openSUSE 16 Security Update : podman (openSUSE-SU-2026:20305-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20305-1 advisory. Changes in podman: - Add symlink to catatonit in /usr/libexec/podman bsc1248988 - CVE-2025-47914: Fixed golang.org/x/crypto/ssh/agent: non...

openSUSE 16 Security Update : alloy (openSUSE-SU-2026:20140-1)

The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20140-1 advisory. Update to 1.12.2: Security fixes: - CVE-2025-68156: github.com/expr-lang/expr/builtin: Fixed potential DoS via unbounded recursion bsc1255333: -...

Security update for alloy

This update for alloy fixes the following issues: Update to 1.12.2: Security fixes: CVE-2025-68156: github.com/expr-lang/expr/builtin: Fixed potential DoS via unbounded recursion bsc1255333: CVE-2025-31133, CVE-2025-52565, CVE-2025-52881: github.com/opencontainers/runc: Fixed container breakouts ...

openSUSE 16 Security Update : buildah (openSUSE-SU-2026:20080-1)

The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20080-1 advisory. - CVE-2025-47914: golang.org/x/crypto/ssh/agent: Fixed non validated message size causing a panic due to an out of bounds read bsc1254054 -...

openSUSE 16 Security Update : podman (openSUSE-SU-2026:20072-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20072-1 advisory. - CVE-2025-31133,CVE-2025-52565,CVE-2025-52881: container breakouts by bypassing runc's restrictions for writing to arbitrary /proc files...

Security update for podman (important)

openSUSE security update: security update for podman ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20072-1 Rating: important References: bsc1249154 bsc1252376 Cross-References: CVE-2025-31133 CVE-2025-52565 CVE-2025-52881 CVE-2025-9566 CVSS scores...

Security update for buildah (important)

openSUSE security update: security update for buildah ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20080-1 Rating: important References: bsc1253096 bsc1253598 bsc1254054 Cross-References: CVE-2025-31133 CVE-2025-47913 CVE-2025-47914 CVE-2025-5256...

OPENSUSE-SU-2026:20080-1 Security update for buildah

This update for buildah fixes the following issues: - CVE-2025-47914: golang.org/x/crypto/ssh/agent: Fixed non validated message size causing a panic due to an out of bounds read bsc1254054 - CVE-2025-47913: golang.org/x/crypto/ssh/agent: Fixed client process termination when receiving an...

SUSE-SU-2026:20103-1 Security update for podman

This update for podman fixes the following issues: - CVE-2025-31133,CVE-2025-52565,CVE-2025-52881: container breakouts by bypassing runc's restrictions for writing to arbitrary /proc files bsc1252376. - CVE-2025-9566: kube play command may overwrite host files bsc1249154...

SUSE-SU-2026:20116-1 Security update for podman

This update for podman fixes the following issues: - CVE-2025-31133,CVE-2025-52565,CVE-2025-52881: container breakouts by bypassing runc's restrictions for writing to arbitrary /proc files bsc1252376. - CVE-2025-9566: kube play command may overwrite host files bsc1249154...

openSUSE 16 Security Update : runc (openSUSE-SU-2025-20072-1)

The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025-20072-1 advisory. - Update to runc v1.3.3: CVE-2025-31133, CVE-2025-52565, CVE-2025-52881: Fixed container breakouts by bypassing runc's restrictions for writing ...

OPENSUSE-SU-2025:20072-1 Security update for runc

This update for runc fixes the following issues: - Update to runc v1.3.3: CVE-2025-31133, CVE-2025-52565, CVE-2025-52881: Fixed container breakouts by bypassing runc's restrictions for writing to arbitrary /proc files bsc1252232...

SUSE SLES15 / openSUSE 15 Security Update : buildah (SUSE-SU-2025:4076-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:4076-1 advisory. - CVE-2025-52881: Fixed container breakouts by bypassing runc's restrictions for writing to arbitrary /proc files bsc1253096...

SUSE-SU-2025:4076-1 Security update for buildah

This update for buildah fixes the following issues: - CVE-2025-52881: Fixed container breakouts by bypassing runc's restrictions for writing to arbitrary /proc files bsc1253096...

Security update for buildah

This update for buildah fixes the following issues: CVE-2025-52881: Fixed container breakouts by bypassing runc's restrictions for writing to arbitrary /proc files bsc1253096 Other fixes: podman and buildah with runc 1.3.2 fail with lots of warnings as rootless bsc1252543 Patch Instructions: To...

SUSE-SU-2025:4075-1 Security update for buildah

This update for buildah fixes the following issues: - CVE-2025-52881: Fixed container breakouts by bypassing runc's restrictions for writing to arbitrary /proc files bsc1253096 Other fixes: - podman and buildah with runc 1.3.2 fail with lots of warnings as rootless bsc1252543...

CVE-2022-39395

Vela is a Pipeline Automation CI/CD framework built on Linux container technology written in Golang. In Vela Server and Vela Worker prior to version 0.16.0 and Vela UI prior to version 0.17.0, some default configurations for Vela allow exploitation and container breakouts. Users should upgrade to...

[SECURITY] [DLA 3735-1] runc security update

Debian LTS Advisory DLA-3735-1 [email protected] https://www.debian.org/lts/security/ Daniel Leidert February 19, 2024 https://wiki.debian.org/LTS Package : runc Version : 1.0.0rc6+dfsg1-3+deb10u3 CVE ID : CVE-2021-43784 CVE-2024-21626 Debian Bug : runc is a command line client for...

[SECURITY] [DSA 5615-1] runc security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5615-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 04, 2024 https://www.debian.org/security/faq -...

CVE-2022-39395

Vela is a Pipeline Automation CI/CD framework built on Linux container technology written in Golang. In Vela Server and Vela Worker prior to version 0.16.0 and Vela UI prior to version 0.17.0, some default configurations for Vela allow exploitation and container breakouts. Users should upgrade to...