SUSE-CU-2026:4705-1: Security update of rancher/elemental-operator
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Thu May 7 07:17:03 UTC 2026
SUSE Container Update Advisory: rancher/elemental-operator
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2026:4705-1
Container Tags : rancher/elemental-operator:1.7.4 , rancher/elemental-operator:1.7.4-4.52
Container Release : 4.52
Severity : important
Type : security
References : 1240385 1243581 1244933 1246602 1246965 1248410 1248687 1249584
1256459 1256766 1256822 1257005 1258002 1258229 1258637 1259051
1259924 1260078 1260082 1261809 142461 544339 CVE-2021-21411
CVE-2024-44906 CVE-2025-15281 CVE-2025-44779 CVE-2025-46836 CVE-2025-47907
CVE-2025-50738 CVE-2025-53534 CVE-2025-53906 CVE-2025-53942 CVE-2025-54386
CVE-2025-54388 CVE-2025-54410 CVE-2025-54424 CVE-2025-54576 CVE-2025-54799
CVE-2025-54801 CVE-2025-54996 CVE-2025-54997 CVE-2025-54998 CVE-2025-54999
CVE-2025-55000 CVE-2025-55001 CVE-2025-55003 CVE-2025-59375 CVE-2025-5999
CVE-2025-6000 CVE-2025-6004 CVE-2025-6011 CVE-2025-6013 CVE-2025-6014
CVE-2025-6015 CVE-2025-6037 CVE-2025-69720 CVE-2025-7195 CVE-2025-8058
CVE-2025-8341 CVE-2026-0861 CVE-2026-0915 CVE-2026-22693 CVE-2026-26269
CVE-2026-26996 CVE-2026-28417 CVE-2026-4437 CVE-2026-4438 CVE-2026-4878
-----------------------------------------------------------------
The container rancher/elemental-operator was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: 417
Released: Mon Mar 2 15:52:11 2026
Summary: Security update for glibc
Type: security
Severity: important
References: 1240385,1244933,1246602,1246965,1256766,1256822,1257005,1258229,1259051,CVE-2025-15281,CVE-2025-53906,CVE-2025-8058,CVE-2026-0861,CVE-2026-0915,CVE-2026-26269,CVE-2026-28417
This update for glibc fixes the following issues:
- CVE-2026-0861: inadequate size check in the memalign suite may result in an integer overflow (bsc#1256766).
- CVE-2026-0915: uninitialized stack buffer used as DNS query name when net==0 in _nss_dns_getnetbyaddr_r (bsc#1256822).
- CVE-2025-15281: uninitialized memory may cause the process abort (bsc#1257005).
- CVE-2025-8058: a malloc failure in regcomp function can lead to a double free (bsc#1246965).
-----------------------------------------------------------------
Advisory ID: 423
Released: Wed Mar 4 10:35:51 2026
Summary: Security update for ca-certificates-mozilla
Type: security
Severity: moderate
References: 1256459,1258002,CVE-2021-21411,CVE-2024-44906,CVE-2025-44779,CVE-2025-47907,CVE-2025-50738,CVE-2025-53534,CVE-2025-53942,CVE-2025-54386,CVE-2025-54388,CVE-2025-54410,CVE-2025-54424,CVE-2025-54576,CVE-2025-54799,CVE-2025-54801,CVE-2025-54996,CVE-2025-54997,CVE-2025-54998,CVE-2025-54999,CVE-2025-55000,CVE-2025-55001,CVE-2025-55003,CVE-2025-5999,CVE-2025-6000,CVE-2025-6004,CVE-2025-6011,CVE-2025-6013,CVE-2025-6014,CVE-2025-6015,CVE-2025-6037,CVE-2025-7195,CVE-2025-8341,CVE-2026-22693
This update for ca-certificates-mozilla fixes the following issues:
- Updated to 2.84 state of Mozilla SSL root CAs (bsc#1258002)
- Removed:
- Baltimore CyberTrust Root
- CommScope Public Trust ECC Root-01
- CommScope Public Trust ECC Root-02
- CommScope Public Trust RSA Root-01
- CommScope Public Trust RSA Root-02
- DigiNotar Root CA
- Added:
- e-Szigno TLS Root CA 2023
- OISTE Client Root ECC G1
- OISTE Client Root RSA G1
- OISTE Server Root ECC G1
- OISTE Server Root RSA G1
- SwissSign RSA SMIME Root CA 2022 - 1
- SwissSign RSA TLS Root CA 2022 - 1
- TrustAsia SMIME ECC Root CA
- TrustAsia SMIME RSA Root CA
- TrustAsia TLS ECC Root CA
- TrustAsia TLS RSA Root CA
-----------------------------------------------------------------
Advisory ID: 478
Released: Thu Apr 9 13:38:10 2026
Summary: Security update for glibc
Type: security
Severity: important
References: 1243581,1248410,1248687,1258637,1260078,1260082,142461,544339,CVE-2025-46836,CVE-2026-26996,CVE-2026-4437,CVE-2026-4438
This update for glibc fixes the following issues:
- CVE-2026-4437: incorrect DNS response parsing via crafted DNS server response (bsc#1260078).
- CVE-2026-4438: invalid DNS hostname returned via gethostbyaddr functions (bsc#1260082).
-----------------------------------------------------------------
Advisory ID: 494
Released: Mon Apr 20 19:04:13 2026
Summary: Security update for libcap
Type: security
Severity: important
References: 1261809,CVE-2026-4878
This update for libcap fixes the following issue:
- CVE-2026-4878: local privilege escalation through file capability injection due to TOCTOU race condition in
`cap_set_file()` (bsc#1261809).
-----------------------------------------------------------------
Advisory ID: 500
Released: Tue Apr 21 10:29:18 2026
Summary: Security update for ncurses
Type: security
Severity: moderate
References: 1249584,1259924,CVE-2025-59375,CVE-2025-69720
This update for ncurses fixes the following issue:
- CVE-2025-69720: buffer overflow in function `analyze_string()`of `progs/infocmp.c` (bsc#1259924).
The following package changes have been done:
- compat-usrmerge-tools-84.87-slfo.1.1_1.5 updated
- elemental-operator-1.7.4-slfo.1.1_1.1 updated
- system-user-root-20190513-slfo.1.1_1.2 updated
- filesystem-84.87-slfo.1.1_1.2 updated
- glibc-2.38-slfo.1.1_7.1 updated
- libtasn1-6-4.19.0-slfo.1.1_3.1 updated
- libpcre2-8-0-10.42-slfo.1.1_1.4 updated
- libgmp10-6.3.0-slfo.1.1_1.5 updated
- libgcc_s1-14.3.0+git11799-slfo.1.1_1.1 updated
- libffi8-3.4.6-slfo.1.1_1.4 updated
- libcap2-2.69-slfo.1.1_2.1 updated
- libattr1-2.5.1-slfo.1.1_1.3 updated
- libacl1-2.3.1-slfo.1.1_1.3 updated
- libselinux1-3.5-slfo.1.1_1.3 updated
- libstdc++6-14.3.0+git11799-slfo.1.1_1.1 updated
- libp11-kit0-0.25.3-slfo.1.1_1.2 updated
- libncurses6-6.4.20240224-slfo.1.1_2.1 updated
- terminfo-base-6.4.20240224-slfo.1.1_2.1 updated
- p11-kit-0.25.3-slfo.1.1_1.2 updated
- p11-kit-tools-0.25.3-slfo.1.1_1.2 updated
- libreadline8-8.2-slfo.1.1_1.4 updated
- bash-5.2.15-slfo.1.1_1.6 updated
- bash-sh-5.2.15-slfo.1.1_1.6 updated
- coreutils-9.4-slfo.1.1_2.1 updated
- ca-certificates-2+git20240805.fd24d50-slfo.1.1_1.2 updated
- ca-certificates-mozilla-2.84-slfo.1.1_1.1 updated
- container:suse-toolbox-image-1.0.0-5.50 updated
More information about the sle-container-updates
mailing list