Security update for docker SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2025:1341-1 Final 1 1 2025-04-17T14:01:23Z current 2025-04-17T14:01:23Z 2025-04-17T14:01:23Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for docker This update for docker fixes the following issues: - Update to docker-buildx v0.22.0 - CVE-2025-0495: Fixed an integer overflow in User ID handling in containerd. (bsc#1239765) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2025-1341,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1341 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2025/suse-su-20251341-1/ Link for SUSE-SU-2025:1341-1 https://lists.suse.com/pipermail/sle-updates/2025-April/039063.html E-Mail link for SUSE-SU-2025:1341-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1239765 SUSE Bug 1239765 https://www.suse.com/security/cve/CVE-2025-0495/ SUSE CVE CVE-2025-0495 page SUSE Linux Enterprise Server LTSS Extended Security 12 SP5 docker-27.5.1_ce-98.129.1 docker-bash-completion-27.5.1_ce-98.129.1 docker-fish-completion-27.5.1_ce-98.129.1 docker-rootless-extras-27.5.1_ce-98.129.1 docker-zsh-completion-27.5.1_ce-98.129.1 docker-27.5.1_ce-98.129.1 as a component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5 docker-bash-completion-27.5.1_ce-98.129.1 as a component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5 Buildx is a Docker CLI plugin that extends build capabilities using BuildKit. Cache backends support credentials by setting secrets directly as attribute values in cache-to/cache-from configuration. When supplied as user input, these secure values may be inadvertently captured in OpenTelemetry traces as part of the arguments and flags for the traced CLI command. OpenTelemetry traces are also saved in BuildKit daemon's history records. This vulnerability does not impact secrets passed to the Github cache backend via environment variables or registry authentication. CVE-2025-0495 SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:docker-27.5.1_ce-98.129.1 SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:docker-bash-completion-27.5.1_ce-98.129.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20251341-1/ https://www.suse.com/security/cve/CVE-2025-0495.html CVE-2025-0495 https://bugzilla.suse.com/1239765 SUSE Bug 1239765