ΠΠΏΠΈΡΠ°Π½ΠΈΠ΅
Security update for apptainer
This update for apptainer fixes the following issues
- CVE-2026-24137: github.com/sigstore/sigstore/pkg/tuf: legacy TUF client allows for arbitrary file writes with target cache path traversal (bsc#1264177).
- CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo- header (bsc#1260311).
- CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE (bsc#1265844).
- CVE-2026-34986: github.com/go-jose/go-jose/v4,github.com/go-jose/go-jose/v3: crafted JWE input with a missing encrypted key can lead to a denial of service (bsc#1262956).
- CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for validation bypass and privilege escalation (bsc#1266656).
- CVE-2026-39827: memory leak when rejecting channels can lead to DoS in golang.org/x/crypto/ssh (bsc#1266202).
- CVE-2026-39828: bypass of certificate restrictions in golang.org/x/crypto/ssh (bsc#1266202).
- CVE-2026-39829: pathological RSA/DSA parameters may cause DoS in golang.org/x/crypto/ssh (bsc#1266202).
- CVE-2026-39830: client can cause server deadlock on unexpected responses in golang.org/x/crypto/ssh (bsc#1266202).
- CVE-2026-39831: bypass of FIDO/U2F security keys physical interaction in golang.org/x/crypto/ssh (bsc#1266202).
- CVE-2026-39832: agent constraints dropped when forwarding keys in golang.org/x/crypto/ssh/agent (bsc#1266202).
- CVE-2026-39833: key constraints not enforced in golang.org/x/crypto/ssh/agent (bsc#1266202).
- CVE-2026-39834: infinite loop on large channel writes in golang.org/x/crypto/ssh (bsc#1266202).
- CVE-2026-39835: server panic during CheckHostKey/Authenticate in golang.org/x/crypto/ssh (bsc#1266202).
- CVE-2026-42508: auth bypass via unenforced @revoked status in golang.org/x/crypto/ssh/knownhosts (bsc#1266202).
- CVE-2026-46595: VerifiedPublicKeyCallback permissions skip enforcement in golang.org/x/crypto/ssh (bsc#1266202).
- CVE-2026-46597: byte arithmetic causes underflow and panic in golang.org/x/crypto/ssh (bsc#1266202).
- CVE-2026-46598: pathological inputs can lead to client panic in golang.org/x/crypto/ssh/agent (bsc#1266202).
- CVE-2026-48785: incorrect path matching for limit container paths directive (bsc#1267982).
Changes for apptainer:
- Update apptainer to version v1.5.1
- Work around segmentation fault sometimes seen while
mksquashfsunder proot is creating a SIF file. - Update bundled PRoot to version 5.4.0-rootless.3 in order to
fix a problem where SIF files could be corrupted when
mksquashfsdied with a signal. The proot command was not passing back an error exit code. - Updated bundled
squashfuse_llto version 0.6.2 in order to fix a crash sometimes seen with apptainer in unprivileged docker. - Update bundled fuse2fs to version 1.47.4 instead of patching the bugs in 1.47.3.
- Fix a crash that happened when
/etc/resolv.confwas a symlink while building from a definition file using the localimage bootstrap. - Support hosts that have an /etc/resolv.conf symlink pointing
to
../runin addition to/run. - Change the download-dependencies script to skip downloading the PRoot source code on architectures that it is known to not support (that is: ppc*, s390*, and riscv*). In those situations Apptainer will skip trying to compile and run proot. As a result original owners and groups of files will not be preserved in SIF images built by unprivileged users, as was the case for all architectures prior to 1.5.0.
- Fix panic encountered during progress bar update while pulling image.
- Fix fakeroot overwriting root's username in
/etc/passwdwith the host user's name, a regression introduced in v1.5.0. - Add nonested flag for --mount specifications to prevent
individual bind mounts from being passed to nested containers
via
APPTAINER_BIND.
Π‘ΠΏΠΈΡΠΎΠΊ ΠΏΠ°ΠΊΠ΅ΡΠΎΠ²
SUSE Linux Enterprise Module for HPC 15 SP7
SUSE Linux Enterprise Server 15 SP6-LTSS
Π‘ΡΡΠ»ΠΊΠΈ
- Link for SUSE-SU-2026:2609-1
- E-Mail link for SUSE-SU-2026:2609-1
- SUSE Security Ratings
- SUSE Bug 1260311
- SUSE Bug 1262956
- SUSE Bug 1264177
- SUSE Bug 1265844
- SUSE Bug 1266202
- SUSE Bug 1266656
- SUSE Bug 1267982
- SUSE CVE CVE-2026-24137 page
- SUSE CVE CVE-2026-33186 page
- SUSE CVE CVE-2026-33814 page
- SUSE CVE CVE-2026-34986 page
- SUSE CVE CVE-2026-39821 page
- SUSE CVE CVE-2026-39827 page
- SUSE CVE CVE-2026-39828 page
- SUSE CVE CVE-2026-39829 page
- SUSE CVE CVE-2026-39830 page
- SUSE CVE CVE-2026-39831 page
ΠΠΏΠΈΡΠ°Π½ΠΈΠ΅
sigstore framework is a common go library shared across sigstore services and clients. In versions 1.10.3 and below, the legacy TUF client (pkg/tuf/client.go) supports caching target files to disk. It constructs a filesystem path by joining a cache base directory with a target name sourced from signed target metadata; however, it does not validate that the resulting path stays within the cache base directory. A malicious TUF repository can trigger arbitrary file overwriting, limited to the permissions that the calling process has. Note that this should only affect clients that are directly using the TUF client in sigstore/sigstore or are using an older version of Cosign. Public Sigstore deployment users are unaffected, as TUF metadata is validated by a quorum of trusted collaborators. This issue has been fixed in version 1.10.4. As a workaround, users can disable disk caching for the legacy client by setting SIGSTORE_NO_CACHE=true in the environment, migrate to https://github.com/sigstore/sigstore-go/tree/main/pkg/tuf, or upgrade to the latest sigstore/sigstore release.
ΠΠ°ΡΡΠΎΠ½ΡΡΡΠ΅ ΠΏΡΠΎΠ΄ΡΠΊΡΡ
Π‘ΡΡΠ»ΠΊΠΈ
- CVE-2026-24137
- SUSE Bug 1257137
ΠΠΏΠΈΡΠ°Π½ΠΈΠ΅
gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input validation of the HTTP/2 `:path` pseudo-header. The gRPC-Go server was too lenient in its routing logic, accepting requests where the `:path` omitted the mandatory leading slash (e.g., `Service/Method` instead of `/Service/Method`). While the server successfully routed these requests to the correct handler, authorization interceptors (including the official `grpc/authz` package) evaluated the raw, non-canonical path string. Consequently, "deny" rules defined using canonical paths (starting with `/`) failed to match the incoming request, allowing it to bypass the policy if a fallback "allow" rule was present. This affects gRPC-Go servers that use path-based authorization interceptors, such as the official RBAC implementation in `google.golang.org/grpc/authz` or custom interceptors relying on `info.FullMethod` or `grpc.Method(ctx)`; AND that have a security policy contains specific "deny" rules for canonical paths but allows other requests by default (a fallback "allow" rule). The vulnerability is exploitable by an attacker who can send raw HTTP/2 frames with malformed `:path` headers directly to the gRPC server. The fix in version 1.79.3 ensures that any request with a `:path` that does not start with a leading slash is immediately rejected with a `codes.Unimplemented` error, preventing it from reaching authorization interceptors or handlers with a non-canonical path string. While upgrading is the most secure and recommended path, users can mitigate the vulnerability using one of the following methods: Use a validating interceptor (recommended mitigation); infrastructure-level normalization; and/or policy hardening.
ΠΠ°ΡΡΠΎΠ½ΡΡΡΠ΅ ΠΏΡΠΎΠ΄ΡΠΊΡΡ
Π‘ΡΡΠ»ΠΊΠΈ
- CVE-2026-33186
- SUSE Bug 1260085
- SUSE Bug 1268676
ΠΠΏΠΈΡΠ°Π½ΠΈΠ΅
When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.
ΠΠ°ΡΡΠΎΠ½ΡΡΡΠ΅ ΠΏΡΠΎΠ΄ΡΠΊΡΡ
Π‘ΡΡΠ»ΠΊΠΈ
- CVE-2026-33814
- SUSE Bug 1264506
- SUSE Bug 1268758
ΠΠΏΠΈΡΠ°Π½ΠΈΠ΅
Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. Prior to 4.1.4 and 3.0.5, decrypting a JSON Web Encryption (JWE) object will panic if the alg field indicates a key wrapping algorithm (one ending in KW, with the exception of A128GCMKW, A192GCMKW, and A256GCMKW) and the encrypted_key field is empty. The panic happens when cipher.KeyUnwrap() in key_wrap.go attempts to allocate a slice with a zero or negative length based on the length of the encrypted_key. This code path is reachable from ParseEncrypted() / ParseEncryptedJSON() / ParseEncryptedCompact() followed by Decrypt() on the resulting object. Note that the parse functions take a list of accepted key algorithms. If the accepted key algorithms do not include any key wrapping algorithms, parsing will fail and the application will be unaffected. This panic is also reachable by calling cipher.KeyUnwrap() directly with any ciphertext parameter less than 16 bytes long, but calling this function directly is less common. Panics can lead to denial of service. This vulnerability is fixed in 4.1.4 and 3.0.5.
ΠΠ°ΡΡΠΎΠ½ΡΡΡΠ΅ ΠΏΡΠΎΠ΄ΡΠΊΡΡ
Π‘ΡΡΠ»ΠΊΠΈ
- CVE-2026-34986
- SUSE Bug 1262805
ΠΠΏΠΈΡΠ°Π½ΠΈΠ΅
The ToASCII and ToUnicode functions incorrectly accept Punycode-encoded labels that decode to an ASCII-only label. For example, ToUnicode("xn--example-.com") incorrectly returns the name "example.com" rather than an error. This behavior can lead to privilege escalation in programs using the idna package. For example, a program which performs privilege checks on the ASCII hostname may reject "example.com" but permit "xn--example-.com". If that program subsequently converts the ASCII hostname to Unicode, it will inadvertently permits access to the Unicode name "example.com".
ΠΠ°ΡΡΠΎΠ½ΡΡΡΠ΅ ΠΏΡΠΎΠ΄ΡΠΊΡΡ
Π‘ΡΡΠ»ΠΊΠΈ
- CVE-2026-39821
- SUSE Bug 1266474
ΠΠΏΠΈΡΠ°Π½ΠΈΠ΅
An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server process and affecting all connected users. Rejected channels are now properly removed from the connection's internal state and released for garbage collection.
ΠΠ°ΡΡΠΎΠ½ΡΡΡΠ΅ ΠΏΡΠΎΠ΄ΡΠΊΡΡ
Π‘ΡΡΠ»ΠΊΠΈ
- CVE-2026-39827
- SUSE Bug 1266049
ΠΠΏΠΈΡΠ°Π½ΠΈΠ΅
When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeeded. Returning non-nil Permissions with PartialSuccessError now results in a connection error.
ΠΠ°ΡΡΠΎΠ½ΡΡΡΠ΅ ΠΏΡΠΎΠ΄ΡΠΊΡΡ
Π‘ΡΡΠ»ΠΊΠΈ
- CVE-2026-39828
- SUSE Bug 1266049
ΠΠΏΠΈΡΠ°Π½ΠΈΠ΅
The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with an excessively large modulus or DSA parameter could cause several minutes of CPU consumption during signature verification. This could be triggered by unauthenticated clients during public key authentication. RSA moduli are now limited to 8192 bits, and DSA parameters are validated per FIPS 186-2.
ΠΠ°ΡΡΠΎΠ½ΡΡΡΠ΅ ΠΏΡΠΎΠ΄ΡΠΊΡΡ
Π‘ΡΡΠ»ΠΊΠΈ
- CVE-2026-39829
- SUSE Bug 1266049
ΠΠΏΠΈΡΠ°Π½ΠΈΠ΅
A malicious SSH peer could send unsolicited global request responses to fill an internal buffer, blocking the connection's read loop. The blocked goroutine could not be released by calling Close(), resulting in a resource leak per connection. Unsolicited global responses are now discarded.
ΠΠ°ΡΡΠΎΠ½ΡΡΡΠ΅ ΠΏΡΠΎΠ΄ΡΠΊΡΡ
Π‘ΡΡΠ»ΠΊΠΈ
- CVE-2026-39830
- SUSE Bug 1266049
ΠΠΏΠΈΡΠ°Π½ΠΈΠ΅
The Verify() method for FIDO/U2F security key types (sk-ecdsa-sha2-nistp256@openssh.com, sk-ssh-ed25519@openssh.com) did not check the User Presence flag. Signatures generated without physical touch were accepted, allowing unattended use of a hardware security key. To restore the previous behavior, return a "no-touch-required" extension in Permissions.Extensions from PublicKeyCallback.
ΠΠ°ΡΡΠΎΠ½ΡΡΡΠ΅ ΠΏΡΠΎΠ΄ΡΠΊΡΡ
Π‘ΡΡΠ»ΠΊΠΈ
- CVE-2026-39831
- SUSE Bug 1266049
ΠΠΏΠΈΡΠ°Π½ΠΈΠ΅
When adding a key to a remote agent constraint extensions such as restrict-destination-v00@openssh.com were not serialized in the request. Destination restrictions were silently stripped when forwarding keys, allowing unrestricted use of the key on the remote host. The client now serializes all constraint extensions. Additionally, the in-memory keyring returned by NewKeyring() now rejects keys with unsupported constraint extensions instead of silently ignoring them.
ΠΠ°ΡΡΠΎΠ½ΡΡΡΠ΅ ΠΏΡΠΎΠ΄ΡΠΊΡΡ
Π‘ΡΡΠ»ΠΊΠΈ
- CVE-2026-39832
- SUSE Bug 1266049
ΠΠΏΠΈΡΠ°Π½ΠΈΠ΅
The in-memory keyring returned by NewKeyring() silently accepted keys with the ConfirmBeforeUse constraint but never enforced it. The key would sign without any confirmation prompt, with no indication to the caller that the constraint was not in effect. NewKeyring() now returns an error when unsupported constraints are requested.
ΠΠ°ΡΡΠΎΠ½ΡΡΡΠ΅ ΠΏΡΠΎΠ΄ΡΠΊΡΡ
Π‘ΡΡΠ»ΠΊΠΈ
- CVE-2026-39833
- SUSE Bug 1266049
ΠΠΏΠΈΡΠ°Π½ΠΈΠ΅
When writing data larger than 4GB in a single Write call on an SSH channel, an integer overflow in the internal payload size calculation caused the write loop to spin indefinitely, sending empty packets without making progress. The size comparison now uses int64 to prevent truncation.
ΠΠ°ΡΡΠΎΠ½ΡΡΡΠ΅ ΠΏΡΠΎΠ΄ΡΠΊΡΡ
Π‘ΡΡΠ»ΠΊΠΈ
- CVE-2026-39834
- SUSE Bug 1266049
ΠΠΏΠΈΡΠ°Π½ΠΈΠ΅
SSH servers which use CertChecker as a public key callback without setting IsUserAuthority or IsHostAuthority could be caused to panic by a client presenting a certificate. CertChecker now returns an error instead of panicking when these callbacks are nil.
ΠΠ°ΡΡΠΎΠ½ΡΡΡΠ΅ ΠΏΡΠΎΠ΄ΡΠΊΡΡ
Π‘ΡΡΠ»ΠΊΠΈ
- CVE-2026-39835
- SUSE Bug 1266049
ΠΠΏΠΈΡΠ°Π½ΠΈΠ΅
Previously, a revoked 'SignatureKey' belonging to a CA was not correctly checked for revocation. Now, both the 'key' and 'key.SignatureKey' are checked for @revoked.
ΠΠ°ΡΡΠΎΠ½ΡΡΡΠ΅ ΠΏΡΠΎΠ΄ΡΠΊΡΡ
Π‘ΡΡΠ»ΠΊΠΈ
- CVE-2026-42508
- SUSE Bug 1266049
ΠΠΏΠΈΡΠ°Π½ΠΈΠ΅
Previously, CVE-2024-45337 fixed an authorization bypass for misused ssh server configurations; if any other type of callback is passed other than public key, then the source-address validation would be skipped.
ΠΠ°ΡΡΠΎΠ½ΡΡΡΠ΅ ΠΏΡΠΎΠ΄ΡΠΊΡΡ
Π‘ΡΡΠ»ΠΊΠΈ
- CVE-2026-46595
- SUSE Bug 1266049
ΠΠΏΠΈΡΠ°Π½ΠΈΠ΅
An incorrectly placed cast from bytes to int allowed for server-side panic in the AES-GCM packet decoder for well-crafted inputs.
ΠΠ°ΡΡΠΎΠ½ΡΡΡΠ΅ ΠΏΡΠΎΠ΄ΡΠΊΡΡ
Π‘ΡΡΠ»ΠΊΠΈ
- CVE-2026-46597
- SUSE Bug 1266049
ΠΠΏΠΈΡΠ°Π½ΠΈΠ΅
For certain crafted inputs, a 'ed25519.PrivateKey' was created by casting malformed wire bytes, leading to a panic when used.
ΠΠ°ΡΡΠΎΠ½ΡΡΡΠ΅ ΠΏΡΠΎΠ΄ΡΠΊΡΡ
Π‘ΡΡΠ»ΠΊΠΈ
- CVE-2026-46598
- SUSE Bug 1266049
ΠΠΏΠΈΡΠ°Π½ΠΈΠ΅
unknown
ΠΠ°ΡΡΠΎΠ½ΡΡΡΠ΅ ΠΏΡΠΎΠ΄ΡΠΊΡΡ
Π‘ΡΡΠ»ΠΊΠΈ
- CVE-2026-48785
- SUSE Bug 1267982