SUSE-IU-2026:1447-1: Security update of suse/sl-micro/6.0/base-os-container

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Tue Mar 17 08:07:28 UTC 2026 

SUSE Image Update Advisory: suse/sl-micro/6.0/base-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2026:1447-1
Image Tags        : suse/sl-micro/6.0/base-os-container:2.1.3 , suse/sl-micro/6.0/base-os-container:2.1.3-7.109 , suse/sl-micro/6.0/base-os-container:latest
Image Release     : 7.109
Severity          : important
Type              : security
References        : 1233593 1233594 1246607 1252148 1259118 CVE-2024-11595 CVE-2024-11596
                        CVE-2026-23865 
-----------------------------------------------------------------

The container suse/sl-micro/6.0/base-os-container was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: 109
Released:    Mon Feb  3 10:11:27 2025
Summary:     Security update for wireshark
Type:        security
Severity:    important
References:  1233593,1233594,CVE-2024-11595,CVE-2024-11596
This update for wireshark fixes the following issues:

Wireshark 4.2.9:

* CVE-2024-11595: FiveCo RAP dissector infinite loop (bsc#1233594).
* CVE-2024-11596: ECMP dissector crash (bsc#1233593).

-----------------------------------------------------------------
Advisory ID: 621
Released:    Mon Mar 16 10:03:43 2026
Summary:     Recommended update for tar
Type:        recommended
Severity:    moderate
References:  1246607
This update for tar fixes the following issues:

- Fixes tar creating invalid tarballs when used with --delete (bsc#1246607)
- Add makeinfo build requirement, needed after the addition of the patch

-----------------------------------------------------------------
Advisory ID: 623
Released:    Mon Mar 16 14:23:56 2026
Summary:     Security update for freetype2
Type:        security
Severity:    moderate
References:  1252148,1259118,CVE-2026-23865
This update for freetype2 fixes the following issue:

Update to freetype2 2.14.2:

- CVE-2026-23865: Integer overflow in the tt_var_load_item_variation_store function (bsc#1259118).

Changelog:

 * Several changes related to LCD filtering are implemented to
 achieve better performance and encourage sound practices.
 * Instead of blanket LCD filtering over the entire bitmap, it
 is now applied only to non-zero spans using direct rendering.
 This speeds up the ClearType-like rendering by more than 40%
 at sizes above 32 ppem.
 * Setting the filter weights with FT_Face_Properties is no
 longer supported. The default and light filters are optimized
 to work with any face.
 * The legacy libXft LCD filter algorithm is no longer provided.
 * The italic angle in `PS_FontInfo` is now stored as a fixed-point
 value in degrees for all Type 1 fonts and their derivatives,
 consistent with CFF fonts and common practices. The broken
 underline position and thickness values are fixed for CFF fonts.
 * The `x` field in the `FT_Span` structure is now unsigned.
 * Demo program `ftgrid` got an option `-m` to select a start
 character to display.
 * Similarly, demo program `ftmulti` got an option `-m` to select a
 text string for rendering.
 * Option `-d` in the demo program `ttdebug` is now called `-a`,
 expecting a comma-separated list of axis values. The user
 interface is also slightly improved.
 * The `ftinspect` demo program can now be compiled with Qt6, too.
 * The auto-hinter got new abilities. It can now better separate
 diacritic glyphs from base glyphs at small sizes by
 artificially moving diacritics up (or down) if necessary
 * Tilde accent glyphs get vertically stretched at small sizes so
 that they don't degenerate to horizontal lines.
 * Diacritics directly attached to a base glyph (like the ogonek in
 character 'Ä™') no longer distort the shape of the base glyph
 * The TrueType instruction interpreter was optimized to
 produce a 15% gain in the glyph loading speed.
 * Handling of Variation Fonts is now considerably faster
 * TrueType and CFF glyph loading speed has been improved by 5-10%
 on modern 64-bit platforms as a result of better handling of
 fixed-point multiplication.
 * The BDF driver now loads fonts 75% faster.


The following package changes have been done:

- libfreetype6-2.14.2-1.1 updated
- SL-Micro-release-6.0-25.76 updated
- tar-1.35-2.1 updated
- container:suse-toolbox-image-1.0.0-9.79 updated

More information about the sle-container-updates mailing list