SUSE-IU-2026:3347-1: Security update of suse/sl-micro/6.2/baremetal-os-container
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Sat May 16 07:06:23 UTC 2026
SUSE Image Update Advisory: suse/sl-micro/6.2/baremetal-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2026:3347-1
Image Tags : suse/sl-micro/6.2/baremetal-os-container:2.3.0 , suse/sl-micro/6.2/baremetal-os-container:2.3.0-7.152 , suse/sl-micro/6.2/baremetal-os-container:latest
Image Release : 7.152
Severity : important
Type : security
References : 1252890 1261427 1261430 1262555 CVE-2026-35385 CVE-2026-35414
-----------------------------------------------------------------
The container suse/sl-micro/6.2/baremetal-os-container was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: 752
Released: Fri May 15 13:23:14 2026
Summary: Security update for openssh
Type: security
Severity: important
References: 1252890,1261427,1261430,1262555,CVE-2026-35385,CVE-2026-35414
This update for openssh fixes the following issues
Security issues fixed:
- CVE-2026-35385: a file downloaded by scp may be installed setuid or setgid (bsc#1261427).
- CVE-2026-35414: mishandling of authorized_keys principals option (bsc#1261430).
Other issues fixed:
- SSH port not reachable on SLES-16.0-CHOST-BYOS since build 1.32 for both x86_64 and aarch64 (bsc#1262555).
- OpenSSH audit support causes connection lost with parallel sessions (bsc#1252890).
The following package changes have been done:
- openssh-common-10.0p2-160000.5.1 updated
- openssh-server-10.0p2-160000.5.1 updated
- openssh-clients-10.0p2-160000.5.1 updated
- openssh-10.0p2-160000.5.1 updated
More information about the sle-container-updates
mailing list