<div class="container">
    <h1>Recommended update for runc</h1>

    <table class="table table-striped table-bordered">
        <tbody>
        <tr>
            <th>Announcement ID:</th>
            <td>SUSE-RU-2025:4327-1</td>
        </tr>
        <tr>
            <th>Release Date:</th>
            <td>2025-12-09T10:32:02Z</td>
        </tr>
        
        <tr>
            <th>Rating:</th>
            <td>moderate</td>
        </tr>
        <tr>
            <th>References:</th>
            <td>
                <ul>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1254362">bsc#1254362</a>
                        </li>
                    
                    
                </ul>
            </td>
        </tr>
        
        <tr>
            <th>Affected Products:</th>
            <td>
                <ul class="list-group">
                    
                        <li class="list-group-item">SUSE Linux Enterprise Server 12 SP5</li>
                    
                        <li class="list-group-item">SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security</li>
                    
                        <li class="list-group-item">SUSE Linux Enterprise Server for SAP Applications 12 SP5</li>
                    
                </ul>
            </td>
        </tr>
        </tbody>
    </table>

    <p>An update that has one fix can now be installed.</p>

    


    
        <h2>Description:</h2>
    
    <p>This update for runc fixes the following issues:</p>
<ul>
<li>Update to runc v1.3.4 (bsc#1254362)</li>
<li>libct: fix mips compilation:<ul>
<li>When configuring a tmpfs mount, only set the mode= argument if the
  target path already existed.</li>
<li>Fix various file descriptor leaks and add additional tests to detect them as
  comprehensively as possible.</li>
</ul>
</li>
<li>Downgrade github.com/cyphar/filepath-securejoin dependency to v0.5.2,
  which should make it easier for some downstreams to import runc without
  pulling in too many extra packages.</li>
<li>The runc binary distributed with this release are statically linked with the following 
  GNU LGPL-2.1 licensed libraries, with runc acting as a "work that uses the Library":<ul>
<li>libseccomp: The versions of these libraries were not modified from their upstream versions</li>
</ul>
</li>
</ul>



    

    <h2>Patch Instructions:</h2>
    <p>
        To install this SUSE  update use the SUSE recommended
        installation methods like YaST online_update or "zypper patch".<br/>

        Alternatively you can run the command listed for your product:
    </p>
    <ul class="list-group">
        
            <li class="list-group-item">
                SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
                
                    
                        <br/>
                        <code>zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-4327=1</code>
                    
                    
                
            </li>
        
    </ul>

    <h2>Package List:</h2>
    <ul>
        
            
                <li>
                    SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
                    <ul>
                        
                            <li>runc-1.3.4-16.73.1</li>
                        
                            <li>runc-debuginfo-1.3.4-16.73.1</li>
                        
                    </ul>
                </li>
            
        
    </ul>

    
        <h2>References:</h2>
        <ul>
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1254362">https://bugzilla.suse.com/show_bug.cgi?id=1254362</a>
                    </li>
                
            
        </ul>
    
</div>