This update for docker-stable fixes the following issues:
- CVE-2025-58181: Fixed unbounded memory consumption. (bsc#1253904)
- CVE-2025-30204: Fixed a bug in jwt-go which allows excessive memory allocation during header parsing. (bsc#1240513)
Patch instructions:
To install this openSUSE security update use the suse recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 16.0
zypper in -t patch openSUSE-Leap-16.0-389=1
- openSUSE Leap 16.0:
docker-stable-24.0.9_ce-160000.4.1
docker-stable-bash-completion-24.0.9_ce-160000.4.1
docker-stable-buildx-0.25.0-160000.4.1
docker-stable-fish-completion-24.0.9_ce-160000.4.1
docker-stable-rootless-extras-24.0.9_ce-160000.4.1
docker-stable-zsh-completion-24.0.9_ce-160000.4.1
* bsc#1240513
* bsc#1253904
* bsc#1254206
References:
* https://www.suse.com/security/cve/CVE-2025-30204.html
* https://www.suse.com/security/cve/CVE-2025-58181.html
Get the latest Linux and open source security news straight to your inbox.