SUSE-IU-2026:3307-1: Security update of suse/sl-micro/6.1/baremetal-os-container
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Wed May 13 07:41:45 UTC 2026
SUSE Image Update Advisory: suse/sl-micro/6.1/baremetal-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2026:3307-1
Image Tags : suse/sl-micro/6.1/baremetal-os-container:2.2.1 , suse/sl-micro/6.1/baremetal-os-container:2.2.1-7.106 , suse/sl-micro/6.1/baremetal-os-container:latest
Image Release : 7.106
Severity : important
Type : security
References : 1231055 1252425 1252892 1261427 1261430 CVE-2026-35385 CVE-2026-35414
-----------------------------------------------------------------
The container suse/sl-micro/6.1/baremetal-os-container was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: 524
Released: Tue May 12 12:19:47 2026
Summary: Security update for openssh
Type: security
Severity: important
References: 1231055,1252425,1252892,1261427,1261430,CVE-2026-35385,CVE-2026-35414
This update for openssh fixes the following issues
- CVE-2026-35385: a file downloaded by scp may be installed setuid or setgid (bsc#1261427).
- CVE-2026-35414: mishandling of authorized_keys principals option (bsc#1261430).
The following package changes have been done:
- openssh-common-9.6p1-slfo.1.1_4.1 updated
- openssh-server-9.6p1-slfo.1.1_4.1 updated
- openssh-clients-9.6p1-slfo.1.1_4.1 updated
- openssh-9.6p1-slfo.1.1_4.1 updated
- container:SL-Micro-base-container-2.2.1-5.129 updated
More information about the sle-container-updates
mailing list