SUSE-CU-2026:5021-1: Security update of suse/sle-micro-rancher/5.4

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Wed May 20 07:27:56 UTC 2026 

SUSE Container Update Advisory: suse/sle-micro-rancher/5.4
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2026:5021-1
Container Tags        : suse/sle-micro-rancher/5.4:5.4.4.5.110 , suse/sle-micro-rancher/5.4:latest
Container Release     : 4.5.110
Severity              : important
Type                  : security
References            : 1264086 CVE-2026-41054 
-----------------------------------------------------------------

The container suse/sle-micro-rancher/5.4 was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2026:2008-1
Released:    Tue May 19 13:54:28 2026
Summary:     Security update for haveged
Type:        security
Severity:    important
References:  1264086,CVE-2026-41054
This update for haveged fixes the following issue

- CVE-2026-41054: missing exit out of permission check could lead to root exploit (bsc#1264086).

Changes for haveged:

- Improvements on the linux kernel random subsystem have made
 move forward to socket communication within private network
- Fix 'stop' of service, the daemon in foreground actually
 see daemon(7) for the rationale. Only 'simple' (default) and
 the help of udev, as starting services while starved of entropy
- Add ppc64le support
- update to 1.8
 * Correct additional run-time test aligment problems on mips.
- haveged 1.7a
* Correct VPATH issues and modify check target to support
parallel builds and changes in automake 1.13 test harness.
- Remove all sysvinit compatibility.
- fix powerpc detection 
- Current version does support ARM, remove the ExcludeArch
 need network and can use PrivateNetwork=yes
 * Add online tests based on AIS-31
 * Fix install target, move to bin and eliminate script if not daemon, now use sysv and systemd templates
- use -F with no arguments in haveged.service
- build with -fpie
- Use Service type 'simple' in systemd unit
- fix build on ia64, s390, s390x
- fix ppc64 build
 present in old versions have been fixed in different ways.
- run spec cleaner
- Link with full RELRO (-Wl,-z,relro,-z,now)
- add systemd support
- Drop as much capabilitites as possible using libcap-ng
- I meant Enhances not Supplements
- Implement hack to start by default only in VMs
- use O_CLOEXEC on fds
- add proper Requires(pre)
- add a SUSE standard init script


The following package changes have been done:

- haveged-1.9.14-150400.3.11.1 updated
- libhavege2-1.9.14-150400.3.11.1 updated

More information about the sle-container-updates mailing list