SUSE-CU-2026:2102-1: Security update of suse/manager/5.0/x86_64/server-attestation
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Thu Mar 26 08:51:47 UTC 2026
SUSE Container Update Advisory: suse/manager/5.0/x86_64/server-attestation
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2026:2102-1
Container Tags : suse/manager/5.0/x86_64/server-attestation:5.0.7 , suse/manager/5.0/x86_64/server-attestation:5.0.7.6.36.2 , suse/manager/5.0/x86_64/server-attestation:latest
Container Release : 6.36.2
Severity : critical
Type : security
References : 1228081 1244449 1248356 1248586 1254157 1254158 1254159 1254160
1254202 1254293 1254297 1254480 1254563 1254662 1254670 1254878
1255427 1255446 1256341 1256427 1256437 1256459 1256525 1256526
1256766 1256822 1256830 1256834 1256835 1256836 1256837 1256838
1256839 1256840 1257005 1257034 1257036 1257037 1257038 1257049
1257353 1257354 1257355 1257364 1257365 1257463 1257927 1258020
1258319 1258392 1258568 1258913 1258942 1259313 1259418 1259650
1259697 CVE-2025-13151 CVE-2025-13601 CVE-2025-14087 CVE-2025-14512
CVE-2025-15281 CVE-2025-15467 CVE-2025-28162 CVE-2025-28164 CVE-2025-64505
CVE-2025-64506 CVE-2025-64720 CVE-2025-65018 CVE-2025-66293 CVE-2025-68160
CVE-2025-68161 CVE-2025-69418 CVE-2025-69419 CVE-2025-69420 CVE-2025-69421
CVE-2025-7709 CVE-2026-0861 CVE-2026-0915 CVE-2026-0988 CVE-2026-1484
CVE-2026-1485 CVE-2026-1489 CVE-2026-21925 CVE-2026-21932 CVE-2026-21933
CVE-2026-21945 CVE-2026-22693 CVE-2026-22695 CVE-2026-22795 CVE-2026-22796
CVE-2026-22801 CVE-2026-25646 CVE-2026-25727 CVE-2026-27171 CVE-2026-27727
CVE-2026-2781 CVE-2026-27830 CVE-2026-29111 CVE-2026-4105
-----------------------------------------------------------------
The container suse/manager/5.0/x86_64/server-attestation was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4494-1
Released: Fri Dec 19 14:14:12 2025
Summary: Security update for libpng16
Type: security
Severity: important
References: 1254157,1254158,1254159,1254160,1254480,CVE-2025-64505,CVE-2025-64506,CVE-2025-64720,CVE-2025-65018,CVE-2025-66293
This update for libpng16 fixes the following issues:
- CVE-2025-65018: Fixed heap buffer overflow in `png_combine_row` triggered via `png_image_finish_read` (bsc#1254160)
- CVE-2025-66293: Fixed LIBPNG out-of-bounds read in `png_image_read_composite` (bsc#1254480)
- CVE-2025-64506: Fixed heap buffer over-read in `png_write_image_8bit` with 8-bit input and `convert_to_8bit` enabled (bsc#1254158)
- CVE-2025-64720: Fixed buffer overflow in `png_image_read_composite` via incorrect palette premultiplication (bsc#1254159)
- CVE-2025-64505: Fixed heap buffer over-read in `png_do_quantize` via malformed palette index (bsc#1254157)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:18-1
Released: Mon Jan 5 11:52:25 2026
Summary: Security update for glib2
Type: security
Severity: important
References: 1254297,1254662,1254878,CVE-2025-13601,CVE-2025-14087,CVE-2025-14512
This update for glib2 fixes the following issues:
- CVE-2025-14512: integer overflow in the GIO `escape_byte_string()` function when processing malicious files or remote
filesystem attribute values can lead to denial-of-service (bsc#1254878).
- CVE-2025-14087: buffer underflow in the GVariant parser `bytestring_parse()` and `string_parse()`functions when
processing attacker-influenced data may lead to crash or code execution (bsc#1254662).
- CVE-2025-13601: heap-based buffer overflow in the `g_escape_uri_string()` function when processing strings with a
large number of unacceptable characters may lead to crash or code execution (bsc#1254297).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:224-1
Released: Thu Jan 22 13:18:20 2026
Summary: Security update for libtasn1
Type: security
Severity: moderate
References: 1256341,CVE-2025-13151
This update for libtasn1 fixes the following issues:
- CVE-2025-13151: stack-based buffer overflow in `asn1_expend_octet_string` (bsc#1256341).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:234-1
Released: Thu Jan 22 13:24:43 2026
Summary: Security update for libpng16
Type: security
Severity: moderate
References: 1256525,1256526,CVE-2026-22695,CVE-2026-22801
This update for libpng16 fixes the following issues:
- CVE-2026-22695: Fixed heap buffer over-read in png_image_finish_read (bsc#1256525)
- CVE-2026-22801: Fixed integer truncation causing heap buffer over-read in png_image_write_* (bsc#1256526).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:254-1
Released: Thu Jan 22 17:08:23 2026
Summary: Security update for log4j
Type: security
Severity: moderate
References: 1255427,CVE-2025-68161
This update for log4j fixes the following issues:
Security fixes:
- CVE-2025-68161: Fixed absent TLS hostname verification
that may allow a man-in-the-middle attack (bsc#1255427)
Other fixes:
- Upgrade to 2.18.0
* Added
+ Add support for Jakarta Mail API in the SMTP appender.
+ Add support for custom Log4j 1.x levels.
+ Add support for adding and retrieving appenders in Log4j 1.x
bridge.
+ Add support for custom LMAX disruptor WaitStrategy
configuration.
+ Add support for Apache Extras' RollingFileAppender in Log4j
1.x bridge.
+ Add MutableThreadContextMapFilter.
+ Add support for 24 colors in highlighting
* Changed
+ Improves ServiceLoader support on servlet containers.
+ Make the default disruptor WaitStrategy used by Async Loggers
garbage-free.
+ Do not throw UnsupportedOperationException when JUL
ApiLogger::setLevel is called.
+ Support Spring 2.6.x.
+ Move perf tests to log4j-core-its
+ Upgrade the Flume Appender to Flume 1.10.0
* Fixed
+ Fix minor typo #792.
+ Improve validation and reporting of configuration errors.
+ Allow enterprise id to be an OID fragment.
+ Fix problem with non-uppercase custom levels.
+ Avoid ClassCastException in JeroMqManager with custom
LoggerContextFactory #791.
+ DirectWriteRolloverStrategy should use the current time when
creating files.
+ Fixes the syslog appender in Log4j 1.x bridge, when used with
a custom layout.
+ log4j-1.2-api 2.17.2 throws NullPointerException while
removing appender with name as null.
+ Improve JsonTemplateLayout performance.
+ Fix resolution of non-Log4j properties.
+ Fixes Spring Boot logging system registration in a
multi-application environment.
+ JAR file containing Log4j configuration isn’t closed.
+ Properties defined in configuration using a value attribute
(as opposed to element) are read correctly.
+ Syslog appender lacks the SocketOptions setting.
+ Log4j 1.2 bridge should not wrap components unnecessarily.
+ Update 3rd party dependencies for 2.18.0.
+ SizeBasedTriggeringPolicy would fail to rename files properly
when integer pattern contained a leading zero.
+ Fixes default SslConfiguration, when a custom keystore is
used.
+ Fixes appender concurrency problems in Log4j 1.x bridge.
+ Fix and test for race condition in FileUtils.mkdir().
+ LocalizedMessage logs misleading errors on the console.
+ Add missing message parameterization in RegexFilter.
+ Add the missing context stack to JsonLayout template.
+ HttpWatcher did not pass credentials when polling.
+ UrlConnectionFactory.createConnection now accepts an
AuthorizationProvider as a parameter.
+ The DirectWriteRolloverStrategy was not detecting the correct
index to use during startup.
+ Async Loggers were including the location information by
default.
+ ClassArbiter’s newBuilder method referenced the wrong class.
+ Don’t use Paths.get() to avoid circular file systems.
+ Fix parsing error, when XInclude is disabled.
+ Fix LevelRangeFilterBuilder to align with log4j1’s behavior.
+ Fixes problem with wrong ANSI escape code for bright colors
+ Log4j 1.2 bridge should generate Log4j 2.x messages based on
the parameter runtime type.
- Update to 2.19.0
* Added
+ Add implementation of SLF4J2 fluent API.
+ Add support for SLF4J2 stack-valued MDC.
* Changed
+ Add getExplicitLevel method to LoggerConfig.
+ Allow PropertySources to be added.
+ Allow Plugins to be injected with the LoggerContext reference.
* Fixed
+ Add correct manifest entries for OSGi to log4j-jcl
+ Improve support for passwordless keystores.
+ SystemPropertyArbiter was assigning the value as the name.
+ Make JsonTemplateLayout stack trace truncation operate for
each label block.
+ Fix recursion between Log4j 1.2 LogManager and Category.
+ Fix resolution of properties not starting with log4j2..
+ Logger$PrivateConfig.filter(Level, Marker, String) was
allocating empty varargs array.
+ Allows a space separated list of style specifiers in the
%style pattern for consistency with %highlight.
+ Fix NPE in log4j-to-jul in the case the root logger level is
null.
+ Fix RollingRandomAccessFileAppender with
DirectWriteRolloverStrategy can’t create the first log file of
different directory.
+ Generate new SSL certs for testing.
+ Fix ServiceLoaderUtil behavior in the presence of a
SecurityManager.
+ Fix regression in Rfc5424Layout default values.
+ Harden InstantFormatter against delegate failures.
+ Add async support to Log4jServletFilter.
* Removed
+ Removed build page in favor of a single build instructions
file.
+ Remove SLF4J 1.8.x binding.
- Update to 2.20.0
* Added
+ Add support for timezones in RollingFileAppender date pattern
+ Add LogEvent timestamp to ProducerRecord in KafkaAppender
+ Add PatternLayout support for abbreviating the name of all
logger components except the 2 rightmost
+ Removes internal field that leaked into public API.
+ Add a LogBuilder#logAndGet() method to emulate the
Logger#traceEntry method.
* Changed
+ Simplify site generation
+ Switch the issue tracker from JIRA to GitHub Issues
+ Remove liquibase-log4j2 maven module
+ Fix order of stacktrace elements, that causes cache misses in
ThrowableProxyHelper.
+ Switch from com.sun.mail to Eclipse Angus.
+ Add Log4j2 Core as default runtime dependency of the
SLF4J2-to-Log4j2 API bridge.
+ Replace maven-changes-plugin with a custom changelog
implementation
+ Moved log4j-api and log4j-core artifacts with classifier tests
to log4j-api-test and log4j-core-test respectively.
* Deprecated
+ Deprecate support for package scanning for plugins
* Fixed
+ Copy programmatically supplied location even if
includeLocation='false'.
+ Eliminate status logger warning, when disableAnsi or
noConsoleNoAnsi is used the style and highlight patterns.
+ Fix detection of location requirements in RewriteAppender.
+ Replace regex with manual code to escape characters in
Rfc5424Layout.
+ Fix java.sql.Time object formatting in MapMessage
+ Fix previous fire time computation in CronTriggeringPolicy
+ Correct default to not include location for AsyncRootLoggers
+ Make StatusConsoleListener use SimpleLogger internally.
+ Lazily evaluate the level of a SLF4J LogEventBuilder
+ Fixes priority of Legacy system properties, which are now back
to having higher priority than Environment variables.
+ Protects ServiceLoaderUtil from unchecked ServiceLoader
exceptions.
+ Fix Configurator#setLevel for internal classes
+ Fix level propagation in Log4jBridgeHandler
+ Disable OsgiServiceLocator if not running in OSGI container.
+ When using a Date Lookup in the file pattern the current time
should be used.
+ Fixed LogBuilder filtering in the presence of global filters.
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:286-1
Released: Sat Jan 24 00:35:35 2026
Summary: Security update for glib2
Type: security
Severity: low
References: 1257049,CVE-2026-0988
This update for glib2 fixes the following issues:
- CVE-2026-0988: Fixed a potential integer overflow in g_buffered_input_stream_peek (bsc#1257049).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:287-1
Released: Sat Jan 24 00:35:49 2026
Summary: Security update for harfbuzz
Type: security
Severity: moderate
References: 1256459,CVE-2026-22693
This update for harfbuzz fixes the following issues:
- CVE-2026-22693: Fixed a NULL pointer dereference in SubtableUnicodesCache::create (bsc#1256459).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:312-1
Released: Wed Jan 28 10:37:55 2026
Summary: Security update for openssl-3
Type: security
Severity: critical
References: 1256830,1256834,1256835,1256836,1256837,1256838,1256839,1256840,CVE-2025-15467,CVE-2025-68160,CVE-2025-69418,CVE-2025-69419,CVE-2025-69420,CVE-2025-69421,CVE-2026-22795,CVE-2026-22796
This update for openssl-3 fixes the following issues:
- CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing (bsc#1256830).
- CVE-2025-68160: Heap out-of-bounds write in BIO_f_linebuffer on short writes (bsc#1256834).
- CVE-2025-69418: Unauthenticated/unencrypted trailing bytes with low-level OCB function calls (bsc#1256835).
- CVE-2025-69419: Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion (bsc#1256836).
- CVE-2025-69420: Missing ASN1_TYPE validation in TS_RESP_verify_response() function (bsc#1256837).
- CVE-2025-69421: NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex function (bsc#1256838).
- CVE-2026-22795: Missing ASN1_TYPE validation in PKCS#12 parsing (bsc#1256839).
- CVE-2026-22796: ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function (bsc#1256840).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:364-1
Released: Tue Feb 3 10:50:53 2026
Summary: Security update for libpng16
Type: security
Severity: moderate
References: 1257364,1257365,CVE-2025-28162,CVE-2025-28164
This update for libpng16 fixes the following issues:
- CVE-2025-28162: memory leaks when running `pngimage` (bsc#1257364).
- CVE-2025-28164: memory leaks when running `pngimage` (bsc#1257365).
- CVE-2026-22695: Fixed heap buffer over-read in png_image_finish_read (bsc#1256525).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:371-1
Released: Tue Feb 3 19:08:49 2026
Summary: Security update for glibc
Type: security
Severity: important
References: 1256437,1256766,1256822,1257005,CVE-2025-15281,CVE-2026-0861,CVE-2026-0915
This update for glibc fixes the following issues:
Security fixes:
- CVE-2026-0861: Fixed inadequate size check in the memalign suite may result in an integer overflow (bsc#1256766).
- CVE-2026-0915: Fixed uninitialized stack buffer used as DNS query name when net==0 in _nss_dns_getnetbyaddr_r (bsc#1256822).
- CVE-2025-15281: Fixed uninitialized memory may cause the process abort (bsc#1257005).
Other fixes:
- NPTL: Optimize trylock for high cache contention workloads (bsc#1256437).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:373-1
Released: Wed Feb 4 03:50:41 2026
Summary: Security update for glib2
Type: security
Severity: important
References: 1257353,1257354,1257355,CVE-2026-1484,CVE-2026-1485,CVE-2026-1489
This update for glib2 fixes the following issues:
- CVE-2026-1485: Fixed buffer underflow and out-of-bounds access due to integer wraparound in content type parsing (bsc#1257354).
- CVE-2026-1484: Fixed buffer underflow and out-of-bounds access due to miscalculated buffer boundaries in the Base64 encoding routine (bsc#1257355).
- CVE-2026-1489: Fixed undersized heap allocation followed by out-of-bounds access due to integer overflow in Unicode case conversion (bsc#1257353).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2026:407-1
Released: Mon Feb 9 07:43:45 2026
Summary: Recommended update for systemd
Type: recommended
Severity: important
References: 1228081,1244449,1248356,1254202,1254293,1254563,1256427
This update for systemd fixes the following issues:
- Name libsystemd-{shared,core} based on the major version of systemd and
the package release number (bsc#1228081, bsc#1256427)
This way, both the old and new versions of the shared libraries will be
present during the update. This should prevent issues during package updates
when incompatible changes are introduced in the new versions of the shared libraries.
- detect-virt: bare-metal GCE only for x86 and i386 (bsc#1254293)
- timer: rebase last_trigger timestamp if needed
- timer: rebase the next elapse timestamp only if timer didn't already run
- timer: don't run service immediately after restart of a timer (bsc#1254563)
- test: check the next elapse timer timestamp after deserialization
- test: restarting elapsed timer shouldn't trigger the corresponding service
- Reintroduce systemd-network as a transitional dummy package containing no files (bsc#1254202)
The contents of this package were split into two independent packages:
systemd-networkd and systemd-resolved. However, the initial replacement caused
both network services to be disabled. Consequently, the original package has
been restored as an empty transitional package to prevent the disabling of the services.
It can be safely removed once the update is complete.
- units: don't force the loading of the loop and dm_mod modules in systemd-repart.service (bsc#1248356)
- units: add dep on systemd-logind.service by user at .service
- detect-virt: add bare-metal support for GCE (bsc#1244449)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:414-1
Released: Tue Feb 10 09:33:11 2026
Summary: Security update for java-11-openjdk
Type: security
Severity: important
References: 1255446,1257034,1257036,1257037,1257038,CVE-2026-21925,CVE-2026-21932,CVE-2026-21933,CVE-2026-21945
This update for java-11-openjdk fixes the following issues:
Upgrade to upstream tag jdk-11.0.30+7 (January 2026 CPU)
Security fixes:
- CVE-2026-21925: Fixed Oracle Java SE component RMI (bsc#1257034).
- CVE-2026-21932: Fixed Oracle Java SE component AWT and JavaFX (bsc#1257036).
- CVE-2026-21933: Fixed Oracle Java SE component Networking (bsc#1257037).
- CVE-2026-21945: Fixed Oracle Java SE component Security (bsc#1257038).
Other fixes:
- OpenJDK rendering blue borders when it should not, due to missing the fix for JDK-6304250 from upstream (bsc#1255446).
- Do not depend on update-desktop-files (jsc#PED-14507).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:432-1
Released: Wed Feb 11 10:11:56 2026
Summary: Security update for sqlite3
Type: security
Severity: moderate
References: 1248586,1254670,CVE-2025-7709
This update for sqlite3 fixes the following issues:
- Update to v3.51.2:
- CVE-2025-7709: Fixed an integer overflow in the FTS5 extension. (bsc#1254670)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:582-1
Released: Fri Feb 20 11:02:21 2026
Summary: Security update for snpguest
Type: security
Severity: important
References: 1257927,CVE-2026-25727
This update for snpguest fixes the following issues:
- CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion
(bsc#1257927).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:597-1
Released: Mon Feb 23 16:58:08 2026
Summary: Security update for libpng16
Type: security
Severity: important
References: 1258020,CVE-2026-25646
This update for libpng16 fixes the following issues:
- CVE-2026-25646: heap buffer overflow vulnerability in png_set_dither/png_set_quantize (bsc#1258020).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:783-1
Released: Tue Mar 3 14:36:14 2026
Summary: Security update for zlib
Type: security
Severity: moderate
References: 1258392,CVE-2026-27171
This update for zlib fixes the following issue:
- CVE-2026-27171: Fixed infinite loop via the `crc32_combine64` and `crc32_combine_gen64` functions due to missing
checks for negative lengths (bsc#1258392).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2026:791-1
Released: Tue Mar 3 16:59:33 2026
Summary: Recommended update for gcc15
Type: recommended
Severity: moderate
References: 1257463
This update for gcc15 fixes the following issues:
- Fix bogus expression simplification (bsc#1257463)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:813-1
Released: Thu Mar 5 09:33:59 2026
Summary: Security update for mozilla-nss
Type: security
Severity: moderate
References: 1258568,CVE-2026-2781
This update for mozilla-nss fixes the following issues:
Update to NSS 3.112.3:
* CVE-2026-2781: Avoid integer overflow in platform-independent ghash (bsc#1258568)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2026:844-1
Released: Fri Mar 6 16:45:31 2026
Summary: Recommended update for glibc
Type: recommended
Severity: moderate
References: 1258319
This update for glibc fixes the following issues:
- nss: Missing checks in __nss_configure_lookup, __nss_database_get (bsc#1258319, BZ #28940)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:855-1
Released: Tue Mar 10 06:06:34 2026
Summary: Security update for c3p0 and mchange-commons
Type: security
Severity: important
References: 1258913,1258942,1259313,CVE-2026-27727,CVE-2026-27830
This update for c3p0 and mchange-commons fixes the following issues:
c3p0:
- Security issues fixed:
- CVE-2026-27830: Fixed unsafe object deserialization (bsc#1258942)
- Fix the null pointer exception in the userOverridesAsString
method (bsc#1259313).
mchange-commons:
- Security issues fixed:
- CVE-2026-27727: Disabled remote ClassLoading when dereferencing javax.naming.Reference instances (bsc#1258913)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:1040-1
Released: Wed Mar 25 13:43:08 2026
Summary: Security update for systemd
Type: security
Severity: important
References: 1259418,1259650,1259697,CVE-2026-29111,CVE-2026-4105
This update for systemd fixes the following issues:
- CVE-2026-4105: privilege escalation due to improper access control in RegisterMachine D-Bus method (bsc#1259650).
- CVE-2026-29111: local unprivileged user can trigger an assert in systemd (bsc#1259418).
- udev: check for invalid chars in various fields received from the kernel (bsc#1259697).
Changelog:
- a943e3ce2f machined: reject invalid class types when registering machines
- 71593f77db udev: fix review mixup
- 73a89810b4 udev-builtin-net-id: print cescaped bad attributes
- 0f360bfdc0 udev-builtin-net_id: do not assume the current interface name is ethX
- 40905232e2 udev: ensure tag parsing stays within bounds
- 7bce9026e3 udev: ensure there is space for trailing NUL before calling sprintf
- d018ac1ea3 udev: check for invalid chars in various fields received from the kernel
- aef6e11921 core/cgroup: avoid one unnecessary strjoina()
- cc7426f38a sd-json: fix off-by-one issue when updating parent for array elements
- 26a748f727 core: validate input cgroup path more prudently
- 99d8308fde core/dbus-manager: propagate meaningful dbus errors from EnqueueMarkedJobs
The following package changes have been done:
- glibc-2.38-150600.14.43.1 updated
- libgcc_s1-15.2.0+git10201-150000.1.9.1 updated
- libstdc++6-15.2.0+git10201-150000.1.9.1 updated
- mchange-commons-0.2.20-150400.3.3.1 updated
- libtasn1-6-4.13-150000.4.14.1 updated
- libtasn1-4.13-150000.4.14.1 updated
- libglib-2_0-0-2.78.6-150600.4.35.1 updated
- libopenssl3-3.1.4-150600.5.42.1 updated
- libopenssl-3-fips-provider-3.1.4-150600.5.42.1 updated
- libz1-1.2.13-150500.4.6.1 updated
- openssl-3-3.1.4-150600.5.42.1 updated
- libsqlite3-0-3.51.2-150000.3.36.1 updated
- libfreebl3-3.112.3-150400.3.63.1 updated
- libpng16-16-1.6.40-150600.3.12.1 updated
- snpguest-0.3.2-150600.3.9.1 updated
- libsystemd0-254.27-150600.4.62.1 updated
- mozilla-nss-certs-3.112.3-150400.3.63.1 updated
- libharfbuzz0-8.3.0-150600.3.3.1 updated
- mozilla-nss-3.112.3-150400.3.63.1 updated
- libsoftokn3-3.112.3-150400.3.63.1 updated
- java-11-openjdk-headless-11.0.30.0-150000.3.135.1 updated
- c3p0-0.9.5.5-150400.3.5.1 updated
- log4j-2.20.0-150200.4.30.1 updated
- container:sles15-ltss-image-15.6.0-5.32 added
- container:sles15-image-15.6.0-47.24.1 removed
- glassfish-activation-api-1.2.0-150200.5.3.4 removed
More information about the sle-container-updates
mailing list