SUSE-SU-2025:02808-1

Опубликовано: 15 авг. 2025

Источник: suse-cvrf

Описание

Security update for podman

This update for podman fixes the following issues:

CVE-2025-6032: Fixed machine init command failing to verify TLS certificate (bsc#1245320)

Список пакетов

Container suse/sle-micro/5.5:latest

podman-4.9.5-150500.3.46.1

SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS

podman-4.9.5-150500.3.46.1

podman-docker-4.9.5-150500.3.46.1

podman-remote-4.9.5-150500.3.46.1

podmansh-4.9.5-150500.3.46.1

SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS

podman-4.9.5-150500.3.46.1

podman-docker-4.9.5-150500.3.46.1

podman-remote-4.9.5-150500.3.46.1

podmansh-4.9.5-150500.3.46.1

SUSE Linux Enterprise Micro 5.5

podman-4.9.5-150500.3.46.1

podman-docker-4.9.5-150500.3.46.1

podman-remote-4.9.5-150500.3.46.1

podmansh-4.9.5-150500.3.46.1

SUSE Linux Enterprise Module for Containers 15 SP6

podman-4.9.5-150500.3.46.1

podman-docker-4.9.5-150500.3.46.1

podman-remote-4.9.5-150500.3.46.1

podmansh-4.9.5-150500.3.46.1

SUSE Linux Enterprise Module for Containers 15 SP7

podman-4.9.5-150500.3.46.1

podman-docker-4.9.5-150500.3.46.1

podman-remote-4.9.5-150500.3.46.1

podmansh-4.9.5-150500.3.46.1

SUSE Linux Enterprise Server 15 SP5-LTSS

podman-4.9.5-150500.3.46.1

podman-docker-4.9.5-150500.3.46.1

podman-remote-4.9.5-150500.3.46.1

podmansh-4.9.5-150500.3.46.1

SUSE Linux Enterprise Server for SAP Applications 15 SP5

podman-4.9.5-150500.3.46.1

podman-docker-4.9.5-150500.3.46.1

podman-remote-4.9.5-150500.3.46.1

podmansh-4.9.5-150500.3.46.1

openSUSE Leap 15.6

podman-4.9.5-150500.3.46.1

podman-docker-4.9.5-150500.3.46.1

podman-remote-4.9.5-150500.3.46.1

podmansh-4.9.5-150500.3.46.1

Ссылки

https://www.suse.com/support/update/announcement/2025/suse-su-202502808-1/
Link for SUSE-SU-2025:02808-1
https://lists.suse.com/pipermail/sle-updates/2025-August/041231.html
E-Mail link for SUSE-SU-2025:02808-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1245320
SUSE Bug 1245320
https://www.suse.com/security/cve/CVE-2025-6032/
SUSE CVE CVE-2025-6032 page

Описание

A flaw was found in Podman. The podman machine init command fails to verify the TLS certificate when downloading the VM images from an OCI registry. This issue results in a Man In The Middle attack.

Затронутые продукты

Container suse/sle-micro/5.5:latest:podman-4.9.5-150500.3.46.1

SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-4.9.5-150500.3.46.1

SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-docker-4.9.5-150500.3.46.1

SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:podman-remote-4.9.5-150500.3.46.1

Ссылки

https://www.suse.com/security/cve/CVE-2025-6032.html
CVE-2025-6032
https://bugzilla.suse.com/1245320
SUSE Bug 1245320

SUSE-SU-2025:02808-1

Описание

Список пакетов

Container suse/sle-micro/5.5:latest

SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS

SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS

SUSE Linux Enterprise Micro 5.5

SUSE Linux Enterprise Module for Containers 15 SP6

SUSE Linux Enterprise Module for Containers 15 SP7

SUSE Linux Enterprise Server 15 SP5-LTSS

SUSE Linux Enterprise Server for SAP Applications 15 SP5

openSUSE Leap 15.6

Ссылки

Уязвимость: CVE-2025-6032

Описание

Затронутые продукты

Ссылки