SUSE-IU-2026:3752-1: Security update of suse/sl-micro/6.1/baremetal-os-container

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Wed May 27 07:21:30 UTC 2026 

SUSE Image Update Advisory: suse/sl-micro/6.1/baremetal-os-container
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2026:3752-1
Image Tags        : suse/sl-micro/6.1/baremetal-os-container:2.2.1 , suse/sl-micro/6.1/baremetal-os-container:2.2.1-7.107 , suse/sl-micro/6.1/baremetal-os-container:latest
Image Release     : 7.107
Severity          : important
Type              : security
References        : 1196933 1205588 1206608 1207543 1208928 1232351 1241284 1244003
                        1244011 1244325 1244937 1245667 1246011 1246025 1247432 1249657
                        1249985 1250224 1251827 1252318 1254336 1254425 1254679 1261280
                        1261606 1262223 CVE-2024-2312 CVE-2025-11561 CVE-2026-27456 CVE-2026-34743
                        CVE-2026-41035 
-----------------------------------------------------------------

The container suse/sl-micro/6.1/baremetal-os-container was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: 283
Released:    Thu Sep 25 11:22:43 2025
Summary:     Recommended update for go1.25
Type:        recommended
Severity:    moderate
References:  1249985
This update for go1.25 fixes the following issues:

- Package svgpan.js to fix issues with 'go tool pprof'. bsc#1249985


-----------------------------------------------------------------
Advisory ID: 527
Released:    Fri May 15 11:43:59 2026
Summary:     Security update for rsync
Type:        security
Severity:    important
References:  1244325,1251827,1262223,CVE-2025-11561,CVE-2026-41035
This update for rsync fixes the following issue

- CVE-2026-41035: count of entries mismatch can lead to a use-after-free (bsc#1262223).

-----------------------------------------------------------------
Advisory ID: 541
Released:    Thu May 21 14:22:14 2026
Summary:     Security update for xz
Type:        security
Severity:    important
References:  1205588,1247432,1254336,1254679,1261280,CVE-2024-2312,CVE-2026-34743
This update for xz fixes the following issue

- CVE-2026-34743: buffer overflow in lzma_index_append() (bsc#1261280).

-----------------------------------------------------------------
Advisory ID: 540
Released:    Thu May 21 14:40:13 2026
Summary:     Security update for util-linux
Type:        security
Severity:    moderate
References:  1196933,1206608,1207543,1208928,1232351,1241284,1244003,1244011,1244937,1245667,1246011,1246025,1249657,1250224,1252318,1254425,1261606,CVE-2026-27456
This update for util-linux fixes the following issue

- CVE-2026-27456: TOCTOU in the mount program when setting up loop devices (bsc#1261606).


The following package changes have been done:

- glibc-2.38-slfo.1.1_8.1 updated
- libuuid1-2.40.4-slfo.1.1_6.1 updated
- libsmartcols1-2.40.4-slfo.1.1_6.1 updated
- liblzma5-5.4.3-slfo.1.1_3.1 updated
- libblkid1-2.40.4-slfo.1.1_6.1 updated
- libmount1-2.40.4-slfo.1.1_6.1 updated
- libfdisk1-2.40.4-slfo.1.1_6.1 updated
- xz-5.4.3-slfo.1.1_3.1 updated
- util-linux-2.40.4-slfo.1.1_6.1 updated
- SL-Micro-release-6.1-slfo.1.12.43 updated
- util-linux-systemd-2.40.4-slfo.1.1_6.1 updated
- glibc-locale-base-2.38-slfo.1.1_8.1 updated
- rsync-3.3.0-slfo.1.1_6.1 updated
- timezone-2026b-slfo.1.1_1.1 updated
- container:SL-Micro-base-container-2.2.1-5.131 updated

More information about the sle-container-updates mailing list