baremetal-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1273-1 Image Tags : suse/sl-micro/6.1/baremetal-os-container:2.2.1 , suse/sl-micro/6.1/baremetal-os-container:2.2.1-7.62 , suse/sl-micro/6.1/baremetal-os-container:latest Image Release : 7.62 Severity : important Type : security References : 1225451 1233393 1234304 1240750 1240752 1240754 1240756 1240757 1241162 1241164 1241214 1241222 1241223 1241226 1241238 1241252 1241263 1241686 1241688 1246472 1250373 1250692 1250692 1257357 CVE-2025-2784 CVE-2025-32050 CVE-2025-32051 CVE-2025-32052 CVE-2025-32053 CVE-2025-32906 CVE-2025-32907 CVE-2025-32908 CVE-2025-32909 CVE-2025-32910 CVE-2025-32911 CVE-2025-32912 CVE-2025-32913 CVE-2025-32914 CVE-2025-41244 CVE-2025-41244 CVE-2025-46420 CVE-2025-46421 CVE-2025-7519 ----------------------------------------------------------------- The container suse/sl-micro/6.1/baremetal-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 158 Released: Wed Jun 25 10:16:46 2025 Summary: Security update for libsoup Type: security Severity: important References: 1225451,1233393,1234304,1240750,1240752,1240754,1240756,1240757,1241162,1241164,1241214,1241222,1241223,1241226,1241238,1241252,1241263,1241686,1241688,1250373,1250692,CVE-2025-2784,CVE-2025-32050,CVE-2025-32051,CVE-2025-32052,CVE-2025-32053,CVE-2025-32906,CVE-2025-32907,CVE-2025-32908,CVE-2025-32909,CVE-2025-32910,CVE-2025-32911,CVE-2025-32912,CVE-2025-32913,CVE-2025-32914,CVE-2025-41244,CVE-2025-46420,CVE-2025-46421 This update for libsoup fixes the following issues: - CVE-2025-2784: Fixed Heap buffer over-read in `skip_insignificant_space` when sniffing content (bsc#1240750) - CVE-2025-32050:Fixed Integer overflow in append_param_quoted (bsc#1240752) - CVE-2025-32051:Fixed Segmentation fault when parsing malformed data URI (bsc#1240754) - CVE-2025-32052:Fixed Heap buffer overflow in sniff_unknown() (bsc#1240756) - CVE-2025-32053:Fixed Heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space() (bsc#1240757) - CVE-2025-32913:Fixed NULL pointer dereference in soup_message_headers_get_content_disposition (bsc#1241162) - CVE-2025-32914:Fixed out of bounds read in `soup_multipart_new_from_message()` (bsc#1241164) - CVE-2025-32912:Fixed NULL pointer dereference in SoupAuthDigest (bsc#1241214) - CVE-2025-32907:Fixed excessive memory consumption in server when client requests a large amount of overlapping ranges in a single HTTP request (bsc#1241222) - CVE-2025-32908:Fixed HTTP request leading to server crash due to HTTP/2 server not fully validating the values of pseudo-headers (bsc#1241223) - CVE-2025-32909:Fixed NULL pointer dereference in the sniff_mp4 function in soup-content-sniffer.c (bsc#1241226) - CVE-2025-32911:Fixed Double free on soup_message_headers_get_content_disposition() via 'params' (bsc#1241238) - CVE-2025-32910:Fixed null pointer deference on client when server omits the 'realm' parameter in an Unauthorized response with Digest authentication (bsc#1241252) - CVE-2025-32906:Fixed Out of bounds reads in soup_headers_parse_request() (bsc#1241263) - CVE-2025-46420:Fixed Memory leak on soup_header_parse_quality_list() via soup-headers.c (bsc#1241686) - CVE-2025-46421:Fixed HTTP Authorization Header leak via an HTTP redirect (bsc#1241688) ----------------------------------------------------------------- Advisory ID: 425 Released: Wed Mar 4 16:33:33 2026 Summary: Recommended update for open-vm-tools Type: recommended Severity: moderate References: 1246472,1250692,1257357,CVE-2025-41244,CVE-2025-7519 This update for open-vm-tools fixes the following issues: - update to 13.0.10 based on build 25056151 (boo#1257357): * There are no new features in the open-vm-tools 13.0.10 release. * This is primarily a maintenance release that addresses a fix. * A minor enhancement has been made for Guest OS Customization. * The DeployPkg plugin has been updated to handle a new cloud-init error code that signals a recoverable error and allow cloud-init to finish running. The following package changes have been done: - libvmtools0-13.0.10-slfo.1.1_1.1 updated - open-vm-tools-13.0.10-slfo.1.1_1.1 updated - container:SL-Micro-base-container-2.2.1-5.83 updated From sle-container-updates at lists.suse.com Fri Mar 6 08:05:56 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Fri, 6 Mar 2026 09:05:56 +0100 (CET) Subject: SUSE-IU-2026:1304-1: Security update of suse/sle-micro/base-5.5 Message-ID: <20260306080556.E4B8EFCD8@maintenance.suse.de> SUSE Image Update Advisory: suse/sle-micro/base-5.5 ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1304-1 Image Tags : suse/sle-micro/base-5.5:2.0.4 , suse/sle-micro/base-5.5:2.0.4-5.8.249 , suse/sle-micro/base-5.5:latest Image Release : 5.8.249 Severity : moderate Type : security References : 1257144 1257496 CVE-2026-24515 CVE-2026-25210 ----------------------------------------------------------------- The container suse/sle-micro/base-5.5 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2026:826-1 Released: Thu Mar 5 16:16:29 2026 Summary: Security update for expat Type: security Severity: moderate References: 1257144,1257496,CVE-2026-24515,CVE-2026-25210 This update for expat fixes the following issues: - CVE-2026-24515: Fixed a null dereference in XML_ExternalEntityParserCreate. (bsc#1257144) - CVE-2026-25210: Fixed an integer overflow in doContent. (bsc#1257496) The following package changes have been done: - libexpat1-2.7.1-150400.3.34.1 updated From sle-container-updates at lists.suse.com Fri Mar 6 08:05:55 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Fri, 6 Mar 2026 09:05:55 +0100 (CET) Subject: SUSE-IU-2026:1303-1: Security update of suse/sle-micro/base-5.5 Message-ID: <20260306080555.E3A95FB98@maintenance.suse.de> SUSE Image Update Advisory: suse/sle-micro/base-5.5 ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1303-1 Image Tags : suse/sle-micro/base-5.5:2.0.4 , suse/sle-micro/base-5.5:2.0.4-5.8.248 , suse/sle-micro/base-5.5:latest Image Release : 5.8.248 Severity : important Type : security References : 1258022 1258568 CVE-2026-2781 ----------------------------------------------------------------- The container suse/sle-micro/base-5.5 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2026:813-1 Released: Thu Mar 5 09:33:59 2026 Summary: Security update for mozilla-nss Type: security Severity: moderate References: 1258568,CVE-2026-2781 This update for mozilla-nss fixes the following issues: Update to NSS 3.112.3: * CVE-2026-2781: Avoid integer overflow in platform-independent ghash (bsc#1258568) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2026:818-1 Released: Thu Mar 5 11:26:09 2026 Summary: Recommended update for grub2 Type: recommended Severity: important References: 1258022 This update for grub2 fixes the following issues: - Backport upstream's commit to prevent BIOS assert (bsc#1258022) The following package changes have been done: - grub2-2.06-150500.29.62.1 updated - grub2-i386-pc-2.06-150500.29.62.1 updated - grub2-x86_64-efi-2.06-150500.29.62.1 updated - libfreebl3-3.112.3-150400.3.63.1 updated - mozilla-nss-certs-3.112.3-150400.3.63.1 updated - mozilla-nss-3.112.3-150400.3.63.1 updated - libsoftokn3-3.112.3-150400.3.63.1 updated From sle-container-updates at lists.suse.com Fri Mar 6 08:07:30 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Fri, 6 Mar 2026 09:07:30 +0100 (CET) Subject: SUSE-IU-2026:1305-1: Security update of suse/sle-micro/kvm-5.5 Message-ID: <20260306080730.1DA62FB98@maintenance.suse.de> SUSE Image Update Advisory: suse/sle-micro/kvm-5.5 ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1305-1 Image Tags : suse/sle-micro/kvm-5.5:2.0.4 , suse/sle-micro/kvm-5.5:2.0.4-3.5.476 , suse/sle-micro/kvm-5.5:latest Image Release : 3.5.476 Severity : moderate Type : security References : 1258568 CVE-2026-2781 ----------------------------------------------------------------- The container suse/sle-micro/kvm-5.5 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2026:813-1 Released: Thu Mar 5 09:33:59 2026 Summary: Security update for mozilla-nss Type: security Severity: moderate References: 1258568,CVE-2026-2781 This update for mozilla-nss fixes the following issues: Update to NSS 3.112.3: * CVE-2026-2781: Avoid integer overflow in platform-independent ghash (bsc#1258568) The following package changes have been done: - libfreebl3-3.112.3-150400.3.63.1 updated - mozilla-nss-certs-3.112.3-150400.3.63.1 updated - mozilla-nss-3.112.3-150400.3.63.1 updated - libsoftokn3-3.112.3-150400.3.63.1 updated - container:suse-sle-micro-base-5.5-latest-2.0.4-5.8.248 updated From sle-container-updates at lists.suse.com Fri Mar 6 08:07:31 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Fri, 6 Mar 2026 09:07:31 +0100 (CET) Subject: SUSE-IU-2026:1306-1: Security update of suse/sle-micro/kvm-5.5 Message-ID: <20260306080731.21EA5FB98@maintenance.suse.de> SUSE Image Update Advisory: suse/sle-micro/kvm-5.5 ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1306-1 Image Tags : suse/sle-micro/kvm-5.5:2.0.4 , suse/sle-micro/kvm-5.5:2.0.4-3.5.478 , suse/sle-micro/kvm-5.5:latest Image Release : 3.5.478 Severity : moderate Type : security References : 1257144 1257496 CVE-2026-24515 CVE-2026-25210 ----------------------------------------------------------------- The container suse/sle-micro/kvm-5.5 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2026:826-1 Released: Thu Mar 5 16:16:29 2026 Summary: Security update for expat Type: security Severity: moderate References: 1257144,1257496,CVE-2026-24515,CVE-2026-25210 This update for expat fixes the following issues: - CVE-2026-24515: Fixed a null dereference in XML_ExternalEntityParserCreate. (bsc#1257144) - CVE-2026-25210: Fixed an integer overflow in doContent. (bsc#1257496) The following package changes have been done: - libexpat1-2.7.1-150400.3.34.1 updated - container:suse-sle-micro-base-5.5-latest-2.0.4-5.8.249 updated From sle-container-updates at lists.suse.com Fri Mar 6 08:13:41 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Fri, 6 Mar 2026 09:13:41 +0100 (CET) Subject: SUSE-IU-2026:1310-1: Security update of suse/sl-micro/6.1/base-os-container Message-ID: <20260306081341.B03EBFB98@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.1/base-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1310-1 Image Tags : suse/sl-micro/6.1/base-os-container:2.2.1 , suse/sl-micro/6.1/base-os-container:2.2.1-5.84 , suse/sl-micro/6.1/base-os-container:latest Image Release : 5.84 Severity : moderate Type : security References : 1258002 ----------------------------------------------------------------- The container suse/sl-micro/6.1/base-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 423 Released: Wed Mar 4 10:35:51 2026 Summary: Security update for ca-certificates-mozilla Type: security Severity: moderate References: 1258002 This update for ca-certificates-mozilla fixes the following issues: - Updated to 2.84 state of Mozilla SSL root CAs (bsc#1258002) - Removed: - Baltimore CyberTrust Root - CommScope Public Trust ECC Root-01 - CommScope Public Trust ECC Root-02 - CommScope Public Trust RSA Root-01 - CommScope Public Trust RSA Root-02 - DigiNotar Root CA - Added: - e-Szigno TLS Root CA 2023 - OISTE Client Root ECC G1 - OISTE Client Root RSA G1 - OISTE Server Root ECC G1 - OISTE Server Root RSA G1 - SwissSign RSA SMIME Root CA 2022 - 1 - SwissSign RSA TLS Root CA 2022 - 1 - TrustAsia SMIME ECC Root CA - TrustAsia SMIME RSA Root CA - TrustAsia TLS ECC Root CA - TrustAsia TLS RSA Root CA The following package changes have been done: - SL-Micro-release-6.1-slfo.1.12.13 updated - ca-certificates-mozilla-2.84-slfo.1.1_1.1 updated - container:suse-toolbox-image-1.0.0-5.13 updated From sle-container-updates at lists.suse.com Fri Mar 6 08:50:05 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Fri, 6 Mar 2026 09:50:05 +0100 (CET) Subject: SUSE-CU-2026:1406-1: Security update of suse/manager/4.3/proxy-httpd Message-ID: <20260306085005.85FB3F77D@maintenance.suse.de> SUSE Container Update Advisory: suse/manager/4.3/proxy-httpd ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:1406-1 Container Tags : suse/manager/4.3/proxy-httpd:4.3.16.2 , suse/manager/4.3/proxy-httpd:4.3.16.2.9.73.20 , suse/manager/4.3/proxy-httpd:latest Container Release : 9.73.20 Severity : moderate Type : security References : 1257144 1257496 CVE-2026-24515 CVE-2026-25210 ----------------------------------------------------------------- The container suse/manager/4.3/proxy-httpd was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2026:826-1 Released: Thu Mar 5 16:16:29 2026 Summary: Security update for expat Type: security Severity: moderate References: 1257144,1257496,CVE-2026-24515,CVE-2026-25210 This update for expat fixes the following issues: - CVE-2026-24515: Fixed a null dereference in XML_ExternalEntityParserCreate. (bsc#1257144) - CVE-2026-25210: Fixed an integer overflow in doContent. (bsc#1257496) The following package changes have been done: - libexpat1-2.7.1-150400.3.34.1 updated From sle-container-updates at lists.suse.com Fri Mar 6 08:51:59 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Fri, 6 Mar 2026 09:51:59 +0100 (CET) Subject: SUSE-CU-2026:1407-1: Security update of suse/manager/4.3/proxy-salt-broker Message-ID: <20260306085159.AA587F77D@maintenance.suse.de> SUSE Container Update Advisory: suse/manager/4.3/proxy-salt-broker ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:1407-1 Container Tags : suse/manager/4.3/proxy-salt-broker:4.3.16.2 , suse/manager/4.3/proxy-salt-broker:4.3.16.2.9.63.21 , suse/manager/4.3/proxy-salt-broker:latest Container Release : 9.63.21 Severity : moderate Type : security References : 1257144 1257496 CVE-2026-24515 CVE-2026-25210 ----------------------------------------------------------------- The container suse/manager/4.3/proxy-salt-broker was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2026:826-1 Released: Thu Mar 5 16:16:29 2026 Summary: Security update for expat Type: security Severity: moderate References: 1257144,1257496,CVE-2026-24515,CVE-2026-25210 This update for expat fixes the following issues: - CVE-2026-24515: Fixed a null dereference in XML_ExternalEntityParserCreate. (bsc#1257144) - CVE-2026-25210: Fixed an integer overflow in doContent. (bsc#1257496) The following package changes have been done: - libexpat1-2.7.1-150400.3.34.1 updated From sle-container-updates at lists.suse.com Fri Mar 6 08:55:27 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Fri, 6 Mar 2026 09:55:27 +0100 (CET) Subject: SUSE-CU-2026:1409-1: Security update of suse/manager/4.3/proxy-ssh Message-ID: <20260306085527.867B2F77D@maintenance.suse.de> SUSE Container Update Advisory: suse/manager/4.3/proxy-ssh ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:1409-1 Container Tags : suse/manager/4.3/proxy-ssh:4.3.16.2 , suse/manager/4.3/proxy-ssh:4.3.16.2.9.63.14 , suse/manager/4.3/proxy-ssh:latest Container Release : 9.63.14 Severity : moderate Type : security References : 1257144 1257496 CVE-2026-24515 CVE-2026-25210 ----------------------------------------------------------------- The container suse/manager/4.3/proxy-ssh was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2026:826-1 Released: Thu Mar 5 16:16:29 2026 Summary: Security update for expat Type: security Severity: moderate References: 1257144,1257496,CVE-2026-24515,CVE-2026-25210 This update for expat fixes the following issues: - CVE-2026-24515: Fixed a null dereference in XML_ExternalEntityParserCreate. (bsc#1257144) - CVE-2026-25210: Fixed an integer overflow in doContent. (bsc#1257496) The following package changes have been done: - libexpat1-2.7.1-150400.3.34.1 updated From sle-container-updates at lists.suse.com Fri Mar 6 08:57:21 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Fri, 6 Mar 2026 09:57:21 +0100 (CET) Subject: SUSE-CU-2026:1410-1: Security update of suse/manager/4.3/proxy-tftpd Message-ID: <20260306085721.376DDF77D@maintenance.suse.de> SUSE Container Update Advisory: suse/manager/4.3/proxy-tftpd ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:1410-1 Container Tags : suse/manager/4.3/proxy-tftpd:4.3.16.2 , suse/manager/4.3/proxy-tftpd:4.3.16.2.9.63.15 , suse/manager/4.3/proxy-tftpd:latest Container Release : 9.63.15 Severity : moderate Type : security References : 1257144 1257496 CVE-2026-24515 CVE-2026-25210 ----------------------------------------------------------------- The container suse/manager/4.3/proxy-tftpd was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2026:826-1 Released: Thu Mar 5 16:16:29 2026 Summary: Security update for expat Type: security Severity: moderate References: 1257144,1257496,CVE-2026-24515,CVE-2026-25210 This update for expat fixes the following issues: - CVE-2026-24515: Fixed a null dereference in XML_ExternalEntityParserCreate. (bsc#1257144) - CVE-2026-25210: Fixed an integer overflow in doContent. (bsc#1257496) The following package changes have been done: - libexpat1-2.7.1-150400.3.34.1 updated From sle-container-updates at lists.suse.com Sat Mar 7 08:07:22 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Sat, 7 Mar 2026 09:07:22 +0100 (CET) Subject: SUSE-IU-2026:1326-1: Security update of suse/sl-micro/6.0/baremetal-os-container Message-ID: <20260307080722.7CD71FB98@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.0/baremetal-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1326-1 Image Tags : suse/sl-micro/6.0/baremetal-os-container:2.1.3 , suse/sl-micro/6.0/baremetal-os-container:2.1.3-6.133 , suse/sl-micro/6.0/baremetal-os-container:latest Image Release : 6.133 Severity : moderate Type : security References : 1247850 1247858 1250553 1256804 1256805 1256807 1256808 1256809 1256810 1256811 1256812 1257593 1257594 1257595 CVE-2025-10911 CVE-2025-8732 CVE-2026-0989 CVE-2026-0990 CVE-2026-0992 CVE-2026-1757 ----------------------------------------------------------------- The container suse/sl-micro/6.0/baremetal-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 608 Released: Fri Mar 6 12:53:41 2026 Summary: Security update for libxslt, libxml2 Type: security Severity: moderate References: 1247850,1247858,1250553,1256804,1256805,1256807,1256808,1256809,1256810,1256811,1256812,1257593,1257594,1257595,CVE-2025-10911,CVE-2025-8732,CVE-2026-0989,CVE-2026-0990,CVE-2026-0992,CVE-2026-1757 This update for libxslt, libxml2 fixes the following issues: Changes in libxml2: - CVE-2026-0990: call stack overflow may lead to application crash due to infinite recursion in `xmlCatalogXMLResolveURI` (bsc#1256807, bsc#1256811). - CVE-2026-0992: excessive resource consumption when processing XML catalogs due to exponential behavior when handling `nextCatalog` elements (bsc#1256809, bsc#1256812). - CVE-2025-8732: infinite recursion in catalog parsing functions when processing malformed SGML catalog files (bsc#1247858). - CVE-2026-1757: memory leak in the `xmllint` interactive shell (bsc#1257594, bsc#1257595). - CVE-2025-10911: parsing xsl nodes may lead to use-after-free with key data stored cross-RVT (bsc#1250553). The following package changes have been done: - libxml2-2-2.11.6-12.1 updated - SL-Micro-release-6.0-25.72 updated - libxslt1-1.1.38-8.1 updated - container:SL-Micro-base-container-2.1.3-7.101 updated From sle-container-updates at lists.suse.com Sat Mar 7 08:08:47 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Sat, 7 Mar 2026 09:08:47 +0100 (CET) Subject: SUSE-IU-2026:1327-1: Security update of suse/sl-micro/6.0/base-os-container Message-ID: <20260307080847.7CA0BFB98@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.0/base-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1327-1 Image Tags : suse/sl-micro/6.0/base-os-container:2.1.3 , suse/sl-micro/6.0/base-os-container:2.1.3-7.101 , suse/sl-micro/6.0/base-os-container:latest Image Release : 7.101 Severity : moderate Type : security References : 1247850 1247858 1250553 1256804 1256805 1256807 1256808 1256809 1256810 1256811 1256812 1257593 1257594 1257595 CVE-2025-10911 CVE-2025-8732 CVE-2026-0989 CVE-2026-0990 CVE-2026-0992 CVE-2026-1757 ----------------------------------------------------------------- The container suse/sl-micro/6.0/base-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 608 Released: Fri Mar 6 12:53:41 2026 Summary: Security update for libxslt, libxml2 Type: security Severity: moderate References: 1247850,1247858,1250553,1256804,1256805,1256807,1256808,1256809,1256810,1256811,1256812,1257593,1257594,1257595,CVE-2025-10911,CVE-2025-8732,CVE-2026-0989,CVE-2026-0990,CVE-2026-0992,CVE-2026-1757 This update for libxslt, libxml2 fixes the following issues: Changes in libxml2: - CVE-2026-0990: call stack overflow may lead to application crash due to infinite recursion in `xmlCatalogXMLResolveURI` (bsc#1256807, bsc#1256811). - CVE-2026-0992: excessive resource consumption when processing XML catalogs due to exponential behavior when handling `nextCatalog` elements (bsc#1256809, bsc#1256812). - CVE-2025-8732: infinite recursion in catalog parsing functions when processing malformed SGML catalog files (bsc#1247858). - CVE-2026-1757: memory leak in the `xmllint` interactive shell (bsc#1257594, bsc#1257595). - CVE-2025-10911: parsing xsl nodes may lead to use-after-free with key data stored cross-RVT (bsc#1250553). The following package changes have been done: - libxml2-2-2.11.6-12.1 updated - SL-Micro-release-6.0-25.72 updated - container:suse-toolbox-image-1.0.0-9.72 updated From sle-container-updates at lists.suse.com Sat Mar 7 08:10:11 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Sat, 7 Mar 2026 09:10:11 +0100 (CET) Subject: SUSE-IU-2026:1328-1: Security update of suse/sl-micro/6.0/kvm-os-container Message-ID: <20260307081011.B09FAFB98@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.0/kvm-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1328-1 Image Tags : suse/sl-micro/6.0/kvm-os-container:2.1.3 , suse/sl-micro/6.0/kvm-os-container:2.1.3-6.119 , suse/sl-micro/6.0/kvm-os-container:latest Image Release : 6.119 Severity : moderate Type : security References : 1247850 1247858 1250553 1256804 1256805 1256807 1256808 1256809 1256810 1256811 1256812 1257593 1257594 1257595 CVE-2025-10911 CVE-2025-8732 CVE-2026-0989 CVE-2026-0990 CVE-2026-0992 CVE-2026-1757 ----------------------------------------------------------------- The container suse/sl-micro/6.0/kvm-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 608 Released: Fri Mar 6 12:53:41 2026 Summary: Security update for libxslt, libxml2 Type: security Severity: moderate References: 1247850,1247858,1250553,1256804,1256805,1256807,1256808,1256809,1256810,1256811,1256812,1257593,1257594,1257595,CVE-2025-10911,CVE-2025-8732,CVE-2026-0989,CVE-2026-0990,CVE-2026-0992,CVE-2026-1757 This update for libxslt, libxml2 fixes the following issues: Changes in libxml2: - CVE-2026-0990: call stack overflow may lead to application crash due to infinite recursion in `xmlCatalogXMLResolveURI` (bsc#1256807, bsc#1256811). - CVE-2026-0992: excessive resource consumption when processing XML catalogs due to exponential behavior when handling `nextCatalog` elements (bsc#1256809, bsc#1256812). - CVE-2025-8732: infinite recursion in catalog parsing functions when processing malformed SGML catalog files (bsc#1247858). - CVE-2026-1757: memory leak in the `xmllint` interactive shell (bsc#1257594, bsc#1257595). - CVE-2025-10911: parsing xsl nodes may lead to use-after-free with key data stored cross-RVT (bsc#1250553). The following package changes have been done: - libxml2-2-2.11.6-12.1 updated - SL-Micro-release-6.0-25.72 updated - container:SL-Micro-base-container-2.1.3-7.101 updated From sle-container-updates at lists.suse.com Sat Mar 7 08:11:39 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Sat, 7 Mar 2026 09:11:39 +0100 (CET) Subject: SUSE-IU-2026:1329-1: Security update of suse/sl-micro/6.0/rt-os-container Message-ID: <20260307081139.68D35FB98@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.0/rt-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1329-1 Image Tags : suse/sl-micro/6.0/rt-os-container:2.1.3 , suse/sl-micro/6.0/rt-os-container:2.1.3-7.134 , suse/sl-micro/6.0/rt-os-container:latest Image Release : 7.134 Severity : moderate Type : security References : 1247850 1247858 1250553 1256804 1256805 1256807 1256808 1256809 1256810 1256811 1256812 1257593 1257594 1257595 CVE-2025-10911 CVE-2025-8732 CVE-2026-0989 CVE-2026-0990 CVE-2026-0992 CVE-2026-1757 ----------------------------------------------------------------- The container suse/sl-micro/6.0/rt-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 608 Released: Fri Mar 6 12:53:41 2026 Summary: Security update for libxslt, libxml2 Type: security Severity: moderate References: 1247850,1247858,1250553,1256804,1256805,1256807,1256808,1256809,1256810,1256811,1256812,1257593,1257594,1257595,CVE-2025-10911,CVE-2025-8732,CVE-2026-0989,CVE-2026-0990,CVE-2026-0992,CVE-2026-1757 This update for libxslt, libxml2 fixes the following issues: Changes in libxml2: - CVE-2026-0990: call stack overflow may lead to application crash due to infinite recursion in `xmlCatalogXMLResolveURI` (bsc#1256807, bsc#1256811). - CVE-2026-0992: excessive resource consumption when processing XML catalogs due to exponential behavior when handling `nextCatalog` elements (bsc#1256809, bsc#1256812). - CVE-2025-8732: infinite recursion in catalog parsing functions when processing malformed SGML catalog files (bsc#1247858). - CVE-2026-1757: memory leak in the `xmllint` interactive shell (bsc#1257594, bsc#1257595). - CVE-2025-10911: parsing xsl nodes may lead to use-after-free with key data stored cross-RVT (bsc#1250553). The following package changes have been done: - libxml2-2-2.11.6-12.1 updated - SL-Micro-release-6.0-25.72 updated - container:SL-Micro-container-2.1.3-6.133 updated From sle-container-updates at lists.suse.com Sat Mar 7 08:16:03 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Sat, 7 Mar 2026 09:16:03 +0100 (CET) Subject: SUSE-CU-2026:1415-1: Security update of suse/sl-micro/6.0/toolbox Message-ID: <20260307081603.E2C38F77D@maintenance.suse.de> SUSE Container Update Advisory: suse/sl-micro/6.0/toolbox ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:1415-1 Container Tags : suse/sl-micro/6.0/toolbox:13.2 , suse/sl-micro/6.0/toolbox:13.2-9.72 , suse/sl-micro/6.0/toolbox:latest Container Release : 9.72 Severity : moderate Type : security References : 1247850 1247858 1250553 1256804 1256805 1256807 1256808 1256809 1256810 1256811 1256812 1257593 1257594 1257595 CVE-2025-10911 CVE-2025-8732 CVE-2026-0989 CVE-2026-0990 CVE-2026-0992 CVE-2026-1757 ----------------------------------------------------------------- The container suse/sl-micro/6.0/toolbox was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 608 Released: Fri Mar 6 12:53:41 2026 Summary: Security update for libxslt, libxml2 Type: security Severity: moderate References: 1247850,1247858,1250553,1256804,1256805,1256807,1256808,1256809,1256810,1256811,1256812,1257593,1257594,1257595,CVE-2025-10911,CVE-2025-8732,CVE-2026-0989,CVE-2026-0990,CVE-2026-0992,CVE-2026-1757 This update for libxslt, libxml2 fixes the following issues: Changes in libxml2: - CVE-2026-0990: call stack overflow may lead to application crash due to infinite recursion in `xmlCatalogXMLResolveURI` (bsc#1256807, bsc#1256811). - CVE-2026-0992: excessive resource consumption when processing XML catalogs due to exponential behavior when handling `nextCatalog` elements (bsc#1256809, bsc#1256812). - CVE-2025-8732: infinite recursion in catalog parsing functions when processing malformed SGML catalog files (bsc#1247858). - CVE-2026-1757: memory leak in the `xmllint` interactive shell (bsc#1257594, bsc#1257595). - CVE-2025-10911: parsing xsl nodes may lead to use-after-free with key data stored cross-RVT (bsc#1250553). The following package changes have been done: - SL-Micro-release-6.0-25.72 updated - libxml2-2-2.11.6-12.1 updated - skelcd-EULA-SL-Micro-2024.01.19-8.71 updated From sle-container-updates at lists.suse.com Sat Mar 7 08:17:14 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Sat, 7 Mar 2026 09:17:14 +0100 (CET) Subject: SUSE-IU-2026:1330-1: Security update of suse/sl-micro/6.1/baremetal-os-container Message-ID: <20260307081714.569E5F77D@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.1/baremetal-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1330-1 Image Tags : suse/sl-micro/6.1/baremetal-os-container:2.2.1 , suse/sl-micro/6.1/baremetal-os-container:2.2.1-7.65 , suse/sl-micro/6.1/baremetal-os-container:latest Image Release : 7.65 Severity : moderate Type : security References : 1244554 1244555 1244557 1244580 1244700 1246296 1247850 1247858 1250553 1256804 1256805 1256807 1256808 1256809 1256810 1256811 1256812 1257593 1257594 1257595 CVE-2025-10911 CVE-2025-49794 CVE-2025-49795 CVE-2025-49796 CVE-2025-6021 CVE-2025-6170 CVE-2025-7425 CVE-2025-8732 CVE-2026-0989 CVE-2026-0990 CVE-2026-0992 CVE-2026-1757 ----------------------------------------------------------------- The container suse/sl-micro/6.1/baremetal-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 429 Released: Fri Mar 6 12:35:58 2026 Summary: Security update for libxslt, libxml2 Type: security Severity: moderate References: 1244554,1244555,1244557,1244580,1244700,1246296,1247850,1247858,1250553,1256804,1256805,1256807,1256808,1256809,1256810,1256811,1256812,1257593,1257594,1257595,CVE-2025-10911,CVE-2025-49794,CVE-2025-49795,CVE-2025-49796,CVE-2025-6021,CVE-2025-6170,CVE-2025-7425,CVE-2025-8732,CVE-2026-0989,CVE-2026-0990,CVE-2026-0992,CVE-2026-1757 This update for libxslt, libxml2 fixes the following issues: libxml2: - CVE-2026-0990: call stack overflow leading to application crash due to infinite recursion in `xmlCatalogXMLResolveURI` (bsc#1256807, bsc#1256811) - CVE-2026-0992: excessive resource consumption when processing XML catalogs due to exponential behavior when handling `` elements (bsc#1256808, bsc#1256809, bsc#1256812) - CVE-2025-8732: infinite recursion in catalog parsing functions when processing malformed SGML catalog files (bsc#1247858, bsc#1247850) - CVE-2026-1757: memory leak in the `xmllint` interactive shell (bsc#1257593, bsc#1257594, bsc#1257595) - CVE-2025-10911: use-after-free with key data stored cross-RVT (bsc#1250553) - CVE-2026-0989: call stack exhaustion leading to application crash due to RelaxNG parser not limiting the recursion depth when resolving `` directives (bsc#1256804, bsc#1256805, bsc#1256810) libxslt: - CVE-2025-10911 will be fixed on libxml2 side instead [bsc#1250553] The following package changes have been done: - libxml2-2-2.11.6-slfo.1.1_8.1 updated - SL-Micro-release-6.1-slfo.1.12.14 updated - libxslt1-1.1.38-slfo.1.1_6.1 updated - container:SL-Micro-base-container-2.2.1-5.86 updated From sle-container-updates at lists.suse.com Sat Mar 7 08:18:27 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Sat, 7 Mar 2026 09:18:27 +0100 (CET) Subject: SUSE-IU-2026:1331-1: Security update of suse/sl-micro/6.1/base-os-container Message-ID: <20260307081827.895B0F77D@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.1/base-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1331-1 Image Tags : suse/sl-micro/6.1/base-os-container:2.2.1 , suse/sl-micro/6.1/base-os-container:2.2.1-5.86 , suse/sl-micro/6.1/base-os-container:latest Image Release : 5.86 Severity : moderate Type : security References : 1244554 1244555 1244557 1244580 1244700 1246296 1247850 1247858 1250553 1256804 1256805 1256807 1256808 1256809 1256810 1256811 1256812 1257593 1257594 1257595 CVE-2025-10911 CVE-2025-49794 CVE-2025-49795 CVE-2025-49796 CVE-2025-6021 CVE-2025-6170 CVE-2025-7425 CVE-2025-8732 CVE-2026-0989 CVE-2026-0990 CVE-2026-0992 CVE-2026-1757 ----------------------------------------------------------------- The container suse/sl-micro/6.1/base-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 429 Released: Fri Mar 6 12:35:58 2026 Summary: Security update for libxslt, libxml2 Type: security Severity: moderate References: 1244554,1244555,1244557,1244580,1244700,1246296,1247850,1247858,1250553,1256804,1256805,1256807,1256808,1256809,1256810,1256811,1256812,1257593,1257594,1257595,CVE-2025-10911,CVE-2025-49794,CVE-2025-49795,CVE-2025-49796,CVE-2025-6021,CVE-2025-6170,CVE-2025-7425,CVE-2025-8732,CVE-2026-0989,CVE-2026-0990,CVE-2026-0992,CVE-2026-1757 This update for libxslt, libxml2 fixes the following issues: libxml2: - CVE-2026-0990: call stack overflow leading to application crash due to infinite recursion in `xmlCatalogXMLResolveURI` (bsc#1256807, bsc#1256811) - CVE-2026-0992: excessive resource consumption when processing XML catalogs due to exponential behavior when handling `` elements (bsc#1256808, bsc#1256809, bsc#1256812) - CVE-2025-8732: infinite recursion in catalog parsing functions when processing malformed SGML catalog files (bsc#1247858, bsc#1247850) - CVE-2026-1757: memory leak in the `xmllint` interactive shell (bsc#1257593, bsc#1257594, bsc#1257595) - CVE-2025-10911: use-after-free with key data stored cross-RVT (bsc#1250553) - CVE-2026-0989: call stack exhaustion leading to application crash due to RelaxNG parser not limiting the recursion depth when resolving `` directives (bsc#1256804, bsc#1256805, bsc#1256810) libxslt: - CVE-2025-10911 will be fixed on libxml2 side instead [bsc#1250553] The following package changes have been done: - libxml2-2-2.11.6-slfo.1.1_8.1 updated - SL-Micro-release-6.1-slfo.1.12.14 updated - container:suse-toolbox-image-1.0.0-5.15 updated From sle-container-updates at lists.suse.com Sat Mar 7 08:19:40 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Sat, 7 Mar 2026 09:19:40 +0100 (CET) Subject: SUSE-IU-2026:1332-1: Security update of suse/sl-micro/6.1/kvm-os-container Message-ID: <20260307081940.E2C96F77D@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.1/kvm-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1332-1 Image Tags : suse/sl-micro/6.1/kvm-os-container:2.2.1 , suse/sl-micro/6.1/kvm-os-container:2.2.1-5.90 , suse/sl-micro/6.1/kvm-os-container:latest Image Release : 5.90 Severity : moderate Type : security References : 1244554 1244555 1244557 1244580 1244700 1246296 1247850 1247858 1250553 1256804 1256805 1256807 1256808 1256809 1256810 1256811 1256812 1257593 1257594 1257595 CVE-2025-10911 CVE-2025-49794 CVE-2025-49795 CVE-2025-49796 CVE-2025-6021 CVE-2025-6170 CVE-2025-7425 CVE-2025-8732 CVE-2026-0989 CVE-2026-0990 CVE-2026-0992 CVE-2026-1757 ----------------------------------------------------------------- The container suse/sl-micro/6.1/kvm-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 429 Released: Fri Mar 6 12:35:58 2026 Summary: Security update for libxslt, libxml2 Type: security Severity: moderate References: 1244554,1244555,1244557,1244580,1244700,1246296,1247850,1247858,1250553,1256804,1256805,1256807,1256808,1256809,1256810,1256811,1256812,1257593,1257594,1257595,CVE-2025-10911,CVE-2025-49794,CVE-2025-49795,CVE-2025-49796,CVE-2025-6021,CVE-2025-6170,CVE-2025-7425,CVE-2025-8732,CVE-2026-0989,CVE-2026-0990,CVE-2026-0992,CVE-2026-1757 This update for libxslt, libxml2 fixes the following issues: libxml2: - CVE-2026-0990: call stack overflow leading to application crash due to infinite recursion in `xmlCatalogXMLResolveURI` (bsc#1256807, bsc#1256811) - CVE-2026-0992: excessive resource consumption when processing XML catalogs due to exponential behavior when handling `` elements (bsc#1256808, bsc#1256809, bsc#1256812) - CVE-2025-8732: infinite recursion in catalog parsing functions when processing malformed SGML catalog files (bsc#1247858, bsc#1247850) - CVE-2026-1757: memory leak in the `xmllint` interactive shell (bsc#1257593, bsc#1257594, bsc#1257595) - CVE-2025-10911: use-after-free with key data stored cross-RVT (bsc#1250553) - CVE-2026-0989: call stack exhaustion leading to application crash due to RelaxNG parser not limiting the recursion depth when resolving `` directives (bsc#1256804, bsc#1256805, bsc#1256810) libxslt: - CVE-2025-10911 will be fixed on libxml2 side instead [bsc#1250553] The following package changes have been done: - libxml2-2-2.11.6-slfo.1.1_8.1 updated - SL-Micro-release-6.1-slfo.1.12.14 updated - container:SL-Micro-base-container-2.2.1-5.86 updated From sle-container-updates at lists.suse.com Sat Mar 7 08:20:59 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Sat, 7 Mar 2026 09:20:59 +0100 (CET) Subject: SUSE-IU-2026:1333-1: Security update of suse/sl-micro/6.1/rt-os-container Message-ID: <20260307082059.6D130F77D@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.1/rt-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1333-1 Image Tags : suse/sl-micro/6.1/rt-os-container:2.2.1 , suse/sl-micro/6.1/rt-os-container:2.2.1-5.79 , suse/sl-micro/6.1/rt-os-container:latest Image Release : 5.79 Severity : moderate Type : security References : 1244554 1244555 1244557 1244580 1244700 1246296 1247850 1247858 1250553 1256804 1256805 1256807 1256808 1256809 1256810 1256811 1256812 1257593 1257594 1257595 CVE-2025-10911 CVE-2025-49794 CVE-2025-49795 CVE-2025-49796 CVE-2025-6021 CVE-2025-6170 CVE-2025-7425 CVE-2025-8732 CVE-2026-0989 CVE-2026-0990 CVE-2026-0992 CVE-2026-1757 ----------------------------------------------------------------- The container suse/sl-micro/6.1/rt-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 429 Released: Fri Mar 6 12:35:58 2026 Summary: Security update for libxslt, libxml2 Type: security Severity: moderate References: 1244554,1244555,1244557,1244580,1244700,1246296,1247850,1247858,1250553,1256804,1256805,1256807,1256808,1256809,1256810,1256811,1256812,1257593,1257594,1257595,CVE-2025-10911,CVE-2025-49794,CVE-2025-49795,CVE-2025-49796,CVE-2025-6021,CVE-2025-6170,CVE-2025-7425,CVE-2025-8732,CVE-2026-0989,CVE-2026-0990,CVE-2026-0992,CVE-2026-1757 This update for libxslt, libxml2 fixes the following issues: libxml2: - CVE-2026-0990: call stack overflow leading to application crash due to infinite recursion in `xmlCatalogXMLResolveURI` (bsc#1256807, bsc#1256811) - CVE-2026-0992: excessive resource consumption when processing XML catalogs due to exponential behavior when handling `` elements (bsc#1256808, bsc#1256809, bsc#1256812) - CVE-2025-8732: infinite recursion in catalog parsing functions when processing malformed SGML catalog files (bsc#1247858, bsc#1247850) - CVE-2026-1757: memory leak in the `xmllint` interactive shell (bsc#1257593, bsc#1257594, bsc#1257595) - CVE-2025-10911: use-after-free with key data stored cross-RVT (bsc#1250553) - CVE-2026-0989: call stack exhaustion leading to application crash due to RelaxNG parser not limiting the recursion depth when resolving `` directives (bsc#1256804, bsc#1256805, bsc#1256810) libxslt: - CVE-2025-10911 will be fixed on libxml2 side instead [bsc#1250553] The following package changes have been done: - libxml2-2-2.11.6-slfo.1.1_8.1 updated - SL-Micro-release-6.1-slfo.1.12.14 updated - container:SL-Micro-container-2.2.1-7.65 updated From sle-container-updates at lists.suse.com Tue Mar 10 08:05:29 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Tue, 10 Mar 2026 09:05:29 +0100 (CET) Subject: SUSE-CU-2026:1505-1: Security update of private-registry/harbor-core Message-ID: <20260310080529.239CCFB98@maintenance.suse.de> SUSE Container Update Advisory: private-registry/harbor-core ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:1505-1 Container Tags : private-registry/harbor-core:1.1.1 , private-registry/harbor-core:1.1.1-1.36 , private-registry/harbor-core:latest Container Release : 1.36 Severity : moderate Type : security References : 1257463 1258319 1258392 CVE-2026-27171 ----------------------------------------------------------------- The container private-registry/harbor-core was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2026:783-1 Released: Tue Mar 3 14:36:14 2026 Summary: Security update for zlib Type: security Severity: moderate References: 1258392,CVE-2026-27171 This update for zlib fixes the following issue: - CVE-2026-27171: Fixed infinite loop via the `crc32_combine64` and `crc32_combine_gen64` functions due to missing checks for negative lengths (bsc#1258392). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2026:791-1 Released: Tue Mar 3 16:59:33 2026 Summary: Recommended update for gcc15 Type: recommended Severity: moderate References: 1257463 This update for gcc15 fixes the following issues: - Fix bogus expression simplification (bsc#1257463) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2026:844-1 Released: Fri Mar 6 16:45:31 2026 Summary: Recommended update for glibc Type: recommended Severity: moderate References: 1258319 This update for glibc fixes the following issues: - nss: Missing checks in __nss_configure_lookup, __nss_database_get (bsc#1258319, BZ #28940) The following package changes have been done: - glibc-2.38-150600.14.43.1 updated - libgcc_s1-15.2.0+git10201-150000.1.9.1 updated - libstdc++6-15.2.0+git10201-150000.1.9.1 updated - libz1-1.2.13-150500.4.6.1 updated - system-user-harbor-2.14.2-150700.1.18 updated - harbor-core-2.14.2-150700.1.18 updated - container:suse-sle15-15.7-8788ee29eb7cd4473a072e391f6e949a8192c8093b44289ec03eaff16197ef3c-0 updated - container:registry.suse.com-bci-bci-micro-15.7-1a6e0eea6b390e988c75daedc0a54a77767a523e2d624e6e6c24447041c1bbb3-0 updated From sle-container-updates at lists.suse.com Tue Mar 10 08:07:01 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Tue, 10 Mar 2026 09:07:01 +0100 (CET) Subject: SUSE-CU-2026:1507-1: Security update of private-registry/harbor-jobservice Message-ID: <20260310080701.E24ACFCCC@maintenance.suse.de> SUSE Container Update Advisory: private-registry/harbor-jobservice ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:1507-1 Container Tags : private-registry/harbor-jobservice:1.1.1 , private-registry/harbor-jobservice:1.1.1-1.36 , private-registry/harbor-jobservice:latest Container Release : 1.36 Severity : moderate Type : security References : 1257463 1258319 1258392 CVE-2026-27171 ----------------------------------------------------------------- The container private-registry/harbor-jobservice was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2026:783-1 Released: Tue Mar 3 14:36:14 2026 Summary: Security update for zlib Type: security Severity: moderate References: 1258392,CVE-2026-27171 This update for zlib fixes the following issue: - CVE-2026-27171: Fixed infinite loop via the `crc32_combine64` and `crc32_combine_gen64` functions due to missing checks for negative lengths (bsc#1258392). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2026:791-1 Released: Tue Mar 3 16:59:33 2026 Summary: Recommended update for gcc15 Type: recommended Severity: moderate References: 1257463 This update for gcc15 fixes the following issues: - Fix bogus expression simplification (bsc#1257463) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2026:844-1 Released: Fri Mar 6 16:45:31 2026 Summary: Recommended update for glibc Type: recommended Severity: moderate References: 1258319 This update for glibc fixes the following issues: - nss: Missing checks in __nss_configure_lookup, __nss_database_get (bsc#1258319, BZ #28940) The following package changes have been done: - glibc-2.38-150600.14.43.1 updated - libgcc_s1-15.2.0+git10201-150000.1.9.1 updated - libstdc++6-15.2.0+git10201-150000.1.9.1 updated - libz1-1.2.13-150500.4.6.1 updated - system-user-harbor-2.14.2-150700.1.18 updated - harbor-jobservice-2.14.2-150700.1.18 updated - container:suse-sle15-15.7-8788ee29eb7cd4473a072e391f6e949a8192c8093b44289ec03eaff16197ef3c-0 updated - container:registry.suse.com-bci-bci-micro-15.7-1a6e0eea6b390e988c75daedc0a54a77767a523e2d624e6e6c24447041c1bbb3-0 updated From sle-container-updates at lists.suse.com Tue Mar 10 08:07:46 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Tue, 10 Mar 2026 09:07:46 +0100 (CET) Subject: SUSE-CU-2026:1508-1: Security update of private-registry/harbor-portal Message-ID: <20260310080746.55873FCCC@maintenance.suse.de> SUSE Container Update Advisory: private-registry/harbor-portal ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:1508-1 Container Tags : private-registry/harbor-portal:1.1.1 , private-registry/harbor-portal:1.1.1-1.39 , private-registry/harbor-portal:latest Container Release : 1.39 Severity : moderate Type : security References : 1250553 1257463 1258319 1258392 CVE-2025-10911 CVE-2026-27171 ----------------------------------------------------------------- The container private-registry/harbor-portal was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2026:783-1 Released: Tue Mar 3 14:36:14 2026 Summary: Security update for zlib Type: security Severity: moderate References: 1258392,CVE-2026-27171 This update for zlib fixes the following issue: - CVE-2026-27171: Fixed infinite loop via the `crc32_combine64` and `crc32_combine_gen64` functions due to missing checks for negative lengths (bsc#1258392). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2026:791-1 Released: Tue Mar 3 16:59:33 2026 Summary: Recommended update for gcc15 Type: recommended Severity: moderate References: 1257463 This update for gcc15 fixes the following issues: - Fix bogus expression simplification (bsc#1257463) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2026:801-1 Released: Wed Mar 4 13:33:26 2026 Summary: Security update for libxslt Type: security Severity: moderate References: 1250553,CVE-2025-10911 This update for libxslt fixes the following issues: - CVE-2025-10911: use-after-free will be fixed on libxml2 side instead (bsc#1250553). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2026:844-1 Released: Fri Mar 6 16:45:31 2026 Summary: Recommended update for glibc Type: recommended Severity: moderate References: 1258319 This update for glibc fixes the following issues: - nss: Missing checks in __nss_configure_lookup, __nss_database_get (bsc#1258319, BZ #28940) The following package changes have been done: - glibc-2.38-150600.14.43.1 updated - libgcc_s1-15.2.0+git10201-150000.1.9.1 updated - libstdc++6-15.2.0+git10201-150000.1.9.1 updated - libz1-1.2.13-150500.4.6.1 updated - libxslt1-1.1.34-150400.3.16.1 updated - system-user-harbor-2.14.2-150700.1.18 updated - harbor-portal-2.14.2-150700.1.18 updated - container:suse-sle15-15.7-8788ee29eb7cd4473a072e391f6e949a8192c8093b44289ec03eaff16197ef3c-0 updated - container:registry.suse.com-bci-bci-micro-15.7-1a6e0eea6b390e988c75daedc0a54a77767a523e2d624e6e6c24447041c1bbb3-0 updated From sle-container-updates at lists.suse.com Tue Mar 10 08:07:55 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Tue, 10 Mar 2026 09:07:55 +0100 (CET) Subject: SUSE-CU-2026:1509-1: Security update of private-registry/harbor-registry Message-ID: <20260310080755.20F7CFCCC@maintenance.suse.de> SUSE Container Update Advisory: private-registry/harbor-registry ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:1509-1 Container Tags : private-registry/harbor-registry:1.1.1 , private-registry/harbor-registry:1.1.1-1.36 , private-registry/harbor-registry:latest Container Release : 1.36 Severity : moderate Type : security References : 1257463 1258319 1258392 CVE-2026-27171 ----------------------------------------------------------------- The container private-registry/harbor-registry was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2026:783-1 Released: Tue Mar 3 14:36:14 2026 Summary: Security update for zlib Type: security Severity: moderate References: 1258392,CVE-2026-27171 This update for zlib fixes the following issue: - CVE-2026-27171: Fixed infinite loop via the `crc32_combine64` and `crc32_combine_gen64` functions due to missing checks for negative lengths (bsc#1258392). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2026:791-1 Released: Tue Mar 3 16:59:33 2026 Summary: Recommended update for gcc15 Type: recommended Severity: moderate References: 1257463 This update for gcc15 fixes the following issues: - Fix bogus expression simplification (bsc#1257463) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2026:844-1 Released: Fri Mar 6 16:45:31 2026 Summary: Recommended update for glibc Type: recommended Severity: moderate References: 1258319 This update for glibc fixes the following issues: - nss: Missing checks in __nss_configure_lookup, __nss_database_get (bsc#1258319, BZ #28940) The following package changes have been done: - glibc-2.38-150600.14.43.1 updated - libgcc_s1-15.2.0+git10201-150000.1.9.1 updated - libstdc++6-15.2.0+git10201-150000.1.9.1 updated - libz1-1.2.13-150500.4.6.1 updated - system-user-harbor-2.14.2-150700.1.18 updated - container:suse-sle15-15.7-8788ee29eb7cd4473a072e391f6e949a8192c8093b44289ec03eaff16197ef3c-0 updated - container:registry.suse.com-bci-bci-micro-15.7-1a6e0eea6b390e988c75daedc0a54a77767a523e2d624e6e6c24447041c1bbb3-0 updated From sle-container-updates at lists.suse.com Tue Mar 10 08:08:37 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Tue, 10 Mar 2026 09:08:37 +0100 (CET) Subject: SUSE-CU-2026:1510-1: Security update of private-registry/harbor-registryctl Message-ID: <20260310080837.DDAA3FCCC@maintenance.suse.de> SUSE Container Update Advisory: private-registry/harbor-registryctl ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:1510-1 Container Tags : private-registry/harbor-registryctl:1.1.1 , private-registry/harbor-registryctl:1.1.1-1.36 , private-registry/harbor-registryctl:latest Container Release : 1.36 Severity : moderate Type : security References : 1257463 1258319 1258392 CVE-2026-27171 ----------------------------------------------------------------- The container private-registry/harbor-registryctl was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2026:783-1 Released: Tue Mar 3 14:36:14 2026 Summary: Security update for zlib Type: security Severity: moderate References: 1258392,CVE-2026-27171 This update for zlib fixes the following issue: - CVE-2026-27171: Fixed infinite loop via the `crc32_combine64` and `crc32_combine_gen64` functions due to missing checks for negative lengths (bsc#1258392). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2026:791-1 Released: Tue Mar 3 16:59:33 2026 Summary: Recommended update for gcc15 Type: recommended Severity: moderate References: 1257463 This update for gcc15 fixes the following issues: - Fix bogus expression simplification (bsc#1257463) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2026:844-1 Released: Fri Mar 6 16:45:31 2026 Summary: Recommended update for glibc Type: recommended Severity: moderate References: 1258319 This update for glibc fixes the following issues: - nss: Missing checks in __nss_configure_lookup, __nss_database_get (bsc#1258319, BZ #28940) The following package changes have been done: - glibc-2.38-150600.14.43.1 updated - libgcc_s1-15.2.0+git10201-150000.1.9.1 updated - libstdc++6-15.2.0+git10201-150000.1.9.1 updated - libz1-1.2.13-150500.4.6.1 updated - system-user-harbor-2.14.2-150700.1.18 updated - harbor-registryctl-2.14.2-150700.1.18 updated - container:suse-sle15-15.7-8788ee29eb7cd4473a072e391f6e949a8192c8093b44289ec03eaff16197ef3c-0 updated - container:registry.suse.com-bci-bci-micro-15.7-1a6e0eea6b390e988c75daedc0a54a77767a523e2d624e6e6c24447041c1bbb3-0 updated From sle-container-updates at lists.suse.com Tue Mar 10 08:09:27 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Tue, 10 Mar 2026 09:09:27 +0100 (CET) Subject: SUSE-CU-2026:1511-1: Security update of private-registry/harbor-trivy-adapter Message-ID: <20260310080927.0B282FCCC@maintenance.suse.de> SUSE Container Update Advisory: private-registry/harbor-trivy-adapter ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:1511-1 Container Tags : private-registry/harbor-trivy-adapter:1.1.1 , private-registry/harbor-trivy-adapter:1.1.1-1.40 , private-registry/harbor-trivy-adapter:latest Container Release : 1.40 Severity : moderate Type : security References : 1257463 1258045 1258049 1258054 1258080 1258081 1258319 1258392 CVE-2026-0964 CVE-2026-0965 CVE-2026-0966 CVE-2026-0967 CVE-2026-0968 CVE-2026-27171 ----------------------------------------------------------------- The container private-registry/harbor-trivy-adapter was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2026:779-1 Released: Tue Mar 3 14:25:07 2026 Summary: Security update for libssh Type: security Severity: moderate References: 1258045,1258049,1258054,1258080,1258081,CVE-2026-0964,CVE-2026-0965,CVE-2026-0966,CVE-2026-0967,CVE-2026-0968 This update for libssh fixes the following issues: - CVE-2026-0964: improper sanitation of paths received from SCP servers can cause path traversal (bsc#1258049). - CVE-2026-0965: possible denial of service when parsing unexpected configuration files (bsc#1258045). - CVE-2026-0966: buffer underflow in ssh_get_hexa() on invalid input (bsc#1258054). - CVE-2026-0967: specially crafted patterns could cause denial of service (bsc#1258081). - CVE-2026-0968: malformed SFTP message can lead to out of bound read (bsc#1258080). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2026:783-1 Released: Tue Mar 3 14:36:14 2026 Summary: Security update for zlib Type: security Severity: moderate References: 1258392,CVE-2026-27171 This update for zlib fixes the following issue: - CVE-2026-27171: Fixed infinite loop via the `crc32_combine64` and `crc32_combine_gen64` functions due to missing checks for negative lengths (bsc#1258392). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2026:791-1 Released: Tue Mar 3 16:59:33 2026 Summary: Recommended update for gcc15 Type: recommended Severity: moderate References: 1257463 This update for gcc15 fixes the following issues: - Fix bogus expression simplification (bsc#1257463) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2026:844-1 Released: Fri Mar 6 16:45:31 2026 Summary: Recommended update for glibc Type: recommended Severity: moderate References: 1258319 This update for glibc fixes the following issues: - nss: Missing checks in __nss_configure_lookup, __nss_database_get (bsc#1258319, BZ #28940) The following package changes have been done: - glibc-2.38-150600.14.43.1 updated - libgcc_s1-15.2.0+git10201-150000.1.9.1 updated - libstdc++6-15.2.0+git10201-150000.1.9.1 updated - libssh-config-0.9.8-150600.11.9.1 updated - libz1-1.2.13-150500.4.6.1 updated - libssh4-0.9.8-150600.11.9.1 updated - harbor-scanner-trivy-0.34.2-150700.1.9 updated - system-user-harbor-2.14.2-150700.1.18 updated - container:suse-sle15-15.7-8788ee29eb7cd4473a072e391f6e949a8192c8093b44289ec03eaff16197ef3c-0 updated - container:registry.suse.com-bci-bci-micro-15.7-1a6e0eea6b390e988c75daedc0a54a77767a523e2d624e6e6c24447041c1bbb3-0 updated From sle-container-updates at lists.suse.com Tue Mar 10 08:11:03 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Tue, 10 Mar 2026 09:11:03 +0100 (CET) Subject: SUSE-IU-2026:1370-1: Security update of suse/sl-micro/6.0/baremetal-os-container Message-ID: <20260310081103.B66DAFCCC@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.0/baremetal-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1370-1 Image Tags : suse/sl-micro/6.0/baremetal-os-container:2.1.3 , suse/sl-micro/6.0/baremetal-os-container:2.1.3-6.134 , suse/sl-micro/6.0/baremetal-os-container:latest Image Release : 6.134 Severity : moderate Type : security References : 1216378 1258392 CVE-2023-45853 CVE-2026-27171 ----------------------------------------------------------------- The container suse/sl-micro/6.0/baremetal-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 610 Released: Mon Mar 9 10:54:57 2026 Summary: Security update for zlib Type: security Severity: moderate References: 1216378,1258392,CVE-2023-45853,CVE-2026-27171 This update for zlib fixes the following issues: - CVE-2026-27171: Fixed an infinite loop via the crc32_combine64 and crc32_combine_gen64 functions due to missing checks for negative lengths. (bsc#1258392) - CVE-2023-45853: Fixed an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_6. (bsc#1216378) The following package changes have been done: - libz1-1.2.13-7.1 updated - SL-Micro-release-6.0-25.73 updated - container:SL-Micro-base-container-2.1.3-7.102 updated From sle-container-updates at lists.suse.com Tue Mar 10 08:12:27 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Tue, 10 Mar 2026 09:12:27 +0100 (CET) Subject: SUSE-IU-2026:1371-1: Security update of suse/sl-micro/6.0/base-os-container Message-ID: <20260310081227.72FFAFCCC@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.0/base-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1371-1 Image Tags : suse/sl-micro/6.0/base-os-container:2.1.3 , suse/sl-micro/6.0/base-os-container:2.1.3-7.102 , suse/sl-micro/6.0/base-os-container:latest Image Release : 7.102 Severity : moderate Type : security References : 1216378 1258392 CVE-2023-45853 CVE-2026-27171 ----------------------------------------------------------------- The container suse/sl-micro/6.0/base-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 610 Released: Mon Mar 9 10:54:57 2026 Summary: Security update for zlib Type: security Severity: moderate References: 1216378,1258392,CVE-2023-45853,CVE-2026-27171 This update for zlib fixes the following issues: - CVE-2026-27171: Fixed an infinite loop via the crc32_combine64 and crc32_combine_gen64 functions due to missing checks for negative lengths. (bsc#1258392) - CVE-2023-45853: Fixed an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_6. (bsc#1216378) The following package changes have been done: - libz1-1.2.13-7.1 updated - SL-Micro-release-6.0-25.73 updated - container:suse-toolbox-image-1.0.0-9.73 updated From sle-container-updates at lists.suse.com Tue Mar 10 08:13:51 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Tue, 10 Mar 2026 09:13:51 +0100 (CET) Subject: SUSE-IU-2026:1372-1: Security update of suse/sl-micro/6.0/kvm-os-container Message-ID: <20260310081351.60306F77D@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.0/kvm-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1372-1 Image Tags : suse/sl-micro/6.0/kvm-os-container:2.1.3 , suse/sl-micro/6.0/kvm-os-container:2.1.3-6.120 , suse/sl-micro/6.0/kvm-os-container:latest Image Release : 6.120 Severity : moderate Type : security References : 1216378 1258392 CVE-2023-45853 CVE-2026-27171 ----------------------------------------------------------------- The container suse/sl-micro/6.0/kvm-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 610 Released: Mon Mar 9 10:54:57 2026 Summary: Security update for zlib Type: security Severity: moderate References: 1216378,1258392,CVE-2023-45853,CVE-2026-27171 This update for zlib fixes the following issues: - CVE-2026-27171: Fixed an infinite loop via the crc32_combine64 and crc32_combine_gen64 functions due to missing checks for negative lengths. (bsc#1258392) - CVE-2023-45853: Fixed an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_6. (bsc#1216378) The following package changes have been done: - libz1-1.2.13-7.1 updated - SL-Micro-release-6.0-25.73 updated - container:SL-Micro-base-container-2.1.3-7.102 updated From sle-container-updates at lists.suse.com Tue Mar 10 08:15:21 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Tue, 10 Mar 2026 09:15:21 +0100 (CET) Subject: SUSE-IU-2026:1373-1: Security update of suse/sl-micro/6.0/rt-os-container Message-ID: <20260310081521.9BDD9F77D@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.0/rt-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1373-1 Image Tags : suse/sl-micro/6.0/rt-os-container:2.1.3 , suse/sl-micro/6.0/rt-os-container:2.1.3-7.135 , suse/sl-micro/6.0/rt-os-container:latest Image Release : 7.135 Severity : moderate Type : security References : 1216378 1258392 CVE-2023-45853 CVE-2026-27171 ----------------------------------------------------------------- The container suse/sl-micro/6.0/rt-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 610 Released: Mon Mar 9 10:54:57 2026 Summary: Security update for zlib Type: security Severity: moderate References: 1216378,1258392,CVE-2023-45853,CVE-2026-27171 This update for zlib fixes the following issues: - CVE-2026-27171: Fixed an infinite loop via the crc32_combine64 and crc32_combine_gen64 functions due to missing checks for negative lengths. (bsc#1258392) - CVE-2023-45853: Fixed an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_6. (bsc#1216378) The following package changes have been done: - libz1-1.2.13-7.1 updated - SL-Micro-release-6.0-25.73 updated - container:SL-Micro-container-2.1.3-6.134 updated From sle-container-updates at lists.suse.com Tue Mar 10 08:06:16 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Tue, 10 Mar 2026 09:06:16 +0100 (CET) Subject: SUSE-CU-2026:1506-1: Security update of private-registry/harbor-exporter Message-ID: <20260310080616.BF9E6FB98@maintenance.suse.de> SUSE Container Update Advisory: private-registry/harbor-exporter ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:1506-1 Container Tags : private-registry/harbor-exporter:1.1.1 , private-registry/harbor-exporter:1.1.1-1.36 , private-registry/harbor-exporter:latest Container Release : 1.36 Severity : moderate Type : security References : 1257463 1258319 1258392 CVE-2026-27171 ----------------------------------------------------------------- The container private-registry/harbor-exporter was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2026:783-1 Released: Tue Mar 3 14:36:14 2026 Summary: Security update for zlib Type: security Severity: moderate References: 1258392,CVE-2026-27171 This update for zlib fixes the following issue: - CVE-2026-27171: Fixed infinite loop via the `crc32_combine64` and `crc32_combine_gen64` functions due to missing checks for negative lengths (bsc#1258392). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2026:791-1 Released: Tue Mar 3 16:59:33 2026 Summary: Recommended update for gcc15 Type: recommended Severity: moderate References: 1257463 This update for gcc15 fixes the following issues: - Fix bogus expression simplification (bsc#1257463) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2026:844-1 Released: Fri Mar 6 16:45:31 2026 Summary: Recommended update for glibc Type: recommended Severity: moderate References: 1258319 This update for glibc fixes the following issues: - nss: Missing checks in __nss_configure_lookup, __nss_database_get (bsc#1258319, BZ #28940) The following package changes have been done: - glibc-2.38-150600.14.43.1 updated - libgcc_s1-15.2.0+git10201-150000.1.9.1 updated - libstdc++6-15.2.0+git10201-150000.1.9.1 updated - harbor-exporter-2.14.2-150700.1.18 updated - libz1-1.2.13-150500.4.6.1 updated - system-user-harbor-2.14.2-150700.1.18 updated - container:suse-sle15-15.7-8788ee29eb7cd4473a072e391f6e949a8192c8093b44289ec03eaff16197ef3c-0 updated - container:registry.suse.com-bci-bci-micro-15.7-1a6e0eea6b390e988c75daedc0a54a77767a523e2d624e6e6c24447041c1bbb3-0 updated From sle-container-updates at lists.suse.com Tue Mar 10 08:19:33 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Tue, 10 Mar 2026 09:19:33 +0100 (CET) Subject: SUSE-CU-2026:1516-1: Security update of suse/sl-micro/6.0/toolbox Message-ID: <20260310081933.DA755F77D@maintenance.suse.de> SUSE Container Update Advisory: suse/sl-micro/6.0/toolbox ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:1516-1 Container Tags : suse/sl-micro/6.0/toolbox:13.2 , suse/sl-micro/6.0/toolbox:13.2-9.73 , suse/sl-micro/6.0/toolbox:latest Container Release : 9.73 Severity : important Type : security References : 1216378 1257029 1257031 1257041 1257042 1257044 1257046 1257108 1258392 CVE-2023-45853 CVE-2025-11468 CVE-2025-12781 CVE-2025-15282 CVE-2025-15366 CVE-2025-15367 CVE-2026-0672 CVE-2026-0865 CVE-2026-27171 ----------------------------------------------------------------- The container suse/sl-micro/6.0/toolbox was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 610 Released: Mon Mar 9 10:54:57 2026 Summary: Security update for zlib Type: security Severity: moderate References: 1216378,1258392,CVE-2023-45853,CVE-2026-27171 This update for zlib fixes the following issues: - CVE-2026-27171: Fixed an infinite loop via the crc32_combine64 and crc32_combine_gen64 functions due to missing checks for negative lengths. (bsc#1258392) - CVE-2023-45853: Fixed an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_6. (bsc#1216378) ----------------------------------------------------------------- Advisory ID: 611 Released: Mon Mar 9 11:51:06 2026 Summary: Security update for python311 Type: security Severity: important References: 1257029,1257031,1257041,1257042,1257044,1257046,1257108,CVE-2025-11468,CVE-2025-12781,CVE-2025-15282,CVE-2025-15366,CVE-2025-15367,CVE-2026-0672,CVE-2026-0865 This update for python311 fixes the following issues: - CVE-2025-11468: preserving parens when folding comments in email headers. (bsc#1257029) - CVE-2026-0672: rejects control characters in http cookies. (bsc#1257031) - CVE-2026-0865: rejecting control characters in wsgiref.headers.Headers, which could be abused for injecting false HTTP headers. (bsc#1257042) - CVE-2025-15366: basically the same as the previous patch for IMAP protocol. (bsc#1257044) - CVE-2025-15282: basically the same as the previous patch for urllib library. (bsc#1257046) - CVE-2025-15367: basically the same as the previous patch for poplib library. (bsc#1257041) - CVE-2025-12781: fix decoding with non-standard Base64 alphabet (bsc#1257108) The following package changes have been done: - SL-Micro-release-6.0-25.73 updated - libpython3_11-1_0-3.11.14-3.1 updated - libz1-1.2.13-7.1 updated - python311-base-3.11.14-3.1 updated - skelcd-EULA-SL-Micro-2024.01.19-8.72 updated From sle-container-updates at lists.suse.com Tue Mar 10 08:20:31 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Tue, 10 Mar 2026 09:20:31 +0100 (CET) Subject: SUSE-IU-2026:1374-1: Security update of suse/sl-micro/6.1/baremetal-os-container Message-ID: <20260310082031.A1AB2F77D@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.1/baremetal-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1374-1 Image Tags : suse/sl-micro/6.1/baremetal-os-container:2.2.1 , suse/sl-micro/6.1/baremetal-os-container:2.2.1-7.66 , suse/sl-micro/6.1/baremetal-os-container:latest Image Release : 7.66 Severity : moderate Type : security References : 1216378 1245292 1247326 1247816 1258392 CVE-2023-45853 CVE-2026-27171 ----------------------------------------------------------------- The container suse/sl-micro/6.1/baremetal-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 432 Released: Mon Mar 9 11:25:10 2026 Summary: Security update for zlib Type: security Severity: moderate References: 1216378,1245292,1247326,1247816,1258392,CVE-2023-45853,CVE-2026-27171 This update for zlib fixes the following issues: - CVE-2026-27171: Fixed an infinite loop via the crc32_combine64 and crc32_combine_gen64 functions due to missing checks for negative lengths. (bsc#1258392) - CVE-2023-45853: Fixed an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_6. (bsc#1216378) The following package changes have been done: - libz1-1.2.13-slfo.1.1_2.1 updated - container:SL-Micro-base-container-2.2.1-5.88 updated From sle-container-updates at lists.suse.com Tue Mar 10 08:21:40 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Tue, 10 Mar 2026 09:21:40 +0100 (CET) Subject: SUSE-IU-2026:1375-1: Security update of suse/sl-micro/6.1/base-os-container Message-ID: <20260310082140.8F559F77D@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.1/base-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1375-1 Image Tags : suse/sl-micro/6.1/base-os-container:2.2.1 , suse/sl-micro/6.1/base-os-container:2.2.1-5.88 , suse/sl-micro/6.1/base-os-container:latest Image Release : 5.88 Severity : moderate Type : security References : 1216378 1245292 1247326 1247816 1258392 CVE-2023-45853 CVE-2026-27171 ----------------------------------------------------------------- The container suse/sl-micro/6.1/base-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 432 Released: Mon Mar 9 11:25:10 2026 Summary: Security update for zlib Type: security Severity: moderate References: 1216378,1245292,1247326,1247816,1258392,CVE-2023-45853,CVE-2026-27171 This update for zlib fixes the following issues: - CVE-2026-27171: Fixed an infinite loop via the crc32_combine64 and crc32_combine_gen64 functions due to missing checks for negative lengths. (bsc#1258392) - CVE-2023-45853: Fixed an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_6. (bsc#1216378) The following package changes have been done: - libz1-1.2.13-slfo.1.1_2.1 updated - container:suse-toolbox-image-1.0.0-5.16 updated From sle-container-updates at lists.suse.com Tue Mar 10 08:22:55 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Tue, 10 Mar 2026 09:22:55 +0100 (CET) Subject: SUSE-IU-2026:1376-1: Security update of suse/sl-micro/6.1/kvm-os-container Message-ID: <20260310082255.71A8BF77D@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.1/kvm-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1376-1 Image Tags : suse/sl-micro/6.1/kvm-os-container:2.2.1 , suse/sl-micro/6.1/kvm-os-container:2.2.1-5.91 , suse/sl-micro/6.1/kvm-os-container:latest Image Release : 5.91 Severity : moderate Type : security References : 1216378 1245292 1247326 1247816 1258392 CVE-2023-45853 CVE-2026-27171 ----------------------------------------------------------------- The container suse/sl-micro/6.1/kvm-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 432 Released: Mon Mar 9 11:25:10 2026 Summary: Security update for zlib Type: security Severity: moderate References: 1216378,1245292,1247326,1247816,1258392,CVE-2023-45853,CVE-2026-27171 This update for zlib fixes the following issues: - CVE-2026-27171: Fixed an infinite loop via the crc32_combine64 and crc32_combine_gen64 functions due to missing checks for negative lengths. (bsc#1258392) - CVE-2023-45853: Fixed an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_6. (bsc#1216378) The following package changes have been done: - libz1-1.2.13-slfo.1.1_2.1 updated - container:SL-Micro-base-container-2.2.1-5.88 updated From sle-container-updates at lists.suse.com Tue Mar 10 08:24:10 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Tue, 10 Mar 2026 09:24:10 +0100 (CET) Subject: SUSE-IU-2026:1377-1: Security update of suse/sl-micro/6.1/rt-os-container Message-ID: <20260310082410.94C4AF77D@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.1/rt-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1377-1 Image Tags : suse/sl-micro/6.1/rt-os-container:2.2.1 , suse/sl-micro/6.1/rt-os-container:2.2.1-5.80 , suse/sl-micro/6.1/rt-os-container:latest Image Release : 5.80 Severity : moderate Type : security References : 1216378 1245292 1247326 1247816 1258392 CVE-2023-45853 CVE-2026-27171 ----------------------------------------------------------------- The container suse/sl-micro/6.1/rt-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 432 Released: Mon Mar 9 11:25:10 2026 Summary: Security update for zlib Type: security Severity: moderate References: 1216378,1245292,1247326,1247816,1258392,CVE-2023-45853,CVE-2026-27171 This update for zlib fixes the following issues: - CVE-2026-27171: Fixed an infinite loop via the crc32_combine64 and crc32_combine_gen64 functions due to missing checks for negative lengths. (bsc#1258392) - CVE-2023-45853: Fixed an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_6. (bsc#1216378) The following package changes have been done: - libz1-1.2.13-slfo.1.1_2.1 updated - container:SL-Micro-container-2.2.1-7.66 updated From sle-container-updates at lists.suse.com Tue Mar 10 08:46:02 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Tue, 10 Mar 2026 09:46:02 +0100 (CET) Subject: SUSE-CU-2026:1546-1: Recommended update of suse/manager/4.3/proxy-httpd Message-ID: <20260310084602.4F148F77D@maintenance.suse.de> SUSE Container Update Advisory: suse/manager/4.3/proxy-httpd ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:1546-1 Container Tags : suse/manager/4.3/proxy-httpd:4.3.16.2 , suse/manager/4.3/proxy-httpd:4.3.16.2.9.73.21 , suse/manager/4.3/proxy-httpd:latest Container Release : 9.73.21 Severity : moderate Type : recommended References : 1253043 1257463 ----------------------------------------------------------------- The container suse/manager/4.3/proxy-httpd was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2025:4362-1 Released: Thu Dec 11 11:08:27 2025 Summary: Recommended update for gcc15 Type: recommended Severity: moderate References: 1253043 This update for gcc15 fixes the following issues: - Enable the use of _dl_find_object even when not available at build time. [bsc#1253043] ----------------------------------------------------------------- Advisory ID: SUSE-RU-2026:791-1 Released: Tue Mar 3 16:59:33 2026 Summary: Recommended update for gcc15 Type: recommended Severity: moderate References: 1257463 This update for gcc15 fixes the following issues: - Fix bogus expression simplification (bsc#1257463) The following package changes have been done: - libgcc_s1-15.2.0+git10201-150000.1.9.1 updated - libstdc++6-15.2.0+git10201-150000.1.9.1 updated - container:sles15-ltss-image-15.4.0-6.7 updated From sle-container-updates at lists.suse.com Tue Mar 10 08:47:30 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Tue, 10 Mar 2026 09:47:30 +0100 (CET) Subject: SUSE-CU-2026:1547-1: Recommended update of suse/manager/4.3/proxy-salt-broker Message-ID: <20260310084730.8BC52F77D@maintenance.suse.de> SUSE Container Update Advisory: suse/manager/4.3/proxy-salt-broker ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:1547-1 Container Tags : suse/manager/4.3/proxy-salt-broker:4.3.16.2 , suse/manager/4.3/proxy-salt-broker:4.3.16.2.9.63.22 , suse/manager/4.3/proxy-salt-broker:latest Container Release : 9.63.22 Severity : moderate Type : recommended References : 1253043 1257463 ----------------------------------------------------------------- The container suse/manager/4.3/proxy-salt-broker was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2025:4362-1 Released: Thu Dec 11 11:08:27 2025 Summary: Recommended update for gcc15 Type: recommended Severity: moderate References: 1253043 This update for gcc15 fixes the following issues: - Enable the use of _dl_find_object even when not available at build time. [bsc#1253043] ----------------------------------------------------------------- Advisory ID: SUSE-RU-2026:791-1 Released: Tue Mar 3 16:59:33 2026 Summary: Recommended update for gcc15 Type: recommended Severity: moderate References: 1257463 This update for gcc15 fixes the following issues: - Fix bogus expression simplification (bsc#1257463) The following package changes have been done: - libgcc_s1-15.2.0+git10201-150000.1.9.1 updated - libstdc++6-15.2.0+git10201-150000.1.9.1 updated - container:sles15-ltss-image-15.4.0-6.7 updated From sle-container-updates at lists.suse.com Tue Mar 10 08:48:53 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Tue, 10 Mar 2026 09:48:53 +0100 (CET) Subject: SUSE-CU-2026:1548-1: Recommended update of suse/manager/4.3/proxy-squid Message-ID: <20260310084853.16DE1F77D@maintenance.suse.de> SUSE Container Update Advisory: suse/manager/4.3/proxy-squid ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:1548-1 Container Tags : suse/manager/4.3/proxy-squid:4.3.16.2 , suse/manager/4.3/proxy-squid:4.3.16.2.9.72.16 , suse/manager/4.3/proxy-squid:latest Container Release : 9.72.16 Severity : moderate Type : recommended References : 1253043 1257463 ----------------------------------------------------------------- The container suse/manager/4.3/proxy-squid was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2025:4362-1 Released: Thu Dec 11 11:08:27 2025 Summary: Recommended update for gcc15 Type: recommended Severity: moderate References: 1253043 This update for gcc15 fixes the following issues: - Enable the use of _dl_find_object even when not available at build time. [bsc#1253043] ----------------------------------------------------------------- Advisory ID: SUSE-RU-2026:791-1 Released: Tue Mar 3 16:59:33 2026 Summary: Recommended update for gcc15 Type: recommended Severity: moderate References: 1257463 This update for gcc15 fixes the following issues: - Fix bogus expression simplification (bsc#1257463) The following package changes have been done: - libgcc_s1-15.2.0+git10201-150000.1.9.1 updated - libstdc++6-15.2.0+git10201-150000.1.9.1 updated - container:sles15-ltss-image-15.4.0-6.7 updated From sle-container-updates at lists.suse.com Tue Mar 10 08:50:24 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Tue, 10 Mar 2026 09:50:24 +0100 (CET) Subject: SUSE-CU-2026:1549-1: Recommended update of suse/manager/4.3/proxy-ssh Message-ID: <20260310085024.4D427F77D@maintenance.suse.de> SUSE Container Update Advisory: suse/manager/4.3/proxy-ssh ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:1549-1 Container Tags : suse/manager/4.3/proxy-ssh:4.3.16.2 , suse/manager/4.3/proxy-ssh:4.3.16.2.9.63.15 , suse/manager/4.3/proxy-ssh:latest Container Release : 9.63.15 Severity : moderate Type : recommended References : 1253043 1257463 ----------------------------------------------------------------- The container suse/manager/4.3/proxy-ssh was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2025:4362-1 Released: Thu Dec 11 11:08:27 2025 Summary: Recommended update for gcc15 Type: recommended Severity: moderate References: 1253043 This update for gcc15 fixes the following issues: - Enable the use of _dl_find_object even when not available at build time. [bsc#1253043] ----------------------------------------------------------------- Advisory ID: SUSE-RU-2026:791-1 Released: Tue Mar 3 16:59:33 2026 Summary: Recommended update for gcc15 Type: recommended Severity: moderate References: 1257463 This update for gcc15 fixes the following issues: - Fix bogus expression simplification (bsc#1257463) The following package changes have been done: - libgcc_s1-15.2.0+git10201-150000.1.9.1 updated - libstdc++6-15.2.0+git10201-150000.1.9.1 updated - container:sles15-ltss-image-15.4.0-6.7 updated From sle-container-updates at lists.suse.com Tue Mar 10 08:51:52 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Tue, 10 Mar 2026 09:51:52 +0100 (CET) Subject: SUSE-CU-2026:1550-1: Recommended update of suse/manager/4.3/proxy-tftpd Message-ID: <20260310085152.EC536F77D@maintenance.suse.de> SUSE Container Update Advisory: suse/manager/4.3/proxy-tftpd ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:1550-1 Container Tags : suse/manager/4.3/proxy-tftpd:4.3.16.2 , suse/manager/4.3/proxy-tftpd:4.3.16.2.9.63.16 , suse/manager/4.3/proxy-tftpd:latest Container Release : 9.63.16 Severity : moderate Type : recommended References : 1253043 1257463 ----------------------------------------------------------------- The container suse/manager/4.3/proxy-tftpd was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2025:4362-1 Released: Thu Dec 11 11:08:27 2025 Summary: Recommended update for gcc15 Type: recommended Severity: moderate References: 1253043 This update for gcc15 fixes the following issues: - Enable the use of _dl_find_object even when not available at build time. [bsc#1253043] ----------------------------------------------------------------- Advisory ID: SUSE-RU-2026:791-1 Released: Tue Mar 3 16:59:33 2026 Summary: Recommended update for gcc15 Type: recommended Severity: moderate References: 1257463 This update for gcc15 fixes the following issues: - Fix bogus expression simplification (bsc#1257463) The following package changes have been done: - libgcc_s1-15.2.0+git10201-150000.1.9.1 updated - libstdc++6-15.2.0+git10201-150000.1.9.1 updated - container:sles15-ltss-image-15.4.0-6.7 updated From sle-container-updates at lists.suse.com Tue Mar 10 15:17:29 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Tue, 10 Mar 2026 16:17:29 +0100 (CET) Subject: SUSE-IU-2026:1378-1: Security update of suse/sle-micro/base-5.5 Message-ID: <20260310151729.26570F77D@maintenance.suse.de> SUSE Image Update Advisory: suse/sle-micro/base-5.5 ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1378-1 Image Tags : suse/sle-micro/base-5.5:2.0.4 , suse/sle-micro/base-5.5:2.0.4-5.8.250 , suse/sle-micro/base-5.5:latest Image Release : 5.8.250 Severity : moderate Type : security References : 1258859 CVE-2026-3184 ----------------------------------------------------------------- The container suse/sle-micro/base-5.5 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2026:856-1 Released: Tue Mar 10 09:35:24 2026 Summary: Security update for util-linux Type: security Severity: moderate References: 1258859,CVE-2026-3184 This update for util-linux fixes the following issues: - CVE-2026-3184: Fix full hostname usage for PAM to ensure correct access control for 'login -h' (bsc#1258859). The following package changes have been done: - libuuid1-2.37.4-150500.9.23.1 updated - libsmartcols1-2.37.4-150500.9.23.1 updated - libblkid1-2.37.4-150500.9.23.1 updated - libfdisk1-2.37.4-150500.9.23.1 updated - libmount1-2.37.4-150500.9.23.1 updated - util-linux-2.37.4-150500.9.23.1 updated - util-linux-systemd-2.37.4-150500.9.23.1 updated From sle-container-updates at lists.suse.com Tue Mar 10 15:19:17 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Tue, 10 Mar 2026 16:19:17 +0100 (CET) Subject: SUSE-IU-2026:1379-1: Security update of suse/sle-micro/kvm-5.5 Message-ID: <20260310151917.20964F77D@maintenance.suse.de> SUSE Image Update Advisory: suse/sle-micro/kvm-5.5 ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1379-1 Image Tags : suse/sle-micro/kvm-5.5:2.0.4 , suse/sle-micro/kvm-5.5:2.0.4-3.5.480 , suse/sle-micro/kvm-5.5:latest Image Release : 3.5.480 Severity : moderate Type : security References : 1258859 CVE-2026-3184 ----------------------------------------------------------------- The container suse/sle-micro/kvm-5.5 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2026:856-1 Released: Tue Mar 10 09:35:24 2026 Summary: Security update for util-linux Type: security Severity: moderate References: 1258859,CVE-2026-3184 This update for util-linux fixes the following issues: - CVE-2026-3184: Fix full hostname usage for PAM to ensure correct access control for 'login -h' (bsc#1258859). The following package changes have been done: - libuuid1-2.37.4-150500.9.23.1 updated - libsmartcols1-2.37.4-150500.9.23.1 updated - libblkid1-2.37.4-150500.9.23.1 updated - libfdisk1-2.37.4-150500.9.23.1 updated - libmount1-2.37.4-150500.9.23.1 updated - util-linux-2.37.4-150500.9.23.1 updated - util-linux-systemd-2.37.4-150500.9.23.1 updated - container:suse-sle-micro-base-5.5-latest-2.0.4-5.8.250 updated From sle-container-updates at lists.suse.com Tue Mar 10 15:25:25 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Tue, 10 Mar 2026 16:25:25 +0100 (CET) Subject: SUSE-IU-2026:1381-1: Security update of suse/sl-micro/6.0/baremetal-os-container Message-ID: <20260310152525.7FEB5F77D@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.0/baremetal-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1381-1 Image Tags : suse/sl-micro/6.0/baremetal-os-container:2.1.3 , suse/sl-micro/6.0/baremetal-os-container:2.1.3-6.135 , suse/sl-micro/6.0/baremetal-os-container:latest Image Release : 6.135 Severity : moderate Type : security References : 1258859 CVE-2026-3184 ----------------------------------------------------------------- The container suse/sl-micro/6.0/baremetal-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 612 Released: Tue Mar 10 09:40:03 2026 Summary: Security update for util-linux Type: security Severity: moderate References: 1258859,CVE-2026-3184 This update for util-linux fixes the following issue: - CVE-2026-3184: access control bypass due to improper hostname canonicalization in `login` (bsc#1258859). The following package changes have been done: - libuuid1-2.39.3-5.1 updated - libsmartcols1-2.39.3-5.1 updated - libblkid1-2.39.3-5.1 updated - libfdisk1-2.39.3-5.1 updated - libmount1-2.39.3-5.1 updated - util-linux-2.39.3-5.1 updated - SL-Micro-release-6.0-25.74 updated - util-linux-systemd-2.39.3-5.1 updated - container:SL-Micro-base-container-2.1.3-7.103 updated From sle-container-updates at lists.suse.com Tue Mar 10 15:26:52 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Tue, 10 Mar 2026 16:26:52 +0100 (CET) Subject: SUSE-IU-2026:1382-1: Security update of suse/sl-micro/6.0/base-os-container Message-ID: <20260310152652.A6D32F77D@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.0/base-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1382-1 Image Tags : suse/sl-micro/6.0/base-os-container:2.1.3 , suse/sl-micro/6.0/base-os-container:2.1.3-7.103 , suse/sl-micro/6.0/base-os-container:latest Image Release : 7.103 Severity : moderate Type : security References : 1258859 CVE-2026-3184 ----------------------------------------------------------------- The container suse/sl-micro/6.0/base-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 612 Released: Tue Mar 10 09:40:03 2026 Summary: Security update for util-linux Type: security Severity: moderate References: 1258859,CVE-2026-3184 This update for util-linux fixes the following issue: - CVE-2026-3184: access control bypass due to improper hostname canonicalization in `login` (bsc#1258859). The following package changes have been done: - libuuid1-2.39.3-5.1 updated - libsmartcols1-2.39.3-5.1 updated - libblkid1-2.39.3-5.1 updated - libfdisk1-2.39.3-5.1 updated - libmount1-2.39.3-5.1 updated - util-linux-2.39.3-5.1 updated - SL-Micro-release-6.0-25.74 updated - util-linux-systemd-2.39.3-5.1 updated - container:suse-toolbox-image-1.0.0-9.74 updated From sle-container-updates at lists.suse.com Tue Mar 10 15:28:24 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Tue, 10 Mar 2026 16:28:24 +0100 (CET) Subject: SUSE-IU-2026:1383-1: Security update of suse/sl-micro/6.0/kvm-os-container Message-ID: <20260310152824.741A1F77D@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.0/kvm-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1383-1 Image Tags : suse/sl-micro/6.0/kvm-os-container:2.1.3 , suse/sl-micro/6.0/kvm-os-container:2.1.3-6.121 , suse/sl-micro/6.0/kvm-os-container:latest Image Release : 6.121 Severity : moderate Type : security References : 1258859 CVE-2026-3184 ----------------------------------------------------------------- The container suse/sl-micro/6.0/kvm-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 612 Released: Tue Mar 10 09:40:03 2026 Summary: Security update for util-linux Type: security Severity: moderate References: 1258859,CVE-2026-3184 This update for util-linux fixes the following issue: - CVE-2026-3184: access control bypass due to improper hostname canonicalization in `login` (bsc#1258859). The following package changes have been done: - libuuid1-2.39.3-5.1 updated - libsmartcols1-2.39.3-5.1 updated - libblkid1-2.39.3-5.1 updated - libfdisk1-2.39.3-5.1 updated - libmount1-2.39.3-5.1 updated - util-linux-2.39.3-5.1 updated - SL-Micro-release-6.0-25.74 updated - util-linux-systemd-2.39.3-5.1 updated - container:SL-Micro-base-container-2.1.3-7.103 updated From sle-container-updates at lists.suse.com Tue Mar 10 15:30:05 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Tue, 10 Mar 2026 16:30:05 +0100 (CET) Subject: SUSE-IU-2026:1384-1: Security update of suse/sl-micro/6.0/rt-os-container Message-ID: <20260310153005.D32A0F77D@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.0/rt-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1384-1 Image Tags : suse/sl-micro/6.0/rt-os-container:2.1.3 , suse/sl-micro/6.0/rt-os-container:2.1.3-7.136 , suse/sl-micro/6.0/rt-os-container:latest Image Release : 7.136 Severity : moderate Type : security References : 1258859 CVE-2026-3184 ----------------------------------------------------------------- The container suse/sl-micro/6.0/rt-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 612 Released: Tue Mar 10 09:40:03 2026 Summary: Security update for util-linux Type: security Severity: moderate References: 1258859,CVE-2026-3184 This update for util-linux fixes the following issue: - CVE-2026-3184: access control bypass due to improper hostname canonicalization in `login` (bsc#1258859). The following package changes have been done: - libuuid1-2.39.3-5.1 updated - libsmartcols1-2.39.3-5.1 updated - libblkid1-2.39.3-5.1 updated - libfdisk1-2.39.3-5.1 updated - libmount1-2.39.3-5.1 updated - util-linux-2.39.3-5.1 updated - SL-Micro-release-6.0-25.74 updated - util-linux-systemd-2.39.3-5.1 updated - container:SL-Micro-container-2.1.3-6.135 updated From sle-container-updates at lists.suse.com Tue Mar 10 15:34:40 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Tue, 10 Mar 2026 16:34:40 +0100 (CET) Subject: SUSE-CU-2026:1556-1: Security update of suse/sl-micro/6.0/toolbox Message-ID: <20260310153440.9DF5DF77D@maintenance.suse.de> SUSE Container Update Advisory: suse/sl-micro/6.0/toolbox ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:1556-1 Container Tags : suse/sl-micro/6.0/toolbox:13.2 , suse/sl-micro/6.0/toolbox:13.2-9.74 , suse/sl-micro/6.0/toolbox:latest Container Release : 9.74 Severity : moderate Type : security References : 1258859 CVE-2026-3184 ----------------------------------------------------------------- The container suse/sl-micro/6.0/toolbox was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 612 Released: Tue Mar 10 09:40:03 2026 Summary: Security update for util-linux Type: security Severity: moderate References: 1258859,CVE-2026-3184 This update for util-linux fixes the following issue: - CVE-2026-3184: access control bypass due to improper hostname canonicalization in `login` (bsc#1258859). The following package changes have been done: - SL-Micro-release-6.0-25.74 updated - libblkid1-2.39.3-5.1 updated - libfdisk1-2.39.3-5.1 updated - libmount1-2.39.3-5.1 updated - libsmartcols1-2.39.3-5.1 updated - libuuid1-2.39.3-5.1 updated - skelcd-EULA-SL-Micro-2024.01.19-8.73 updated - util-linux-2.39.3-5.1 updated From sle-container-updates at lists.suse.com Tue Mar 10 15:47:38 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Tue, 10 Mar 2026 16:47:38 +0100 (CET) Subject: SUSE-CU-2026:1550-1: Recommended update of suse/manager/4.3/proxy-tftpd Message-ID: <20260310154738.6D5B9F77D@maintenance.suse.de> SUSE Container Update Advisory: suse/manager/4.3/proxy-tftpd ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:1550-1 Container Tags : suse/manager/4.3/proxy-tftpd:4.3.16.2 , suse/manager/4.3/proxy-tftpd:4.3.16.2.9.63.16 , suse/manager/4.3/proxy-tftpd:latest Container Release : 9.63.16 Severity : moderate Type : recommended References : 1253043 1257463 ----------------------------------------------------------------- The container suse/manager/4.3/proxy-tftpd was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2025:4362-1 Released: Thu Dec 11 11:08:27 2025 Summary: Recommended update for gcc15 Type: recommended Severity: moderate References: 1253043 This update for gcc15 fixes the following issues: - Enable the use of _dl_find_object even when not available at build time. [bsc#1253043] ----------------------------------------------------------------- Advisory ID: SUSE-RU-2026:791-1 Released: Tue Mar 3 16:59:33 2026 Summary: Recommended update for gcc15 Type: recommended Severity: moderate References: 1257463 This update for gcc15 fixes the following issues: - Fix bogus expression simplification (bsc#1257463) The following package changes have been done: - libgcc_s1-15.2.0+git10201-150000.1.9.1 updated - libstdc++6-15.2.0+git10201-150000.1.9.1 updated - container:sles15-ltss-image-15.4.0-6.7 updated From sle-container-updates at lists.suse.com Tue Mar 10 15:55:18 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Tue, 10 Mar 2026 16:55:18 +0100 (CET) Subject: SUSE-CU-2026:1558-1: Security update of suse/sle-micro/5.2/toolbox Message-ID: <20260310155518.196C2F77D@maintenance.suse.de> SUSE Container Update Advisory: suse/sle-micro/5.2/toolbox ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:1558-1 Container Tags : suse/sle-micro/5.2/toolbox:14.2 , suse/sle-micro/5.2/toolbox:14.2-7.11.251 , suse/sle-micro/5.2/toolbox:latest Container Release : 7.11.251 Severity : moderate Type : security References : 1258859 CVE-2026-3184 ----------------------------------------------------------------- The container suse/sle-micro/5.2/toolbox was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2026:857-1 Released: Tue Mar 10 12:01:28 2026 Summary: Security update for util-linux Type: security Severity: moderate References: 1258859,CVE-2026-3184 This update for util-linux fixes the following issues: - CVE-2026-3184: Fix full hostname usage for PAM to ensure correct access control for 'login -h' (bsc#1258859). The following package changes have been done: - libblkid1-2.36.2-150300.4.53.1 updated - libfdisk1-2.36.2-150300.4.53.1 updated - libmount1-2.36.2-150300.4.53.1 updated - libsmartcols1-2.36.2-150300.4.53.1 updated - libuuid1-2.36.2-150300.4.53.1 updated - util-linux-2.36.2-150300.4.53.1 updated From sle-container-updates at lists.suse.com Wed Mar 11 08:06:15 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Wed, 11 Mar 2026 09:06:15 +0100 (CET) Subject: SUSE-IU-2026:1387-1: Security update of suse/sl-micro/6.0/kvm-os-container Message-ID: <20260311080615.148A9FB98@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.0/kvm-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1387-1 Image Tags : suse/sl-micro/6.0/kvm-os-container:2.1.3 , suse/sl-micro/6.0/kvm-os-container:2.1.3-6.122 , suse/sl-micro/6.0/kvm-os-container:latest Image Release : 6.122 Severity : moderate Type : security References : 1255400 1256484 CVE-2025-14876 CVE-2026-0665 ----------------------------------------------------------------- The container suse/sl-micro/6.0/kvm-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 614 Released: Tue Mar 10 19:34:11 2026 Summary: Security update for qemu Type: security Severity: moderate References: 1255400,1256484,CVE-2025-14876,CVE-2026-0665 This update for qemu fixes the following issues: - CVE-2025-14876: Fixed unbounded allocation in virtio-crypto. (bsc#1255400) - CVE-2026-0665: Fixed PIRQ bounds check in xen_physdev_map_pirq. (bsc#1256484) The following package changes have been done: - qemu-guest-agent-8.2.10-2.1 updated From sle-container-updates at lists.suse.com Wed Mar 11 08:08:32 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Wed, 11 Mar 2026 09:08:32 +0100 (CET) Subject: SUSE-IU-2026:1388-1: Security update of suse/sl-micro/6.1/baremetal-os-container Message-ID: <20260311080832.29EA3FB98@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.1/baremetal-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1388-1 Image Tags : suse/sl-micro/6.1/baremetal-os-container:2.2.1 , suse/sl-micro/6.1/baremetal-os-container:2.2.1-7.67 , suse/sl-micro/6.1/baremetal-os-container:latest Image Release : 7.67 Severity : important Type : security References : 1229122 1245223 1246118 1246912 1247719 1247720 1247816 1251198 1251199 1257029 1257031 1257041 1257042 1257044 1257046 1257108 1258166 1258859 CVE-2025-11468 CVE-2025-12781 CVE-2025-15282 CVE-2025-15366 CVE-2025-15367 CVE-2025-4674 CVE-2025-47906 CVE-2025-47907 CVE-2025-61984 CVE-2025-61985 CVE-2026-0672 CVE-2026-0865 CVE-2026-3184 ----------------------------------------------------------------- The container suse/sl-micro/6.1/baremetal-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 437 Released: Tue Mar 10 19:41:43 2026 Summary: Security update for openssh Type: security Severity: moderate References: 1246912,1251198,1251199,1258166,CVE-2025-61984,CVE-2025-61985 This update for openssh fixes the following issues: - CVE-2025-61984: code execution via control characters in usernames when a ProxyCommand is used (bsc#1251198). - CVE-2025-61985: code execution via '\0' character in ssh: // URI when a ProxyCommand is used (bsc#1251199). ----------------------------------------------------------------- Advisory ID: 435 Released: Tue Mar 10 19:43:23 2026 Summary: Security update for util-linux Type: security Severity: moderate References: 1229122,1246118,1247719,1247720,1247816,1258859,CVE-2025-4674,CVE-2025-47906,CVE-2025-47907,CVE-2026-3184 This update for util-linux fixes the following issue: - CVE-2026-3184: access control bypass due to improper hostname canonicalization in `login` (bsc#1258859). ----------------------------------------------------------------- Advisory ID: 434 Released: Tue Mar 10 20:08:57 2026 Summary: Security update for python311 Type: security Severity: important References: 1245223,1257029,1257031,1257041,1257042,1257044,1257046,1257108,CVE-2025-11468,CVE-2025-12781,CVE-2025-15282,CVE-2025-15366,CVE-2025-15367,CVE-2026-0672,CVE-2026-0865 This update for python311 fixes the following issues: - CVE-2025-11468: preserving parens when folding comments in email headers. (bsc#1257029) - CVE-2026-0672: rejects control characters in http cookies. (bsc#1257031) - CVE-2026-0865: rejecting control characters in wsgiref.headers.Headers, which could be abused for injecting false HTTP headers. (bsc#1257042) - CVE-2025-15366: basically the same as the previous patch for IMAP protocol. (bsc#1257044) - CVE-2025-15282: basically the same as the previous patch for urllib library. (bsc#1257046) - CVE-2025-15367: basically the same as the previous patch for poplib library. (bsc#1257041) - CVE-2025-12781: fix decoding with non-standard Base64 alphabet (bsc#1257108) The following package changes have been done: - libuuid1-2.40.4-slfo.1.1_4.1 updated - libsmartcols1-2.40.4-slfo.1.1_4.1 updated - libblkid1-2.40.4-slfo.1.1_4.1 updated - libmount1-2.40.4-slfo.1.1_4.1 updated - libfdisk1-2.40.4-slfo.1.1_4.1 updated - util-linux-2.40.4-slfo.1.1_4.1 updated - SL-Micro-release-6.1-slfo.1.12.15 updated - util-linux-systemd-2.40.4-slfo.1.1_4.1 updated - gpg2-2.4.4-slfo.1.1_8.1 updated - openssh-common-9.6p1-slfo.1.1_3.1 updated - python311-base-3.11.14-slfo.1.1_3.1 updated - libpython3_11-1_0-3.11.14-slfo.1.1_3.1 updated - openssh-server-9.6p1-slfo.1.1_3.1 updated - openssh-clients-9.6p1-slfo.1.1_3.1 updated - python311-3.11.14-slfo.1.1_3.1 updated - openssh-9.6p1-slfo.1.1_3.1 updated - container:SL-Micro-base-container-2.2.1-5.89 updated From sle-container-updates at lists.suse.com Wed Mar 11 08:09:41 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Wed, 11 Mar 2026 09:09:41 +0100 (CET) Subject: SUSE-IU-2026:1389-1: Security update of suse/sl-micro/6.1/base-os-container Message-ID: <20260311080941.0E735FB98@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.1/base-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1389-1 Image Tags : suse/sl-micro/6.1/base-os-container:2.2.1 , suse/sl-micro/6.1/base-os-container:2.2.1-5.89 , suse/sl-micro/6.1/base-os-container:latest Image Release : 5.89 Severity : moderate Type : security References : 1229122 1246118 1247249 1247719 1247720 1247816 1251214 1258859 CVE-2025-4674 CVE-2025-47906 CVE-2025-47907 CVE-2025-8194 CVE-2026-3184 ----------------------------------------------------------------- The container suse/sl-micro/6.1/base-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 438 Released: Tue Mar 10 19:41:44 2026 Summary: Recommended update for gpg2 Type: recommended Severity: moderate References: 1247249,1251214,CVE-2025-8194 This update for gpg2 fixes the following issues: Changes for gpg2: - Fix Y2K38 FTBFS: * gpg2 quick-key-manipulation test FTBFS-2038 (bsc#1251214) * Upstream issue: dev.gnupg.org/T8096 ----------------------------------------------------------------- Advisory ID: 435 Released: Tue Mar 10 19:43:23 2026 Summary: Security update for util-linux Type: security Severity: moderate References: 1229122,1246118,1247719,1247720,1247816,1258859,CVE-2025-4674,CVE-2025-47906,CVE-2025-47907,CVE-2026-3184 This update for util-linux fixes the following issue: - CVE-2026-3184: access control bypass due to improper hostname canonicalization in `login` (bsc#1258859). The following package changes have been done: - libuuid1-2.40.4-slfo.1.1_4.1 updated - libsmartcols1-2.40.4-slfo.1.1_4.1 updated - libblkid1-2.40.4-slfo.1.1_4.1 updated - libmount1-2.40.4-slfo.1.1_4.1 updated - libfdisk1-2.40.4-slfo.1.1_4.1 updated - util-linux-2.40.4-slfo.1.1_4.1 updated - SL-Micro-release-6.1-slfo.1.12.15 updated - util-linux-systemd-2.40.4-slfo.1.1_4.1 updated - gpg2-2.4.4-slfo.1.1_8.1 updated - container:suse-toolbox-image-1.0.0-5.17 updated From sle-container-updates at lists.suse.com Wed Mar 11 08:10:58 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Wed, 11 Mar 2026 09:10:58 +0100 (CET) Subject: SUSE-IU-2026:1390-1: Security update of suse/sl-micro/6.1/kvm-os-container Message-ID: <20260311081058.01018FB98@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.1/kvm-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1390-1 Image Tags : suse/sl-micro/6.1/kvm-os-container:2.2.1 , suse/sl-micro/6.1/kvm-os-container:2.2.1-5.92 , suse/sl-micro/6.1/kvm-os-container:latest Image Release : 5.92 Severity : moderate Type : security References : 1229122 1246118 1247719 1247720 1247816 1258859 CVE-2025-4674 CVE-2025-47906 CVE-2025-47907 CVE-2026-3184 ----------------------------------------------------------------- The container suse/sl-micro/6.1/kvm-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 435 Released: Tue Mar 10 19:43:23 2026 Summary: Security update for util-linux Type: security Severity: moderate References: 1229122,1246118,1247719,1247720,1247816,1258859,CVE-2025-4674,CVE-2025-47906,CVE-2025-47907,CVE-2026-3184 This update for util-linux fixes the following issue: - CVE-2026-3184: access control bypass due to improper hostname canonicalization in `login` (bsc#1258859). The following package changes have been done: - libuuid1-2.40.4-slfo.1.1_4.1 updated - libsmartcols1-2.40.4-slfo.1.1_4.1 updated - libblkid1-2.40.4-slfo.1.1_4.1 updated - libmount1-2.40.4-slfo.1.1_4.1 updated - libfdisk1-2.40.4-slfo.1.1_4.1 updated - util-linux-2.40.4-slfo.1.1_4.1 updated - SL-Micro-release-6.1-slfo.1.12.15 updated - util-linux-systemd-2.40.4-slfo.1.1_4.1 updated - container:SL-Micro-base-container-2.2.1-5.89 updated From sle-container-updates at lists.suse.com Wed Mar 11 08:12:15 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Wed, 11 Mar 2026 09:12:15 +0100 (CET) Subject: SUSE-IU-2026:1391-1: Security update of suse/sl-micro/6.1/rt-os-container Message-ID: <20260311081215.C5403FB98@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.1/rt-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1391-1 Image Tags : suse/sl-micro/6.1/rt-os-container:2.2.1 , suse/sl-micro/6.1/rt-os-container:2.2.1-5.81 , suse/sl-micro/6.1/rt-os-container:latest Image Release : 5.81 Severity : moderate Type : security References : 1229122 1246118 1247719 1247720 1247816 1258859 CVE-2025-4674 CVE-2025-47906 CVE-2025-47907 CVE-2026-3184 ----------------------------------------------------------------- The container suse/sl-micro/6.1/rt-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 435 Released: Tue Mar 10 19:43:23 2026 Summary: Security update for util-linux Type: security Severity: moderate References: 1229122,1246118,1247719,1247720,1247816,1258859,CVE-2025-4674,CVE-2025-47906,CVE-2025-47907,CVE-2026-3184 This update for util-linux fixes the following issue: - CVE-2026-3184: access control bypass due to improper hostname canonicalization in `login` (bsc#1258859). The following package changes have been done: - libuuid1-2.40.4-slfo.1.1_4.1 updated - libsmartcols1-2.40.4-slfo.1.1_4.1 updated - libblkid1-2.40.4-slfo.1.1_4.1 updated - libmount1-2.40.4-slfo.1.1_4.1 updated - libfdisk1-2.40.4-slfo.1.1_4.1 updated - util-linux-2.40.4-slfo.1.1_4.1 updated - SL-Micro-release-6.1-slfo.1.12.15 updated - util-linux-systemd-2.40.4-slfo.1.1_4.1 updated - container:SL-Micro-container-2.2.1-7.67 updated From sle-container-updates at lists.suse.com Thu Mar 12 08:09:14 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Thu, 12 Mar 2026 09:09:14 +0100 (CET) Subject: SUSE-CU-2026:1576-1: Recommended update of private-registry/harbor-trivy-adapter Message-ID: <20260312080914.D8B20FB98@maintenance.suse.de> SUSE Container Update Advisory: private-registry/harbor-trivy-adapter ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:1576-1 Container Tags : private-registry/harbor-trivy-adapter:1.1.1 , private-registry/harbor-trivy-adapter:1.1.1-1.41 , private-registry/harbor-trivy-adapter:latest Container Release : 1.41 Severity : moderate Type : recommended References : ----------------------------------------------------------------- The container private-registry/harbor-trivy-adapter was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2026:863-1 Released: Wed Mar 11 13:41:48 2026 Summary: Recommended update for openldap2 Type: recommended Severity: moderate References: This update for openldap2 fixes the following issues: - expose ldap_log.h in -devel (jsc#PED-15735) The following package changes have been done: - libldap-data-2.4.46-150600.25.3.1 updated - libldap-2_4-2-2.4.46-150600.25.3.1 updated From sle-container-updates at lists.suse.com Thu Mar 12 08:10:43 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Thu, 12 Mar 2026 09:10:43 +0100 (CET) Subject: SUSE-IU-2026:1395-1: Security update of suse/sl-micro/6.0/baremetal-os-container Message-ID: <20260312081043.140BCFB98@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.0/baremetal-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1395-1 Image Tags : suse/sl-micro/6.0/baremetal-os-container:2.1.3 , suse/sl-micro/6.0/baremetal-os-container:2.1.3-6.137 , suse/sl-micro/6.0/baremetal-os-container:latest Image Release : 6.137 Severity : moderate Type : security References : 1246602 1258229 CVE-2025-53906 CVE-2026-26269 ----------------------------------------------------------------- The container suse/sl-micro/6.0/baremetal-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 615 Released: Wed Mar 11 12:16:01 2026 Summary: Security update for vim Type: security Severity: moderate References: 1246602,1258229,CVE-2025-53906,CVE-2026-26269 This update for vim fixes the following issues: Update Vim to version 9.2.0045: - CVE-2025-53906: malicious zip archive may cause a path traversal in Vim's zip (bsc#1246602). - CVE-2026-26269: Netbeans specialKeys stack buffer overflow (bsc#1258229). The following package changes have been done: - vim-data-common-9.2.0045-1.1 updated - vim-small-9.2.0045-1.1 updated - container:SL-Micro-base-container-2.1.3-7.104 updated From sle-container-updates at lists.suse.com Thu Mar 12 08:12:03 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Thu, 12 Mar 2026 09:12:03 +0100 (CET) Subject: SUSE-IU-2026:1398-1: Security update of suse/sl-micro/6.0/base-os-container Message-ID: <20260312081203.7438FFB98@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.0/base-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1398-1 Image Tags : suse/sl-micro/6.0/base-os-container:2.1.3 , suse/sl-micro/6.0/base-os-container:2.1.3-7.105 , suse/sl-micro/6.0/base-os-container:latest Image Release : 7.105 Severity : important Type : security References : 1241345 1243055 1249587 1251966 1252911 1252924 1253691 1254992 1255129 1255265 1255379 1255530 1255698 1256564 1256640 1256679 1256683 1256708 1256716 1256755 1256802 1256863 1257159 1257179 1257209 1257228 1257231 1257246 1257552 1257554 1257557 1257559 1257560 1257562 1257570 1257573 1257576 1257579 1257580 1257586 1257635 1257679 1257687 1257704 1257706 1257707 1257714 1257715 1257716 1257718 1257722 1257723 1257729 1257735 1257739 1257740 1257741 1257743 1257745 1257749 1257750 1257757 1257758 1257759 1257761 1257762 1257763 1257765 1257768 1257770 1257772 1257775 1257776 1257788 1257789 1257790 1257805 1257808 1257809 1257811 1257813 1257816 1257830 1257891 1257942 1257952 1258153 1258181 1258184 1258222 1258234 1258237 1258245 1258249 1258252 1258256 1258259 1258272 1258273 1258277 1258278 1258279 1258299 1258304 1258309 1258313 1258317 1258321 1258326 1258338 1258349 1258354 1258358 1258374 1258377 1258379 1258394 1258395 1258397 1258411 1258415 1258419 1258422 1258424 1258429 1258442 1258464 1258465 1258468 1258469 1258484 1258518 1258519 1258520 1258524 1258544 1258660 1258824 1258928 1259070 CVE-2023-53817 CVE-2025-37861 CVE-2025-39748 CVE-2025-39964 CVE-2025-40099 CVE-2025-40103 CVE-2025-68283 CVE-2025-68295 CVE-2025-68374 CVE-2025-68736 CVE-2025-68778 CVE-2025-68785 CVE-2025-68810 CVE-2025-71071 CVE-2025-71104 CVE-2025-71113 CVE-2025-71126 CVE-2025-71148 CVE-2025-71182 CVE-2025-71184 CVE-2025-71185 CVE-2025-71188 CVE-2025-71189 CVE-2025-71190 CVE-2025-71191 CVE-2025-71192 CVE-2025-71194 CVE-2025-71195 CVE-2025-71196 CVE-2025-71197 CVE-2025-71198 CVE-2025-71199 CVE-2025-71200 CVE-2025-71222 CVE-2025-71224 CVE-2025-71225 CVE-2025-71229 CVE-2025-71231 CVE-2025-71232 CVE-2025-71234 CVE-2025-71235 CVE-2025-71236 CVE-2026-22979 CVE-2026-22982 CVE-2026-22998 CVE-2026-23003 CVE-2026-23004 CVE-2026-23017 CVE-2026-23021 CVE-2026-23026 CVE-2026-23033 CVE-2026-23035 CVE-2026-23037 CVE-2026-23049 CVE-2026-23053 CVE-2026-23056 CVE-2026-23057 CVE-2026-23058 CVE-2026-23060 CVE-2026-23061 CVE-2026-23063 CVE-2026-23064 CVE-2026-23068 CVE-2026-23071 CVE-2026-23073 CVE-2026-23074 CVE-2026-23076 CVE-2026-23078 CVE-2026-23080 CVE-2026-23082 CVE-2026-23083 CVE-2026-23084 CVE-2026-23085 CVE-2026-23086 CVE-2026-23089 CVE-2026-23090 CVE-2026-23091 CVE-2026-23094 CVE-2026-23095 CVE-2026-23096 CVE-2026-23099 CVE-2026-23101 CVE-2026-23102 CVE-2026-23104 CVE-2026-23105 CVE-2026-23107 CVE-2026-23108 CVE-2026-23110 CVE-2026-23111 CVE-2026-23112 CVE-2026-23113 CVE-2026-23116 CVE-2026-23119 CVE-2026-23121 CVE-2026-23129 CVE-2026-23133 CVE-2026-23135 CVE-2026-23139 CVE-2026-23141 CVE-2026-23145 CVE-2026-23146 CVE-2026-23150 CVE-2026-23151 CVE-2026-23152 CVE-2026-23155 CVE-2026-23156 CVE-2026-23163 CVE-2026-23166 CVE-2026-23167 CVE-2026-23170 CVE-2026-23171 CVE-2026-23172 CVE-2026-23173 CVE-2026-23176 CVE-2026-23178 CVE-2026-23179 CVE-2026-23182 CVE-2026-23190 CVE-2026-23191 CVE-2026-23198 CVE-2026-23202 CVE-2026-23207 CVE-2026-23208 CVE-2026-23209 CVE-2026-23213 CVE-2026-23214 CVE-2026-23221 CVE-2026-23222 CVE-2026-23229 ----------------------------------------------------------------- The container suse/sl-micro/6.0/base-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: kernel-291 Released: Wed Mar 11 17:03:14 2026 Summary: Security update for the Linux Kernel Type: security Severity: important References: 1241345,1243055,1249587,1251966,1252911,1252924,1253691,1254992,1255129,1255265,1255379,1255530,1255698,1256564,1256640,1256679,1256683,1256708,1256716,1256755,1256802,1256863,1257159,1257179,1257209,1257228,1257231,1257246,1257552,1257554,1257557,1257559,1257560,1257562,1257570,1257573,1257576,1257579,1257580,1257586,1257635,1257679,1257687,1257704,1257706,1257707,1257714,1257715,1257716,1257718,1257722,1257723,1257729,1257735,1257739,1257740,1257741,1257743,1257745,1257749,1257750,1257757,1257758,1257759,1257761,1257762,1257763,1257765,1257768,1257770,1257772,1257775,1257776,1257788,1257789,1257790,1257805,1257808,1257809,1257811,1257813,1257816,1257830,1257891,1257942,1257952,1258153,1258181,1258184,1258222,1258234,1258237,1258245,1258249,1258252,1258256,1258259,1258272,1258273,1258277,1258278,1258279,1258299,1258304,1258309,1258313,1258317,1258321,1258326,1258338,1258349,1258354,1258358,1258374,1258377,1258379,1258394,1258395,1258397,1258411,1258415,1258419,1258422,1 258424,1258429,1258442,1258464,1258465,1258468,1258469,1258484,1258518,1258519,1258520,1258524,1258544,1258660,1258824,1258928,1259070,CVE-2023-53817,CVE-2025-37861,CVE-2025-39748,CVE-2025-39964,CVE-2025-40099,CVE-2025-40103,CVE-2025-68283,CVE-2025-68295,CVE-2025-68374,CVE-2025-68736,CVE-2025-68778,CVE-2025-68785,CVE-2025-68810,CVE-2025-71071,CVE-2025-71104,CVE-2025-71113,CVE-2025-71126,CVE-2025-71148,CVE-2025-71182,CVE-2025-71184,CVE-2025-71185,CVE-2025-71188,CVE-2025-71189,CVE-2025-71190,CVE-2025-71191,CVE-2025-71192,CVE-2025-71194,CVE-2025-71195,CVE-2025-71196,CVE-2025-71197,CVE-2025-71198,CVE-2025-71199,CVE-2025-71200,CVE-2025-71222,CVE-2025-71224,CVE-2025-71225,CVE-2025-71229,CVE-2025-71231,CVE-2025-71232,CVE-2025-71234,CVE-2025-71235,CVE-2025-71236,CVE-2026-22979,CVE-2026-22982,CVE-2026-22998,CVE-2026-23003,CVE-2026-23004,CVE-2026-23017,CVE-2026-23021,CVE-2026-23026,CVE-2026-23033,CVE-2026-23035,CVE-2026-23037,CVE-2026-23049,CVE-2026-23053,CVE-2026-23056,CVE-2026-23057,CVE-202 6-23058,CVE-2026-23060,CVE-2026-23061,CVE-2026-23063,CVE-2026-23064,CVE-2026-23068,CVE-2026-23071,CVE-2026-23073,CVE-2026-23074,CVE-2026-23076,CVE-2026-23078,CVE-2026-23080,CVE-2026-23082,CVE-2026-23083,CVE-2026-23084,CVE-2026-23085,CVE-2026-23086,CVE-2026-23089,CVE-2026-23090,CVE-2026-23091,CVE-2026-23094,CVE-2026-23095,CVE-2026-23096,CVE-2026-23099,CVE-2026-23101,CVE-2026-23102,CVE-2026-23104,CVE-2026-23105,CVE-2026-23107,CVE-2026-23108,CVE-2026-23110,CVE-2026-23111,CVE-2026-23112,CVE-2026-23113,CVE-2026-23116,CVE-2026-23119,CVE-2026-23121,CVE-2026-23129,CVE-2026-23133,CVE-2026-23135,CVE-2026-23139,CVE-2026-23141,CVE-2026-23145,CVE-2026-23146,CVE-2026-23150,CVE-2026-23151,CVE-2026-23152,CVE-2026-23155,CVE-2026-23156,CVE-2026-23163,CVE-2026-23166,CVE-2026-23167,CVE-2026-23170,CVE-2026-23171,CVE-2026-23172,CVE-2026-23173,CVE-2026-23176,CVE-2026-23178,CVE-2026-23179,CVE-2026-23182,CVE-2026-23190,CVE-2026-23191,CVE-2026-23198,CVE-2026-23202,CVE-2026-23207,CVE-2026-23208,CVE-2026-23209 ,CVE-2026-23213,CVE-2026-23214,CVE-2026-23221,CVE-2026-23222,CVE-2026-23229 The SUSE Linux Enterprise Micro 6.0 and Micro 6.1 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-53817: crypto: lib/mpi - avoid null pointer deref in mpi_cmp_ui() (bsc#1254992). - CVE-2025-37861: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue (bsc#1243055). - CVE-2025-39748: bpf: Forget ranges when refining tnum after JSET (bsc#1249587). - CVE-2025-39964: crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg (bsc#1251966). - CVE-2025-40099: cifs: parse_dfs_referrals: prevent oob on malformed input (bsc#1252911). - CVE-2025-40103: smb: client: Fix refcount leak for cifs_sb_tlink (bsc#1252924). - CVE-2025-68283: libceph: replace BUG_ON with bounds check for map->max_osd (bsc#1255379). - CVE-2025-68295: smb: client: fix memory leak in cifs_construct_tcon() (bsc#1255129). - CVE-2025-68374: md: fix rcu protection in md_wakeup_thread (bsc#1255530). - CVE-2025-68736: landlock: Fix handling of disconnected directories (bsc#1255698). - CVE-2025-68778: btrfs: don't log conflicting inode if it's a dir moved in the current transaction (bsc#1256683). - CVE-2025-68785: net: openvswitch: fix middle attribute validation in push_nsh() action (bsc#1256640). - CVE-2025-68810: KVM: Disallow toggling KVM_MEM_GUEST_MEMFD on an existing memslot (bsc#1256679). - CVE-2025-71071: iommu/mediatek: fix use-after-free on probe deferral (bsc#1256802). - CVE-2025-71104: KVM: x86: Fix VM hard lockup after prolonged inactivity with periodic HV timer (bsc#1256708). - CVE-2025-71113: crypto: af_alg - zero initialize memory allocated via sock_kmalloc (bsc#1256716). - CVE-2025-71126: mptcp: reset fallback status gracefully at disconnect() time (bsc#1256755). - CVE-2025-71148: net/handshake: restore destructor on submit failure (bsc#1257159). - CVE-2025-71184: btrfs: fix NULL dereference on root when tracing inode eviction (bsc#1257635). - CVE-2025-71194: btrfs: fix deadlock in wait_current_trans() due to ignored transaction type (bsc#1257687). - CVE-2025-71225: md: suspend array while updating raid_disks via sysfs (bsc#1258411). - CVE-2026-22979: net: fix memory leak in skb_segment_list for GRO packets (bsc#1257228). - CVE-2026-22982: net: mscc: ocelot: Fix crash when adding interface under a lag (bsc#1257179). - CVE-2026-22998: nvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec (bsc#1257209). - CVE-2026-23003: geneve: Fix incorrect inner network header offset when innerprotoinherit is set (bsc#1257246). - CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1257231). - CVE-2026-23017: idpf: fix error handling in the init_task on load (bsc#1257552). - CVE-2026-23035: net/mlx5e: Pass netdev to mlx5e_destroy_netdev instead of priv (bsc#1257559). - CVE-2026-23053: NFS: Fix a deadlock involving nfs_release_folio() (bsc#1257718). - CVE-2026-23057: vsock/virtio: Coalesce only linear skb (bsc#1257740). - CVE-2026-23060: crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (bsc#1257735). - CVE-2026-23064: net/sched: act_ife: avoid possible NULL deref (bsc#1257765). - CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1257749). - CVE-2026-23083: fou: Don't allow 0 for FOU_ATTR_IPPROTO (bsc#1257745). - CVE-2026-23084: be2net: Fix NULL pointer dereference in be_cmd_get_mac_from_list (bsc#1257830). - CVE-2026-23085: irqchip/gic-v3-its: Avoid truncating memory addresses (bsc#1257758). - CVE-2026-23086: vsock/virtio: cap TX credit to local buffer size (bsc#1257757). - CVE-2026-23089: ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free() (bsc#1257790). - CVE-2026-23095: gue: Fix skb memleak with inner IP protocol 0 (bsc#1257808). - CVE-2026-23099: bonding: limit BOND_MODE_8023AD to Ethernet devices (bsc#1257816). - CVE-2026-23102: arm64/fpsimd: signal: Mandate SVE payload for streaming-mode state (bsc#1257772). - CVE-2026-23104: ice: fix devlink reload call trace (bsc#1257763). - CVE-2026-23105: net/sched: qfq: Use cl_is_active to determine whether class is active in qfq_rm_from_ag (bsc#1257775). - CVE-2026-23107: arm64/fpsimd: signal: Allocate SSVE storage when restoring ZA (bsc#1257762). - CVE-2026-23110: scsi: core: Wake up the error handler when final completions race against each other (bsc#1257761). - CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258181). - CVE-2026-23112: nvmet-tcp: add bounds checks in nvmet_tcp_build_pdu_iovec (bsc#1258184). - CVE-2026-23113: io_uring/io-wq: check IO_WQ_BIT_EXIT inside work run loop (bsc#1258278). - CVE-2026-23116: pmdomain: imx8m-blk-ctrl: Remove separate rst and clk mask for 8mq vpu (bsc#1258277). - CVE-2026-23119: bonding: provide a net pointer to __skb_flow_dissect() (bsc#1258273). - CVE-2026-23139: netfilter: nf_conncount: update last_gc only when GC has been performed (bsc#1258304). - CVE-2026-23141: btrfs: send: check for inline extents in range_is_hole_in_parent() (bsc#1258377). - CVE-2026-23166: ice: Fix NULL pointer dereference in ice_vsi_set_napi_queues (bsc#1258272). - CVE-2026-23171: net: bonding: update the slave array for broadcast mode (bsc#1258349). - CVE-2026-23173: net/mlx5e: TC, delete flows only for existing peers (bsc#1258520). - CVE-2026-23179: nvmet-tcp: fixup hang in nvmet_tcp_listen_data_ready() (bsc#1258394). - CVE-2026-23191: ALSA: aloop: Fix racy access at PCM trigger (bsc#1258395). - CVE-2026-23198: KVM: Don't clobber irqfd routing type when deassigning irqfd (bsc#1258321). - CVE-2026-23208: ALSA: usb-audio: Prevent excessive number of frames (bsc#1258468). - CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258518). - CVE-2026-23213: drm/amd/pm: Disable MMIO access during SMU Mode 1 reset (bsc#1258465). - CVE-2026-23214: btrfs: reject new transactions if the fs is fully read-only (bsc#1258464). The following non security issues were fixed: - ALSA: usb-audio: Update the number of packets properly at receiving (stable-fixes). - ALSA: usb-audio: fix broken logic in snd_audigy2nx_led_update() (git-fixes). - ASoC: SOF: ipc4-control: If there is no data do not send bytes update (git-fixes). - HID: intel-ish-hid: Update ishtp bus match to support device ID table (stable-fixes). - PM: sleep: wakeirq: Update outdated documentation comments (git-fixes). - Update 'drm/mgag200: fix mgag200_bmc_stop_scanout()' bug number (bsc#1258153) - Update upstreamed net and powerpc patch references and sorting - bonding: only set speed/duplex to unknown, if getting speed failed (bsc#1253691). - btrfs: scrub: always update btrfs_scrub_progress::last_physical (git-fixes). - clocksource: Print durations for sync check unconditionally (bsc#1241345). - clocksource: Reduce watchdog readout delay limit to prevent false positives (bsc#1241345). - drm/radeon: delete radeon_fence_process in is_signaled, no deadlock (stable-fixes). - ext4: fix iloc.bh leak in ext4_xattr_inode_update_ref (git-fixes). - landlock: Optimize file path walks and prepare for audit support (bsc#1255698). - media: qcom: camss: vfe: Fix out-of-bounds access in vfe_isr_reg_update() (git-fixes). - shrink_slab_memcg: clear_bits of skipped shrinkers (bsc#1256564). - spi: tegra210-quad: Move curr_xfer read inside spinlock (bsc#1257952) - spi: tegra210-quad: Protect curr_xfer assignment in (bsc#1257952) - spi: tegra210-quad: Protect curr_xfer check in IRQ handler (bsc#1257952) - spi: tegra210-quad: Protect curr_xfer clearing in (bsc#1257952) - spi: tegra210-quad: Protect curr_xfer in tegra_qspi_combined_seq_xfer (bsc#1257952) - spi: tegra210-quad: Return IRQ_HANDLED when timeout already processed (bsc#1257952) - staging: rtl8723bs: fix missing status update on sdio_alloc_irq() failure (stable-fixes). - wifi: cfg80211: Fix use_for flag update on BSS refresh (git-fixes). - workqueue: mark power efficient workqueue as unbounded if (bsc#1257891) The following package changes have been done: - kernel-default-6.4.0-40.1 updated From sle-container-updates at lists.suse.com Thu Mar 12 08:13:29 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Thu, 12 Mar 2026 09:13:29 +0100 (CET) Subject: SUSE-IU-2026:1400-1: Security update of suse/sl-micro/6.0/kvm-os-container Message-ID: <20260312081329.BBA68FB98@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.0/kvm-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1400-1 Image Tags : suse/sl-micro/6.0/kvm-os-container:2.1.3 , suse/sl-micro/6.0/kvm-os-container:2.1.3-6.124 , suse/sl-micro/6.0/kvm-os-container:latest Image Release : 6.124 Severity : important Type : security References : 1241345 1243055 1249587 1251966 1252911 1252924 1253691 1254992 1255129 1255265 1255379 1255530 1255698 1256564 1256640 1256679 1256683 1256708 1256716 1256755 1256802 1256863 1257159 1257179 1257209 1257228 1257231 1257246 1257552 1257554 1257557 1257559 1257560 1257562 1257570 1257573 1257576 1257579 1257580 1257586 1257635 1257679 1257687 1257704 1257706 1257707 1257714 1257715 1257716 1257718 1257722 1257723 1257729 1257735 1257739 1257740 1257741 1257743 1257745 1257749 1257750 1257757 1257758 1257759 1257761 1257762 1257763 1257765 1257768 1257770 1257772 1257775 1257776 1257788 1257789 1257790 1257805 1257808 1257809 1257811 1257813 1257816 1257830 1257891 1257942 1257952 1258153 1258181 1258184 1258222 1258234 1258237 1258245 1258249 1258252 1258256 1258259 1258272 1258273 1258277 1258278 1258279 1258299 1258304 1258309 1258313 1258317 1258321 1258326 1258338 1258349 1258354 1258358 1258374 1258377 1258379 1258394 1258395 1258397 1258411 1258415 1258419 1258422 1258424 1258429 1258442 1258464 1258465 1258468 1258469 1258484 1258518 1258519 1258520 1258524 1258544 1258660 1258824 1258928 1259070 CVE-2023-53817 CVE-2025-37861 CVE-2025-39748 CVE-2025-39964 CVE-2025-40099 CVE-2025-40103 CVE-2025-68283 CVE-2025-68295 CVE-2025-68374 CVE-2025-68736 CVE-2025-68778 CVE-2025-68785 CVE-2025-68810 CVE-2025-71071 CVE-2025-71104 CVE-2025-71113 CVE-2025-71126 CVE-2025-71148 CVE-2025-71182 CVE-2025-71184 CVE-2025-71185 CVE-2025-71188 CVE-2025-71189 CVE-2025-71190 CVE-2025-71191 CVE-2025-71192 CVE-2025-71194 CVE-2025-71195 CVE-2025-71196 CVE-2025-71197 CVE-2025-71198 CVE-2025-71199 CVE-2025-71200 CVE-2025-71222 CVE-2025-71224 CVE-2025-71225 CVE-2025-71229 CVE-2025-71231 CVE-2025-71232 CVE-2025-71234 CVE-2025-71235 CVE-2025-71236 CVE-2026-22979 CVE-2026-22982 CVE-2026-22998 CVE-2026-23003 CVE-2026-23004 CVE-2026-23017 CVE-2026-23021 CVE-2026-23026 CVE-2026-23033 CVE-2026-23035 CVE-2026-23037 CVE-2026-23049 CVE-2026-23053 CVE-2026-23056 CVE-2026-23057 CVE-2026-23058 CVE-2026-23060 CVE-2026-23061 CVE-2026-23063 CVE-2026-23064 CVE-2026-23068 CVE-2026-23071 CVE-2026-23073 CVE-2026-23074 CVE-2026-23076 CVE-2026-23078 CVE-2026-23080 CVE-2026-23082 CVE-2026-23083 CVE-2026-23084 CVE-2026-23085 CVE-2026-23086 CVE-2026-23089 CVE-2026-23090 CVE-2026-23091 CVE-2026-23094 CVE-2026-23095 CVE-2026-23096 CVE-2026-23099 CVE-2026-23101 CVE-2026-23102 CVE-2026-23104 CVE-2026-23105 CVE-2026-23107 CVE-2026-23108 CVE-2026-23110 CVE-2026-23111 CVE-2026-23112 CVE-2026-23113 CVE-2026-23116 CVE-2026-23119 CVE-2026-23121 CVE-2026-23129 CVE-2026-23133 CVE-2026-23135 CVE-2026-23139 CVE-2026-23141 CVE-2026-23145 CVE-2026-23146 CVE-2026-23150 CVE-2026-23151 CVE-2026-23152 CVE-2026-23155 CVE-2026-23156 CVE-2026-23163 CVE-2026-23166 CVE-2026-23167 CVE-2026-23170 CVE-2026-23171 CVE-2026-23172 CVE-2026-23173 CVE-2026-23176 CVE-2026-23178 CVE-2026-23179 CVE-2026-23182 CVE-2026-23190 CVE-2026-23191 CVE-2026-23198 CVE-2026-23202 CVE-2026-23207 CVE-2026-23208 CVE-2026-23209 CVE-2026-23213 CVE-2026-23214 CVE-2026-23221 CVE-2026-23222 CVE-2026-23229 ----------------------------------------------------------------- The container suse/sl-micro/6.0/kvm-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: kernel-291 Released: Wed Mar 11 17:03:14 2026 Summary: Security update for the Linux Kernel Type: security Severity: important References: 1241345,1243055,1249587,1251966,1252911,1252924,1253691,1254992,1255129,1255265,1255379,1255530,1255698,1256564,1256640,1256679,1256683,1256708,1256716,1256755,1256802,1256863,1257159,1257179,1257209,1257228,1257231,1257246,1257552,1257554,1257557,1257559,1257560,1257562,1257570,1257573,1257576,1257579,1257580,1257586,1257635,1257679,1257687,1257704,1257706,1257707,1257714,1257715,1257716,1257718,1257722,1257723,1257729,1257735,1257739,1257740,1257741,1257743,1257745,1257749,1257750,1257757,1257758,1257759,1257761,1257762,1257763,1257765,1257768,1257770,1257772,1257775,1257776,1257788,1257789,1257790,1257805,1257808,1257809,1257811,1257813,1257816,1257830,1257891,1257942,1257952,1258153,1258181,1258184,1258222,1258234,1258237,1258245,1258249,1258252,1258256,1258259,1258272,1258273,1258277,1258278,1258279,1258299,1258304,1258309,1258313,1258317,1258321,1258326,1258338,1258349,1258354,1258358,1258374,1258377,1258379,1258394,1258395,1258397,1258411,1258415,1258419,1258422,1 258424,1258429,1258442,1258464,1258465,1258468,1258469,1258484,1258518,1258519,1258520,1258524,1258544,1258660,1258824,1258928,1259070,CVE-2023-53817,CVE-2025-37861,CVE-2025-39748,CVE-2025-39964,CVE-2025-40099,CVE-2025-40103,CVE-2025-68283,CVE-2025-68295,CVE-2025-68374,CVE-2025-68736,CVE-2025-68778,CVE-2025-68785,CVE-2025-68810,CVE-2025-71071,CVE-2025-71104,CVE-2025-71113,CVE-2025-71126,CVE-2025-71148,CVE-2025-71182,CVE-2025-71184,CVE-2025-71185,CVE-2025-71188,CVE-2025-71189,CVE-2025-71190,CVE-2025-71191,CVE-2025-71192,CVE-2025-71194,CVE-2025-71195,CVE-2025-71196,CVE-2025-71197,CVE-2025-71198,CVE-2025-71199,CVE-2025-71200,CVE-2025-71222,CVE-2025-71224,CVE-2025-71225,CVE-2025-71229,CVE-2025-71231,CVE-2025-71232,CVE-2025-71234,CVE-2025-71235,CVE-2025-71236,CVE-2026-22979,CVE-2026-22982,CVE-2026-22998,CVE-2026-23003,CVE-2026-23004,CVE-2026-23017,CVE-2026-23021,CVE-2026-23026,CVE-2026-23033,CVE-2026-23035,CVE-2026-23037,CVE-2026-23049,CVE-2026-23053,CVE-2026-23056,CVE-2026-23057,CVE-202 6-23058,CVE-2026-23060,CVE-2026-23061,CVE-2026-23063,CVE-2026-23064,CVE-2026-23068,CVE-2026-23071,CVE-2026-23073,CVE-2026-23074,CVE-2026-23076,CVE-2026-23078,CVE-2026-23080,CVE-2026-23082,CVE-2026-23083,CVE-2026-23084,CVE-2026-23085,CVE-2026-23086,CVE-2026-23089,CVE-2026-23090,CVE-2026-23091,CVE-2026-23094,CVE-2026-23095,CVE-2026-23096,CVE-2026-23099,CVE-2026-23101,CVE-2026-23102,CVE-2026-23104,CVE-2026-23105,CVE-2026-23107,CVE-2026-23108,CVE-2026-23110,CVE-2026-23111,CVE-2026-23112,CVE-2026-23113,CVE-2026-23116,CVE-2026-23119,CVE-2026-23121,CVE-2026-23129,CVE-2026-23133,CVE-2026-23135,CVE-2026-23139,CVE-2026-23141,CVE-2026-23145,CVE-2026-23146,CVE-2026-23150,CVE-2026-23151,CVE-2026-23152,CVE-2026-23155,CVE-2026-23156,CVE-2026-23163,CVE-2026-23166,CVE-2026-23167,CVE-2026-23170,CVE-2026-23171,CVE-2026-23172,CVE-2026-23173,CVE-2026-23176,CVE-2026-23178,CVE-2026-23179,CVE-2026-23182,CVE-2026-23190,CVE-2026-23191,CVE-2026-23198,CVE-2026-23202,CVE-2026-23207,CVE-2026-23208,CVE-2026-23209 ,CVE-2026-23213,CVE-2026-23214,CVE-2026-23221,CVE-2026-23222,CVE-2026-23229 The SUSE Linux Enterprise Micro 6.0 and Micro 6.1 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-53817: crypto: lib/mpi - avoid null pointer deref in mpi_cmp_ui() (bsc#1254992). - CVE-2025-37861: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue (bsc#1243055). - CVE-2025-39748: bpf: Forget ranges when refining tnum after JSET (bsc#1249587). - CVE-2025-39964: crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg (bsc#1251966). - CVE-2025-40099: cifs: parse_dfs_referrals: prevent oob on malformed input (bsc#1252911). - CVE-2025-40103: smb: client: Fix refcount leak for cifs_sb_tlink (bsc#1252924). - CVE-2025-68283: libceph: replace BUG_ON with bounds check for map->max_osd (bsc#1255379). - CVE-2025-68295: smb: client: fix memory leak in cifs_construct_tcon() (bsc#1255129). - CVE-2025-68374: md: fix rcu protection in md_wakeup_thread (bsc#1255530). - CVE-2025-68736: landlock: Fix handling of disconnected directories (bsc#1255698). - CVE-2025-68778: btrfs: don't log conflicting inode if it's a dir moved in the current transaction (bsc#1256683). - CVE-2025-68785: net: openvswitch: fix middle attribute validation in push_nsh() action (bsc#1256640). - CVE-2025-68810: KVM: Disallow toggling KVM_MEM_GUEST_MEMFD on an existing memslot (bsc#1256679). - CVE-2025-71071: iommu/mediatek: fix use-after-free on probe deferral (bsc#1256802). - CVE-2025-71104: KVM: x86: Fix VM hard lockup after prolonged inactivity with periodic HV timer (bsc#1256708). - CVE-2025-71113: crypto: af_alg - zero initialize memory allocated via sock_kmalloc (bsc#1256716). - CVE-2025-71126: mptcp: reset fallback status gracefully at disconnect() time (bsc#1256755). - CVE-2025-71148: net/handshake: restore destructor on submit failure (bsc#1257159). - CVE-2025-71184: btrfs: fix NULL dereference on root when tracing inode eviction (bsc#1257635). - CVE-2025-71194: btrfs: fix deadlock in wait_current_trans() due to ignored transaction type (bsc#1257687). - CVE-2025-71225: md: suspend array while updating raid_disks via sysfs (bsc#1258411). - CVE-2026-22979: net: fix memory leak in skb_segment_list for GRO packets (bsc#1257228). - CVE-2026-22982: net: mscc: ocelot: Fix crash when adding interface under a lag (bsc#1257179). - CVE-2026-22998: nvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec (bsc#1257209). - CVE-2026-23003: geneve: Fix incorrect inner network header offset when innerprotoinherit is set (bsc#1257246). - CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1257231). - CVE-2026-23017: idpf: fix error handling in the init_task on load (bsc#1257552). - CVE-2026-23035: net/mlx5e: Pass netdev to mlx5e_destroy_netdev instead of priv (bsc#1257559). - CVE-2026-23053: NFS: Fix a deadlock involving nfs_release_folio() (bsc#1257718). - CVE-2026-23057: vsock/virtio: Coalesce only linear skb (bsc#1257740). - CVE-2026-23060: crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (bsc#1257735). - CVE-2026-23064: net/sched: act_ife: avoid possible NULL deref (bsc#1257765). - CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1257749). - CVE-2026-23083: fou: Don't allow 0 for FOU_ATTR_IPPROTO (bsc#1257745). - CVE-2026-23084: be2net: Fix NULL pointer dereference in be_cmd_get_mac_from_list (bsc#1257830). - CVE-2026-23085: irqchip/gic-v3-its: Avoid truncating memory addresses (bsc#1257758). - CVE-2026-23086: vsock/virtio: cap TX credit to local buffer size (bsc#1257757). - CVE-2026-23089: ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free() (bsc#1257790). - CVE-2026-23095: gue: Fix skb memleak with inner IP protocol 0 (bsc#1257808). - CVE-2026-23099: bonding: limit BOND_MODE_8023AD to Ethernet devices (bsc#1257816). - CVE-2026-23102: arm64/fpsimd: signal: Mandate SVE payload for streaming-mode state (bsc#1257772). - CVE-2026-23104: ice: fix devlink reload call trace (bsc#1257763). - CVE-2026-23105: net/sched: qfq: Use cl_is_active to determine whether class is active in qfq_rm_from_ag (bsc#1257775). - CVE-2026-23107: arm64/fpsimd: signal: Allocate SSVE storage when restoring ZA (bsc#1257762). - CVE-2026-23110: scsi: core: Wake up the error handler when final completions race against each other (bsc#1257761). - CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258181). - CVE-2026-23112: nvmet-tcp: add bounds checks in nvmet_tcp_build_pdu_iovec (bsc#1258184). - CVE-2026-23113: io_uring/io-wq: check IO_WQ_BIT_EXIT inside work run loop (bsc#1258278). - CVE-2026-23116: pmdomain: imx8m-blk-ctrl: Remove separate rst and clk mask for 8mq vpu (bsc#1258277). - CVE-2026-23119: bonding: provide a net pointer to __skb_flow_dissect() (bsc#1258273). - CVE-2026-23139: netfilter: nf_conncount: update last_gc only when GC has been performed (bsc#1258304). - CVE-2026-23141: btrfs: send: check for inline extents in range_is_hole_in_parent() (bsc#1258377). - CVE-2026-23166: ice: Fix NULL pointer dereference in ice_vsi_set_napi_queues (bsc#1258272). - CVE-2026-23171: net: bonding: update the slave array for broadcast mode (bsc#1258349). - CVE-2026-23173: net/mlx5e: TC, delete flows only for existing peers (bsc#1258520). - CVE-2026-23179: nvmet-tcp: fixup hang in nvmet_tcp_listen_data_ready() (bsc#1258394). - CVE-2026-23191: ALSA: aloop: Fix racy access at PCM trigger (bsc#1258395). - CVE-2026-23198: KVM: Don't clobber irqfd routing type when deassigning irqfd (bsc#1258321). - CVE-2026-23208: ALSA: usb-audio: Prevent excessive number of frames (bsc#1258468). - CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258518). - CVE-2026-23213: drm/amd/pm: Disable MMIO access during SMU Mode 1 reset (bsc#1258465). - CVE-2026-23214: btrfs: reject new transactions if the fs is fully read-only (bsc#1258464). The following non security issues were fixed: - ALSA: usb-audio: Update the number of packets properly at receiving (stable-fixes). - ALSA: usb-audio: fix broken logic in snd_audigy2nx_led_update() (git-fixes). - ASoC: SOF: ipc4-control: If there is no data do not send bytes update (git-fixes). - HID: intel-ish-hid: Update ishtp bus match to support device ID table (stable-fixes). - PM: sleep: wakeirq: Update outdated documentation comments (git-fixes). - Update 'drm/mgag200: fix mgag200_bmc_stop_scanout()' bug number (bsc#1258153) - Update upstreamed net and powerpc patch references and sorting - bonding: only set speed/duplex to unknown, if getting speed failed (bsc#1253691). - btrfs: scrub: always update btrfs_scrub_progress::last_physical (git-fixes). - clocksource: Print durations for sync check unconditionally (bsc#1241345). - clocksource: Reduce watchdog readout delay limit to prevent false positives (bsc#1241345). - drm/radeon: delete radeon_fence_process in is_signaled, no deadlock (stable-fixes). - ext4: fix iloc.bh leak in ext4_xattr_inode_update_ref (git-fixes). - landlock: Optimize file path walks and prepare for audit support (bsc#1255698). - media: qcom: camss: vfe: Fix out-of-bounds access in vfe_isr_reg_update() (git-fixes). - shrink_slab_memcg: clear_bits of skipped shrinkers (bsc#1256564). - spi: tegra210-quad: Move curr_xfer read inside spinlock (bsc#1257952) - spi: tegra210-quad: Protect curr_xfer assignment in (bsc#1257952) - spi: tegra210-quad: Protect curr_xfer check in IRQ handler (bsc#1257952) - spi: tegra210-quad: Protect curr_xfer clearing in (bsc#1257952) - spi: tegra210-quad: Protect curr_xfer in tegra_qspi_combined_seq_xfer (bsc#1257952) - spi: tegra210-quad: Return IRQ_HANDLED when timeout already processed (bsc#1257952) - staging: rtl8723bs: fix missing status update on sdio_alloc_irq() failure (stable-fixes). - wifi: cfg80211: Fix use_for flag update on BSS refresh (git-fixes). - workqueue: mark power efficient workqueue as unbounded if (bsc#1257891) The following package changes have been done: - kernel-default-base-6.4.0-40.1.21.17 updated - container:SL-Micro-base-container-2.1.3-7.105 updated From sle-container-updates at lists.suse.com Thu Mar 12 08:19:09 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Thu, 12 Mar 2026 09:19:09 +0100 (CET) Subject: SUSE-CU-2026:1586-1: Security update of suse/sl-micro/6.0/toolbox Message-ID: <20260312081909.15819F77E@maintenance.suse.de> SUSE Container Update Advisory: suse/sl-micro/6.0/toolbox ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:1586-1 Container Tags : suse/sl-micro/6.0/toolbox:13.2 , suse/sl-micro/6.0/toolbox:13.2-9.75 , suse/sl-micro/6.0/toolbox:latest Container Release : 9.75 Severity : moderate Type : security References : 1246602 1258229 CVE-2025-53906 CVE-2026-26269 ----------------------------------------------------------------- The container suse/sl-micro/6.0/toolbox was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 615 Released: Wed Mar 11 12:16:01 2026 Summary: Security update for vim Type: security Severity: moderate References: 1246602,1258229,CVE-2025-53906,CVE-2026-26269 This update for vim fixes the following issues: Update Vim to version 9.2.0045: - CVE-2025-53906: malicious zip archive may cause a path traversal in Vim's zip (bsc#1246602). - CVE-2026-26269: Netbeans specialKeys stack buffer overflow (bsc#1258229). The following package changes have been done: - vim-data-common-9.2.0045-1.1 updated - vim-9.2.0045-1.1 updated From sle-container-updates at lists.suse.com Thu Mar 12 08:21:14 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Thu, 12 Mar 2026 09:21:14 +0100 (CET) Subject: SUSE-IU-2026:1404-1: Security update of suse/sl-micro/6.1/base-os-container Message-ID: <20260312082114.D09EDFB98@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.1/base-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1404-1 Image Tags : suse/sl-micro/6.1/base-os-container:2.2.1 , suse/sl-micro/6.1/base-os-container:2.2.1-5.90 , suse/sl-micro/6.1/base-os-container:latest Image Release : 5.90 Severity : important Type : security References : 1241345 1243055 1249587 1251966 1252911 1252924 1253691 1254992 1255129 1255265 1255379 1255530 1255698 1256564 1256640 1256679 1256683 1256708 1256716 1256755 1256802 1256863 1257159 1257179 1257209 1257228 1257231 1257246 1257552 1257554 1257557 1257559 1257560 1257562 1257570 1257573 1257576 1257579 1257580 1257586 1257635 1257679 1257687 1257704 1257706 1257707 1257714 1257715 1257716 1257718 1257722 1257723 1257729 1257735 1257739 1257740 1257741 1257743 1257745 1257749 1257750 1257757 1257758 1257759 1257761 1257762 1257763 1257765 1257768 1257770 1257772 1257775 1257776 1257788 1257789 1257790 1257805 1257808 1257809 1257811 1257813 1257816 1257830 1257891 1257942 1257952 1258153 1258181 1258184 1258222 1258234 1258237 1258245 1258249 1258252 1258256 1258259 1258272 1258273 1258277 1258278 1258279 1258299 1258304 1258309 1258313 1258317 1258321 1258326 1258338 1258349 1258354 1258358 1258374 1258377 1258379 1258394 1258395 1258397 1258411 1258415 1258419 1258422 1258424 1258429 1258442 1258464 1258465 1258468 1258469 1258484 1258518 1258519 1258520 1258524 1258544 1258660 1258824 1258928 1259070 CVE-2023-53817 CVE-2025-37861 CVE-2025-39748 CVE-2025-39964 CVE-2025-40099 CVE-2025-40103 CVE-2025-68283 CVE-2025-68295 CVE-2025-68374 CVE-2025-68736 CVE-2025-68778 CVE-2025-68785 CVE-2025-68810 CVE-2025-71071 CVE-2025-71104 CVE-2025-71113 CVE-2025-71126 CVE-2025-71148 CVE-2025-71182 CVE-2025-71184 CVE-2025-71185 CVE-2025-71188 CVE-2025-71189 CVE-2025-71190 CVE-2025-71191 CVE-2025-71192 CVE-2025-71194 CVE-2025-71195 CVE-2025-71196 CVE-2025-71197 CVE-2025-71198 CVE-2025-71199 CVE-2025-71200 CVE-2025-71222 CVE-2025-71224 CVE-2025-71225 CVE-2025-71229 CVE-2025-71231 CVE-2025-71232 CVE-2025-71234 CVE-2025-71235 CVE-2025-71236 CVE-2026-22979 CVE-2026-22982 CVE-2026-22998 CVE-2026-23003 CVE-2026-23004 CVE-2026-23017 CVE-2026-23021 CVE-2026-23026 CVE-2026-23033 CVE-2026-23035 CVE-2026-23037 CVE-2026-23049 CVE-2026-23053 CVE-2026-23056 CVE-2026-23057 CVE-2026-23058 CVE-2026-23060 CVE-2026-23061 CVE-2026-23063 CVE-2026-23064 CVE-2026-23068 CVE-2026-23071 CVE-2026-23073 CVE-2026-23074 CVE-2026-23076 CVE-2026-23078 CVE-2026-23080 CVE-2026-23082 CVE-2026-23083 CVE-2026-23084 CVE-2026-23085 CVE-2026-23086 CVE-2026-23089 CVE-2026-23090 CVE-2026-23091 CVE-2026-23094 CVE-2026-23095 CVE-2026-23096 CVE-2026-23099 CVE-2026-23101 CVE-2026-23102 CVE-2026-23104 CVE-2026-23105 CVE-2026-23107 CVE-2026-23108 CVE-2026-23110 CVE-2026-23111 CVE-2026-23112 CVE-2026-23113 CVE-2026-23116 CVE-2026-23119 CVE-2026-23121 CVE-2026-23129 CVE-2026-23133 CVE-2026-23135 CVE-2026-23139 CVE-2026-23141 CVE-2026-23145 CVE-2026-23146 CVE-2026-23150 CVE-2026-23151 CVE-2026-23152 CVE-2026-23155 CVE-2026-23156 CVE-2026-23163 CVE-2026-23166 CVE-2026-23167 CVE-2026-23170 CVE-2026-23171 CVE-2026-23172 CVE-2026-23173 CVE-2026-23176 CVE-2026-23178 CVE-2026-23179 CVE-2026-23182 CVE-2026-23190 CVE-2026-23191 CVE-2026-23198 CVE-2026-23202 CVE-2026-23207 CVE-2026-23208 CVE-2026-23209 CVE-2026-23213 CVE-2026-23214 CVE-2026-23221 CVE-2026-23222 CVE-2026-23229 ----------------------------------------------------------------- The container suse/sl-micro/6.1/base-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: kernel-291 Released: Wed Mar 11 17:03:14 2026 Summary: Security update for the Linux Kernel Type: security Severity: important References: 1241345,1243055,1249587,1251966,1252911,1252924,1253691,1254992,1255129,1255265,1255379,1255530,1255698,1256564,1256640,1256679,1256683,1256708,1256716,1256755,1256802,1256863,1257159,1257179,1257209,1257228,1257231,1257246,1257552,1257554,1257557,1257559,1257560,1257562,1257570,1257573,1257576,1257579,1257580,1257586,1257635,1257679,1257687,1257704,1257706,1257707,1257714,1257715,1257716,1257718,1257722,1257723,1257729,1257735,1257739,1257740,1257741,1257743,1257745,1257749,1257750,1257757,1257758,1257759,1257761,1257762,1257763,1257765,1257768,1257770,1257772,1257775,1257776,1257788,1257789,1257790,1257805,1257808,1257809,1257811,1257813,1257816,1257830,1257891,1257942,1257952,1258153,1258181,1258184,1258222,1258234,1258237,1258245,1258249,1258252,1258256,1258259,1258272,1258273,1258277,1258278,1258279,1258299,1258304,1258309,1258313,1258317,1258321,1258326,1258338,1258349,1258354,1258358,1258374,1258377,1258379,1258394,1258395,1258397,1258411,1258415,1258419,1258422,1 258424,1258429,1258442,1258464,1258465,1258468,1258469,1258484,1258518,1258519,1258520,1258524,1258544,1258660,1258824,1258928,1259070,CVE-2023-53817,CVE-2025-37861,CVE-2025-39748,CVE-2025-39964,CVE-2025-40099,CVE-2025-40103,CVE-2025-68283,CVE-2025-68295,CVE-2025-68374,CVE-2025-68736,CVE-2025-68778,CVE-2025-68785,CVE-2025-68810,CVE-2025-71071,CVE-2025-71104,CVE-2025-71113,CVE-2025-71126,CVE-2025-71148,CVE-2025-71182,CVE-2025-71184,CVE-2025-71185,CVE-2025-71188,CVE-2025-71189,CVE-2025-71190,CVE-2025-71191,CVE-2025-71192,CVE-2025-71194,CVE-2025-71195,CVE-2025-71196,CVE-2025-71197,CVE-2025-71198,CVE-2025-71199,CVE-2025-71200,CVE-2025-71222,CVE-2025-71224,CVE-2025-71225,CVE-2025-71229,CVE-2025-71231,CVE-2025-71232,CVE-2025-71234,CVE-2025-71235,CVE-2025-71236,CVE-2026-22979,CVE-2026-22982,CVE-2026-22998,CVE-2026-23003,CVE-2026-23004,CVE-2026-23017,CVE-2026-23021,CVE-2026-23026,CVE-2026-23033,CVE-2026-23035,CVE-2026-23037,CVE-2026-23049,CVE-2026-23053,CVE-2026-23056,CVE-2026-23057,CVE-202 6-23058,CVE-2026-23060,CVE-2026-23061,CVE-2026-23063,CVE-2026-23064,CVE-2026-23068,CVE-2026-23071,CVE-2026-23073,CVE-2026-23074,CVE-2026-23076,CVE-2026-23078,CVE-2026-23080,CVE-2026-23082,CVE-2026-23083,CVE-2026-23084,CVE-2026-23085,CVE-2026-23086,CVE-2026-23089,CVE-2026-23090,CVE-2026-23091,CVE-2026-23094,CVE-2026-23095,CVE-2026-23096,CVE-2026-23099,CVE-2026-23101,CVE-2026-23102,CVE-2026-23104,CVE-2026-23105,CVE-2026-23107,CVE-2026-23108,CVE-2026-23110,CVE-2026-23111,CVE-2026-23112,CVE-2026-23113,CVE-2026-23116,CVE-2026-23119,CVE-2026-23121,CVE-2026-23129,CVE-2026-23133,CVE-2026-23135,CVE-2026-23139,CVE-2026-23141,CVE-2026-23145,CVE-2026-23146,CVE-2026-23150,CVE-2026-23151,CVE-2026-23152,CVE-2026-23155,CVE-2026-23156,CVE-2026-23163,CVE-2026-23166,CVE-2026-23167,CVE-2026-23170,CVE-2026-23171,CVE-2026-23172,CVE-2026-23173,CVE-2026-23176,CVE-2026-23178,CVE-2026-23179,CVE-2026-23182,CVE-2026-23190,CVE-2026-23191,CVE-2026-23198,CVE-2026-23202,CVE-2026-23207,CVE-2026-23208,CVE-2026-23209 ,CVE-2026-23213,CVE-2026-23214,CVE-2026-23221,CVE-2026-23222,CVE-2026-23229 The SUSE Linux Enterprise Micro 6.0 and Micro 6.1 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-53817: crypto: lib/mpi - avoid null pointer deref in mpi_cmp_ui() (bsc#1254992). - CVE-2025-37861: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue (bsc#1243055). - CVE-2025-39748: bpf: Forget ranges when refining tnum after JSET (bsc#1249587). - CVE-2025-39964: crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg (bsc#1251966). - CVE-2025-40099: cifs: parse_dfs_referrals: prevent oob on malformed input (bsc#1252911). - CVE-2025-40103: smb: client: Fix refcount leak for cifs_sb_tlink (bsc#1252924). - CVE-2025-68283: libceph: replace BUG_ON with bounds check for map->max_osd (bsc#1255379). - CVE-2025-68295: smb: client: fix memory leak in cifs_construct_tcon() (bsc#1255129). - CVE-2025-68374: md: fix rcu protection in md_wakeup_thread (bsc#1255530). - CVE-2025-68736: landlock: Fix handling of disconnected directories (bsc#1255698). - CVE-2025-68778: btrfs: don't log conflicting inode if it's a dir moved in the current transaction (bsc#1256683). - CVE-2025-68785: net: openvswitch: fix middle attribute validation in push_nsh() action (bsc#1256640). - CVE-2025-68810: KVM: Disallow toggling KVM_MEM_GUEST_MEMFD on an existing memslot (bsc#1256679). - CVE-2025-71071: iommu/mediatek: fix use-after-free on probe deferral (bsc#1256802). - CVE-2025-71104: KVM: x86: Fix VM hard lockup after prolonged inactivity with periodic HV timer (bsc#1256708). - CVE-2025-71113: crypto: af_alg - zero initialize memory allocated via sock_kmalloc (bsc#1256716). - CVE-2025-71126: mptcp: reset fallback status gracefully at disconnect() time (bsc#1256755). - CVE-2025-71148: net/handshake: restore destructor on submit failure (bsc#1257159). - CVE-2025-71184: btrfs: fix NULL dereference on root when tracing inode eviction (bsc#1257635). - CVE-2025-71194: btrfs: fix deadlock in wait_current_trans() due to ignored transaction type (bsc#1257687). - CVE-2025-71225: md: suspend array while updating raid_disks via sysfs (bsc#1258411). - CVE-2026-22979: net: fix memory leak in skb_segment_list for GRO packets (bsc#1257228). - CVE-2026-22982: net: mscc: ocelot: Fix crash when adding interface under a lag (bsc#1257179). - CVE-2026-22998: nvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec (bsc#1257209). - CVE-2026-23003: geneve: Fix incorrect inner network header offset when innerprotoinherit is set (bsc#1257246). - CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1257231). - CVE-2026-23017: idpf: fix error handling in the init_task on load (bsc#1257552). - CVE-2026-23035: net/mlx5e: Pass netdev to mlx5e_destroy_netdev instead of priv (bsc#1257559). - CVE-2026-23053: NFS: Fix a deadlock involving nfs_release_folio() (bsc#1257718). - CVE-2026-23057: vsock/virtio: Coalesce only linear skb (bsc#1257740). - CVE-2026-23060: crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (bsc#1257735). - CVE-2026-23064: net/sched: act_ife: avoid possible NULL deref (bsc#1257765). - CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1257749). - CVE-2026-23083: fou: Don't allow 0 for FOU_ATTR_IPPROTO (bsc#1257745). - CVE-2026-23084: be2net: Fix NULL pointer dereference in be_cmd_get_mac_from_list (bsc#1257830). - CVE-2026-23085: irqchip/gic-v3-its: Avoid truncating memory addresses (bsc#1257758). - CVE-2026-23086: vsock/virtio: cap TX credit to local buffer size (bsc#1257757). - CVE-2026-23089: ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free() (bsc#1257790). - CVE-2026-23095: gue: Fix skb memleak with inner IP protocol 0 (bsc#1257808). - CVE-2026-23099: bonding: limit BOND_MODE_8023AD to Ethernet devices (bsc#1257816). - CVE-2026-23102: arm64/fpsimd: signal: Mandate SVE payload for streaming-mode state (bsc#1257772). - CVE-2026-23104: ice: fix devlink reload call trace (bsc#1257763). - CVE-2026-23105: net/sched: qfq: Use cl_is_active to determine whether class is active in qfq_rm_from_ag (bsc#1257775). - CVE-2026-23107: arm64/fpsimd: signal: Allocate SSVE storage when restoring ZA (bsc#1257762). - CVE-2026-23110: scsi: core: Wake up the error handler when final completions race against each other (bsc#1257761). - CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258181). - CVE-2026-23112: nvmet-tcp: add bounds checks in nvmet_tcp_build_pdu_iovec (bsc#1258184). - CVE-2026-23113: io_uring/io-wq: check IO_WQ_BIT_EXIT inside work run loop (bsc#1258278). - CVE-2026-23116: pmdomain: imx8m-blk-ctrl: Remove separate rst and clk mask for 8mq vpu (bsc#1258277). - CVE-2026-23119: bonding: provide a net pointer to __skb_flow_dissect() (bsc#1258273). - CVE-2026-23139: netfilter: nf_conncount: update last_gc only when GC has been performed (bsc#1258304). - CVE-2026-23141: btrfs: send: check for inline extents in range_is_hole_in_parent() (bsc#1258377). - CVE-2026-23166: ice: Fix NULL pointer dereference in ice_vsi_set_napi_queues (bsc#1258272). - CVE-2026-23171: net: bonding: update the slave array for broadcast mode (bsc#1258349). - CVE-2026-23173: net/mlx5e: TC, delete flows only for existing peers (bsc#1258520). - CVE-2026-23179: nvmet-tcp: fixup hang in nvmet_tcp_listen_data_ready() (bsc#1258394). - CVE-2026-23191: ALSA: aloop: Fix racy access at PCM trigger (bsc#1258395). - CVE-2026-23198: KVM: Don't clobber irqfd routing type when deassigning irqfd (bsc#1258321). - CVE-2026-23208: ALSA: usb-audio: Prevent excessive number of frames (bsc#1258468). - CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258518). - CVE-2026-23213: drm/amd/pm: Disable MMIO access during SMU Mode 1 reset (bsc#1258465). - CVE-2026-23214: btrfs: reject new transactions if the fs is fully read-only (bsc#1258464). The following non security issues were fixed: - ALSA: usb-audio: Update the number of packets properly at receiving (stable-fixes). - ALSA: usb-audio: fix broken logic in snd_audigy2nx_led_update() (git-fixes). - ASoC: SOF: ipc4-control: If there is no data do not send bytes update (git-fixes). - HID: intel-ish-hid: Update ishtp bus match to support device ID table (stable-fixes). - PM: sleep: wakeirq: Update outdated documentation comments (git-fixes). - Update 'drm/mgag200: fix mgag200_bmc_stop_scanout()' bug number (bsc#1258153) - Update upstreamed net and powerpc patch references and sorting - bonding: only set speed/duplex to unknown, if getting speed failed (bsc#1253691). - btrfs: scrub: always update btrfs_scrub_progress::last_physical (git-fixes). - clocksource: Print durations for sync check unconditionally (bsc#1241345). - clocksource: Reduce watchdog readout delay limit to prevent false positives (bsc#1241345). - drm/radeon: delete radeon_fence_process in is_signaled, no deadlock (stable-fixes). - ext4: fix iloc.bh leak in ext4_xattr_inode_update_ref (git-fixes). - landlock: Optimize file path walks and prepare for audit support (bsc#1255698). - media: qcom: camss: vfe: Fix out-of-bounds access in vfe_isr_reg_update() (git-fixes). - shrink_slab_memcg: clear_bits of skipped shrinkers (bsc#1256564). - spi: tegra210-quad: Move curr_xfer read inside spinlock (bsc#1257952) - spi: tegra210-quad: Protect curr_xfer assignment in (bsc#1257952) - spi: tegra210-quad: Protect curr_xfer check in IRQ handler (bsc#1257952) - spi: tegra210-quad: Protect curr_xfer clearing in (bsc#1257952) - spi: tegra210-quad: Protect curr_xfer in tegra_qspi_combined_seq_xfer (bsc#1257952) - spi: tegra210-quad: Return IRQ_HANDLED when timeout already processed (bsc#1257952) - staging: rtl8723bs: fix missing status update on sdio_alloc_irq() failure (stable-fixes). - wifi: cfg80211: Fix use_for flag update on BSS refresh (git-fixes). - workqueue: mark power efficient workqueue as unbounded if (bsc#1257891) The following package changes have been done: - kernel-default-6.4.0-40.1 updated From sle-container-updates at lists.suse.com Thu Mar 12 08:22:34 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Thu, 12 Mar 2026 09:22:34 +0100 (CET) Subject: SUSE-IU-2026:1405-1: Security update of suse/sl-micro/6.1/kvm-os-container Message-ID: <20260312082234.74DA3F77E@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.1/kvm-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1405-1 Image Tags : suse/sl-micro/6.1/kvm-os-container:2.2.1 , suse/sl-micro/6.1/kvm-os-container:2.2.1-5.94 , suse/sl-micro/6.1/kvm-os-container:latest Image Release : 5.94 Severity : important Type : security References : 1241345 1243055 1249587 1251966 1252911 1252924 1253691 1254992 1255129 1255265 1255379 1255530 1255698 1256564 1256640 1256679 1256683 1256708 1256716 1256755 1256802 1256863 1257159 1257179 1257209 1257228 1257231 1257246 1257552 1257554 1257557 1257559 1257560 1257562 1257570 1257573 1257576 1257579 1257580 1257586 1257635 1257679 1257687 1257704 1257706 1257707 1257714 1257715 1257716 1257718 1257722 1257723 1257729 1257735 1257739 1257740 1257741 1257743 1257745 1257749 1257750 1257757 1257758 1257759 1257761 1257762 1257763 1257765 1257768 1257770 1257772 1257775 1257776 1257788 1257789 1257790 1257805 1257808 1257809 1257811 1257813 1257816 1257830 1257891 1257942 1257952 1258153 1258181 1258184 1258222 1258234 1258237 1258245 1258249 1258252 1258256 1258259 1258272 1258273 1258277 1258278 1258279 1258299 1258304 1258309 1258313 1258317 1258321 1258326 1258338 1258349 1258354 1258358 1258374 1258377 1258379 1258394 1258395 1258397 1258411 1258415 1258419 1258422 1258424 1258429 1258442 1258464 1258465 1258468 1258469 1258484 1258518 1258519 1258520 1258524 1258544 1258660 1258824 1258928 1259070 CVE-2023-53817 CVE-2025-37861 CVE-2025-39748 CVE-2025-39964 CVE-2025-40099 CVE-2025-40103 CVE-2025-68283 CVE-2025-68295 CVE-2025-68374 CVE-2025-68736 CVE-2025-68778 CVE-2025-68785 CVE-2025-68810 CVE-2025-71071 CVE-2025-71104 CVE-2025-71113 CVE-2025-71126 CVE-2025-71148 CVE-2025-71182 CVE-2025-71184 CVE-2025-71185 CVE-2025-71188 CVE-2025-71189 CVE-2025-71190 CVE-2025-71191 CVE-2025-71192 CVE-2025-71194 CVE-2025-71195 CVE-2025-71196 CVE-2025-71197 CVE-2025-71198 CVE-2025-71199 CVE-2025-71200 CVE-2025-71222 CVE-2025-71224 CVE-2025-71225 CVE-2025-71229 CVE-2025-71231 CVE-2025-71232 CVE-2025-71234 CVE-2025-71235 CVE-2025-71236 CVE-2026-22979 CVE-2026-22982 CVE-2026-22998 CVE-2026-23003 CVE-2026-23004 CVE-2026-23017 CVE-2026-23021 CVE-2026-23026 CVE-2026-23033 CVE-2026-23035 CVE-2026-23037 CVE-2026-23049 CVE-2026-23053 CVE-2026-23056 CVE-2026-23057 CVE-2026-23058 CVE-2026-23060 CVE-2026-23061 CVE-2026-23063 CVE-2026-23064 CVE-2026-23068 CVE-2026-23071 CVE-2026-23073 CVE-2026-23074 CVE-2026-23076 CVE-2026-23078 CVE-2026-23080 CVE-2026-23082 CVE-2026-23083 CVE-2026-23084 CVE-2026-23085 CVE-2026-23086 CVE-2026-23089 CVE-2026-23090 CVE-2026-23091 CVE-2026-23094 CVE-2026-23095 CVE-2026-23096 CVE-2026-23099 CVE-2026-23101 CVE-2026-23102 CVE-2026-23104 CVE-2026-23105 CVE-2026-23107 CVE-2026-23108 CVE-2026-23110 CVE-2026-23111 CVE-2026-23112 CVE-2026-23113 CVE-2026-23116 CVE-2026-23119 CVE-2026-23121 CVE-2026-23129 CVE-2026-23133 CVE-2026-23135 CVE-2026-23139 CVE-2026-23141 CVE-2026-23145 CVE-2026-23146 CVE-2026-23150 CVE-2026-23151 CVE-2026-23152 CVE-2026-23155 CVE-2026-23156 CVE-2026-23163 CVE-2026-23166 CVE-2026-23167 CVE-2026-23170 CVE-2026-23171 CVE-2026-23172 CVE-2026-23173 CVE-2026-23176 CVE-2026-23178 CVE-2026-23179 CVE-2026-23182 CVE-2026-23190 CVE-2026-23191 CVE-2026-23198 CVE-2026-23202 CVE-2026-23207 CVE-2026-23208 CVE-2026-23209 CVE-2026-23213 CVE-2026-23214 CVE-2026-23221 CVE-2026-23222 CVE-2026-23229 ----------------------------------------------------------------- The container suse/sl-micro/6.1/kvm-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: kernel-291 Released: Wed Mar 11 17:03:14 2026 Summary: Security update for the Linux Kernel Type: security Severity: important References: 1241345,1243055,1249587,1251966,1252911,1252924,1253691,1254992,1255129,1255265,1255379,1255530,1255698,1256564,1256640,1256679,1256683,1256708,1256716,1256755,1256802,1256863,1257159,1257179,1257209,1257228,1257231,1257246,1257552,1257554,1257557,1257559,1257560,1257562,1257570,1257573,1257576,1257579,1257580,1257586,1257635,1257679,1257687,1257704,1257706,1257707,1257714,1257715,1257716,1257718,1257722,1257723,1257729,1257735,1257739,1257740,1257741,1257743,1257745,1257749,1257750,1257757,1257758,1257759,1257761,1257762,1257763,1257765,1257768,1257770,1257772,1257775,1257776,1257788,1257789,1257790,1257805,1257808,1257809,1257811,1257813,1257816,1257830,1257891,1257942,1257952,1258153,1258181,1258184,1258222,1258234,1258237,1258245,1258249,1258252,1258256,1258259,1258272,1258273,1258277,1258278,1258279,1258299,1258304,1258309,1258313,1258317,1258321,1258326,1258338,1258349,1258354,1258358,1258374,1258377,1258379,1258394,1258395,1258397,1258411,1258415,1258419,1258422,1 258424,1258429,1258442,1258464,1258465,1258468,1258469,1258484,1258518,1258519,1258520,1258524,1258544,1258660,1258824,1258928,1259070,CVE-2023-53817,CVE-2025-37861,CVE-2025-39748,CVE-2025-39964,CVE-2025-40099,CVE-2025-40103,CVE-2025-68283,CVE-2025-68295,CVE-2025-68374,CVE-2025-68736,CVE-2025-68778,CVE-2025-68785,CVE-2025-68810,CVE-2025-71071,CVE-2025-71104,CVE-2025-71113,CVE-2025-71126,CVE-2025-71148,CVE-2025-71182,CVE-2025-71184,CVE-2025-71185,CVE-2025-71188,CVE-2025-71189,CVE-2025-71190,CVE-2025-71191,CVE-2025-71192,CVE-2025-71194,CVE-2025-71195,CVE-2025-71196,CVE-2025-71197,CVE-2025-71198,CVE-2025-71199,CVE-2025-71200,CVE-2025-71222,CVE-2025-71224,CVE-2025-71225,CVE-2025-71229,CVE-2025-71231,CVE-2025-71232,CVE-2025-71234,CVE-2025-71235,CVE-2025-71236,CVE-2026-22979,CVE-2026-22982,CVE-2026-22998,CVE-2026-23003,CVE-2026-23004,CVE-2026-23017,CVE-2026-23021,CVE-2026-23026,CVE-2026-23033,CVE-2026-23035,CVE-2026-23037,CVE-2026-23049,CVE-2026-23053,CVE-2026-23056,CVE-2026-23057,CVE-202 6-23058,CVE-2026-23060,CVE-2026-23061,CVE-2026-23063,CVE-2026-23064,CVE-2026-23068,CVE-2026-23071,CVE-2026-23073,CVE-2026-23074,CVE-2026-23076,CVE-2026-23078,CVE-2026-23080,CVE-2026-23082,CVE-2026-23083,CVE-2026-23084,CVE-2026-23085,CVE-2026-23086,CVE-2026-23089,CVE-2026-23090,CVE-2026-23091,CVE-2026-23094,CVE-2026-23095,CVE-2026-23096,CVE-2026-23099,CVE-2026-23101,CVE-2026-23102,CVE-2026-23104,CVE-2026-23105,CVE-2026-23107,CVE-2026-23108,CVE-2026-23110,CVE-2026-23111,CVE-2026-23112,CVE-2026-23113,CVE-2026-23116,CVE-2026-23119,CVE-2026-23121,CVE-2026-23129,CVE-2026-23133,CVE-2026-23135,CVE-2026-23139,CVE-2026-23141,CVE-2026-23145,CVE-2026-23146,CVE-2026-23150,CVE-2026-23151,CVE-2026-23152,CVE-2026-23155,CVE-2026-23156,CVE-2026-23163,CVE-2026-23166,CVE-2026-23167,CVE-2026-23170,CVE-2026-23171,CVE-2026-23172,CVE-2026-23173,CVE-2026-23176,CVE-2026-23178,CVE-2026-23179,CVE-2026-23182,CVE-2026-23190,CVE-2026-23191,CVE-2026-23198,CVE-2026-23202,CVE-2026-23207,CVE-2026-23208,CVE-2026-23209 ,CVE-2026-23213,CVE-2026-23214,CVE-2026-23221,CVE-2026-23222,CVE-2026-23229 The SUSE Linux Enterprise Micro 6.0 and Micro 6.1 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-53817: crypto: lib/mpi - avoid null pointer deref in mpi_cmp_ui() (bsc#1254992). - CVE-2025-37861: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue (bsc#1243055). - CVE-2025-39748: bpf: Forget ranges when refining tnum after JSET (bsc#1249587). - CVE-2025-39964: crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg (bsc#1251966). - CVE-2025-40099: cifs: parse_dfs_referrals: prevent oob on malformed input (bsc#1252911). - CVE-2025-40103: smb: client: Fix refcount leak for cifs_sb_tlink (bsc#1252924). - CVE-2025-68283: libceph: replace BUG_ON with bounds check for map->max_osd (bsc#1255379). - CVE-2025-68295: smb: client: fix memory leak in cifs_construct_tcon() (bsc#1255129). - CVE-2025-68374: md: fix rcu protection in md_wakeup_thread (bsc#1255530). - CVE-2025-68736: landlock: Fix handling of disconnected directories (bsc#1255698). - CVE-2025-68778: btrfs: don't log conflicting inode if it's a dir moved in the current transaction (bsc#1256683). - CVE-2025-68785: net: openvswitch: fix middle attribute validation in push_nsh() action (bsc#1256640). - CVE-2025-68810: KVM: Disallow toggling KVM_MEM_GUEST_MEMFD on an existing memslot (bsc#1256679). - CVE-2025-71071: iommu/mediatek: fix use-after-free on probe deferral (bsc#1256802). - CVE-2025-71104: KVM: x86: Fix VM hard lockup after prolonged inactivity with periodic HV timer (bsc#1256708). - CVE-2025-71113: crypto: af_alg - zero initialize memory allocated via sock_kmalloc (bsc#1256716). - CVE-2025-71126: mptcp: reset fallback status gracefully at disconnect() time (bsc#1256755). - CVE-2025-71148: net/handshake: restore destructor on submit failure (bsc#1257159). - CVE-2025-71184: btrfs: fix NULL dereference on root when tracing inode eviction (bsc#1257635). - CVE-2025-71194: btrfs: fix deadlock in wait_current_trans() due to ignored transaction type (bsc#1257687). - CVE-2025-71225: md: suspend array while updating raid_disks via sysfs (bsc#1258411). - CVE-2026-22979: net: fix memory leak in skb_segment_list for GRO packets (bsc#1257228). - CVE-2026-22982: net: mscc: ocelot: Fix crash when adding interface under a lag (bsc#1257179). - CVE-2026-22998: nvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec (bsc#1257209). - CVE-2026-23003: geneve: Fix incorrect inner network header offset when innerprotoinherit is set (bsc#1257246). - CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1257231). - CVE-2026-23017: idpf: fix error handling in the init_task on load (bsc#1257552). - CVE-2026-23035: net/mlx5e: Pass netdev to mlx5e_destroy_netdev instead of priv (bsc#1257559). - CVE-2026-23053: NFS: Fix a deadlock involving nfs_release_folio() (bsc#1257718). - CVE-2026-23057: vsock/virtio: Coalesce only linear skb (bsc#1257740). - CVE-2026-23060: crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (bsc#1257735). - CVE-2026-23064: net/sched: act_ife: avoid possible NULL deref (bsc#1257765). - CVE-2026-23074: net/sched: Enforce that teql can only be used as root qdisc (bsc#1257749). - CVE-2026-23083: fou: Don't allow 0 for FOU_ATTR_IPPROTO (bsc#1257745). - CVE-2026-23084: be2net: Fix NULL pointer dereference in be_cmd_get_mac_from_list (bsc#1257830). - CVE-2026-23085: irqchip/gic-v3-its: Avoid truncating memory addresses (bsc#1257758). - CVE-2026-23086: vsock/virtio: cap TX credit to local buffer size (bsc#1257757). - CVE-2026-23089: ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free() (bsc#1257790). - CVE-2026-23095: gue: Fix skb memleak with inner IP protocol 0 (bsc#1257808). - CVE-2026-23099: bonding: limit BOND_MODE_8023AD to Ethernet devices (bsc#1257816). - CVE-2026-23102: arm64/fpsimd: signal: Mandate SVE payload for streaming-mode state (bsc#1257772). - CVE-2026-23104: ice: fix devlink reload call trace (bsc#1257763). - CVE-2026-23105: net/sched: qfq: Use cl_is_active to determine whether class is active in qfq_rm_from_ag (bsc#1257775). - CVE-2026-23107: arm64/fpsimd: signal: Allocate SSVE storage when restoring ZA (bsc#1257762). - CVE-2026-23110: scsi: core: Wake up the error handler when final completions race against each other (bsc#1257761). - CVE-2026-23111: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (bsc#1258181). - CVE-2026-23112: nvmet-tcp: add bounds checks in nvmet_tcp_build_pdu_iovec (bsc#1258184). - CVE-2026-23113: io_uring/io-wq: check IO_WQ_BIT_EXIT inside work run loop (bsc#1258278). - CVE-2026-23116: pmdomain: imx8m-blk-ctrl: Remove separate rst and clk mask for 8mq vpu (bsc#1258277). - CVE-2026-23119: bonding: provide a net pointer to __skb_flow_dissect() (bsc#1258273). - CVE-2026-23139: netfilter: nf_conncount: update last_gc only when GC has been performed (bsc#1258304). - CVE-2026-23141: btrfs: send: check for inline extents in range_is_hole_in_parent() (bsc#1258377). - CVE-2026-23166: ice: Fix NULL pointer dereference in ice_vsi_set_napi_queues (bsc#1258272). - CVE-2026-23171: net: bonding: update the slave array for broadcast mode (bsc#1258349). - CVE-2026-23173: net/mlx5e: TC, delete flows only for existing peers (bsc#1258520). - CVE-2026-23179: nvmet-tcp: fixup hang in nvmet_tcp_listen_data_ready() (bsc#1258394). - CVE-2026-23191: ALSA: aloop: Fix racy access at PCM trigger (bsc#1258395). - CVE-2026-23198: KVM: Don't clobber irqfd routing type when deassigning irqfd (bsc#1258321). - CVE-2026-23208: ALSA: usb-audio: Prevent excessive number of frames (bsc#1258468). - CVE-2026-23209: macvlan: fix error recovery in macvlan_common_newlink() (bsc#1258518). - CVE-2026-23213: drm/amd/pm: Disable MMIO access during SMU Mode 1 reset (bsc#1258465). - CVE-2026-23214: btrfs: reject new transactions if the fs is fully read-only (bsc#1258464). The following non security issues were fixed: - ALSA: usb-audio: Update the number of packets properly at receiving (stable-fixes). - ALSA: usb-audio: fix broken logic in snd_audigy2nx_led_update() (git-fixes). - ASoC: SOF: ipc4-control: If there is no data do not send bytes update (git-fixes). - HID: intel-ish-hid: Update ishtp bus match to support device ID table (stable-fixes). - PM: sleep: wakeirq: Update outdated documentation comments (git-fixes). - Update 'drm/mgag200: fix mgag200_bmc_stop_scanout()' bug number (bsc#1258153) - Update upstreamed net and powerpc patch references and sorting - bonding: only set speed/duplex to unknown, if getting speed failed (bsc#1253691). - btrfs: scrub: always update btrfs_scrub_progress::last_physical (git-fixes). - clocksource: Print durations for sync check unconditionally (bsc#1241345). - clocksource: Reduce watchdog readout delay limit to prevent false positives (bsc#1241345). - drm/radeon: delete radeon_fence_process in is_signaled, no deadlock (stable-fixes). - ext4: fix iloc.bh leak in ext4_xattr_inode_update_ref (git-fixes). - landlock: Optimize file path walks and prepare for audit support (bsc#1255698). - media: qcom: camss: vfe: Fix out-of-bounds access in vfe_isr_reg_update() (git-fixes). - shrink_slab_memcg: clear_bits of skipped shrinkers (bsc#1256564). - spi: tegra210-quad: Move curr_xfer read inside spinlock (bsc#1257952) - spi: tegra210-quad: Protect curr_xfer assignment in (bsc#1257952) - spi: tegra210-quad: Protect curr_xfer check in IRQ handler (bsc#1257952) - spi: tegra210-quad: Protect curr_xfer clearing in (bsc#1257952) - spi: tegra210-quad: Protect curr_xfer in tegra_qspi_combined_seq_xfer (bsc#1257952) - spi: tegra210-quad: Return IRQ_HANDLED when timeout already processed (bsc#1257952) - staging: rtl8723bs: fix missing status update on sdio_alloc_irq() failure (stable-fixes). - wifi: cfg80211: Fix use_for flag update on BSS refresh (git-fixes). - workqueue: mark power efficient workqueue as unbounded if (bsc#1257891) The following package changes have been done: - kernel-default-base-6.4.0-40.1.21.17 updated - qemu-guest-agent-8.2.10-slfo.1.1_4.1 updated - container:SL-Micro-base-container-2.2.1-5.90 updated From sle-container-updates at lists.suse.com Thu Mar 12 16:13:52 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Thu, 12 Mar 2026 17:13:52 +0100 (CET) Subject: SUSE-IU-2026:1407-1: Security update of suse/sl-micro/6.0/baremetal-os-container Message-ID: <20260312161352.96B79F77E@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.0/baremetal-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1407-1 Image Tags : suse/sl-micro/6.0/baremetal-os-container:2.1.3 , suse/sl-micro/6.0/baremetal-os-container:2.1.3-6.140 , suse/sl-micro/6.0/baremetal-os-container:latest Image Release : 6.140 Severity : important Type : security References : 1251214 1259362 1259363 1259364 1259365 CVE-2026-1965 CVE-2026-3783 CVE-2026-3784 CVE-2026-3805 ----------------------------------------------------------------- The container suse/sl-micro/6.0/baremetal-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 616 Released: Thu Mar 12 10:31:36 2026 Summary: Recommended update for gpg2 Type: recommended Severity: moderate References: 1251214 This update for gpg2 fixes the following issues: Changes for gpg2: - Fix Y2K38 FTBFS: * gpg2 quick-key-manipulation test FTBFS-2038 (bsc#1251214) * Upstream issue: dev.gnupg.org/T8096 ----------------------------------------------------------------- Advisory ID: 617 Released: Thu Mar 12 10:40:37 2026 Summary: Security update for curl Type: security Severity: important References: 1259362,1259363,1259364,1259365,CVE-2026-1965,CVE-2026-3783,CVE-2026-3784,CVE-2026-3805 This update for curl fixes the following issues: - CVE-2026-1965: bad reuse of HTTP Negotiate connection (bsc#1259362). - CVE-2026-3783: token leak with redirect and netrc (bsc#1259363). - CVE-2026-3784: wrong proxy connection reuse with credentials (bsc#1259364). - CVE-2026-3805: use after free in SMB connection reuse (bsc#1259365). The following package changes have been done: - SL-Micro-release-6.0-25.75 updated - libcurl-mini4-8.14.1-5.1 updated - gpg2-2.4.4-8.1 updated - container:SL-Micro-base-container-2.1.3-7.107 updated From sle-container-updates at lists.suse.com Thu Mar 12 16:15:26 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Thu, 12 Mar 2026 17:15:26 +0100 (CET) Subject: SUSE-IU-2026:1408-1: Security update of suse/sl-micro/6.0/base-os-container Message-ID: <20260312161526.CD9E6F77E@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.0/base-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1408-1 Image Tags : suse/sl-micro/6.0/base-os-container:2.1.3 , suse/sl-micro/6.0/base-os-container:2.1.3-7.107 , suse/sl-micro/6.0/base-os-container:latest Image Release : 7.107 Severity : important Type : security References : 1251214 1259362 1259363 1259364 1259365 CVE-2026-1965 CVE-2026-3783 CVE-2026-3784 CVE-2026-3805 ----------------------------------------------------------------- The container suse/sl-micro/6.0/base-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 616 Released: Thu Mar 12 10:31:36 2026 Summary: Recommended update for gpg2 Type: recommended Severity: moderate References: 1251214 This update for gpg2 fixes the following issues: Changes for gpg2: - Fix Y2K38 FTBFS: * gpg2 quick-key-manipulation test FTBFS-2038 (bsc#1251214) * Upstream issue: dev.gnupg.org/T8096 ----------------------------------------------------------------- Advisory ID: 617 Released: Thu Mar 12 10:40:37 2026 Summary: Security update for curl Type: security Severity: important References: 1259362,1259363,1259364,1259365,CVE-2026-1965,CVE-2026-3783,CVE-2026-3784,CVE-2026-3805 This update for curl fixes the following issues: - CVE-2026-1965: bad reuse of HTTP Negotiate connection (bsc#1259362). - CVE-2026-3783: token leak with redirect and netrc (bsc#1259363). - CVE-2026-3784: wrong proxy connection reuse with credentials (bsc#1259364). - CVE-2026-3805: use after free in SMB connection reuse (bsc#1259365). The following package changes have been done: - SL-Micro-release-6.0-25.75 updated - libcurl-mini4-8.14.1-5.1 updated - curl-8.14.1-5.1 updated - gpg2-2.4.4-8.1 updated - container:suse-toolbox-image-1.0.0-9.77 updated From sle-container-updates at lists.suse.com Thu Mar 12 16:17:02 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Thu, 12 Mar 2026 17:17:02 +0100 (CET) Subject: SUSE-IU-2026:1409-1: Security update of suse/sl-micro/6.0/kvm-os-container Message-ID: <20260312161702.CAF92F77E@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.0/kvm-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1409-1 Image Tags : suse/sl-micro/6.0/kvm-os-container:2.1.3 , suse/sl-micro/6.0/kvm-os-container:2.1.3-6.126 , suse/sl-micro/6.0/kvm-os-container:latest Image Release : 6.126 Severity : important Type : security References : 1259362 1259363 1259364 1259365 CVE-2026-1965 CVE-2026-3783 CVE-2026-3784 CVE-2026-3805 ----------------------------------------------------------------- The container suse/sl-micro/6.0/kvm-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 617 Released: Thu Mar 12 10:40:37 2026 Summary: Security update for curl Type: security Severity: important References: 1259362,1259363,1259364,1259365,CVE-2026-1965,CVE-2026-3783,CVE-2026-3784,CVE-2026-3805 This update for curl fixes the following issues: - CVE-2026-1965: bad reuse of HTTP Negotiate connection (bsc#1259362). - CVE-2026-3783: token leak with redirect and netrc (bsc#1259363). - CVE-2026-3784: wrong proxy connection reuse with credentials (bsc#1259364). - CVE-2026-3805: use after free in SMB connection reuse (bsc#1259365). The following package changes have been done: - SL-Micro-release-6.0-25.75 updated - libcurl-mini4-8.14.1-5.1 updated - container:SL-Micro-base-container-2.1.3-7.107 updated From sle-container-updates at lists.suse.com Thu Mar 12 16:18:55 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Thu, 12 Mar 2026 17:18:55 +0100 (CET) Subject: SUSE-IU-2026:1410-1: Security update of suse/sl-micro/6.0/rt-os-container Message-ID: <20260312161855.2A2F3F77E@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.0/rt-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1410-1 Image Tags : suse/sl-micro/6.0/rt-os-container:2.1.3 , suse/sl-micro/6.0/rt-os-container:2.1.3-7.140 , suse/sl-micro/6.0/rt-os-container:latest Image Release : 7.140 Severity : important Type : security References : 1259362 1259363 1259364 1259365 CVE-2026-1965 CVE-2026-3783 CVE-2026-3784 CVE-2026-3805 ----------------------------------------------------------------- The container suse/sl-micro/6.0/rt-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 617 Released: Thu Mar 12 10:40:37 2026 Summary: Security update for curl Type: security Severity: important References: 1259362,1259363,1259364,1259365,CVE-2026-1965,CVE-2026-3783,CVE-2026-3784,CVE-2026-3805 This update for curl fixes the following issues: - CVE-2026-1965: bad reuse of HTTP Negotiate connection (bsc#1259362). - CVE-2026-3783: token leak with redirect and netrc (bsc#1259363). - CVE-2026-3784: wrong proxy connection reuse with credentials (bsc#1259364). - CVE-2026-3805: use after free in SMB connection reuse (bsc#1259365). The following package changes have been done: - SL-Micro-release-6.0-25.75 updated - libcurl-mini4-8.14.1-5.1 updated - container:SL-Micro-container-2.1.3-6.140 updated From sle-container-updates at lists.suse.com Thu Mar 12 16:24:23 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Thu, 12 Mar 2026 17:24:23 +0100 (CET) Subject: SUSE-CU-2026:1642-1: Security update of suse/sl-micro/6.0/toolbox Message-ID: <20260312162423.02F7BF77E@maintenance.suse.de> SUSE Container Update Advisory: suse/sl-micro/6.0/toolbox ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:1642-1 Container Tags : suse/sl-micro/6.0/toolbox:13.2 , suse/sl-micro/6.0/toolbox:13.2-9.77 , suse/sl-micro/6.0/toolbox:latest Container Release : 9.77 Severity : important Type : security References : 1251214 1259362 1259363 1259364 1259365 CVE-2026-1965 CVE-2026-3783 CVE-2026-3784 CVE-2026-3805 ----------------------------------------------------------------- The container suse/sl-micro/6.0/toolbox was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 616 Released: Thu Mar 12 10:31:36 2026 Summary: Recommended update for gpg2 Type: recommended Severity: moderate References: 1251214 This update for gpg2 fixes the following issues: Changes for gpg2: - Fix Y2K38 FTBFS: * gpg2 quick-key-manipulation test FTBFS-2038 (bsc#1251214) * Upstream issue: dev.gnupg.org/T8096 ----------------------------------------------------------------- Advisory ID: 617 Released: Thu Mar 12 10:40:37 2026 Summary: Security update for curl Type: security Severity: important References: 1259362,1259363,1259364,1259365,CVE-2026-1965,CVE-2026-3783,CVE-2026-3784,CVE-2026-3805 This update for curl fixes the following issues: - CVE-2026-1965: bad reuse of HTTP Negotiate connection (bsc#1259362). - CVE-2026-3783: token leak with redirect and netrc (bsc#1259363). - CVE-2026-3784: wrong proxy connection reuse with credentials (bsc#1259364). - CVE-2026-3805: use after free in SMB connection reuse (bsc#1259365). The following package changes have been done: - SL-Micro-release-6.0-25.75 updated - curl-8.14.1-5.1 updated - gpg2-2.4.4-8.1 updated - libcurl-mini4-8.14.1-5.1 updated - skelcd-EULA-SL-Micro-2024.01.19-8.74 updated From sle-container-updates at lists.suse.com Thu Mar 12 16:25:35 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Thu, 12 Mar 2026 17:25:35 +0100 (CET) Subject: SUSE-IU-2026:1411-1: Security update of suse/sl-micro/6.1/baremetal-os-container Message-ID: <20260312162535.68E79F77E@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.1/baremetal-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1411-1 Image Tags : suse/sl-micro/6.1/baremetal-os-container:2.2.1 , suse/sl-micro/6.1/baremetal-os-container:2.2.1-7.69 , suse/sl-micro/6.1/baremetal-os-container:latest Image Release : 7.69 Severity : important Type : security References : 1243419 1246995 1259362 1259363 1259364 1259365 CVE-2026-1965 CVE-2026-3783 CVE-2026-3784 CVE-2026-3805 ----------------------------------------------------------------- The container suse/sl-micro/6.1/baremetal-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 440 Released: Thu Mar 12 11:27:47 2026 Summary: Security update for curl Type: security Severity: important References: 1243419,1246995,1259362,1259363,1259364,1259365,CVE-2026-1965,CVE-2026-3783,CVE-2026-3784,CVE-2026-3805 This update for curl fixes the following issues: - CVE-2026-1965: bad reuse of HTTP Negotiate connection (bsc#1259362). - CVE-2026-3783: token leak with redirect and netrc (bsc#1259363). - CVE-2026-3784: wrong proxy connection reuse with credentials (bsc#1259364). - CVE-2026-3805: use after free in SMB connection reuse (bsc#1259365). The following package changes have been done: - SL-Micro-release-6.1-slfo.1.12.16 updated - libcurl4-8.14.1-slfo.1.1_6.1 updated - container:SL-Micro-base-container-2.2.1-5.91 updated From sle-container-updates at lists.suse.com Thu Mar 12 16:27:03 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Thu, 12 Mar 2026 17:27:03 +0100 (CET) Subject: SUSE-IU-2026:1412-1: Security update of suse/sl-micro/6.1/base-os-container Message-ID: <20260312162703.68560F77E@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.1/base-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1412-1 Image Tags : suse/sl-micro/6.1/base-os-container:2.2.1 , suse/sl-micro/6.1/base-os-container:2.2.1-5.91 , suse/sl-micro/6.1/base-os-container:latest Image Release : 5.91 Severity : important Type : security References : 1243419 1246995 1259362 1259363 1259364 1259365 CVE-2026-1965 CVE-2026-3783 CVE-2026-3784 CVE-2026-3805 ----------------------------------------------------------------- The container suse/sl-micro/6.1/base-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 440 Released: Thu Mar 12 11:27:47 2026 Summary: Security update for curl Type: security Severity: important References: 1243419,1246995,1259362,1259363,1259364,1259365,CVE-2026-1965,CVE-2026-3783,CVE-2026-3784,CVE-2026-3805 This update for curl fixes the following issues: - CVE-2026-1965: bad reuse of HTTP Negotiate connection (bsc#1259362). - CVE-2026-3783: token leak with redirect and netrc (bsc#1259363). - CVE-2026-3784: wrong proxy connection reuse with credentials (bsc#1259364). - CVE-2026-3805: use after free in SMB connection reuse (bsc#1259365). The following package changes have been done: - SL-Micro-release-6.1-slfo.1.12.16 updated - libcurl4-8.14.1-slfo.1.1_6.1 updated - curl-8.14.1-slfo.1.1_6.1 updated - container:suse-toolbox-image-1.0.0-5.18 updated From sle-container-updates at lists.suse.com Thu Mar 12 16:28:41 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Thu, 12 Mar 2026 17:28:41 +0100 (CET) Subject: SUSE-IU-2026:1413-1: Security update of suse/sl-micro/6.1/kvm-os-container Message-ID: <20260312162841.73583F77E@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.1/kvm-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1413-1 Image Tags : suse/sl-micro/6.1/kvm-os-container:2.2.1 , suse/sl-micro/6.1/kvm-os-container:2.2.1-5.95 , suse/sl-micro/6.1/kvm-os-container:latest Image Release : 5.95 Severity : important Type : security References : 1243419 1246995 1259362 1259363 1259364 1259365 CVE-2026-1965 CVE-2026-3783 CVE-2026-3784 CVE-2026-3805 ----------------------------------------------------------------- The container suse/sl-micro/6.1/kvm-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 440 Released: Thu Mar 12 11:27:47 2026 Summary: Security update for curl Type: security Severity: important References: 1243419,1246995,1259362,1259363,1259364,1259365,CVE-2026-1965,CVE-2026-3783,CVE-2026-3784,CVE-2026-3805 This update for curl fixes the following issues: - CVE-2026-1965: bad reuse of HTTP Negotiate connection (bsc#1259362). - CVE-2026-3783: token leak with redirect and netrc (bsc#1259363). - CVE-2026-3784: wrong proxy connection reuse with credentials (bsc#1259364). - CVE-2026-3805: use after free in SMB connection reuse (bsc#1259365). The following package changes have been done: - SL-Micro-release-6.1-slfo.1.12.16 updated - libcurl4-8.14.1-slfo.1.1_6.1 updated - container:SL-Micro-base-container-2.2.1-5.91 updated From sle-container-updates at lists.suse.com Thu Mar 12 16:30:15 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Thu, 12 Mar 2026 17:30:15 +0100 (CET) Subject: SUSE-IU-2026:1414-1: Security update of suse/sl-micro/6.1/rt-os-container Message-ID: <20260312163015.A8C2DFB98@maintenance.suse.de> SUSE Image Update Advisory: suse/sl-micro/6.1/rt-os-container ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2026:1414-1 Image Tags : suse/sl-micro/6.1/rt-os-container:2.2.1 , suse/sl-micro/6.1/rt-os-container:2.2.1-5.83 , suse/sl-micro/6.1/rt-os-container:latest Image Release : 5.83 Severity : important Type : security References : 1243419 1246995 1259362 1259363 1259364 1259365 CVE-2026-1965 CVE-2026-3783 CVE-2026-3784 CVE-2026-3805 ----------------------------------------------------------------- The container suse/sl-micro/6.1/rt-os-container was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: 440 Released: Thu Mar 12 11:27:47 2026 Summary: Security update for curl Type: security Severity: important References: 1243419,1246995,1259362,1259363,1259364,1259365,CVE-2026-1965,CVE-2026-3783,CVE-2026-3784,CVE-2026-3805 This update for curl fixes the following issues: - CVE-2026-1965: bad reuse of HTTP Negotiate connection (bsc#1259362). - CVE-2026-3783: token leak with redirect and netrc (bsc#1259363). - CVE-2026-3784: wrong proxy connection reuse with credentials (bsc#1259364). - CVE-2026-3805: use after free in SMB connection reuse (bsc#1259365). The following package changes have been done: - SL-Micro-release-6.1-slfo.1.12.16 updated - libcurl4-8.14.1-slfo.1.1_6.1 updated - container:SL-Micro-container-2.2.1-7.69 updated From sle-container-updates at lists.suse.com Thu Mar 12 17:11:58 2026 From: sle-container-updates at lists.suse.com (sle-container-updates at lists.suse.com) Date: Thu, 12 Mar 2026 18:11:58 +0100 (CET) Subject: SUSE-CU-2026:1677-1: Security update of suse/sle-micro/5.2/toolbox Message-ID: <20260312171158.6F570F77E@maintenance.suse.de> SUSE Container Update Advisory: suse/sle-micro/5.2/toolbox ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2026:1677-1 Container Tags : suse/sle-micro/5.2/toolbox:14.2 , suse/sle-micro/5.2/toolbox:14.2-7.11.253 , suse/sle-micro/5.2/toolbox:latest Container Release : 7.11.253 Severity : important Type : security References : 1259362 1259363 1259364 1259365 CVE-2026-1965 CVE-2026-3783 CVE-2026-3784 CVE-2026-3805 ----------------------------------------------------------------- The container suse/sle-micro/5.2/toolbox was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2026:879-1 Released: Thu Mar 12 11:04:16 2026 Summary: Security update for curl Type: security Severity: important References: 1259362,1259363,1259364,1259365,CVE-2026-1965,CVE-2026-3783,CVE-2026-3784,CVE-2026-3805 This update for curl fixes the following issues: - CVE-2026-1965: bad reuse of HTTP Negotiate connection (bsc#1259362). - CVE-2026-3783: token leak with redirect and netrc (bsc#1259363). - CVE-2026-3784: wrong proxy connection reuse with credentials (bsc#1259364). - CVE-2026-3805: use after free in SMB connection reuse (bsc#1259365). The following package changes have been done: - curl-8.14.1-150200.4.103.1 updated - libcurl4-8.14.1-150200.4.103.1 updated