SUSE-CU-2026:4693-1: Security update of rancher/elemental-channel/sl-micro
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Thu May 7 07:15:49 UTC 2026
SUSE Container Update Advisory: rancher/elemental-channel/sl-micro
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2026:4693-1
Container Tags : rancher/elemental-channel/sl-micro:6.0-kvm , rancher/elemental-channel/sl-micro:6.0-kvm-12.1
Container Release : 12.1
Severity : important
Type : security
References : 1192869 1217580 1217584 1217585 1241661 1246965 1253245 1256766
1256822 1257005 1258163 1258167 1258663 1259681 1259682 1259687
1260078 1260082 1261726 1261728 1261734 1262216 1262288 CVE-2021-42380
CVE-2023-42363 CVE-2023-42364 CVE-2023-42365 CVE-2025-15281 CVE-2025-46394
CVE-2025-60876 CVE-2025-8058 CVE-2026-0861 CVE-2026-0915 CVE-2026-21620
CVE-2026-23941 CVE-2026-23942 CVE-2026-23943 CVE-2026-26157 CVE-2026-26158
CVE-2026-28808 CVE-2026-28810 CVE-2026-32144 CVE-2026-40706 CVE-2026-4437
CVE-2026-4438
-----------------------------------------------------------------
The container rancher/elemental-channel/sl-micro was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: 597
Released: Thu Feb 26 12:33:53 2026
Summary: Security update for glibc
Type: security
Severity: important
References: 1246965,1256766,1256822,1257005,CVE-2025-15281,CVE-2025-8058,CVE-2026-0861,CVE-2026-0915
This update for glibc fixes the following issues:
- CVE-2026-0861: inadequate size check in the memalign suite may result in an integer overflow (bsc#1256766).
- CVE-2026-0915: uninitialized stack buffer used as DNS query name when net==0 in _nss_dns_getnetbyaddr_r (bsc#1256822).
- CVE-2025-15281: uninitialized memory may cause the process abort (bsc#1257005).
- CVE-2025-8058: a malloc failure in regcomp function can lead to a double free (bsc#1246965).
-----------------------------------------------------------------
Advisory ID: 619
Released: Thu Mar 12 18:27:13 2026
Summary: Security update for busybox
Type: security
Severity: important
References: 1192869,1217580,1217584,1217585,1241661,1253245,1258163,1258167,1258663,1259681,1259682,1259687,1261726,1261728,1261734,1262288,CVE-2021-42380,CVE-2023-42363,CVE-2023-42364,CVE-2023-42365,CVE-2025-46394,CVE-2025-60876,CVE-2026-21620,CVE-2026-23941,CVE-2026-23942,CVE-2026-23943,CVE-2026-26157,CVE-2026-26158,CVE-2026-28808,CVE-2026-28810,CVE-2026-32144
This update for busybox fixes the following issues:
- CVE-2023-42363: use-after-free vulnerability in xasprintf function in xfuncs_printf.c (bsc#1217580).
- CVE-2023-42364: use-after-free in the awk.c evaluate function (bsc#1217584).
- CVE-2023-42365: use-after-free in the awk.c copyvar function (bsc#1217585).
- CVE-2025-46394: files in a TAR archive can have their filenames hidden from a listing if terminal escape sequences are
used when naming other files included in the archive (bsc#1241661).
- CVE-2025-60876: request line incorrectly neutralized mat lead to header injection (bsc#1253245).
- CVE-2026-26157: Arbitrary file overwrite and potential code execution via incomplete path sanitization (bsc#1258163).
- CVE-2026-26158: Arbitrary file modification and privilege escalation via unvalidated tar archive entries
(bsc#1258167).
- CVE-2021-42380: Additional fix for use-after-realloc in awk (bsc#1192869).
-----------------------------------------------------------------
Advisory ID: 659
Released: Thu Apr 9 13:02:01 2026
Summary: Security update for glibc
Type: security
Severity: important
References: 1260078,1260082,1262216,CVE-2026-40706,CVE-2026-4437,CVE-2026-4438
This update for glibc fixes the following issues:
- CVE-2026-4437: incorrect DNS response parsing via crafted DNS server response (bsc#1260078).
- CVE-2026-4438: invalid DNS hostname returned via gethostbyaddr functions (bsc#1260082).
The following package changes have been done:
- glibc-2.38-12.1 updated
- busybox-1.36.1-3.1 updated
- container:suse-toolbox-image-1.0.0-9.105 updated
More information about the sle-container-updates
mailing list