SUSE-IU-2026:1241-1: Security update of suse/sl-micro/6.2/baremetal-os-container

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Wed Mar 4 08:11:23 UTC 2026 

SUSE Image Update Advisory: suse/sl-micro/6.2/baremetal-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2026:1241-1
Image Tags        : suse/sl-micro/6.2/baremetal-os-container:2.3.0 , suse/sl-micro/6.2/baremetal-os-container:2.3.0-7.61 , suse/sl-micro/6.2/baremetal-os-container:latest
Image Release     : 7.61
Severity          : important
Type              : security
References        : 1248988 1249154 1252376 1253542 1253993 1254299 1254415 1258022
                        CVE-2025-22869 CVE-2025-31133 CVE-2025-47913 CVE-2025-47914 CVE-2025-52565
                        CVE-2025-52881 CVE-2025-6032 CVE-2025-9566 
-----------------------------------------------------------------

The container suse/sl-micro/6.2/baremetal-os-container was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: 338
Released:    Tue Mar  3 09:57:47 2026
Summary:     Recommended update for grub2
Type:        recommended
Severity:    important
References:  1254299,1254415,1258022
This update for grub2 fixes the following issues:

- Support dm multipath bootlist on PowerPC (bsc#1254415)
- Backport upstream's commit to prevent BIOS assert (bsc#1258022)
- Fix error 'grub-core/script/lexer.c:352:out of memory' after PowerPC CAS Reboot (bsc#1254299)
    * Fix PowerPC CAS reboot to evaluate menu context

-----------------------------------------------------------------
Advisory ID: 343
Released:    Tue Mar  3 17:13:34 2026
Summary:     Security update for podman
Type:        security
Severity:    important
References:  1248988,1249154,1252376,1253542,1253993,CVE-2025-22869,CVE-2025-31133,CVE-2025-47913,CVE-2025-47914,CVE-2025-52565,CVE-2025-52881,CVE-2025-6032,CVE-2025-9566
This update for podman fixes the following issues:

Changes in podman:

- Add symlink to catatonit in /usr/libexec/podman (bsc#1248988)

- CVE-2025-47914: Fixed golang.org/x/crypto/ssh/agent: non validated message size can cause a panic due to an out of bounds read  (bsc#1253993)
- CVE-2025-47913: Fixed golang.org/x/crypto/ssh/agent: client process termination when receiving an unexpected message type in response to a key listing or signing request (bsc#1253542):

- CVE-2025-31133,CVE-2025-52565,CVE-2025-52881: Fixed runc: Container breakouts by bypassing runc's restrictions for writing to arbitrary /proc files  (bsc#1252376):
- CVE-2025-9566: Fixed that podman kube play command may overwrite host files (bsc#1249154):


The following package changes have been done:

- grub2-common-2.12-160000.5.1 updated
- grub2-i386-pc-2.12-160000.5.1 updated
- grub2-2.12-160000.5.1 updated
- libnm0-1.52.0-160000.3.1 updated
- NetworkManager-1.52.0-160000.3.1 updated
- podman-5.4.2-160000.4.1 updated
- container:suse-sl-micro-6.2-base-os-container-latest-2df60dd9c13e180ed5bfc5435e4cc6edf4450114353a264e424db6ee7a150539-0 updated

More information about the sle-container-updates mailing list