Overview

File _patchinfo of Package patchinfo.38251

<patchinfo incident="38251">
  <issue tracker="cve" id="2025-0495"/>
  <issue tracker="bnc" id="1239765">VUL-0: CVE-2025-0495: TRACKERBUG: buildx: credential leakage to telemetry endpoints when credentials allowed to be set as attribute values in cache-to/cache-from configuration</issue>
  <issue tracker="jsc" id="PED-12534"/>
  <issue tracker="jsc" id="PED-8905"/>
  <packager>cyphar</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for docker-stable</summary>
  <description>This update for docker-stable fixes the following issues:

- CVE-2025-0495: buildx: Fixed credential leakage to telemetry endpoints when
  credentials allowed to be set as attribute values in cache-to/cache-from configuration (bsc#1239765)

Other fixes:

- Update to docker-buildx v0.22.0. 
- Disable transparent SUSEConnect support for SLE-16. (jsc#PED-12534)
- Now that the only blocker for docker-buildx support was removed for SLE-16,
  enable docker-buildx for SLE-16 as well. (jsc#PED-8905)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places