SUSE-SU-2025:02289-2
- Source
- https://www.suse.com/support/update/announcement/2025/suse-su-202502289-2/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:02289-2.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/SUSE-SU-2025:02289-2
- Upstream
- Related
- Published
- 2025-07-16T15:47:57Z
- Modified
- 2026-03-11T07:28:58.840036Z
- Summary
- Security update for docker
- Details
-
This update for docker fixes the following issues:
Update to Docker 28.2.2-ce (bsc#1243833, bsc#1242114):
- CVE-2025-0495: Fixed credential leakage to telemetry endpoints when credentials allowed to be set as attribute values in cache-to/cache-from configuration.(bsc#1239765)
- CVE-2025-22872: golang.org/x/net/html: incorrectly interpreted tags can cause content to be placed wrong scope during DOM construction (bsc#1241830).
Other fixes:
- Update to docker-buildx v0.22.0.
- Always clear SUSEConnect suse_* secrets when starting containers (bsc#1244035).
- Disable transparent SUSEConnect support for SLE-16. (jsc#PED-12534)
- Now that the only blocker for docker-buildx support was removed for SLE-16, enable docker-buildx for SLE-16 as well. (jsc#PED-8905)
- SUSEConnect secrets fails in SLES rootless docker containers (bsc#1240150).
- References
-
- https://www.suse.com/support/update/announcement/2025/suse-su-202502289-2/
- https://bugzilla.suse.com/1239765
- https://bugzilla.suse.com/1240150
- https://bugzilla.suse.com/1241830
- https://bugzilla.suse.com/1242114
- https://bugzilla.suse.com/1243833
- https://bugzilla.suse.com/1244035
- https://www.suse.com/security/cve/CVE-2025-0495
- https://www.suse.com/security/cve/CVE-2025-22872
Affected packages
SUSE:Enterprise Storage 7.1
docker
Package
- Name
- docker
- Purl
- pkg:rpm/suse/docker&distro=SUSE%20Enterprise%20Storage%207.1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed28.2.2_ce-150000.227.1
docker-stable
Package
- Name
- docker-stable
- Purl
- pkg:rpm/suse/docker-stable&distro=SUSE%20Enterprise%20Storage%207.1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed24.0.9_ce-150000.1.22.1
SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSS
docker
Package
- Name
- docker
- Purl
- pkg:rpm/suse/docker&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed28.2.2_ce-150000.227.1
docker-stable
Package
- Name
- docker-stable
- Purl
- pkg:rpm/suse/docker-stable&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed24.0.9_ce-150000.1.22.1
SUSE:Linux Enterprise High Performance Computing 15 SP4-ESPOS
docker
Package
- Name
- docker
- Purl
- pkg:rpm/suse/docker&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed28.2.2_ce-150000.227.1
docker-stable
Package
- Name
- docker-stable
- Purl
- pkg:rpm/suse/docker-stable&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed24.0.9_ce-150000.1.22.1
SUSE:Linux Enterprise High Performance Computing 15 SP4-LTSS
docker
Package
- Name
- docker
- Purl
- pkg:rpm/suse/docker&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed28.2.2_ce-150000.227.1
docker-stable
Package
- Name
- docker-stable
- Purl
- pkg:rpm/suse/docker-stable&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed24.0.9_ce-150000.1.22.1
SUSE:Linux Enterprise High Performance Computing 15 SP5-ESPOS
docker
Package
- Name
- docker
- Purl
- pkg:rpm/suse/docker&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed28.2.2_ce-150000.227.1
docker-stable
Package
- Name
- docker-stable
- Purl
- pkg:rpm/suse/docker-stable&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed24.0.9_ce-150000.1.22.1
SUSE:Linux Enterprise High Performance Computing 15 SP5-LTSS
docker
Package
- Name
- docker
- Purl
- pkg:rpm/suse/docker&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed28.2.2_ce-150000.227.1
docker-stable
Package
- Name
- docker-stable
- Purl
- pkg:rpm/suse/docker-stable&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed24.0.9_ce-150000.1.22.1
SUSE:Linux Enterprise Server 15 SP3-LTSS
docker
Package
- Name
- docker
- Purl
- pkg:rpm/suse/docker&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed28.2.2_ce-150000.227.1
docker-stable
Package
- Name
- docker-stable
- Purl
- pkg:rpm/suse/docker-stable&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed24.0.9_ce-150000.1.22.1
SUSE:Linux Enterprise Server 15 SP4-LTSS
docker
Package
- Name
- docker
- Purl
- pkg:rpm/suse/docker&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed28.2.2_ce-150000.227.1
docker-stable
Package
- Name
- docker-stable
- Purl
- pkg:rpm/suse/docker-stable&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed24.0.9_ce-150000.1.22.1
SUSE:Linux Enterprise Server 15 SP5-LTSS
docker
Package
- Name
- docker
- Purl
- pkg:rpm/suse/docker&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed28.2.2_ce-150000.227.1
docker-stable
Package
- Name
- docker-stable
- Purl
- pkg:rpm/suse/docker-stable&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed24.0.9_ce-150000.1.22.1
SUSE:Linux Enterprise Server for SAP Applications 15 SP3
docker
Package
- Name
- docker
- Purl
- pkg:rpm/suse/docker&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed28.2.2_ce-150000.227.1
docker-stable
Package
- Name
- docker-stable
- Purl
- pkg:rpm/suse/docker-stable&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed24.0.9_ce-150000.1.22.1
SUSE:Linux Enterprise Server for SAP Applications 15 SP4
docker
Package
- Name
- docker
- Purl
- pkg:rpm/suse/docker&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed28.2.2_ce-150000.227.1
docker-stable
Package
- Name
- docker-stable
- Purl
- pkg:rpm/suse/docker-stable&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed24.0.9_ce-150000.1.22.1
SUSE:Linux Enterprise Server for SAP Applications 15 SP5
docker
Package
- Name
- docker
- Purl
- pkg:rpm/suse/docker&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed28.2.2_ce-150000.227.1
docker-stable
Package
- Name
- docker-stable
- Purl
- pkg:rpm/suse/docker-stable&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed24.0.9_ce-150000.1.22.1