From null at suse.de  Mon Feb  3 08:30:16 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 03 Feb 2025 08:30:16 -0000
Subject: SUSE-SU-2025:0320-1: important: Security update for buildah
Message-ID: <173857141627.22572.6690697859502598744@smelt2.prg2.suse.org>



# Security update for buildah

Announcement ID: SUSE-SU-2025:0320-1  
Release Date: 2025-02-01T09:53:57Z  
Rating: important  
References:

  * bsc#1236272

  
Cross-References:

  * CVE-2024-11218
  * CVE-2024-9407

  
CVSS scores:

  * CVE-2024-11218 ( SUSE ):  8.7
    CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2024-11218 ( SUSE ):  7.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
  * CVE-2024-11218 ( NVD ):  8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
  * CVE-2024-9407 ( SUSE ):  5.6
    CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-9407 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N
  * CVE-2024-9407 ( NVD ):  4.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:N

  
Affected Products:

  * openSUSE Leap 15.3
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for buildah fixes the following issues:

  * Update to version 1.35.5
  * CVE-2024-11218: Fix TOCTOU error when bind and cache mounts use "src"
    values. (bsc#1236272)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-320=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-320=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-320=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-320=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-320=1

## Package List:

  * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
    * buildah-1.35.5-150300.8.31.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * buildah-1.35.5-150300.8.31.2
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * buildah-1.35.5-150300.8.31.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * buildah-1.35.5-150300.8.31.2
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * buildah-1.35.5-150300.8.31.2

## References:

  * https://www.suse.com/security/cve/CVE-2024-11218.html
  * https://www.suse.com/security/cve/CVE-2024-9407.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236272

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250203/d708929a/attachment.htm>

From null at suse.de  Mon Feb  3 08:30:20 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 03 Feb 2025 08:30:20 -0000
Subject: SUSE-SU-2025:0319-1: important: Security update for buildah
Message-ID: <173857142010.22572.15908881949102957602@smelt2.prg2.suse.org>



# Security update for buildah

Announcement ID: SUSE-SU-2025:0319-1  
Release Date: 2025-02-01T09:53:09Z  
Rating: important  
References:

  * bsc#1236272

  
Cross-References:

  * CVE-2024-11218
  * CVE-2024-9407

  
CVSS scores:

  * CVE-2024-11218 ( SUSE ):  8.7
    CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2024-11218 ( SUSE ):  7.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
  * CVE-2024-11218 ( NVD ):  8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
  * CVE-2024-9407 ( SUSE ):  5.6
    CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-9407 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N
  * CVE-2024-9407 ( NVD ):  4.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:N

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for buildah fixes the following issues:

  * Update to version 1.35.5
  * CVE-2024-11218: Fix TOCTOU error when bind and cache mounts use "src"
    values. (bsc#1236272)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-319=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-319=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-319=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-319=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-319=1

## Package List:

  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * buildah-1.35.5-150400.3.36.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * buildah-1.35.5-150400.3.36.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * buildah-1.35.5-150400.3.36.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * buildah-1.35.5-150400.3.36.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * buildah-1.35.5-150400.3.36.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-11218.html
  * https://www.suse.com/security/cve/CVE-2024-9407.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236272

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250203/33d4ed6a/attachment.htm>

From null at suse.de  Mon Feb  3 08:30:23 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 03 Feb 2025 08:30:23 -0000
Subject: SUSE-SU-2025:0318-1: moderate: Security update for ignition
Message-ID: <173857142353.22572.1099224274118281@smelt2.prg2.suse.org>



# Security update for ignition

Announcement ID: SUSE-SU-2025:0318-1  
Release Date: 2025-02-01T03:34:07Z  
Rating: moderate  
References:

  * bsc#1236518

  
Cross-References:

  * CVE-2023-45288

  
CVSS scores:

  * CVE-2023-45288 ( SUSE ):  6.9
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2023-45288 ( SUSE ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

  
Affected Products:

  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro for Rancher 5.4

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for ignition fixes the following issues:

CVE-2023-45288: Fixed unclosed connections when receiving too many headers in
golang.org/x/net/http2 (bsc#1236518)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-318=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-318=1

## Package List:

  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * ignition-dracut-grub2-2.15.0-150400.4.5.1
    * ignition-debuginfo-2.15.0-150400.4.5.1
    * ignition-2.15.0-150400.4.5.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * ignition-dracut-grub2-2.15.0-150400.4.5.1
    * ignition-debuginfo-2.15.0-150400.4.5.1
    * ignition-2.15.0-150400.4.5.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-45288.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236518

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250203/e5d1edae/attachment.htm>

From null at suse.de  Mon Feb  3 12:31:35 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 03 Feb 2025 12:31:35 -0000
Subject: SUSE-SU-2025:0328-1: important: Security update for clamav
Message-ID: <173858589523.22572.14617265211440826390@smelt2.prg2.suse.org>



# Security update for clamav

Announcement ID: SUSE-SU-2025:0328-1  
Release Date: 2025-02-03T09:39:55Z  
Rating: important  
References:

  * bsc#1102840
  * bsc#1103032
  * bsc#1180296
  * bsc#1202986
  * bsc#1211594
  * bsc#1214342
  * bsc#1232242
  * bsc#1236307
  * jsc#PED-4596

  
Cross-References:

  * CVE-2018-14679
  * CVE-2023-20197
  * CVE-2024-20380
  * CVE-2024-20505
  * CVE-2024-20506
  * CVE-2025-20128

  
CVSS scores:

  * CVE-2018-14679 ( SUSE ):  4.4 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
  * CVE-2018-14679 ( NVD ):  6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2023-20197 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-20197 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-20380 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-20505 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-20505 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-20505 ( NVD ):  4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-20505 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-20506 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-20506 ( SUSE ):  6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N
  * CVE-2024-20506 ( NVD ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-20506 ( NVD ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2025-20128 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-20128 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2025-20128 ( NVD ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2025-20128 ( NVD ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves six vulnerabilities, contains one feature and has two
security fixes can now be installed.

## Description:

This update for clamav fixes the following issues:

New version 1.4.2:

  * CVE-2025-20128, bsc#1236307: Fixed a possible buffer overflow read bug in
    the OLE2 file parser that could cause a denial-of-service (DoS) condition.

  * Start clamonacc with --fdpass to avoid errors due to clamd not being able to
    access user files. (bsc#1232242)

  * New version 1.4.1:

  * https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html

  * New version 1.4.0:

  * Added support for extracting ALZ archives.

  * Added support for extracting LHA/LZH archives.
  * Added the ability to disable image fuzzy hashing, if needed. For context,
    image fuzzy hashing is a detection mechanism useful for identifying malware
    by matching images included with the malware or phishing email/document.
  * https://blog.clamav.net/2024/08/clamav-140-feature-release-and-clamav.html

  * New version 1.3.2:

  * CVE-2024-20506: Changed the logging module to disable following symlinks on
    Linux and Unix systems so as to prevent an attacker with existing access to
    the 'clamd' or 'freshclam' services from using a symlink to corrupt system
    files.

  * CVE-2024-20505: Fixed a possible out-of-bounds read bug in the PDF file
    parser that could cause a denial-of-service condition.
  * Removed unused Python modules from freshclam tests including deprecated
    'cgi' module that is expected to cause test failures in Python 3.13.
  * Fix unit test caused by expiring signing certificate.
  * Fixed a build issue on Windows with newer versions of Rust. Also upgraded
    GitHub Actions imports to fix CI failures.
  * Fixed an unaligned pointer dereference issue on select architectures.
  * Fixes to Jenkins CI pipeline.

  * New Version: 1.3.1:

  * CVE-2024-20380: Fixed a possible crash in the HTML file parser that could
    cause a denial-of-service (DoS) condition.

  * Updated select Rust dependencies to the latest versions.
  * Fixed a bug causing some text to be truncated when converting from UTF-16.
  * Fixed assorted complaints identified by Coverity static analysis.
  * Fixed a bug causing CVDs downloaded by the DatabaseCustomURL
  * Added the new 'valhalla' database name to the list of optional databases in
    preparation for future work.

  * New version: 1.3.0:

  * Added support for extracting and scanning attachments found in Microsoft
    OneNote section files. OneNote parsing will be enabled by default, but may
    be optionally disabled.

  * Added file type recognition for compiled Python ('.pyc') files.
  * Improved support for decrypting PDFs with empty passwords.
  * Fixed a warning when scanning some HTML files.
  * ClamOnAcc: Fixed an infinite loop when a watched directory does not exist.
  * ClamOnAcc: Fixed an infinite loop when a file has been deleted before a
    scan.

  * New version: 1.2.0:

  * Added support for extracting Universal Disk Format (UDF) partitions.

  * Added an option to customize the size of ClamAV's clean file cache.
  * Raised the MaxScanSize limit so the total amount of data scanned when
    scanning a file or archive may exceed 4 gigabytes.
  * Added ability for Freshclam to use a client certificate PEM file and a
    private key PEM file for authentication to a private mirror.
  * Fix an issue extracting files from ISO9660 partitions where the files are
    listed in the plain ISO tree and there also exists an empty Joliet tree.
  * PID and socket are now located under /run/clamav/clamd.pid and
    /run/clamav/clamd.sock .
  * bsc#1211594: Fixed an issue where ClamAV does not abort the signature load
    process after partially loading an invalid signature.

  * New version 1.1.0:

  * https://blog.clamav.net/2023/05/clamav-110-released.html

  * Added the ability to extract images embedded in HTML CSS <style> blocks.
  * Updated to Sigtool so that the '\--vba' option will extract VBA code from
    Microsoft Office documents the same way that libclamav extracts VBA.
  * Added a new option --fail-if-cvd-older-than=days to clamscan and clamd, and
    FailIfCvdOlderThan to clamd.conf
  * Added a new function 'cl_cvdgetage()' to the libclamav API.
  * Added a new function 'cl_engine_set_clcb_vba()' to the libclamav API.
  * bsc#1180296: Integrate clamonacc as a service.
  * New version 1.0.1 LTS (including changes in 0.104 and 0.105):
  * As of ClamAV 0.104, CMake is required to build ClamAV.
  * As of ClamAV 0.105, Rust is now required to compile ClamAV.
  * Increased the default limits for file and scan size:
    * MaxScanSize: 100M to 400M
    * MaxFileSize: 25M to 100M
    * StreamMaxLength: 25M to 100M
    * PCREMaxFileSize: 25M to 100M
    * MaxEmbeddedPE: 10M to 40M
    * MaxHTMLNormalize: 10M to 40M
    * MaxScriptNormalize: 5M to 20M
    * MaxHTMLNoTags: 2M to 8M
  * Added image fuzzy hash subsignatures for logical signatures.
  * Support for decrypting read-only OLE2-based XLS files that are encrypted
    with the default password.
  * Overhauled the implementation of the all-match feature.
  * Added a new callback to the public API for inspecting file content during a
    scan at each layer of archive extraction.
  * Added a new function to the public API for unpacking CVD signature archives.
  * The option to build with an external TomsFastMath library has been removed.
    ClamAV requires non-default build options for TomsFastMath to support bigger
    floating point numbers.
  * For a full list of changes see the release announcements:
    * https://blog.clamav.net/2022/11/clamav-100-lts-released.html
    * https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html
    * https://blog.clamav.net/2021/09/clamav-01040-released.html
  * Build clamd with systemd support.

  * CVE-2023-20197: Fixed a possible denial of service vulnerability in the HFS+
    file parser. (bsc#1214342)

  * CVE-2018-14679: Fixed that an issue was discovered in mspack/chmd.c in
    libmspack before 0.7alpha. There isan off-by-one error in the CHM PMGI/PMGL
    chunk number validity checks, which could lead to denial of service
    (uninitialized da (bsc#1103032)

  * Package huge .html documentation in a separate subpackage.

  * Update to 0.103.7 (bsc#1202986)

  * Zip parser: tolerate 2-byte overlap in file entries

  * Fix bug with logical signature Intermediates feature
  * Update to UnRAR v6.1.7
  * Patch UnRAR: allow skipping files in solid archives
  * Patch UnRAR: limit dict winsize to 1GB

  * Use a split-provides for clamav-milter instead of recommending it.

  * Package clamav-milter in a subpackage
  * Remove virus signatures upon uninstall
  * Check for database existence before starting clamd
  * Restart clamd when it exits
  * Don't daemonize freshclam, but use a systemd timer instead to trigger
    updates

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-328=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-328=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * libclammspack0-1.4.2-3.36.1
    * clamav-1.4.2-3.36.1
    * clamav-milter-debuginfo-1.4.2-3.36.1
    * libfreshclam3-1.4.2-3.36.1
    * libclamav12-1.4.2-3.36.1
    * clamav-debugsource-1.4.2-3.36.1
    * libclammspack0-debuginfo-1.4.2-3.36.1
    * clamav-milter-1.4.2-3.36.1
    * clamav-devel-1.4.2-3.36.1
    * libfreshclam3-debuginfo-1.4.2-3.36.1
    * libclamav12-debuginfo-1.4.2-3.36.1
    * clamav-debuginfo-1.4.2-3.36.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch)
    * clamav-docs-html-1.4.2-3.36.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * libclammspack0-1.4.2-3.36.1
    * clamav-1.4.2-3.36.1
    * clamav-milter-debuginfo-1.4.2-3.36.1
    * libfreshclam3-1.4.2-3.36.1
    * libclamav12-1.4.2-3.36.1
    * clamav-debugsource-1.4.2-3.36.1
    * libclammspack0-debuginfo-1.4.2-3.36.1
    * clamav-milter-1.4.2-3.36.1
    * clamav-devel-1.4.2-3.36.1
    * libfreshclam3-debuginfo-1.4.2-3.36.1
    * libclamav12-debuginfo-1.4.2-3.36.1
    * clamav-debuginfo-1.4.2-3.36.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch)
    * clamav-docs-html-1.4.2-3.36.1

## References:

  * https://www.suse.com/security/cve/CVE-2018-14679.html
  * https://www.suse.com/security/cve/CVE-2023-20197.html
  * https://www.suse.com/security/cve/CVE-2024-20380.html
  * https://www.suse.com/security/cve/CVE-2024-20505.html
  * https://www.suse.com/security/cve/CVE-2024-20506.html
  * https://www.suse.com/security/cve/CVE-2025-20128.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1102840
  * https://bugzilla.suse.com/show_bug.cgi?id=1103032
  * https://bugzilla.suse.com/show_bug.cgi?id=1180296
  * https://bugzilla.suse.com/show_bug.cgi?id=1202986
  * https://bugzilla.suse.com/show_bug.cgi?id=1211594
  * https://bugzilla.suse.com/show_bug.cgi?id=1214342
  * https://bugzilla.suse.com/show_bug.cgi?id=1232242
  * https://bugzilla.suse.com/show_bug.cgi?id=1236307
  * https://jira.suse.com/browse/PED-4596

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250203/f4d0fd04/attachment.htm>

From null at suse.de  Mon Feb  3 12:32:15 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 03 Feb 2025 12:32:15 -0000
Subject: SUSE-SU-2025:0327-1: important: Security update for clamav
Message-ID: <173858593560.22572.12145844558317214815@smelt2.prg2.suse.org>



# Security update for clamav

Announcement ID: SUSE-SU-2025:0327-1  
Release Date: 2025-02-03T09:39:44Z  
Rating: important  
References:

  * bsc#1102840
  * bsc#1103032
  * bsc#1180296
  * bsc#1202986
  * bsc#1211594
  * bsc#1214342
  * bsc#1232242
  * bsc#1236307
  * jsc#PED-4596

  
Cross-References:

  * CVE-2018-14679
  * CVE-2023-20197
  * CVE-2024-20380
  * CVE-2024-20505
  * CVE-2024-20506
  * CVE-2025-20128

  
CVSS scores:

  * CVE-2018-14679 ( SUSE ):  4.4 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
  * CVE-2018-14679 ( NVD ):  6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2023-20197 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-20197 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-20380 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-20505 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-20505 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-20505 ( NVD ):  4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-20505 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-20506 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-20506 ( SUSE ):  6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N
  * CVE-2024-20506 ( NVD ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-20506 ( NVD ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2025-20128 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-20128 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2025-20128 ( NVD ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2025-20128 ( NVD ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves six vulnerabilities, contains one feature and has two
security fixes can now be installed.

## Description:

This update for clamav fixes the following issues:

New version 1.4.2:

  * CVE-2025-20128, bsc#1236307: Fixed a possible buffer overflow read bug in
    the OLE2 file parser that could cause a denial-of-service (DoS) condition.

  * Start clamonacc with --fdpass to avoid errors due to clamd not being able to
    access user files. (bsc#1232242)

  * New version 1.4.1:

  * https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html

  * New version 1.4.0:

  * Added support for extracting ALZ archives.

  * Added support for extracting LHA/LZH archives.
  * Added the ability to disable image fuzzy hashing, if needed. For context,
    image fuzzy hashing is a detection mechanism useful for identifying malware
    by matching images included with the malware or phishing email/document.
  * https://blog.clamav.net/2024/08/clamav-140-feature-release-and-clamav.html

  * New version 1.3.2:

  * CVE-2024-20506: Changed the logging module to disable following symlinks on
    Linux and Unix systems so as to prevent an attacker with existing access to
    the 'clamd' or 'freshclam' services from using a symlink to corrupt system
    files.

  * CVE-2024-20505: Fixed a possible out-of-bounds read bug in the PDF file
    parser that could cause a denial-of-service condition.
  * Removed unused Python modules from freshclam tests including deprecated
    'cgi' module that is expected to cause test failures in Python 3.13.
  * Fix unit test caused by expiring signing certificate.
  * Fixed a build issue on Windows with newer versions of Rust. Also upgraded
    GitHub Actions imports to fix CI failures.
  * Fixed an unaligned pointer dereference issue on select architectures.
  * Fixes to Jenkins CI pipeline.

  * New Version: 1.3.1:

  * CVE-2024-20380: Fixed a possible crash in the HTML file parser that could
    cause a denial-of-service (DoS) condition.

  * Updated select Rust dependencies to the latest versions.
  * Fixed a bug causing some text to be truncated when converting from UTF-16.
  * Fixed assorted complaints identified by Coverity static analysis.
  * Fixed a bug causing CVDs downloaded by the DatabaseCustomURL
  * Added the new 'valhalla' database name to the list of optional databases in
    preparation for future work.

  * New version: 1.3.0:

  * Added support for extracting and scanning attachments found in Microsoft
    OneNote section files. OneNote parsing will be enabled by default, but may
    be optionally disabled.

  * Added file type recognition for compiled Python ('.pyc') files.
  * Improved support for decrypting PDFs with empty passwords.
  * Fixed a warning when scanning some HTML files.
  * ClamOnAcc: Fixed an infinite loop when a watched directory does not exist.
  * ClamOnAcc: Fixed an infinite loop when a file has been deleted before a
    scan.

  * New version: 1.2.0:

  * Added support for extracting Universal Disk Format (UDF) partitions.

  * Added an option to customize the size of ClamAV's clean file cache.
  * Raised the MaxScanSize limit so the total amount of data scanned when
    scanning a file or archive may exceed 4 gigabytes.
  * Added ability for Freshclam to use a client certificate PEM file and a
    private key PEM file for authentication to a private mirror.
  * Fix an issue extracting files from ISO9660 partitions where the files are
    listed in the plain ISO tree and there also exists an empty Joliet tree.
  * PID and socket are now located under /run/clamav/clamd.pid and
    /run/clamav/clamd.sock .
  * bsc#1211594: Fixed an issue where ClamAV does not abort the signature load
    process after partially loading an invalid signature.

  * New version 1.1.0:

  * https://blog.clamav.net/2023/05/clamav-110-released.html

  * Added the ability to extract images embedded in HTML CSS <style> blocks.
  * Updated to Sigtool so that the '\--vba' option will extract VBA code from
    Microsoft Office documents the same way that libclamav extracts VBA.
  * Added a new option --fail-if-cvd-older-than=days to clamscan and clamd, and
    FailIfCvdOlderThan to clamd.conf
  * Added a new function 'cl_cvdgetage()' to the libclamav API.
  * Added a new function 'cl_engine_set_clcb_vba()' to the libclamav API.
  * bsc#1180296: Integrate clamonacc as a service.
  * New version 1.0.1 LTS (including changes in 0.104 and 0.105):
  * As of ClamAV 0.104, CMake is required to build ClamAV.
  * As of ClamAV 0.105, Rust is now required to compile ClamAV.
  * Increased the default limits for file and scan size:
    * MaxScanSize: 100M to 400M
    * MaxFileSize: 25M to 100M
    * StreamMaxLength: 25M to 100M
    * PCREMaxFileSize: 25M to 100M
    * MaxEmbeddedPE: 10M to 40M
    * MaxHTMLNormalize: 10M to 40M
    * MaxScriptNormalize: 5M to 20M
    * MaxHTMLNoTags: 2M to 8M
  * Added image fuzzy hash subsignatures for logical signatures.
  * Support for decrypting read-only OLE2-based XLS files that are encrypted
    with the default password.
  * Overhauled the implementation of the all-match feature.
  * Added a new callback to the public API for inspecting file content during a
    scan at each layer of archive extraction.
  * Added a new function to the public API for unpacking CVD signature archives.
  * The option to build with an external TomsFastMath library has been removed.
    ClamAV requires non-default build options for TomsFastMath to support bigger
    floating point numbers.
  * For a full list of changes see the release announcements:
    * https://blog.clamav.net/2022/11/clamav-100-lts-released.html
    * https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html
    * https://blog.clamav.net/2021/09/clamav-01040-released.html
  * Build clamd with systemd support.

  * CVE-2023-20197: Fixed a possible denial of service vulnerability in the HFS+
    file parser. (bsc#1214342)

  * CVE-2018-14679: Fixed that an issue was discovered in mspack/chmd.c in
    libmspack before 0.7alpha. There isan off-by-one error in the CHM PMGI/PMGL
    chunk number validity checks, which could lead to denial of service
    (uninitialized da (bsc#1103032)

  * Package huge .html documentation in a separate subpackage.

  * Update to 0.103.7 (bsc#1202986)

  * Zip parser: tolerate 2-byte overlap in file entries

  * Fix bug with logical signature Intermediates feature
  * Update to UnRAR v6.1.7
  * Patch UnRAR: allow skipping files in solid archives
  * Patch UnRAR: limit dict winsize to 1GB

  * Use a split-provides for clamav-milter instead of recommending it.

  * Package clamav-milter in a subpackage
  * Remove virus signatures upon uninstall
  * Check for database existence before starting clamd
  * Restart clamd when it exits
  * Don't daemonize freshclam, but use a systemd timer instead to trigger
    updates

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-327=1 openSUSE-SLE-15.6-2025-327=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-327=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * clamav-1.4.2-150600.18.6.1
    * libfreshclam3-debuginfo-1.4.2-150600.18.6.1
    * libclamav12-1.4.2-150600.18.6.1
    * clamav-devel-1.4.2-150600.18.6.1
    * libclammspack0-debuginfo-1.4.2-150600.18.6.1
    * clamav-debuginfo-1.4.2-150600.18.6.1
    * libfreshclam3-1.4.2-150600.18.6.1
    * libclamav12-debuginfo-1.4.2-150600.18.6.1
    * clamav-debugsource-1.4.2-150600.18.6.1
    * libclammspack0-1.4.2-150600.18.6.1
    * clamav-milter-debuginfo-1.4.2-150600.18.6.1
    * clamav-milter-1.4.2-150600.18.6.1
  * openSUSE Leap 15.6 (noarch)
    * clamav-docs-html-1.4.2-150600.18.6.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * clamav-1.4.2-150600.18.6.1
    * libfreshclam3-debuginfo-1.4.2-150600.18.6.1
    * libclamav12-1.4.2-150600.18.6.1
    * clamav-devel-1.4.2-150600.18.6.1
    * libclammspack0-debuginfo-1.4.2-150600.18.6.1
    * clamav-debuginfo-1.4.2-150600.18.6.1
    * libfreshclam3-1.4.2-150600.18.6.1
    * libclamav12-debuginfo-1.4.2-150600.18.6.1
    * clamav-debugsource-1.4.2-150600.18.6.1
    * libclammspack0-1.4.2-150600.18.6.1
    * clamav-milter-debuginfo-1.4.2-150600.18.6.1
    * clamav-milter-1.4.2-150600.18.6.1
  * Basesystem Module 15-SP6 (noarch)
    * clamav-docs-html-1.4.2-150600.18.6.1

## References:

  * https://www.suse.com/security/cve/CVE-2018-14679.html
  * https://www.suse.com/security/cve/CVE-2023-20197.html
  * https://www.suse.com/security/cve/CVE-2024-20380.html
  * https://www.suse.com/security/cve/CVE-2024-20505.html
  * https://www.suse.com/security/cve/CVE-2024-20506.html
  * https://www.suse.com/security/cve/CVE-2025-20128.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1102840
  * https://bugzilla.suse.com/show_bug.cgi?id=1103032
  * https://bugzilla.suse.com/show_bug.cgi?id=1180296
  * https://bugzilla.suse.com/show_bug.cgi?id=1202986
  * https://bugzilla.suse.com/show_bug.cgi?id=1211594
  * https://bugzilla.suse.com/show_bug.cgi?id=1214342
  * https://bugzilla.suse.com/show_bug.cgi?id=1232242
  * https://bugzilla.suse.com/show_bug.cgi?id=1236307
  * https://jira.suse.com/browse/PED-4596

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250203/78ed3679/attachment.htm>

From null at suse.de  Mon Feb  3 12:33:15 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 03 Feb 2025 12:33:15 -0000
Subject: SUSE-SU-2025:0325-1: important: Security update for clamav
Message-ID: <173858599522.22572.15995186771398341965@smelt2.prg2.suse.org>



# Security update for clamav

Announcement ID: SUSE-SU-2025:0325-1  
Release Date: 2025-02-03T09:39:26Z  
Rating: important  
References:

  * bsc#1102840
  * bsc#1103032
  * bsc#1180296
  * bsc#1202986
  * bsc#1211594
  * bsc#1214342
  * bsc#1232242
  * bsc#1236307
  * jsc#PED-4596
  * jsc#SMO-494
  * jsc#SMO-495

  
Cross-References:

  * CVE-2018-14679
  * CVE-2023-20197
  * CVE-2024-20380
  * CVE-2024-20505
  * CVE-2024-20506
  * CVE-2025-20128

  
CVSS scores:

  * CVE-2018-14679 ( SUSE ):  4.4 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
  * CVE-2018-14679 ( NVD ):  6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2023-20197 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-20197 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-20380 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-20505 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-20505 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-20505 ( NVD ):  4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-20505 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-20506 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-20506 ( SUSE ):  6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N
  * CVE-2024-20506 ( NVD ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-20506 ( NVD ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2025-20128 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-20128 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2025-20128 ( NVD ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2025-20128 ( NVD ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

  
Affected Products:

  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves six vulnerabilities, contains three features and has two
security fixes can now be installed.

## Description:

This update for clamav fixes the following issues:

New version 1.4.2:

  * CVE-2025-20128, bsc#1236307: Fixed a possible buffer overflow read bug in
    the OLE2 file parser that could cause a denial-of-service (DoS) condition.

  * Start clamonacc with --fdpass to avoid errors due to clamd not being able to
    access user files. (bsc#1232242)

  * New version 1.4.1:

  * https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html

  * New version 1.4.0:

  * Added support for extracting ALZ archives.

  * Added support for extracting LHA/LZH archives.
  * Added the ability to disable image fuzzy hashing, if needed. For context,
    image fuzzy hashing is a detection mechanism useful for identifying malware
    by matching images included with the malware or phishing email/document.
  * https://blog.clamav.net/2024/08/clamav-140-feature-release-and-clamav.html

  * New version 1.3.2:

  * CVE-2024-20506: Changed the logging module to disable following symlinks on
    Linux and Unix systems so as to prevent an attacker with existing access to
    the 'clamd' or 'freshclam' services from using a symlink to corrupt system
    files.

  * CVE-2024-20505: Fixed a possible out-of-bounds read bug in the PDF file
    parser that could cause a denial-of-service condition.
  * Removed unused Python modules from freshclam tests including deprecated
    'cgi' module that is expected to cause test failures in Python 3.13.
  * Fix unit test caused by expiring signing certificate.
  * Fixed a build issue on Windows with newer versions of Rust. Also upgraded
    GitHub Actions imports to fix CI failures.
  * Fixed an unaligned pointer dereference issue on select architectures.
  * Fixes to Jenkins CI pipeline.

  * New Version: 1.3.1:

  * CVE-2024-20380: Fixed a possible crash in the HTML file parser that could
    cause a denial-of-service (DoS) condition.

  * Updated select Rust dependencies to the latest versions.
  * Fixed a bug causing some text to be truncated when converting from UTF-16.
  * Fixed assorted complaints identified by Coverity static analysis.
  * Fixed a bug causing CVDs downloaded by the DatabaseCustomURL
  * Added the new 'valhalla' database name to the list of optional databases in
    preparation for future work.

  * New version: 1.3.0:

  * Added support for extracting and scanning attachments found in Microsoft
    OneNote section files. OneNote parsing will be enabled by default, but may
    be optionally disabled.

  * Added file type recognition for compiled Python ('.pyc') files.
  * Improved support for decrypting PDFs with empty passwords.
  * Fixed a warning when scanning some HTML files.
  * ClamOnAcc: Fixed an infinite loop when a watched directory does not exist.
  * ClamOnAcc: Fixed an infinite loop when a file has been deleted before a
    scan.

  * New version: 1.2.0:

  * Added support for extracting Universal Disk Format (UDF) partitions.

  * Added an option to customize the size of ClamAV's clean file cache.
  * Raised the MaxScanSize limit so the total amount of data scanned when
    scanning a file or archive may exceed 4 gigabytes.
  * Added ability for Freshclam to use a client certificate PEM file and a
    private key PEM file for authentication to a private mirror.
  * Fix an issue extracting files from ISO9660 partitions where the files are
    listed in the plain ISO tree and there also exists an empty Joliet tree.
  * PID and socket are now located under /run/clamav/clamd.pid and
    /run/clamav/clamd.sock .
  * bsc#1211594: Fixed an issue where ClamAV does not abort the signature load
    process after partially loading an invalid signature.

  * New version 1.1.0:

  * https://blog.clamav.net/2023/05/clamav-110-released.html

  * Added the ability to extract images embedded in HTML CSS <style> blocks.
  * Updated to Sigtool so that the '\--vba' option will extract VBA code from
    Microsoft Office documents the same way that libclamav extracts VBA.
  * Added a new option --fail-if-cvd-older-than=days to clamscan and clamd, and
    FailIfCvdOlderThan to clamd.conf
  * Added a new function 'cl_cvdgetage()' to the libclamav API.
  * Added a new function 'cl_engine_set_clcb_vba()' to the libclamav API.
  * bsc#1180296: Integrate clamonacc as a service.
  * New version 1.0.1 LTS (including changes in 0.104 and 0.105):
  * As of ClamAV 0.104, CMake is required to build ClamAV.
  * As of ClamAV 0.105, Rust is now required to compile ClamAV.
  * Increased the default limits for file and scan size:
    * MaxScanSize: 100M to 400M
    * MaxFileSize: 25M to 100M
    * StreamMaxLength: 25M to 100M
    * PCREMaxFileSize: 25M to 100M
    * MaxEmbeddedPE: 10M to 40M
    * MaxHTMLNormalize: 10M to 40M
    * MaxScriptNormalize: 5M to 20M
    * MaxHTMLNoTags: 2M to 8M
  * Added image fuzzy hash subsignatures for logical signatures.
  * Support for decrypting read-only OLE2-based XLS files that are encrypted
    with the default password.
  * Overhauled the implementation of the all-match feature.
  * Added a new callback to the public API for inspecting file content during a
    scan at each layer of archive extraction.
  * Added a new function to the public API for unpacking CVD signature archives.
  * The option to build with an external TomsFastMath library has been removed.
    ClamAV requires non-default build options for TomsFastMath to support bigger
    floating point numbers.
  * For a full list of changes see the release announcements:
    * https://blog.clamav.net/2022/11/clamav-100-lts-released.html
    * https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html
    * https://blog.clamav.net/2021/09/clamav-01040-released.html
  * Build clamd with systemd support.

  * CVE-2023-20197: Fixed a possible denial of service vulnerability in the HFS+
    file parser. (bsc#1214342)

  * CVE-2018-14679: Fixed that an issue was discovered in mspack/chmd.c in
    libmspack before 0.7alpha. There isan off-by-one error in the CHM PMGI/PMGL
    chunk number validity checks, which could lead to denial of service
    (uninitialized da (bsc#1103032)

  * Package huge .html documentation in a separate subpackage.

  * Update to 0.103.7 (bsc#1202986)

  * Zip parser: tolerate 2-byte overlap in file entries

  * Fix bug with logical signature Intermediates feature
  * Update to UnRAR v6.1.7
  * Patch UnRAR: allow skipping files in solid archives
  * Patch UnRAR: limit dict winsize to 1GB

  * Use a split-provides for clamav-milter instead of recommending it.

  * Package clamav-milter in a subpackage
  * Remove virus signatures upon uninstall
  * Check for database existence before starting clamd
  * Restart clamd when it exits
  * Don't daemonize freshclam, but use a systemd timer instead to trigger
    updates

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-325=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-325=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-325=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-325=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-325=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-325=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-325=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-325=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-325=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-325=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-325=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-325=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-325=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-325=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-325=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-325=1

## Package List:

  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * libclammspack0-1.4.2-150200.8.3.1
    * clamav-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-1.4.2-150200.8.3.1
    * libclamav12-debuginfo-1.4.2-150200.8.3.1
    * clamav-debugsource-1.4.2-150200.8.3.1
    * libclammspack0-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-debuginfo-1.4.2-150200.8.3.1
    * clamav-1.4.2-150200.8.3.1
    * libclamav12-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * libclammspack0-1.4.2-150200.8.3.1
    * clamav-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-1.4.2-150200.8.3.1
    * clamav-milter-1.4.2-150200.8.3.1
    * libclamav12-debuginfo-1.4.2-150200.8.3.1
    * clamav-devel-1.4.2-150200.8.3.1
    * clamav-debugsource-1.4.2-150200.8.3.1
    * libclammspack0-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-debuginfo-1.4.2-150200.8.3.1
    * clamav-1.4.2-150200.8.3.1
    * clamav-milter-debuginfo-1.4.2-150200.8.3.1
    * libclamav12-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * clamav-docs-html-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * libclammspack0-1.4.2-150200.8.3.1
    * clamav-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-1.4.2-150200.8.3.1
    * clamav-milter-1.4.2-150200.8.3.1
    * libclamav12-debuginfo-1.4.2-150200.8.3.1
    * clamav-devel-1.4.2-150200.8.3.1
    * clamav-debugsource-1.4.2-150200.8.3.1
    * libclammspack0-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-debuginfo-1.4.2-150200.8.3.1
    * clamav-1.4.2-150200.8.3.1
    * clamav-milter-debuginfo-1.4.2-150200.8.3.1
    * libclamav12-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * clamav-docs-html-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * libclammspack0-1.4.2-150200.8.3.1
    * clamav-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-1.4.2-150200.8.3.1
    * clamav-milter-1.4.2-150200.8.3.1
    * libclamav12-debuginfo-1.4.2-150200.8.3.1
    * clamav-devel-1.4.2-150200.8.3.1
    * clamav-debugsource-1.4.2-150200.8.3.1
    * libclammspack0-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-debuginfo-1.4.2-150200.8.3.1
    * clamav-1.4.2-150200.8.3.1
    * clamav-milter-debuginfo-1.4.2-150200.8.3.1
    * libclamav12-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * clamav-docs-html-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * libclammspack0-1.4.2-150200.8.3.1
    * clamav-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-1.4.2-150200.8.3.1
    * clamav-milter-1.4.2-150200.8.3.1
    * libclamav12-debuginfo-1.4.2-150200.8.3.1
    * clamav-devel-1.4.2-150200.8.3.1
    * clamav-debugsource-1.4.2-150200.8.3.1
    * libclammspack0-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-debuginfo-1.4.2-150200.8.3.1
    * clamav-1.4.2-150200.8.3.1
    * clamav-milter-debuginfo-1.4.2-150200.8.3.1
    * libclamav12-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * clamav-docs-html-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * libclammspack0-1.4.2-150200.8.3.1
    * clamav-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-1.4.2-150200.8.3.1
    * clamav-milter-1.4.2-150200.8.3.1
    * libclamav12-debuginfo-1.4.2-150200.8.3.1
    * clamav-devel-1.4.2-150200.8.3.1
    * clamav-debugsource-1.4.2-150200.8.3.1
    * libclammspack0-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-debuginfo-1.4.2-150200.8.3.1
    * clamav-1.4.2-150200.8.3.1
    * clamav-milter-debuginfo-1.4.2-150200.8.3.1
    * libclamav12-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * clamav-docs-html-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * libclammspack0-1.4.2-150200.8.3.1
    * clamav-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-1.4.2-150200.8.3.1
    * clamav-milter-1.4.2-150200.8.3.1
    * libclamav12-debuginfo-1.4.2-150200.8.3.1
    * clamav-devel-1.4.2-150200.8.3.1
    * clamav-debugsource-1.4.2-150200.8.3.1
    * libclammspack0-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-debuginfo-1.4.2-150200.8.3.1
    * clamav-1.4.2-150200.8.3.1
    * clamav-milter-debuginfo-1.4.2-150200.8.3.1
    * libclamav12-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * clamav-docs-html-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * libclammspack0-1.4.2-150200.8.3.1
    * clamav-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-1.4.2-150200.8.3.1
    * clamav-milter-1.4.2-150200.8.3.1
    * libclamav12-debuginfo-1.4.2-150200.8.3.1
    * clamav-devel-1.4.2-150200.8.3.1
    * clamav-debugsource-1.4.2-150200.8.3.1
    * libclammspack0-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-debuginfo-1.4.2-150200.8.3.1
    * clamav-1.4.2-150200.8.3.1
    * clamav-milter-debuginfo-1.4.2-150200.8.3.1
    * libclamav12-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * clamav-docs-html-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * libclammspack0-1.4.2-150200.8.3.1
    * clamav-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-1.4.2-150200.8.3.1
    * clamav-milter-1.4.2-150200.8.3.1
    * libclamav12-debuginfo-1.4.2-150200.8.3.1
    * clamav-devel-1.4.2-150200.8.3.1
    * clamav-debugsource-1.4.2-150200.8.3.1
    * libclammspack0-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-debuginfo-1.4.2-150200.8.3.1
    * clamav-1.4.2-150200.8.3.1
    * clamav-milter-debuginfo-1.4.2-150200.8.3.1
    * libclamav12-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * clamav-docs-html-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * libclammspack0-1.4.2-150200.8.3.1
    * clamav-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-1.4.2-150200.8.3.1
    * clamav-milter-1.4.2-150200.8.3.1
    * libclamav12-debuginfo-1.4.2-150200.8.3.1
    * clamav-devel-1.4.2-150200.8.3.1
    * clamav-debugsource-1.4.2-150200.8.3.1
    * libclammspack0-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-debuginfo-1.4.2-150200.8.3.1
    * clamav-1.4.2-150200.8.3.1
    * clamav-milter-debuginfo-1.4.2-150200.8.3.1
    * libclamav12-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * clamav-docs-html-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * libclammspack0-1.4.2-150200.8.3.1
    * clamav-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-1.4.2-150200.8.3.1
    * clamav-milter-1.4.2-150200.8.3.1
    * libclamav12-debuginfo-1.4.2-150200.8.3.1
    * clamav-devel-1.4.2-150200.8.3.1
    * clamav-debugsource-1.4.2-150200.8.3.1
    * libclammspack0-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-debuginfo-1.4.2-150200.8.3.1
    * clamav-1.4.2-150200.8.3.1
    * clamav-milter-debuginfo-1.4.2-150200.8.3.1
    * libclamav12-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * clamav-docs-html-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * libclammspack0-1.4.2-150200.8.3.1
    * clamav-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-1.4.2-150200.8.3.1
    * clamav-milter-1.4.2-150200.8.3.1
    * libclamav12-debuginfo-1.4.2-150200.8.3.1
    * clamav-devel-1.4.2-150200.8.3.1
    * clamav-debugsource-1.4.2-150200.8.3.1
    * libclammspack0-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-debuginfo-1.4.2-150200.8.3.1
    * clamav-1.4.2-150200.8.3.1
    * clamav-milter-debuginfo-1.4.2-150200.8.3.1
    * libclamav12-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * clamav-docs-html-1.4.2-150200.8.3.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * libclammspack0-1.4.2-150200.8.3.1
    * clamav-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-1.4.2-150200.8.3.1
    * clamav-milter-1.4.2-150200.8.3.1
    * libclamav12-debuginfo-1.4.2-150200.8.3.1
    * clamav-devel-1.4.2-150200.8.3.1
    * clamav-debugsource-1.4.2-150200.8.3.1
    * libclammspack0-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-debuginfo-1.4.2-150200.8.3.1
    * clamav-1.4.2-150200.8.3.1
    * clamav-milter-debuginfo-1.4.2-150200.8.3.1
    * libclamav12-1.4.2-150200.8.3.1
  * SUSE Manager Proxy 4.3 (noarch)
    * clamav-docs-html-1.4.2-150200.8.3.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * libclammspack0-1.4.2-150200.8.3.1
    * clamav-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-1.4.2-150200.8.3.1
    * clamav-milter-1.4.2-150200.8.3.1
    * libclamav12-debuginfo-1.4.2-150200.8.3.1
    * clamav-devel-1.4.2-150200.8.3.1
    * clamav-debugsource-1.4.2-150200.8.3.1
    * libclammspack0-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-debuginfo-1.4.2-150200.8.3.1
    * clamav-1.4.2-150200.8.3.1
    * clamav-milter-debuginfo-1.4.2-150200.8.3.1
    * libclamav12-1.4.2-150200.8.3.1
  * SUSE Manager Retail Branch Server 4.3 (noarch)
    * clamav-docs-html-1.4.2-150200.8.3.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * libclammspack0-1.4.2-150200.8.3.1
    * clamav-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-1.4.2-150200.8.3.1
    * clamav-milter-1.4.2-150200.8.3.1
    * libclamav12-debuginfo-1.4.2-150200.8.3.1
    * clamav-devel-1.4.2-150200.8.3.1
    * clamav-debugsource-1.4.2-150200.8.3.1
    * libclammspack0-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-debuginfo-1.4.2-150200.8.3.1
    * clamav-1.4.2-150200.8.3.1
    * clamav-milter-debuginfo-1.4.2-150200.8.3.1
    * libclamav12-1.4.2-150200.8.3.1
  * SUSE Manager Server 4.3 (noarch)
    * clamav-docs-html-1.4.2-150200.8.3.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * libclammspack0-1.4.2-150200.8.3.1
    * clamav-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-1.4.2-150200.8.3.1
    * clamav-milter-1.4.2-150200.8.3.1
    * libclamav12-debuginfo-1.4.2-150200.8.3.1
    * clamav-devel-1.4.2-150200.8.3.1
    * clamav-debugsource-1.4.2-150200.8.3.1
    * libclammspack0-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-debuginfo-1.4.2-150200.8.3.1
    * clamav-1.4.2-150200.8.3.1
    * clamav-milter-debuginfo-1.4.2-150200.8.3.1
    * libclamav12-1.4.2-150200.8.3.1
  * SUSE Enterprise Storage 7.1 (noarch)
    * clamav-docs-html-1.4.2-150200.8.3.1

## References:

  * https://www.suse.com/security/cve/CVE-2018-14679.html
  * https://www.suse.com/security/cve/CVE-2023-20197.html
  * https://www.suse.com/security/cve/CVE-2024-20380.html
  * https://www.suse.com/security/cve/CVE-2024-20505.html
  * https://www.suse.com/security/cve/CVE-2024-20506.html
  * https://www.suse.com/security/cve/CVE-2025-20128.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1102840
  * https://bugzilla.suse.com/show_bug.cgi?id=1103032
  * https://bugzilla.suse.com/show_bug.cgi?id=1180296
  * https://bugzilla.suse.com/show_bug.cgi?id=1202986
  * https://bugzilla.suse.com/show_bug.cgi?id=1211594
  * https://bugzilla.suse.com/show_bug.cgi?id=1214342
  * https://bugzilla.suse.com/show_bug.cgi?id=1232242
  * https://bugzilla.suse.com/show_bug.cgi?id=1236307
  * https://jira.suse.com/browse/PED-4596
  * https://jira.suse.com/browse/SMO-494
  * https://jira.suse.com/browse/SMO-495

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250203/517d6cbf/attachment.htm>

From null at suse.de  Mon Feb  3 16:30:05 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 03 Feb 2025 16:30:05 -0000
Subject: SUSE-SU-2025:0339-1: moderate: Security update for java-17-openjdk
Message-ID: <173860020542.22572.11400678996665558533@smelt2.prg2.suse.org>



# Security update for java-17-openjdk

Announcement ID: SUSE-SU-2025:0339-1  
Release Date: 2025-02-03T15:14:56Z  
Rating: moderate  
References:

  * bsc#1236278

  
Cross-References:

  * CVE-2025-21502

  
CVSS scores:

  * CVE-2025-21502 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-21502 ( SUSE ):  4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
  * CVE-2025-21502 ( NVD ):  4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

  
Affected Products:

  * Basesystem Module 15-SP6
  * Legacy Module 15-SP6
  * openSUSE Leap 15.4
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for java-17-openjdk fixes the following issues:

Update to upstream tag jdk-17.0.14+7 (January 2025 CPU):

Security fixes:

  * CVE-2025-21502: Enhance array handling (JDK-8330045, bsc#1236278)

Other changes:

  * JDK-7093691: Nimbus LAF: disabled JComboBox using renderer has bad font
    color
  * JDK-8028127: Regtest java/security/Security/SynchronizedAccess.java is
    incorrect
  * JDK-8071693: Introspector ignores default interface methods
  * JDK-8195675: Call to insertText with single character from custom Input
    Method ignored
  * JDK-8202926: Test
    java/awt/Focus/WindowUpdateFocusabilityTest/WindowUpdateFocusabilityTest.html
    fails
  * JDK-8207908: JMXStatusTest.java fails assertion intermittently
  * JDK-8225220: When the Tab Policy is checked,the scroll button direction
    displayed incorrectly.
  * JDK-8240343: JDI stopListening/stoplis001 "FAILED: listening is successfully
    stopped without starting listening"
  * JDK-8254759: [TEST_BUG] [macosx]
    javax/swing/JInternalFrame/4202966/IntFrameCoord.html fails
  * JDK-8258734: jdk/jfr/event/oldobject/TestClassLoaderLeak.java failed with
    "RuntimeException: Could not find class leak"
  * JDK-8268364: jmethod clearing should be done during unloading
  * JDK-8269770: nsk tests should start IOPipe channel before launch debuggee -
    Debugee.prepareDebugee
  * JDK-8271003: hs_err improvement: handle CLASSPATH env setting longer than
    O_BUFLEN
  * JDK-8271456: Avoid looking up standard charsets in "java.desktop" module
  * JDK-8271821: mark hotspot runtime/MinimalVM tests which ignore external VM
    flags
  * JDK-8271825: mark hotspot runtime/LoadClass tests which ignore external VM
    flags
  * JDK-8271836: runtime/ErrorHandling/ClassPathEnvVar.java fails with release
    VMs
  * JDK-8272746: ZipFile can't open big file (NegativeArraySizeException)
  * JDK-8273914: Indy string concat changes order of operations
  * JDK-8274170: Add hooks for custom makefiles to augment jtreg test execution
  * JDK-8274505: Too weak variable type leads to unnecessary cast in
    java.desktop
  * JDK-8276763: java/nio/channels/SocketChannel/AdaptorStreams.java fails with
    "SocketTimeoutException: Read timed out"
  * JDK-8278527: java/util/concurrent/tck/JSR166TestCase.java fails nanoTime
    test
  * JDK-8280131: jcmd reports "Module jdk.jfr not found." when
    "jdk.management.jfr" is missing
  * JDK-8281379: Assign package declarations to all jtreg test cases under gc
  * JDK-8282578: AIOOBE in javax.sound.sampled.Clip
  * JDK-8283214: [macos] Screen magnifier does not show the magnified text for
    JComboBox
  * JDK-8283222: improve diagnosability of runtime/8176717/TestInheritFD.java
    timeouts
  * JDK-8284291: sun/security/krb5/auto/Renew.java fails intermittently on
    Windows 11
  * JDK-8284874: Add comment to ProcessHandle/OnExitTest to describe zombie
    problem
  * JDK-8286160: (fs) Files.exists returns unexpected results with
    C:\pagefile.sys because it's not readable
  * JDK-8287003: InputStreamReader::read() can return zero despite writing a
    char in the buffer
  * JDK-8288976: classfile parser 'wrong name' error message has the names the
    wrong way around
  * JDK-8289184: runtime/ClassUnload/DictionaryDependsTest.java failed with
    "Test failed: should be unloaded"
  * JDK-8290023: Remove use of IgnoreUnrecognizedVMOptions in gc tests
  * JDK-8290269: gc/shenandoah/TestVerifyJCStress.java fails due to invalid tag:
    required after JDK-8290023
  * JDK-8292309: Fix
    "java/awt/PrintJob/ConstrainedPrintingTest/ConstrainedPrintingTest.java"
    test
  * JDK-8293061: Combine CDSOptions and AppCDSOptions test utility classes
  * JDK-8293877: Rewrite MineField test
  * JDK-8294193: Files.createDirectories throws FileAlreadyExistsException for a
    symbolic link whose target is an existing directory
  * JDK-8294726: Update URLs in minefield tests
  * JDK-8295239: Refactor java/util/Formatter/Basic script into a Java native
    test launcher
  * JDK-8295344: Harden runtime/StackGuardPages/TestStackGuardPages.java
  * JDK-8295859: Update Manual Test Groups
  * JDK-8296709: WARNING: JNI call made without checking exceptions
  * JDK-8296718: Refactor bootstrap Test Common Functionalities to
    test/lib/Utils
  * JDK-8296787: Unify debug printing format of X.509 cert serial numbers
  * JDK-8296972: [macos13]
    java/awt/Frame/MaximizedToIconified/MaximizedToIconified.java:
    getExtendedState() != 6 as expected.
  * JDK-8298513:
    vmTestbase/nsk/jdi/EventSet/suspendPolicy/suspendpolicy009/TestDescription.java
    fails with usage tracker
  * JDK-8300416: java.security.MessageDigestSpi clone can result in thread-
    unsafe clones
  * JDK-8301379: Verify TLS_ECDH_* cipher suites cannot be negotiated
  * JDK-8302225: SunJCE Provider doesn't validate key sizes when using
    'constrained' transforms for AES/KW and AES/KWP
  * JDK-8303697: ProcessTools doesn't print last line of process output
  * JDK-8303705: Field sleeper.started should be volatile JdbLockTestTarg.java
  * JDK-8303742: CompletableFuture.orTimeout leaks if the future completes
    exceptionally
  * JDK-8304020: Speed up test/jdk/java/util/zip/ZipFile/TestTooManyEntries.java
    and clarify its purpose
  * JDK-8304557:
    java/util/concurrent/CompletableFuture/CompletableFutureOrTimeoutExceptionallyTest.java
    times out
  * JDK-8306015: Update sun.security.ssl TLS tests to use SSLContextTemplate or
    SSLEngineTemplate
  * JDK-8307297: Move some DnD tests to open
  * JDK-8307408: Some jdk/sun/tools/jhsdb tests don't pass test JVM args to the
    debuggee JVM
  * JDK-8309109: AArch64: [TESTBUG]
    compiler/intrinsics/sha/cli/TestUseSHA3IntrinsicsOptionOnSupportedCPU.java
    fails on Neoverse N2 and V1
  * JDK-8309303: jdk/internal/misc/VM/RuntimeArguments test ignores
    jdk/internal/vm/options
  * JDK-8309532: java/lang/Class/getDeclaredField/FieldSetAccessibleTest should
    filter modules that depend on JVMCI
  * JDK-8310072: JComboBox/DisabledComboBoxFontTestAuto: Enabled and disabled
    ComboBox does not match in these LAFs: GTK-
  * JDK-8310731: Configure a javax.net.ssl.SNIMatcher for the HTTP/1.1 test
    servers in java/net/httpclient tests
  * JDK-8312111:
    open/test/jdk/java/awt/Robot/ModifierRobotKey/ModifierRobotKeyTest.java
    fails on ubuntu 23.04
  * JDK-8313374: --enable-ccache's CCACHE_BASEDIR breaks builds
  * JDK-8313638: Add test for dump of resolved references
  * JDK-8313854: Some tests in serviceability area fail on localized Windows
    platform
  * JDK-8313878: Exclude two compiler/rtm/locking tests on ppc64le
  * JDK-8314333: Update com/sun/jdi/ProcessAttachTest.java to use
    ProcessTools.createTestJvm(..)
  * JDK-8314824: Fix serviceability/jvmti/8036666/GetObjectLockCount.java to use
    vm flags
  * JDK-8314829: serviceability/sa/jmap-hprof/JMapHProfLargeHeapTest.java
    ignores vm flags
  * JDK-8314831: NMT tests ignore vm flags
  * JDK-8315097: Rename createJavaProcessBuilder
  * JDK-8315406: [REDO] serviceability/jdwp/AllModulesCommandTest.java ignores
    VM flags
  * JDK-8315988: Parallel: Make TestAggressiveHeap use createTestJvm
  * JDK-8316410: GC: Make TestCompressedClassFlags use createTestJvm
  * JDK-8316446: 4 sun/management/jdp tests ignore VM flags
  * JDK-8316447: 8 sun/management/jmxremote tests ignore VM flags
  * JDK-8316464: 3 sun/tools tests ignore VM flags
  * JDK-8316562: serviceability/sa/jmap-hprof/JMapHProfLargeHeapTest.java times
    out after JDK-8314829
  * JDK-8316581: Improve performance of Symbol::print_value_on()
  * JDK-8317042: G1: Make TestG1ConcMarkStepDurationMillis use createTestJvm
  * JDK-8317116: Provide layouts for multiple test UI in PassFailJFrame
  * JDK-8317188: G1: Make TestG1ConcRefinementThreads use createTestJvm
  * JDK-8317218: G1: Make TestG1HeapRegionSize use createTestJvm
  * JDK-8317347: Parallel: Make TestInitialTenuringThreshold use createTestJvm
  * JDK-8317738: CodeCacheFullCountTest failed with "VirtualMachineError: Out of
    space in CodeCache for method handle intrinsic"
  * JDK-8318964: Fix build failures caused by 8315097
  * JDK-8319574: Exec/process tests should be marked as flagless
  * JDK-8319640: ClassicFormat::parseObject (from DateTimeFormatter) does not
    conform to the javadoc and may leak DateTimeException
  * JDK-8319651: Several network tests ignore vm flags when start java process
  * JDK-8319817: Charset constructor should make defensive copy of aliases
  * JDK-8320586: update manual test/jdk/TEST.groups
  * JDK-8320665: update jdk_core at open/test/jdk/TEST.groups
  * JDK-8320673: PageFormat/CustomPaper.java has no Pass/Fail buttons; multiple
    instructions
  * JDK-8320675: PrinterJob/SecurityDialogTest.java hangs
  * JDK-8321163: [test] OutputAnalyzer.getExitValue() unnecessarily logs even
    when process has already completed
  * JDK-8321299: runtime/logging/ClassLoadUnloadTest.java doesn't reliably
    trigger class unloading
  * JDK-8321470: ThreadLocal.nextHashCode can be static final
  * JDK-8321543: Update NSS to version 3.96
  * JDK-8321616: Retire binary test vectors in test/jdk/java/util/zip/ZipFile
  * JDK-8322754: click JComboBox when dialog about to close causes
    IllegalComponentStateException
  * JDK-8322766: Micro bench SSLHandshake should use default algorithms
  * JDK-8322809: SystemModulesMap::classNames and moduleNames arrays do not
    match the order
  * JDK-8322830: Add test case for ZipFile opening a ZIP with no entries
  * JDK-8323562: SaslInputStream.read() may return wrong value
  * JDK-8323688: C2: Fix UB of jlong overflow in
    PhaseIdealLoop::is_counted_loop()
  * JDK-8324808: Manual printer tests have no Pass/Fail buttons, instructions
    close set 3
  * JDK-8324841: PKCS11 tests still skip execution
  * JDK-8325038: runtime/cds/appcds/ProhibitedPackage.java can fail with
    UseLargePages
  * JDK-8325525: Create jtreg test case for JDK-8325203
  * JDK-8325587: Shenandoah: ShenandoahLock should allow blocking in VM
  * JDK-8325610: CTW: Add StressIncrementalInlining to stress options
  * JDK-8325616: JFR ZGC Allocation Stall events should record stack traces
  * JDK-8325762: Use PassFailJFrame.Builder.splitUI() in PrintLatinCJKTest.java
  * JDK-8325851: Hide PassFailJFrame.Builder constructor
  * JDK-8326100: DeflaterDictionaryTests should use Deflater.getBytesWritten
    instead of Deflater.getTotalOut
  * JDK-8326121:
    vmTestbase/gc/g1/unloading/tests/unloading_keepRef_rootClass_inMemoryCompilation_keep_cl
    failed with Full gc happened. Test was useless.
  * JDK-8326611: Clean up vmTestbase/nsk/stress/stack tests
  * JDK-8326898: NSK tests should listen on loopback addresses only
  * JDK-8326948: Force English locale for timeout formatting
  * JDK-8327401: Some jtreg tests fail on Wayland without any tracking bug
  * JDK-8327474: Review use of java.io.tmpdir in jdk tests
  * JDK-8327924: Simplify TrayIconScalingTest.java
  * JDK-8328021: Convert applet test java/awt/List/SetFontTest/SetFontTest.html
    to main program
  * JDK-8328242: Add a log area to the PassFailJFrame
  * JDK-8328303: 3 JDI tests timed out with UT enabled
  * JDK-8328379: Convert URLDragTest.html applet test to main
  * JDK-8328402: Implement pausing functionality for the PassFailJFrame
  * JDK-8328619:
    sun/management/jmxremote/bootstrap/SSLConfigFilePermissionTest.java failed
    with BindException: Address already in use
  * JDK-8328697: SubMenuShowTest and SwallowKeyEvents tests stabilization
  * JDK-8328723: IP Address error when client enables HTTPS endpoint check on
    server socket
  * JDK-8328957: Update PKCS11Test.java to not use hardcoded path
  * JDK-8330278: Have SSLSocketTemplate.doClientSide use loopback address
  * JDK-8330464: hserr generic events - add entry for the before_exit calls
  * JDK-8330621: Make 5 compiler tests use ProcessTools.executeProcess
  * JDK-8330814: Cleanups for KeepAliveCache tests
  * JDK-8331142: Add test for number of loader threads in BasicDirectoryModel
  * JDK-8331391: Enhance the keytool code by invoking the buildTrustedCerts
    method for essential options
  * JDK-8331405: Shenandoah: Optimize ShenandoahLock with TTAS
  * JDK-8331411: Shenandoah: Reconsider spinning duration in ShenandoahLock
  * JDK-8331495: Limit BasicDirectoryModel/LoaderThreadCount.java to Windows
    only
  * JDK-8331626: unsafe.cpp:162:38: runtime error in
    index_oop_from_field_offset_long - applying non-zero offset 4563897424 to
    null pointer
  * JDK-8331789: ubsan: deoptimization.cpp:403:29: runtime error: load of value
    208, which is not a valid value for type 'bool'
  * JDK-8331863: DUIterator_Fast used before it is constructed
  * JDK-8331864: Update Public Suffix List to 1cbd6e7
  * JDK-8331999: BasicDirectoryModel/LoaderThreadCount.java frequently fails on
    Windows in CI
  * JDK-8332340: Add JavacBench as a test case for CDS
  * JDK-8332473: ubsan: growableArray.hpp:290:10: runtime error: null pointer
    passed as argument 1, which is declared to never be null
  * JDK-8332589: ubsan: unix/native/libjava/ProcessImpl_md.c:562:5: runtime
    error: null pointer passed as argument 2, which is declared to never be null
  * JDK-8332720: ubsan: instanceKlass.cpp:3550:76: runtime error: member call on
    null pointer of type 'struct Array'
  * JDK-8332724: x86 MacroAssembler may over-align code
  * JDK-8332777: Update JCStress test suite
  * JDK-8332825: ubsan: guardedMemory.cpp:35:11: runtime error: null pointer
    passed as argument 2, which is declared to never be null
  * JDK-8332866: Crash in ImageIO JPEG decoding when MEM_STATS in enabled
  * JDK-8332901: Select{Current,New}ItemTest.java for Choice don't open popup on
    macOS
  * JDK-8332903: ubsan: opto/output.cpp:1002:18: runtime error: load of value
    171, which is not a valid value for type 'bool'
  * JDK-8332904: ubsan ppc64le: c1_LIRGenerator_ppc.cpp:581:21: runtime error:
    signed integer overflow: 9223372036854775807 - 1 cannot be represented in
    type 'long int'
  * JDK-8332935: Crash: assert(*lastPtr != 0) failed: Mismatched
    JNINativeInterface tables, check for new entries
  * JDK-8333317: Test sun/security/pkcs11/sslecc/ClientJSSEServerJSSE.java
    failed with: Invalid ECDH ServerKeyExchange signature
  * JDK-8333824: Unused ClassValue in VarHandles
  * JDK-8334057: JLinkReproducibleTest.java support receive test.tool.vm.opts
  * JDK-8334405: java/nio/channels/Selector/SelectWithConsumer.java#id0 failed
    in testWakeupDuringSelect
  * JDK-8334562: Automate
    com/sun/security/auth/callback/TextCallbackHandler/Default.java test
  * JDK-8334567: [test] runtime/os/TestTracePageSizes move ppc handling
  * JDK-8335142: compiler/c1/TestTraceLinearScanLevel.java occasionally times
    out with -Xcomp
  * JDK-8335267: [XWayland] move screencast tokens from .awt to .java folder
  * JDK-8335344: test/jdk/sun/security/tools/keytool/NssTest.java fails to
    compile
  * JDK-8335428: Enhanced Building of Processes
  * JDK-8335449: runtime/cds/DeterministicDump.java fails with File content
    different at byte ...
  * JDK-8335493: check_gc_overhead_limit should reset
    SoftRefPolicy::_should_clear_all_soft_refs
  * JDK-8335530: Java file extension missing in AuthenticatorTest
  * JDK-8335709: C2: assert(!loop->is_member(get_loop(useblock))) failed: must
    be outside loop
  * JDK-8335904: Fix invalid comment in ShenandoahLock
  * JDK-8335912, JDK-8337499: Add an operation mode to the jar command when
    extracting to not overwriting existing files
  * JDK-8336240: Test com/sun/crypto/provider/Cipher/DES/PerformanceTest.java
    fails with java.lang.ArithmeticException
  * JDK-8336257: Additional tests in jmxremote/startstop to match on PID not app
    name
  * JDK-8336315: tools/jpackage/windows/WinChildProcessTest.java Failed: Check
    is calculator process is alive
  * JDK-8336342: Fix known X11 library locations in sysroot
  * JDK-8336343: Add more known sysroot library locations for ALSA
  * JDK-8336413: gtk headers : Fix typedef redeclaration of GMainContext and
    GdkPixbuf
  * JDK-8336564: Enhance mask blit functionality redux
  * JDK-8336854: CAInterop.java#actalisauthenticationrootca conflicted with
    /manual and /timeout
  * JDK-8337066: Repeated call of StringBuffer.reverse with double byte string
    returns wrong result
  * JDK-8337320: Update ProblemList.txt with tests known to fail on XWayland
  * JDK-8337410: The makefiles should set problemlist and adjust timeout basing
    on the given VM flags
  * JDK-8337780: RISC-V: C2: Change C calling convention for sp to NS
  * JDK-8337810: ProblemList BasicDirectoryModel/LoaderThreadCount.java on
    Windows
  * JDK-8337851: Some tests have name which confuse jtreg
  * JDK-8337966: (fs) Files.readAttributes fails with Operation not permitted on
    older docker releases
  * JDK-8338058: map_or_reserve_memory_aligned Windows enhance remap assertion
  * JDK-8338101: remove old remap assertion in map_or_reserve_memory_aligned
    after JDK-8338058
  * JDK-8338109: java/awt/Mouse/EnterExitEvents/ResizingFrameTest.java duplicate
    in ProblemList
  * JDK-8338286: GHA: Demote x86_32 to hotspot build only
  * JDK-8338380: Update TLSCommon/interop/AbstractServer to specify an interface
    to listen for connections
  * JDK-8338402: GHA: some of bundles may not get removed
  * JDK-8338748: [17u,21u] Test Disconnect.java compile error: cannot find
    symbol after JDK-8299813
  * JDK-8338751: ConfigureNotify behavior has changed in KWin 6.2
  * JDK-8338759: Add extra diagnostic to java/net/InetAddress/ptr/Lookup.java
  * JDK-8339081: Bump update version for OpenJDK: jdk-17.0.14
  * JDK-8339180: Enhanced Building of Processes: Follow-on Issue
  * JDK-8339248: RISC-V: Remove li64 macro assembler routine and related code
  * JDK-8339384: Unintentional IOException in jdk.jdi module when JDWP end of
    stream occurs
  * JDK-8339470: [17u] More defensive fix for 8163921
  * JDK-8339487: ProcessHandleImpl os_getChildren sysctl call - retry in case of
    ENOMEM and enhance exception message
  * JDK-8339548: GHA: RISC-V: Use Debian snapshot archive for bootstrap
  * JDK-8339560: Unaddressed comments during code review of JDK-8337664
  * JDK-8339591: Mark jdk/jshell/ExceptionMessageTest.java intermittent
  * JDK-8339637: (tz) Update Timezone Data to 2024b
  * JDK-8339644: Improve parsing of Day/Month in tzdata rules
  * JDK-8339731: java.desktop/share/classes/javax/swing/text/html/default.css
    typo in margin settings
  * JDK-8339741: RISC-V: C ABI breakage for integer on stack
  * JDK-8339787: Add some additional diagnostic output to
    java/net/ipv6tests/UdpTest.java
  * JDK-8339803: Acknowledge case insensitive unambiguous keywords in tzdata
    files
  * JDK-8339892: Several security shell tests don't set TESTJAVAOPTS
  * JDK-8339931: Update problem list for WindowUpdateFocusabilityTest.java
  * JDK-8340007: Refactor KeyEvent/FunctionKeyTest.java
  * JDK-8340008: KeyEvent/KeyTyped/Numpad1KeyTyped.java has 15 seconds timeout
  * JDK-8340210: Add positionTestUI() to PassFailJFrame.Builder
  * JDK-8340230: Tests crash: assert(is_in_encoding_range || k->is_interface()
    || k->is_abstract()) failed: sanity
  * JDK-8340306: Add border around instructions in PassFailJFrame
  * JDK-8340308: PassFailJFrame: Make rows default to number of lines in
    instructions
  * JDK-8340365: Position the first window of a window list
  * JDK-8340387: Update OS detection code to recognize Windows Server 2025
  * JDK-8340418: GHA: MacOS AArch64 bundles can be removed prematurely
  * JDK-8340461: Amend description for logArea
  * JDK-8340466: Add description for PassFailJFrame constructors
  * JDK-8340552: Harden TzdbZoneRulesCompiler against missing zone names
  * JDK-8340632: ProblemList java/nio/channels/DatagramChannel/ for Macos
  * JDK-8340657: [PPC64] SA determines wrong unextendedSP
  * JDK-8340684: Reading from an input stream backed by a closed ZipFile has no
    test coverage
  * JDK-8340785: Update description of PassFailJFrame and samples
  * JDK-8340799: Add border inside instruction frame in PassFailJFrame
  * JDK-8340812: LambdaForm customization via MethodHandle::updateForm is not
    thread safe
  * JDK-8340815: Add SECURITY.md file
  * JDK-8340899: Remove wildcard bound in PositionWindows.positionTestWindows
  * JDK-8341146: RISC-V: Unnecessary fences used for load-acquire in template
    interpreter
  * JDK-8341235: Improve default instruction frame title in PassFailJFrame
  * JDK-8341562: RISC-V: Generate comments in -XX:-PrintInterpreter to link to
    source code
  * JDK-8341635: [17u] runtime/ErrorHandling/ClassPathEnvVar test ignores
    external VM flags
  * JDK-8341688: Aarch64: Generate comments in -XX:-PrintInterpreter to link to
    source code
  * JDK-8341806: Gcc version detection failure on Alinux3
  * JDK-8341927: Replace hardcoded security providers with new
    test.provider.name system property
  * JDK-8341997: Tests create files in src tree instead of scratch dir
  * JDK-8342181: Update tests to use stronger Key and Salt size
  * JDK-8342183: Update tests to use stronger algorithms and keys
  * JDK-8342188: Update tests to use stronger key parameters and certificates
  * JDK-8342496: C2/Shenandoah: SEGV in compiled code when running jcstress
  * JDK-8342578: GHA: RISC-V: Bootstrap using Debian snapshot is still failing
  * JDK-8342669: [21u] Fix TestArrayAllocatorMallocLimit after backport of
    JDK-8315097
  * JDK-8342681: TestLoadBypassesNullCheck.java fails improperly specified VM
    option
  * JDK-8342701: [PPC64] TestOSRLotsOfLocals.java crashes
  * JDK-8342962: [s390x] TestOSRLotsOfLocals.java crashes
  * JDK-8343285: java.lang.Process is unresponsive and CPU usage spikes to 100%
  * JDK-8343474: [updates] Customize README.md to specifics of update project
  * JDK-8343687: [17u] TestAntiDependencyForPinnedLoads requires UTF-8
  * JDK-8343848: Fix typo of property name in TestOAEPPadding after 8341927
  * JDK-8343877: Test AsyncClose.java intermittent fails -
    Socket.getInputStream().read() wasn't preempted
  * JDK-8343923: GHA: Switch to Xcode 15 on MacOS AArch64 runners
  * JDK-8347011: [17u] Remove designator DEFAULT_PROMOTED_VERSION_PRE=ea for
    release 17.0.14

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-339=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-339=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-339=1

  * Legacy Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2025-339=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-339=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-339=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-339=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-339=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-339=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-339=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-339=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-339=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-339=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-339=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-339=1

## Package List:

  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * java-17-openjdk-devel-17.0.14.0-150400.3.51.1
    * java-17-openjdk-jmods-17.0.14.0-150400.3.51.1
    * java-17-openjdk-devel-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-17.0.14.0-150400.3.51.1
    * java-17-openjdk-src-17.0.14.0-150400.3.51.1
    * java-17-openjdk-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-demo-17.0.14.0-150400.3.51.1
  * openSUSE Leap 15.4 (noarch)
    * java-17-openjdk-javadoc-17.0.14.0-150400.3.51.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * java-17-openjdk-devel-17.0.14.0-150400.3.51.1
    * java-17-openjdk-jmods-17.0.14.0-150400.3.51.1
    * java-17-openjdk-devel-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-17.0.14.0-150400.3.51.1
    * java-17-openjdk-src-17.0.14.0-150400.3.51.1
    * java-17-openjdk-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-demo-17.0.14.0-150400.3.51.1
  * openSUSE Leap 15.6 (noarch)
    * java-17-openjdk-javadoc-17.0.14.0-150400.3.51.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * java-17-openjdk-devel-17.0.14.0-150400.3.51.1
    * java-17-openjdk-devel-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-17.0.14.0-150400.3.51.1
    * java-17-openjdk-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1
  * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * java-17-openjdk-demo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * java-17-openjdk-devel-17.0.14.0-150400.3.51.1
    * java-17-openjdk-devel-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-17.0.14.0-150400.3.51.1
    * java-17-openjdk-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-demo-17.0.14.0-150400.3.51.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * java-17-openjdk-devel-17.0.14.0-150400.3.51.1
    * java-17-openjdk-devel-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-17.0.14.0-150400.3.51.1
    * java-17-openjdk-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-demo-17.0.14.0-150400.3.51.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * java-17-openjdk-devel-17.0.14.0-150400.3.51.1
    * java-17-openjdk-devel-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-17.0.14.0-150400.3.51.1
    * java-17-openjdk-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-demo-17.0.14.0-150400.3.51.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * java-17-openjdk-devel-17.0.14.0-150400.3.51.1
    * java-17-openjdk-devel-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-17.0.14.0-150400.3.51.1
    * java-17-openjdk-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-demo-17.0.14.0-150400.3.51.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * java-17-openjdk-devel-17.0.14.0-150400.3.51.1
    * java-17-openjdk-devel-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-17.0.14.0-150400.3.51.1
    * java-17-openjdk-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-demo-17.0.14.0-150400.3.51.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * java-17-openjdk-devel-17.0.14.0-150400.3.51.1
    * java-17-openjdk-devel-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-17.0.14.0-150400.3.51.1
    * java-17-openjdk-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-demo-17.0.14.0-150400.3.51.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * java-17-openjdk-devel-17.0.14.0-150400.3.51.1
    * java-17-openjdk-devel-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-17.0.14.0-150400.3.51.1
    * java-17-openjdk-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-demo-17.0.14.0-150400.3.51.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * java-17-openjdk-devel-17.0.14.0-150400.3.51.1
    * java-17-openjdk-devel-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-17.0.14.0-150400.3.51.1
    * java-17-openjdk-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-demo-17.0.14.0-150400.3.51.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * java-17-openjdk-devel-17.0.14.0-150400.3.51.1
    * java-17-openjdk-devel-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-17.0.14.0-150400.3.51.1
    * java-17-openjdk-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-demo-17.0.14.0-150400.3.51.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * java-17-openjdk-devel-17.0.14.0-150400.3.51.1
    * java-17-openjdk-devel-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-17.0.14.0-150400.3.51.1
    * java-17-openjdk-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-demo-17.0.14.0-150400.3.51.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * java-17-openjdk-devel-17.0.14.0-150400.3.51.1
    * java-17-openjdk-devel-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-17.0.14.0-150400.3.51.1
    * java-17-openjdk-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-demo-17.0.14.0-150400.3.51.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-21502.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236278

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250203/405db7f1/attachment.htm>

From null at suse.de  Mon Feb  3 16:30:09 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 03 Feb 2025 16:30:09 -0000
Subject: SUSE-SU-2025:0338-1: moderate: Security update for java-11-openjdk
Message-ID: <173860020936.22572.6080256073728311252@smelt2.prg2.suse.org>



# Security update for java-11-openjdk

Announcement ID: SUSE-SU-2025:0338-1  
Release Date: 2025-02-03T15:13:42Z  
Rating: moderate  
References:

  * bsc#1236278

  
Cross-References:

  * CVE-2025-21502

  
CVSS scores:

  * CVE-2025-21502 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-21502 ( SUSE ):  4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
  * CVE-2025-21502 ( NVD ):  4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

  
Affected Products:

  * Legacy Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3
  * SUSE Package Hub 15 15-SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for java-11-openjdk fixes the following issues:

Upgrade to upstream tag jdk-11.0.26+4 (January 2025 CPU)

Security fixes:

  * CVE-2025-21502: Enhance array handling (JDK-8330045, bsc#1236278)

Other changes:

  * JDK-8224624: Inefficiencies in CodeStrings::add_comment cause - timeouts
  * JDK-8225045: javax/swing/JInternalFrame/8146321//JInternalFrameIconTest.java
    fails on linux-x64
  * JDK-8232367: Update Reactive Streams to 1.0.3 -- tests only
  * JDK-8247706: Unintentional use of new Date(year...) with absolute year
  * JDK-8299254: Support dealing with standard assert macro
  * JDK-8303920: Avoid calling out to python in DataDescriptorSignatureMissing
    test
  * JDK-8315936: Parallelize gc/stress/TestStressG1Humongous.java test
  * JDK-8316193: jdk/jfr/event/oldobject/TestListenerLeak.java
    java.lang.Exception: Could not find leak
  * JDK-8328300: Convert PrintDialogsTest.java from Applet to main program
  * JDK-8328642: Convert applet test MouseDraggedOutCauseScrollingTest.html to
    main
  * JDK-8334332: TestIOException.java fails if run by root
  * JDK-8335428: Enhanced Building of Processes
  * JDK-8335801: [11u] Backport of 8210988 to 11u removes gcc warnings
  * JDK-8335912, JDK-8337499: Add an operation mode to the jar command when
    extracting to not overwriting existing files
  * JDK-8336564: Enhance mask blit functionality redux
  * JDK-8338402: GHA: some of bundles may not get removed
  * JDK-8339082: Bump update version for OpenJDK: jdk-11.0.26
  * JDK-8339180: Enhanced Building of Processes: Follow-on Issue
  * JDK-8339470: [17u] More defensive fix for 8163921
  * JDK-8339637: (tz) Update Timezone Data to 2024b
  * JDK-8339644: Improve parsing of Day/Month in tzdata rules
  * JDK-8339803: Acknowledge case insensitive unambiguous keywords in tzdata
    files
  * JDK-8340552: Harden TzdbZoneRulesCompiler against missing zone names
  * JDK-8340671: GHA: Bump macOS and Xcode versions to macos-12 and XCode 13.4.1
  * JDK-8340815: Add SECURITY.md file
  * JDK-8342426: [11u] javax/naming/module/RunBasic.java javac compile fails
  * JDK-8342629: [11u] Properly message out that shenandoah is disabled
  * JDK-8347483: [11u] Remove designator DEFAULT_PROMOTED_VERSION_PRE=ea for
    release 11.0.26

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-338=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-338=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-338=1

  * Legacy Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2025-338=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-338=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-338=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-338=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-338=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-338=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-338=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-338=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-338=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-338=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-338=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-338=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-338=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-338=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-338=1

## Package List:

  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * java-11-openjdk-debugsource-11.0.26.0-150000.3.122.1
    * java-11-openjdk-devel-11.0.26.0-150000.3.122.1
    * java-11-openjdk-headless-11.0.26.0-150000.3.122.1
    * java-11-openjdk-demo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-11.0.26.0-150000.3.122.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * java-11-openjdk-debugsource-11.0.26.0-150000.3.122.1
    * java-11-openjdk-devel-11.0.26.0-150000.3.122.1
    * java-11-openjdk-debuginfo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-headless-11.0.26.0-150000.3.122.1
    * java-11-openjdk-demo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-11.0.26.0-150000.3.122.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * java-11-openjdk-src-11.0.26.0-150000.3.122.1
    * java-11-openjdk-debugsource-11.0.26.0-150000.3.122.1
    * java-11-openjdk-jmods-11.0.26.0-150000.3.122.1
    * java-11-openjdk-devel-11.0.26.0-150000.3.122.1
    * java-11-openjdk-debuginfo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-headless-11.0.26.0-150000.3.122.1
    * java-11-openjdk-devel-debuginfo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-demo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-11.0.26.0-150000.3.122.1
    * java-11-openjdk-headless-debuginfo-11.0.26.0-150000.3.122.1
  * openSUSE Leap 15.6 (noarch)
    * java-11-openjdk-javadoc-11.0.26.0-150000.3.122.1
  * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * java-11-openjdk-debugsource-11.0.26.0-150000.3.122.1
    * java-11-openjdk-devel-11.0.26.0-150000.3.122.1
    * java-11-openjdk-debuginfo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-headless-11.0.26.0-150000.3.122.1
    * java-11-openjdk-devel-debuginfo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-demo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-11.0.26.0-150000.3.122.1
    * java-11-openjdk-headless-debuginfo-11.0.26.0-150000.3.122.1
  * SUSE Package Hub 15 15-SP6 (noarch)
    * java-11-openjdk-javadoc-11.0.26.0-150000.3.122.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * java-11-openjdk-debugsource-11.0.26.0-150000.3.122.1
    * java-11-openjdk-devel-11.0.26.0-150000.3.122.1
    * java-11-openjdk-debuginfo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-headless-11.0.26.0-150000.3.122.1
    * java-11-openjdk-demo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-11.0.26.0-150000.3.122.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * java-11-openjdk-debugsource-11.0.26.0-150000.3.122.1
    * java-11-openjdk-devel-11.0.26.0-150000.3.122.1
    * java-11-openjdk-headless-11.0.26.0-150000.3.122.1
    * java-11-openjdk-demo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-11.0.26.0-150000.3.122.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * java-11-openjdk-debugsource-11.0.26.0-150000.3.122.1
    * java-11-openjdk-devel-11.0.26.0-150000.3.122.1
    * java-11-openjdk-headless-11.0.26.0-150000.3.122.1
    * java-11-openjdk-demo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-11.0.26.0-150000.3.122.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * java-11-openjdk-devel-11.0.26.0-150000.3.122.1
    * java-11-openjdk-demo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-11.0.26.0-150000.3.122.1
    * java-11-openjdk-headless-11.0.26.0-150000.3.122.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * java-11-openjdk-devel-11.0.26.0-150000.3.122.1
    * java-11-openjdk-demo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-11.0.26.0-150000.3.122.1
    * java-11-openjdk-headless-11.0.26.0-150000.3.122.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * java-11-openjdk-debugsource-11.0.26.0-150000.3.122.1
    * java-11-openjdk-devel-11.0.26.0-150000.3.122.1
    * java-11-openjdk-debuginfo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-headless-11.0.26.0-150000.3.122.1
    * java-11-openjdk-demo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-11.0.26.0-150000.3.122.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * java-11-openjdk-debugsource-11.0.26.0-150000.3.122.1
    * java-11-openjdk-devel-11.0.26.0-150000.3.122.1
    * java-11-openjdk-headless-11.0.26.0-150000.3.122.1
    * java-11-openjdk-demo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-11.0.26.0-150000.3.122.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * java-11-openjdk-devel-11.0.26.0-150000.3.122.1
    * java-11-openjdk-demo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-11.0.26.0-150000.3.122.1
    * java-11-openjdk-headless-11.0.26.0-150000.3.122.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * java-11-openjdk-debugsource-11.0.26.0-150000.3.122.1
    * java-11-openjdk-devel-11.0.26.0-150000.3.122.1
    * java-11-openjdk-debuginfo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-headless-11.0.26.0-150000.3.122.1
    * java-11-openjdk-demo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-11.0.26.0-150000.3.122.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * java-11-openjdk-debugsource-11.0.26.0-150000.3.122.1
    * java-11-openjdk-devel-11.0.26.0-150000.3.122.1
    * java-11-openjdk-headless-11.0.26.0-150000.3.122.1
    * java-11-openjdk-demo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-11.0.26.0-150000.3.122.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * java-11-openjdk-devel-11.0.26.0-150000.3.122.1
    * java-11-openjdk-demo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-11.0.26.0-150000.3.122.1
    * java-11-openjdk-headless-11.0.26.0-150000.3.122.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * java-11-openjdk-debugsource-11.0.26.0-150000.3.122.1
    * java-11-openjdk-devel-11.0.26.0-150000.3.122.1
    * java-11-openjdk-headless-11.0.26.0-150000.3.122.1
    * java-11-openjdk-demo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-11.0.26.0-150000.3.122.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * java-11-openjdk-debugsource-11.0.26.0-150000.3.122.1
    * java-11-openjdk-devel-11.0.26.0-150000.3.122.1
    * java-11-openjdk-headless-11.0.26.0-150000.3.122.1
    * java-11-openjdk-demo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-11.0.26.0-150000.3.122.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-21502.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236278

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250203/74b73c87/attachment.htm>

From null at suse.de  Mon Feb  3 16:30:13 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 03 Feb 2025 16:30:13 -0000
Subject: SUSE-SU-2025:0337-1: important: Security update for bind
Message-ID: <173860021372.22572.1469354793385681035@smelt2.prg2.suse.org>



# Security update for bind

Announcement ID: SUSE-SU-2025:0337-1  
Release Date: 2025-02-03T15:10:35Z  
Rating: important  
References:

  * bsc#1236596

  
Cross-References:

  * CVE-2024-11187

  
CVSS scores:

  * CVE-2024-11187 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-11187 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-11187 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * SUSE Linux Enterprise Micro 5.0
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Manager Client Tools for SLE Micro 5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for bind fixes the following issues:

  * CVE-2024-11187: Fixes CPU exhaustion caused by many records in the
    additional section (bsc#1236596)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Manager Client Tools for SLE Micro 5  
    zypper in -t patch SUSE-SLE-Manager-Tools-For-Micro-5-2025-337=1

## Package List:

  * SUSE Manager Client Tools for SLE Micro 5 (aarch64 s390x x86_64)
    * libirs1601-9.16.6-150000.12.80.1
    * libbind9-1600-9.16.6-150000.12.80.1
    * libisccc1600-9.16.6-150000.12.80.1
    * libisc1606-9.16.6-150000.12.80.1
    * bind-utils-9.16.6-150000.12.80.1
    * libns1604-debuginfo-9.16.6-150000.12.80.1
    * libns1604-9.16.6-150000.12.80.1
    * libdns1605-9.16.6-150000.12.80.1
    * libisccfg1600-9.16.6-150000.12.80.1
  * SUSE Manager Client Tools for SLE Micro 5 (aarch64_ilp32)
    * libisccc1600-64bit-9.16.6-150000.12.80.1
    * libisccfg1600-64bit-9.16.6-150000.12.80.1
    * libbind9-1600-64bit-9.16.6-150000.12.80.1
    * libisc1606-64bit-9.16.6-150000.12.80.1
    * libdns1605-64bit-9.16.6-150000.12.80.1
    * libirs1601-64bit-9.16.6-150000.12.80.1
  * SUSE Manager Client Tools for SLE Micro 5 (noarch)
    * python3-bind-9.16.6-150000.12.80.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-11187.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236596

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250203/48ad1be7/attachment.htm>

From null at suse.de  Mon Feb  3 16:30:16 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 03 Feb 2025 16:30:16 -0000
Subject: SUSE-SU-2025:0336-1: important: Security update for xrdp
Message-ID: <173860021621.22572.5479093493280251365@smelt2.prg2.suse.org>



# Security update for xrdp

Announcement ID: SUSE-SU-2025:0336-1  
Release Date: 2025-02-03T14:47:32Z  
Rating: important  
References:

  * bsc#1227769

  
Cross-References:

  * CVE-2024-39917

  
CVSS scores:

  * CVE-2024-39917 ( SUSE ):  7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
  * CVE-2024-39917 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for xrdp fixes the following issues:

  * CVE-2024-39917: Enforce no login screen if require_credentials is set
    (bsc#1227769)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-336=1 openSUSE-SLE-15.6-2025-336=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-336=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * xrdp-devel-0.9.13.1-150600.15.3.1
    * xrdp-debugsource-0.9.13.1-150600.15.3.1
    * xrdp-debuginfo-0.9.13.1-150600.15.3.1
    * librfxencode0-0.9.13.1-150600.15.3.1
    * libpainter0-0.9.13.1-150600.15.3.1
    * xrdp-0.9.13.1-150600.15.3.1
    * libpainter0-debuginfo-0.9.13.1-150600.15.3.1
    * librfxencode0-debuginfo-0.9.13.1-150600.15.3.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * xrdp-devel-0.9.13.1-150600.15.3.1
    * xrdp-debugsource-0.9.13.1-150600.15.3.1
    * xrdp-debuginfo-0.9.13.1-150600.15.3.1
    * librfxencode0-0.9.13.1-150600.15.3.1
    * libpainter0-0.9.13.1-150600.15.3.1
    * xrdp-0.9.13.1-150600.15.3.1
    * libpainter0-debuginfo-0.9.13.1-150600.15.3.1
    * librfxencode0-debuginfo-0.9.13.1-150600.15.3.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-39917.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1227769

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250203/f1145c3c/attachment.htm>

From null at suse.de  Mon Feb  3 16:30:19 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 03 Feb 2025 16:30:19 -0000
Subject: SUSE-SU-2025:0335-1: important: Security update for xrdp
Message-ID: <173860021970.22572.10495301504948787997@smelt2.prg2.suse.org>



# Security update for xrdp

Announcement ID: SUSE-SU-2025:0335-1  
Release Date: 2025-02-03T14:44:16Z  
Rating: important  
References:

  * bsc#1227769

  
Cross-References:

  * CVE-2024-39917

  
CVSS scores:

  * CVE-2024-39917 ( SUSE ):  7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
  * CVE-2024-39917 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for xrdp fixes the following issues:

  * CVE-2024-39917: Enforce no login screen if require_credentials is set
    (bsc#1227769)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-335=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-335=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * xrdp-debuginfo-0.9.10-3.19.1
    * xrdp-debugsource-0.9.10-3.19.1
    * xrdp-0.9.10-3.19.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * xrdp-debuginfo-0.9.10-3.19.1
    * xrdp-debugsource-0.9.10-3.19.1
    * xrdp-0.9.10-3.19.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-39917.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1227769

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250203/f9b4270e/attachment.htm>

From null at suse.de  Mon Feb  3 20:30:07 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 03 Feb 2025 20:30:07 -0000
Subject: SUSE-SU-2025:0344-1: important: Security update for orc
Message-ID: <173861460715.22227.15376731057653319925@smelt2.prg2.suse.org>



# Security update for orc

Announcement ID: SUSE-SU-2025:0344-1  
Release Date: 2025-02-03T17:06:05Z  
Rating: important  
References:

  * bsc#1228184

  
Cross-References:

  * CVE-2024-40897

  
CVSS scores:

  * CVE-2024-40897 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-40897 ( NVD ):  6.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Micro for Rancher 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3
  * SUSE Package Hub 15 15-SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for orc fixes the following issues:

  * CVE-2024-40897: Fixed stack-based buffer overflow in the Orc compiler when
    formatting error messages for certain input files (bsc#1228184)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-344=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-344=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-344=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-344=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-344=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-344=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-344=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-344=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-344=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-344=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-344=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-344=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-344=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-344=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-344=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-344=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-344=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-344=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-344=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-344=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-344=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-344=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-344=1

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-344=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-344=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * orc-doc-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
  * openSUSE Leap 15.6 (x86_64)
    * liborc-0_4-0-32bit-0.4.28-150000.3.9.1
    * liborc-0_4-0-32bit-debuginfo-0.4.28-150000.3.9.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
  * SUSE Package Hub 15 15-SP6 (x86_64)
    * liborc-0_4-0-32bit-0.4.28-150000.3.9.1
    * liborc-0_4-0-32bit-debuginfo-0.4.28-150000.3.9.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
  * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-40897.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1228184

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250203/b93f1bfa/attachment.htm>

From null at suse.de  Mon Feb  3 20:30:10 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 03 Feb 2025 20:30:10 -0000
Subject: SUSE-SU-2025:0343-1: moderate: Security update for krb5
Message-ID: <173861461096.22227.362934763651300248@smelt2.prg2.suse.org>



# Security update for krb5

Announcement ID: SUSE-SU-2025:0343-1  
Release Date: 2025-02-03T17:03:59Z  
Rating: moderate  
References:

  * bsc#1236619

  
Cross-References:

  * CVE-2025-24528

  
CVSS scores:

  * CVE-2025-24528 ( SUSE ):  6.0
    CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-24528 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for krb5 fixes the following issues:

  * CVE-2025-24528: Fixed out-of-bounds write caused by overflow when
    calculating ulog block size can lead to process crash (bsc#1236619).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-343=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-343=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-343=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-343=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-343=1

## Package List:

  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * krb5-client-1.19.2-150400.3.15.1
    * krb5-debugsource-1.19.2-150400.3.15.1
    * krb5-debuginfo-1.19.2-150400.3.15.1
    * krb5-server-debuginfo-1.19.2-150400.3.15.1
    * krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.15.1
    * krb5-1.19.2-150400.3.15.1
    * krb5-server-1.19.2-150400.3.15.1
    * krb5-mini-debugsource-1.19.2-150400.3.15.1
    * krb5-plugin-kdb-ldap-1.19.2-150400.3.15.1
    * krb5-plugin-preauth-pkinit-1.19.2-150400.3.15.1
    * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.15.1
    * krb5-plugin-preauth-otp-1.19.2-150400.3.15.1
    * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.15.1
    * krb5-plugin-preauth-spake-debuginfo-1.19.2-150400.3.15.1
    * krb5-mini-devel-1.19.2-150400.3.15.1
    * krb5-client-debuginfo-1.19.2-150400.3.15.1
    * krb5-mini-1.19.2-150400.3.15.1
    * krb5-mini-debuginfo-1.19.2-150400.3.15.1
    * krb5-devel-1.19.2-150400.3.15.1
    * krb5-plugin-preauth-spake-1.19.2-150400.3.15.1
  * openSUSE Leap 15.4 (x86_64)
    * krb5-32bit-1.19.2-150400.3.15.1
    * krb5-32bit-debuginfo-1.19.2-150400.3.15.1
    * krb5-devel-32bit-1.19.2-150400.3.15.1
  * openSUSE Leap 15.4 (aarch64_ilp32)
    * krb5-64bit-debuginfo-1.19.2-150400.3.15.1
    * krb5-devel-64bit-1.19.2-150400.3.15.1
    * krb5-64bit-1.19.2-150400.3.15.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * krb5-1.19.2-150400.3.15.1
    * krb5-debugsource-1.19.2-150400.3.15.1
    * krb5-debuginfo-1.19.2-150400.3.15.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * krb5-1.19.2-150400.3.15.1
    * krb5-debugsource-1.19.2-150400.3.15.1
    * krb5-debuginfo-1.19.2-150400.3.15.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * krb5-1.19.2-150400.3.15.1
    * krb5-debugsource-1.19.2-150400.3.15.1
    * krb5-debuginfo-1.19.2-150400.3.15.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * krb5-1.19.2-150400.3.15.1
    * krb5-debugsource-1.19.2-150400.3.15.1
    * krb5-debuginfo-1.19.2-150400.3.15.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-24528.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236619

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250203/4c5e918f/attachment.htm>

From null at suse.de  Mon Feb  3 20:30:16 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 03 Feb 2025 20:30:16 -0000
Subject: SUSE-SU-2025:0342-1: moderate: Security update for ignition
Message-ID: <173861461632.22227.8807942617414502042@smelt2.prg2.suse.org>



# Security update for ignition

Announcement ID: SUSE-SU-2025:0342-1  
Release Date: 2025-02-03T17:03:44Z  
Rating: moderate  
References:

  * bsc#1236518

  
Cross-References:

  * CVE-2023-45288

  
CVSS scores:

  * CVE-2023-45288 ( SUSE ):  6.9
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2023-45288 ( SUSE ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

  
Affected Products:

  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for ignition fixes the following issues:

CVE-2023-45288: Fixed unclosed connections when receiving too many headers in
golang.org/x/net/http2 (bsc#1236518)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-342=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-342=1

## Package List:

  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * ignition-dracut-grub2-2.14.0-150400.4.3.1
    * ignition-2.14.0-150400.4.3.1
    * ignition-debuginfo-2.14.0-150400.4.3.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * ignition-dracut-grub2-2.14.0-150400.4.3.1
    * ignition-2.14.0-150400.4.3.1
    * ignition-debuginfo-2.14.0-150400.4.3.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-45288.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236518

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250203/a343e3ee/attachment.htm>

From null at suse.de  Mon Feb  3 20:30:20 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 03 Feb 2025 20:30:20 -0000
Subject: SUSE-SU-2025:0341-1: important: Security update for libxml2
Message-ID: <173861462031.22227.15493188062111511291@smelt2.prg2.suse.org>



# Security update for libxml2

Announcement ID: SUSE-SU-2025:0341-1  
Release Date: 2025-02-03T16:33:21Z  
Rating: important  
References:

  * bsc#1236460

  
Cross-References:

  * CVE-2022-49043

  
CVSS scores:

  * CVE-2022-49043 ( SUSE ):  7.5
    CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2022-49043 ( SUSE ):  7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-49043 ( NVD ):  8.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for libxml2 fixes the following issues:

  * CVE-2022-49043: Fixed a use-after-free in xmlXIncludeAddNode. (bsc#1236460)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-341=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-341=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-341=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-341=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-341=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-341=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-341=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-341=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-341=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-341=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-341=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-341=1

## Package List:

  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * libxml2-debugsource-2.9.14-150400.5.35.1
    * libxml2-tools-2.9.14-150400.5.35.1
    * python311-libxml2-2.9.14-150400.5.35.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.35.1
    * libxml2-2-2.9.14-150400.5.35.1
    * libxml2-python-debugsource-2.9.14-150400.5.35.1
    * libxml2-2-debuginfo-2.9.14-150400.5.35.1
    * libxml2-devel-2.9.14-150400.5.35.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.35.1
    * python3-libxml2-2.9.14-150400.5.35.1
    * python311-libxml2-debuginfo-2.9.14-150400.5.35.1
  * openSUSE Leap 15.4 (x86_64)
    * libxml2-2-32bit-debuginfo-2.9.14-150400.5.35.1
    * libxml2-2-32bit-2.9.14-150400.5.35.1
    * libxml2-devel-32bit-2.9.14-150400.5.35.1
  * openSUSE Leap 15.4 (noarch)
    * libxml2-doc-2.9.14-150400.5.35.1
  * openSUSE Leap 15.4 (aarch64_ilp32)
    * libxml2-2-64bit-debuginfo-2.9.14-150400.5.35.1
    * libxml2-2-64bit-2.9.14-150400.5.35.1
    * libxml2-devel-64bit-2.9.14-150400.5.35.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * libxml2-debugsource-2.9.14-150400.5.35.1
    * libxml2-tools-2.9.14-150400.5.35.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.35.1
    * libxml2-2-2.9.14-150400.5.35.1
    * libxml2-python-debugsource-2.9.14-150400.5.35.1
    * libxml2-2-debuginfo-2.9.14-150400.5.35.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.35.1
    * python3-libxml2-2.9.14-150400.5.35.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * libxml2-debugsource-2.9.14-150400.5.35.1
    * libxml2-tools-2.9.14-150400.5.35.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.35.1
    * libxml2-2-2.9.14-150400.5.35.1
    * libxml2-python-debugsource-2.9.14-150400.5.35.1
    * libxml2-2-debuginfo-2.9.14-150400.5.35.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.35.1
    * python3-libxml2-2.9.14-150400.5.35.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * libxml2-debugsource-2.9.14-150400.5.35.1
    * libxml2-tools-2.9.14-150400.5.35.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.35.1
    * libxml2-2-2.9.14-150400.5.35.1
    * libxml2-python-debugsource-2.9.14-150400.5.35.1
    * libxml2-2-debuginfo-2.9.14-150400.5.35.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.35.1
    * python3-libxml2-2.9.14-150400.5.35.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * libxml2-debugsource-2.9.14-150400.5.35.1
    * libxml2-tools-2.9.14-150400.5.35.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.35.1
    * libxml2-2-2.9.14-150400.5.35.1
    * libxml2-python-debugsource-2.9.14-150400.5.35.1
    * libxml2-2-debuginfo-2.9.14-150400.5.35.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.35.1
    * python3-libxml2-2.9.14-150400.5.35.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * libxml2-debugsource-2.9.14-150400.5.35.1
    * libxml2-tools-2.9.14-150400.5.35.1
    * python311-libxml2-2.9.14-150400.5.35.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.35.1
    * libxml2-2-2.9.14-150400.5.35.1
    * libxml2-2-debuginfo-2.9.14-150400.5.35.1
    * libxml2-devel-2.9.14-150400.5.35.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.35.1
    * python3-libxml2-2.9.14-150400.5.35.1
    * python311-libxml2-debuginfo-2.9.14-150400.5.35.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
    * libxml2-2-32bit-debuginfo-2.9.14-150400.5.35.1
    * libxml2-2-32bit-2.9.14-150400.5.35.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * libxml2-debugsource-2.9.14-150400.5.35.1
    * libxml2-tools-2.9.14-150400.5.35.1
    * python311-libxml2-2.9.14-150400.5.35.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.35.1
    * libxml2-2-2.9.14-150400.5.35.1
    * libxml2-2-debuginfo-2.9.14-150400.5.35.1
    * libxml2-devel-2.9.14-150400.5.35.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.35.1
    * python3-libxml2-2.9.14-150400.5.35.1
    * python311-libxml2-debuginfo-2.9.14-150400.5.35.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
    * libxml2-2-32bit-debuginfo-2.9.14-150400.5.35.1
    * libxml2-2-32bit-2.9.14-150400.5.35.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * libxml2-debugsource-2.9.14-150400.5.35.1
    * libxml2-tools-2.9.14-150400.5.35.1
    * python311-libxml2-2.9.14-150400.5.35.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.35.1
    * libxml2-2-2.9.14-150400.5.35.1
    * libxml2-2-debuginfo-2.9.14-150400.5.35.1
    * libxml2-devel-2.9.14-150400.5.35.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.35.1
    * python3-libxml2-2.9.14-150400.5.35.1
    * python311-libxml2-debuginfo-2.9.14-150400.5.35.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64)
    * libxml2-2-32bit-debuginfo-2.9.14-150400.5.35.1
    * libxml2-2-32bit-2.9.14-150400.5.35.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * libxml2-debugsource-2.9.14-150400.5.35.1
    * libxml2-tools-2.9.14-150400.5.35.1
    * python311-libxml2-2.9.14-150400.5.35.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.35.1
    * libxml2-2-2.9.14-150400.5.35.1
    * libxml2-2-debuginfo-2.9.14-150400.5.35.1
    * libxml2-devel-2.9.14-150400.5.35.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.35.1
    * python3-libxml2-2.9.14-150400.5.35.1
    * python311-libxml2-debuginfo-2.9.14-150400.5.35.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
    * libxml2-2-32bit-debuginfo-2.9.14-150400.5.35.1
    * libxml2-2-32bit-2.9.14-150400.5.35.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * libxml2-2-32bit-debuginfo-2.9.14-150400.5.35.1
    * libxml2-debugsource-2.9.14-150400.5.35.1
    * libxml2-tools-2.9.14-150400.5.35.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.35.1
    * libxml2-2-32bit-2.9.14-150400.5.35.1
    * libxml2-2-2.9.14-150400.5.35.1
    * libxml2-2-debuginfo-2.9.14-150400.5.35.1
    * libxml2-devel-2.9.14-150400.5.35.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.35.1
    * python3-libxml2-2.9.14-150400.5.35.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * libxml2-2-32bit-debuginfo-2.9.14-150400.5.35.1
    * libxml2-debugsource-2.9.14-150400.5.35.1
    * libxml2-tools-2.9.14-150400.5.35.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.35.1
    * libxml2-2-32bit-2.9.14-150400.5.35.1
    * libxml2-2-2.9.14-150400.5.35.1
    * libxml2-2-debuginfo-2.9.14-150400.5.35.1
    * libxml2-devel-2.9.14-150400.5.35.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.35.1
    * python3-libxml2-2.9.14-150400.5.35.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * libxml2-debugsource-2.9.14-150400.5.35.1
    * libxml2-tools-2.9.14-150400.5.35.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.35.1
    * libxml2-2-2.9.14-150400.5.35.1
    * libxml2-2-debuginfo-2.9.14-150400.5.35.1
    * libxml2-devel-2.9.14-150400.5.35.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.35.1
    * python3-libxml2-2.9.14-150400.5.35.1
  * SUSE Manager Server 4.3 (x86_64)
    * libxml2-2-32bit-debuginfo-2.9.14-150400.5.35.1
    * libxml2-2-32bit-2.9.14-150400.5.35.1

## References:

  * https://www.suse.com/security/cve/CVE-2022-49043.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236460

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250203/33e0802a/attachment.htm>

From null at suse.de  Mon Feb  3 20:30:24 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 03 Feb 2025 20:30:24 -0000
Subject: SUSE-SU-2025:0340-1: moderate: Security update for rsync
Message-ID: <173861462419.22227.16440812066104456205@smelt2.prg2.suse.org>



# Security update for rsync

Announcement ID: SUSE-SU-2025:0340-1  
Release Date: 2025-02-03T16:32:43Z  
Rating: moderate  
References:

  * bsc#1233760

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that has one security fix can now be installed.

## Description:

This update for rsync fixes the following issues:

  * Bump rsync protocol version to 32 to show server is patched against recent
    vulnerabilities.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-340=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-340=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-340=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-340=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-340=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-340=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-340=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-340=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-340=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-340=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-340=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-340=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-340=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-340=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-340=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-340=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-340=1

## Package List:

  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * rsync-debuginfo-3.2.3-150400.3.20.1
    * rsync-debugsource-3.2.3-150400.3.20.1
    * rsync-3.2.3-150400.3.20.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * rsync-debuginfo-3.2.3-150400.3.20.1
    * rsync-debugsource-3.2.3-150400.3.20.1
    * rsync-3.2.3-150400.3.20.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * rsync-debuginfo-3.2.3-150400.3.20.1
    * rsync-debugsource-3.2.3-150400.3.20.1
    * rsync-3.2.3-150400.3.20.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * rsync-debuginfo-3.2.3-150400.3.20.1
    * rsync-debugsource-3.2.3-150400.3.20.1
    * rsync-3.2.3-150400.3.20.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * rsync-debuginfo-3.2.3-150400.3.20.1
    * rsync-debugsource-3.2.3-150400.3.20.1
    * rsync-3.2.3-150400.3.20.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * rsync-debuginfo-3.2.3-150400.3.20.1
    * rsync-debugsource-3.2.3-150400.3.20.1
    * rsync-3.2.3-150400.3.20.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * rsync-debuginfo-3.2.3-150400.3.20.1
    * rsync-debugsource-3.2.3-150400.3.20.1
    * rsync-3.2.3-150400.3.20.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * rsync-debuginfo-3.2.3-150400.3.20.1
    * rsync-debugsource-3.2.3-150400.3.20.1
    * rsync-3.2.3-150400.3.20.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * rsync-debuginfo-3.2.3-150400.3.20.1
    * rsync-debugsource-3.2.3-150400.3.20.1
    * rsync-3.2.3-150400.3.20.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * rsync-debuginfo-3.2.3-150400.3.20.1
    * rsync-debugsource-3.2.3-150400.3.20.1
    * rsync-3.2.3-150400.3.20.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * rsync-debuginfo-3.2.3-150400.3.20.1
    * rsync-debugsource-3.2.3-150400.3.20.1
    * rsync-3.2.3-150400.3.20.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * rsync-debuginfo-3.2.3-150400.3.20.1
    * rsync-debugsource-3.2.3-150400.3.20.1
    * rsync-3.2.3-150400.3.20.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * rsync-debuginfo-3.2.3-150400.3.20.1
    * rsync-debugsource-3.2.3-150400.3.20.1
    * rsync-3.2.3-150400.3.20.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * rsync-debuginfo-3.2.3-150400.3.20.1
    * rsync-debugsource-3.2.3-150400.3.20.1
    * rsync-3.2.3-150400.3.20.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * rsync-debuginfo-3.2.3-150400.3.20.1
    * rsync-debugsource-3.2.3-150400.3.20.1
    * rsync-3.2.3-150400.3.20.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * rsync-debuginfo-3.2.3-150400.3.20.1
    * rsync-debugsource-3.2.3-150400.3.20.1
    * rsync-3.2.3-150400.3.20.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * rsync-debuginfo-3.2.3-150400.3.20.1
    * rsync-debugsource-3.2.3-150400.3.20.1
    * rsync-3.2.3-150400.3.20.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1233760

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250203/72019bb6/attachment.htm>

From null at suse.de  Tue Feb  4 08:30:05 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Tue, 04 Feb 2025 08:30:05 -0000
Subject: SUSE-SU-2025:0348-1: important: Security update for libxml2
Message-ID: <173865780518.22227.10552504572970513748@smelt2.prg2.suse.org>



# Security update for libxml2

Announcement ID: SUSE-SU-2025:0348-1  
Release Date: 2025-02-04T07:10:50Z  
Rating: important  
References:

  * bsc#1236460

  
Cross-References:

  * CVE-2022-49043

  
CVSS scores:

  * CVE-2022-49043 ( SUSE ):  7.5
    CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2022-49043 ( SUSE ):  7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-49043 ( NVD ):  8.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.5
  * openSUSE Leap 15.6
  * Python 3 Module 15-SP6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for libxml2 fixes the following issues:

  * CVE-2022-49043: Fixed a use-after-free in xmlXIncludeAddNode. (bsc#1236460)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-348=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-348=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-348=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-348=1

  * Python 3 Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2025-348=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-348=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-348=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-348=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-348=1

## Package List:

  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
    * libxml2-devel-2.10.3-150500.5.20.1
    * libxml2-tools-2.10.3-150500.5.20.1
    * python3-libxml2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-tools-debuginfo-2.10.3-150500.5.20.1
    * python311-libxml2-2.10.3-150500.5.20.1
    * libxml2-2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-debugsource-2.10.3-150500.5.20.1
    * python3-libxml2-2.10.3-150500.5.20.1
    * libxml2-2-2.10.3-150500.5.20.1
    * python311-libxml2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-python-debugsource-2.10.3-150500.5.20.1
  * openSUSE Leap 15.5 (x86_64)
    * libxml2-devel-32bit-2.10.3-150500.5.20.1
    * libxml2-2-32bit-debuginfo-2.10.3-150500.5.20.1
    * libxml2-2-32bit-2.10.3-150500.5.20.1
  * openSUSE Leap 15.5 (noarch)
    * libxml2-doc-2.10.3-150500.5.20.1
  * openSUSE Leap 15.5 (aarch64_ilp32)
    * libxml2-2-64bit-2.10.3-150500.5.20.1
    * libxml2-devel-64bit-2.10.3-150500.5.20.1
    * libxml2-2-64bit-debuginfo-2.10.3-150500.5.20.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * libxml2-devel-2.10.3-150500.5.20.1
    * libxml2-tools-2.10.3-150500.5.20.1
    * python3-libxml2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-tools-debuginfo-2.10.3-150500.5.20.1
    * python311-libxml2-2.10.3-150500.5.20.1
    * libxml2-2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-debugsource-2.10.3-150500.5.20.1
    * python3-libxml2-2.10.3-150500.5.20.1
    * libxml2-2-2.10.3-150500.5.20.1
    * python311-libxml2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-python-debugsource-2.10.3-150500.5.20.1
  * openSUSE Leap 15.6 (x86_64)
    * libxml2-devel-32bit-2.10.3-150500.5.20.1
    * libxml2-2-32bit-debuginfo-2.10.3-150500.5.20.1
    * libxml2-2-32bit-2.10.3-150500.5.20.1
  * openSUSE Leap 15.6 (noarch)
    * libxml2-doc-2.10.3-150500.5.20.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * libxml2-tools-2.10.3-150500.5.20.1
    * python3-libxml2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-tools-debuginfo-2.10.3-150500.5.20.1
    * libxml2-2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-debugsource-2.10.3-150500.5.20.1
    * python3-libxml2-2.10.3-150500.5.20.1
    * libxml2-2-2.10.3-150500.5.20.1
    * libxml2-python-debugsource-2.10.3-150500.5.20.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * libxml2-devel-2.10.3-150500.5.20.1
    * libxml2-tools-2.10.3-150500.5.20.1
    * python3-libxml2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-tools-debuginfo-2.10.3-150500.5.20.1
    * libxml2-2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-debugsource-2.10.3-150500.5.20.1
    * python3-libxml2-2.10.3-150500.5.20.1
    * libxml2-2-2.10.3-150500.5.20.1
    * libxml2-python-debugsource-2.10.3-150500.5.20.1
  * Basesystem Module 15-SP6 (x86_64)
    * libxml2-2-32bit-debuginfo-2.10.3-150500.5.20.1
    * libxml2-2-32bit-2.10.3-150500.5.20.1
  * Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * python311-libxml2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-python-debugsource-2.10.3-150500.5.20.1
    * python311-libxml2-2.10.3-150500.5.20.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * libxml2-devel-2.10.3-150500.5.20.1
    * libxml2-tools-2.10.3-150500.5.20.1
    * python3-libxml2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-tools-debuginfo-2.10.3-150500.5.20.1
    * python311-libxml2-2.10.3-150500.5.20.1
    * libxml2-2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-debugsource-2.10.3-150500.5.20.1
    * python3-libxml2-2.10.3-150500.5.20.1
    * libxml2-2-2.10.3-150500.5.20.1
    * python311-libxml2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-python-debugsource-2.10.3-150500.5.20.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64)
    * libxml2-2-32bit-debuginfo-2.10.3-150500.5.20.1
    * libxml2-2-32bit-2.10.3-150500.5.20.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * libxml2-devel-2.10.3-150500.5.20.1
    * libxml2-tools-2.10.3-150500.5.20.1
    * python3-libxml2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-tools-debuginfo-2.10.3-150500.5.20.1
    * python311-libxml2-2.10.3-150500.5.20.1
    * libxml2-2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-debugsource-2.10.3-150500.5.20.1
    * python3-libxml2-2.10.3-150500.5.20.1
    * libxml2-2-2.10.3-150500.5.20.1
    * python311-libxml2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-python-debugsource-2.10.3-150500.5.20.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64)
    * libxml2-2-32bit-debuginfo-2.10.3-150500.5.20.1
    * libxml2-2-32bit-2.10.3-150500.5.20.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * libxml2-devel-2.10.3-150500.5.20.1
    * libxml2-tools-2.10.3-150500.5.20.1
    * python3-libxml2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-tools-debuginfo-2.10.3-150500.5.20.1
    * python311-libxml2-2.10.3-150500.5.20.1
    * libxml2-2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-debugsource-2.10.3-150500.5.20.1
    * python3-libxml2-2.10.3-150500.5.20.1
    * libxml2-2-2.10.3-150500.5.20.1
    * python311-libxml2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-python-debugsource-2.10.3-150500.5.20.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64)
    * libxml2-2-32bit-debuginfo-2.10.3-150500.5.20.1
    * libxml2-2-32bit-2.10.3-150500.5.20.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * libxml2-devel-2.10.3-150500.5.20.1
    * libxml2-tools-2.10.3-150500.5.20.1
    * python3-libxml2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-tools-debuginfo-2.10.3-150500.5.20.1
    * python311-libxml2-2.10.3-150500.5.20.1
    * libxml2-2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-debugsource-2.10.3-150500.5.20.1
    * python3-libxml2-2.10.3-150500.5.20.1
    * libxml2-2-2.10.3-150500.5.20.1
    * python311-libxml2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-python-debugsource-2.10.3-150500.5.20.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64)
    * libxml2-2-32bit-debuginfo-2.10.3-150500.5.20.1
    * libxml2-2-32bit-2.10.3-150500.5.20.1

## References:

  * https://www.suse.com/security/cve/CVE-2022-49043.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236460

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250204/07f34bf4/attachment.htm>

From null at suse.de  Tue Feb  4 08:30:10 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Tue, 04 Feb 2025 08:30:10 -0000
Subject: SUSE-SU-2025:0346-1: moderate: Security update for ignition
Message-ID: <173865781078.22227.16944175933877026071@smelt2.prg2.suse.org>



# Security update for ignition

Announcement ID: SUSE-SU-2025:0346-1  
Release Date: 2025-02-03T20:54:57Z  
Rating: moderate  
References:

  * bsc#1236518

  
Cross-References:

  * CVE-2023-45288

  
CVSS scores:

  * CVE-2023-45288 ( SUSE ):  6.9
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2023-45288 ( SUSE ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

  
Affected Products:

  * SUSE Linux Enterprise Micro 5.1

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for ignition fixes the following issues:

CVE-2023-45288: Fixed unclosed connections when receiving too many headers in
golang.org/x/net/http2 (bsc#1236518)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro 5.1  
    zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-346=1

## Package List:

  * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
    * ignition-debuginfo-2.14.0-150300.4.10.1
    * ignition-2.14.0-150300.4.10.1
    * ignition-dracut-grub2-2.14.0-150300.4.10.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-45288.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236518

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250204/79a2641c/attachment.htm>

From null at suse.de  Tue Feb  4 08:30:13 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Tue, 04 Feb 2025 08:30:13 -0000
Subject: SUSE-SU-2025:0345-1: moderate: Security update for openssl-1_1
Message-ID: <173865781303.22227.7168442539119055679@smelt2.prg2.suse.org>



# Security update for openssl-1_1

Announcement ID: SUSE-SU-2025:0345-1  
Release Date: 2025-02-03T20:04:08Z  
Rating: moderate  
References:

  * bsc#1236136

  
Cross-References:

  * CVE-2024-13176

  
CVSS scores:

  * CVE-2024-13176 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-13176 ( SUSE ):  5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-13176 ( NVD ):  4.1 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

  
Affected Products:

  * openSUSE Leap 15.5
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for openssl-1_1 fixes the following issues:

  * CVE-2024-13176: Fixed timing side-channel in the ECDSA signature computation
    (bsc#1236136)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-345=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-345=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-345=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-345=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-345=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-345=1

## Package List:

  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
    * libopenssl1_1-1.1.1l-150500.17.40.1
    * libopenssl1_1-hmac-1.1.1l-150500.17.40.1
    * openssl-1_1-debuginfo-1.1.1l-150500.17.40.1
    * openssl-1_1-debugsource-1.1.1l-150500.17.40.1
    * libopenssl-1_1-devel-1.1.1l-150500.17.40.1
    * libopenssl1_1-debuginfo-1.1.1l-150500.17.40.1
    * openssl-1_1-1.1.1l-150500.17.40.1
  * openSUSE Leap 15.5 (x86_64)
    * libopenssl1_1-32bit-1.1.1l-150500.17.40.1
    * libopenssl1_1-hmac-32bit-1.1.1l-150500.17.40.1
    * libopenssl1_1-32bit-debuginfo-1.1.1l-150500.17.40.1
    * libopenssl-1_1-devel-32bit-1.1.1l-150500.17.40.1
  * openSUSE Leap 15.5 (noarch)
    * openssl-1_1-doc-1.1.1l-150500.17.40.1
  * openSUSE Leap 15.5 (aarch64_ilp32)
    * libopenssl1_1-hmac-64bit-1.1.1l-150500.17.40.1
    * libopenssl1_1-64bit-1.1.1l-150500.17.40.1
    * libopenssl-1_1-devel-64bit-1.1.1l-150500.17.40.1
    * libopenssl1_1-64bit-debuginfo-1.1.1l-150500.17.40.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * libopenssl1_1-1.1.1l-150500.17.40.1
    * libopenssl1_1-hmac-1.1.1l-150500.17.40.1
    * openssl-1_1-debuginfo-1.1.1l-150500.17.40.1
    * openssl-1_1-debugsource-1.1.1l-150500.17.40.1
    * libopenssl-1_1-devel-1.1.1l-150500.17.40.1
    * libopenssl1_1-debuginfo-1.1.1l-150500.17.40.1
    * openssl-1_1-1.1.1l-150500.17.40.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * libopenssl1_1-1.1.1l-150500.17.40.1
    * libopenssl1_1-hmac-1.1.1l-150500.17.40.1
    * openssl-1_1-debuginfo-1.1.1l-150500.17.40.1
    * openssl-1_1-debugsource-1.1.1l-150500.17.40.1
    * libopenssl-1_1-devel-1.1.1l-150500.17.40.1
    * libopenssl1_1-debuginfo-1.1.1l-150500.17.40.1
    * openssl-1_1-1.1.1l-150500.17.40.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64)
    * libopenssl1_1-hmac-32bit-1.1.1l-150500.17.40.1
    * libopenssl1_1-32bit-debuginfo-1.1.1l-150500.17.40.1
    * libopenssl1_1-32bit-1.1.1l-150500.17.40.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * libopenssl1_1-1.1.1l-150500.17.40.1
    * libopenssl1_1-hmac-1.1.1l-150500.17.40.1
    * openssl-1_1-debuginfo-1.1.1l-150500.17.40.1
    * openssl-1_1-debugsource-1.1.1l-150500.17.40.1
    * libopenssl-1_1-devel-1.1.1l-150500.17.40.1
    * libopenssl1_1-debuginfo-1.1.1l-150500.17.40.1
    * openssl-1_1-1.1.1l-150500.17.40.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64)
    * libopenssl1_1-hmac-32bit-1.1.1l-150500.17.40.1
    * libopenssl1_1-32bit-debuginfo-1.1.1l-150500.17.40.1
    * libopenssl1_1-32bit-1.1.1l-150500.17.40.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * libopenssl1_1-1.1.1l-150500.17.40.1
    * libopenssl1_1-hmac-1.1.1l-150500.17.40.1
    * openssl-1_1-debuginfo-1.1.1l-150500.17.40.1
    * openssl-1_1-debugsource-1.1.1l-150500.17.40.1
    * libopenssl-1_1-devel-1.1.1l-150500.17.40.1
    * libopenssl1_1-debuginfo-1.1.1l-150500.17.40.1
    * openssl-1_1-1.1.1l-150500.17.40.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64)
    * libopenssl1_1-hmac-32bit-1.1.1l-150500.17.40.1
    * libopenssl1_1-32bit-debuginfo-1.1.1l-150500.17.40.1
    * libopenssl1_1-32bit-1.1.1l-150500.17.40.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * libopenssl1_1-1.1.1l-150500.17.40.1
    * libopenssl1_1-hmac-1.1.1l-150500.17.40.1
    * openssl-1_1-debuginfo-1.1.1l-150500.17.40.1
    * openssl-1_1-debugsource-1.1.1l-150500.17.40.1
    * libopenssl-1_1-devel-1.1.1l-150500.17.40.1
    * libopenssl1_1-debuginfo-1.1.1l-150500.17.40.1
    * openssl-1_1-1.1.1l-150500.17.40.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64)
    * libopenssl1_1-hmac-32bit-1.1.1l-150500.17.40.1
    * libopenssl1_1-32bit-debuginfo-1.1.1l-150500.17.40.1
    * libopenssl1_1-32bit-1.1.1l-150500.17.40.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-13176.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236136

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250204/db7052bc/attachment.htm>

From null at suse.de  Thu Feb  6 16:30:11 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Thu, 06 Feb 2025 16:30:11 -0000
Subject: SUSE-SU-2025:0380-1: moderate: Security update for wget
Message-ID: <173885941112.21757.1300167896040240715@smelt2.prg2.suse.org>



# Security update for wget

Announcement ID: SUSE-SU-2025:0380-1  
Release Date: 2025-02-06T14:44:25Z  
Rating: moderate  
References:

  * bsc#1185551
  * bsc#1230795

  
Cross-References:

  * CVE-2021-31879

  
CVSS scores:

  * CVE-2021-31879 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
  * CVE-2021-31879 ( NVD ):  6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

  
Affected Products:

  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for wget fixes the following issues:

  * CVE-2021-31879: Authorization header disclosed upon redirects to different
    origins. (bsc#1185551)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-380=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * wget-debuginfo-1.14-21.22.1
    * wget-1.14-21.22.1
    * wget-debugsource-1.14-21.22.1

## References:

  * https://www.suse.com/security/cve/CVE-2021-31879.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1185551
  * https://bugzilla.suse.com/show_bug.cgi?id=1230795

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250206/bd66b441/attachment.htm>

From null at suse.de  Thu Feb  6 16:30:17 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Thu, 06 Feb 2025 16:30:17 -0000
Subject: SUSE-SU-2025:0377-1: moderate: Security update for
 google-osconfig-agent
Message-ID: <173885941783.21757.6150471912909394260@smelt2.prg2.suse.org>



# Security update for google-osconfig-agent

Announcement ID: SUSE-SU-2025:0377-1  
Release Date: 2025-02-05T19:31:14Z  
Rating: moderate  
References:

  * bsc#1225974
  * bsc#1236406
  * bsc#1236407

  
Cross-References:

  * CVE-2024-24790

  
CVSS scores:

  * CVE-2024-24790 ( SUSE ):  6.2 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L
  * CVE-2024-24790 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * Public Cloud Module 12
  * SUSE Linux Enterprise High Performance Computing 12 SP2
  * SUSE Linux Enterprise High Performance Computing 12 SP3
  * SUSE Linux Enterprise High Performance Computing 12 SP4
  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12
  * SUSE Linux Enterprise Server 12 SP1
  * SUSE Linux Enterprise Server 12 SP2
  * SUSE Linux Enterprise Server 12 SP3
  * SUSE Linux Enterprise Server 12 SP4
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server for SAP Applications 12
  * SUSE Linux Enterprise Server for SAP Applications 12 SP1
  * SUSE Linux Enterprise Server for SAP Applications 12 SP2
  * SUSE Linux Enterprise Server for SAP Applications 12 SP3
  * SUSE Linux Enterprise Server for SAP Applications 12 SP4
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability and has two security fixes can now be
installed.

## Description:

This update for google-osconfig-agent fixes the following issues:

  * Update to version 20250115.01 (bsc#1236406, bsc#1236407)
  * CVE-2024-24790: Bump the golang compiler version to 1.22.4 (bsc#1225974)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * Public Cloud Module 12  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2025-377=1

## Package List:

  * Public Cloud Module 12 (aarch64 ppc64le s390x x86_64)
    * google-osconfig-agent-20250115.01-1.32.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-24790.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1225974
  * https://bugzilla.suse.com/show_bug.cgi?id=1236406
  * https://bugzilla.suse.com/show_bug.cgi?id=1236407

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250206/405e166f/attachment.htm>

From null at suse.de  Thu Feb  6 16:30:32 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Thu, 06 Feb 2025 16:30:32 -0000
Subject: SUSE-SU-2025:0374-1: important: Security update for MozillaFirefox
Message-ID: <173885943233.21757.6355758320235794818@smelt2.prg2.suse.org>



# Security update for MozillaFirefox

Announcement ID: SUSE-SU-2025:0374-1  
Release Date: 2025-02-05T15:39:02Z  
Rating: important  
References:

  * bsc#1236539

  
Cross-References:

  * CVE-2024-11704
  * CVE-2025-1009
  * CVE-2025-1010
  * CVE-2025-1011
  * CVE-2025-1012
  * CVE-2025-1013
  * CVE-2025-1014
  * CVE-2025-1016
  * CVE-2025-1017

  
CVSS scores:

  * CVE-2024-11704 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1009 ( SUSE ):  7.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
  * CVE-2025-1009 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1010 ( SUSE ):  7.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
  * CVE-2025-1010 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1011 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1011 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1012 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1012 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1013 ( SUSE ):  3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
  * CVE-2025-1013 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
  * CVE-2025-1014 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  * CVE-2025-1016 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1017 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

  
Affected Products:

  * Desktop Applications Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves nine vulnerabilities can now be installed.

## Description:

This update for MozillaFirefox to 128.7esr fixes the following issues:

  * MFSA 2025-09
  * CVE-2025-1009 (bmo#1936613) Use-after-free in XSLT
  * CVE-2025-1010 (bmo#1936982) Use-after-free in Custom Highlight
  * CVE-2025-1011 (bmo#1936454) A bug in WebAssembly code generation could
    result in a crash
  * CVE-2025-1012 (bmo#1939710) Use-after-free during concurrent delazification
  * CVE-2024-11704 (bmo#1899402) Potential double-free vulnerability in PKCS#7
    decryption handling
  * CVE-2025-1013 (bmo#1932555) Potential opening of private browsing tabs in
    normal browsing windows
  * CVE-2025-1014 (bmo#1940804) Certificate length was not properly checked
  * CVE-2025-1016 (bmo#1936601, bmo#1936844, bmo#1937694, bmo#1938469,
    bmo#1939583, bmo#1940994) Memory safety bugs fixed in Firefox 135,
    Thunderbird 135, Firefox ESR 115.20, Firefox ESR 128.7, Thunderbird 115.20,
    and Thunderbird 128.7
  * CVE-2025-1017 (bmo#1926256, bmo#1935471, bmo#1935984) Memory safety bugs
    fixed in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird
    128.7

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-374=1

  * Desktop Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-374=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-374=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-374=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-374=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-374=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-374=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-374=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-374=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-374=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-374=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-374=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-374=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-374=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * MozillaFirefox-debugsource-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-common-128.7.0-150200.152.170.1
    * MozillaFirefox-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-other-128.7.0-150200.152.170.1
    * MozillaFirefox-debuginfo-128.7.0-150200.152.170.1
    * MozillaFirefox-branding-upstream-128.7.0-150200.152.170.1
  * openSUSE Leap 15.6 (noarch)
    * MozillaFirefox-devel-128.7.0-150200.152.170.1
  * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * MozillaFirefox-debugsource-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-common-128.7.0-150200.152.170.1
    * MozillaFirefox-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-other-128.7.0-150200.152.170.1
    * MozillaFirefox-debuginfo-128.7.0-150200.152.170.1
  * Desktop Applications Module 15-SP6 (noarch)
    * MozillaFirefox-devel-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * MozillaFirefox-debugsource-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-common-128.7.0-150200.152.170.1
    * MozillaFirefox-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-other-128.7.0-150200.152.170.1
    * MozillaFirefox-debuginfo-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * MozillaFirefox-devel-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * MozillaFirefox-debugsource-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-common-128.7.0-150200.152.170.1
    * MozillaFirefox-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-other-128.7.0-150200.152.170.1
    * MozillaFirefox-debuginfo-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * MozillaFirefox-devel-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * MozillaFirefox-debugsource-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-common-128.7.0-150200.152.170.1
    * MozillaFirefox-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-other-128.7.0-150200.152.170.1
    * MozillaFirefox-debuginfo-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * MozillaFirefox-devel-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * MozillaFirefox-debugsource-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-common-128.7.0-150200.152.170.1
    * MozillaFirefox-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-other-128.7.0-150200.152.170.1
    * MozillaFirefox-debuginfo-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * MozillaFirefox-devel-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * MozillaFirefox-debugsource-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-common-128.7.0-150200.152.170.1
    * MozillaFirefox-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-other-128.7.0-150200.152.170.1
    * MozillaFirefox-debuginfo-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * MozillaFirefox-devel-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * MozillaFirefox-debugsource-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-common-128.7.0-150200.152.170.1
    * MozillaFirefox-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-other-128.7.0-150200.152.170.1
    * MozillaFirefox-debuginfo-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * MozillaFirefox-devel-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * MozillaFirefox-debugsource-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-common-128.7.0-150200.152.170.1
    * MozillaFirefox-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-other-128.7.0-150200.152.170.1
    * MozillaFirefox-debuginfo-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * MozillaFirefox-devel-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * MozillaFirefox-debugsource-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-common-128.7.0-150200.152.170.1
    * MozillaFirefox-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-other-128.7.0-150200.152.170.1
    * MozillaFirefox-debuginfo-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * MozillaFirefox-devel-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * MozillaFirefox-debugsource-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-common-128.7.0-150200.152.170.1
    * MozillaFirefox-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-other-128.7.0-150200.152.170.1
    * MozillaFirefox-debuginfo-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * MozillaFirefox-devel-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * MozillaFirefox-debugsource-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-common-128.7.0-150200.152.170.1
    * MozillaFirefox-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-other-128.7.0-150200.152.170.1
    * MozillaFirefox-debuginfo-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * MozillaFirefox-devel-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * MozillaFirefox-debugsource-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-common-128.7.0-150200.152.170.1
    * MozillaFirefox-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-other-128.7.0-150200.152.170.1
    * MozillaFirefox-debuginfo-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * MozillaFirefox-devel-128.7.0-150200.152.170.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * MozillaFirefox-debugsource-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-common-128.7.0-150200.152.170.1
    * MozillaFirefox-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-other-128.7.0-150200.152.170.1
    * MozillaFirefox-debuginfo-128.7.0-150200.152.170.1
  * SUSE Enterprise Storage 7.1 (noarch)
    * MozillaFirefox-devel-128.7.0-150200.152.170.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-11704.html
  * https://www.suse.com/security/cve/CVE-2025-1009.html
  * https://www.suse.com/security/cve/CVE-2025-1010.html
  * https://www.suse.com/security/cve/CVE-2025-1011.html
  * https://www.suse.com/security/cve/CVE-2025-1012.html
  * https://www.suse.com/security/cve/CVE-2025-1013.html
  * https://www.suse.com/security/cve/CVE-2025-1014.html
  * https://www.suse.com/security/cve/CVE-2025-1016.html
  * https://www.suse.com/security/cve/CVE-2025-1017.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236539

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250206/ef0eb062/attachment.htm>

From null at suse.de  Thu Feb  6 16:30:35 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Thu, 06 Feb 2025 16:30:35 -0000
Subject: SUSE-SU-2025:0372-1: moderate: Security update for curl
Message-ID: <173885943561.21757.11036946466774629027@smelt2.prg2.suse.org>



# Security update for curl

Announcement ID: SUSE-SU-2025:0372-1  
Release Date: 2025-02-05T15:36:19Z  
Rating: moderate  
References:

  * bsc#1236588
  * bsc#1236590

  
Cross-References:

  * CVE-2025-0167
  * CVE-2025-0725

  
CVSS scores:

  * CVE-2025-0167 ( SUSE ):  5.9
    CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-0167 ( SUSE ):  5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
  * CVE-2025-0725 ( SUSE ):  5.3
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-0725 ( SUSE ):  4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2025-0725 ( NVD ):  7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

  
Affected Products:

  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.2
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for curl fixes the following issues:

  * CVE-2025-0725: Fixed gzip integer overflow (bsc#1236590)
  * CVE-2025-0167: Fixed netrc and default credential leak (bsc#1236588)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-372=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-372=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-372=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-372=1

  * SUSE Linux Enterprise Micro 5.1  
    zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-372=1

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-372=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-372=1

## Package List:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * libcurl4-debuginfo-7.66.0-150200.4.84.1
    * curl-debuginfo-7.66.0-150200.4.84.1
    * libcurl4-7.66.0-150200.4.84.1
    * curl-debugsource-7.66.0-150200.4.84.1
    * curl-7.66.0-150200.4.84.1
    * libcurl-devel-7.66.0-150200.4.84.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64)
    * libcurl4-32bit-debuginfo-7.66.0-150200.4.84.1
    * libcurl4-32bit-7.66.0-150200.4.84.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * libcurl4-debuginfo-7.66.0-150200.4.84.1
    * curl-debuginfo-7.66.0-150200.4.84.1
    * libcurl4-7.66.0-150200.4.84.1
    * curl-debugsource-7.66.0-150200.4.84.1
    * curl-7.66.0-150200.4.84.1
    * libcurl-devel-7.66.0-150200.4.84.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (x86_64)
    * libcurl4-32bit-debuginfo-7.66.0-150200.4.84.1
    * libcurl4-32bit-7.66.0-150200.4.84.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * libcurl4-debuginfo-7.66.0-150200.4.84.1
    * curl-debuginfo-7.66.0-150200.4.84.1
    * libcurl4-7.66.0-150200.4.84.1
    * curl-debugsource-7.66.0-150200.4.84.1
    * curl-7.66.0-150200.4.84.1
    * libcurl-devel-7.66.0-150200.4.84.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64)
    * libcurl4-32bit-debuginfo-7.66.0-150200.4.84.1
    * libcurl4-32bit-7.66.0-150200.4.84.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * libcurl4-debuginfo-7.66.0-150200.4.84.1
    * curl-debuginfo-7.66.0-150200.4.84.1
    * libcurl4-7.66.0-150200.4.84.1
    * curl-debugsource-7.66.0-150200.4.84.1
    * curl-7.66.0-150200.4.84.1
    * libcurl-devel-7.66.0-150200.4.84.1
  * SUSE Enterprise Storage 7.1 (x86_64)
    * libcurl4-32bit-debuginfo-7.66.0-150200.4.84.1
    * libcurl4-32bit-7.66.0-150200.4.84.1
  * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
    * libcurl4-debuginfo-7.66.0-150200.4.84.1
    * curl-debuginfo-7.66.0-150200.4.84.1
    * libcurl4-7.66.0-150200.4.84.1
    * curl-debugsource-7.66.0-150200.4.84.1
    * curl-7.66.0-150200.4.84.1
  * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
    * libcurl4-debuginfo-7.66.0-150200.4.84.1
    * curl-debuginfo-7.66.0-150200.4.84.1
    * libcurl4-7.66.0-150200.4.84.1
    * curl-debugsource-7.66.0-150200.4.84.1
    * curl-7.66.0-150200.4.84.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
    * libcurl4-debuginfo-7.66.0-150200.4.84.1
    * curl-debuginfo-7.66.0-150200.4.84.1
    * libcurl4-7.66.0-150200.4.84.1
    * curl-debugsource-7.66.0-150200.4.84.1
    * curl-7.66.0-150200.4.84.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-0167.html
  * https://www.suse.com/security/cve/CVE-2025-0725.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236588
  * https://bugzilla.suse.com/show_bug.cgi?id=1236590

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250206/13897d48/attachment.htm>

From null at suse.de  Thu Feb  6 16:30:38 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Thu, 06 Feb 2025 16:30:38 -0000
Subject: SUSE-SU-2025:0371-1: moderate: Security update for curl
Message-ID: <173885943839.21757.1876398595596767346@smelt2.prg2.suse.org>



# Security update for curl

Announcement ID: SUSE-SU-2025:0371-1  
Release Date: 2025-02-05T15:35:00Z  
Rating: moderate  
References:

  * bsc#1236588
  * bsc#1236590

  
Cross-References:

  * CVE-2025-0167
  * CVE-2025-0725

  
CVSS scores:

  * CVE-2025-0167 ( SUSE ):  5.9
    CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-0167 ( SUSE ):  5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
  * CVE-2025-0725 ( SUSE ):  5.3
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-0725 ( SUSE ):  4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2025-0725 ( NVD ):  7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for curl fixes the following issues:

  * CVE-2025-0725: Fixed gzip integer overflow (bsc#1236590)
  * CVE-2025-0167: Fixed netrc and default credential leak (bsc#1236588)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-371=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-371=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * libcurl4-8.0.1-11.105.1
    * curl-debugsource-8.0.1-11.105.1
    * libcurl-devel-8.0.1-11.105.1
    * curl-8.0.1-11.105.1
    * libcurl4-debuginfo-8.0.1-11.105.1
    * curl-debuginfo-8.0.1-11.105.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64)
    * libcurl4-32bit-8.0.1-11.105.1
    * libcurl4-debuginfo-32bit-8.0.1-11.105.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * libcurl4-8.0.1-11.105.1
    * curl-debugsource-8.0.1-11.105.1
    * libcurl-devel-8.0.1-11.105.1
    * libcurl4-debuginfo-32bit-8.0.1-11.105.1
    * curl-8.0.1-11.105.1
    * libcurl4-debuginfo-8.0.1-11.105.1
    * libcurl4-32bit-8.0.1-11.105.1
    * curl-debuginfo-8.0.1-11.105.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-0167.html
  * https://www.suse.com/security/cve/CVE-2025-0725.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236588
  * https://bugzilla.suse.com/show_bug.cgi?id=1236590

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250206/0d473fd5/attachment.htm>

From null at suse.de  Thu Feb  6 16:30:41 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Thu, 06 Feb 2025 16:30:41 -0000
Subject: SUSE-SU-2025:0370-1: moderate: Security update for curl
Message-ID: <173885944130.21757.15951005158372197095@smelt2.prg2.suse.org>



# Security update for curl

Announcement ID: SUSE-SU-2025:0370-1  
Release Date: 2025-02-05T15:34:46Z  
Rating: moderate  
References:

  * bsc#1236588
  * bsc#1236590

  
Cross-References:

  * CVE-2025-0167
  * CVE-2025-0725

  
CVSS scores:

  * CVE-2025-0167 ( SUSE ):  5.9
    CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-0167 ( SUSE ):  5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
  * CVE-2025-0725 ( SUSE ):  5.3
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-0725 ( SUSE ):  4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2025-0725 ( NVD ):  7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise Desktop 15 SP4
  * SUSE Linux Enterprise Desktop 15 SP5
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for curl fixes the following issues:

  * CVE-2025-0725: Fixed gzip integer overflow (bsc#1236590)
  * CVE-2025-0167: Fixed netrc and default credential leak (bsc#1236588)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-370=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-370=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-370=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-370=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2025-370=1 SUSE-SLE-Product-
SLES_SAP-15-SP4-2025-370=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2025-370=1 SUSE-SLE-Product-
SLES_SAP-15-SP5-2025-370=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2025-370=1 SUSE-SLE-Product-SUSE-
Manager-Proxy-4.3-2025-370=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2025-370=1 SUSE-SLE-Product-SUSE-
Manager-Retail-Branch-Server-4.3-2025-370=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-370=1 SUSE-
SLE-INSTALLER-15-SP4-2025-370=1

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-370=1

  * SUSE Linux Enterprise High Performance Computing 15 SP4  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2025-370=1

  * SUSE Linux Enterprise Server 15 SP4  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2025-370=1

  * SUSE Linux Enterprise Desktop 15 SP4  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2025-370=1

  * SUSE Linux Enterprise High Performance Computing 15 SP5  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2025-370=1

  * SUSE Linux Enterprise Server 15 SP5  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2025-370=1

  * SUSE Linux Enterprise Desktop 15 SP5  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2025-370=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-370=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-370=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-370=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-370=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-370=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-370=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-370=1

## Package List:

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * curl-debuginfo-8.0.1-150400.5.62.1
    * curl-debugsource-8.0.1-150400.5.62.1
    * libcurl4-8.0.1-150400.5.62.1
    * libcurl-devel-8.0.1-150400.5.62.1
    * libcurl4-debuginfo-8.0.1-150400.5.62.1
    * curl-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64)
    * libcurl4-32bit-debuginfo-8.0.1-150400.5.62.1
    * libcurl4-32bit-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * curl-debuginfo-8.0.1-150400.5.62.1
    * curl-debugsource-8.0.1-150400.5.62.1
    * libcurl4-8.0.1-150400.5.62.1
    * libcurl-devel-8.0.1-150400.5.62.1
    * libcurl4-debuginfo-8.0.1-150400.5.62.1
    * curl-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64)
    * libcurl4-32bit-debuginfo-8.0.1-150400.5.62.1
    * libcurl4-32bit-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * curl-debuginfo-8.0.1-150400.5.62.1
    * curl-debugsource-8.0.1-150400.5.62.1
    * libcurl4-8.0.1-150400.5.62.1
    * libcurl-devel-8.0.1-150400.5.62.1
    * libcurl4-debuginfo-8.0.1-150400.5.62.1
    * curl-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64)
    * libcurl4-32bit-debuginfo-8.0.1-150400.5.62.1
    * libcurl4-32bit-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * curl-debuginfo-8.0.1-150400.5.62.1
    * curl-debugsource-8.0.1-150400.5.62.1
    * libcurl4-8.0.1-150400.5.62.1
    * libcurl-devel-8.0.1-150400.5.62.1
    * libcurl4-debuginfo-8.0.1-150400.5.62.1
    * curl-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64)
    * libcurl4-32bit-debuginfo-8.0.1-150400.5.62.1
    * libcurl4-32bit-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * curl-debuginfo-8.0.1-150400.5.62.1
    * curl-debugsource-8.0.1-150400.5.62.1
    * libcurl4-8.0.1-150400.5.62.1
    * libcurl-devel-8.0.1-150400.5.62.1
    * libcurl4-debuginfo-8.0.1-150400.5.62.1
    * curl-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
    * libcurl4-32bit-debuginfo-8.0.1-150400.5.62.1
    * libcurl4-32bit-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * curl-debuginfo-8.0.1-150400.5.62.1
    * curl-debugsource-8.0.1-150400.5.62.1
    * libcurl4-8.0.1-150400.5.62.1
    * libcurl-devel-8.0.1-150400.5.62.1
    * libcurl4-debuginfo-8.0.1-150400.5.62.1
    * curl-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64)
    * libcurl4-32bit-debuginfo-8.0.1-150400.5.62.1
    * libcurl4-32bit-8.0.1-150400.5.62.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * curl-debuginfo-8.0.1-150400.5.62.1
    * curl-debugsource-8.0.1-150400.5.62.1
    * libcurl4-8.0.1-150400.5.62.1
    * libcurl-devel-8.0.1-150400.5.62.1
    * libcurl4-debuginfo-8.0.1-150400.5.62.1
    * curl-8.0.1-150400.5.62.1
    * libcurl4-32bit-debuginfo-8.0.1-150400.5.62.1
    * libcurl4-32bit-8.0.1-150400.5.62.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * curl-debuginfo-8.0.1-150400.5.62.1
    * curl-debugsource-8.0.1-150400.5.62.1
    * libcurl4-8.0.1-150400.5.62.1
    * libcurl-devel-8.0.1-150400.5.62.1
    * libcurl4-debuginfo-8.0.1-150400.5.62.1
    * curl-8.0.1-150400.5.62.1
    * libcurl4-32bit-debuginfo-8.0.1-150400.5.62.1
    * libcurl4-32bit-8.0.1-150400.5.62.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * curl-debuginfo-8.0.1-150400.5.62.1
    * curl-debugsource-8.0.1-150400.5.62.1
    * libcurl4-8.0.1-150400.5.62.1
    * libcurl-devel-8.0.1-150400.5.62.1
    * libcurl4-debuginfo-8.0.1-150400.5.62.1
    * curl-8.0.1-150400.5.62.1
  * SUSE Manager Server 4.3 (x86_64)
    * libcurl4-32bit-debuginfo-8.0.1-150400.5.62.1
    * libcurl4-32bit-8.0.1-150400.5.62.1
  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * curl-debuginfo-8.0.1-150400.5.62.1
    * curl-debugsource-8.0.1-150400.5.62.1
    * libcurl4-8.0.1-150400.5.62.1
    * libcurl-devel-8.0.1-150400.5.62.1
    * libcurl4-debuginfo-8.0.1-150400.5.62.1
    * curl-8.0.1-150400.5.62.1
  * openSUSE Leap 15.4 (x86_64)
    * libcurl4-32bit-debuginfo-8.0.1-150400.5.62.1
    * libcurl-devel-32bit-8.0.1-150400.5.62.1
    * libcurl4-32bit-8.0.1-150400.5.62.1
  * openSUSE Leap 15.4 (aarch64_ilp32)
    * libcurl4-64bit-debuginfo-8.0.1-150400.5.62.1
    * libcurl-devel-64bit-8.0.1-150400.5.62.1
    * libcurl4-64bit-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise High Performance Computing 15 SP4 (aarch64 x86_64)
    * libcurl4-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise Server 15 SP4 (aarch64 ppc64le s390x x86_64)
    * libcurl4-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise Desktop 15 SP4 (x86_64)
    * libcurl4-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise High Performance Computing 15 SP5 (aarch64 x86_64)
    * libcurl4-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise Server 15 SP5 (aarch64 ppc64le s390x x86_64)
    * libcurl4-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise Desktop 15 SP5 (x86_64)
    * libcurl4-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * curl-debuginfo-8.0.1-150400.5.62.1
    * curl-debugsource-8.0.1-150400.5.62.1
    * libcurl4-8.0.1-150400.5.62.1
    * libcurl4-debuginfo-8.0.1-150400.5.62.1
    * curl-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * curl-debuginfo-8.0.1-150400.5.62.1
    * curl-debugsource-8.0.1-150400.5.62.1
    * libcurl4-8.0.1-150400.5.62.1
    * libcurl4-debuginfo-8.0.1-150400.5.62.1
    * curl-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * curl-debuginfo-8.0.1-150400.5.62.1
    * curl-debugsource-8.0.1-150400.5.62.1
    * libcurl4-8.0.1-150400.5.62.1
    * libcurl4-debuginfo-8.0.1-150400.5.62.1
    * curl-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * curl-debuginfo-8.0.1-150400.5.62.1
    * curl-debugsource-8.0.1-150400.5.62.1
    * libcurl4-8.0.1-150400.5.62.1
    * libcurl4-debuginfo-8.0.1-150400.5.62.1
    * curl-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * curl-debuginfo-8.0.1-150400.5.62.1
    * curl-debugsource-8.0.1-150400.5.62.1
    * libcurl4-8.0.1-150400.5.62.1
    * libcurl4-debuginfo-8.0.1-150400.5.62.1
    * curl-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * curl-debuginfo-8.0.1-150400.5.62.1
    * curl-debugsource-8.0.1-150400.5.62.1
    * libcurl4-8.0.1-150400.5.62.1
    * libcurl-devel-8.0.1-150400.5.62.1
    * libcurl4-debuginfo-8.0.1-150400.5.62.1
    * curl-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
    * libcurl4-32bit-debuginfo-8.0.1-150400.5.62.1
    * libcurl4-32bit-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * curl-debuginfo-8.0.1-150400.5.62.1
    * curl-debugsource-8.0.1-150400.5.62.1
    * libcurl4-8.0.1-150400.5.62.1
    * libcurl-devel-8.0.1-150400.5.62.1
    * libcurl4-debuginfo-8.0.1-150400.5.62.1
    * curl-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
    * libcurl4-32bit-debuginfo-8.0.1-150400.5.62.1
    * libcurl4-32bit-8.0.1-150400.5.62.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-0167.html
  * https://www.suse.com/security/cve/CVE-2025-0725.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236588
  * https://bugzilla.suse.com/show_bug.cgi?id=1236590

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250206/5115cb31/attachment.htm>

From null at suse.de  Thu Feb  6 16:30:44 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Thu, 06 Feb 2025 16:30:44 -0000
Subject: SUSE-SU-2025:0369-1: moderate: Security update for curl
Message-ID: <173885944447.21757.131029279324273813@smelt2.prg2.suse.org>



# Security update for curl

Announcement ID: SUSE-SU-2025:0369-1  
Release Date: 2025-02-05T15:32:42Z  
Rating: moderate  
References:

  * bsc#1236588
  * bsc#1236590

  
Cross-References:

  * CVE-2025-0167
  * CVE-2025-0725

  
CVSS scores:

  * CVE-2025-0167 ( SUSE ):  5.9
    CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-0167 ( SUSE ):  5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
  * CVE-2025-0725 ( SUSE ):  5.3
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-0725 ( SUSE ):  4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2025-0725 ( NVD ):  7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for curl fixes the following issues:

  * CVE-2025-0725: Fixed gzip integer overflow (bsc#1236590)
  * CVE-2025-0167: Fixed netrc and default credential leak (bsc#1236588)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-369=1 openSUSE-SLE-15.6-2025-369=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-369=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * curl-debugsource-8.6.0-150600.4.21.1
    * libcurl4-8.6.0-150600.4.21.1
    * curl-debuginfo-8.6.0-150600.4.21.1
    * libcurl-devel-8.6.0-150600.4.21.1
    * curl-8.6.0-150600.4.21.1
    * libcurl4-debuginfo-8.6.0-150600.4.21.1
  * openSUSE Leap 15.6 (x86_64)
    * libcurl-devel-32bit-8.6.0-150600.4.21.1
    * libcurl4-32bit-8.6.0-150600.4.21.1
    * libcurl4-32bit-debuginfo-8.6.0-150600.4.21.1
  * openSUSE Leap 15.6 (aarch64_ilp32)
    * libcurl4-64bit-8.6.0-150600.4.21.1
    * libcurl4-64bit-debuginfo-8.6.0-150600.4.21.1
    * libcurl-devel-64bit-8.6.0-150600.4.21.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * curl-debugsource-8.6.0-150600.4.21.1
    * libcurl4-8.6.0-150600.4.21.1
    * curl-debuginfo-8.6.0-150600.4.21.1
    * libcurl-devel-8.6.0-150600.4.21.1
    * curl-8.6.0-150600.4.21.1
    * libcurl4-debuginfo-8.6.0-150600.4.21.1
  * Basesystem Module 15-SP6 (x86_64)
    * libcurl4-32bit-8.6.0-150600.4.21.1
    * libcurl4-32bit-debuginfo-8.6.0-150600.4.21.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-0167.html
  * https://www.suse.com/security/cve/CVE-2025-0725.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236588
  * https://bugzilla.suse.com/show_bug.cgi?id=1236590

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250206/43e88f1b/attachment.htm>

From null at suse.de  Thu Feb  6 16:30:50 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Thu, 06 Feb 2025 16:30:50 -0000
Subject: SUSE-SU-2025:0366-1: moderate: Security update for wget
Message-ID: <173885945090.21757.5480964004494134371@smelt2.prg2.suse.org>



# Security update for wget

Announcement ID: SUSE-SU-2025:0366-1  
Release Date: 2025-02-05T10:57:47Z  
Rating: moderate  
References:

  * bsc#1185551
  * bsc#1230795

  
Cross-References:

  * CVE-2021-31879

  
CVSS scores:

  * CVE-2021-31879 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
  * CVE-2021-31879 ( NVD ):  6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

  
Affected Products:

  * SUSE Linux Enterprise Micro 5.5

  
  
An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for wget fixes the following issues:

  * CVE-2021-31879: Authorization header disclosed upon redirects to different
    origins. (bsc#1185551)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-366=1

## Package List:

  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * wget-1.20.3-150000.3.29.1
    * wget-debuginfo-1.20.3-150000.3.29.1
    * wget-debugsource-1.20.3-150000.3.29.1

## References:

  * https://www.suse.com/security/cve/CVE-2021-31879.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1185551
  * https://bugzilla.suse.com/show_bug.cgi?id=1230795

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250206/670e4579/attachment.htm>

From null at suse.de  Thu Feb  6 16:31:11 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Thu, 06 Feb 2025 16:31:11 -0000
Subject: SUSE-SU-2025:0359-1: important: Security update for bind
Message-ID: <173885947148.21757.7883456623260482528@smelt2.prg2.suse.org>



# Security update for bind

Announcement ID: SUSE-SU-2025:0359-1  
Release Date: 2025-02-05T09:09:07Z  
Rating: important  
References:

  * bsc#1236596

  
Cross-References:

  * CVE-2024-11187

  
CVSS scores:

  * CVE-2024-11187 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-11187 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-11187 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * openSUSE Leap 15.5
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for bind fixes the following issues:

  * CVE-2024-11187: Fixes CPU exhaustion caused by many records in the
    additional section (bsc#1236596)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-359=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-359=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-359=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-359=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-359=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-359=1

## Package List:

  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
    * bind-9.16.50-150500.8.24.1
    * bind-utils-debuginfo-9.16.50-150500.8.24.1
    * bind-debugsource-9.16.50-150500.8.24.1
    * bind-utils-9.16.50-150500.8.24.1
    * bind-debuginfo-9.16.50-150500.8.24.1
  * openSUSE Leap 15.5 (noarch)
    * python3-bind-9.16.50-150500.8.24.1
    * bind-doc-9.16.50-150500.8.24.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * bind-utils-debuginfo-9.16.50-150500.8.24.1
    * bind-utils-9.16.50-150500.8.24.1
  * SUSE Linux Enterprise Micro 5.5 (noarch)
    * python3-bind-9.16.50-150500.8.24.1
  * SUSE Linux Enterprise Micro 5.5 (x86_64)
    * bind-debuginfo-9.16.50-150500.8.24.1
    * bind-debugsource-9.16.50-150500.8.24.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * bind-9.16.50-150500.8.24.1
    * bind-utils-debuginfo-9.16.50-150500.8.24.1
    * bind-debugsource-9.16.50-150500.8.24.1
    * bind-utils-9.16.50-150500.8.24.1
    * bind-debuginfo-9.16.50-150500.8.24.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * python3-bind-9.16.50-150500.8.24.1
    * bind-doc-9.16.50-150500.8.24.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * bind-9.16.50-150500.8.24.1
    * bind-utils-debuginfo-9.16.50-150500.8.24.1
    * bind-debugsource-9.16.50-150500.8.24.1
    * bind-utils-9.16.50-150500.8.24.1
    * bind-debuginfo-9.16.50-150500.8.24.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * python3-bind-9.16.50-150500.8.24.1
    * bind-doc-9.16.50-150500.8.24.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * bind-9.16.50-150500.8.24.1
    * bind-utils-debuginfo-9.16.50-150500.8.24.1
    * bind-debugsource-9.16.50-150500.8.24.1
    * bind-utils-9.16.50-150500.8.24.1
    * bind-debuginfo-9.16.50-150500.8.24.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * python3-bind-9.16.50-150500.8.24.1
    * bind-doc-9.16.50-150500.8.24.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * bind-9.16.50-150500.8.24.1
    * bind-utils-debuginfo-9.16.50-150500.8.24.1
    * bind-debugsource-9.16.50-150500.8.24.1
    * bind-utils-9.16.50-150500.8.24.1
    * bind-debuginfo-9.16.50-150500.8.24.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * python3-bind-9.16.50-150500.8.24.1
    * bind-doc-9.16.50-150500.8.24.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-11187.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236596

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250206/a7ab6c5b/attachment.htm>

From null at suse.de  Thu Feb  6 16:31:16 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Thu, 06 Feb 2025 16:31:16 -0000
Subject: SUSE-SU-2025:0357-1: moderate: Security update for etcd
Message-ID: <173885947626.21757.13580739296861272959@smelt2.prg2.suse.org>



# Security update for etcd

Announcement ID: SUSE-SU-2025:0357-1  
Release Date: 2025-02-04T14:22:02Z  
Rating: moderate  
References:

  * bsc#1095184
  * bsc#1183703

  
Affected Products:

  * openSUSE Leap 15.6

  
  
An update that has two security fixes can now be installed.

## Description:

This update for etcd fixes the following issues: Security Update to version
3.5.18:

  * Ensure all goroutines created by StartEtcd to exit before closing the errc
  * mvcc: restore tombstone index if it's first revision
  * Bump go toolchain to 1.22.11
  * Avoid deadlock in etcd.Close when stopping during bootstrapping
  * etcdutl/etcdutl: use datadir package to build wal/snapdir
  * Remove duplicated <-s.ReadyNotify()
  * Do not wait for ready notify if the server is stopping
  * Fix mixVersion test case: ensure a snapshot to be sent out
  * *: support custom content check offline in v2store
  * Print warning message for deprecated flags if set
  * fix runtime error: comparing uncomparable type
  * add tls min/max version to grpc proxy

  * Fixing a configuration data loss bug: Fillup really really wants that the
    template and the target file actually follow the sysconfig format. The
    current config and the current template do not fulfill this requirement.
    Move the current /etc/sysconfig/etcd to /etc/default/etcd and install a new
    sysconfig file which only adds the ETCD_OPTIONS option, which is actually
    used by the unit file. This also makes it a bit cleaner to move etcd to use
    \--config-file in the long run.

  * Update etcd configuration file based on https://github.com/etcd-
    io/etcd/blob/v3.5.17/etcd.conf.yml.sample

Update to version 3.5.17:

  * fix(defrag): close temp file in case of error
  * Bump go toolchain to 1.22.9
  * fix(defrag): handle defragdb failure
  * fix(defrag): handle no space left error
  * [3.5] Fix risk of a partial write txn being applied
  * [serverWatchStream] terminate recvLoop on sws.close()

Update to version 3.5.16:

  * Bump go toolchain to 1.22.7
  * Introduce compaction sleep interval flag
  * Fix passing default grpc call options in Kubernetes client
  * Skip leadership check if the etcd instance is active processing heartbeats
  * Introduce Kubernetes KV interface to etcd client

Update to version 3.5.15:

  * Differentiate the warning message for rejected client and peer
  * connections
  * Suppress noisy basic auth token deletion log
  * Support multiple values for allowed client and peer TLS identities(#18015)
  * print error log when validation on conf change failed

Update to version 3.5.14:

  * etcdutl: Fix snapshot restore memory alloc issue
  * server: Implement WithMmapSize option for backend config
  * gRPC health server sets serving status to NOT_SERVING on defrag
  * server/mvcc: introduce compactBeforeSetFinishedCompact failpoint
  * Update the compaction log when bootstrap and update compact's signature
  * add experimental-snapshot-catchup-entries flag.
  * Fix retry requests when receiving ErrGPRCNotSupportedForLearner

Update to version 3.5.13:

  * Fix progress notification for watch that doesn't get any events
  * pkg/types: Support Unix sockets in NewURLS
  * added arguments to the grpc-proxy: dial-keepalive-time, dial-keepalive-
    timeout, permit-without-stream
  * server: fix comment to match function name
  * Make CGO_ENABLED configurable for etcd 3.5
  * etcdserver: drain leaky goroutines before test completed

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-357=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * etcdctl-3.5.18-150000.7.9.1
    * etcd-3.5.18-150000.7.9.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1095184
  * https://bugzilla.suse.com/show_bug.cgi?id=1183703

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250206/9a09046d/attachment.htm>

From null at suse.de  Thu Feb  6 16:31:19 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Thu, 06 Feb 2025 16:31:19 -0000
Subject: SUSE-SU-2025:0356-1: moderate: Security update for openssl-1_1
Message-ID: <173885947922.21757.11891952617860125885@smelt2.prg2.suse.org>



# Security update for openssl-1_1

Announcement ID: SUSE-SU-2025:0356-1  
Release Date: 2025-02-04T13:33:49Z  
Rating: moderate  
References:

  * bsc#1226463
  * bsc#1236136

  
Cross-References:

  * CVE-2024-13176

  
CVSS scores:

  * CVE-2024-13176 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-13176 ( SUSE ):  5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-13176 ( NVD ):  4.1 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

  
Affected Products:

  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.2
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3

  
  
An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for openssl-1_1 fixes the following issues:

  * CVE-2024-13176: Fixed timing side-channel in the ECDSA signature computation
    (bsc#1236136)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-356=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-356=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-356=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-356=1

  * SUSE Linux Enterprise Micro 5.1  
    zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-356=1

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-356=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-356=1

## Package List:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * libopenssl1_1-debuginfo-1.1.1d-150200.11.100.1
    * libopenssl-1_1-devel-1.1.1d-150200.11.100.1
    * libopenssl1_1-1.1.1d-150200.11.100.1
    * openssl-1_1-1.1.1d-150200.11.100.1
    * libopenssl1_1-hmac-1.1.1d-150200.11.100.1
    * openssl-1_1-debugsource-1.1.1d-150200.11.100.1
    * openssl-1_1-debuginfo-1.1.1d-150200.11.100.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * openssl-1_1-doc-1.1.1d-150200.11.100.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64)
    * libopenssl1_1-32bit-1.1.1d-150200.11.100.1
    * libopenssl-1_1-devel-32bit-1.1.1d-150200.11.100.1
    * libopenssl1_1-32bit-debuginfo-1.1.1d-150200.11.100.1
    * libopenssl1_1-hmac-32bit-1.1.1d-150200.11.100.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * libopenssl1_1-debuginfo-1.1.1d-150200.11.100.1
    * libopenssl-1_1-devel-1.1.1d-150200.11.100.1
    * libopenssl1_1-1.1.1d-150200.11.100.1
    * openssl-1_1-1.1.1d-150200.11.100.1
    * libopenssl1_1-hmac-1.1.1d-150200.11.100.1
    * openssl-1_1-debugsource-1.1.1d-150200.11.100.1
    * openssl-1_1-debuginfo-1.1.1d-150200.11.100.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * openssl-1_1-doc-1.1.1d-150200.11.100.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (x86_64)
    * libopenssl1_1-32bit-1.1.1d-150200.11.100.1
    * libopenssl-1_1-devel-32bit-1.1.1d-150200.11.100.1
    * libopenssl1_1-32bit-debuginfo-1.1.1d-150200.11.100.1
    * libopenssl1_1-hmac-32bit-1.1.1d-150200.11.100.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * libopenssl1_1-debuginfo-1.1.1d-150200.11.100.1
    * libopenssl-1_1-devel-1.1.1d-150200.11.100.1
    * libopenssl1_1-1.1.1d-150200.11.100.1
    * openssl-1_1-1.1.1d-150200.11.100.1
    * libopenssl1_1-hmac-1.1.1d-150200.11.100.1
    * openssl-1_1-debugsource-1.1.1d-150200.11.100.1
    * openssl-1_1-debuginfo-1.1.1d-150200.11.100.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * openssl-1_1-doc-1.1.1d-150200.11.100.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64)
    * libopenssl1_1-32bit-1.1.1d-150200.11.100.1
    * libopenssl-1_1-devel-32bit-1.1.1d-150200.11.100.1
    * libopenssl1_1-32bit-debuginfo-1.1.1d-150200.11.100.1
    * libopenssl1_1-hmac-32bit-1.1.1d-150200.11.100.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * libopenssl1_1-debuginfo-1.1.1d-150200.11.100.1
    * libopenssl-1_1-devel-1.1.1d-150200.11.100.1
    * libopenssl1_1-1.1.1d-150200.11.100.1
    * openssl-1_1-1.1.1d-150200.11.100.1
    * libopenssl1_1-hmac-1.1.1d-150200.11.100.1
    * openssl-1_1-debugsource-1.1.1d-150200.11.100.1
    * openssl-1_1-debuginfo-1.1.1d-150200.11.100.1
  * SUSE Enterprise Storage 7.1 (noarch)
    * openssl-1_1-doc-1.1.1d-150200.11.100.1
  * SUSE Enterprise Storage 7.1 (x86_64)
    * libopenssl1_1-32bit-1.1.1d-150200.11.100.1
    * libopenssl-1_1-devel-32bit-1.1.1d-150200.11.100.1
    * libopenssl1_1-32bit-debuginfo-1.1.1d-150200.11.100.1
    * libopenssl1_1-hmac-32bit-1.1.1d-150200.11.100.1
  * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
    * libopenssl1_1-debuginfo-1.1.1d-150200.11.100.1
    * libopenssl-1_1-devel-1.1.1d-150200.11.100.1
    * libopenssl1_1-1.1.1d-150200.11.100.1
    * openssl-1_1-1.1.1d-150200.11.100.1
    * libopenssl1_1-hmac-1.1.1d-150200.11.100.1
    * openssl-1_1-debugsource-1.1.1d-150200.11.100.1
    * openssl-1_1-debuginfo-1.1.1d-150200.11.100.1
  * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
    * libopenssl1_1-debuginfo-1.1.1d-150200.11.100.1
    * libopenssl-1_1-devel-1.1.1d-150200.11.100.1
    * libopenssl1_1-1.1.1d-150200.11.100.1
    * openssl-1_1-1.1.1d-150200.11.100.1
    * libopenssl1_1-hmac-1.1.1d-150200.11.100.1
    * openssl-1_1-debugsource-1.1.1d-150200.11.100.1
    * openssl-1_1-debuginfo-1.1.1d-150200.11.100.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
    * libopenssl1_1-debuginfo-1.1.1d-150200.11.100.1
    * libopenssl-1_1-devel-1.1.1d-150200.11.100.1
    * libopenssl1_1-1.1.1d-150200.11.100.1
    * openssl-1_1-1.1.1d-150200.11.100.1
    * libopenssl1_1-hmac-1.1.1d-150200.11.100.1
    * openssl-1_1-debugsource-1.1.1d-150200.11.100.1
    * openssl-1_1-debuginfo-1.1.1d-150200.11.100.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-13176.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1226463
  * https://bugzilla.suse.com/show_bug.cgi?id=1236136

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250206/a0e49dec/attachment.htm>

From null at suse.de  Thu Feb  6 16:31:22 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Thu, 06 Feb 2025 16:31:22 -0000
Subject: SUSE-SU-2025:0355-1: important: Security update for bind
Message-ID: <173885948200.21757.10465727778171785916@smelt2.prg2.suse.org>



# Security update for bind

Announcement ID: SUSE-SU-2025:0355-1  
Release Date: 2025-02-04T12:59:34Z  
Rating: important  
References:

  * bsc#1236596
  * bsc#1236597

  
Cross-References:

  * CVE-2024-11187
  * CVE-2024-12705

  
CVSS scores:

  * CVE-2024-11187 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-11187 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-11187 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-12705 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-12705 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-12705 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * Server Applications Module 15-SP6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for bind fixes the following issues:

Update to release 9.18.33

Security Fixes:

  * CVE-2024-11187: Fixes CPU exhaustion caused by many records in the
    additional section (bsc#1236596)
  * CVE-2024-12705: Fixes multiple issues in DNS-over-HTTPS implementation when
    under heavy query load (bsc#1236597)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-355=1 openSUSE-SLE-15.6-2025-355=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-355=1

  * Server Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-355=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * bind-9.18.33-150600.3.6.1
    * bind-debuginfo-9.18.33-150600.3.6.1
    * bind-utils-9.18.33-150600.3.6.1
    * bind-debugsource-9.18.33-150600.3.6.1
    * bind-utils-debuginfo-9.18.33-150600.3.6.1
  * openSUSE Leap 15.6 (noarch)
    * bind-doc-9.18.33-150600.3.6.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * bind-debugsource-9.18.33-150600.3.6.1
    * bind-debuginfo-9.18.33-150600.3.6.1
    * bind-utils-debuginfo-9.18.33-150600.3.6.1
    * bind-utils-9.18.33-150600.3.6.1
  * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * bind-9.18.33-150600.3.6.1
    * bind-debugsource-9.18.33-150600.3.6.1
    * bind-debuginfo-9.18.33-150600.3.6.1
  * Server Applications Module 15-SP6 (noarch)
    * bind-doc-9.18.33-150600.3.6.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-11187.html
  * https://www.suse.com/security/cve/CVE-2024-12705.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236596
  * https://bugzilla.suse.com/show_bug.cgi?id=1236597

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250206/58d299d2/attachment.htm>

From null at suse.de  Thu Feb  6 16:31:24 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Thu, 06 Feb 2025 16:31:24 -0000
Subject: SUSE-SU-2025:0351-1: moderate: Security update for krb5
Message-ID: <173885948419.21757.18337848450607103556@smelt2.prg2.suse.org>



# Security update for krb5

Announcement ID: SUSE-SU-2025:0351-1  
Release Date: 2025-02-04T09:28:22Z  
Rating: moderate  
References:

  * bsc#1236619

  
Cross-References:

  * CVE-2025-24528

  
CVSS scores:

  * CVE-2025-24528 ( SUSE ):  6.0
    CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-24528 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for krb5 fixes the following issues:

  * CVE-2025-24528: Fixed out-of-bounds write caused by overflow when
    calculating ulog block size can lead to process crash (bsc#1236619).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-351=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * krb5-32bit-1.16.3-46.18.1
    * krb5-doc-1.16.3-46.18.1
    * krb5-plugin-preauth-pkinit-1.16.3-46.18.1
    * krb5-debuginfo-32bit-1.16.3-46.18.1
    * krb5-debuginfo-1.16.3-46.18.1
    * krb5-plugin-preauth-otp-1.16.3-46.18.1
    * krb5-debugsource-1.16.3-46.18.1
    * krb5-server-debuginfo-1.16.3-46.18.1
    * krb5-devel-1.16.3-46.18.1
    * krb5-client-debuginfo-1.16.3-46.18.1
    * krb5-1.16.3-46.18.1
    * krb5-plugin-preauth-pkinit-debuginfo-1.16.3-46.18.1
    * krb5-client-1.16.3-46.18.1
    * krb5-plugin-preauth-otp-debuginfo-1.16.3-46.18.1
    * krb5-server-1.16.3-46.18.1
    * krb5-plugin-kdb-ldap-1.16.3-46.18.1
    * krb5-plugin-kdb-ldap-debuginfo-1.16.3-46.18.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-24528.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236619

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250206/0aa859f9/attachment.htm>

From null at suse.de  Thu Feb  6 16:31:26 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Thu, 06 Feb 2025 16:31:26 -0000
Subject: SUSE-SU-2025:0350-1: important: Security update for xrdp
Message-ID: <173885948699.21757.5831947343066555981@smelt2.prg2.suse.org>



# Security update for xrdp

Announcement ID: SUSE-SU-2025:0350-1  
Release Date: 2025-02-04T09:15:31Z  
Rating: important  
References:

  * bsc#1227769

  
Cross-References:

  * CVE-2024-39917

  
CVSS scores:

  * CVE-2024-39917 ( SUSE ):  7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
  * CVE-2024-39917 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for xrdp fixes the following issues:

  * CVE-2024-39917: Enforce no login screen if require_credentials is set
    (bsc#1227769)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-350=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-350=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-350=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-350=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-350=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-350=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-350=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-350=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-350=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-350=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-350=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-350=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-350=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-350=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-350=1

## Package List:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * libpainter0-0.9.13.1-150200.4.33.1
    * xrdp-0.9.13.1-150200.4.33.1
    * librfxencode0-debuginfo-0.9.13.1-150200.4.33.1
    * xrdp-debugsource-0.9.13.1-150200.4.33.1
    * librfxencode0-0.9.13.1-150200.4.33.1
    * xrdp-devel-0.9.13.1-150200.4.33.1
    * xrdp-debuginfo-0.9.13.1-150200.4.33.1
    * libpainter0-debuginfo-0.9.13.1-150200.4.33.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * libpainter0-0.9.13.1-150200.4.33.1
    * xrdp-0.9.13.1-150200.4.33.1
    * librfxencode0-debuginfo-0.9.13.1-150200.4.33.1
    * xrdp-debugsource-0.9.13.1-150200.4.33.1
    * librfxencode0-0.9.13.1-150200.4.33.1
    * xrdp-devel-0.9.13.1-150200.4.33.1
    * xrdp-debuginfo-0.9.13.1-150200.4.33.1
    * libpainter0-debuginfo-0.9.13.1-150200.4.33.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * libpainter0-0.9.13.1-150200.4.33.1
    * xrdp-0.9.13.1-150200.4.33.1
    * librfxencode0-debuginfo-0.9.13.1-150200.4.33.1
    * xrdp-debugsource-0.9.13.1-150200.4.33.1
    * librfxencode0-0.9.13.1-150200.4.33.1
    * xrdp-devel-0.9.13.1-150200.4.33.1
    * xrdp-debuginfo-0.9.13.1-150200.4.33.1
    * libpainter0-debuginfo-0.9.13.1-150200.4.33.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * libpainter0-0.9.13.1-150200.4.33.1
    * xrdp-0.9.13.1-150200.4.33.1
    * librfxencode0-debuginfo-0.9.13.1-150200.4.33.1
    * xrdp-debugsource-0.9.13.1-150200.4.33.1
    * librfxencode0-0.9.13.1-150200.4.33.1
    * xrdp-devel-0.9.13.1-150200.4.33.1
    * xrdp-debuginfo-0.9.13.1-150200.4.33.1
    * libpainter0-debuginfo-0.9.13.1-150200.4.33.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * libpainter0-0.9.13.1-150200.4.33.1
    * xrdp-0.9.13.1-150200.4.33.1
    * librfxencode0-debuginfo-0.9.13.1-150200.4.33.1
    * xrdp-debugsource-0.9.13.1-150200.4.33.1
    * librfxencode0-0.9.13.1-150200.4.33.1
    * xrdp-devel-0.9.13.1-150200.4.33.1
    * xrdp-debuginfo-0.9.13.1-150200.4.33.1
    * libpainter0-debuginfo-0.9.13.1-150200.4.33.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * libpainter0-0.9.13.1-150200.4.33.1
    * xrdp-0.9.13.1-150200.4.33.1
    * librfxencode0-debuginfo-0.9.13.1-150200.4.33.1
    * xrdp-debugsource-0.9.13.1-150200.4.33.1
    * librfxencode0-0.9.13.1-150200.4.33.1
    * xrdp-devel-0.9.13.1-150200.4.33.1
    * xrdp-debuginfo-0.9.13.1-150200.4.33.1
    * libpainter0-debuginfo-0.9.13.1-150200.4.33.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * libpainter0-0.9.13.1-150200.4.33.1
    * xrdp-0.9.13.1-150200.4.33.1
    * librfxencode0-debuginfo-0.9.13.1-150200.4.33.1
    * xrdp-debugsource-0.9.13.1-150200.4.33.1
    * librfxencode0-0.9.13.1-150200.4.33.1
    * xrdp-devel-0.9.13.1-150200.4.33.1
    * xrdp-debuginfo-0.9.13.1-150200.4.33.1
    * libpainter0-debuginfo-0.9.13.1-150200.4.33.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * libpainter0-0.9.13.1-150200.4.33.1
    * xrdp-0.9.13.1-150200.4.33.1
    * librfxencode0-debuginfo-0.9.13.1-150200.4.33.1
    * xrdp-debugsource-0.9.13.1-150200.4.33.1
    * librfxencode0-0.9.13.1-150200.4.33.1
    * xrdp-devel-0.9.13.1-150200.4.33.1
    * xrdp-debuginfo-0.9.13.1-150200.4.33.1
    * libpainter0-debuginfo-0.9.13.1-150200.4.33.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * libpainter0-0.9.13.1-150200.4.33.1
    * xrdp-0.9.13.1-150200.4.33.1
    * librfxencode0-debuginfo-0.9.13.1-150200.4.33.1
    * xrdp-debugsource-0.9.13.1-150200.4.33.1
    * librfxencode0-0.9.13.1-150200.4.33.1
    * xrdp-devel-0.9.13.1-150200.4.33.1
    * xrdp-debuginfo-0.9.13.1-150200.4.33.1
    * libpainter0-debuginfo-0.9.13.1-150200.4.33.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * libpainter0-0.9.13.1-150200.4.33.1
    * xrdp-0.9.13.1-150200.4.33.1
    * librfxencode0-debuginfo-0.9.13.1-150200.4.33.1
    * xrdp-debugsource-0.9.13.1-150200.4.33.1
    * librfxencode0-0.9.13.1-150200.4.33.1
    * xrdp-devel-0.9.13.1-150200.4.33.1
    * xrdp-debuginfo-0.9.13.1-150200.4.33.1
    * libpainter0-debuginfo-0.9.13.1-150200.4.33.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * libpainter0-0.9.13.1-150200.4.33.1
    * xrdp-0.9.13.1-150200.4.33.1
    * librfxencode0-debuginfo-0.9.13.1-150200.4.33.1
    * xrdp-debugsource-0.9.13.1-150200.4.33.1
    * librfxencode0-0.9.13.1-150200.4.33.1
    * xrdp-devel-0.9.13.1-150200.4.33.1
    * xrdp-debuginfo-0.9.13.1-150200.4.33.1
    * libpainter0-debuginfo-0.9.13.1-150200.4.33.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * libpainter0-0.9.13.1-150200.4.33.1
    * xrdp-0.9.13.1-150200.4.33.1
    * librfxencode0-debuginfo-0.9.13.1-150200.4.33.1
    * xrdp-debugsource-0.9.13.1-150200.4.33.1
    * librfxencode0-0.9.13.1-150200.4.33.1
    * xrdp-devel-0.9.13.1-150200.4.33.1
    * xrdp-debuginfo-0.9.13.1-150200.4.33.1
    * libpainter0-debuginfo-0.9.13.1-150200.4.33.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * libpainter0-0.9.13.1-150200.4.33.1
    * xrdp-0.9.13.1-150200.4.33.1
    * librfxencode0-debuginfo-0.9.13.1-150200.4.33.1
    * xrdp-debugsource-0.9.13.1-150200.4.33.1
    * librfxencode0-0.9.13.1-150200.4.33.1
    * xrdp-devel-0.9.13.1-150200.4.33.1
    * xrdp-debuginfo-0.9.13.1-150200.4.33.1
    * libpainter0-debuginfo-0.9.13.1-150200.4.33.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * libpainter0-0.9.13.1-150200.4.33.1
    * xrdp-0.9.13.1-150200.4.33.1
    * librfxencode0-debuginfo-0.9.13.1-150200.4.33.1
    * xrdp-debugsource-0.9.13.1-150200.4.33.1
    * librfxencode0-0.9.13.1-150200.4.33.1
    * xrdp-devel-0.9.13.1-150200.4.33.1
    * xrdp-debuginfo-0.9.13.1-150200.4.33.1
    * libpainter0-debuginfo-0.9.13.1-150200.4.33.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * libpainter0-0.9.13.1-150200.4.33.1
    * xrdp-0.9.13.1-150200.4.33.1
    * librfxencode0-debuginfo-0.9.13.1-150200.4.33.1
    * xrdp-debugsource-0.9.13.1-150200.4.33.1
    * librfxencode0-0.9.13.1-150200.4.33.1
    * xrdp-devel-0.9.13.1-150200.4.33.1
    * xrdp-debuginfo-0.9.13.1-150200.4.33.1
    * libpainter0-debuginfo-0.9.13.1-150200.4.33.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-39917.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1227769

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250206/064533f7/attachment.htm>

From null at suse.de  Thu Feb  6 16:31:29 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Thu, 06 Feb 2025 16:31:29 -0000
Subject: SUSE-SU-2025:0349-1: moderate: Security update for openssl-1_1
Message-ID: <173885948925.21757.6508872839694309903@smelt2.prg2.suse.org>



# Security update for openssl-1_1

Announcement ID: SUSE-SU-2025:0349-1  
Release Date: 2025-02-04T08:34:49Z  
Rating: moderate  
References:

  * bsc#1236136

  
Cross-References:

  * CVE-2024-13176

  
CVSS scores:

  * CVE-2024-13176 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-13176 ( SUSE ):  5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-13176 ( NVD ):  4.1 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for openssl-1_1 fixes the following issues:

  * CVE-2024-13176: Fixed timing side-channel in the ECDSA signature computation
    (bsc#1236136)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-349=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-349=1

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-349=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-349=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-349=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-349=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-349=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-349=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-349=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-349=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-349=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-349=1

## Package List:

  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * libopenssl1_1-hmac-1.1.1l-150400.7.78.1
    * libopenssl1_1-1.1.1l-150400.7.78.1
    * libopenssl-1_1-devel-1.1.1l-150400.7.78.1
    * libopenssl1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-debuginfo-1.1.1l-150400.7.78.1
    * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.78.1
    * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.78.1
    * libopenssl1_1-32bit-1.1.1l-150400.7.78.1
    * openssl-1_1-1.1.1l-150400.7.78.1
    * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.78.1
    * openssl-1_1-debugsource-1.1.1l-150400.7.78.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * libopenssl1_1-hmac-1.1.1l-150400.7.78.1
    * libopenssl1_1-1.1.1l-150400.7.78.1
    * libopenssl-1_1-devel-1.1.1l-150400.7.78.1
    * libopenssl1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-1.1.1l-150400.7.78.1
    * openssl-1_1-debugsource-1.1.1l-150400.7.78.1
  * SUSE Manager Server 4.3 (x86_64)
    * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.78.1
    * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.78.1
    * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.78.1
    * libopenssl1_1-32bit-1.1.1l-150400.7.78.1
  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * libopenssl1_1-hmac-1.1.1l-150400.7.78.1
    * libopenssl1_1-1.1.1l-150400.7.78.1
    * libopenssl-1_1-devel-1.1.1l-150400.7.78.1
    * libopenssl1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-1.1.1l-150400.7.78.1
    * openssl-1_1-debugsource-1.1.1l-150400.7.78.1
  * openSUSE Leap 15.4 (x86_64)
    * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.78.1
    * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.78.1
    * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.78.1
    * libopenssl1_1-32bit-1.1.1l-150400.7.78.1
  * openSUSE Leap 15.4 (noarch)
    * openssl-1_1-doc-1.1.1l-150400.7.78.1
  * openSUSE Leap 15.4 (aarch64_ilp32)
    * libopenssl1_1-64bit-1.1.1l-150400.7.78.1
    * libopenssl1_1-64bit-debuginfo-1.1.1l-150400.7.78.1
    * libopenssl-1_1-devel-64bit-1.1.1l-150400.7.78.1
    * libopenssl1_1-hmac-64bit-1.1.1l-150400.7.78.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * libopenssl1_1-hmac-1.1.1l-150400.7.78.1
    * libopenssl1_1-1.1.1l-150400.7.78.1
    * libopenssl-1_1-devel-1.1.1l-150400.7.78.1
    * libopenssl1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-1.1.1l-150400.7.78.1
    * openssl-1_1-debugsource-1.1.1l-150400.7.78.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * libopenssl1_1-hmac-1.1.1l-150400.7.78.1
    * libopenssl1_1-1.1.1l-150400.7.78.1
    * libopenssl-1_1-devel-1.1.1l-150400.7.78.1
    * libopenssl1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-1.1.1l-150400.7.78.1
    * openssl-1_1-debugsource-1.1.1l-150400.7.78.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * libopenssl1_1-hmac-1.1.1l-150400.7.78.1
    * libopenssl1_1-1.1.1l-150400.7.78.1
    * libopenssl-1_1-devel-1.1.1l-150400.7.78.1
    * libopenssl1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-1.1.1l-150400.7.78.1
    * openssl-1_1-debugsource-1.1.1l-150400.7.78.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * libopenssl1_1-hmac-1.1.1l-150400.7.78.1
    * libopenssl1_1-1.1.1l-150400.7.78.1
    * libopenssl-1_1-devel-1.1.1l-150400.7.78.1
    * libopenssl1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-1.1.1l-150400.7.78.1
    * openssl-1_1-debugsource-1.1.1l-150400.7.78.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * libopenssl1_1-hmac-1.1.1l-150400.7.78.1
    * libopenssl1_1-1.1.1l-150400.7.78.1
    * libopenssl-1_1-devel-1.1.1l-150400.7.78.1
    * libopenssl1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-1.1.1l-150400.7.78.1
    * openssl-1_1-debugsource-1.1.1l-150400.7.78.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
    * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.78.1
    * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.78.1
    * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.78.1
    * libopenssl1_1-32bit-1.1.1l-150400.7.78.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * libopenssl1_1-hmac-1.1.1l-150400.7.78.1
    * libopenssl1_1-1.1.1l-150400.7.78.1
    * libopenssl-1_1-devel-1.1.1l-150400.7.78.1
    * libopenssl1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-1.1.1l-150400.7.78.1
    * openssl-1_1-debugsource-1.1.1l-150400.7.78.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
    * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.78.1
    * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.78.1
    * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.78.1
    * libopenssl1_1-32bit-1.1.1l-150400.7.78.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * libopenssl1_1-hmac-1.1.1l-150400.7.78.1
    * libopenssl1_1-1.1.1l-150400.7.78.1
    * libopenssl-1_1-devel-1.1.1l-150400.7.78.1
    * libopenssl1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-1.1.1l-150400.7.78.1
    * openssl-1_1-debugsource-1.1.1l-150400.7.78.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64)
    * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.78.1
    * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.78.1
    * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.78.1
    * libopenssl1_1-32bit-1.1.1l-150400.7.78.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * libopenssl1_1-hmac-1.1.1l-150400.7.78.1
    * libopenssl1_1-1.1.1l-150400.7.78.1
    * libopenssl-1_1-devel-1.1.1l-150400.7.78.1
    * libopenssl1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-1.1.1l-150400.7.78.1
    * openssl-1_1-debugsource-1.1.1l-150400.7.78.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
    * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.78.1
    * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.78.1
    * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.78.1
    * libopenssl1_1-32bit-1.1.1l-150400.7.78.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * libopenssl1_1-hmac-1.1.1l-150400.7.78.1
    * libopenssl1_1-1.1.1l-150400.7.78.1
    * libopenssl-1_1-devel-1.1.1l-150400.7.78.1
    * libopenssl1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-debuginfo-1.1.1l-150400.7.78.1
    * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.78.1
    * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.78.1
    * libopenssl1_1-32bit-1.1.1l-150400.7.78.1
    * openssl-1_1-1.1.1l-150400.7.78.1
    * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.78.1
    * openssl-1_1-debugsource-1.1.1l-150400.7.78.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-13176.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236136

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250206/3c013850/attachment.htm>

From null at suse.de  Fri Feb  7 12:30:10 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 07 Feb 2025 12:30:10 -0000
Subject: SUSE-SU-2025:0382-1: important: Security update for podman
Message-ID: <173893141013.21560.7367819877431230403@smelt2.prg2.suse.org>



# Security update for podman

Announcement ID: SUSE-SU-2025:0382-1  
Release Date: 2025-02-07T08:44:14Z  
Rating: important  
References:

  * bsc#1236270

  
Cross-References:

  * CVE-2024-11218

  
CVSS scores:

  * CVE-2024-11218 ( SUSE ):  8.7
    CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2024-11218 ( SUSE ):  7.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
  * CVE-2024-11218 ( NVD ):  8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

  
Affected Products:

  * Containers Module 15-SP6
  * openSUSE Leap 15.5
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for podman fixes the following issues:

  * CVE-2024-11218: Fixed a container breakout by using --jobs=2 and a race
    condition when building a malicious Containerfile. (bsc#1236270)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-382=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-382=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-382=1

  * Containers Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-382=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-382=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-382=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-382=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-382=1

## Package List:

  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
    * podmansh-4.9.5-150500.3.31.1
    * podman-debuginfo-4.9.5-150500.3.31.1
    * podman-4.9.5-150500.3.31.1
    * podman-remote-debuginfo-4.9.5-150500.3.31.1
    * podman-remote-4.9.5-150500.3.31.1
  * openSUSE Leap 15.5 (noarch)
    * podman-docker-4.9.5-150500.3.31.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * podmansh-4.9.5-150500.3.31.1
    * podman-debuginfo-4.9.5-150500.3.31.1
    * podman-4.9.5-150500.3.31.1
    * podman-remote-debuginfo-4.9.5-150500.3.31.1
    * podman-remote-4.9.5-150500.3.31.1
  * openSUSE Leap 15.6 (noarch)
    * podman-docker-4.9.5-150500.3.31.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * podmansh-4.9.5-150500.3.31.1
    * podman-debuginfo-4.9.5-150500.3.31.1
    * podman-4.9.5-150500.3.31.1
    * podman-remote-debuginfo-4.9.5-150500.3.31.1
    * podman-remote-4.9.5-150500.3.31.1
  * SUSE Linux Enterprise Micro 5.5 (noarch)
    * podman-docker-4.9.5-150500.3.31.1
  * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * podmansh-4.9.5-150500.3.31.1
    * podman-debuginfo-4.9.5-150500.3.31.1
    * podman-4.9.5-150500.3.31.1
    * podman-remote-debuginfo-4.9.5-150500.3.31.1
    * podman-remote-4.9.5-150500.3.31.1
  * Containers Module 15-SP6 (noarch)
    * podman-docker-4.9.5-150500.3.31.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * podmansh-4.9.5-150500.3.31.1
    * podman-debuginfo-4.9.5-150500.3.31.1
    * podman-4.9.5-150500.3.31.1
    * podman-remote-debuginfo-4.9.5-150500.3.31.1
    * podman-remote-4.9.5-150500.3.31.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * podman-docker-4.9.5-150500.3.31.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * podmansh-4.9.5-150500.3.31.1
    * podman-debuginfo-4.9.5-150500.3.31.1
    * podman-4.9.5-150500.3.31.1
    * podman-remote-debuginfo-4.9.5-150500.3.31.1
    * podman-remote-4.9.5-150500.3.31.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * podman-docker-4.9.5-150500.3.31.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * podmansh-4.9.5-150500.3.31.1
    * podman-debuginfo-4.9.5-150500.3.31.1
    * podman-4.9.5-150500.3.31.1
    * podman-remote-debuginfo-4.9.5-150500.3.31.1
    * podman-remote-4.9.5-150500.3.31.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * podman-docker-4.9.5-150500.3.31.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * podmansh-4.9.5-150500.3.31.1
    * podman-debuginfo-4.9.5-150500.3.31.1
    * podman-4.9.5-150500.3.31.1
    * podman-remote-debuginfo-4.9.5-150500.3.31.1
    * podman-remote-4.9.5-150500.3.31.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * podman-docker-4.9.5-150500.3.31.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-11218.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236270

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250207/07716bf5/attachment.htm>

From null at suse.de  Fri Feb  7 16:30:06 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 07 Feb 2025 16:30:06 -0000
Subject: SUSE-SU-2025:0384-1: important: Security update for bind
Message-ID: <173894580611.21757.4071244204257400969@smelt2.prg2.suse.org>



# Security update for bind

Announcement ID: SUSE-SU-2025:0384-1  
Release Date: 2025-02-07T13:00:41Z  
Rating: important  
References:

  * bsc#1236596

  
Cross-References:

  * CVE-2024-11187

  
CVSS scores:

  * CVE-2024-11187 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-11187 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-11187 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for bind fixes the following issues:

  * CVE-2024-11187: Fixes CPU exhaustion caused by many records in the
    additional section (bsc#1236596)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-384=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-384=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-384=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-384=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-384=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-384=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-384=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-384=1

## Package List:

  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * bind-debuginfo-9.16.50-150400.5.46.1
    * bind-utils-debuginfo-9.16.50-150400.5.46.1
    * bind-debugsource-9.16.50-150400.5.46.1
    * bind-utils-9.16.50-150400.5.46.1
    * bind-9.16.50-150400.5.46.1
  * openSUSE Leap 15.4 (noarch)
    * python3-bind-9.16.50-150400.5.46.1
    * bind-doc-9.16.50-150400.5.46.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * bind-debuginfo-9.16.50-150400.5.46.1
    * bind-utils-debuginfo-9.16.50-150400.5.46.1
    * bind-debugsource-9.16.50-150400.5.46.1
    * bind-utils-9.16.50-150400.5.46.1
    * bind-9.16.50-150400.5.46.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * python3-bind-9.16.50-150400.5.46.1
    * bind-doc-9.16.50-150400.5.46.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * bind-debuginfo-9.16.50-150400.5.46.1
    * bind-utils-debuginfo-9.16.50-150400.5.46.1
    * bind-debugsource-9.16.50-150400.5.46.1
    * bind-utils-9.16.50-150400.5.46.1
    * bind-9.16.50-150400.5.46.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * python3-bind-9.16.50-150400.5.46.1
    * bind-doc-9.16.50-150400.5.46.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * bind-debuginfo-9.16.50-150400.5.46.1
    * bind-utils-debuginfo-9.16.50-150400.5.46.1
    * bind-debugsource-9.16.50-150400.5.46.1
    * bind-utils-9.16.50-150400.5.46.1
    * bind-9.16.50-150400.5.46.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * python3-bind-9.16.50-150400.5.46.1
    * bind-doc-9.16.50-150400.5.46.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * bind-debuginfo-9.16.50-150400.5.46.1
    * bind-utils-debuginfo-9.16.50-150400.5.46.1
    * bind-debugsource-9.16.50-150400.5.46.1
    * bind-utils-9.16.50-150400.5.46.1
    * bind-9.16.50-150400.5.46.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * python3-bind-9.16.50-150400.5.46.1
    * bind-doc-9.16.50-150400.5.46.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * bind-debuginfo-9.16.50-150400.5.46.1
    * bind-utils-debuginfo-9.16.50-150400.5.46.1
    * bind-debugsource-9.16.50-150400.5.46.1
    * bind-utils-9.16.50-150400.5.46.1
    * bind-9.16.50-150400.5.46.1
  * SUSE Manager Proxy 4.3 (noarch)
    * python3-bind-9.16.50-150400.5.46.1
    * bind-doc-9.16.50-150400.5.46.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * bind-debuginfo-9.16.50-150400.5.46.1
    * bind-utils-debuginfo-9.16.50-150400.5.46.1
    * bind-debugsource-9.16.50-150400.5.46.1
    * bind-utils-9.16.50-150400.5.46.1
    * bind-9.16.50-150400.5.46.1
  * SUSE Manager Retail Branch Server 4.3 (noarch)
    * python3-bind-9.16.50-150400.5.46.1
    * bind-doc-9.16.50-150400.5.46.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * bind-debuginfo-9.16.50-150400.5.46.1
    * bind-utils-debuginfo-9.16.50-150400.5.46.1
    * bind-debugsource-9.16.50-150400.5.46.1
    * bind-utils-9.16.50-150400.5.46.1
    * bind-9.16.50-150400.5.46.1
  * SUSE Manager Server 4.3 (noarch)
    * python3-bind-9.16.50-150400.5.46.1
    * bind-doc-9.16.50-150400.5.46.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-11187.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236596

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250207/cae6bf48/attachment.htm>

From null at suse.de  Fri Feb  7 20:30:04 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 07 Feb 2025 20:30:04 -0000
Subject: SUSE-SU-2025:0388-1: moderate: Security update for openssl-3
Message-ID: <173896020459.18428.14279508511808509479@smelt2.prg2.suse.org>



# Security update for openssl-3

Announcement ID: SUSE-SU-2025:0388-1  
Release Date: 2025-02-07T17:18:45Z  
Rating: moderate  
References:

  * bsc#1236136

  
Cross-References:

  * CVE-2024-13176

  
CVSS scores:

  * CVE-2024-13176 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-13176 ( SUSE ):  5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-13176 ( NVD ):  4.1 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for openssl-3 fixes the following issues:

  * CVE-2024-13176: Fixed timing side-channel in ECDSA signature computation
    (bsc#1236136).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-388=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-388=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-388=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-388=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-388=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-388=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-388=1

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-388=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-388=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-388=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-388=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-388=1

## Package List:

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * libopenssl3-3.0.8-150400.4.72.1
    * openssl-3-3.0.8-150400.4.72.1
    * openssl-3-debuginfo-3.0.8-150400.4.72.1
    * openssl-3-debugsource-3.0.8-150400.4.72.1
    * libopenssl3-debuginfo-3.0.8-150400.4.72.1
    * libopenssl-3-devel-3.0.8-150400.4.72.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * libopenssl3-3.0.8-150400.4.72.1
    * openssl-3-3.0.8-150400.4.72.1
    * openssl-3-debuginfo-3.0.8-150400.4.72.1
    * openssl-3-debugsource-3.0.8-150400.4.72.1
    * libopenssl3-debuginfo-3.0.8-150400.4.72.1
    * libopenssl-3-devel-3.0.8-150400.4.72.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * libopenssl3-3.0.8-150400.4.72.1
    * openssl-3-3.0.8-150400.4.72.1
    * openssl-3-debuginfo-3.0.8-150400.4.72.1
    * openssl-3-debugsource-3.0.8-150400.4.72.1
    * libopenssl3-debuginfo-3.0.8-150400.4.72.1
    * libopenssl-3-devel-3.0.8-150400.4.72.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * libopenssl3-3.0.8-150400.4.72.1
    * openssl-3-3.0.8-150400.4.72.1
    * openssl-3-debuginfo-3.0.8-150400.4.72.1
    * openssl-3-debugsource-3.0.8-150400.4.72.1
    * libopenssl3-debuginfo-3.0.8-150400.4.72.1
    * libopenssl-3-devel-3.0.8-150400.4.72.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * libopenssl3-3.0.8-150400.4.72.1
    * openssl-3-3.0.8-150400.4.72.1
    * openssl-3-debuginfo-3.0.8-150400.4.72.1
    * openssl-3-debugsource-3.0.8-150400.4.72.1
    * libopenssl3-debuginfo-3.0.8-150400.4.72.1
    * libopenssl-3-devel-3.0.8-150400.4.72.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * libopenssl3-3.0.8-150400.4.72.1
    * openssl-3-3.0.8-150400.4.72.1
    * openssl-3-debuginfo-3.0.8-150400.4.72.1
    * openssl-3-debugsource-3.0.8-150400.4.72.1
    * libopenssl3-debuginfo-3.0.8-150400.4.72.1
    * libopenssl-3-devel-3.0.8-150400.4.72.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * libopenssl3-3.0.8-150400.4.72.1
    * openssl-3-3.0.8-150400.4.72.1
    * openssl-3-debuginfo-3.0.8-150400.4.72.1
    * openssl-3-debugsource-3.0.8-150400.4.72.1
    * libopenssl3-debuginfo-3.0.8-150400.4.72.1
    * libopenssl-3-devel-3.0.8-150400.4.72.1
  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * libopenssl3-3.0.8-150400.4.72.1
    * openssl-3-3.0.8-150400.4.72.1
    * openssl-3-debuginfo-3.0.8-150400.4.72.1
    * openssl-3-debugsource-3.0.8-150400.4.72.1
    * libopenssl3-debuginfo-3.0.8-150400.4.72.1
    * libopenssl-3-devel-3.0.8-150400.4.72.1
  * openSUSE Leap 15.4 (x86_64)
    * libopenssl3-32bit-debuginfo-3.0.8-150400.4.72.1
    * libopenssl-3-devel-32bit-3.0.8-150400.4.72.1
    * libopenssl3-32bit-3.0.8-150400.4.72.1
  * openSUSE Leap 15.4 (noarch)
    * openssl-3-doc-3.0.8-150400.4.72.1
  * openSUSE Leap 15.4 (aarch64_ilp32)
    * libopenssl3-64bit-3.0.8-150400.4.72.1
    * libopenssl-3-devel-64bit-3.0.8-150400.4.72.1
    * libopenssl3-64bit-debuginfo-3.0.8-150400.4.72.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * libopenssl3-3.0.8-150400.4.72.1
    * libopenssl3-debuginfo-3.0.8-150400.4.72.1
    * openssl-3-debugsource-3.0.8-150400.4.72.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * libopenssl3-3.0.8-150400.4.72.1
    * libopenssl3-debuginfo-3.0.8-150400.4.72.1
    * openssl-3-debugsource-3.0.8-150400.4.72.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * libopenssl3-3.0.8-150400.4.72.1
    * libopenssl3-debuginfo-3.0.8-150400.4.72.1
    * openssl-3-debugsource-3.0.8-150400.4.72.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * libopenssl3-3.0.8-150400.4.72.1
    * libopenssl3-debuginfo-3.0.8-150400.4.72.1
    * openssl-3-debugsource-3.0.8-150400.4.72.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-13176.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236136

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250207/f63e877e/attachment.htm>

From null at suse.de  Fri Feb  7 20:30:07 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 07 Feb 2025 20:30:07 -0000
Subject: SUSE-SU-2025:0387-1: moderate: Security update for openssl-3
Message-ID: <173896020760.18428.7002625757029835426@smelt2.prg2.suse.org>



# Security update for openssl-3

Announcement ID: SUSE-SU-2025:0387-1  
Release Date: 2025-02-07T17:16:21Z  
Rating: moderate  
References:

  * bsc#1236136

  
Cross-References:

  * CVE-2024-13176

  
CVSS scores:

  * CVE-2024-13176 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-13176 ( SUSE ):  5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-13176 ( NVD ):  4.1 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

  
Affected Products:

  * openSUSE Leap 15.5
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for openssl-3 fixes the following issues:

  * CVE-2024-13176: Fixed timing side-channel in ECDSA signature computation
    (bsc#1236136).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-387=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-387=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-387=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-387=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-387=1

## Package List:

  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
    * openssl-3-3.0.8-150500.5.51.1
    * openssl-3-debugsource-3.0.8-150500.5.51.1
    * libopenssl-3-devel-3.0.8-150500.5.51.1
    * openssl-3-debuginfo-3.0.8-150500.5.51.1
    * libopenssl3-3.0.8-150500.5.51.1
    * libopenssl3-debuginfo-3.0.8-150500.5.51.1
  * openSUSE Leap 15.5 (x86_64)
    * libopenssl-3-devel-32bit-3.0.8-150500.5.51.1
    * libopenssl3-32bit-3.0.8-150500.5.51.1
    * libopenssl3-32bit-debuginfo-3.0.8-150500.5.51.1
  * openSUSE Leap 15.5 (noarch)
    * openssl-3-doc-3.0.8-150500.5.51.1
  * openSUSE Leap 15.5 (aarch64_ilp32)
    * libopenssl3-64bit-debuginfo-3.0.8-150500.5.51.1
    * libopenssl3-64bit-3.0.8-150500.5.51.1
    * libopenssl-3-devel-64bit-3.0.8-150500.5.51.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * openssl-3-3.0.8-150500.5.51.1
    * openssl-3-debugsource-3.0.8-150500.5.51.1
    * libopenssl-3-devel-3.0.8-150500.5.51.1
    * openssl-3-debuginfo-3.0.8-150500.5.51.1
    * libopenssl3-3.0.8-150500.5.51.1
    * libopenssl3-debuginfo-3.0.8-150500.5.51.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * openssl-3-3.0.8-150500.5.51.1
    * openssl-3-debugsource-3.0.8-150500.5.51.1
    * libopenssl-3-devel-3.0.8-150500.5.51.1
    * openssl-3-debuginfo-3.0.8-150500.5.51.1
    * libopenssl3-3.0.8-150500.5.51.1
    * libopenssl3-debuginfo-3.0.8-150500.5.51.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * openssl-3-3.0.8-150500.5.51.1
    * openssl-3-debugsource-3.0.8-150500.5.51.1
    * libopenssl-3-devel-3.0.8-150500.5.51.1
    * openssl-3-debuginfo-3.0.8-150500.5.51.1
    * libopenssl3-3.0.8-150500.5.51.1
    * libopenssl3-debuginfo-3.0.8-150500.5.51.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * openssl-3-3.0.8-150500.5.51.1
    * openssl-3-debugsource-3.0.8-150500.5.51.1
    * libopenssl-3-devel-3.0.8-150500.5.51.1
    * openssl-3-debuginfo-3.0.8-150500.5.51.1
    * libopenssl3-3.0.8-150500.5.51.1
    * libopenssl3-debuginfo-3.0.8-150500.5.51.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-13176.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236136

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250207/de582d66/attachment.htm>

From null at suse.de  Fri Feb  7 20:30:12 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 07 Feb 2025 20:30:12 -0000
Subject: SUSE-SU-2025:0386-1: moderate: Security update for python39
Message-ID: <173896021211.18428.16945162654013540378@smelt2.prg2.suse.org>



# Security update for python39

Announcement ID: SUSE-SU-2025:0386-1  
Release Date: 2025-02-07T17:13:36Z  
Rating: moderate  
References:

  * bsc#1236705

  
Cross-References:

  * CVE-2025-0938

  
CVSS scores:

  * CVE-2025-0938 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N
  * CVE-2025-0938 ( SUSE ):  4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
  * CVE-2025-0938 ( NVD ):  6.3
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

  
Affected Products:

  * openSUSE Leap 15.3
  * openSUSE Leap 15.6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for python39 fixes the following issues:

  * CVE-2025-0938: domain names containing square brackets are not identified as
    incorrect by urlparse. (bsc#1236705)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-386=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-386=1

## Package List:

  * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
    * python39-base-3.9.21-150300.4.64.1
    * python39-testsuite-3.9.21-150300.4.64.1
    * libpython3_9-1_0-3.9.21-150300.4.64.1
    * python39-dbm-3.9.21-150300.4.64.1
    * python39-debuginfo-3.9.21-150300.4.64.1
    * python39-testsuite-debuginfo-3.9.21-150300.4.64.1
    * python39-tk-debuginfo-3.9.21-150300.4.64.1
    * python39-dbm-debuginfo-3.9.21-150300.4.64.1
    * libpython3_9-1_0-debuginfo-3.9.21-150300.4.64.1
    * python39-idle-3.9.21-150300.4.64.1
    * python39-core-debugsource-3.9.21-150300.4.64.1
    * python39-tools-3.9.21-150300.4.64.1
    * python39-curses-debuginfo-3.9.21-150300.4.64.1
    * python39-debugsource-3.9.21-150300.4.64.1
    * python39-doc-devhelp-3.9.21-150300.4.64.1
    * python39-devel-3.9.21-150300.4.64.1
    * python39-curses-3.9.21-150300.4.64.1
    * python39-doc-3.9.21-150300.4.64.1
    * python39-3.9.21-150300.4.64.1
    * python39-base-debuginfo-3.9.21-150300.4.64.1
    * python39-tk-3.9.21-150300.4.64.1
  * openSUSE Leap 15.3 (x86_64)
    * libpython3_9-1_0-32bit-debuginfo-3.9.21-150300.4.64.1
    * python39-32bit-3.9.21-150300.4.64.1
    * python39-base-32bit-3.9.21-150300.4.64.1
    * libpython3_9-1_0-32bit-3.9.21-150300.4.64.1
    * python39-base-32bit-debuginfo-3.9.21-150300.4.64.1
    * python39-32bit-debuginfo-3.9.21-150300.4.64.1
  * openSUSE Leap 15.3 (aarch64_ilp32)
    * python39-64bit-debuginfo-3.9.21-150300.4.64.1
    * libpython3_9-1_0-64bit-3.9.21-150300.4.64.1
    * python39-base-64bit-debuginfo-3.9.21-150300.4.64.1
    * libpython3_9-1_0-64bit-debuginfo-3.9.21-150300.4.64.1
    * python39-64bit-3.9.21-150300.4.64.1
    * python39-base-64bit-3.9.21-150300.4.64.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * python39-base-3.9.21-150300.4.64.1
    * python39-testsuite-3.9.21-150300.4.64.1
    * libpython3_9-1_0-3.9.21-150300.4.64.1
    * python39-dbm-3.9.21-150300.4.64.1
    * python39-debuginfo-3.9.21-150300.4.64.1
    * python39-testsuite-debuginfo-3.9.21-150300.4.64.1
    * python39-tk-debuginfo-3.9.21-150300.4.64.1
    * python39-dbm-debuginfo-3.9.21-150300.4.64.1
    * libpython3_9-1_0-debuginfo-3.9.21-150300.4.64.1
    * python39-idle-3.9.21-150300.4.64.1
    * python39-core-debugsource-3.9.21-150300.4.64.1
    * python39-tools-3.9.21-150300.4.64.1
    * python39-curses-debuginfo-3.9.21-150300.4.64.1
    * python39-debugsource-3.9.21-150300.4.64.1
    * python39-doc-devhelp-3.9.21-150300.4.64.1
    * python39-devel-3.9.21-150300.4.64.1
    * python39-curses-3.9.21-150300.4.64.1
    * python39-doc-3.9.21-150300.4.64.1
    * python39-3.9.21-150300.4.64.1
    * python39-base-debuginfo-3.9.21-150300.4.64.1
    * python39-tk-3.9.21-150300.4.64.1
  * openSUSE Leap 15.6 (x86_64)
    * libpython3_9-1_0-32bit-debuginfo-3.9.21-150300.4.64.1
    * python39-32bit-3.9.21-150300.4.64.1
    * python39-base-32bit-3.9.21-150300.4.64.1
    * libpython3_9-1_0-32bit-3.9.21-150300.4.64.1
    * python39-base-32bit-debuginfo-3.9.21-150300.4.64.1
    * python39-32bit-debuginfo-3.9.21-150300.4.64.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-0938.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236705

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250207/948e52a2/attachment.htm>

From null at suse.de  Mon Feb 10 08:30:09 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 10 Feb 2025 08:30:09 -0000
Subject: SUSE-SU-2025:0394-1: important: Security update for tomcat
Message-ID: <173917620900.16775.16898592113845757638@smelt2.prg2.suse.org>



# Security update for tomcat

Announcement ID: SUSE-SU-2025:0394-1  
Release Date: 2025-02-10T07:34:45Z  
Rating: important  
References:

  * bsc#1234663
  * bsc#1234664

  
Cross-References:

  * CVE-2024-50379
  * CVE-2024-54677

  
CVSS scores:

  * CVE-2024-50379 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-50379 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50379 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-54677 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-54677 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54677 ( NVD ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for tomcat fixes the following issues:

  * CVE-2024-50379: Fixed remote code execution (RCE) due to TOCTOU issue in JSP
    compilation (bsc#1234663).
  * CVE-2024-54677: Fixed denial-of-service (DoS) attack in examples web
    application (bsc#1234664).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-394=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-394=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch)
    * tomcat-javadoc-9.0.36-3.136.1
    * tomcat-servlet-4_0-api-9.0.36-3.136.1
    * tomcat-jsp-2_3-api-9.0.36-3.136.1
    * tomcat-el-3_0-api-9.0.36-3.136.1
    * tomcat-docs-webapp-9.0.36-3.136.1
    * tomcat-admin-webapps-9.0.36-3.136.1
    * tomcat-lib-9.0.36-3.136.1
    * tomcat-webapps-9.0.36-3.136.1
    * tomcat-9.0.36-3.136.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch)
    * tomcat-javadoc-9.0.36-3.136.1
    * tomcat-servlet-4_0-api-9.0.36-3.136.1
    * tomcat-jsp-2_3-api-9.0.36-3.136.1
    * tomcat-el-3_0-api-9.0.36-3.136.1
    * tomcat-docs-webapp-9.0.36-3.136.1
    * tomcat-admin-webapps-9.0.36-3.136.1
    * tomcat-lib-9.0.36-3.136.1
    * tomcat-webapps-9.0.36-3.136.1
    * tomcat-9.0.36-3.136.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-50379.html
  * https://www.suse.com/security/cve/CVE-2024-54677.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1234663
  * https://bugzilla.suse.com/show_bug.cgi?id=1234664

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250210/a3124fc7/attachment.htm>

From null at suse.de  Mon Feb 10 08:30:12 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 10 Feb 2025 08:30:12 -0000
Subject: SUSE-SU-2025:0393-1: moderate: Security update for go1.23
Message-ID: <173917621242.16775.10128928250037637297@smelt2.prg2.suse.org>



# Security update for go1.23

Announcement ID: SUSE-SU-2025:0393-1  
Release Date: 2025-02-10T07:34:35Z  
Rating: moderate  
References:

  * bsc#1229122
  * bsc#1236801

  
Cross-References:

  * CVE-2025-22866

  
CVSS scores:

  * CVE-2025-22866 ( SUSE ):  6.0
    CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-22866 ( SUSE ):  5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

  
Affected Products:

  * Development Tools Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for go1.23 fixes the following issues:

  * CVE-2025-22866: Fixed timing sidechannel for P-256 on ppc64le (bsc#1236801).

Bug fixes:

  * go1.23 release tracking (bsc#1229122)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * Development Tools Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-393=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-393=1

## Package List:

  * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * go1.23-doc-1.23.6-150000.1.21.1
    * go1.23-1.23.6-150000.1.21.1
    * go1.23-race-1.23.6-150000.1.21.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * go1.23-doc-1.23.6-150000.1.21.1
    * go1.23-1.23.6-150000.1.21.1
    * go1.23-race-1.23.6-150000.1.21.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-22866.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1229122
  * https://bugzilla.suse.com/show_bug.cgi?id=1236801

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250210/d8de1e8e/attachment.htm>

From null at suse.de  Mon Feb 10 08:30:17 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 10 Feb 2025 08:30:17 -0000
Subject: SUSE-SU-2025:0392-1: moderate: Security update for go1.22
Message-ID: <173917621734.16775.10229253729837709248@smelt2.prg2.suse.org>



# Security update for go1.22

Announcement ID: SUSE-SU-2025:0392-1  
Release Date: 2025-02-10T07:34:22Z  
Rating: moderate  
References:

  * bsc#1218424
  * bsc#1236801

  
Cross-References:

  * CVE-2025-22866

  
CVSS scores:

  * CVE-2025-22866 ( SUSE ):  6.0
    CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-22866 ( SUSE ):  5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

  
Affected Products:

  * Development Tools Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for go1.22 fixes the following issues:

  * CVE-2025-22866: Fixed timing sidechannel for P-256 on ppc64le (bsc#1236801).

Bug fixes:

  * go1.22 release tracking (bsc#1218424)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-392=1

  * Development Tools Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-392=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * go1.22-1.22.12-150000.1.42.1
    * go1.22-race-1.22.12-150000.1.42.1
    * go1.22-doc-1.22.12-150000.1.42.1
  * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * go1.22-1.22.12-150000.1.42.1
    * go1.22-race-1.22.12-150000.1.42.1
    * go1.22-doc-1.22.12-150000.1.42.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-22866.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1218424
  * https://bugzilla.suse.com/show_bug.cgi?id=1236801

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250210/2ff44772/attachment.htm>

From null at suse.de  Mon Feb 10 08:30:21 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 10 Feb 2025 08:30:21 -0000
Subject: SUSE-SU-2025:0391-1: important: Security update for MozillaFirefox
Message-ID: <173917622142.16775.16966462151379089840@smelt2.prg2.suse.org>



# Security update for MozillaFirefox

Announcement ID: SUSE-SU-2025:0391-1  
Release Date: 2025-02-10T07:34:07Z  
Rating: important  
References:

  * bsc#1236539

  
Cross-References:

  * CVE-2024-11704
  * CVE-2025-1009
  * CVE-2025-1010
  * CVE-2025-1011
  * CVE-2025-1012
  * CVE-2025-1013
  * CVE-2025-1014
  * CVE-2025-1016
  * CVE-2025-1017

  
CVSS scores:

  * CVE-2024-11704 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1009 ( SUSE ):  7.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
  * CVE-2025-1009 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1009 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1010 ( SUSE ):  7.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
  * CVE-2025-1010 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1010 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1011 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1011 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1011 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1012 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1012 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1012 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1013 ( SUSE ):  3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
  * CVE-2025-1013 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
  * CVE-2025-1014 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  * CVE-2025-1014 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1014 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1016 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1016 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1016 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1017 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1017 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1017 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves nine vulnerabilities can now be installed.

## Description:

This update for MozillaFirefox to 128.7esr fixes the following issues:

  * MFSA 2025-09
  * CVE-2025-1009 (bmo#1936613) Use-after-free in XSLT
  * CVE-2025-1010 (bmo#1936982) Use-after-free in Custom Highlight
  * CVE-2025-1011 (bmo#1936454) A bug in WebAssembly code generation could
    result in a crash
  * CVE-2025-1012 (bmo#1939710) Use-after-free during concurrent delazification
  * CVE-2024-11704 (bmo#1899402) Potential double-free vulnerability in PKCS#7
    decryption handling
  * CVE-2025-1013 (bmo#1932555) Potential opening of private browsing tabs in
    normal browsing windows
  * CVE-2025-1014 (bmo#1940804) Certificate length was not properly checked
  * CVE-2025-1016 (bmo#1936601, bmo#1936844, bmo#1937694, bmo#1938469,
    bmo#1939583, bmo#1940994) Memory safety bugs fixed in Firefox 135,
    Thunderbird 135, Firefox ESR 115.20, Firefox ESR 128.7, Thunderbird 115.20,
    and Thunderbird 128.7
  * CVE-2025-1017 (bmo#1926256, bmo#1935471, bmo#1935984) Memory safety bugs
    fixed in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird
    128.7

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-391=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-391=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * MozillaFirefox-translations-common-128.7.0-112.246.1
    * MozillaFirefox-128.7.0-112.246.1
    * MozillaFirefox-debugsource-128.7.0-112.246.1
    * MozillaFirefox-debuginfo-128.7.0-112.246.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch)
    * MozillaFirefox-devel-128.7.0-112.246.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * MozillaFirefox-translations-common-128.7.0-112.246.1
    * MozillaFirefox-128.7.0-112.246.1
    * MozillaFirefox-debugsource-128.7.0-112.246.1
    * MozillaFirefox-debuginfo-128.7.0-112.246.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch)
    * MozillaFirefox-devel-128.7.0-112.246.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-11704.html
  * https://www.suse.com/security/cve/CVE-2025-1009.html
  * https://www.suse.com/security/cve/CVE-2025-1010.html
  * https://www.suse.com/security/cve/CVE-2025-1011.html
  * https://www.suse.com/security/cve/CVE-2025-1012.html
  * https://www.suse.com/security/cve/CVE-2025-1013.html
  * https://www.suse.com/security/cve/CVE-2025-1014.html
  * https://www.suse.com/security/cve/CVE-2025-1016.html
  * https://www.suse.com/security/cve/CVE-2025-1017.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236539

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250210/03662be2/attachment.htm>

From null at suse.de  Mon Feb 10 08:30:24 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 10 Feb 2025 08:30:24 -0000
Subject: SUSE-SU-2025:0390-1: moderate: Security update for openssl-1_1
Message-ID: <173917622401.16775.1194074810979880039@smelt2.prg2.suse.org>



# Security update for openssl-1_1

Announcement ID: SUSE-SU-2025:0390-1  
Release Date: 2025-02-10T07:33:51Z  
Rating: moderate  
References:

  * bsc#1236136

  
Cross-References:

  * CVE-2024-13176

  
CVSS scores:

  * CVE-2024-13176 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-13176 ( SUSE ):  5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-13176 ( NVD ):  4.1 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for openssl-1_1 fixes the following issues:

  * CVE-2024-13176: Fixed timing side-channel in the ECDSA signature computation
    (bsc#1236136)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-390=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-390=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * libopenssl-1_1-devel-1.1.1d-2.116.1
    * libopenssl1_1-hmac-1.1.1d-2.116.1
    * openssl-1_1-debugsource-1.1.1d-2.116.1
    * openssl-1_1-1.1.1d-2.116.1
    * libopenssl1_1-1.1.1d-2.116.1
    * libopenssl1_1-debuginfo-1.1.1d-2.116.1
    * openssl-1_1-debuginfo-1.1.1d-2.116.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64)
    * libopenssl1_1-debuginfo-32bit-1.1.1d-2.116.1
    * libopenssl1_1-32bit-1.1.1d-2.116.1
    * libopenssl-1_1-devel-32bit-1.1.1d-2.116.1
    * libopenssl1_1-hmac-32bit-1.1.1d-2.116.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * libopenssl1_1-32bit-1.1.1d-2.116.1
    * libopenssl1_1-hmac-32bit-1.1.1d-2.116.1
    * libopenssl-1_1-devel-1.1.1d-2.116.1
    * libopenssl1_1-debuginfo-32bit-1.1.1d-2.116.1
    * libopenssl1_1-hmac-1.1.1d-2.116.1
    * openssl-1_1-debugsource-1.1.1d-2.116.1
    * openssl-1_1-1.1.1d-2.116.1
    * libopenssl-1_1-devel-32bit-1.1.1d-2.116.1
    * libopenssl1_1-1.1.1d-2.116.1
    * libopenssl1_1-debuginfo-1.1.1d-2.116.1
    * openssl-1_1-debuginfo-1.1.1d-2.116.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-13176.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236136

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250210/522f1b46/attachment.htm>

From null at suse.de  Mon Feb 10 08:30:27 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 10 Feb 2025 08:30:27 -0000
Subject: SUSE-SU-2025:0389-1: important: Security update for bind
Message-ID: <173917622765.16775.6979120019118852290@smelt2.prg2.suse.org>



# Security update for bind

Announcement ID: SUSE-SU-2025:0389-1  
Release Date: 2025-02-10T07:33:42Z  
Rating: important  
References:

  * bsc#1236596

  
Cross-References:

  * CVE-2024-11187

  
CVSS scores:

  * CVE-2024-11187 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-11187 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-11187 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for bind fixes the following issues:

  * CVE-2024-11187: Fixes CPU exhaustion caused by many records in the
    additional section (bsc#1236596)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-389=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-389=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * libisc1107-debuginfo-9.11.22-3.60.2
    * libisccc161-9.11.22-3.60.2
    * libisccc161-debuginfo-9.11.22-3.60.2
    * libisc1107-9.11.22-3.60.2
    * bind-utils-9.11.22-3.60.2
    * bind-9.11.22-3.60.2
    * libisccfg163-9.11.22-3.60.2
    * bind-chrootenv-9.11.22-3.60.2
    * libdns1110-9.11.22-3.60.2
    * libirs161-9.11.22-3.60.2
    * bind-utils-debuginfo-9.11.22-3.60.2
    * liblwres161-debuginfo-9.11.22-3.60.2
    * libirs161-debuginfo-9.11.22-3.60.2
    * bind-debugsource-9.11.22-3.60.2
    * libisc1107-32bit-9.11.22-3.60.2
    * libisc1107-debuginfo-32bit-9.11.22-3.60.2
    * bind-debuginfo-9.11.22-3.60.2
    * libisccfg163-debuginfo-9.11.22-3.60.2
    * libbind9-161-9.11.22-3.60.2
    * bind-devel-9.11.22-3.60.2
    * liblwres161-9.11.22-3.60.2
    * libdns1110-debuginfo-9.11.22-3.60.2
    * libbind9-161-debuginfo-9.11.22-3.60.2
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch)
    * python-bind-9.11.22-3.60.2
    * bind-doc-9.11.22-3.60.2
  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * libisc1107-debuginfo-9.11.22-3.60.2
    * libisccc161-9.11.22-3.60.2
    * libisccc161-debuginfo-9.11.22-3.60.2
    * libisc1107-9.11.22-3.60.2
    * bind-utils-9.11.22-3.60.2
    * bind-9.11.22-3.60.2
    * libisccfg163-9.11.22-3.60.2
    * bind-chrootenv-9.11.22-3.60.2
    * libdns1110-9.11.22-3.60.2
    * libirs161-9.11.22-3.60.2
    * bind-utils-debuginfo-9.11.22-3.60.2
    * liblwres161-debuginfo-9.11.22-3.60.2
    * libirs161-debuginfo-9.11.22-3.60.2
    * bind-debugsource-9.11.22-3.60.2
    * bind-debuginfo-9.11.22-3.60.2
    * libisccfg163-debuginfo-9.11.22-3.60.2
    * libbind9-161-9.11.22-3.60.2
    * bind-devel-9.11.22-3.60.2
    * liblwres161-9.11.22-3.60.2
    * libdns1110-debuginfo-9.11.22-3.60.2
    * libbind9-161-debuginfo-9.11.22-3.60.2
  * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch)
    * python-bind-9.11.22-3.60.2
    * bind-doc-9.11.22-3.60.2
  * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64)
    * libisc1107-debuginfo-32bit-9.11.22-3.60.2
    * libisc1107-32bit-9.11.22-3.60.2

## References:

  * https://www.suse.com/security/cve/CVE-2024-11187.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236596

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250210/f3ec6b05/attachment.htm>

From null at suse.de  Mon Feb 10 12:30:07 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 10 Feb 2025 12:30:07 -0000
Subject: SUSE-SU-2025:0404-1: moderate: Security update for rsync
Message-ID: <173919060776.21560.15958353380368510552@smelt2.prg2.suse.org>



# Security update for rsync

Announcement ID: SUSE-SU-2025:0404-1  
Release Date: 2025-02-10T11:49:54Z  
Rating: moderate  
References:

  * bsc#1233760

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that has one security fix can now be installed.

## Description:

This update for rsync fixes the following issues:

  * Bump rsync protocol version to 32 to show server is patched against recent
    vulnerabilities.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-404=1 openSUSE-SLE-15.6-2025-404=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-404=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * rsync-debuginfo-3.2.7-150600.3.11.1
    * rsync-3.2.7-150600.3.11.1
    * rsync-debugsource-3.2.7-150600.3.11.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * rsync-debuginfo-3.2.7-150600.3.11.1
    * rsync-3.2.7-150600.3.11.1
    * rsync-debugsource-3.2.7-150600.3.11.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1233760

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250210/8156693a/attachment.htm>

From null at suse.de  Mon Feb 10 12:30:13 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 10 Feb 2025 12:30:13 -0000
Subject: SUSE-SU-2025:0401-1: moderate: Security update for crypto-policies,
 krb5
Message-ID: <173919061311.21560.2581515730088101548@smelt2.prg2.suse.org>



# Security update for crypto-policies, krb5

Announcement ID: SUSE-SU-2025:0401-1  
Release Date: 2025-02-10T09:38:40Z  
Rating: moderate  
References:

  * bsc#1236619
  * jsc#PED-12018

  
Cross-References:

  * CVE-2025-24528

  
CVSS scores:

  * CVE-2025-24528 ( SUSE ):  6.0
    CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-24528 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * Server Applications Module 15-SP6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves one vulnerability and contains one feature can now be
installed.

## Description:

This update for crypto-policies and krb5 fixes the following issues:

Security issue fixed:

  * CVE-2025-24528: Fixed out-of-bounds write caused by overflow when
    calculating ulog block size can lead to process crash (bsc#1236619).

Feature addition:

  * Add crypto-policies support; (jsc#PED-12018)

  * The default krb5.conf has been updated to include config snippets in the
    krb5.conf.d directory, where crypto-policies drops its.

  * Allow to use KRB5KDF in FIPS mode; (jsc#PED-12018);

  * This key derivation function is used by AES256-CTS-HMAC-SHA1-96 and
    AES128-CTS-HMAC-SHA1-96 encryption types, used by Active directory. If these
    encryption types are allowed or not in FIPS mode is enforced now by the
    FIPS:AD-SUPPORT subpolicy.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-401=1 openSUSE-SLE-15.6-2025-401=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-401=1

  * Server Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-401=1

## Package List:

  * openSUSE Leap 15.6 (noarch)
    * crypto-policies-20230920.570ea89-150600.3.3.1
    * crypto-policies-scripts-20230920.570ea89-150600.3.3.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * krb5-debugsource-1.20.1-150600.11.8.1
    * krb5-plugin-preauth-pkinit-1.20.1-150600.11.8.1
    * krb5-plugin-preauth-spake-1.20.1-150600.11.8.1
    * krb5-server-debuginfo-1.20.1-150600.11.8.1
    * krb5-mini-debuginfo-1.20.1-150600.11.8.1
    * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150600.11.8.1
    * krb5-mini-1.20.1-150600.11.8.1
    * krb5-mini-devel-1.20.1-150600.11.8.1
    * krb5-devel-1.20.1-150600.11.8.1
    * krb5-client-debuginfo-1.20.1-150600.11.8.1
    * krb5-debuginfo-1.20.1-150600.11.8.1
    * krb5-plugin-kdb-ldap-1.20.1-150600.11.8.1
    * krb5-plugin-preauth-otp-1.20.1-150600.11.8.1
    * krb5-client-1.20.1-150600.11.8.1
    * krb5-plugin-preauth-spake-debuginfo-1.20.1-150600.11.8.1
    * krb5-mini-debugsource-1.20.1-150600.11.8.1
    * krb5-plugin-preauth-otp-debuginfo-1.20.1-150600.11.8.1
    * krb5-1.20.1-150600.11.8.1
    * krb5-server-1.20.1-150600.11.8.1
    * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150600.11.8.1
  * openSUSE Leap 15.6 (x86_64)
    * krb5-32bit-1.20.1-150600.11.8.1
    * krb5-devel-32bit-1.20.1-150600.11.8.1
    * krb5-32bit-debuginfo-1.20.1-150600.11.8.1
  * openSUSE Leap 15.6 (aarch64_ilp32)
    * krb5-devel-64bit-1.20.1-150600.11.8.1
    * krb5-64bit-1.20.1-150600.11.8.1
    * krb5-64bit-debuginfo-1.20.1-150600.11.8.1
  * Basesystem Module 15-SP6 (noarch)
    * crypto-policies-20230920.570ea89-150600.3.3.1
    * crypto-policies-scripts-20230920.570ea89-150600.3.3.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * krb5-debugsource-1.20.1-150600.11.8.1
    * krb5-plugin-preauth-pkinit-1.20.1-150600.11.8.1
    * krb5-devel-1.20.1-150600.11.8.1
    * krb5-plugin-preauth-otp-1.20.1-150600.11.8.1
    * krb5-debuginfo-1.20.1-150600.11.8.1
    * krb5-client-debuginfo-1.20.1-150600.11.8.1
    * krb5-client-1.20.1-150600.11.8.1
    * krb5-plugin-preauth-otp-debuginfo-1.20.1-150600.11.8.1
    * krb5-1.20.1-150600.11.8.1
    * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150600.11.8.1
  * Basesystem Module 15-SP6 (x86_64)
    * krb5-32bit-1.20.1-150600.11.8.1
    * krb5-32bit-debuginfo-1.20.1-150600.11.8.1
  * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * krb5-debugsource-1.20.1-150600.11.8.1
    * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150600.11.8.1
    * krb5-plugin-kdb-ldap-1.20.1-150600.11.8.1
    * krb5-debuginfo-1.20.1-150600.11.8.1
    * krb5-server-1.20.1-150600.11.8.1
    * krb5-server-debuginfo-1.20.1-150600.11.8.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-24528.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236619
  * https://jira.suse.com/browse/PED-12018

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250210/70ccc78e/attachment.htm>

From null at suse.de  Mon Feb 10 16:30:14 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 10 Feb 2025 16:30:14 -0000
Subject: SUSE-SU-2025:0407-1: important: Security update for ovmf
Message-ID: <173920501459.21560.17802479405795963493@smelt2.prg2.suse.org>



# Security update for ovmf

Announcement ID: SUSE-SU-2025:0407-1  
Release Date: 2025-02-10T13:56:35Z  
Rating: important  
References:

  * bsc#1218879
  * bsc#1218880
  * bsc#1218881
  * bsc#1218882
  * bsc#1218883
  * bsc#1218884
  * bsc#1218885
  * bsc#1218886
  * bsc#1218887

  
Cross-References:

  * CVE-2023-45229
  * CVE-2023-45230
  * CVE-2023-45231
  * CVE-2023-45232
  * CVE-2023-45233
  * CVE-2023-45234
  * CVE-2023-45235
  * CVE-2023-45236
  * CVE-2023-45237

  
CVSS scores:

  * CVE-2023-45229 ( SUSE ):  6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-45229 ( NVD ):  6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-45230 ( SUSE ):  8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
  * CVE-2023-45230 ( NVD ):  8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-45230 ( NVD ):  8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
  * CVE-2023-45231 ( SUSE ):  6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-45231 ( NVD ):  6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-45232 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-45232 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-45233 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-45233 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-45234 ( SUSE ):  8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
  * CVE-2023-45234 ( NVD ):  8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-45235 ( SUSE ):  8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
  * CVE-2023-45235 ( NVD ):  8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-45236 ( SUSE ):  5.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
  * CVE-2023-45236 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-45237 ( SUSE ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
  * CVE-2023-45237 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

  
Affected Products:

  * openSUSE Leap 15.5
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5

  
  
An update that solves nine vulnerabilities can now be installed.

## Description:

This update for ovmf fixes the following issues:

  * CVE-2023-45229: out-of-bounds read in edk2 when processing IA_NA/IA_TA
    options in DHCPv6 Advertise messages. (bsc#1218879)
  * CVE-2023-45230: buffer overflow in the DHCPv6 client in edk2 via a long
    Server ID option. (bsc#1218880)
  * CVE-2023-45231: out-of-bounds read in edk2 when handling a ND Redirect
    message with truncated options. (bsc#1218881)
  * CVE-2023-45232: infinite loop in edk2 when parsing unknown options in the
    Destination Options header. (bsc#1218882)
  * CVE-2023-45233: infinite loop in edk2 when parsing PadN options in the
    Destination Options header. (bsc#1218883)
  * CVE-2023-45234: buffer overflow in edk2 when processing DNS Servers options
    in a DHCPv6 Advertise message. (bsc#1218884)
  * CVE-2023-45235: buffer overflow in edk2 when handling the Server ID option
    in a DHCPv6 proxy Advertise message. (bsc#1218885)
  * CVE-2023-45236: predictable TCP Initial Sequence Numbers in edk2 network
    packages. (bsc#1218886)
  * CVE-2023-45237: use of a weak pseudorandom number generator in edk2.
    (bsc#1218887)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-407=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-407=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-407=1

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-407=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-407=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-407=1

## Package List:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * ovmf-202208-150500.6.6.1
    * ovmf-tools-202208-150500.6.6.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * qemu-ovmf-x86_64-202208-150500.6.6.1
    * qemu-uefi-aarch64-202208-150500.6.6.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 x86_64)
    * ovmf-202208-150500.6.6.1
    * ovmf-tools-202208-150500.6.6.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * qemu-ovmf-x86_64-202208-150500.6.6.1
    * qemu-uefi-aarch64-202208-150500.6.6.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64)
    * ovmf-202208-150500.6.6.1
    * ovmf-tools-202208-150500.6.6.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * qemu-ovmf-x86_64-202208-150500.6.6.1
  * openSUSE Leap 15.5 (aarch64 x86_64)
    * ovmf-202208-150500.6.6.1
    * ovmf-tools-202208-150500.6.6.1
  * openSUSE Leap 15.5 (noarch)
    * qemu-ovmf-ia32-202208-150500.6.6.1
    * qemu-ovmf-x86_64-202208-150500.6.6.1
    * qemu-uefi-aarch64-202208-150500.6.6.1
    * qemu-uefi-aarch32-202208-150500.6.6.1
  * openSUSE Leap 15.5 (x86_64)
    * qemu-ovmf-x86_64-debug-202208-150500.6.6.1
  * SUSE Linux Enterprise Micro 5.5 (noarch)
    * qemu-ovmf-x86_64-202208-150500.6.6.1
    * qemu-uefi-aarch64-202208-150500.6.6.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * ovmf-202208-150500.6.6.1
    * ovmf-tools-202208-150500.6.6.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * qemu-ovmf-x86_64-202208-150500.6.6.1
    * qemu-uefi-aarch64-202208-150500.6.6.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-45229.html
  * https://www.suse.com/security/cve/CVE-2023-45230.html
  * https://www.suse.com/security/cve/CVE-2023-45231.html
  * https://www.suse.com/security/cve/CVE-2023-45232.html
  * https://www.suse.com/security/cve/CVE-2023-45233.html
  * https://www.suse.com/security/cve/CVE-2023-45234.html
  * https://www.suse.com/security/cve/CVE-2023-45235.html
  * https://www.suse.com/security/cve/CVE-2023-45236.html
  * https://www.suse.com/security/cve/CVE-2023-45237.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1218879
  * https://bugzilla.suse.com/show_bug.cgi?id=1218880
  * https://bugzilla.suse.com/show_bug.cgi?id=1218881
  * https://bugzilla.suse.com/show_bug.cgi?id=1218882
  * https://bugzilla.suse.com/show_bug.cgi?id=1218883
  * https://bugzilla.suse.com/show_bug.cgi?id=1218884
  * https://bugzilla.suse.com/show_bug.cgi?id=1218885
  * https://bugzilla.suse.com/show_bug.cgi?id=1218886
  * https://bugzilla.suse.com/show_bug.cgi?id=1218887

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250210/2137621c/attachment.htm>

From null at suse.de  Mon Feb 10 16:30:17 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 10 Feb 2025 16:30:17 -0000
Subject: SUSE-SU-2025:0406-1: moderate: Security update for python310
Message-ID: <173920501755.21560.3399595674598257885@smelt2.prg2.suse.org>



# Security update for python310

Announcement ID: SUSE-SU-2025:0406-1  
Release Date: 2025-02-10T13:55:52Z  
Rating: moderate  
References:

  * bsc#1236705

  
Cross-References:

  * CVE-2025-0938

  
CVSS scores:

  * CVE-2025-0938 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N
  * CVE-2025-0938 ( SUSE ):  4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
  * CVE-2025-0938 ( NVD ):  6.3
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

  
Affected Products:

  * openSUSE Leap 15.4
  * openSUSE Leap 15.6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for python310 fixes the following issues:

  * CVE-2025-0938: domain names containing square brackets are not identified as
    incorrect by urlparse. (bsc#1236705)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-406=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-406=1

## Package List:

  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * python310-tk-debuginfo-3.10.16-150400.4.69.1
    * python310-devel-3.10.16-150400.4.69.1
    * libpython3_10-1_0-3.10.16-150400.4.69.1
    * python310-core-debugsource-3.10.16-150400.4.69.1
    * python310-doc-3.10.16-150400.4.69.1
    * python310-debuginfo-3.10.16-150400.4.69.1
    * python310-base-debuginfo-3.10.16-150400.4.69.1
    * python310-dbm-3.10.16-150400.4.69.1
    * python310-doc-devhelp-3.10.16-150400.4.69.1
    * python310-testsuite-debuginfo-3.10.16-150400.4.69.1
    * python310-base-3.10.16-150400.4.69.1
    * python310-debugsource-3.10.16-150400.4.69.1
    * python310-tk-3.10.16-150400.4.69.1
    * python310-dbm-debuginfo-3.10.16-150400.4.69.1
    * python310-3.10.16-150400.4.69.1
    * python310-curses-debuginfo-3.10.16-150400.4.69.1
    * python310-curses-3.10.16-150400.4.69.1
    * python310-idle-3.10.16-150400.4.69.1
    * python310-tools-3.10.16-150400.4.69.1
    * python310-testsuite-3.10.16-150400.4.69.1
    * libpython3_10-1_0-debuginfo-3.10.16-150400.4.69.1
  * openSUSE Leap 15.4 (x86_64)
    * python310-base-32bit-debuginfo-3.10.16-150400.4.69.1
    * libpython3_10-1_0-32bit-3.10.16-150400.4.69.1
    * libpython3_10-1_0-32bit-debuginfo-3.10.16-150400.4.69.1
    * python310-base-32bit-3.10.16-150400.4.69.1
    * python310-32bit-3.10.16-150400.4.69.1
    * python310-32bit-debuginfo-3.10.16-150400.4.69.1
  * openSUSE Leap 15.4 (aarch64_ilp32)
    * python310-64bit-debuginfo-3.10.16-150400.4.69.1
    * libpython3_10-1_0-64bit-debuginfo-3.10.16-150400.4.69.1
    * libpython3_10-1_0-64bit-3.10.16-150400.4.69.1
    * python310-64bit-3.10.16-150400.4.69.1
    * python310-base-64bit-debuginfo-3.10.16-150400.4.69.1
    * python310-base-64bit-3.10.16-150400.4.69.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * python310-tk-debuginfo-3.10.16-150400.4.69.1
    * python310-devel-3.10.16-150400.4.69.1
    * libpython3_10-1_0-3.10.16-150400.4.69.1
    * python310-core-debugsource-3.10.16-150400.4.69.1
    * python310-doc-3.10.16-150400.4.69.1
    * python310-debuginfo-3.10.16-150400.4.69.1
    * python310-base-debuginfo-3.10.16-150400.4.69.1
    * python310-dbm-3.10.16-150400.4.69.1
    * python310-doc-devhelp-3.10.16-150400.4.69.1
    * python310-testsuite-debuginfo-3.10.16-150400.4.69.1
    * python310-base-3.10.16-150400.4.69.1
    * python310-debugsource-3.10.16-150400.4.69.1
    * python310-tk-3.10.16-150400.4.69.1
    * python310-dbm-debuginfo-3.10.16-150400.4.69.1
    * python310-3.10.16-150400.4.69.1
    * python310-curses-3.10.16-150400.4.69.1
    * python310-curses-debuginfo-3.10.16-150400.4.69.1
    * python310-idle-3.10.16-150400.4.69.1
    * python310-tools-3.10.16-150400.4.69.1
    * python310-testsuite-3.10.16-150400.4.69.1
    * libpython3_10-1_0-debuginfo-3.10.16-150400.4.69.1
  * openSUSE Leap 15.6 (x86_64)
    * python310-base-32bit-debuginfo-3.10.16-150400.4.69.1
    * libpython3_10-1_0-32bit-3.10.16-150400.4.69.1
    * libpython3_10-1_0-32bit-debuginfo-3.10.16-150400.4.69.1
    * python310-base-32bit-3.10.16-150400.4.69.1
    * python310-32bit-3.10.16-150400.4.69.1
    * python310-32bit-debuginfo-3.10.16-150400.4.69.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-0938.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236705

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250210/35b91a61/attachment.htm>

From null at suse.de  Mon Feb 10 16:30:22 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 10 Feb 2025 16:30:22 -0000
Subject: SUSE-SU-2025:0405-1: important: Security update for MozillaThunderbird
Message-ID: <173920502298.21560.9155416939181190040@smelt2.prg2.suse.org>



# Security update for MozillaThunderbird

Announcement ID: SUSE-SU-2025:0405-1  
Release Date: 2025-02-10T13:54:56Z  
Rating: important  
References:

  * bsc#1236411
  * bsc#1236539

  
Cross-References:

  * CVE-2024-11704
  * CVE-2025-0510
  * CVE-2025-1009
  * CVE-2025-1010
  * CVE-2025-1011
  * CVE-2025-1012
  * CVE-2025-1013
  * CVE-2025-1014
  * CVE-2025-1015
  * CVE-2025-1016
  * CVE-2025-1017

  
CVSS scores:

  * CVE-2024-11704 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0510 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
  * CVE-2025-0510 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
  * CVE-2025-0510 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
  * CVE-2025-1009 ( SUSE ):  7.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
  * CVE-2025-1009 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1009 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1010 ( SUSE ):  7.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
  * CVE-2025-1010 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1010 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1011 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1011 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1011 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1012 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1012 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1012 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1013 ( SUSE ):  3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
  * CVE-2025-1013 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
  * CVE-2025-1014 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  * CVE-2025-1014 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1014 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1015 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1015 ( NVD ):  5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
  * CVE-2025-1015 ( NVD ):  5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
  * CVE-2025-1016 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1016 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1016 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1017 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1017 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1017 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Linux Enterprise Workstation Extension 15 SP6
  * SUSE Package Hub 15 15-SP6

  
  
An update that solves 11 vulnerabilities can now be installed.

## Description:

This update for MozillaThunderbird fixes the following issues:

Update to Mozilla Thunderbird 128.7 (MFSA 2025-10, bsc#1236539).

Security fixes:

  * CVE-2025-1009: use-after-free in XSLT.
  * CVE-2025-1010: use-after-free in Custom Highlight.
  * CVE-2025-1011: a bug in WebAssembly code generation could result in a crash.
  * CVE-2025-1012: use-after-free during concurrent delazification.
  * CVE-2024-11704: potential double-free vulnerability in PKCS#7 decryption
    handling.
  * CVE-2025-1013: potential opening of private browsing tabs in normal browsing
    windows.
  * CVE-2025-1014: certificate length was not properly checked.
  * CVE-2025-1015: unsanitized address book fields.
  * CVE-2025-0510: address of e-mail sender can be spoofed by malicious email.
  * CVE-2025-1016: memory safety bugs.
  * CVE-2025-1017: memory safety bugs.

Other fixes:

  * fixed: images inside links could zoom when clicked instead of opening the
    link.
  * fixed: compacting an empty folder failed with write error.
  * fixed: compacting of IMAP folder with corrupted local storage failed with
    write error.
  * fixed: after restart, all restored tabs with opened PDFs showed the same
    attachment.
  * fixed: exceptions during CalDAV item processing would halt subsequent item
    handling.
  * fixed: context menu was unable to move email address to a different field.
  * fixed: link at about:rights pointed to Firefox privacy policy instead of
    Thunderbird's.
  * fixed: POP3 'fetch headers only' and 'get selected messages' could delete
    messages.
  * fixed: 'Search Online' checkbox in saved search properties was incorrectly
    disabled.
  * fixed: POP3 status message showed incorrect download count when messages
    were deleted.
  * fixed: space bar did not always advance to the next unread message.
  * fixed: folder creation or renaming failed due to incorrect preference
    settings.
  * fixed: forwarding/editing S/MIME drafts/templates unusable due to regression
    (bsc#1236411).
  * fixed: sort order in 'Search Messages' panel reset after search or on first
    launch.
  * fixed: reply window added an unnecessary third blank line at the top.
  * fixed: Thunderbird spell check box did not allow ENTER to accept suggested
    changes.
  * fixed: long email subject lines could overlap window control buttons on
    macOS.
  * fixed: flathub manifest link was not correct.
  * fixed: 'Prefer client-side email scheduling' needed to be selected twice.
  * fixed: duplicate invitations were sent if CALDAV calendar email case did not
    match.
  * fixed: visual and UX improvements.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-405=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-405=1

  * SUSE Linux Enterprise Workstation Extension 15 SP6  
    zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2025-405=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * MozillaThunderbird-128.7.0-150200.8.200.1
    * MozillaThunderbird-debuginfo-128.7.0-150200.8.200.1
    * MozillaThunderbird-translations-common-128.7.0-150200.8.200.1
    * MozillaThunderbird-debugsource-128.7.0-150200.8.200.1
    * MozillaThunderbird-translations-other-128.7.0-150200.8.200.1
  * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x)
    * MozillaThunderbird-128.7.0-150200.8.200.1
    * MozillaThunderbird-debuginfo-128.7.0-150200.8.200.1
    * MozillaThunderbird-translations-common-128.7.0-150200.8.200.1
    * MozillaThunderbird-debugsource-128.7.0-150200.8.200.1
    * MozillaThunderbird-translations-other-128.7.0-150200.8.200.1
  * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64)
    * MozillaThunderbird-128.7.0-150200.8.200.1
    * MozillaThunderbird-debuginfo-128.7.0-150200.8.200.1
    * MozillaThunderbird-translations-common-128.7.0-150200.8.200.1
    * MozillaThunderbird-debugsource-128.7.0-150200.8.200.1
    * MozillaThunderbird-translations-other-128.7.0-150200.8.200.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-11704.html
  * https://www.suse.com/security/cve/CVE-2025-0510.html
  * https://www.suse.com/security/cve/CVE-2025-1009.html
  * https://www.suse.com/security/cve/CVE-2025-1010.html
  * https://www.suse.com/security/cve/CVE-2025-1011.html
  * https://www.suse.com/security/cve/CVE-2025-1012.html
  * https://www.suse.com/security/cve/CVE-2025-1013.html
  * https://www.suse.com/security/cve/CVE-2025-1014.html
  * https://www.suse.com/security/cve/CVE-2025-1015.html
  * https://www.suse.com/security/cve/CVE-2025-1016.html
  * https://www.suse.com/security/cve/CVE-2025-1017.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236411
  * https://bugzilla.suse.com/show_bug.cgi?id=1236539

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250210/8c568cf4/attachment.htm>

From null at suse.de  Tue Feb 11 12:30:09 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Tue, 11 Feb 2025 12:30:09 -0000
Subject: SUSE-SU-2025:0426-1: important: Security update for the Linux Kernel
 RT (Live Patch 2 for SLE 15 SP6)
Message-ID: <173927700976.21757.3243158226084100791@smelt2.prg2.suse.org>



# Security update for the Linux Kernel RT (Live Patch 2 for SLE 15 SP6)

Announcement ID: SUSE-SU-2025:0426-1  
Release Date: 2025-02-11T10:33:30Z  
Rating: important  
References:

  * bsc#1230998
  * bsc#1231993

  
Cross-References:

  * CVE-2024-45016
  * CVE-2024-47684

  
CVSS scores:

  * CVE-2024-45016 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45016 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47684 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * SUSE Linux Enterprise Live Patching 15-SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 6.4.0-150600_10_8 fixes several issues.

The following security issues were fixed:

  * CVE-2024-45016: netem: fix return value if duplicate enqueue fails
    (bsc#1230998).
  * CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us()
    (bsc#1231993).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Live Patching 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-426=1

## Package List:

  * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64)
    * kernel-livepatch-6_4_0-150600_10_8-rt-4-150600.2.1
    * kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource-4-150600.2.1
    * kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo-4-150600.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-45016.html
  * https://www.suse.com/security/cve/CVE-2024-47684.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1230998
  * https://bugzilla.suse.com/show_bug.cgi?id=1231993

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250211/22618213/attachment.htm>

From null at suse.de  Tue Feb 11 12:33:59 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Tue, 11 Feb 2025 12:33:59 -0000
Subject: SUSE-SU-2025:0425-1: moderate: Security update for wget
Message-ID: <173927723959.21757.763943917725190647@smelt2.prg2.suse.org>



# Security update for wget

Announcement ID: SUSE-SU-2025:0425-1  
Release Date: 2025-02-11T10:33:22Z  
Rating: moderate  
References:

  * bsc#1185551
  * bsc#1230795

  
Cross-References:

  * CVE-2021-31879

  
CVSS scores:

  * CVE-2021-31879 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
  * CVE-2021-31879 ( NVD ):  6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for wget fixes the following issues:

  * CVE-2021-31879: Authorization header disclosed upon redirects to different
    origins. (bsc#1185551)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-425=1 openSUSE-SLE-15.6-2025-425=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-425=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * wget-debuginfo-1.20.3-150600.19.12.1
    * wget-1.20.3-150600.19.12.1
    * wget-debugsource-1.20.3-150600.19.12.1
  * openSUSE Leap 15.6 (noarch)
    * wget-lang-1.20.3-150600.19.12.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * wget-debuginfo-1.20.3-150600.19.12.1
    * wget-1.20.3-150600.19.12.1
    * wget-debugsource-1.20.3-150600.19.12.1

## References:

  * https://www.suse.com/security/cve/CVE-2021-31879.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1185551
  * https://bugzilla.suse.com/show_bug.cgi?id=1230795

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250211/49c432f5/attachment.htm>

From null at suse.de  Tue Feb 11 12:34:19 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Tue, 11 Feb 2025 12:34:19 -0000
Subject: SUSE-SU-2025:0421-1: important: Security update for ovmf
Message-ID: <173927725999.21757.4337051801362495542@smelt2.prg2.suse.org>



# Security update for ovmf

Announcement ID: SUSE-SU-2025:0421-1  
Release Date: 2025-02-11T10:28:30Z  
Rating: important  
References:

  * bsc#1218879
  * bsc#1218880
  * bsc#1218881
  * bsc#1218882
  * bsc#1218883
  * bsc#1218884
  * bsc#1218885
  * bsc#1218886
  * bsc#1218887

  
Cross-References:

  * CVE-2023-45229
  * CVE-2023-45230
  * CVE-2023-45231
  * CVE-2023-45232
  * CVE-2023-45233
  * CVE-2023-45234
  * CVE-2023-45235
  * CVE-2023-45236
  * CVE-2023-45237

  
CVSS scores:

  * CVE-2023-45229 ( SUSE ):  6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-45229 ( NVD ):  6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-45230 ( SUSE ):  8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
  * CVE-2023-45230 ( NVD ):  8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-45230 ( NVD ):  8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
  * CVE-2023-45231 ( SUSE ):  6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-45231 ( NVD ):  6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-45232 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-45232 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-45233 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-45233 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-45234 ( SUSE ):  8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
  * CVE-2023-45234 ( NVD ):  8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-45235 ( SUSE ):  8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
  * CVE-2023-45235 ( NVD ):  8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-45236 ( SUSE ):  5.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
  * CVE-2023-45236 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-45237 ( SUSE ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
  * CVE-2023-45237 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

  
Affected Products:

  * openSUSE Leap 15.6
  * Server Applications Module 15-SP6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Package Hub 15 15-SP6

  
  
An update that solves nine vulnerabilities can now be installed.

## Description:

This update for ovmf fixes the following issues:

  * CVE-2023-45229: out-of-bounds read in edk2 when processing IA_NA/IA_TA
    options in DHCPv6 Advertise messages. (bsc#1218879)
  * CVE-2023-45230: buffer overflow in the DHCPv6 client in edk2 via a long
    Server ID option. (bsc#1218880)
  * CVE-2023-45231: out-of-bounds read in edk2 when handling a ND Redirect
    message with truncated options. (bsc#1218881)
  * CVE-2023-45232: infinite loop in edk2 when parsing unknown options in the
    Destination Options header. (bsc#1218882)
  * CVE-2023-45233: infinite loop in edk2 when parsing PadN options in the
    Destination Options header. (bsc#1218883)
  * CVE-2023-45234: buffer overflow in edk2 when processing DNS Servers options
    in a DHCPv6 Advertise message. (bsc#1218884)
  * CVE-2023-45235: buffer overflow in edk2 when handling the Server ID option
    in a DHCPv6 proxy Advertise message. (bsc#1218885)
  * CVE-2023-45236: predictable TCP Initial Sequence Numbers in edk2 network
    packages. (bsc#1218886)
  * CVE-2023-45237: use of a weak pseudorandom number generator in edk2.
    (bsc#1218887)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-421=1 openSUSE-SLE-15.6-2025-421=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-421=1

  * Server Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-421=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 x86_64)
    * ovmf-202308-150600.5.9.1
    * ovmf-tools-202308-150600.5.9.1
  * openSUSE Leap 15.6 (noarch)
    * qemu-ovmf-x86_64-202308-150600.5.9.1
    * qemu-uefi-aarch32-202308-150600.5.9.1
    * qemu-ovmf-ia32-202308-150600.5.9.1
    * qemu-uefi-aarch64-202308-150600.5.9.1
  * openSUSE Leap 15.6 (x86_64)
    * qemu-ovmf-x86_64-debug-202308-150600.5.9.1
  * SUSE Package Hub 15 15-SP6 (noarch)
    * qemu-ovmf-x86_64-202308-150600.5.9.1
    * qemu-uefi-aarch32-202308-150600.5.9.1
    * qemu-uefi-aarch64-202308-150600.5.9.1
  * SUSE Package Hub 15 15-SP6 (x86_64)
    * qemu-ovmf-x86_64-debug-202308-150600.5.9.1
  * Server Applications Module 15-SP6 (aarch64 x86_64)
    * ovmf-202308-150600.5.9.1
    * ovmf-tools-202308-150600.5.9.1
  * Server Applications Module 15-SP6 (noarch)
    * qemu-ovmf-x86_64-202308-150600.5.9.1
    * qemu-uefi-aarch64-202308-150600.5.9.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-45229.html
  * https://www.suse.com/security/cve/CVE-2023-45230.html
  * https://www.suse.com/security/cve/CVE-2023-45231.html
  * https://www.suse.com/security/cve/CVE-2023-45232.html
  * https://www.suse.com/security/cve/CVE-2023-45233.html
  * https://www.suse.com/security/cve/CVE-2023-45234.html
  * https://www.suse.com/security/cve/CVE-2023-45235.html
  * https://www.suse.com/security/cve/CVE-2023-45236.html
  * https://www.suse.com/security/cve/CVE-2023-45237.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1218879
  * https://bugzilla.suse.com/show_bug.cgi?id=1218880
  * https://bugzilla.suse.com/show_bug.cgi?id=1218881
  * https://bugzilla.suse.com/show_bug.cgi?id=1218882
  * https://bugzilla.suse.com/show_bug.cgi?id=1218883
  * https://bugzilla.suse.com/show_bug.cgi?id=1218884
  * https://bugzilla.suse.com/show_bug.cgi?id=1218885
  * https://bugzilla.suse.com/show_bug.cgi?id=1218886
  * https://bugzilla.suse.com/show_bug.cgi?id=1218887

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250211/73430117/attachment.htm>

From null at suse.de  Tue Feb 11 08:30:13 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Tue, 11 Feb 2025 08:30:13 -0000
Subject: SUSE-SU-2025:0410-1: important: Security update for the Linux Kernel
 RT (Live Patch 4 for SLE 15 SP6)
Message-ID: <173926261353.21560.9568358272124941579@smelt2.prg2.suse.org>



# Security update for the Linux Kernel RT (Live Patch 4 for SLE 15 SP6)

Announcement ID: SUSE-SU-2025:0410-1  
Release Date: 2025-02-10T21:02:59Z  
Rating: important  
References:

  * bsc#1230998
  * bsc#1231993

  
Cross-References:

  * CVE-2024-45016
  * CVE-2024-47684

  
CVSS scores:

  * CVE-2024-45016 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45016 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47684 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * SUSE Linux Enterprise Live Patching 15-SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 6.4.0-150600_10_14 fixes several issues.

The following security issues were fixed:

  * CVE-2024-45016: netem: fix return value if duplicate enqueue fails
    (bsc#1230998).
  * CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us()
    (bsc#1231993).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Live Patching 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-410=1 SUSE-SLE-
Module-Live-Patching-15-SP6-2025-411=1 SUSE-SLE-Module-Live-
Patching-15-SP6-2025-412=1 SUSE-SLE-Module-Live-Patching-15-SP6-2025-413=1

## Package List:

  * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64)
    * kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo-3-150600.2.1
    * kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource-3-150600.2.1
    * kernel-livepatch-6_4_0-150600_10_14-rt-3-150600.2.1
    * kernel-livepatch-SLE15-SP6-RT_Update_3-debugsource-4-150600.2.1
    * kernel-livepatch-6_4_0-150600_8-rt-debuginfo-9-150600.3.1
    * kernel-livepatch-6_4_0-150600_10_5-rt-8-150600.2.1
    * kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource-8-150600.2.1
    * kernel-livepatch-6_4_0-150600_10_11-rt-4-150600.2.1
    * kernel-livepatch-6_4_0-150600_8-rt-9-150600.3.1
    * kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo-8-150600.2.1
    * kernel-livepatch-SLE15-SP6-RT_Update_0-debugsource-9-150600.3.1
    * kernel-livepatch-6_4_0-150600_10_11-rt-debuginfo-4-150600.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-45016.html
  * https://www.suse.com/security/cve/CVE-2024-47684.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1230998
  * https://bugzilla.suse.com/show_bug.cgi?id=1231993

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250211/b192edbe/attachment.htm>

From null at suse.de  Tue Feb 11 12:34:23 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Tue, 11 Feb 2025 12:34:23 -0000
Subject: SUSE-SU-2025:0420-1: moderate: Security update for skopeo
Message-ID: <173927726305.21757.11203814102012685028@smelt2.prg2.suse.org>



# Security update for skopeo

Announcement ID: SUSE-SU-2025:0420-1  
Release Date: 2025-02-11T10:27:29Z  
Rating: moderate  
References:

  * bsc#1227056
  * bsc#1236483

  
Cross-References:

  * CVE-2023-45288
  * CVE-2024-6104

  
CVSS scores:

  * CVE-2023-45288 ( SUSE ):  6.9
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2023-45288 ( SUSE ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-6104 ( SUSE ):  6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
  * CVE-2024-6104 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.3
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for skopeo fixes the following issues:

  * CVE-2024-6104: possible sensitive data exposure due to hashicorp/go-
    retryablehttp not sanitizing URLs when writing them to log files.
    (bsc#1227056)
  * CVE-2023-45288: possible excessive CPU consumption due to no limit being set
    on the number of CONTINUATION frames read for an HTTP/2 request in
    golang.org/x/net/http2. (bsc#1236483)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-420=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-420=1

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-420=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-420=1

## Package List:

  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * skopeo-debuginfo-1.14.4-150300.11.16.1
    * skopeo-1.14.4-150300.11.16.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * skopeo-debuginfo-1.14.4-150300.11.16.1
    * skopeo-1.14.4-150300.11.16.1
  * Basesystem Module 15-SP6 (noarch)
    * skopeo-zsh-completion-1.14.4-150300.11.16.1
    * skopeo-bash-completion-1.14.4-150300.11.16.1
  * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
    * skopeo-debuginfo-1.14.4-150300.11.16.1
    * skopeo-1.14.4-150300.11.16.1
  * openSUSE Leap 15.3 (noarch)
    * skopeo-zsh-completion-1.14.4-150300.11.16.1
    * skopeo-fish-completion-1.14.4-150300.11.16.1
    * skopeo-bash-completion-1.14.4-150300.11.16.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * skopeo-debuginfo-1.14.4-150300.11.16.1
    * skopeo-1.14.4-150300.11.16.1
  * openSUSE Leap 15.6 (noarch)
    * skopeo-zsh-completion-1.14.4-150300.11.16.1
    * skopeo-fish-completion-1.14.4-150300.11.16.1
    * skopeo-bash-completion-1.14.4-150300.11.16.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-45288.html
  * https://www.suse.com/security/cve/CVE-2024-6104.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1227056
  * https://bugzilla.suse.com/show_bug.cgi?id=1236483

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250211/3aabba6c/attachment.htm>

From null at suse.de  Tue Feb 11 08:30:08 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Tue, 11 Feb 2025 08:30:08 -0000
Subject: SUSE-SU-2025:0414-1: important: Security update for the Linux Kernel
 (Live Patch 62 for SLE 12 SP5)
Message-ID: <173926260831.21560.603322356478225702@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 62 for SLE 12 SP5)

Announcement ID: SUSE-SU-2025:0414-1  
Release Date: 2025-02-11T03:33:33Z  
Rating: important  
References:

  * bsc#1230998

  
Cross-References:

  * CVE-2024-45016

  
CVSS scores:

  * CVE-2024-45016 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45016 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Live Patching 12-SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for the Linux Kernel 4.12.14-122_234 fixes one issue.

The following security issue was fixed:

  * CVE-2024-45016: netem: fix return value if duplicate enqueue fails
    (bsc#1230998).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Live Patching 12-SP5  
    zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-414=1

## Package List:

  * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64)
    * kgraft-patch-4_12_14-122_234-default-3-2.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-45016.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1230998

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250211/12495739/attachment.htm>

From null at suse.de  Tue Feb 11 12:33:54 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Tue, 11 Feb 2025 12:33:54 -0000
Subject: SUSE-SU-2025:0427-1: important: Security update for bind
Message-ID: <173927723456.21757.14236923535097188113@smelt2.prg2.suse.org>



# Security update for bind

Announcement ID: SUSE-SU-2025:0427-1  
Release Date: 2025-02-11T10:35:53Z  
Rating: important  
References:

  * bsc#1236596

  
Cross-References:

  * CVE-2024-11187

  
CVSS scores:

  * CVE-2024-11187 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-11187 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-11187 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.3
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for bind fixes the following issues:

  * CVE-2024-11187: Fixes CPU exhaustion caused by many records in the
    additional section (bsc#1236596)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-427=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-427=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-427=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-427=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-427=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-427=1

## Package List:

  * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
    * libirs-devel-9.16.6-150300.22.50.1
    * libisc1606-9.16.6-150300.22.50.1
    * libirs1601-9.16.6-150300.22.50.1
    * libbind9-1600-9.16.6-150300.22.50.1
    * libns1604-9.16.6-150300.22.50.1
    * bind-devel-9.16.6-150300.22.50.1
    * libisccc1600-9.16.6-150300.22.50.1
    * libirs1601-debuginfo-9.16.6-150300.22.50.1
    * libisccc1600-debuginfo-9.16.6-150300.22.50.1
    * bind-debuginfo-9.16.6-150300.22.50.1
    * libbind9-1600-debuginfo-9.16.6-150300.22.50.1
    * bind-9.16.6-150300.22.50.1
    * libisc1606-debuginfo-9.16.6-150300.22.50.1
    * libisccfg1600-debuginfo-9.16.6-150300.22.50.1
    * libdns1605-9.16.6-150300.22.50.1
    * bind-utils-9.16.6-150300.22.50.1
    * bind-utils-debuginfo-9.16.6-150300.22.50.1
    * libns1604-debuginfo-9.16.6-150300.22.50.1
    * libdns1605-debuginfo-9.16.6-150300.22.50.1
    * bind-chrootenv-9.16.6-150300.22.50.1
    * libisccfg1600-9.16.6-150300.22.50.1
    * bind-debugsource-9.16.6-150300.22.50.1
  * openSUSE Leap 15.3 (noarch)
    * python3-bind-9.16.6-150300.22.50.1
    * bind-doc-9.16.6-150300.22.50.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * libirs-devel-9.16.6-150300.22.50.1
    * libisccfg1600-debuginfo-9.16.6-150300.22.50.1
    * libdns1605-9.16.6-150300.22.50.1
    * libisc1606-9.16.6-150300.22.50.1
    * libdns1605-debuginfo-9.16.6-150300.22.50.1
    * libirs1601-9.16.6-150300.22.50.1
    * libisccfg1600-9.16.6-150300.22.50.1
    * libirs1601-debuginfo-9.16.6-150300.22.50.1
    * libisc1606-debuginfo-9.16.6-150300.22.50.1
    * bind-debugsource-9.16.6-150300.22.50.1
    * bind-debuginfo-9.16.6-150300.22.50.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * libirs-devel-9.16.6-150300.22.50.1
    * libisc1606-9.16.6-150300.22.50.1
    * libirs1601-9.16.6-150300.22.50.1
    * libbind9-1600-9.16.6-150300.22.50.1
    * libns1604-9.16.6-150300.22.50.1
    * bind-devel-9.16.6-150300.22.50.1
    * libisccc1600-9.16.6-150300.22.50.1
    * libirs1601-debuginfo-9.16.6-150300.22.50.1
    * libisccc1600-debuginfo-9.16.6-150300.22.50.1
    * bind-debuginfo-9.16.6-150300.22.50.1
    * libbind9-1600-debuginfo-9.16.6-150300.22.50.1
    * bind-9.16.6-150300.22.50.1
    * libisc1606-debuginfo-9.16.6-150300.22.50.1
    * libisccfg1600-debuginfo-9.16.6-150300.22.50.1
    * libdns1605-9.16.6-150300.22.50.1
    * bind-utils-9.16.6-150300.22.50.1
    * bind-utils-debuginfo-9.16.6-150300.22.50.1
    * libns1604-debuginfo-9.16.6-150300.22.50.1
    * libdns1605-debuginfo-9.16.6-150300.22.50.1
    * bind-chrootenv-9.16.6-150300.22.50.1
    * libisccfg1600-9.16.6-150300.22.50.1
    * bind-debugsource-9.16.6-150300.22.50.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * python3-bind-9.16.6-150300.22.50.1
    * bind-doc-9.16.6-150300.22.50.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * libirs-devel-9.16.6-150300.22.50.1
    * libisc1606-9.16.6-150300.22.50.1
    * libirs1601-9.16.6-150300.22.50.1
    * libbind9-1600-9.16.6-150300.22.50.1
    * libns1604-9.16.6-150300.22.50.1
    * bind-devel-9.16.6-150300.22.50.1
    * libisccc1600-9.16.6-150300.22.50.1
    * libirs1601-debuginfo-9.16.6-150300.22.50.1
    * libisccc1600-debuginfo-9.16.6-150300.22.50.1
    * bind-debuginfo-9.16.6-150300.22.50.1
    * libbind9-1600-debuginfo-9.16.6-150300.22.50.1
    * bind-9.16.6-150300.22.50.1
    * libisc1606-debuginfo-9.16.6-150300.22.50.1
    * libisccfg1600-debuginfo-9.16.6-150300.22.50.1
    * libdns1605-9.16.6-150300.22.50.1
    * bind-utils-9.16.6-150300.22.50.1
    * bind-utils-debuginfo-9.16.6-150300.22.50.1
    * libns1604-debuginfo-9.16.6-150300.22.50.1
    * libdns1605-debuginfo-9.16.6-150300.22.50.1
    * bind-chrootenv-9.16.6-150300.22.50.1
    * libisccfg1600-9.16.6-150300.22.50.1
    * bind-debugsource-9.16.6-150300.22.50.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * python3-bind-9.16.6-150300.22.50.1
    * bind-doc-9.16.6-150300.22.50.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * libirs-devel-9.16.6-150300.22.50.1
    * libisc1606-9.16.6-150300.22.50.1
    * libirs1601-9.16.6-150300.22.50.1
    * libbind9-1600-9.16.6-150300.22.50.1
    * libns1604-9.16.6-150300.22.50.1
    * bind-devel-9.16.6-150300.22.50.1
    * libisccc1600-9.16.6-150300.22.50.1
    * libirs1601-debuginfo-9.16.6-150300.22.50.1
    * libisccc1600-debuginfo-9.16.6-150300.22.50.1
    * bind-debuginfo-9.16.6-150300.22.50.1
    * libbind9-1600-debuginfo-9.16.6-150300.22.50.1
    * bind-9.16.6-150300.22.50.1
    * libisc1606-debuginfo-9.16.6-150300.22.50.1
    * libisccfg1600-debuginfo-9.16.6-150300.22.50.1
    * libdns1605-9.16.6-150300.22.50.1
    * bind-utils-9.16.6-150300.22.50.1
    * bind-utils-debuginfo-9.16.6-150300.22.50.1
    * libns1604-debuginfo-9.16.6-150300.22.50.1
    * libdns1605-debuginfo-9.16.6-150300.22.50.1
    * bind-chrootenv-9.16.6-150300.22.50.1
    * libisccfg1600-9.16.6-150300.22.50.1
    * bind-debugsource-9.16.6-150300.22.50.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * python3-bind-9.16.6-150300.22.50.1
    * bind-doc-9.16.6-150300.22.50.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * libirs-devel-9.16.6-150300.22.50.1
    * libisc1606-9.16.6-150300.22.50.1
    * libirs1601-9.16.6-150300.22.50.1
    * libbind9-1600-9.16.6-150300.22.50.1
    * libns1604-9.16.6-150300.22.50.1
    * bind-devel-9.16.6-150300.22.50.1
    * libisccc1600-9.16.6-150300.22.50.1
    * libirs1601-debuginfo-9.16.6-150300.22.50.1
    * libisccc1600-debuginfo-9.16.6-150300.22.50.1
    * bind-debuginfo-9.16.6-150300.22.50.1
    * libbind9-1600-debuginfo-9.16.6-150300.22.50.1
    * bind-9.16.6-150300.22.50.1
    * libisc1606-debuginfo-9.16.6-150300.22.50.1
    * libisccfg1600-debuginfo-9.16.6-150300.22.50.1
    * libdns1605-9.16.6-150300.22.50.1
    * bind-utils-9.16.6-150300.22.50.1
    * bind-utils-debuginfo-9.16.6-150300.22.50.1
    * libns1604-debuginfo-9.16.6-150300.22.50.1
    * libdns1605-debuginfo-9.16.6-150300.22.50.1
    * bind-chrootenv-9.16.6-150300.22.50.1
    * libisccfg1600-9.16.6-150300.22.50.1
    * bind-debugsource-9.16.6-150300.22.50.1
  * SUSE Enterprise Storage 7.1 (noarch)
    * python3-bind-9.16.6-150300.22.50.1
    * bind-doc-9.16.6-150300.22.50.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-11187.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236596

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250211/fabe2e34/attachment.htm>

From null at suse.de  Tue Feb 11 12:34:03 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Tue, 11 Feb 2025 12:34:03 -0000
Subject: SUSE-SU-2025:0424-1: moderate: Security update for python3-numpy
Message-ID: <173927724364.21757.13292767088887448939@smelt2.prg2.suse.org>



# Security update for python3-numpy

Announcement ID: SUSE-SU-2025:0424-1  
Release Date: 2025-02-11T10:31:20Z  
Rating: moderate  
References:

  * bsc#1193911
  * bsc#1236787

  
Cross-References:

  * CVE-2021-41495

  
CVSS scores:

  * CVE-2021-41495 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2021-41495 ( NVD ):  5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * HPC Module 15-SP6
  * openSUSE Leap 15.4
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Package Hub 15 15-SP6

  
  
An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for python3-numpy fixes the following issues:

  * CVE-2021-41495: missing return value validation can lead to null pointer
    dereference. (bsc#1193911)

Other bug fixes:

  * Correction of advance in PCG with emulated int128.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-424=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-424=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-424=1

  * HPC Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-HPC-15-SP6-2025-424=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-424=1

## Package List:

  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * python3-numpy-debuginfo-1.17.3-150400.31.1
    * python3-numpy-debugsource-1.17.3-150400.31.1
    * python3-numpy-devel-1.17.3-150400.31.1
    * python3-numpy-1.17.3-150400.31.1
    * python3-numpy-gnu-hpc-1.17.3-150400.31.1
    * python-numpy_1_17_3-gnu-hpc-debugsource-1.17.3-150400.31.1
    * python3-numpy_1_17_3-gnu-hpc-devel-1.17.3-150400.31.1
    * python3-numpy_1_17_3-gnu-hpc-1.17.3-150400.31.1
    * python3-numpy-gnu-hpc-devel-1.17.3-150400.31.1
    * python3-numpy_1_17_3-gnu-hpc-debuginfo-1.17.3-150400.31.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * python3-numpy-debuginfo-1.17.3-150400.31.1
    * python3-numpy-devel-1.17.3-150400.31.1
    * python3-numpy-debugsource-1.17.3-150400.31.1
    * python3-numpy-1.17.3-150400.31.1
    * python3-numpy-gnu-hpc-1.17.3-150400.31.1
    * python-numpy_1_17_3-gnu-hpc-debugsource-1.17.3-150400.31.1
    * python3-numpy_1_17_3-gnu-hpc-devel-1.17.3-150400.31.1
    * python3-numpy_1_17_3-gnu-hpc-1.17.3-150400.31.1
    * python3-numpy-gnu-hpc-devel-1.17.3-150400.31.1
    * python3-numpy_1_17_3-gnu-hpc-debuginfo-1.17.3-150400.31.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * python3-numpy-debugsource-1.17.3-150400.31.1
    * python3-numpy-devel-1.17.3-150400.31.1
    * python3-numpy-1.17.3-150400.31.1
    * python3-numpy-debuginfo-1.17.3-150400.31.1
  * HPC Module 15-SP6 (aarch64 x86_64)
    * python3-numpy-gnu-hpc-1.17.3-150400.31.1
    * python-numpy_1_17_3-gnu-hpc-debugsource-1.17.3-150400.31.1
    * python3-numpy_1_17_3-gnu-hpc-devel-1.17.3-150400.31.1
    * python3-numpy_1_17_3-gnu-hpc-1.17.3-150400.31.1
    * python3-numpy-gnu-hpc-devel-1.17.3-150400.31.1
    * python3-numpy_1_17_3-gnu-hpc-debuginfo-1.17.3-150400.31.1
  * SUSE Package Hub 15 15-SP6 (ppc64le s390x)
    * python3-numpy-gnu-hpc-1.17.3-150400.31.1
    * python-numpy_1_17_3-gnu-hpc-debugsource-1.17.3-150400.31.1
    * python3-numpy_1_17_3-gnu-hpc-devel-1.17.3-150400.31.1
    * python3-numpy_1_17_3-gnu-hpc-1.17.3-150400.31.1
    * python3-numpy-gnu-hpc-devel-1.17.3-150400.31.1
    * python3-numpy_1_17_3-gnu-hpc-debuginfo-1.17.3-150400.31.1

## References:

  * https://www.suse.com/security/cve/CVE-2021-41495.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1193911
  * https://bugzilla.suse.com/show_bug.cgi?id=1236787

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250211/f7f5a4b1/attachment.htm>

From null at suse.de  Tue Feb 11 12:33:49 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Tue, 11 Feb 2025 12:33:49 -0000
Subject: SUSE-SU-2025:0428-1: important: Security update for the Linux Kernel
Message-ID: <173927722983.21757.7161535231305420528@smelt2.prg2.suse.org>



# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2025:0428-1  
Release Date: 2025-02-11T10:40:12Z  
Rating: important  
References:

  * bsc#1012628
  * bsc#1194869
  * bsc#1215199
  * bsc#1216813
  * bsc#1218470
  * bsc#1220711
  * bsc#1221326
  * bsc#1222803
  * bsc#1224049
  * bsc#1225897
  * bsc#1226980
  * bsc#1228592
  * bsc#1229833
  * bsc#1231016
  * bsc#1232087
  * bsc#1232101
  * bsc#1232158
  * bsc#1232161
  * bsc#1232421
  * bsc#1232882
  * bsc#1233055
  * bsc#1233112
  * bsc#1233221
  * bsc#1233248
  * bsc#1233259
  * bsc#1233260
  * bsc#1233488
  * bsc#1233522
  * bsc#1233638
  * bsc#1233642
  * bsc#1233778
  * bsc#1234195
  * bsc#1234619
  * bsc#1234635
  * bsc#1234683
  * bsc#1234693
  * bsc#1234726
  * bsc#1234825
  * bsc#1234863
  * bsc#1234887
  * bsc#1234888
  * bsc#1234893
  * bsc#1234898
  * bsc#1234901
  * bsc#1234906
  * bsc#1234923
  * bsc#1234931
  * bsc#1234934
  * bsc#1234947
  * bsc#1234957
  * bsc#1235000
  * bsc#1235001
  * bsc#1235011
  * bsc#1235031
  * bsc#1235032
  * bsc#1235035
  * bsc#1235037
  * bsc#1235038
  * bsc#1235039
  * bsc#1235040
  * bsc#1235042
  * bsc#1235043
  * bsc#1235046
  * bsc#1235050
  * bsc#1235051
  * bsc#1235053
  * bsc#1235054
  * bsc#1235057
  * bsc#1235059
  * bsc#1235061
  * bsc#1235065
  * bsc#1235070
  * bsc#1235073
  * bsc#1235100
  * bsc#1235112
  * bsc#1235115
  * bsc#1235117
  * bsc#1235122
  * bsc#1235123
  * bsc#1235125
  * bsc#1235132
  * bsc#1235133
  * bsc#1235155
  * bsc#1235160
  * bsc#1235217
  * bsc#1235219
  * bsc#1235220
  * bsc#1235222
  * bsc#1235223
  * bsc#1235224
  * bsc#1235227
  * bsc#1235230
  * bsc#1235241
  * bsc#1235249
  * bsc#1235251
  * bsc#1235252
  * bsc#1235389
  * bsc#1235390
  * bsc#1235391
  * bsc#1235406
  * bsc#1235410
  * bsc#1235412
  * bsc#1235413
  * bsc#1235415
  * bsc#1235416
  * bsc#1235417
  * bsc#1235418
  * bsc#1235423
  * bsc#1235424
  * bsc#1235425
  * bsc#1235426
  * bsc#1235427
  * bsc#1235428
  * bsc#1235429
  * bsc#1235430
  * bsc#1235433
  * bsc#1235437
  * bsc#1235439
  * bsc#1235444
  * bsc#1235445
  * bsc#1235449
  * bsc#1235451
  * bsc#1235454
  * bsc#1235458
  * bsc#1235459
  * bsc#1235464
  * bsc#1235466
  * bsc#1235473
  * bsc#1235479
  * bsc#1235480
  * bsc#1235483
  * bsc#1235486
  * bsc#1235487
  * bsc#1235488
  * bsc#1235489
  * bsc#1235491
  * bsc#1235494
  * bsc#1235495
  * bsc#1235496
  * bsc#1235497
  * bsc#1235498
  * bsc#1235500
  * bsc#1235502
  * bsc#1235503
  * bsc#1235519
  * bsc#1235520
  * bsc#1235521
  * bsc#1235523
  * bsc#1235526
  * bsc#1235528
  * bsc#1235532
  * bsc#1235533
  * bsc#1235534
  * bsc#1235537
  * bsc#1235538
  * bsc#1235545
  * bsc#1235552
  * bsc#1235555
  * bsc#1235557
  * bsc#1235563
  * bsc#1235564
  * bsc#1235565
  * bsc#1235568
  * bsc#1235570
  * bsc#1235571
  * bsc#1235577
  * bsc#1235578
  * bsc#1235582
  * bsc#1235583
  * bsc#1235584
  * bsc#1235587
  * bsc#1235611
  * bsc#1235612
  * bsc#1235616
  * bsc#1235622
  * bsc#1235627
  * bsc#1235632
  * bsc#1235635
  * bsc#1235638
  * bsc#1235641
  * bsc#1235643
  * bsc#1235645
  * bsc#1235646
  * bsc#1235647
  * bsc#1235650
  * bsc#1235653
  * bsc#1235656
  * bsc#1235657
  * bsc#1235663
  * bsc#1235686
  * bsc#1235700
  * bsc#1235705
  * bsc#1235707
  * bsc#1235708
  * bsc#1235710
  * bsc#1235714
  * bsc#1235716
  * bsc#1235720
  * bsc#1235723
  * bsc#1235727
  * bsc#1235730
  * bsc#1235737
  * bsc#1235739
  * bsc#1235745
  * bsc#1235747
  * bsc#1235750
  * bsc#1235753
  * bsc#1235759
  * bsc#1235764
  * bsc#1235768
  * bsc#1235776
  * bsc#1235777
  * bsc#1235778
  * bsc#1235779
  * bsc#1235793
  * bsc#1235798
  * bsc#1235806
  * bsc#1235808
  * bsc#1235812
  * bsc#1235814
  * bsc#1235818
  * bsc#1235842
  * bsc#1235865
  * bsc#1235874
  * bsc#1235894
  * bsc#1235902
  * bsc#1235903
  * bsc#1235906
  * bsc#1235918
  * bsc#1235919
  * bsc#1235920
  * bsc#1235924
  * bsc#1235940
  * bsc#1235941
  * bsc#1235946
  * bsc#1235948
  * bsc#1235952
  * bsc#1235964
  * bsc#1235965
  * bsc#1235967
  * bsc#1235969
  * bsc#1235976
  * bsc#1235977
  * bsc#1236078
  * bsc#1236080
  * bsc#1236082
  * bsc#1236088
  * bsc#1236090
  * bsc#1236091
  * bsc#1236096
  * bsc#1236097
  * bsc#1236098
  * bsc#1236101
  * bsc#1236102
  * bsc#1236104
  * bsc#1236106
  * bsc#1236120
  * bsc#1236125
  * bsc#1236127
  * bsc#1236131
  * bsc#1236138
  * bsc#1236143
  * bsc#1236144
  * bsc#1236145
  * bsc#1236160
  * bsc#1236161
  * bsc#1236163
  * bsc#1236168
  * bsc#1236178
  * bsc#1236180
  * bsc#1236181
  * bsc#1236182
  * bsc#1236190
  * bsc#1236192
  * bsc#1236198
  * bsc#1236227
  * bsc#1236245
  * bsc#1236247
  * bsc#1236248
  * bsc#1236260
  * bsc#1236262
  * bsc#1236628
  * bsc#1236688
  * bsc#1236696
  * bsc#1236698
  * bsc#1236703
  * bsc#1236732
  * bsc#1236733
  * bsc#1236757
  * bsc#1236758
  * bsc#1236760

  
Cross-References:

  * CVE-2023-52489
  * CVE-2023-52923
  * CVE-2024-36476
  * CVE-2024-39282
  * CVE-2024-43913
  * CVE-2024-45828
  * CVE-2024-46896
  * CVE-2024-47141
  * CVE-2024-47143
  * CVE-2024-47809
  * CVE-2024-48873
  * CVE-2024-48881
  * CVE-2024-49569
  * CVE-2024-49948
  * CVE-2024-49951
  * CVE-2024-49978
  * CVE-2024-49998
  * CVE-2024-50051
  * CVE-2024-50106
  * CVE-2024-50151
  * CVE-2024-50199
  * CVE-2024-50251
  * CVE-2024-50258
  * CVE-2024-50299
  * CVE-2024-50304
  * CVE-2024-52332
  * CVE-2024-53091
  * CVE-2024-53095
  * CVE-2024-53164
  * CVE-2024-53168
  * CVE-2024-53170
  * CVE-2024-53172
  * CVE-2024-53175
  * CVE-2024-53185
  * CVE-2024-53187
  * CVE-2024-53194
  * CVE-2024-53195
  * CVE-2024-53196
  * CVE-2024-53197
  * CVE-2024-53198
  * CVE-2024-53203
  * CVE-2024-53227
  * CVE-2024-53230
  * CVE-2024-53231
  * CVE-2024-53232
  * CVE-2024-53233
  * CVE-2024-53236
  * CVE-2024-53239
  * CVE-2024-53685
  * CVE-2024-53690
  * CVE-2024-54680
  * CVE-2024-55639
  * CVE-2024-55881
  * CVE-2024-55916
  * CVE-2024-56369
  * CVE-2024-56372
  * CVE-2024-56531
  * CVE-2024-56532
  * CVE-2024-56533
  * CVE-2024-56538
  * CVE-2024-56543
  * CVE-2024-56546
  * CVE-2024-56548
  * CVE-2024-56557
  * CVE-2024-56558
  * CVE-2024-56568
  * CVE-2024-56569
  * CVE-2024-56570
  * CVE-2024-56571
  * CVE-2024-56572
  * CVE-2024-56573
  * CVE-2024-56574
  * CVE-2024-56575
  * CVE-2024-56577
  * CVE-2024-56578
  * CVE-2024-56584
  * CVE-2024-56587
  * CVE-2024-56588
  * CVE-2024-56589
  * CVE-2024-56590
  * CVE-2024-56593
  * CVE-2024-56594
  * CVE-2024-56595
  * CVE-2024-56596
  * CVE-2024-56597
  * CVE-2024-56598
  * CVE-2024-56600
  * CVE-2024-56601
  * CVE-2024-56602
  * CVE-2024-56603
  * CVE-2024-56606
  * CVE-2024-56607
  * CVE-2024-56608
  * CVE-2024-56609
  * CVE-2024-56610
  * CVE-2024-56611
  * CVE-2024-56614
  * CVE-2024-56615
  * CVE-2024-56616
  * CVE-2024-56617
  * CVE-2024-56619
  * CVE-2024-56620
  * CVE-2024-56622
  * CVE-2024-56623
  * CVE-2024-56625
  * CVE-2024-56629
  * CVE-2024-56630
  * CVE-2024-56631
  * CVE-2024-56632
  * CVE-2024-56634
  * CVE-2024-56635
  * CVE-2024-56636
  * CVE-2024-56637
  * CVE-2024-56641
  * CVE-2024-56642
  * CVE-2024-56643
  * CVE-2024-56644
  * CVE-2024-56648
  * CVE-2024-56649
  * CVE-2024-56650
  * CVE-2024-56651
  * CVE-2024-56654
  * CVE-2024-56656
  * CVE-2024-56659
  * CVE-2024-56660
  * CVE-2024-56661
  * CVE-2024-56662
  * CVE-2024-56663
  * CVE-2024-56664
  * CVE-2024-56665
  * CVE-2024-56670
  * CVE-2024-56672
  * CVE-2024-56675
  * CVE-2024-56677
  * CVE-2024-56678
  * CVE-2024-56679
  * CVE-2024-56681
  * CVE-2024-56683
  * CVE-2024-56687
  * CVE-2024-56688
  * CVE-2024-56690
  * CVE-2024-56691
  * CVE-2024-56693
  * CVE-2024-56694
  * CVE-2024-56698
  * CVE-2024-56700
  * CVE-2024-56701
  * CVE-2024-56704
  * CVE-2024-56705
  * CVE-2024-56707
  * CVE-2024-56708
  * CVE-2024-56709
  * CVE-2024-56712
  * CVE-2024-56715
  * CVE-2024-56716
  * CVE-2024-56722
  * CVE-2024-56723
  * CVE-2024-56724
  * CVE-2024-56725
  * CVE-2024-56726
  * CVE-2024-56727
  * CVE-2024-56728
  * CVE-2024-56729
  * CVE-2024-56739
  * CVE-2024-56741
  * CVE-2024-56745
  * CVE-2024-56746
  * CVE-2024-56747
  * CVE-2024-56748
  * CVE-2024-56759
  * CVE-2024-56760
  * CVE-2024-56763
  * CVE-2024-56765
  * CVE-2024-56766
  * CVE-2024-56767
  * CVE-2024-56769
  * CVE-2024-56774
  * CVE-2024-56775
  * CVE-2024-56776
  * CVE-2024-56777
  * CVE-2024-56778
  * CVE-2024-56779
  * CVE-2024-56780
  * CVE-2024-56787
  * CVE-2024-57791
  * CVE-2024-57792
  * CVE-2024-57793
  * CVE-2024-57795
  * CVE-2024-57798
  * CVE-2024-57801
  * CVE-2024-57802
  * CVE-2024-57804
  * CVE-2024-57809
  * CVE-2024-57838
  * CVE-2024-57849
  * CVE-2024-57850
  * CVE-2024-57857
  * CVE-2024-57874
  * CVE-2024-57876
  * CVE-2024-57884
  * CVE-2024-57887
  * CVE-2024-57888
  * CVE-2024-57890
  * CVE-2024-57892
  * CVE-2024-57893
  * CVE-2024-57896
  * CVE-2024-57897
  * CVE-2024-57899
  * CVE-2024-57903
  * CVE-2024-57904
  * CVE-2024-57906
  * CVE-2024-57907
  * CVE-2024-57908
  * CVE-2024-57910
  * CVE-2024-57911
  * CVE-2024-57912
  * CVE-2024-57913
  * CVE-2024-57915
  * CVE-2024-57916
  * CVE-2024-57917
  * CVE-2024-57922
  * CVE-2024-57926
  * CVE-2024-57929
  * CVE-2024-57931
  * CVE-2024-57932
  * CVE-2024-57933
  * CVE-2024-57935
  * CVE-2024-57936
  * CVE-2024-57938
  * CVE-2024-57940
  * CVE-2024-57946
  * CVE-2025-21632
  * CVE-2025-21645
  * CVE-2025-21646
  * CVE-2025-21649
  * CVE-2025-21650
  * CVE-2025-21651
  * CVE-2025-21652
  * CVE-2025-21653
  * CVE-2025-21655
  * CVE-2025-21656
  * CVE-2025-21662
  * CVE-2025-21663
  * CVE-2025-21664
  * CVE-2025-21674
  * CVE-2025-21676
  * CVE-2025-21678
  * CVE-2025-21682

  
CVSS scores:

  * CVE-2023-52489 ( SUSE ):  5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-52923 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2023-52923 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-36476 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-36476 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-36476 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-39282 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-39282 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-43913 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-43913 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
  * CVE-2024-43913 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-45828 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-45828 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-45828 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-46896 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-46896 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47141 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47141 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47141 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47143 ( SUSE ):  5.6
    CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47143 ( SUSE ):  4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47143 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47809 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47809 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47809 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-48873 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-48873 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-48873 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-48881 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-48881 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-48881 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49569 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-49569 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49948 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49948 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49951 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49951 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49978 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49978 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49998 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49998 ( NVD ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50051 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-50051 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50051 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50051 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50106 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50106 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50106 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50151 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-50151 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2024-50151 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50199 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50251 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-50251 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50251 ( NVD ):  6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50258 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-50258 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50258 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50299 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50299 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50304 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50304 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-52332 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-52332 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53091 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53091 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53095 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53095 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53164 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53164 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53168 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53168 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53168 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53168 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53170 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53170 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53170 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53170 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53172 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53172 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53175 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-53175 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-53175 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53185 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53185 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53185 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53185 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53187 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-53187 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
  * CVE-2024-53187 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53194 ( SUSE ):  5.4
    CVSS:4.0/AV:P/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53194 ( SUSE ):  6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53195 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-53195 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-53196 ( SUSE ):  0.0
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-53196 ( SUSE ):  0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N
  * CVE-2024-53197 ( SUSE ):  5.6
    CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-53197 ( SUSE ):  4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-53198 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-53198 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-53203 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53203 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
  * CVE-2024-53203 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53227 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53227 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53227 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53230 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53230 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53230 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53231 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53231 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53231 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53232 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53232 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53232 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53232 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53233 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53233 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53236 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53236 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53239 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53239 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53239 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53239 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53685 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53685 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53690 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53690 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54680 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-54680 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54680 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54680 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-55639 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-55639 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-55881 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-55881 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-55916 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-55916 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-55916 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56369 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56369 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56369 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56372 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56372 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56531 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56531 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56532 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56532 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56533 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56533 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56538 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56538 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56538 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56543 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56543 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56546 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56546 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56548 ( SUSE ):  8.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56548 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56557 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56557 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56558 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56558 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56568 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56568 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56568 ( NVD ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56569 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56569 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56569 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56570 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56570 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56571 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56571 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56572 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56572 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56572 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56573 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56573 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56574 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56574 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56574 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56575 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56575 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56575 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56577 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56577 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56577 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56578 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56578 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56578 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56584 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56584 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56587 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56587 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56587 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56588 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56588 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56588 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56589 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56589 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56590 ( SUSE ):  6.9
    CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56590 ( SUSE ):  5.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56593 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56593 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56593 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56594 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56594 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56595 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56595 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56595 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56596 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56596 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56596 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56597 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56597 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-56598 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56598 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56598 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56600 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56601 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56602 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56602 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56602 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56603 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56603 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56603 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56606 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56606 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56606 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56607 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56607 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56608 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56608 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56608 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56609 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56609 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56610 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56610 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56611 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56611 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56611 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56614 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56614 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56614 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56615 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56615 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56615 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56616 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56616 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56617 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56617 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56617 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56619 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56619 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56620 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56620 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56620 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56622 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56622 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56622 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56623 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56623 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56623 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56625 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56625 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56629 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56629 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56629 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56630 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56630 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56631 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56631 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56631 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56632 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56632 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56632 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56634 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56634 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56634 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56635 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56635 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56635 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56635 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56636 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56636 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  * CVE-2024-56637 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56637 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56641 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56641 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56642 ( SUSE ):  7.5
    CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56642 ( SUSE ):  7.1 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56642 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56643 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56643 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56643 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56644 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56644 ( SUSE ):  2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56648 ( SUSE ):  8.6
    CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56648 ( SUSE ):  8.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56648 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56649 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56649 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56649 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56650 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56650 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56650 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-56651 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56651 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56651 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56654 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56654 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56654 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56656 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56656 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56656 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56659 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56659 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56659 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56660 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56660 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56660 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56661 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56661 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56661 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56662 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56662 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
  * CVE-2024-56662 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-56663 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56663 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
  * CVE-2024-56663 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-56664 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56664 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56664 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56665 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56665 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56665 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56670 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56670 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56670 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56672 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56672 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56672 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56672 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56675 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56675 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56675 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56675 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56677 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56677 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56678 ( SUSE ):  8.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56678 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56679 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56679 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56681 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56681 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  * CVE-2024-56683 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56683 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56687 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56687 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56687 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56688 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56688 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56688 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56690 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56690 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56691 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56691 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56693 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56693 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56693 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56694 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56694 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56694 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56698 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56698 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56698 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56700 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56700 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56701 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56701 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56704 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56704 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56704 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56705 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56705 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56707 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56707 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56708 ( SUSE ):  8.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56708 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56708 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56709 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56709 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56712 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56712 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56712 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56715 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56715 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56715 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56716 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56716 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56716 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56722 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56722 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56722 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56723 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56723 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56723 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56724 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56724 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56724 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56725 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56725 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56725 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56726 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56726 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56726 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56727 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56727 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56727 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56728 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56728 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56728 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56729 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56729 ( SUSE ):  2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56729 ( NVD ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56739 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56739 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56739 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56741 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56741 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56741 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56745 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56745 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56745 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56746 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56746 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56746 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56747 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56747 ( SUSE ):  2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56747 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56748 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56748 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56748 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56759 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56759 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56760 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56760 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56760 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56763 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56763 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56763 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56765 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56765 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56765 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56766 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56766 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56766 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56767 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56767 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56767 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56769 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56769 ( SUSE ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-56769 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56774 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56774 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56774 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56775 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56775 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56775 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56776 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56776 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56776 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56777 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56777 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56777 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56778 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56778 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56778 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56779 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56779 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56779 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56780 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56780 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56780 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56787 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56787 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56787 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57791 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57791 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57792 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57792 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57793 ( SUSE ):  6.2
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H
  * CVE-2024-57793 ( SUSE ):  8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:H
  * CVE-2024-57795 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57795 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57798 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57798 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57798 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57801 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57801 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57801 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57802 ( SUSE ):  2.1
    CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-57802 ( SUSE ):  4.6 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
  * CVE-2024-57802 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57804 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57804 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2024-57809 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57809 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57838 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57838 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57849 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57849 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57850 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57850 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57857 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57857 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57874 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57874 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57874 ( NVD ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
  * CVE-2024-57876 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57876 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57884 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57884 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57887 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57887 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57887 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57888 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57888 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57890 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57890 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
  * CVE-2024-57890 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57892 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57892 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57892 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57893 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57893 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57896 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57896 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57896 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57897 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57897 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57899 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57899 ( SUSE ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-57903 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57903 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57904 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57904 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57906 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57906 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57907 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57907 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57908 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57908 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57908 ( SUSE ):  3.3 AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57910 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57910 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57910 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-57911 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57911 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-57912 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57912 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57913 ( SUSE ):  0.0
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57913 ( SUSE ):  0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N
  * CVE-2024-57915 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57915 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57915 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57916 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57916 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57917 ( SUSE ):  5.6
    CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57917 ( SUSE ):  4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57922 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57922 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57926 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57926 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57926 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57929 ( SUSE ):  8.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57929 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57931 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57931 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57932 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57932 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57933 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57933 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57933 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57935 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57935 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57936 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57936 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57938 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57938 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57938 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57940 ( SUSE ):  5.6
    CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57940 ( SUSE ):  4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57940 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57946 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57946 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21632 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21632 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21645 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21645 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21646 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21646 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21649 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21649 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21649 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21650 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21650 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21651 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21651 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21652 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21652 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-21652 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-21652 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-21653 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-21653 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  * CVE-2025-21655 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21655 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21656 ( SUSE ):  1.0
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-21656 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:L
  * CVE-2025-21662 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21662 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21663 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21663 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21664 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21664 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21674 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21674 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21674 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21676 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21676 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21676 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21678 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21678 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21682 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21682 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21682 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * openSUSE Leap 15.6
  * Public Cloud Module 15-SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves 248 vulnerabilities and has 43 security fixes can now be
installed.

## Description:

The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various
security bugfixes.

The following security bugs were fixed:

  * CVE-2023-52489: mm/sparsemem: fix race in accessing memory_section->usage
    (bsc#1221326).
  * CVE-2024-45828: i3c: mipi-i3c-hci: Mask ring interrupts before ring stop
    request (bsc#1235705).
  * CVE-2024-48881: bcache: revert replacing IS_ERR_OR_NULL with IS_ERR again
    (bsc#1235727).
  * CVE-2024-49948: net: add more sanity checks to qdisc_pkt_len_init()
    (bsc#1232161).
  * CVE-2024-49951: Bluetooth: MGMT: Fix possible crash on mgmt_index_removed
    (bsc#1232158).
  * CVE-2024-49978: gso: fix udp gso fraglist segmentation after pull from
    frag_list (bsc#1232101).
  * CVE-2024-49998: net: dsa: improve shutdown sequence (bsc#1232087).
  * CVE-2024-50151: smb: client: fix OOBs when building SMB2_IOCTL request
    (bsc#1233055).
  * CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unuse_vma (bsc#1233112).
  * CVE-2024-50251: netfilter: nft_payload: sanitize offset and length before
    calling skb_checksum() (bsc#1233248).
  * CVE-2024-50258: net: fix crash when config small
    gso_max_size/gso_ipv4_max_size (bsc#1233221).
  * CVE-2024-50299: sctp: properly validate chunk size in sctp_sf_ootb()
    (bsc#1233488).
  * CVE-2024-50304: ipv4: ip_tunnel: Fix suspicious RCU usage warning in
    ip_tunnel_find() (bsc#1233522).
  * CVE-2024-53091: bpf: Add sk_is_inet and IS_ICSK check in
    tls_sw_has_ctx_tx/rx (bsc#1233638).
  * CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1234863).
  * CVE-2024-53170: block: fix uaf for flush rq while iterating tags
    (bsc#1234888).
  * CVE-2024-53172: ubi: fastmap: Fix duplicate slab cache names while attaching
    (bsc#1234898).
  * CVE-2024-53175: ipc: fix memleak if msg_init_ns failed in create_ipc_ns
    (bsc#1234893).
  * CVE-2024-53185: smb: client: fix NULL ptr deref in crypto_aead_setkey()
    (bsc#1234901).
  * CVE-2024-53187: io_uring: check for overflows in io_pin_pages (bsc#1234947).
  * CVE-2024-53195: KVM: arm64: Get rid of userspace_irqchip_in_use
    (bsc#1234957).
  * CVE-2024-53196: KVM: arm64: Do not retire aborted MMIO instruction
    (bsc#1234906).
  * CVE-2024-53198: xen: Fix the issue of resource not being properly released
    in xenbus_dev_probe() (bsc#1234923).
  * CVE-2024-53203: usb: typec: fix potential array underflow in
    ucsi_ccg_sync_control() (bsc#1235001).
  * CVE-2024-53227: scsi: bfa: Fix use-after-free in bfad_im_module_exit()
    (bsc#1235011).
  * CVE-2024-53232: iommu/s390: Implement blocking domain (bsc#1235050).
  * CVE-2024-53236: xsk: Free skb when TX metadata options are invalid
    (bsc#1235000).
  * CVE-2024-53685: ceph: give up on paths longer than PATH_MAX (bsc#1235720).
  * CVE-2024-55639: net: renesas: rswitch: avoid use-after-put for a device tree
    node (bsc#1235737).
  * CVE-2024-55881: KVM: x86: Play nice with protected guests in
    complete_hypercall_exit() (bsc#1235745).
  * CVE-2024-56372: net: tun: fix tun_napi_alloc_frags() (bsc#1235753).
  * CVE-2024-56568: iommu/arm-smmu: Defer probe of clients after smmu device
    bound (bsc#1235032).
  * CVE-2024-56569: ftrace: Fix regression with module command in
    stack_trace_filter (bsc#1235031).
  * CVE-2024-56570: ovl: Filter invalid inodes with missing lookup function
    (bsc#1235035).
  * CVE-2024-56588: scsi: hisi_sas: Create all dump files during debugfs
    initialization (bsc#1235123).
  * CVE-2024-56589: scsi: hisi_sas: Add cond_resched() for no forced preemption
    model (bsc#1235241).
  * CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in
    inet6_create() (bsc#1235217).
  * CVE-2024-56601: net: inet: do not leave a dangling sk pointer in
    inet_create() (bsc#1235230).
  * CVE-2024-56602: net: ieee802154: do not leave a dangling sk pointer in
    ieee802154_create() (bsc#1235521).
  * CVE-2024-56603: net: af_can: do not leave a dangling sk pointer in
    can_create() (bsc#1235415).
  * CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error
    in l2cap_sock_create() (bsc#1235061).
  * CVE-2024-56608: drm/amd/display: Fix out-of-bounds access in
    'dcn21_link_encoder_create' (bsc#1235487).
  * CVE-2024-56610: kcsan: Turn report_filterlist_lock into a raw_spinlock
    (bsc#1235390).
  * CVE-2024-56611: mm/mempolicy: fix migrate_to_node() assuming there is at
    least one VMA in a MM (bsc#1235391).
  * CVE-2024-56614: xsk: fix OOB map writes when deleting elements
    (bsc#1235424).
  * CVE-2024-56615: bpf: fix OOB devmap writes when deleting elements
    (bsc#1235426).
  * CVE-2024-56617: cacheinfo: Allocate memory during CPU hotplug if not done
    from the primary CPU (bsc#1235429).
  * CVE-2024-56620: scsi: ufs: qcom: Only free platform MSIs when ESI is enabled
    (bsc#1235227).
  * CVE-2024-56622: scsi: ufs: core: sysfs: Prevent div by zero (bsc#1235251).
  * CVE-2024-56631: scsi: sg: Fix slab-use-after-free read in sg_release()
    (bsc#1235480).
  * CVE-2024-56635: net: avoid potential UAF in default_operstate()
    (bsc#1235519).
  * CVE-2024-56636: geneve: do not assume mac header is set in geneve_xmit_skb()
    (bsc#1235520).
  * CVE-2024-56637: netfilter: ipset: Hold module reference while requesting a
    module (bsc#1235523).
  * CVE-2024-56641: net/smc: initialize close_work early to avoid warning
    (bsc#1235526).
  * CVE-2024-56643: dccp: Fix memory leak in dccp_feat_change_recv
    (bsc#1235132).
  * CVE-2024-56648: net: hsr: avoid potential out-of-bound access in
    fill_frame_info() (bsc#1235451).
  * CVE-2024-56649: net: enetc: Do not configure preemptible TCs if SIs do not
    support (bsc#1235449).
  * CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check()
    (bsc#1235430).
  * CVE-2024-56656: bnxt_en: Fix aggregation ID mask to prevent oops on 5760X
    chips (bsc#1235444).
  * CVE-2024-56659: net: lapb: increase LAPB_HEADER_LEN (bsc#1235439).
  * CVE-2024-56660: net/mlx5: DR, prevent potential error pointer dereference
    (bsc#1235437).
  * CVE-2024-56664: bpf, sockmap: Fix race between element replace and close()
    (bsc#1235249).
  * CVE-2024-56665: bpf,perf: Fix invalid prog_array access in
    perf_event_detach_bpf_prog (bsc#1235489).
  * CVE-2024-56675: bpf: Fix UAF via mismatching bpf_prog/attachment RCU flavors
    (bsc#1235555).
  * CVE-2024-56679: octeontx2-pf: handle otx2_mbox_get_rsp errors in
    otx2_common.c (bsc#1235498).
  * CVE-2024-56693: brd: defer automatic disk creation until module
    initialization succeeds (bsc#1235418).
  * CVE-2024-56694: bpf: fix recursive lock when verdict program return SK_PASS
    (bsc#1235412).
  * CVE-2024-56704: 9p/xen: fix release of IRQ (bsc#1235584).
  * CVE-2024-56707: octeontx2-pf: handle otx2_mbox_get_rsp errors in
    otx2_dmac_flt.c (bsc#1235545).
  * CVE-2024-56708: EDAC/igen6: Avoid segmentation fault on module unload
    (bsc#1235564).
  * CVE-2024-56712: udmabuf: fix memory leak on last export_udmabuf() error path
    (bsc#1235565).
  * CVE-2024-56715: ionic: Fix netdev notifier unregister on failure
    (bsc#1235612).
  * CVE-2024-56716: netdevsim: prevent bad user input in
    nsim_dev_health_break_write() (bsc#1235587).
  * CVE-2024-56725: octeontx2-pf: handle otx2_mbox_get_rsp errors in
    otx2_dcbnl.c (bsc#1235578).
  * CVE-2024-56726: octeontx2-pf: handle otx2_mbox_get_rsp errors in cn10k.c
    (bsc#1235582).
  * CVE-2024-56727: octeontx2-pf: handle otx2_mbox_get_rsp errors in
    otx2_flows.c (bsc#1235583).
  * CVE-2024-56728: octeontx2-pf: handle otx2_mbox_get_rsp errors in
    otx2_ethtool.c (bsc#1235656).
  * CVE-2024-56729: smb: Initialize cfid->tcon before performing network ops
    (bsc#1235503).
  * CVE-2024-56747: scsi: qedi: Fix a possible memory leak in
    qedi_alloc_and_init_sb() (bsc#1234934).
  * CVE-2024-56748: scsi: qedf: Fix a possible memory leak in
    qedf_alloc_and_init_sb() (bsc#1235627).
  * CVE-2024-56759: btrfs: fix use-after-free when COWing tree bock and tracing
    is enabled (bsc#1235645).
  * CVE-2024-56763: tracing: Prevent bad count for tracing_cpumask_write
    (bsc#1235638).
  * CVE-2024-56774: btrfs: add a sanity check for btrfs root in
    btrfs_search_slot() (bsc#1235653).
  * CVE-2024-56775: drm/amd/display: Fix handling of plane refcount
    (bsc#1235657).
  * CVE-2024-57791: net/smc: check return value of sock_recvmsg when draining
    clc data (bsc#1235759).
  * CVE-2024-57793: virt: tdx-guest: Just leak decrypted memory on unrecoverable
    errors (bsc#1235768).
  * CVE-2024-57795: RDMA/rxe: Remove the direct link to net_device
    (bsc#1235906).
  * CVE-2024-57801: net/mlx5e: Skip restore TC rules for vport rep without
    loaded flag (bsc#1235940).
  * CVE-2024-57802: netrom: check buffer length before accessing it
    (bsc#1235941).
  * CVE-2024-57804: scsi: mpi3mr: Fix corrupt config pages PHY state is switched
    in sysfs (bsc#1235779).
  * CVE-2024-57809: PCI: imx6: Fix suspend/resume support on i.MX6QDL
    (bsc#1235793).
  * CVE-2024-57838: s390/entry: Mark IRQ entries to fix stack depot warnings
    (bsc#1235798).
  * CVE-2024-57857: RDMA/siw: Remove direct link to net_device (bsc#1235946).
  * CVE-2024-57884: mm: vmscan: account for free pages to prevent infinite Loop
    in throttle_direct_reclaim() (bsc#1235948).
  * CVE-2024-57892: ocfs2: fix slab-use-after-free due to dangling pointer
    dqi_priv (bsc#1235964).
  * CVE-2024-57896: btrfs: flush delalloc workers queue before stopping cleaner
    kthread during unmount (bsc#1235965).
  * CVE-2024-57903: net: restrict SO_REUSEPORT to inet sockets (bsc#1235967).
  * CVE-2024-57917: topology: Keep the cpumask unchanged when printing cpumap
    (bsc#1236127).
  * CVE-2024-57929: dm array: fix releasing a faulty array block twice in
    dm_array_cursor_end (bsc#1236096).
  * CVE-2024-57931: selinux: ignore unknown extended permissions (bsc#1236192).
  * CVE-2024-57932: gve: guard XDP xmit NDO on existence of xdp queues
    (bsc#1236190).
  * CVE-2024-57933: gve: guard XSK operations on the existence of queues
    (bsc#1236178).
  * CVE-2024-57938: net/sctp: Prevent autoclose integer overflow in
    sctp_association_init() (bsc#1236182).
  * CVE-2024-57946: virtio-blk: do not keep queue frozen during system suspend
    (bsc#1236247).
  * CVE-2025-21632: x86/fpu: Ensure shadow stack is active before "getting"
    registers (bsc#1236106).
  * CVE-2025-21649: net: hns3: fix kernel crash when 1588 is sent on HIP08
    devices (bsc#1236143).
  * CVE-2025-21650: net: hns3: fixed hclge_fetch_pf_reg accesses bar space out
    of bounds issue (bsc#1236144).
  * CVE-2025-21651: net: hns3: do not auto enable misc vector (bsc#1236145).
  * CVE-2025-21652: ipvlan: Fix use-after-free in ipvlan_get_iflink()
    (bsc#1236160).
  * CVE-2025-21653: net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute
    (bsc#1236161).
  * CVE-2025-21655: io_uring/eventfd: ensure io_eventfd_signal() defers another
    RCU period (bsc#1236163).
  * CVE-2025-21662: net/mlx5: Fix variable not being completed when function
    returns (bsc#1236198).
  * CVE-2025-21663: net: stmmac: dwmac-tegra: Read iommu stream id from device
    tree (bsc#1236260).
  * CVE-2025-21664: dm thin: make get_first_thin use rcu-safe list first
    function (bsc#1236262).
  * CVE-2025-21674: net/mlx5e: Fix inversion dependency warning while enabling
    IPsec tunnel (bsc#1236688).
  * CVE-2025-21676: net: fec: handle page_pool_dev_alloc_pages error
    (bsc#1236696).
  * CVE-2025-21678: gtp: Destroy device along with udp socket's netns dismantle
    (bsc#1236698).
  * CVE-2025-21682: eth: bnxt: always recalculate features after XDP clearing,
    fix null-deref (bsc#1236703).

The following non-security bugs were fixed:

  * ACPI/IORT: Add PMCG platform information for HiSilicon HIP09A (stable-
    fixes).
  * ACPI/IORT: Add PMCG platform information for HiSilicon HIP10/11 (stable-
    fixes).
  * ACPI: PCC: Add PCC shared memory region command and status bitfields
    (stable-fixes).
  * ACPI: fan: cleanup resources in the error path of .probe() (git-fixes).
  * ACPI: resource: Add Asus Vivobook X1504VAP to irq1_level_low_skip_override[]
    (stable-fixes).
  * ACPI: resource: Add TongFang GM5HG0A to irq1_edge_low_force_override[]
    (stable-fixes).
  * ACPI: resource: acpi_dev_irq_override(): Check DMI match last (stable-
    fixes).
  * ALSA: hda/realtek - Add support for ASUS Zen AIO 27 Z272SD_A272SD audio
    (stable-fixes).
  * ALSA: hda/realtek - Fixed headphone distorted sound on Acer Aspire A115-31
    laptop (git-fixes).
  * ALSA: hda/realtek: Add new alc2xx-fixup-headset-mic model (stable-fixes).
  * ALSA: hda/realtek: Add support for Ayaneo System using CS35L41 HDA (stable-
    fixes).
  * ALSA: hda/realtek: Add support for Galaxy Book2 Pro (NP950XEE) (stable-
    fixes).
  * ALSA: hda/realtek: Enable Mute LED on HP Laptop 14s-fq1xxx (stable-fixes).
  * ALSA: hda/realtek: Enable headset mic on Positivo C6400 (stable-fixes).
  * ALSA: hda/realtek: Workaround for resume on Dell Venue 11 Pro 7130
    (bsc#1235686).
  * ALSA: hda: Fix headset detection failure due to unstable sort (git-fixes).
  * ALSA: ump: Use guard() for locking (stable-fixes).
  * ALSA: usb-audio: Add delay quirk for USB Audio Device (stable-fixes).
  * ALSA: usb-audio: Add delay quirk for iBasso DC07 Pro (stable-fixes).
  * ASoC: Intel: avs: Fix theoretical infinite loop (git-fixes).
  * ASoC: acp: Support microphone from Lenovo Go S (stable-fixes).
  * ASoC: mediatek: disable buffer pre-allocation (stable-fixes).
  * ASoC: rockchip: i2s_tdm: Re-add the set_sysclk callback (git-fixes).
  * ASoC: rt722: add delay time to wait for the calibration procedure (stable-
    fixes).
  * ASoC: samsung: Add missing depends on I2C (git-fixes).
  * ASoC: samsung: Add missing selects for MFD_WM8994 (stable-fixes).
  * ASoC: sun4i-spdif: Add clock multiplier settings (git-fixes).
  * ASoC: wm8994: Add depends on MFD core (stable-fixes).
  * Bluetooth: Add support ITTIM PE50-M75C (stable-fixes).
  * Bluetooth: L2CAP: accept zero as a special value for MTU auto-selection
    (git-fixes).
  * Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc (git-fixes).
  * Bluetooth: MGMT: Fix Add Device to responding before completing (git-fixes).
  * Bluetooth: btnxpuart: Fix driver sending truncated data (git-fixes).
  * Bluetooth: btnxpuart: Fix glitches seen in dual A2DP streaming (git-fixes).
  * Bluetooth: btusb: Add USB HW IDs for MT7921/MT7922/MT7925 (stable-fixes).
  * Bluetooth: btusb: Add new VID/PID 0489/e111 for MT7925 (stable-fixes).
  * Bluetooth: btusb: Add new VID/PID 13d3/3602 for MT7925 (stable-fixes).
  * Bluetooth: btusb: add callback function in btusb suspend/resume (stable-
    fixes).
  * Bluetooth: btusb: mediatek: add callback function in btusb_disconnect
    (stable-fixes).
  * Bluetooth: hci_sync: Fix not setting Random Address when required (git-
    fixes).
  * EDAC/{i10nm,skx,skx_common}: Support UV systems (bsc#1234693).
  * HID: core: Fix assumption that Resolution Multipliers must be in Logical
    Collections (git-fixes).
  * HID: fix generic desktop D-Pad controls (git-fixes).
  * HID: hid-sensor-hub: do not use stale platform-data on remove (git-fixes).
  * HID: hid-thrustmaster: Fix warning in thrustmaster_probe by adding endpoint
    check (git-fixes).
  * HID: multitouch: fix support for Goodix PID 0x01e9 (git-fixes).
  * Input: atkbd - map F23 key to support default copilot shortcut (stable-
    fixes).
  * Input: bbnsm_pwrkey - add remove hook (git-fixes).
  * Input: bbnsm_pwrkey - fix missed key press after suspend (git-fixes).
  * Input: davinci-keyscan - remove leftover header (git-fixes).
  * Input: xpad - add QH Electronics VID/PID (stable-fixes).
  * Input: xpad - add support for Nacon Evol-X Xbox One Controller (stable-
    fixes).
  * Input: xpad - add support for Nacon Pro Compact (stable-fixes).
  * Input: xpad - add support for wooting two he (arm) (stable-fixes).
  * Input: xpad - add unofficial Xbox 360 wireless receiver clone (stable-
    fixes).
  * Input: xpad - improve name of 8BitDo controller 2dc8:3106 (stable-fixes).
  * KVM: SVM: Allow guest writes to set MSR_AMD64_DE_CFG bits (bsc#1234635).
  * KVM: s390: Reject KVM_SET_GSI_ROUTING on ucontrol VMs (git-fixes
    bsc#1235776).
  * KVM: s390: Reject setting flic pfault attributes on ucontrol VMs (git-fixes
    bsc#1235777).
  * KVM: s390: vsie: fix virtual/physical address in unpin_scb() (git-fixes
    bsc#1235778).
  * NFC: nci: Add bounds checking in nci_hci_create_pipe() (git-fixes).
  * NFSv4.2: fix COPY_NOTIFY xdr buf size calculation (git-fixes).
  * NFSv4.2: mark OFFLOAD_CANCEL MOVEABLE (git-fixes).
  * PCI: Avoid putting some root ports into D3 on TUXEDO Sirius Gen1 (git-
    fixes).
  * PCI: dwc: Always stop link in the dw_pcie_suspend_noirq (git-fixes).
  * PCI: dwc: ep: Prevent changing BAR size/flags in pci_epc_set_bar() (git-
    fixes).
  * PCI: dwc: ep: Write BAR_MASK before iATU registers in pci_epc_set_bar()
    (git-fixes).
  * PCI: endpoint: Destroy the EPC device in devm_pci_epc_destroy() (git-fixes).
  * PCI: endpoint: Finish virtual EP removal in pci_epf_remove_vepf() (git-
    fixes).
  * PCI: endpoint: pci-epf-test: Fix check for DMA MEMCPY test (git-fixes).
  * PCI: endpoint: pci-epf-test: Set dma_chan_rx pointer to NULL on error (git-
    fixes).
  * PCI: imx6: Deassert apps_reset in imx_pcie_deassert_core_reset() (git-
    fixes).
  * PCI: imx6: Skip controller_id generation logic for i.MX7D (git-fixes).
  * PCI: microchip: Set inbound address translation for coherent or non-coherent
    mode (git-fixes).
  * PCI: rcar-ep: Fix incorrect variable used when calling
    devm_request_mem_region() (git-fixes).
  * PM: hibernate: Add error handling for syscore_suspend() (git-fixes).
  * RDMA/bnxt_re: Add send queue size check for variable wqe (git-fixes)
  * RDMA/bnxt_re: Fix MSN table size for variable wqe mode (git-fixes)
  * RDMA/bnxt_re: Fix max SGEs for the Work Request (git-fixes)
  * RDMA/bnxt_re: Fix the max WQE size for static WQE support (git-fixes)
  * RDMA/bnxt_re: Fix the max WQEs used in Static WQE mode (git-fixes)
  * RDMA/bnxt_re: Fix to drop reference to the mmap entry in case of error (git-
    fixes)
  * RDMA/bnxt_re: Fix to export port num to ib_query_qp (git-fixes)
  * RDMA/mlx4: Avoid false error about access to uninitialized gids array (git-
    fixes)
  * RDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error (git-
    fixes)
  * RDMA/mlx5: Fix implicit ODP use after free (git-fixes)
  * RDMA/mlx5: Fix indirect mkey ODP page count (git-fixes)
  * RDMA/rxe: Fix mismatched max_msg_sz (git-fixes)
  * RDMA/rxe: Fix the warning "__rxe_cleanup+0x12c/0x170 [rdma_rxe]" (git-fixes)
  * RDMA/srp: Fix error handling in srp_add_port (git-fixes)
  * Disable "ocfs2: fix UBSAN warning in ocfs2_verify_volume()" (bsc#1236138).
  * Remove "idpf: fix memory leaks and crashes while performing a soft reset"
    fix (bsc#1236628).
  * Remove "media: uvcvideo: Require entities to have a non-zero unique ID" fix
    (bsc#1235894).
  * Revert "HID: multitouch: Add support for lenovo Y9000P Touchpad" (stable-
    fixes).
  * Revert "drm/i915/dpt: Make DPT object unshrinkable" (stable-fixes).
  * Revert "mtd: spi-nor: core: replace dummy buswidth from addr to data" (git-
    fixes).
  * Revert "usb: gadget: u_serial: Disable ep before setting port to null to fix
    the crash caused by port being null" (stable-fixes).
  * USB: core: Disable LPM only for non-suspended ports (git-fixes).
  * USB: serial: cp210x: add Phoenix Contact UPS Device (stable-fixes).
  * USB: serial: option: add MeiG Smart SRM815 (stable-fixes).
  * USB: serial: option: add Neoway N723-EA support (stable-fixes).
  * USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() (git-
    fixes).
  * USB: usblp: return error when setting unsupported protocol (git-fixes).
  * VFS: use system_unbound_wq for delayed_mntput (bsc#1234683).
  * VMCI: fix reference to ioctl-number.rst (git-fixes).
  * afs: Fix EEXIST error returned from afs_rmdir() to be ENOTEMPTY (git-fixes).
  * afs: Fix cleanup of immediately failed async calls (git-fixes).
  * afs: Fix directory format encoding struct (git-fixes).
  * afs: Fix the fallback handling for the YFS.RemoveFile2 RPC call (git-fixes).
  * afs: Fix the maximum cell name length (git-fixes).
  * arm64/sme: Move storage of reg_smidr to __cpuinfo_store_cpu() (git-fixes)
  * arm64: Filter out SVE hwcaps when FEAT_SVE isn't implemented (git-fixes)
  * arm64: Kconfig: Make SME depend on BROKEN for now (git-fixes bsc#1236245).
  * arm64: dts: rockchip: Add sdmmc/sdio/emmc reset controls for RK3328 (git-
    fixes)
  * arm64: dts: rockchip: add hevc power domain clock to rk3328 (git-fixes).
  * arm64: dts: rockchip: increase gmac rx_delay on rk3399-puma (git-fixes)
  * arm64: ptrace: fix partial SETREGSET for NT_ARM_TAGGED_ADDR_CTRL (git-
    fixes).
  * arm64: tegra: Disable Tegra234 sce-fabric node (git-fixes)
  * arm64: tegra: Fix Tegra234 PCIe interrupt-map (git-fixes)
  * arm64: tegra: Fix typo in Tegra234 dce-fabric compatible (git-fixes)
  * ata: libata-core: Set ATA_QCFLAG_RTF_FILLED in fill_result_tf() (stable-
    fixes).
  * bnxt_en: Fix GSO type for HW GRO packets on 5750X chips (git-fixes)
  * btrfs: fix use-after-free in btrfs_encoded_read_endio() (bsc#1235445).
  * btrfs: fix use-after-free waiting for encoded read endios (bsc#1235445).
  * bus: mhi: host: Free mhi_buf vector inside mhi_alloc_bhie_table() (git-
    fixes).
  * ceph: improve error handling and short/overflow-read logic in
    __ceph_sync_read() (bsc#1228592).
  * cleanup: Add conditional guard support (stable-fixes).
  * cleanup: Adjust scoped_guard() macros to avoid potential warning (stable-
    fixes).
  * cleanup: Remove address space of returned pointer (git-fixes).
  * cpufreq: ACPI: Fix max-frequency computation (git-fixes).
  * cpufreq: Do not unregister cpufreq cooling on CPU hotplug (git-fixes).
  * cpufreq: amd-pstate: remove global header file (git-fixes).
  * cpufreq: intel_pstate: Check turbo_is_disabled() in store_no_turbo()
    (bsc#1234619).
  * cpufreq: intel_pstate: Do not update global.turbo_disabled after
    initialization (bsc#1234619).
  * cpufreq: intel_pstate: Drop redundant locking from
    intel_pstate_driver_cleanup() (bsc#1234619).
  * cpufreq: intel_pstate: Fix unchecked HWP MSR access (bsc#1234619).
  * cpufreq: intel_pstate: Fold intel_pstate_max_within_limits() into caller
    (bsc#1234619).
  * cpufreq: intel_pstate: Get rid of unnecessary READ_ONCE() annotations
    (bsc#1234619).
  * cpufreq: intel_pstate: Make hwp_notify_lock a raw spinlock (git-fixes).
  * cpufreq: intel_pstate: Read global.no_turbo under READ_ONCE() (bsc#1234619).
  * cpufreq: intel_pstate: Rearrange show_no_turbo() and store_no_turbo()
    (bsc#1234619).
  * cpufreq: intel_pstate: Refine computation of P-state for given frequency
    (bsc#1234619).
  * cpufreq: intel_pstate: Replace three global.turbo_disabled checks
    (bsc#1234619).
  * cpufreq: intel_pstate: Revise global turbo disable check (bsc#1234619).
  * cpufreq: intel_pstate: Simplify spinlock locking (bsc#1234619).
  * cpufreq: intel_pstate: Update the maximum CPU frequency consistently
    (bsc#1234619).
  * cpufreq: intel_pstate: Use HWP to initialize ITMT if CPPC is missing (git-
    fixes).
  * cpufreq: intel_pstate: Use __ro_after_init for three variables
    (bsc#1234619).
  * cpufreq: intel_pstate: Wait for canceled delayed work to complete
    (bsc#1234619).
  * cpufreq: intel_pstate: fix pstate limits enforcement for adjust_perf call
    back (git-fixes).
  * cpuidle: Avoid potential overflow in integer multiplication (git-fixes).
  * cpupower: fix TSC MHz calculation (git-fixes).
  * crypto: caam - use JobR's space to access page 0 regs (git-fixes).
  * crypto: ecc - Prevent ecc_digits_from_bytes from reading too many bytes
    (git-fixes).
  * crypto: ecdsa - Avoid signed integer overflow on signature decoding (stable-
    fixes).
  * crypto: ecdsa - Convert byte arrays with key coordinates to digits (stable-
    fixes).
  * crypto: ecdsa - Rename keylen to bufsize where necessary (stable-fixes).
  * crypto: ecdsa - Use ecc_digits_from_bytes to convert signature (stable-
    fixes).
  * crypto: iaa - Fix IAA disabling that occurs when sync_mode is set to 'async'
    (git-fixes).
  * crypto: ixp4xx - fix OF node reference leaks in init_ixp_crypto() (git-
    fixes).
  * crypto: qce - fix goto jump in error path (git-fixes).
  * crypto: qce - fix priority to be less than ARMv8 CE (git-fixes).
  * crypto: qce - unregister previously registered algos in error path (git-
    fixes).
  * devcoredump: cleanup some comments (git-fixes).
  * dlm: fix possible lkb_resource null dereference (git-fixes).
  * dmaengine: ti: edma: fix OF node reference leaks in edma_driver (git-fixes).
  * docs: media: update location of the media patches (stable-fixes).
  * docs: power: Fix footnote reference for Toshiba Satellite P10-554 (git-
    fixes).
  * driver core: class: Fix wild pointer dereferences in API
    class_dev_iter_next() (git-fixes).
  * drivers/card_reader/rtsx_usb: Restore interrupt based detection (git-fixes).
  * drm/amd/display: Add check for granularity in dml ceil/floor helpers
    (stable-fixes).
  * drm/amd/display: Fix DSC-re-computing (stable-fixes).
  * drm/amd/display: Fix incorrect DSC recompute trigger (stable-fixes).
  * drm/amd/display: Use HW lock mgr for PSR1 (stable-fixes).
  * drm/amd/display: increase MAX_SURFACES to the value supported by hw (stable-
    fixes).
  * drm/amd/pm: Fix an error handling path in
    vega10_enable_se_edc_force_stall_config() (git-fixes).
  * drm/amdgpu/vcn: reset fw_shared under SRIOV (git-fixes).
  * drm/amdgpu: Fix potential NULL pointer dereference in
    atomctrl_get_smc_sclk_range_table (git-fixes).
  * drm/amdgpu: always sync the GFX pipe on ctx switch (stable-fixes).
  * drm/amdgpu: simplify return statement in amdgpu_ras_eeprom_init (git-fixes).
  * drm/amdgpu: tear down ttm range manager for doorbell in amdgpu_ttm_fini()
    (git-fixes).
  * drm/amdkfd: Correct the migration DMA map direction (stable-fixes).
  * drm/amdkfd: fixed page fault when enable MES shader debugger (git-fixes).
  * drm/bridge: it6505: Change definition of AUX_FIFO_MAX_SIZE (git-fixes).
  * drm/etnaviv: Fix page property being used for non writecombine buffers (git-
    fixes).
  * drm/i915/fb: Relax clear color alignment to 64 bytes (stable-fixes).
  * drm/mediatek: Add return value check when reading DPCD (git-fixes).
  * drm/mediatek: Add support for 180-degree rotation in the display driver
    (git-fixes).
  * drm/mediatek: Fix YCbCr422 color format issue for DP (git-fixes).
  * drm/mediatek: Fix mode valid issue for dp (git-fixes).
  * drm/mediatek: Set private->all_drm_private[i]->drm to NULL if mtk_drm_bind
    returns err (git-fixes).
  * drm/mediatek: mtk_dsi: Add registers to pdata to fix MT8186/MT8188 (git-
    fixes).
  * drm/mediatek: stop selecting foreign drivers (git-fixes).
  * drm/msm/dp: set safe_to_exit_level before printing it (git-fixes).
  * drm/msm/dpu: link DSPP_2/_3 blocks on SC8180X (git-fixes).
  * drm/msm/dpu: link DSPP_2/_3 blocks on SM8150 (git-fixes).
  * drm/msm/dpu: link DSPP_2/_3 blocks on SM8250 (git-fixes).
  * drm/msm/dpu: link DSPP_2/_3 blocks on SM8350 (git-fixes).
  * drm/msm/dpu: link DSPP_2/_3 blocks on SM8550 (git-fixes).
  * drm/msm: Check return value of of_dma_configure() (git-fixes).
  * drm/msm: do not clean up priv->kms prematurely (git-fixes).
  * drm/rcar-du: dsi: Fix PHY lock bit check (git-fixes).
  * drm/rockchip: cdn-dp: Use drm_connector_helper_hpd_irq_event() (git-fixes).
  * drm/rockchip: vop2: Check linear format for Cluster windows on rk3566/8
    (git-fixes).
  * drm/rockchip: vop2: Fix cluster windows alpha ctrl regsiters offset (git-
    fixes).
  * drm/rockchip: vop2: Fix the mixer alpha setup for layer 0 (git-fixes).
  * drm/tidss: Clear the interrupt status for interrupts being disabled (git-
    fixes).
  * drm/tidss: Fix issue in irq handling causing irq-flood issue (git-fixes).
  * drm/v3d: Assign job pointer to NULL before signaling the fence (git-fixes).
  * drm/v3d: Ensure job pointer is set to NULL after job completion (git-fixes).
  * drm/v3d: Stop active perfmon if it is being destroyed (git-fixes).
  * drm/vmwgfx: Add new keep_resv BO param (git-fixes).
  * exfat: ensure that ctime is updated whenever the mtime is (git-fixes).
  * exfat: fix the infinite loop in __exfat_free_cluster() (git-fixes).
  * exfat: fix the infinite loop in exfat_readdir() (git-fixes).
  * fbdev: omapfb: Fix an OF node leak in dss_of_port_get_parent_device() (git-
    fixes).
  * genirq: Make handle_enforce_irqctx() unconditionally available (git-fixes).
  * genksyms: fix memory leak when the same symbol is added from source (git-
    fixes).
  * genksyms: fix memory leak when the same symbol is read from *.symref file
    (git-fixes).
  * gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (git-fixes).
  * gpio: mxc: remove dead code after switch to DT-only (git-fixes).
  * gpio: xilinx: Convert gpio_lock to raw spinlock (git-fixes).
  * gtp: Use for_each_netdev_rcu() in gtp_genl_dump_pdp() (git-fixes).
  * hwmon: (drivetemp) Fix driver producing garbage data when SCSI errors occur
    (git-fixes).
  * hwmon: (drivetemp) Set scsi command timeout to 10s (stable-fixes).
  * hwmon: (tmp513) Fix division of negative numbers (git-fixes).
  * hyperv: Do not overlap the hvcall IO areas in get_vtl() (git-fixes).
  * i2c: core: fix reference leak in i2c_register_adapter() (git-fixes).
  * i2c: i801: Add support for Intel Arrow Lake-H (stable-fixes).
  * i2c: i801: Add support for Intel Panther Lake (stable-fixes).
  * i2c: mux: demux-pinctrl: check initial mux selection, too (git-fixes).
  * i2c: rcar: fix NACK handling when being a target (git-fixes).
  * i2c: xgene-slimpro: Migrate to use generic PCC shmem related macros (stable-
    fixes).
  * ibmvnic: Free any outstanding tx skbs during scrq reset (bsc#1226980).
  * ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe()
    (git-fixes).
  * iio: adc: ad7124: Disable all channels at probe time (git-fixes).
  * iio: adc: ad_sigma_delta: Handle CS assertion as intended in
    ad_sd_read_reg_raw() (git-fixes).
  * iio: adc: at91: call input_free_device() on allocated iio_dev (git-fixes).
  * iio: adc: rockchip_saradc: fix information leak in triggered buffer (git-
    fixes).
  * iio: adc: ti-ads124s08: Use gpiod_set_value_cansleep() (git-fixes).
  * iio: adc: ti-ads8688: fix information leak in triggered buffer (git-fixes).
  * iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered
    buffer (git-fixes).
  * iio: gyro: fxas21002c: Fix missing data update in trigger handler (git-
    fixes).
  * iio: iio-mux: kzalloc instead of devm_kzalloc to ensure page alignment (git-
    fixes).
  * iio: imu: kmx61: fix information leak in triggered buffer (git-fixes).
  * iio: inkern: call iio_device_put() only on mapped devices (git-fixes).
  * iio: light: as73211: fix channel handling in only-color triggered buffer
    (git-fixes).
  * iio: light: vcnl4035: fix information leak in triggered buffer (git-fixes).
  * iio: pressure: zpa2326: fix information leak in triggered buffer (git-
    fixes).
  * iio: test : check null return of kunit_kmalloc in iio_rescale_test_scale
    (git-fixes).
  * intel_th: core: fix kernel-doc warnings (git-fixes).
  * ipmi: ipmb: Add check devm_kasprintf() returned value (git-fixes).
  * ipmi: ssif_bmc: Fix new request loss when bmc ready for a response (git-
    fixes).
  * irqchip/gic-v3: Force propagation of the active state with a read-back
    (stable-fixes).
  * irqchip/gic: Correct declaration of *percpu_base pointer in union gic_base
    (stable-fixes).
  * kconfig: fix file name in warnings when loading KCONFIG_DEFCONFIG_LIST (git-
    fixes).
  * kheaders: Ignore silly-rename files (stable-fixes).
  * ktest.pl: Avoid false positives with grub2 skip regex (stable-fixes).
  * ktest.pl: Check kernelrelease return in get_version (git-fixes).
  * ktest.pl: Fix typo "accesing" (git-fixes).
  * ktest.pl: Fix typo in comment (git-fixes).
  * ktest.pl: Remove unused declarations in run_bisect_test function (git-
    fixes).
  * ktest: force $buildonly = 1 for 'make_warnings_file' test type (stable-
    fixes).
  * landlock: Handle weird files (git-fixes).
  * latencytop: use correct kernel-doc format for func params (git-fixes).
  * leds: lp8860: Write full EEPROM, not only half of it (git-fixes).
  * leds: netxbig: Fix an OF node reference leak in netxbig_leds_get_of_pdata()
    (git-fixes).
  * lib/inflate.c: remove dead code (git-fixes).
  * lib/stackdepot: print disabled message only if truly disabled (git-fixes).
  * mac802154: check local interfaces before deleting sdata list (stable-fixes).
  * mailbox: pcc: Add support for platform notification handling (stable-fixes).
  * mailbox: pcc: Support shared interrupt for multiple subspaces (stable-
    fixes).
  * mailbox: tegra-hsp: Clear mailbox before using message (git-fixes).
  * maple_tree: simplify split calculation (git-fixes).
  * media: camif-core: Add check for clk_enable() (git-fixes).
  * media: ccs: Clean up parsed CCS static data on parse failure (git-fixes).
  * media: ccs: Fix CCS static data parsing for large block sizes (git-fixes).
  * media: ccs: Fix cleanup order in ccs_probe() (git-fixes).
  * media: dvb-usb-v2: af9035: fix ISO C90 compilation error on
    af9035_i2c_master_xfer (git-fixes).
  * media: i2c: imx412: Add missing newline to prints (git-fixes).
  * media: i2c: ov9282: Correct the exposure offset (git-fixes).
  * media: imx-jpeg: Fix potential error pointer dereference in detach_pm()
    (git-fixes).
  * media: imx296: Add standby delay during probe (git-fixes).
  * media: lmedm04: Handle errors for lme2510_int_read (git-fixes).
  * media: marvell: Add check for clk_enable() (git-fixes).
  * media: mc: fix endpoint iteration (git-fixes).
  * media: mipi-csis: Add check for clk_enable() (git-fixes).
  * media: nxp: imx8-isi: fix v4l2-compliance test errors (git-fixes).
  * media: ov5640: fix get_light_freq on auto (git-fixes).
  * media: rc: iguanair: handle timeouts (git-fixes).
  * media: rkisp1: Fix unused value issue (git-fixes).
  * media: uvcvideo: Fix crash during unbind if gpio unit is in use (git-fixes).
  * media: uvcvideo: Fix double free in error path (git-fixes).
  * media: uvcvideo: Fix event flags in uvc_ctrl_send_events (git-fixes).
  * media: uvcvideo: Force UVC version to 1.0a for 0408:4035 (stable-fixes).
  * media: uvcvideo: Only save async fh if success (git-fixes).
  * media: uvcvideo: Propagate buf->error to userspace (git-fixes).
  * media: uvcvideo: Remove dangling pointers (git-fixes).
  * media: uvcvideo: Remove redundant NULL assignment (git-fixes).
  * media: uvcvideo: Support partial control reads (git-fixes).
  * memory tiering: count PGPROMOTE_SUCCESS when mem tiering is enabled (git-
    fixes).
  * memory-failure: use a folio in me_huge_page() (git-fixes).
  * memory: tegra20-emc: fix an OF node reference bug in
    tegra_emc_find_node_by_ram_code() (git-fixes).
  * misc: fastrpc: Deregister device nodes properly in error scenarios (git-
    fixes).
  * misc: fastrpc: Fix copy buffer page size (git-fixes).
  * misc: fastrpc: Fix registered buffer page address (git-fixes).
  * misc: microchip: pci1xxxx: Resolve kernel panic during GPIO IRQ handling
    (git-fixes).
  * misc: microchip: pci1xxxx: Resolve return code mismatch during GPIO set
    config (git-fixes).
  * misc: misc_minor_alloc to use ida for all dynamic/misc dynamic minors (git-
    fixes).
  * mm, kmsan: fix infinite recursion due to RCU critical section (git-fixes).
  * mm,page_owner: do not remove __GFP_NOLOCKDEP in add_stack_record_to_list
    (git-fixes).
  * mm/memory-failure: cast index to loff_t before shifting it (git-fixes).
  * mm/memory-failure: check the mapcount of the precise page (git-fixes).
  * mm/memory-failure: fix crash in split_huge_page_to_list from
    soft_offline_page (git-fixes).
  * mm/memory-failure: pass the folio and the page to collect_procs() (git-
    fixes).
  * mm/memory-failure: use raw_spinlock_t in struct memory_failure_cpu (git-
    fixes).
  * mm/memory_hotplug: add missing mem_hotplug_lock (git-fixes).
  * mm/memory_hotplug: fix error handling in add_memory_resource() (git-fixes).
  * mm/memory_hotplug: prevent accessing by index=-1 (git-fixes).
  * mm/memory_hotplug: use pfn math in place of direct struct page manipulation
    (git-fixes).
  * mm/migrate: correct nr_failed in migrate_pages_sync() (git-fixes).
  * mm/migrate: fix deadlock in migrate_pages_batch() on large folios (git-
    fixes).
  * mm/migrate: putback split folios when numa hint migration fails (git-fixes).
  * mm/migrate: split source folio if it is on deferred split list (git-fixes).
  * mm/page_owner: remove free_ts from page_owner output (git-fixes).
  * mm/rodata_test: use READ_ONCE() to read const variable (git-fixes).
  * mm: convert DAX lock/unlock page to lock/unlock folio (git-fixes).
  * mm: memory-failure: ensure moving HWPoison flag to the raw error pages (git-
    fixes).
  * mm: memory-failure: fetch compound head after extra page refcnt is held
    (git-fixes).
  * mm: memory-failure: fix potential page refcnt leak in memory_failure() (git-
    fixes).
  * mm: memory-failure: fix race window when trying to get hugetlb folio (git-
    fixes).
  * mm: memory-failure: remove unneeded PageHuge() check (git-fixes).
  * mm: prevent derefencing NULL ptr in pfn_section_valid() (git-fixes).
  * modpost: fix the missed iteration for the max bit in do_input() (git-fixes).
  * mtd: onenand: Fix uninitialized retlen in do_otp_read() (git-fixes).
  * mtd: spinand: Remove write_enable_op() in markbad() (git-fixes).
  * net/rose: prevent integer overflows in rose_setsockopt() (git-fixes).
  * net: mana: Cleanup "mana" debugfs dir after cleanup of all children
    (bsc#1236760).
  * net: mana: Enable debugfs files for MANA device (bsc#1236758).
  * net: netvsc: Update default VMBus channels (bsc#1236757).
  * net: phy: c45-tjaxx: add delay between MDIO write and read in soft_reset
    (git-fixes).
  * net: rose: fix timer races against user threads (git-fixes).
  * net: usb: qmi_wwan: add Telit FE910C04 compositions (stable-fixes).
  * net: usb: rtl8150: enable basic endpoint checking (git-fixes).
  * net: wwan: iosm: Properly check for valid exec stage in ipc_mmio_init()
    (git-fixes).
  * net: wwan: t7xx: Fix FSM command timeout issue (git-fixes).
  * netfilter: nf_tables: validate family when identifying table via handle
    (bsc#1233778 ZDI-24-1454).
  * nilfs2: fix possible int overflows in nilfs_fiemap() (git-fixes).
  * nvme-tcp: Fix I/O queue cpu spreading for multiple controllers (git-fixes).
  * nvme: Add error check for xa_store in nvme_get_effects_log (git-fixes).
  * nvme: Add error path for xa_store in nvme_init_effects (git-fixes).
  * nvme: fix bogus kzalloc() return check in nvme_init_effects_log() (git-
    fixes).
  * nvmet: propagate npwg topology (git-fixes).
  * padata: add pd get/put refcnt helper (git-fixes).
  * padata: avoid UAF for reorder_work (git-fixes).
  * padata: fix UAF in padata_reorder (git-fixes).
  * pinctrl: amd: Take suspend type into consideration which pins are non-wake
    (git-fixes).
  * pinctrl: samsung: fix fwnode refcount cleanup if platform_get_irq_optional()
    fails (git-fixes).
  * platform/x86/amd/pmc: Only disable IRQ1 wakeup where i8042 actually enabled
    it (git-fixes).
  * platform/x86/intel-uncore-freq: Ignore minor version change (bsc#1225897).
  * platform/x86/intel/tpmi: Add defines to get version information
    (bsc#1225897).
  * pm:cpupower: Add missing powercap_set_enabled() stub function (git-fixes).
  * power: ip5xxx_power: Fix return value on ADC read errors (git-fixes).
  * powerpc/iommu: Move pSeries specific functions to pseries/iommu.c
    (bsc#1220711 ltc#205755).
  * powerpc/iommu: Only build sPAPR access functions on pSeries (bsc#1220711
    ltc#205755).
  * powerpc/powernv/pci: Remove MVE code (bsc#1220711 ltc#205755).
  * powerpc/powernv/pci: Remove ioda1 support (bsc#1220711 ltc#205755).
  * powerpc/powernv/pci: Remove last IODA1 defines (bsc#1220711 ltc#205755).
  * powerpc/pseries/eeh: Fix get PE state translation (bsc#1215199).
  * powerpc/pseries/iommu: IOMMU incorrectly marks MMIO range in DDW
    (bsc#1218470 ltc#204531).
  * powerpc/pseries/vas: Add close() callback in vas_vm_ops struct
    (bsc#1234825).
  * pps: add an error check in parport_attach (git-fixes).
  * pps: remove usage of the deprecated ida_simple_xx() API (stable-fixes).
  * printk: Add is_printk_legacy_deferred() (bsc#1236733).
  * printk: Defer legacy printing when holding printk_cpu_sync (bsc#1236733).
  * pwm: stm32-lp: Add check for clk_enable() (git-fixes).
  * pwm: stm32: Add check for clk_enable() (git-fixes).
  * r8169: enable SG/TSO on selected chip versions per default (bsc#1235874).
  * rcu-tasks: Pull sampling of ->percpu_dequeue_lim out of loop (git-fixes)
  * rcu/tree: Defer setting of jiffies during stall reset (git-fixes)
  * rcu: Dump memory object info if callback function is invalid (git-fixes)
  * rcu: Eliminate rcu_gp_slow_unregister() false positive (git-fixes)
  * rcuscale: Move rcu_scale_writer() (git-fixes)
  * rdma/cxgb4: Prevent potential integer overflow on 32bit (git-fixes)
  * regulator: core: Add missing newline character (git-fixes).
  * regulator: of: Implement the unwind path of of_regulator_match() (git-
    fixes).
  * remoteproc: core: Fix ida_free call while not allocated (git-fixes).
  * rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read (git-fixes).
  * rtc: zynqmp: Fix optional clock name property (git-fixes).
  * s390x config: IOMMU_DEFAULT_DMA_LAZY=y (bsc#1235646)
  * samples/landlock: Fix possible NULL dereference in parse_path() (git-fixes).
  * sched/fair: Fix value reported by hot tasks pulled in /proc/schedstat
    (bsc#1235865).
  * sched/fair: Fix value reported by hot tasks pulled in /proc/schedstat -kabi
    (bsc#1235865).
  * scsi: storvsc: Ratelimit warning logs to prevent VM denial of service (git-
    fixes).
  * seccomp: Stub for !CONFIG_SECCOMP (stable-fixes).
  * selftest: media_tests: fix trivial UAF typo (git-fixes).
  * selftests/alsa: Fix circular dependency involving global-timer (stable-
    fixes).
  * selftests/landlock: Fix error message (git-fixes).
  * selftests/mm/cow: modify the incorrect checking parameters (git-fixes).
  * selftests/powerpc: Fix argument order to timer_sub() (git-fixes).
  * selftests: harness: fix printing of mismatch values in __EXPECT() (git-
    fixes).
  * selftests: mptcp: avoid spurious errors on disconnect (git-fixes).
  * selftests: tc-testing: reduce rshift value (stable-fixes).
  * selftests: timers: clocksource-switch: Adapt progress to kselftest framework
    (git-fixes).
  * selinux: Fix SCTP error inconsistency in selinux_socket_bind() (git-fixes).
  * serial: 8250: Adjust the timeout for FIFO mode (git-fixes).
  * serial: sh-sci: Do not probe the serial port if its slot in sci_ports[] is
    in use (git-fixes).
  * serial: sh-sci: Drop __initdata macro for port_cfg (git-fixes).
  * soc: atmel: fix device_node release in atmel_soc_device_init() (git-fixes).
  * soc: mediatek: mtk-devapc: Fix leaking IO map on error paths (git-fixes).
  * soc: qcom: smem_state: fix missing of_node_put in error path (git-fixes).
  * soc: qcom: socinfo: Avoid out of bounds read of serial number (git-fixes).
  * sound: usb: enable DSD output for ddHiFi TC44C (stable-fixes).
  * sound: usb: format: do not warn that raw DSD is unsupported (stable-fixes).
  * spi: zynq-qspi: Add check for clk_enable() (git-fixes).
  * srcu: Fix srcu_struct node grpmask overflow on 64-bit systems (git-fixes)
  * srcu: Only accelerate on enqueue time (git-fixes)
  * stackdepot: rename pool_index to pool_index_plus_1 (git-fixes).
  * stackdepot: respect __GFP_NOLOCKDEP allocation flag (git-fixes).
  * staging: iio: ad9832: Correct phase range check (git-fixes).
  * staging: iio: ad9834: Correct phase range check (git-fixes).
  * staging: media: imx: fix OF node leak in imx_media_add_of_subdevs() (git-
    fixes).
  * staging: media: max96712: fix kernel oops when removing module (git-fixes).
  * thermal: of: fix OF node leak in of_thermal_zone_find() (git-fixes).
  * thunderbolt: Add support for Intel Lunar Lake (stable-fixes).
  * thunderbolt: Add support for Intel Panther Lake-M/P (stable-fixes).
  * tipc: fix NULL deref in cleanup_bearer() (bsc#1235433).
  * tools: Sync if_xdp.h uapi tooling header (git-fixes).
  * tpm: Map the ACPI provided event log (bsc#1233260 bsc#1233259 bsc#1232421).
  * tty: serial: 8250: Fix another runtime PM usage counter underflow (git-
    fixes).
  * ubifs: skip dumping tnc tree when zroot is null (git-fixes).
  * uio: Fix return value of poll (git-fixes).
  * uio: uio_dmem_genirq: check the return value of devm_kasprintf() (git-
    fixes).
  * usb-storage: Add max sectors quirk for Nokia 208 (stable-fixes).
  * usb: chipidea: add CI_HDRC_FORCE_VBUS_ACTIVE_ALWAYS flag (stable-fixes).
  * usb: dwc3-am62: Disable autosuspend during remove (git-fixes).
  * usb: dwc3-am62: Fix an OF node leak in phy_syscon_pll_refclk() (git-fixes).
  * usb: dwc3: gadget: fix writing NYET threshold (git-fixes).
  * usb: fix reference leak in usb_new_device() (git-fixes).
  * usb: gadget: configfs: Ignore trailing LF for user strings to cdev (git-
    fixes).
  * usb: gadget: f_fs: Remove WARN_ON in functionfs_bind (git-fixes).
  * usb: gadget: f_tcm: Decrement command ref count on cleanup (git-fixes).
  * usb: gadget: f_tcm: Do not free command immediately (git-fixes).
  * usb: gadget: f_tcm: Do not prepare BOT write request twice (git-fixes).
  * usb: gadget: f_tcm: Fix Get/SetInterface return value (git-fixes).
  * usb: gadget: f_tcm: Translate error to sense (git-fixes).
  * usb: gadget: f_tcm: ep_autoconfig with fullspeed endpoint (git-fixes).
  * usb: gadget: f_uac2: Fix incorrect setting of bNumEndpoints (git-fixes).
  * usb: gadget: u_serial: Disable ep before setting port to null to fix the
    crash caused by port being null (git-fixes).
  * usb: host: xhci-plat: Assign shared_hcd->rsrc_start (git-fixes).
  * usb: typec: fix pm usage counter imbalance in ucsi_ccg_sync_control()
    (bsc#1235001)
  * usb: typec: tcpm/tcpci_maxim: fix error code in
    max_contaminant_read_resistance_kohm() (git-fixes).
  * usb: typec: tcpm: set SRC_SEND_CAPABILITIES timeout to PD_T_SENDER_RESPONSE
    (git-fixes).
  * usbnet: ipheth: break up NCM header size computation (git-fixes).
  * usbnet: ipheth: check that DPE points past NCM header (git-fixes).
  * usbnet: ipheth: fix DPE OoB read (git-fixes).
  * usbnet: ipheth: fix possible overflow in DPE length check (git-fixes).
  * usbnet: ipheth: refactor NCM datagram loop (git-fixes).
  * usbnet: ipheth: use static NDP16 location in URB (git-fixes).
  * vfio/pci: Lock external INTx masking ops (bsc#1222803).
  * vmscan,migrate: fix page count imbalance on node stats when demoting pages
    (git-fixes).
  * watchdog: rzg2l_wdt: Power on the watchdog domain in the restart handler
    (stable-fixes).
  * watchdog: rzg2l_wdt: Rely on the reset driver for doing proper reset
    (stable-fixes).
  * watchdog: rzg2l_wdt: Remove reset de-assert from probe (stable-fixes).
  * wifi: ath11k: Fix unexpected return buffer manager error for WCN6750/WCN6855
    (git-fixes).
  * wifi: ath11k: cleanup struct ath11k_mon_data (git-fixes).
  * wifi: ath12k: fix atomic calls in ath12k_mac_op_set_bitrate_mask() (stable-
    fixes).
  * wifi: ath12k: fix tx power, max reg power update to firmware (git-fixes).
  * wifi: brcmfmac: add missing header include for brcmf_dbg (git-fixes).
  * wifi: cfg80211: adjust allocation of colocated AP data (git-fixes).
  * wifi: iwlwifi: fw: read STEP table from correct UEFI var (git-fixes).
  * wifi: mac80211: Add non-atomic station iterator (stable-fixes).
  * wifi: mac80211: Fix common size calculation for ML element (git-fixes).
  * wifi: mac80211: do not flush non-uploaded STAs (git-fixes).
  * wifi: mac80211: export ieee80211_purge_tx_queue() for drivers (stable-
    fixes).
  * wifi: mac80211: fix mbss changed flags corruption on 32 bit systems (stable-
    fixes).
  * wifi: mac80211: fix tid removal during mesh forwarding (git-fixes).
  * wifi: mac80211: prohibit deactivating all links (git-fixes).
  * wifi: mac80211: wake the queues in case of failure in resume (stable-fixes).
  * wifi: mt76: mt76u_vendor_request: Do not print error messages when -EPROTO
    (git-fixes).
  * wifi: mt76: mt7915: Fix mesh scan on MT7916 DBDC (git-fixes).
  * wifi: mt76: mt7915: add module param to select 5 GHz or 6 GHz on MT7916
    (git-fixes).
  * wifi: mt76: mt7915: firmware restart on devices with a second pcie link
    (git-fixes).
  * wifi: mt76: mt7915: fix overflows seen when writing limit attributes (git-
    fixes).
  * wifi: mt76: mt7915: fix register mapping (git-fixes).
  * wifi: mt76: mt7921: fix using incorrect group cipher after disconnection
    (git-fixes).
  * wifi: mt76: mt7925: fix off by one in mt7925_load_clc() (git-fixes).
  * wifi: mt76: mt7996: add max mpdu len capability (git-fixes).
  * wifi: mt76: mt7996: fix HE Phy capability (git-fixes).
  * wifi: mt76: mt7996: fix definition of tx descriptor (git-fixes).
  * wifi: mt76: mt7996: fix incorrect indexing of MIB FW event (git-fixes).
  * wifi: mt76: mt7996: fix ldpc setting (git-fixes).
  * wifi: mt76: mt7996: fix overflows seen when writing limit attributes (git-
    fixes).
  * wifi: mt76: mt7996: fix register mapping (git-fixes).
  * wifi: mt76: mt7996: fix rx filter setting for bfee functionality (git-
    fixes).
  * wifi: mt76: mt7996: fix the capability of reception of EHT MU PPDU (git-
    fixes).
  * wifi: rtlwifi: destroy workqueue at rtl_deinit_core (git-fixes).
  * wifi: rtlwifi: do not complete firmware loading needlessly (git-fixes).
  * wifi: rtlwifi: fix init_sw_vars leak when probe fails (git-fixes).
  * wifi: rtlwifi: fix memory leaks and invalid access at probe error path (git-
    fixes).
  * wifi: rtlwifi: pci: wait for firmware loading before releasing memory (git-
    fixes).
  * wifi: rtlwifi: remove unused check_buddy_priv (git-fixes).
  * wifi: rtlwifi: rtl8192se: rise completion of firmware loading as last step
    (git-fixes).
  * wifi: rtlwifi: rtl8821ae: Fix media status report (git-fixes).
  * wifi: rtlwifi: rtl8821ae: phy: restore removed code to fix infinite loop
    (git-fixes).
  * wifi: rtlwifi: usb: fix workqueue leak when probe fails (git-fixes).
  * wifi: rtlwifi: wait for firmware loading before releasing memory (git-
    fixes).
  * wifi: rtw88: use ieee80211_purge_tx_queue() to purge TX skb (stable-fixes).
  * wifi: rtw89: mcc: consider time limits not divisible by 1024 (git-fixes).
  * wifi: wcn36xx: fix channel survey memory allocation size (git-fixes).
  * wifi: wlcore: fix unbalanced pm_runtime calls (git-fixes).
  * workqueue: Add rcu lock check at the end of work item execution
    (bsc#1236732).
  * x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0
    (git-fixes).
  * xfs: Add error handling for xfs_reflink_cancel_cow_range (git-fixes).
  * xfs: Propagate errors from xfs_reflink_cancel_cow_range in
    xfs_dax_write_iomap_end (git-fixes).

## Special Instructions and Notes:

  * Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-428=1 openSUSE-SLE-15.6-2025-428=1

  * Public Cloud Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-428=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 x86_64)
    * kernel-azure-optional-debuginfo-6.4.0-150600.8.26.1
    * kselftests-kmp-azure-debuginfo-6.4.0-150600.8.26.1
    * kernel-azure-optional-6.4.0-150600.8.26.1
    * ocfs2-kmp-azure-6.4.0-150600.8.26.1
    * kernel-azure-debugsource-6.4.0-150600.8.26.1
    * gfs2-kmp-azure-6.4.0-150600.8.26.1
    * kernel-azure-devel-debuginfo-6.4.0-150600.8.26.1
    * kernel-azure-devel-6.4.0-150600.8.26.1
    * kernel-azure-extra-debuginfo-6.4.0-150600.8.26.1
    * reiserfs-kmp-azure-debuginfo-6.4.0-150600.8.26.1
    * gfs2-kmp-azure-debuginfo-6.4.0-150600.8.26.1
    * kernel-azure-extra-6.4.0-150600.8.26.1
    * kselftests-kmp-azure-6.4.0-150600.8.26.1
    * dlm-kmp-azure-6.4.0-150600.8.26.1
    * kernel-azure-debuginfo-6.4.0-150600.8.26.1
    * cluster-md-kmp-azure-6.4.0-150600.8.26.1
    * kernel-syms-azure-6.4.0-150600.8.26.1
    * reiserfs-kmp-azure-6.4.0-150600.8.26.1
    * cluster-md-kmp-azure-debuginfo-6.4.0-150600.8.26.1
    * dlm-kmp-azure-debuginfo-6.4.0-150600.8.26.1
    * ocfs2-kmp-azure-debuginfo-6.4.0-150600.8.26.1
  * openSUSE Leap 15.6 (aarch64 nosrc x86_64)
    * kernel-azure-6.4.0-150600.8.26.1
  * openSUSE Leap 15.6 (x86_64)
    * kernel-azure-vdso-6.4.0-150600.8.26.1
    * kernel-azure-vdso-debuginfo-6.4.0-150600.8.26.1
  * openSUSE Leap 15.6 (noarch)
    * kernel-source-azure-6.4.0-150600.8.26.1
    * kernel-devel-azure-6.4.0-150600.8.26.1
  * Public Cloud Module 15-SP6 (aarch64 nosrc x86_64)
    * kernel-azure-6.4.0-150600.8.26.1
  * Public Cloud Module 15-SP6 (aarch64 x86_64)
    * kernel-syms-azure-6.4.0-150600.8.26.1
    * kernel-azure-devel-debuginfo-6.4.0-150600.8.26.1
    * kernel-azure-devel-6.4.0-150600.8.26.1
    * kernel-azure-debugsource-6.4.0-150600.8.26.1
    * kernel-azure-debuginfo-6.4.0-150600.8.26.1
  * Public Cloud Module 15-SP6 (noarch)
    * kernel-source-azure-6.4.0-150600.8.26.1
    * kernel-devel-azure-6.4.0-150600.8.26.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-52489.html
  * https://www.suse.com/security/cve/CVE-2023-52923.html
  * https://www.suse.com/security/cve/CVE-2024-36476.html
  * https://www.suse.com/security/cve/CVE-2024-39282.html
  * https://www.suse.com/security/cve/CVE-2024-43913.html
  * https://www.suse.com/security/cve/CVE-2024-45828.html
  * https://www.suse.com/security/cve/CVE-2024-46896.html
  * https://www.suse.com/security/cve/CVE-2024-47141.html
  * https://www.suse.com/security/cve/CVE-2024-47143.html
  * https://www.suse.com/security/cve/CVE-2024-47809.html
  * https://www.suse.com/security/cve/CVE-2024-48873.html
  * https://www.suse.com/security/cve/CVE-2024-48881.html
  * https://www.suse.com/security/cve/CVE-2024-49569.html
  * https://www.suse.com/security/cve/CVE-2024-49948.html
  * https://www.suse.com/security/cve/CVE-2024-49951.html
  * https://www.suse.com/security/cve/CVE-2024-49978.html
  * https://www.suse.com/security/cve/CVE-2024-49998.html
  * https://www.suse.com/security/cve/CVE-2024-50051.html
  * https://www.suse.com/security/cve/CVE-2024-50106.html
  * https://www.suse.com/security/cve/CVE-2024-50151.html
  * https://www.suse.com/security/cve/CVE-2024-50199.html
  * https://www.suse.com/security/cve/CVE-2024-50251.html
  * https://www.suse.com/security/cve/CVE-2024-50258.html
  * https://www.suse.com/security/cve/CVE-2024-50299.html
  * https://www.suse.com/security/cve/CVE-2024-50304.html
  * https://www.suse.com/security/cve/CVE-2024-52332.html
  * https://www.suse.com/security/cve/CVE-2024-53091.html
  * https://www.suse.com/security/cve/CVE-2024-53095.html
  * https://www.suse.com/security/cve/CVE-2024-53164.html
  * https://www.suse.com/security/cve/CVE-2024-53168.html
  * https://www.suse.com/security/cve/CVE-2024-53170.html
  * https://www.suse.com/security/cve/CVE-2024-53172.html
  * https://www.suse.com/security/cve/CVE-2024-53175.html
  * https://www.suse.com/security/cve/CVE-2024-53185.html
  * https://www.suse.com/security/cve/CVE-2024-53187.html
  * https://www.suse.com/security/cve/CVE-2024-53194.html
  * https://www.suse.com/security/cve/CVE-2024-53195.html
  * https://www.suse.com/security/cve/CVE-2024-53196.html
  * https://www.suse.com/security/cve/CVE-2024-53197.html
  * https://www.suse.com/security/cve/CVE-2024-53198.html
  * https://www.suse.com/security/cve/CVE-2024-53203.html
  * https://www.suse.com/security/cve/CVE-2024-53227.html
  * https://www.suse.com/security/cve/CVE-2024-53230.html
  * https://www.suse.com/security/cve/CVE-2024-53231.html
  * https://www.suse.com/security/cve/CVE-2024-53232.html
  * https://www.suse.com/security/cve/CVE-2024-53233.html
  * https://www.suse.com/security/cve/CVE-2024-53236.html
  * https://www.suse.com/security/cve/CVE-2024-53239.html
  * https://www.suse.com/security/cve/CVE-2024-53685.html
  * https://www.suse.com/security/cve/CVE-2024-53690.html
  * https://www.suse.com/security/cve/CVE-2024-54680.html
  * https://www.suse.com/security/cve/CVE-2024-55639.html
  * https://www.suse.com/security/cve/CVE-2024-55881.html
  * https://www.suse.com/security/cve/CVE-2024-55916.html
  * https://www.suse.com/security/cve/CVE-2024-56369.html
  * https://www.suse.com/security/cve/CVE-2024-56372.html
  * https://www.suse.com/security/cve/CVE-2024-56531.html
  * https://www.suse.com/security/cve/CVE-2024-56532.html
  * https://www.suse.com/security/cve/CVE-2024-56533.html
  * https://www.suse.com/security/cve/CVE-2024-56538.html
  * https://www.suse.com/security/cve/CVE-2024-56543.html
  * https://www.suse.com/security/cve/CVE-2024-56546.html
  * https://www.suse.com/security/cve/CVE-2024-56548.html
  * https://www.suse.com/security/cve/CVE-2024-56557.html
  * https://www.suse.com/security/cve/CVE-2024-56558.html
  * https://www.suse.com/security/cve/CVE-2024-56568.html
  * https://www.suse.com/security/cve/CVE-2024-56569.html
  * https://www.suse.com/security/cve/CVE-2024-56570.html
  * https://www.suse.com/security/cve/CVE-2024-56571.html
  * https://www.suse.com/security/cve/CVE-2024-56572.html
  * https://www.suse.com/security/cve/CVE-2024-56573.html
  * https://www.suse.com/security/cve/CVE-2024-56574.html
  * https://www.suse.com/security/cve/CVE-2024-56575.html
  * https://www.suse.com/security/cve/CVE-2024-56577.html
  * https://www.suse.com/security/cve/CVE-2024-56578.html
  * https://www.suse.com/security/cve/CVE-2024-56584.html
  * https://www.suse.com/security/cve/CVE-2024-56587.html
  * https://www.suse.com/security/cve/CVE-2024-56588.html
  * https://www.suse.com/security/cve/CVE-2024-56589.html
  * https://www.suse.com/security/cve/CVE-2024-56590.html
  * https://www.suse.com/security/cve/CVE-2024-56593.html
  * https://www.suse.com/security/cve/CVE-2024-56594.html
  * https://www.suse.com/security/cve/CVE-2024-56595.html
  * https://www.suse.com/security/cve/CVE-2024-56596.html
  * https://www.suse.com/security/cve/CVE-2024-56597.html
  * https://www.suse.com/security/cve/CVE-2024-56598.html
  * https://www.suse.com/security/cve/CVE-2024-56600.html
  * https://www.suse.com/security/cve/CVE-2024-56601.html
  * https://www.suse.com/security/cve/CVE-2024-56602.html
  * https://www.suse.com/security/cve/CVE-2024-56603.html
  * https://www.suse.com/security/cve/CVE-2024-56606.html
  * https://www.suse.com/security/cve/CVE-2024-56607.html
  * https://www.suse.com/security/cve/CVE-2024-56608.html
  * https://www.suse.com/security/cve/CVE-2024-56609.html
  * https://www.suse.com/security/cve/CVE-2024-56610.html
  * https://www.suse.com/security/cve/CVE-2024-56611.html
  * https://www.suse.com/security/cve/CVE-2024-56614.html
  * https://www.suse.com/security/cve/CVE-2024-56615.html
  * https://www.suse.com/security/cve/CVE-2024-56616.html
  * https://www.suse.com/security/cve/CVE-2024-56617.html
  * https://www.suse.com/security/cve/CVE-2024-56619.html
  * https://www.suse.com/security/cve/CVE-2024-56620.html
  * https://www.suse.com/security/cve/CVE-2024-56622.html
  * https://www.suse.com/security/cve/CVE-2024-56623.html
  * https://www.suse.com/security/cve/CVE-2024-56625.html
  * https://www.suse.com/security/cve/CVE-2024-56629.html
  * https://www.suse.com/security/cve/CVE-2024-56630.html
  * https://www.suse.com/security/cve/CVE-2024-56631.html
  * https://www.suse.com/security/cve/CVE-2024-56632.html
  * https://www.suse.com/security/cve/CVE-2024-56634.html
  * https://www.suse.com/security/cve/CVE-2024-56635.html
  * https://www.suse.com/security/cve/CVE-2024-56636.html
  * https://www.suse.com/security/cve/CVE-2024-56637.html
  * https://www.suse.com/security/cve/CVE-2024-56641.html
  * https://www.suse.com/security/cve/CVE-2024-56642.html
  * https://www.suse.com/security/cve/CVE-2024-56643.html
  * https://www.suse.com/security/cve/CVE-2024-56644.html
  * https://www.suse.com/security/cve/CVE-2024-56648.html
  * https://www.suse.com/security/cve/CVE-2024-56649.html
  * https://www.suse.com/security/cve/CVE-2024-56650.html
  * https://www.suse.com/security/cve/CVE-2024-56651.html
  * https://www.suse.com/security/cve/CVE-2024-56654.html
  * https://www.suse.com/security/cve/CVE-2024-56656.html
  * https://www.suse.com/security/cve/CVE-2024-56659.html
  * https://www.suse.com/security/cve/CVE-2024-56660.html
  * https://www.suse.com/security/cve/CVE-2024-56661.html
  * https://www.suse.com/security/cve/CVE-2024-56662.html
  * https://www.suse.com/security/cve/CVE-2024-56663.html
  * https://www.suse.com/security/cve/CVE-2024-56664.html
  * https://www.suse.com/security/cve/CVE-2024-56665.html
  * https://www.suse.com/security/cve/CVE-2024-56670.html
  * https://www.suse.com/security/cve/CVE-2024-56672.html
  * https://www.suse.com/security/cve/CVE-2024-56675.html
  * https://www.suse.com/security/cve/CVE-2024-56677.html
  * https://www.suse.com/security/cve/CVE-2024-56678.html
  * https://www.suse.com/security/cve/CVE-2024-56679.html
  * https://www.suse.com/security/cve/CVE-2024-56681.html
  * https://www.suse.com/security/cve/CVE-2024-56683.html
  * https://www.suse.com/security/cve/CVE-2024-56687.html
  * https://www.suse.com/security/cve/CVE-2024-56688.html
  * https://www.suse.com/security/cve/CVE-2024-56690.html
  * https://www.suse.com/security/cve/CVE-2024-56691.html
  * https://www.suse.com/security/cve/CVE-2024-56693.html
  * https://www.suse.com/security/cve/CVE-2024-56694.html
  * https://www.suse.com/security/cve/CVE-2024-56698.html
  * https://www.suse.com/security/cve/CVE-2024-56700.html
  * https://www.suse.com/security/cve/CVE-2024-56701.html
  * https://www.suse.com/security/cve/CVE-2024-56704.html
  * https://www.suse.com/security/cve/CVE-2024-56705.html
  * https://www.suse.com/security/cve/CVE-2024-56707.html
  * https://www.suse.com/security/cve/CVE-2024-56708.html
  * https://www.suse.com/security/cve/CVE-2024-56709.html
  * https://www.suse.com/security/cve/CVE-2024-56712.html
  * https://www.suse.com/security/cve/CVE-2024-56715.html
  * https://www.suse.com/security/cve/CVE-2024-56716.html
  * https://www.suse.com/security/cve/CVE-2024-56722.html
  * https://www.suse.com/security/cve/CVE-2024-56723.html
  * https://www.suse.com/security/cve/CVE-2024-56724.html
  * https://www.suse.com/security/cve/CVE-2024-56725.html
  * https://www.suse.com/security/cve/CVE-2024-56726.html
  * https://www.suse.com/security/cve/CVE-2024-56727.html
  * https://www.suse.com/security/cve/CVE-2024-56728.html
  * https://www.suse.com/security/cve/CVE-2024-56729.html
  * https://www.suse.com/security/cve/CVE-2024-56739.html
  * https://www.suse.com/security/cve/CVE-2024-56741.html
  * https://www.suse.com/security/cve/CVE-2024-56745.html
  * https://www.suse.com/security/cve/CVE-2024-56746.html
  * https://www.suse.com/security/cve/CVE-2024-56747.html
  * https://www.suse.com/security/cve/CVE-2024-56748.html
  * https://www.suse.com/security/cve/CVE-2024-56759.html
  * https://www.suse.com/security/cve/CVE-2024-56760.html
  * https://www.suse.com/security/cve/CVE-2024-56763.html
  * https://www.suse.com/security/cve/CVE-2024-56765.html
  * https://www.suse.com/security/cve/CVE-2024-56766.html
  * https://www.suse.com/security/cve/CVE-2024-56767.html
  * https://www.suse.com/security/cve/CVE-2024-56769.html
  * https://www.suse.com/security/cve/CVE-2024-56774.html
  * https://www.suse.com/security/cve/CVE-2024-56775.html
  * https://www.suse.com/security/cve/CVE-2024-56776.html
  * https://www.suse.com/security/cve/CVE-2024-56777.html
  * https://www.suse.com/security/cve/CVE-2024-56778.html
  * https://www.suse.com/security/cve/CVE-2024-56779.html
  * https://www.suse.com/security/cve/CVE-2024-56780.html
  * https://www.suse.com/security/cve/CVE-2024-56787.html
  * https://www.suse.com/security/cve/CVE-2024-57791.html
  * https://www.suse.com/security/cve/CVE-2024-57792.html
  * https://www.suse.com/security/cve/CVE-2024-57793.html
  * https://www.suse.com/security/cve/CVE-2024-57795.html
  * https://www.suse.com/security/cve/CVE-2024-57798.html
  * https://www.suse.com/security/cve/CVE-2024-57801.html
  * https://www.suse.com/security/cve/CVE-2024-57802.html
  * https://www.suse.com/security/cve/CVE-2024-57804.html
  * https://www.suse.com/security/cve/CVE-2024-57809.html
  * https://www.suse.com/security/cve/CVE-2024-57838.html
  * https://www.suse.com/security/cve/CVE-2024-57849.html
  * https://www.suse.com/security/cve/CVE-2024-57850.html
  * https://www.suse.com/security/cve/CVE-2024-57857.html
  * https://www.suse.com/security/cve/CVE-2024-57874.html
  * https://www.suse.com/security/cve/CVE-2024-57876.html
  * https://www.suse.com/security/cve/CVE-2024-57884.html
  * https://www.suse.com/security/cve/CVE-2024-57887.html
  * https://www.suse.com/security/cve/CVE-2024-57888.html
  * https://www.suse.com/security/cve/CVE-2024-57890.html
  * https://www.suse.com/security/cve/CVE-2024-57892.html
  * https://www.suse.com/security/cve/CVE-2024-57893.html
  * https://www.suse.com/security/cve/CVE-2024-57896.html
  * https://www.suse.com/security/cve/CVE-2024-57897.html
  * https://www.suse.com/security/cve/CVE-2024-57899.html
  * https://www.suse.com/security/cve/CVE-2024-57903.html
  * https://www.suse.com/security/cve/CVE-2024-57904.html
  * https://www.suse.com/security/cve/CVE-2024-57906.html
  * https://www.suse.com/security/cve/CVE-2024-57907.html
  * https://www.suse.com/security/cve/CVE-2024-57908.html
  * https://www.suse.com/security/cve/CVE-2024-57910.html
  * https://www.suse.com/security/cve/CVE-2024-57911.html
  * https://www.suse.com/security/cve/CVE-2024-57912.html
  * https://www.suse.com/security/cve/CVE-2024-57913.html
  * https://www.suse.com/security/cve/CVE-2024-57915.html
  * https://www.suse.com/security/cve/CVE-2024-57916.html
  * https://www.suse.com/security/cve/CVE-2024-57917.html
  * https://www.suse.com/security/cve/CVE-2024-57922.html
  * https://www.suse.com/security/cve/CVE-2024-57926.html
  * https://www.suse.com/security/cve/CVE-2024-57929.html
  * https://www.suse.com/security/cve/CVE-2024-57931.html
  * https://www.suse.com/security/cve/CVE-2024-57932.html
  * https://www.suse.com/security/cve/CVE-2024-57933.html
  * https://www.suse.com/security/cve/CVE-2024-57935.html
  * https://www.suse.com/security/cve/CVE-2024-57936.html
  * https://www.suse.com/security/cve/CVE-2024-57938.html
  * https://www.suse.com/security/cve/CVE-2024-57940.html
  * https://www.suse.com/security/cve/CVE-2024-57946.html
  * https://www.suse.com/security/cve/CVE-2025-21632.html
  * https://www.suse.com/security/cve/CVE-2025-21645.html
  * https://www.suse.com/security/cve/CVE-2025-21646.html
  * https://www.suse.com/security/cve/CVE-2025-21649.html
  * https://www.suse.com/security/cve/CVE-2025-21650.html
  * https://www.suse.com/security/cve/CVE-2025-21651.html
  * https://www.suse.com/security/cve/CVE-2025-21652.html
  * https://www.suse.com/security/cve/CVE-2025-21653.html
  * https://www.suse.com/security/cve/CVE-2025-21655.html
  * https://www.suse.com/security/cve/CVE-2025-21656.html
  * https://www.suse.com/security/cve/CVE-2025-21662.html
  * https://www.suse.com/security/cve/CVE-2025-21663.html
  * https://www.suse.com/security/cve/CVE-2025-21664.html
  * https://www.suse.com/security/cve/CVE-2025-21674.html
  * https://www.suse.com/security/cve/CVE-2025-21676.html
  * https://www.suse.com/security/cve/CVE-2025-21678.html
  * https://www.suse.com/security/cve/CVE-2025-21682.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1012628
  * https://bugzilla.suse.com/show_bug.cgi?id=1194869
  * https://bugzilla.suse.com/show_bug.cgi?id=1215199
  * https://bugzilla.suse.com/show_bug.cgi?id=1216813
  * https://bugzilla.suse.com/show_bug.cgi?id=1218470
  * https://bugzilla.suse.com/show_bug.cgi?id=1220711
  * https://bugzilla.suse.com/show_bug.cgi?id=1221326
  * https://bugzilla.suse.com/show_bug.cgi?id=1222803
  * https://bugzilla.suse.com/show_bug.cgi?id=1224049
  * https://bugzilla.suse.com/show_bug.cgi?id=1225897
  * https://bugzilla.suse.com/show_bug.cgi?id=1226980
  * https://bugzilla.suse.com/show_bug.cgi?id=1228592
  * https://bugzilla.suse.com/show_bug.cgi?id=1229833
  * https://bugzilla.suse.com/show_bug.cgi?id=1231016
  * https://bugzilla.suse.com/show_bug.cgi?id=1232087
  * https://bugzilla.suse.com/show_bug.cgi?id=1232101
  * https://bugzilla.suse.com/show_bug.cgi?id=1232158
  * https://bugzilla.suse.com/show_bug.cgi?id=1232161
  * https://bugzilla.suse.com/show_bug.cgi?id=1232421
  * https://bugzilla.suse.com/show_bug.cgi?id=1232882
  * https://bugzilla.suse.com/show_bug.cgi?id=1233055
  * https://bugzilla.suse.com/show_bug.cgi?id=1233112
  * https://bugzilla.suse.com/show_bug.cgi?id=1233221
  * https://bugzilla.suse.com/show_bug.cgi?id=1233248
  * https://bugzilla.suse.com/show_bug.cgi?id=1233259
  * https://bugzilla.suse.com/show_bug.cgi?id=1233260
  * https://bugzilla.suse.com/show_bug.cgi?id=1233488
  * https://bugzilla.suse.com/show_bug.cgi?id=1233522
  * https://bugzilla.suse.com/show_bug.cgi?id=1233638
  * https://bugzilla.suse.com/show_bug.cgi?id=1233642
  * https://bugzilla.suse.com/show_bug.cgi?id=1233778
  * https://bugzilla.suse.com/show_bug.cgi?id=1234195
  * https://bugzilla.suse.com/show_bug.cgi?id=1234619
  * https://bugzilla.suse.com/show_bug.cgi?id=1234635
  * https://bugzilla.suse.com/show_bug.cgi?id=1234683
  * https://bugzilla.suse.com/show_bug.cgi?id=1234693
  * https://bugzilla.suse.com/show_bug.cgi?id=1234726
  * https://bugzilla.suse.com/show_bug.cgi?id=1234825
  * https://bugzilla.suse.com/show_bug.cgi?id=1234863
  * https://bugzilla.suse.com/show_bug.cgi?id=1234887
  * https://bugzilla.suse.com/show_bug.cgi?id=1234888
  * https://bugzilla.suse.com/show_bug.cgi?id=1234893
  * https://bugzilla.suse.com/show_bug.cgi?id=1234898
  * https://bugzilla.suse.com/show_bug.cgi?id=1234901
  * https://bugzilla.suse.com/show_bug.cgi?id=1234906
  * https://bugzilla.suse.com/show_bug.cgi?id=1234923
  * https://bugzilla.suse.com/show_bug.cgi?id=1234931
  * https://bugzilla.suse.com/show_bug.cgi?id=1234934
  * https://bugzilla.suse.com/show_bug.cgi?id=1234947
  * https://bugzilla.suse.com/show_bug.cgi?id=1234957
  * https://bugzilla.suse.com/show_bug.cgi?id=1235000
  * https://bugzilla.suse.com/show_bug.cgi?id=1235001
  * https://bugzilla.suse.com/show_bug.cgi?id=1235011
  * https://bugzilla.suse.com/show_bug.cgi?id=1235031
  * https://bugzilla.suse.com/show_bug.cgi?id=1235032
  * https://bugzilla.suse.com/show_bug.cgi?id=1235035
  * https://bugzilla.suse.com/show_bug.cgi?id=1235037
  * https://bugzilla.suse.com/show_bug.cgi?id=1235038
  * https://bugzilla.suse.com/show_bug.cgi?id=1235039
  * https://bugzilla.suse.com/show_bug.cgi?id=1235040
  * https://bugzilla.suse.com/show_bug.cgi?id=1235042
  * https://bugzilla.suse.com/show_bug.cgi?id=1235043
  * https://bugzilla.suse.com/show_bug.cgi?id=1235046
  * https://bugzilla.suse.com/show_bug.cgi?id=1235050
  * https://bugzilla.suse.com/show_bug.cgi?id=1235051
  * https://bugzilla.suse.com/show_bug.cgi?id=1235053
  * https://bugzilla.suse.com/show_bug.cgi?id=1235054
  * https://bugzilla.suse.com/show_bug.cgi?id=1235057
  * https://bugzilla.suse.com/show_bug.cgi?id=1235059
  * https://bugzilla.suse.com/show_bug.cgi?id=1235061
  * https://bugzilla.suse.com/show_bug.cgi?id=1235065
  * https://bugzilla.suse.com/show_bug.cgi?id=1235070
  * https://bugzilla.suse.com/show_bug.cgi?id=1235073
  * https://bugzilla.suse.com/show_bug.cgi?id=1235100
  * https://bugzilla.suse.com/show_bug.cgi?id=1235112
  * https://bugzilla.suse.com/show_bug.cgi?id=1235115
  * https://bugzilla.suse.com/show_bug.cgi?id=1235117
  * https://bugzilla.suse.com/show_bug.cgi?id=1235122
  * https://bugzilla.suse.com/show_bug.cgi?id=1235123
  * https://bugzilla.suse.com/show_bug.cgi?id=1235125
  * https://bugzilla.suse.com/show_bug.cgi?id=1235132
  * https://bugzilla.suse.com/show_bug.cgi?id=1235133
  * https://bugzilla.suse.com/show_bug.cgi?id=1235155
  * https://bugzilla.suse.com/show_bug.cgi?id=1235160
  * https://bugzilla.suse.com/show_bug.cgi?id=1235217
  * https://bugzilla.suse.com/show_bug.cgi?id=1235219
  * https://bugzilla.suse.com/show_bug.cgi?id=1235220
  * https://bugzilla.suse.com/show_bug.cgi?id=1235222
  * https://bugzilla.suse.com/show_bug.cgi?id=1235223
  * https://bugzilla.suse.com/show_bug.cgi?id=1235224
  * https://bugzilla.suse.com/show_bug.cgi?id=1235227
  * https://bugzilla.suse.com/show_bug.cgi?id=1235230
  * https://bugzilla.suse.com/show_bug.cgi?id=1235241
  * https://bugzilla.suse.com/show_bug.cgi?id=1235249
  * https://bugzilla.suse.com/show_bug.cgi?id=1235251
  * https://bugzilla.suse.com/show_bug.cgi?id=1235252
  * https://bugzilla.suse.com/show_bug.cgi?id=1235389
  * https://bugzilla.suse.com/show_bug.cgi?id=1235390
  * https://bugzilla.suse.com/show_bug.cgi?id=1235391
  * https://bugzilla.suse.com/show_bug.cgi?id=1235406
  * https://bugzilla.suse.com/show_bug.cgi?id=1235410
  * https://bugzilla.suse.com/show_bug.cgi?id=1235412
  * https://bugzilla.suse.com/show_bug.cgi?id=1235413
  * https://bugzilla.suse.com/show_bug.cgi?id=1235415
  * https://bugzilla.suse.com/show_bug.cgi?id=1235416
  * https://bugzilla.suse.com/show_bug.cgi?id=1235417
  * https://bugzilla.suse.com/show_bug.cgi?id=1235418
  * https://bugzilla.suse.com/show_bug.cgi?id=1235423
  * https://bugzilla.suse.com/show_bug.cgi?id=1235424
  * https://bugzilla.suse.com/show_bug.cgi?id=1235425
  * https://bugzilla.suse.com/show_bug.cgi?id=1235426
  * https://bugzilla.suse.com/show_bug.cgi?id=1235427
  * https://bugzilla.suse.com/show_bug.cgi?id=1235428
  * https://bugzilla.suse.com/show_bug.cgi?id=1235429
  * https://bugzilla.suse.com/show_bug.cgi?id=1235430
  * https://bugzilla.suse.com/show_bug.cgi?id=1235433
  * https://bugzilla.suse.com/show_bug.cgi?id=1235437
  * https://bugzilla.suse.com/show_bug.cgi?id=1235439
  * https://bugzilla.suse.com/show_bug.cgi?id=1235444
  * https://bugzilla.suse.com/show_bug.cgi?id=1235445
  * https://bugzilla.suse.com/show_bug.cgi?id=1235449
  * https://bugzilla.suse.com/show_bug.cgi?id=1235451
  * https://bugzilla.suse.com/show_bug.cgi?id=1235454
  * https://bugzilla.suse.com/show_bug.cgi?id=1235458
  * https://bugzilla.suse.com/show_bug.cgi?id=1235459
  * https://bugzilla.suse.com/show_bug.cgi?id=1235464
  * https://bugzilla.suse.com/show_bug.cgi?id=1235466
  * https://bugzilla.suse.com/show_bug.cgi?id=1235473
  * https://bugzilla.suse.com/show_bug.cgi?id=1235479
  * https://bugzilla.suse.com/show_bug.cgi?id=1235480
  * https://bugzilla.suse.com/show_bug.cgi?id=1235483
  * https://bugzilla.suse.com/show_bug.cgi?id=1235486
  * https://bugzilla.suse.com/show_bug.cgi?id=1235487
  * https://bugzilla.suse.com/show_bug.cgi?id=1235488
  * https://bugzilla.suse.com/show_bug.cgi?id=1235489
  * https://bugzilla.suse.com/show_bug.cgi?id=1235491
  * https://bugzilla.suse.com/show_bug.cgi?id=1235494
  * https://bugzilla.suse.com/show_bug.cgi?id=1235495
  * https://bugzilla.suse.com/show_bug.cgi?id=1235496
  * https://bugzilla.suse.com/show_bug.cgi?id=1235497
  * https://bugzilla.suse.com/show_bug.cgi?id=1235498
  * https://bugzilla.suse.com/show_bug.cgi?id=1235500
  * https://bugzilla.suse.com/show_bug.cgi?id=1235502
  * https://bugzilla.suse.com/show_bug.cgi?id=1235503
  * https://bugzilla.suse.com/show_bug.cgi?id=1235519
  * https://bugzilla.suse.com/show_bug.cgi?id=1235520
  * https://bugzilla.suse.com/show_bug.cgi?id=1235521
  * https://bugzilla.suse.com/show_bug.cgi?id=1235523
  * https://bugzilla.suse.com/show_bug.cgi?id=1235526
  * https://bugzilla.suse.com/show_bug.cgi?id=1235528
  * https://bugzilla.suse.com/show_bug.cgi?id=1235532
  * https://bugzilla.suse.com/show_bug.cgi?id=1235533
  * https://bugzilla.suse.com/show_bug.cgi?id=1235534
  * https://bugzilla.suse.com/show_bug.cgi?id=1235537
  * https://bugzilla.suse.com/show_bug.cgi?id=1235538
  * https://bugzilla.suse.com/show_bug.cgi?id=1235545
  * https://bugzilla.suse.com/show_bug.cgi?id=1235552
  * https://bugzilla.suse.com/show_bug.cgi?id=1235555
  * https://bugzilla.suse.com/show_bug.cgi?id=1235557
  * https://bugzilla.suse.com/show_bug.cgi?id=1235563
  * https://bugzilla.suse.com/show_bug.cgi?id=1235564
  * https://bugzilla.suse.com/show_bug.cgi?id=1235565
  * https://bugzilla.suse.com/show_bug.cgi?id=1235568
  * https://bugzilla.suse.com/show_bug.cgi?id=1235570
  * https://bugzilla.suse.com/show_bug.cgi?id=1235571
  * https://bugzilla.suse.com/show_bug.cgi?id=1235577
  * https://bugzilla.suse.com/show_bug.cgi?id=1235578
  * https://bugzilla.suse.com/show_bug.cgi?id=1235582
  * https://bugzilla.suse.com/show_bug.cgi?id=1235583
  * https://bugzilla.suse.com/show_bug.cgi?id=1235584
  * https://bugzilla.suse.com/show_bug.cgi?id=1235587
  * https://bugzilla.suse.com/show_bug.cgi?id=1235611
  * https://bugzilla.suse.com/show_bug.cgi?id=1235612
  * https://bugzilla.suse.com/show_bug.cgi?id=1235616
  * https://bugzilla.suse.com/show_bug.cgi?id=1235622
  * https://bugzilla.suse.com/show_bug.cgi?id=1235627
  * https://bugzilla.suse.com/show_bug.cgi?id=1235632
  * https://bugzilla.suse.com/show_bug.cgi?id=1235635
  * https://bugzilla.suse.com/show_bug.cgi?id=1235638
  * https://bugzilla.suse.com/show_bug.cgi?id=1235641
  * https://bugzilla.suse.com/show_bug.cgi?id=1235643
  * https://bugzilla.suse.com/show_bug.cgi?id=1235645
  * https://bugzilla.suse.com/show_bug.cgi?id=1235646
  * https://bugzilla.suse.com/show_bug.cgi?id=1235647
  * https://bugzilla.suse.com/show_bug.cgi?id=1235650
  * https://bugzilla.suse.com/show_bug.cgi?id=1235653
  * https://bugzilla.suse.com/show_bug.cgi?id=1235656
  * https://bugzilla.suse.com/show_bug.cgi?id=1235657
  * https://bugzilla.suse.com/show_bug.cgi?id=1235663
  * https://bugzilla.suse.com/show_bug.cgi?id=1235686
  * https://bugzilla.suse.com/show_bug.cgi?id=1235700
  * https://bugzilla.suse.com/show_bug.cgi?id=1235705
  * https://bugzilla.suse.com/show_bug.cgi?id=1235707
  * https://bugzilla.suse.com/show_bug.cgi?id=1235708
  * https://bugzilla.suse.com/show_bug.cgi?id=1235710
  * https://bugzilla.suse.com/show_bug.cgi?id=1235714
  * https://bugzilla.suse.com/show_bug.cgi?id=1235716
  * https://bugzilla.suse.com/show_bug.cgi?id=1235720
  * https://bugzilla.suse.com/show_bug.cgi?id=1235723
  * https://bugzilla.suse.com/show_bug.cgi?id=1235727
  * https://bugzilla.suse.com/show_bug.cgi?id=1235730
  * https://bugzilla.suse.com/show_bug.cgi?id=1235737
  * https://bugzilla.suse.com/show_bug.cgi?id=1235739
  * https://bugzilla.suse.com/show_bug.cgi?id=1235745
  * https://bugzilla.suse.com/show_bug.cgi?id=1235747
  * https://bugzilla.suse.com/show_bug.cgi?id=1235750
  * https://bugzilla.suse.com/show_bug.cgi?id=1235753
  * https://bugzilla.suse.com/show_bug.cgi?id=1235759
  * https://bugzilla.suse.com/show_bug.cgi?id=1235764
  * https://bugzilla.suse.com/show_bug.cgi?id=1235768
  * https://bugzilla.suse.com/show_bug.cgi?id=1235776
  * https://bugzilla.suse.com/show_bug.cgi?id=1235777
  * https://bugzilla.suse.com/show_bug.cgi?id=1235778
  * https://bugzilla.suse.com/show_bug.cgi?id=1235779
  * https://bugzilla.suse.com/show_bug.cgi?id=1235793
  * https://bugzilla.suse.com/show_bug.cgi?id=1235798
  * https://bugzilla.suse.com/show_bug.cgi?id=1235806
  * https://bugzilla.suse.com/show_bug.cgi?id=1235808
  * https://bugzilla.suse.com/show_bug.cgi?id=1235812
  * https://bugzilla.suse.com/show_bug.cgi?id=1235814
  * https://bugzilla.suse.com/show_bug.cgi?id=1235818
  * https://bugzilla.suse.com/show_bug.cgi?id=1235842
  * https://bugzilla.suse.com/show_bug.cgi?id=1235865
  * https://bugzilla.suse.com/show_bug.cgi?id=1235874
  * https://bugzilla.suse.com/show_bug.cgi?id=1235894
  * https://bugzilla.suse.com/show_bug.cgi?id=1235902
  * https://bugzilla.suse.com/show_bug.cgi?id=1235903
  * https://bugzilla.suse.com/show_bug.cgi?id=1235906
  * https://bugzilla.suse.com/show_bug.cgi?id=1235918
  * https://bugzilla.suse.com/show_bug.cgi?id=1235919
  * https://bugzilla.suse.com/show_bug.cgi?id=1235920
  * https://bugzilla.suse.com/show_bug.cgi?id=1235924
  * https://bugzilla.suse.com/show_bug.cgi?id=1235940
  * https://bugzilla.suse.com/show_bug.cgi?id=1235941
  * https://bugzilla.suse.com/show_bug.cgi?id=1235946
  * https://bugzilla.suse.com/show_bug.cgi?id=1235948
  * https://bugzilla.suse.com/show_bug.cgi?id=1235952
  * https://bugzilla.suse.com/show_bug.cgi?id=1235964
  * https://bugzilla.suse.com/show_bug.cgi?id=1235965
  * https://bugzilla.suse.com/show_bug.cgi?id=1235967
  * https://bugzilla.suse.com/show_bug.cgi?id=1235969
  * https://bugzilla.suse.com/show_bug.cgi?id=1235976
  * https://bugzilla.suse.com/show_bug.cgi?id=1235977
  * https://bugzilla.suse.com/show_bug.cgi?id=1236078
  * https://bugzilla.suse.com/show_bug.cgi?id=1236080
  * https://bugzilla.suse.com/show_bug.cgi?id=1236082
  * https://bugzilla.suse.com/show_bug.cgi?id=1236088
  * https://bugzilla.suse.com/show_bug.cgi?id=1236090
  * https://bugzilla.suse.com/show_bug.cgi?id=1236091
  * https://bugzilla.suse.com/show_bug.cgi?id=1236096
  * https://bugzilla.suse.com/show_bug.cgi?id=1236097
  * https://bugzilla.suse.com/show_bug.cgi?id=1236098
  * https://bugzilla.suse.com/show_bug.cgi?id=1236101
  * https://bugzilla.suse.com/show_bug.cgi?id=1236102
  * https://bugzilla.suse.com/show_bug.cgi?id=1236104
  * https://bugzilla.suse.com/show_bug.cgi?id=1236106
  * https://bugzilla.suse.com/show_bug.cgi?id=1236120
  * https://bugzilla.suse.com/show_bug.cgi?id=1236125
  * https://bugzilla.suse.com/show_bug.cgi?id=1236127
  * https://bugzilla.suse.com/show_bug.cgi?id=1236131
  * https://bugzilla.suse.com/show_bug.cgi?id=1236138
  * https://bugzilla.suse.com/show_bug.cgi?id=1236143
  * https://bugzilla.suse.com/show_bug.cgi?id=1236144
  * https://bugzilla.suse.com/show_bug.cgi?id=1236145
  * https://bugzilla.suse.com/show_bug.cgi?id=1236160
  * https://bugzilla.suse.com/show_bug.cgi?id=1236161
  * https://bugzilla.suse.com/show_bug.cgi?id=1236163
  * https://bugzilla.suse.com/show_bug.cgi?id=1236168
  * https://bugzilla.suse.com/show_bug.cgi?id=1236178
  * https://bugzilla.suse.com/show_bug.cgi?id=1236180
  * https://bugzilla.suse.com/show_bug.cgi?id=1236181
  * https://bugzilla.suse.com/show_bug.cgi?id=1236182
  * https://bugzilla.suse.com/show_bug.cgi?id=1236190
  * https://bugzilla.suse.com/show_bug.cgi?id=1236192
  * https://bugzilla.suse.com/show_bug.cgi?id=1236198
  * https://bugzilla.suse.com/show_bug.cgi?id=1236227
  * https://bugzilla.suse.com/show_bug.cgi?id=1236245
  * https://bugzilla.suse.com/show_bug.cgi?id=1236247
  * https://bugzilla.suse.com/show_bug.cgi?id=1236248
  * https://bugzilla.suse.com/show_bug.cgi?id=1236260
  * https://bugzilla.suse.com/show_bug.cgi?id=1236262
  * https://bugzilla.suse.com/show_bug.cgi?id=1236628
  * https://bugzilla.suse.com/show_bug.cgi?id=1236688
  * https://bugzilla.suse.com/show_bug.cgi?id=1236696
  * https://bugzilla.suse.com/show_bug.cgi?id=1236698
  * https://bugzilla.suse.com/show_bug.cgi?id=1236703
  * https://bugzilla.suse.com/show_bug.cgi?id=1236732
  * https://bugzilla.suse.com/show_bug.cgi?id=1236733
  * https://bugzilla.suse.com/show_bug.cgi?id=1236757
  * https://bugzilla.suse.com/show_bug.cgi?id=1236758
  * https://bugzilla.suse.com/show_bug.cgi?id=1236760

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250211/90a38a33/attachment.htm>

From null at suse.de  Tue Feb 11 12:34:32 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Tue, 11 Feb 2025 12:34:32 -0000
Subject: SUSE-SU-2025:0419-1: moderate: Security update for python311
Message-ID: <173927727250.21757.487253986425942573@smelt2.prg2.suse.org>



# Security update for python311

Announcement ID: SUSE-SU-2025:0419-1  
Release Date: 2025-02-11T10:25:48Z  
Rating: moderate  
References:

  * bsc#1228165
  * bsc#1236705

  
Cross-References:

  * CVE-2025-0938

  
CVSS scores:

  * CVE-2025-0938 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N
  * CVE-2025-0938 ( SUSE ):  4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
  * CVE-2025-0938 ( NVD ):  6.3
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

  
Affected Products:

  * openSUSE Leap 15.4
  * Public Cloud Module 15-SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for python311 fixes the following issues:

  * CVE-2025-0938: domain names containing square brackets are not identified as
    incorrect by urlparse. (bsc#1236705)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-419=1

  * Public Cloud Module 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-419=1

## Package List:

  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * libpython3_11-1_0-3.11.11-150400.9.44.1
    * python311-debugsource-3.11.11-150400.9.44.1
    * python311-tk-debuginfo-3.11.11-150400.9.44.1
    * python311-devel-3.11.11-150400.9.44.1
    * python311-tk-3.11.11-150400.9.44.1
    * python311-testsuite-3.11.11-150400.9.44.1
    * python311-debuginfo-3.11.11-150400.9.44.1
    * python311-tools-3.11.11-150400.9.44.1
    * python311-doc-devhelp-3.11.11-150400.9.44.1
    * python311-dbm-3.11.11-150400.9.44.1
    * python311-doc-3.11.11-150400.9.44.1
    * python311-curses-debuginfo-3.11.11-150400.9.44.1
    * libpython3_11-1_0-debuginfo-3.11.11-150400.9.44.1
    * python311-base-3.11.11-150400.9.44.1
    * python311-dbm-debuginfo-3.11.11-150400.9.44.1
    * python311-core-debugsource-3.11.11-150400.9.44.1
    * python311-curses-3.11.11-150400.9.44.1
    * python311-3.11.11-150400.9.44.1
    * python311-idle-3.11.11-150400.9.44.1
    * python311-testsuite-debuginfo-3.11.11-150400.9.44.1
    * python311-base-debuginfo-3.11.11-150400.9.44.1
  * openSUSE Leap 15.4 (x86_64)
    * python311-32bit-3.11.11-150400.9.44.1
    * libpython3_11-1_0-32bit-3.11.11-150400.9.44.1
    * python311-base-32bit-debuginfo-3.11.11-150400.9.44.1
    * libpython3_11-1_0-32bit-debuginfo-3.11.11-150400.9.44.1
    * python311-base-32bit-3.11.11-150400.9.44.1
    * python311-32bit-debuginfo-3.11.11-150400.9.44.1
  * openSUSE Leap 15.4 (aarch64_ilp32)
    * python311-base-64bit-debuginfo-3.11.11-150400.9.44.1
    * python311-64bit-3.11.11-150400.9.44.1
    * libpython3_11-1_0-64bit-debuginfo-3.11.11-150400.9.44.1
    * python311-base-64bit-3.11.11-150400.9.44.1
    * python311-64bit-debuginfo-3.11.11-150400.9.44.1
    * libpython3_11-1_0-64bit-3.11.11-150400.9.44.1
  * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64)
    * python311-3.11.11-150400.9.44.1
    * libpython3_11-1_0-3.11.11-150400.9.44.1
    * python311-base-3.11.11-150400.9.44.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-0938.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1228165
  * https://bugzilla.suse.com/show_bug.cgi?id=1236705

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250211/ac50410b/attachment.htm>

From null at suse.de  Tue Feb 11 16:30:08 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Tue, 11 Feb 2025 16:30:08 -0000
Subject: SUSE-SU-2025:0432-1: moderate: Security update for qemu
Message-ID: <173929140874.21738.8387838318912839473@smelt2.prg2.suse.org>



# Security update for qemu

Announcement ID: SUSE-SU-2025:0432-1  
Release Date: 2025-02-11T14:14:12Z  
Rating: moderate  
References:

  * bsc#1193914
  * bsc#1201944

  
Cross-References:

  * CVE-2021-3611

  
CVSS scores:

  * CVE-2021-3611 ( SUSE ):  5.3
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L
  * CVE-2021-3611 ( SUSE ):  5.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L
  * CVE-2021-3611 ( NVD ):  6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4

  
  
An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for qemu fixes the following issues:

  * CVE-2021-3611: Fixed segmentation fault due to stack overflow (bsc#1193914).

Other fixes:

  * qemu.spec: mark bridge.conf as noreplace (bsc#1201944).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-432=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-432=1

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-432=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-432=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-432=1

## Package List:

  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * qemu-ui-opengl-6.2.0-150400.37.40.1
    * qemu-guest-agent-6.2.0-150400.37.40.1
    * qemu-hw-usb-redirect-6.2.0-150400.37.40.1
    * qemu-chardev-spice-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-gpu-debuginfo-6.2.0-150400.37.40.1
    * qemu-audio-spice-6.2.0-150400.37.40.1
    * qemu-debugsource-6.2.0-150400.37.40.1
    * qemu-ui-opengl-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-gpu-6.2.0-150400.37.40.1
    * qemu-chardev-spice-debuginfo-6.2.0-150400.37.40.1
    * qemu-ui-spice-core-6.2.0-150400.37.40.1
    * qemu-audio-spice-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-vga-debuginfo-6.2.0-150400.37.40.1
    * qemu-tools-6.2.0-150400.37.40.1
    * qemu-tools-debuginfo-6.2.0-150400.37.40.1
    * qemu-ui-spice-core-debuginfo-6.2.0-150400.37.40.1
    * qemu-guest-agent-debuginfo-6.2.0-150400.37.40.1
    * qemu-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-usb-redirect-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-vga-6.2.0-150400.37.40.1
    * qemu-hw-display-qxl-debuginfo-6.2.0-150400.37.40.1
    * qemu-6.2.0-150400.37.40.1
    * qemu-hw-display-qxl-6.2.0-150400.37.40.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64)
    * qemu-arm-debuginfo-6.2.0-150400.37.40.1
    * qemu-arm-6.2.0-150400.37.40.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch)
    * qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.40.1
    * qemu-ipxe-1.0.0+-150400.37.40.1
    * qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.40.1
    * qemu-sgabios-8-150400.37.40.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (s390x)
    * qemu-s390x-debuginfo-6.2.0-150400.37.40.1
    * qemu-s390x-6.2.0-150400.37.40.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64)
    * qemu-x86-6.2.0-150400.37.40.1
    * qemu-accel-tcg-x86-6.2.0-150400.37.40.1
    * qemu-x86-debuginfo-6.2.0-150400.37.40.1
    * qemu-accel-tcg-x86-debuginfo-6.2.0-150400.37.40.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * qemu-ui-opengl-6.2.0-150400.37.40.1
    * qemu-guest-agent-6.2.0-150400.37.40.1
    * qemu-hw-usb-redirect-6.2.0-150400.37.40.1
    * qemu-chardev-spice-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-gpu-debuginfo-6.2.0-150400.37.40.1
    * qemu-audio-spice-6.2.0-150400.37.40.1
    * qemu-debugsource-6.2.0-150400.37.40.1
    * qemu-ui-opengl-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-gpu-6.2.0-150400.37.40.1
    * qemu-chardev-spice-debuginfo-6.2.0-150400.37.40.1
    * qemu-ui-spice-core-6.2.0-150400.37.40.1
    * qemu-audio-spice-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-vga-debuginfo-6.2.0-150400.37.40.1
    * qemu-tools-6.2.0-150400.37.40.1
    * qemu-tools-debuginfo-6.2.0-150400.37.40.1
    * qemu-ui-spice-core-debuginfo-6.2.0-150400.37.40.1
    * qemu-guest-agent-debuginfo-6.2.0-150400.37.40.1
    * qemu-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-usb-redirect-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-vga-6.2.0-150400.37.40.1
    * qemu-hw-display-qxl-debuginfo-6.2.0-150400.37.40.1
    * qemu-6.2.0-150400.37.40.1
    * qemu-hw-display-qxl-6.2.0-150400.37.40.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64)
    * qemu-arm-debuginfo-6.2.0-150400.37.40.1
    * qemu-arm-6.2.0-150400.37.40.1
  * SUSE Linux Enterprise Micro 5.4 (noarch)
    * qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.40.1
    * qemu-ipxe-1.0.0+-150400.37.40.1
    * qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.40.1
    * qemu-sgabios-8-150400.37.40.1
  * SUSE Linux Enterprise Micro 5.4 (s390x)
    * qemu-s390x-debuginfo-6.2.0-150400.37.40.1
    * qemu-s390x-6.2.0-150400.37.40.1
  * SUSE Linux Enterprise Micro 5.4 (x86_64)
    * qemu-x86-6.2.0-150400.37.40.1
    * qemu-accel-tcg-x86-6.2.0-150400.37.40.1
    * qemu-x86-debuginfo-6.2.0-150400.37.40.1
    * qemu-accel-tcg-x86-debuginfo-6.2.0-150400.37.40.1
  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * qemu-ui-opengl-6.2.0-150400.37.40.1
    * qemu-vhost-user-gpu-6.2.0-150400.37.40.1
    * qemu-block-ssh-debuginfo-6.2.0-150400.37.40.1
    * qemu-audio-alsa-6.2.0-150400.37.40.1
    * qemu-ui-spice-app-debuginfo-6.2.0-150400.37.40.1
    * qemu-ppc-debuginfo-6.2.0-150400.37.40.1
    * qemu-block-iscsi-6.2.0-150400.37.40.1
    * qemu-accel-qtest-debuginfo-6.2.0-150400.37.40.1
    * qemu-audio-jack-debuginfo-6.2.0-150400.37.40.1
    * qemu-ivshmem-tools-6.2.0-150400.37.40.1
    * qemu-audio-oss-6.2.0-150400.37.40.1
    * qemu-guest-agent-6.2.0-150400.37.40.1
    * qemu-linux-user-debugsource-6.2.0-150400.37.40.1
    * qemu-hw-usb-redirect-6.2.0-150400.37.40.1
    * qemu-ui-curses-debuginfo-6.2.0-150400.37.40.1
    * qemu-block-dmg-6.2.0-150400.37.40.1
    * qemu-chardev-spice-6.2.0-150400.37.40.1
    * qemu-ui-spice-app-6.2.0-150400.37.40.1
    * qemu-block-gluster-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-gpu-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-usb-smartcard-6.2.0-150400.37.40.1
    * qemu-audio-spice-6.2.0-150400.37.40.1
    * qemu-audio-pa-debuginfo-6.2.0-150400.37.40.1
    * qemu-lang-6.2.0-150400.37.40.1
    * qemu-x86-6.2.0-150400.37.40.1
    * qemu-accel-qtest-6.2.0-150400.37.40.1
    * qemu-ksm-6.2.0-150400.37.40.1
    * qemu-debugsource-6.2.0-150400.37.40.1
    * qemu-block-curl-debuginfo-6.2.0-150400.37.40.1
    * qemu-block-nfs-6.2.0-150400.37.40.1
    * qemu-ui-gtk-6.2.0-150400.37.40.1
    * qemu-ui-opengl-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-usb-host-debuginfo-6.2.0-150400.37.40.1
    * qemu-block-dmg-debuginfo-6.2.0-150400.37.40.1
    * qemu-chardev-spice-debuginfo-6.2.0-150400.37.40.1
    * qemu-block-iscsi-debuginfo-6.2.0-150400.37.40.1
    * qemu-extra-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-gpu-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-gpu-pci-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-s390x-virtio-gpu-ccw-6.2.0-150400.37.40.1
    * qemu-ui-gtk-debuginfo-6.2.0-150400.37.40.1
    * qemu-block-ssh-6.2.0-150400.37.40.1
    * qemu-ui-spice-core-6.2.0-150400.37.40.1
    * qemu-arm-debuginfo-6.2.0-150400.37.40.1
    * qemu-accel-tcg-x86-debuginfo-6.2.0-150400.37.40.1
    * qemu-chardev-baum-6.2.0-150400.37.40.1
    * qemu-audio-spice-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-vga-debuginfo-6.2.0-150400.37.40.1
    * qemu-arm-6.2.0-150400.37.40.1
    * qemu-audio-jack-6.2.0-150400.37.40.1
    * qemu-tools-6.2.0-150400.37.40.1
    * qemu-tools-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-s390x-virtio-gpu-ccw-debuginfo-6.2.0-150400.37.40.1
    * qemu-ui-spice-core-debuginfo-6.2.0-150400.37.40.1
    * qemu-chardev-baum-debuginfo-6.2.0-150400.37.40.1
    * qemu-audio-alsa-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.40.1
    * qemu-linux-user-6.2.0-150400.37.40.1
    * qemu-guest-agent-debuginfo-6.2.0-150400.37.40.1
    * qemu-ppc-6.2.0-150400.37.40.1
    * qemu-linux-user-debuginfo-6.2.0-150400.37.40.1
    * qemu-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-usb-redirect-debuginfo-6.2.0-150400.37.40.1
    * qemu-audio-pa-6.2.0-150400.37.40.1
    * qemu-s390x-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-vga-6.2.0-150400.37.40.1
    * qemu-vhost-user-gpu-debuginfo-6.2.0-150400.37.40.1
    * qemu-block-gluster-6.2.0-150400.37.40.1
    * qemu-hw-display-qxl-6.2.0-150400.37.40.1
    * qemu-hw-usb-host-6.2.0-150400.37.40.1
    * qemu-accel-tcg-x86-6.2.0-150400.37.40.1
    * qemu-hw-display-qxl-debuginfo-6.2.0-150400.37.40.1
    * qemu-x86-debuginfo-6.2.0-150400.37.40.1
    * qemu-audio-oss-debuginfo-6.2.0-150400.37.40.1
    * qemu-s390x-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-usb-smartcard-debuginfo-6.2.0-150400.37.40.1
    * qemu-block-nfs-debuginfo-6.2.0-150400.37.40.1
    * qemu-6.2.0-150400.37.40.1
    * qemu-ivshmem-tools-debuginfo-6.2.0-150400.37.40.1
    * qemu-ui-curses-6.2.0-150400.37.40.1
    * qemu-block-curl-6.2.0-150400.37.40.1
    * qemu-extra-debuginfo-6.2.0-150400.37.40.1
  * openSUSE Leap 15.4 (s390x x86_64 i586)
    * qemu-kvm-6.2.0-150400.37.40.1
  * openSUSE Leap 15.4 (noarch)
    * qemu-skiboot-6.2.0-150400.37.40.1
    * qemu-SLOF-6.2.0-150400.37.40.1
    * qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.40.1
    * qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.40.1
    * qemu-microvm-6.2.0-150400.37.40.1
    * qemu-sgabios-8-150400.37.40.1
    * qemu-ipxe-1.0.0+-150400.37.40.1
  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
    * qemu-block-rbd-debuginfo-6.2.0-150400.37.40.1
    * qemu-block-rbd-6.2.0-150400.37.40.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * qemu-ui-opengl-6.2.0-150400.37.40.1
    * qemu-guest-agent-6.2.0-150400.37.40.1
    * qemu-hw-usb-redirect-6.2.0-150400.37.40.1
    * qemu-chardev-spice-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-gpu-debuginfo-6.2.0-150400.37.40.1
    * qemu-audio-spice-6.2.0-150400.37.40.1
    * qemu-debugsource-6.2.0-150400.37.40.1
    * qemu-ui-opengl-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-gpu-6.2.0-150400.37.40.1
    * qemu-chardev-spice-debuginfo-6.2.0-150400.37.40.1
    * qemu-ui-spice-core-6.2.0-150400.37.40.1
    * qemu-audio-spice-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-vga-debuginfo-6.2.0-150400.37.40.1
    * qemu-tools-6.2.0-150400.37.40.1
    * qemu-tools-debuginfo-6.2.0-150400.37.40.1
    * qemu-ui-spice-core-debuginfo-6.2.0-150400.37.40.1
    * qemu-guest-agent-debuginfo-6.2.0-150400.37.40.1
    * qemu-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-usb-redirect-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-vga-6.2.0-150400.37.40.1
    * qemu-hw-display-qxl-debuginfo-6.2.0-150400.37.40.1
    * qemu-6.2.0-150400.37.40.1
    * qemu-hw-display-qxl-6.2.0-150400.37.40.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64)
    * qemu-arm-debuginfo-6.2.0-150400.37.40.1
    * qemu-arm-6.2.0-150400.37.40.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch)
    * qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.40.1
    * qemu-ipxe-1.0.0+-150400.37.40.1
    * qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.40.1
    * qemu-sgabios-8-150400.37.40.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (s390x)
    * qemu-s390x-debuginfo-6.2.0-150400.37.40.1
    * qemu-s390x-6.2.0-150400.37.40.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64)
    * qemu-x86-6.2.0-150400.37.40.1
    * qemu-accel-tcg-x86-6.2.0-150400.37.40.1
    * qemu-x86-debuginfo-6.2.0-150400.37.40.1
    * qemu-accel-tcg-x86-debuginfo-6.2.0-150400.37.40.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * qemu-ui-opengl-6.2.0-150400.37.40.1
    * qemu-guest-agent-6.2.0-150400.37.40.1
    * qemu-hw-usb-redirect-6.2.0-150400.37.40.1
    * qemu-chardev-spice-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-gpu-debuginfo-6.2.0-150400.37.40.1
    * qemu-audio-spice-6.2.0-150400.37.40.1
    * qemu-debugsource-6.2.0-150400.37.40.1
    * qemu-ui-opengl-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-gpu-6.2.0-150400.37.40.1
    * qemu-chardev-spice-debuginfo-6.2.0-150400.37.40.1
    * qemu-ui-spice-core-6.2.0-150400.37.40.1
    * qemu-audio-spice-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-vga-debuginfo-6.2.0-150400.37.40.1
    * qemu-tools-6.2.0-150400.37.40.1
    * qemu-tools-debuginfo-6.2.0-150400.37.40.1
    * qemu-ui-spice-core-debuginfo-6.2.0-150400.37.40.1
    * qemu-guest-agent-debuginfo-6.2.0-150400.37.40.1
    * qemu-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-usb-redirect-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-vga-6.2.0-150400.37.40.1
    * qemu-hw-display-qxl-debuginfo-6.2.0-150400.37.40.1
    * qemu-6.2.0-150400.37.40.1
    * qemu-hw-display-qxl-6.2.0-150400.37.40.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64)
    * qemu-arm-debuginfo-6.2.0-150400.37.40.1
    * qemu-arm-6.2.0-150400.37.40.1
  * SUSE Linux Enterprise Micro 5.3 (noarch)
    * qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.40.1
    * qemu-ipxe-1.0.0+-150400.37.40.1
    * qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.40.1
    * qemu-sgabios-8-150400.37.40.1
  * SUSE Linux Enterprise Micro 5.3 (s390x)
    * qemu-s390x-debuginfo-6.2.0-150400.37.40.1
    * qemu-s390x-6.2.0-150400.37.40.1
  * SUSE Linux Enterprise Micro 5.3 (x86_64)
    * qemu-x86-6.2.0-150400.37.40.1
    * qemu-accel-tcg-x86-6.2.0-150400.37.40.1
    * qemu-x86-debuginfo-6.2.0-150400.37.40.1
    * qemu-accel-tcg-x86-debuginfo-6.2.0-150400.37.40.1

## References:

  * https://www.suse.com/security/cve/CVE-2021-3611.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1193914
  * https://bugzilla.suse.com/show_bug.cgi?id=1201944

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250211/3abe3277/attachment.htm>

From null at suse.de  Tue Feb 11 16:30:13 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Tue, 11 Feb 2025 16:30:13 -0000
Subject: SUSE-SU-2025:0431-1: moderate: Security update for go1.24
Message-ID: <173929141376.21738.8827378987084326687@smelt2.prg2.suse.org>



# Security update for go1.24

Announcement ID: SUSE-SU-2025:0431-1  
Release Date: 2025-02-11T14:13:49Z  
Rating: moderate  
References:

  * bsc#1236217
  * bsc#1236801
  * bsc#1236839

  
Cross-References:

  * CVE-2025-22866
  * CVE-2025-22867

  
CVSS scores:

  * CVE-2025-22866 ( SUSE ):  6.0
    CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-22866 ( SUSE ):  5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2025-22866 ( NVD ):  8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-22867 ( SUSE ):  6.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
  * CVE-2025-22867 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

  
Affected Products:

  * Development Tools Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves two vulnerabilities and has one security fix can now be
installed.

## Description:

This update for go1.24 fixes the following issues:

  * CVE-2025-22866: Fixed timing sidechannel for P-256 on ppc64le (bsc#1236801).
  * CVE-2025-22867: Fixed arbitrary code execution during build on darwin
    (bsc#1236839).

Other fixes:

  * go1.2r42 release tracking (bsc#1236217)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-431=1

  * Development Tools Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-431=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * go1.24-doc-1.24rc3-150000.1.6.1
    * go1.24-race-1.24rc3-150000.1.6.1
    * go1.24-1.24rc3-150000.1.6.1
  * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * go1.24-doc-1.24rc3-150000.1.6.1
    * go1.24-race-1.24rc3-150000.1.6.1
    * go1.24-1.24rc3-150000.1.6.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-22866.html
  * https://www.suse.com/security/cve/CVE-2025-22867.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236217
  * https://bugzilla.suse.com/show_bug.cgi?id=1236801
  * https://bugzilla.suse.com/show_bug.cgi?id=1236839

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250211/078d2c36/attachment.htm>

From null at suse.de  Tue Feb 11 16:30:18 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Tue, 11 Feb 2025 16:30:18 -0000
Subject: SUSE-SU-2025:0429-1: moderate: Security update for govulncheck-vulndb
Message-ID: <173929141822.21738.421884477867286333@smelt2.prg2.suse.org>



# Security update for govulncheck-vulndb

Announcement ID: SUSE-SU-2025:0429-1  
Release Date: 2025-02-11T14:12:33Z  
Rating: moderate  
References:

  * jsc#PED-11136

  
Cross-References:

  * CVE-2022-47930
  * CVE-2024-10846
  * CVE-2024-11741
  * CVE-2024-13484
  * CVE-2024-35177
  * CVE-2024-3727
  * CVE-2024-45336
  * CVE-2024-45339
  * CVE-2024-45340
  * CVE-2024-45341
  * CVE-2024-47770
  * CVE-2024-50354
  * CVE-2024-9312
  * CVE-2024-9313
  * CVE-2025-0750
  * CVE-2025-22865
  * CVE-2025-22866
  * CVE-2025-22867
  * CVE-2025-23216
  * CVE-2025-24366
  * CVE-2025-24369
  * CVE-2025-24371
  * CVE-2025-24376
  * CVE-2025-24784
  * CVE-2025-24786
  * CVE-2025-24787
  * CVE-2025-24883
  * CVE-2025-24884

  
CVSS scores:

  * CVE-2022-47930 ( NVD ):  6.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
  * CVE-2022-47930 ( NVD ):  6.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
  * CVE-2024-10846 ( SUSE ):  6.0
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H
  * CVE-2024-10846 ( SUSE ):  6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
  * CVE-2024-10846 ( NVD ):  5.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H
  * CVE-2024-11741 ( SUSE ):  2.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-11741 ( SUSE ):  3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-11741 ( NVD ):  4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-13484 ( NVD ):  8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
  * CVE-2024-35177 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-3727 ( SUSE ):  8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
  * CVE-2024-3727 ( NVD ):  8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
  * CVE-2024-45336 ( NVD ):  6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
  * CVE-2024-45339 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-45339 ( SUSE ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
  * CVE-2024-45339 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
  * CVE-2024-45340 ( SUSE ):  7.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
  * CVE-2024-45340 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45341 ( NVD ):  6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
  * CVE-2024-47770 ( NVD ):  4.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
  * CVE-2024-50354 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-9312 ( NVD ):  7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
  * CVE-2024-9313 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0750 ( NVD ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
  * CVE-2025-22865 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-22865 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2025-22866 ( SUSE ):  6.0
    CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-22866 ( SUSE ):  5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2025-22866 ( NVD ):  8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-22867 ( SUSE ):  6.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
  * CVE-2025-22867 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
  * CVE-2025-23216 ( NVD ):  6.8 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
  * CVE-2025-24366 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-24369 ( NVD ):  2.3
    CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2025-24371 ( NVD ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2025-24376 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
  * CVE-2025-24784 ( NVD ):  4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2025-24786 ( NVD ):  10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
  * CVE-2025-24787 ( NVD ):  8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
  * CVE-2025-24883 ( NVD ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2025-24884 ( NVD ):  5.1
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

  
Affected Products:

  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Package Hub 15 15-SP6

  
  
An update that solves 28 vulnerabilities and contains one feature can now be
installed.

## Description:

This update for govulncheck-vulndb fixes the following issues:

  * Update to version 0.0.20250207T224745 2025-02-07T22:47:45Z. Refs
    jsc#PED-11136 Go CVE Numbering Authority IDs added or updated with aliases:
  * GO-2025-3456 CVE-2025-24786 GHSA-9r4c-jwx3-3j76
  * GO-2025-3457 CVE-2025-24787 GHSA-c7w4-9wv8-7x7c
  * GO-2025-3458 CVE-2025-24366 GHSA-vj7w-3m8c-6vpx

  * Update to version 0.0.20250206T175003 2025-02-06T17:50:03Z. Refs
    jsc#PED-11136 Go CVE Numbering Authority IDs added or updated with aliases:

  * GO-2023-1867 CVE-2022-47930 GHSA-c58h-qv6g-fw74
  * GO-2024-3244 CVE-2024-50354 GHSA-cph5-3pgr-c82g

  * Update to version 0.0.20250206T165438 2025-02-06T16:54:38Z. Refs
    jsc#PED-11136 Go CVE Numbering Authority IDs added or updated with aliases:

  * GO-2025-3428 CVE-2025-22867
  * GO-2025-3447 CVE-2025-22866

  * Update to version 0.0.20250205T232745 2025-02-05T23:27:45Z. Refs
    jsc#PED-11136 Go CVE Numbering Authority IDs added or updated with aliases:

  * GO-2025-3408
  * GO-2025-3448 GHSA-23qp-3c2m-xx6w
  * GO-2025-3449 GHSA-mx2j-7cmv-353c
  * GO-2025-3450 GHSA-w7wm-2425-7p2h
  * GO-2025-3454 GHSA-mj4v-hp69-27x5
  * GO-2025-3455 GHSA-vqv5-385r-2hf8

  * Update to version 0.0.20250205T003520 2025-02-05T00:35:20Z. Refs
    jsc#PED-11136 Go CVE Numbering Authority IDs added or updated with aliases:

  * GO-2025-3451

  * Update to version 0.0.20250204T220613 2025-02-04T22:06:13Z. Refs
    jsc#PED-11136 Go CVE Numbering Authority IDs added or updated with aliases:

  * GO-2025-3431 CVE-2025-24884 GHSA-hcr5-wv4p-h2g2
  * GO-2025-3433 CVE-2025-23216 GHSA-47g2-qmh2-749v
  * GO-2025-3434 CVE-2025-24376 GHSA-fc89-jghx-8pvg
  * GO-2025-3435 CVE-2025-24784 GHSA-756x-m4mj-q96c
  * GO-2025-3436 CVE-2025-24883 GHSA-q26p-9cq4-7fc2
  * GO-2025-3437 GHSA-274v-mgcv-cm8j
  * GO-2025-3438 CVE-2024-11741 GHSA-wxcc-2f3q-4h58
  * GO-2025-3442 CVE-2025-24371 GHSA-22qq-3xwm-r5x4
  * GO-2025-3443 GHSA-r3r4-g7hq-pq4f
  * GO-2025-3444 CVE-2024-35177
  * GO-2025-3445 CVE-2024-47770

  * Use standard RPM macros to unpack the source and populate a working
    directory. Fixes build with RPM 4.20.

  * Update to version 0.0.20250130T185858 2025-01-30T18:58:58Z. Refs
    jsc#PED-11136 Go CVE Numbering Authority IDs added or updated with aliases:

  * GO-2024-2842 CVE-2024-3727 GHSA-6wvf-f2vw-3425
  * GO-2024-3181 CVE-2024-9313 GHSA-x5q3-c8rm-w787
  * GO-2024-3188 CVE-2024-9312 GHSA-4gfw-wf7c-w6g2
  * GO-2025-3372 CVE-2024-45339 GHSA-6wxm-mpqj-6jpf
  * GO-2025-3373 CVE-2024-45341
  * GO-2025-3383 CVE-2024-45340
  * GO-2025-3408
  * GO-2025-3412 CVE-2024-10846 GHSA-36gq-35j3-p9r9
  * GO-2025-3420 CVE-2024-45336
  * GO-2025-3421 CVE-2025-22865
  * GO-2025-3424 CVE-2025-24369
  * GO-2025-3426 CVE-2025-0750 GHSA-hp5j-2585-qx6g
  * GO-2025-3427 CVE-2024-13484 GHSA-58fx-7v9q-3g56

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-429=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-429=1

## Package List:

  * SUSE Package Hub 15 15-SP6 (noarch)
    * govulncheck-vulndb-0.0.20250207T224745-150000.1.32.1
  * openSUSE Leap 15.6 (noarch)
    * govulncheck-vulndb-0.0.20250207T224745-150000.1.32.1

## References:

  * https://www.suse.com/security/cve/CVE-2022-47930.html
  * https://www.suse.com/security/cve/CVE-2024-10846.html
  * https://www.suse.com/security/cve/CVE-2024-11741.html
  * https://www.suse.com/security/cve/CVE-2024-13484.html
  * https://www.suse.com/security/cve/CVE-2024-35177.html
  * https://www.suse.com/security/cve/CVE-2024-3727.html
  * https://www.suse.com/security/cve/CVE-2024-45336.html
  * https://www.suse.com/security/cve/CVE-2024-45339.html
  * https://www.suse.com/security/cve/CVE-2024-45340.html
  * https://www.suse.com/security/cve/CVE-2024-45341.html
  * https://www.suse.com/security/cve/CVE-2024-47770.html
  * https://www.suse.com/security/cve/CVE-2024-50354.html
  * https://www.suse.com/security/cve/CVE-2024-9312.html
  * https://www.suse.com/security/cve/CVE-2024-9313.html
  * https://www.suse.com/security/cve/CVE-2025-0750.html
  * https://www.suse.com/security/cve/CVE-2025-22865.html
  * https://www.suse.com/security/cve/CVE-2025-22866.html
  * https://www.suse.com/security/cve/CVE-2025-22867.html
  * https://www.suse.com/security/cve/CVE-2025-23216.html
  * https://www.suse.com/security/cve/CVE-2025-24366.html
  * https://www.suse.com/security/cve/CVE-2025-24369.html
  * https://www.suse.com/security/cve/CVE-2025-24371.html
  * https://www.suse.com/security/cve/CVE-2025-24376.html
  * https://www.suse.com/security/cve/CVE-2025-24784.html
  * https://www.suse.com/security/cve/CVE-2025-24786.html
  * https://www.suse.com/security/cve/CVE-2025-24787.html
  * https://www.suse.com/security/cve/CVE-2025-24883.html
  * https://www.suse.com/security/cve/CVE-2025-24884.html
  * https://jira.suse.com/browse/PED-11136

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250211/26d59eca/attachment.htm>

From null at suse.de  Tue Feb 11 16:30:16 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Tue, 11 Feb 2025 16:30:16 -0000
Subject: SUSE-SU-2025:0430-1: moderate: Security update for openssl-3
Message-ID: <173929141613.21738.8458017215648140984@smelt2.prg2.suse.org>



# Security update for openssl-3

Announcement ID: SUSE-SU-2025:0430-1  
Release Date: 2025-02-11T14:13:39Z  
Rating: moderate  
References:

  * bsc#1236136

  
Cross-References:

  * CVE-2024-13176

  
CVSS scores:

  * CVE-2024-13176 ( SUSE ):  6.0
    CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-13176 ( SUSE ):  5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-13176 ( NVD ):  4.1 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for openssl-3 fixes the following issues:

  * CVE-2024-13176: Fixed timing side-channel in ECDSA signature computation
    (bsc#1236136).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-430=1 openSUSE-SLE-15.6-2025-430=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-430=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * openssl-3-debugsource-3.1.4-150600.5.24.1
    * libopenssl-3-devel-3.1.4-150600.5.24.1
    * libopenssl-3-fips-provider-3.1.4-150600.5.24.1
    * libopenssl3-debuginfo-3.1.4-150600.5.24.1
    * libopenssl-3-fips-provider-debuginfo-3.1.4-150600.5.24.1
    * openssl-3-debuginfo-3.1.4-150600.5.24.1
    * libopenssl3-3.1.4-150600.5.24.1
    * openssl-3-3.1.4-150600.5.24.1
  * openSUSE Leap 15.6 (x86_64)
    * libopenssl-3-devel-32bit-3.1.4-150600.5.24.1
    * libopenssl3-32bit-debuginfo-3.1.4-150600.5.24.1
    * libopenssl-3-fips-provider-32bit-3.1.4-150600.5.24.1
    * libopenssl-3-fips-provider-32bit-debuginfo-3.1.4-150600.5.24.1
    * libopenssl3-32bit-3.1.4-150600.5.24.1
  * openSUSE Leap 15.6 (noarch)
    * openssl-3-doc-3.1.4-150600.5.24.1
  * openSUSE Leap 15.6 (aarch64_ilp32)
    * libopenssl-3-fips-provider-64bit-debuginfo-3.1.4-150600.5.24.1
    * libopenssl-3-devel-64bit-3.1.4-150600.5.24.1
    * libopenssl3-64bit-debuginfo-3.1.4-150600.5.24.1
    * libopenssl3-64bit-3.1.4-150600.5.24.1
    * libopenssl-3-fips-provider-64bit-3.1.4-150600.5.24.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * openssl-3-debugsource-3.1.4-150600.5.24.1
    * libopenssl-3-devel-3.1.4-150600.5.24.1
    * libopenssl-3-fips-provider-3.1.4-150600.5.24.1
    * libopenssl3-debuginfo-3.1.4-150600.5.24.1
    * libopenssl-3-fips-provider-debuginfo-3.1.4-150600.5.24.1
    * openssl-3-debuginfo-3.1.4-150600.5.24.1
    * libopenssl3-3.1.4-150600.5.24.1
    * openssl-3-3.1.4-150600.5.24.1
  * Basesystem Module 15-SP6 (x86_64)
    * libopenssl3-32bit-debuginfo-3.1.4-150600.5.24.1
    * libopenssl3-32bit-3.1.4-150600.5.24.1
    * libopenssl-3-fips-provider-32bit-3.1.4-150600.5.24.1
    * libopenssl-3-fips-provider-32bit-debuginfo-3.1.4-150600.5.24.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-13176.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236136

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250211/e762197e/attachment.htm>

From null at suse.de  Tue Feb 11 20:30:10 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Tue, 11 Feb 2025 20:30:10 -0000
Subject: SUSE-SU-2025:0435-1: moderate: Security update for java-1_8_0-openj9
Message-ID: <173930581045.21757.5302272225127632394@smelt2.prg2.suse.org>



# Security update for java-1_8_0-openj9

Announcement ID: SUSE-SU-2025:0435-1  
Release Date: 2025-02-11T16:51:06Z  
Rating: moderate  
References:

  * bsc#1231702
  * bsc#1231711
  * bsc#1231716
  * bsc#1231719

  
Cross-References:

  * CVE-2024-21208
  * CVE-2024-21210
  * CVE-2024-21217
  * CVE-2024-21235

  
CVSS scores:

  * CVE-2024-21208 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-21208 ( SUSE ):  3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-21208 ( NVD ):  3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-21210 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-21210 ( SUSE ):  3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
  * CVE-2024-21210 ( NVD ):  3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
  * CVE-2024-21217 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-21217 ( SUSE ):  3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-21217 ( NVD ):  3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-21235 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-21235 ( SUSE ):  4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
  * CVE-2024-21235 ( NVD ):  4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

  
Affected Products:

  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Package Hub 15 15-SP6

  
  
An update that solves four vulnerabilities can now be installed.

## Description:

This update for java-1_8_0-openj9 fixes the following issues:

Update to OpenJDK 8u442 build 06 with OpenJ9 0.49.0 virtual machine.

  * CVE-2024-21235: unauthorized read/write access to data through the Hotspot
    component. (bsc#1231719)
  * CVE-2024-21217: partial denial-of-service through the Serialization
    component. (bsc#1231716)
  * CVE-2024-21210: unauthorized read/write access to data through the Hotspot
    component. (bsc#1231711)
  * CVE-2024-21208: partial denial-of-service through the Networking component.
    (bsc#1231702)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-435=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-435=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * java-1_8_0-openj9-debugsource-1.8.0.442-150200.3.51.1
    * java-1_8_0-openj9-1.8.0.442-150200.3.51.1
    * java-1_8_0-openj9-debuginfo-1.8.0.442-150200.3.51.1
    * java-1_8_0-openj9-demo-debuginfo-1.8.0.442-150200.3.51.1
    * java-1_8_0-openj9-devel-debuginfo-1.8.0.442-150200.3.51.1
    * java-1_8_0-openj9-headless-debuginfo-1.8.0.442-150200.3.51.1
    * java-1_8_0-openj9-headless-1.8.0.442-150200.3.51.1
    * java-1_8_0-openj9-demo-1.8.0.442-150200.3.51.1
    * java-1_8_0-openj9-devel-1.8.0.442-150200.3.51.1
    * java-1_8_0-openj9-accessibility-1.8.0.442-150200.3.51.1
    * java-1_8_0-openj9-src-1.8.0.442-150200.3.51.1
  * openSUSE Leap 15.6 (noarch)
    * java-1_8_0-openj9-javadoc-1.8.0.442-150200.3.51.1
  * SUSE Package Hub 15 15-SP6 (ppc64le s390x)
    * java-1_8_0-openj9-debugsource-1.8.0.442-150200.3.51.1
    * java-1_8_0-openj9-1.8.0.442-150200.3.51.1
    * java-1_8_0-openj9-debuginfo-1.8.0.442-150200.3.51.1
    * java-1_8_0-openj9-demo-debuginfo-1.8.0.442-150200.3.51.1
    * java-1_8_0-openj9-devel-debuginfo-1.8.0.442-150200.3.51.1
    * java-1_8_0-openj9-headless-debuginfo-1.8.0.442-150200.3.51.1
    * java-1_8_0-openj9-headless-1.8.0.442-150200.3.51.1
    * java-1_8_0-openj9-demo-1.8.0.442-150200.3.51.1
    * java-1_8_0-openj9-devel-1.8.0.442-150200.3.51.1
    * java-1_8_0-openj9-accessibility-1.8.0.442-150200.3.51.1
    * java-1_8_0-openj9-src-1.8.0.442-150200.3.51.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-21208.html
  * https://www.suse.com/security/cve/CVE-2024-21210.html
  * https://www.suse.com/security/cve/CVE-2024-21217.html
  * https://www.suse.com/security/cve/CVE-2024-21235.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1231702
  * https://bugzilla.suse.com/show_bug.cgi?id=1231711
  * https://bugzilla.suse.com/show_bug.cgi?id=1231716
  * https://bugzilla.suse.com/show_bug.cgi?id=1231719

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250211/16426c4b/attachment.htm>

From null at suse.de  Tue Feb 11 20:30:14 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Tue, 11 Feb 2025 20:30:14 -0000
Subject: SUSE-SU-2025:0434-1: moderate: Security update for python36
Message-ID: <173930581471.21757.13183654916128802909@smelt2.prg2.suse.org>



# Security update for python36

Announcement ID: SUSE-SU-2025:0434-1  
Release Date: 2025-02-11T16:47:10Z  
Rating: moderate  
References:

  * bsc#1236705

  
Cross-References:

  * CVE-2025-0938

  
CVSS scores:

  * CVE-2025-0938 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N
  * CVE-2025-0938 ( SUSE ):  4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
  * CVE-2025-0938 ( NVD ):  6.3
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

  
Affected Products:

  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for python36 fixes the following issues:

  * CVE-2025-0938: domain names containing square brackets are not identified as
    incorrect by urlparse. (bsc#1236705)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-434=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * libpython3_6m1_0-debuginfo-3.6.15-76.1
    * python36-devel-3.6.15-76.1
    * python36-3.6.15-76.1
    * python36-debuginfo-3.6.15-76.1
    * libpython3_6m1_0-debuginfo-32bit-3.6.15-76.1
    * libpython3_6m1_0-3.6.15-76.1
    * python36-base-debuginfo-3.6.15-76.1
    * libpython3_6m1_0-32bit-3.6.15-76.1
    * python36-debugsource-3.6.15-76.1
    * python36-base-3.6.15-76.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-0938.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236705

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250211/60e84ebb/attachment.htm>

From null at suse.de  Wed Feb 12 08:30:06 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Wed, 12 Feb 2025 08:30:06 -0000
Subject: SUSE-SU-2025:0440-1: important: Security update for the Linux Kernel
 (Live Patch 61 for SLE 12 SP5)
Message-ID: <173934900697.21757.13100215830136269968@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 61 for SLE 12 SP5)

Announcement ID: SUSE-SU-2025:0440-1  
Release Date: 2025-02-12T07:04:06Z  
Rating: important  
References:

  * bsc#1230998
  * bsc#1231993

  
Cross-References:

  * CVE-2024-45016
  * CVE-2024-47684

  
CVSS scores:

  * CVE-2024-45016 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45016 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47684 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Live Patching 12-SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 4.12.14-122_231 fixes several issues.

The following security issues were fixed:

  * CVE-2024-45016: netem: fix return value if duplicate enqueue fails
    (bsc#1230998).
  * CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us()
    (bsc#1231993).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Live Patching 12-SP5  
    zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-440=1 SUSE-SLE-Live-
Patching-12-SP5-2025-439=1 SUSE-SLE-Live-Patching-12-SP5-2025-442=1 SUSE-SLE-
Live-Patching-12-SP5-2025-441=1 SUSE-SLE-Live-Patching-12-SP5-2025-443=1 SUSE-
SLE-Live-Patching-12-SP5-2025-444=1 SUSE-SLE-Live-Patching-12-SP5-2025-445=1
SUSE-SLE-Live-Patching-12-SP5-2025-446=1

## Package List:

  * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64)
    * kgraft-patch-4_12_14-122_201-default-12-2.1
    * kgraft-patch-4_12_14-122_228-default-3-2.1
    * kgraft-patch-4_12_14-122_225-default-4-2.1
    * kgraft-patch-4_12_14-122_219-default-7-2.1
    * kgraft-patch-4_12_14-122_216-default-10-2.1
    * kgraft-patch-4_12_14-122_231-default-3-2.1
    * kgraft-patch-4_12_14-122_189-default-15-2.1
    * kgraft-patch-4_12_14-122_194-default-13-2.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-45016.html
  * https://www.suse.com/security/cve/CVE-2024-47684.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1230998
  * https://bugzilla.suse.com/show_bug.cgi?id=1231993

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250212/55eb2775/attachment.htm>

From null at suse.de  Wed Feb 12 12:30:05 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Wed, 12 Feb 2025 12:30:05 -0000
Subject: SUSE-SU-2025:0452-1: important: Security update for the Linux Kernel
 (Live Patch 49 for SLE 15 SP3)
Message-ID: <173936340590.21757.8586429682453237252@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 49 for SLE 15 SP3)

Announcement ID: SUSE-SU-2025:0452-1  
Release Date: 2025-02-12T11:33:37Z  
Rating: important  
References:

  * bsc#1230998
  * bsc#1231993

  
Cross-References:

  * CVE-2024-45016
  * CVE-2024-47684

  
CVSS scores:

  * CVE-2024-45016 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45016 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47684 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * openSUSE Leap 15.3
  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise Live Patching 12-SP5
  * SUSE Linux Enterprise Live Patching 15-SP3
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 5.3.18-150300_59_179 fixes several issues.

The following security issues were fixed:

  * CVE-2024-45016: netem: fix return value if duplicate enqueue fails
    (bsc#1230998).
  * CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us()
    (bsc#1231993).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Live Patching 12-SP5  
    zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-452=1

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-454=1

  * SUSE Linux Enterprise Live Patching 15-SP3  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-454=1

## Package List:

  * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64)
    * kgraft-patch-4_12_14-122_222-default-5-2.1
  * openSUSE Leap 15.3 (ppc64le s390x x86_64)
    * kernel-livepatch-5_3_18-150300_59_179-default-3-150300.2.1
    * kernel-livepatch-SLE15-SP3_Update_49-debugsource-3-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_179-default-debuginfo-3-150300.2.1
  * openSUSE Leap 15.3 (x86_64)
    * kernel-livepatch-5_3_18-150300_59_179-preempt-3-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_179-preempt-debuginfo-3-150300.2.1
  * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64)
    * kernel-livepatch-5_3_18-150300_59_179-default-3-150300.2.1
    * kernel-livepatch-SLE15-SP3_Update_49-debugsource-3-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_179-default-debuginfo-3-150300.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-45016.html
  * https://www.suse.com/security/cve/CVE-2024-47684.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1230998
  * https://bugzilla.suse.com/show_bug.cgi?id=1231993

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250212/00805e27/attachment-0001.htm>

From null at suse.de  Wed Feb 12 12:30:13 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Wed, 12 Feb 2025 12:30:13 -0000
Subject: SUSE-SU-2025:0455-1: important: Security update for the Linux Kernel
 (Live Patch 26 for SLE 15 SP4)
Message-ID: <173936341314.21757.2490142132480263178@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP4)

Announcement ID: SUSE-SU-2025:0455-1  
Release Date: 2025-02-12T11:33:44Z  
Rating: important  
References:

  * bsc#1229644
  * bsc#1229663
  * bsc#1230998
  * bsc#1231993

  
Cross-References:

  * CVE-2022-48912
  * CVE-2022-48923
  * CVE-2024-45016
  * CVE-2024-47684

  
CVSS scores:

  * CVE-2022-48912 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48912 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48923 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2022-48923 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48923 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-45016 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45016 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47684 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise Live Patching 15-SP4
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Real Time 15 SP4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4

  
  
An update that solves four vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 5.14.21-150400_24_119 fixes several issues.

The following security issues were fixed:

  * CVE-2024-45016: netem: fix return value if duplicate enqueue fails
    (bsc#1230998).
  * CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641)
  * CVE-2022-48923: btrfs: prevent copying too big compressed lzo segment
    (bsc#1229662)
  * CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us()
    (bsc#1231993).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-450=1 SUSE-2025-451=1 SUSE-2025-455=1

  * SUSE Linux Enterprise Live Patching 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-455=1 SUSE-SLE-
Module-Live-Patching-15-SP4-2025-450=1 SUSE-SLE-Module-Live-
Patching-15-SP4-2025-451=1

## Package List:

  * openSUSE Leap 15.4 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP4_Update_26-debugsource-11-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_119-default-11-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_22-debugsource-15-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_108-default-debuginfo-14-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_108-default-14-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_103-default-debuginfo-15-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_23-debugsource-14-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_119-default-debuginfo-11-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1
  * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP4_Update_26-debugsource-11-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_119-default-11-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_22-debugsource-15-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_108-default-debuginfo-14-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_108-default-14-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_103-default-debuginfo-15-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_23-debugsource-14-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_119-default-debuginfo-11-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2022-48912.html
  * https://www.suse.com/security/cve/CVE-2022-48923.html
  * https://www.suse.com/security/cve/CVE-2024-45016.html
  * https://www.suse.com/security/cve/CVE-2024-47684.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1229644
  * https://bugzilla.suse.com/show_bug.cgi?id=1229663
  * https://bugzilla.suse.com/show_bug.cgi?id=1230998
  * https://bugzilla.suse.com/show_bug.cgi?id=1231993

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250212/a17bb495/attachment.htm>

From null at suse.de  Wed Feb 12 12:30:17 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Wed, 12 Feb 2025 12:30:17 -0000
Subject: SUSE-SU-2025:0449-1: important: Security update for the Linux Kernel
 (Live Patch 47 for SLE 15 SP3)
Message-ID: <173936341745.21757.1584533715186546866@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 47 for SLE 15 SP3)

Announcement ID: SUSE-SU-2025:0449-1  
Release Date: 2025-02-12T11:33:31Z  
Rating: important  
References:

  * bsc#1229644
  * bsc#1230998
  * bsc#1231993

  
Cross-References:

  * CVE-2022-48912
  * CVE-2024-45016
  * CVE-2024-47684

  
CVSS scores:

  * CVE-2022-48912 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48912 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45016 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45016 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47684 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * openSUSE Leap 15.3
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise Live Patching 15-SP3
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3

  
  
An update that solves three vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 5.3.18-150300_59_170 fixes several issues.

The following security issues were fixed:

  * CVE-2024-45016: netem: fix return value if duplicate enqueue fails
    (bsc#1230998).
  * CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641)
  * CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us()
    (bsc#1231993).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-449=1 SUSE-2025-453=1

  * SUSE Linux Enterprise Live Patching 15-SP3  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-449=1 SUSE-SLE-
Module-Live-Patching-15-SP3-2025-453=1

## Package List:

  * openSUSE Leap 15.3 (ppc64le s390x x86_64)
    * kernel-livepatch-5_3_18-150300_59_161-default-debuginfo-11-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_170-default-debuginfo-5-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_161-default-11-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_170-default-5-150300.2.1
    * kernel-livepatch-SLE15-SP3_Update_47-debugsource-5-150300.2.1
    * kernel-livepatch-SLE15-SP3_Update_44-debugsource-11-150300.2.1
  * openSUSE Leap 15.3 (x86_64)
    * kernel-livepatch-5_3_18-150300_59_161-preempt-11-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_170-preempt-5-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo-11-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_170-preempt-debuginfo-5-150300.2.1
  * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64)
    * kernel-livepatch-5_3_18-150300_59_170-default-debuginfo-5-150300.2.1
    * kernel-livepatch-SLE15-SP3_Update_47-debugsource-5-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_161-default-11-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_170-default-5-150300.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2022-48912.html
  * https://www.suse.com/security/cve/CVE-2024-45016.html
  * https://www.suse.com/security/cve/CVE-2024-47684.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1229644
  * https://bugzilla.suse.com/show_bug.cgi?id=1230998
  * https://bugzilla.suse.com/show_bug.cgi?id=1231993

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250212/992a4472/attachment.htm>

From null at suse.de  Wed Feb 12 16:30:08 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Wed, 12 Feb 2025 16:30:08 -0000
Subject: SUSE-SU-2025:0476-1: important: Security update for the Linux Kernel
 (Live Patch 5 for SLE 15 SP6)
Message-ID: <173937780830.21757.6056688764661128784@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP6)

Announcement ID: SUSE-SU-2025:0476-1  
Release Date: 2025-02-12T14:33:48Z  
Rating: important  
References:

  * bsc#1230998
  * bsc#1231993

  
Cross-References:

  * CVE-2024-45016
  * CVE-2024-47684

  
CVSS scores:

  * CVE-2024-45016 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45016 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47684 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise Live Patching 15-SP4
  * SUSE Linux Enterprise Live Patching 15-SP6
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Real Time 15 SP4
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 6.4.0-150600_23_25 fixes several issues.

The following security issues were fixed:

  * CVE-2024-45016: netem: fix return value if duplicate enqueue fails
    (bsc#1230998).
  * CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us()
    (bsc#1231993).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Live Patching 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-470=1 SUSE-SLE-
Module-Live-Patching-15-SP6-2025-471=1 SUSE-SLE-Module-Live-
Patching-15-SP6-2025-478=1 SUSE-SLE-Module-Live-Patching-15-SP6-2025-477=1 SUSE-
SLE-Module-Live-Patching-15-SP6-2025-468=1 SUSE-SLE-Module-Live-
Patching-15-SP6-2025-469=1

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-471=1 SUSE-2025-478=1 SUSE-2025-477=1
SUSE-2025-468=1 SUSE-2025-469=1 SUSE-2025-470=1

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-476=1

  * SUSE Linux Enterprise Live Patching 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-476=1

## Package List:

  * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64)
    * kernel-livepatch-6_4_0-150600_23_17-default-8-150600.2.1
    * kernel-livepatch-SLE15-SP6_Update_3-debugsource-8-150600.2.1
    * kernel-livepatch-6_4_0-150600_21-default-10-150600.4.22.1
    * kernel-livepatch-SLE15-SP6_Update_1-debugsource-8-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_14-default-debuginfo-8-150600.2.1
    * kernel-livepatch-SLE15-SP6_Update_0-debugsource-10-150600.4.22.1
    * kernel-livepatch-SLE15-SP6_Update_4-debugsource-4-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_17-default-debuginfo-8-150600.2.1
    * kernel-livepatch-SLE15-SP6_Update_2-debugsource-8-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_14-default-8-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_7-default-debuginfo-8-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_7-default-8-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_22-default-debuginfo-4-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_22-default-4-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_25-default-debuginfo-3-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_25-default-3-150600.2.1
    * kernel-livepatch-6_4_0-150600_21-default-debuginfo-10-150600.4.22.1
    * kernel-livepatch-SLE15-SP6_Update_5-debugsource-3-150600.2.1
  * openSUSE Leap 15.6 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP6_Update_1-debugsource-8-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_14-default-debuginfo-8-150600.2.1
    * kernel-livepatch-6_4_0-150600_21-default-10-150600.4.22.1
    * kernel-livepatch-6_4_0-150600_23_17-default-8-150600.2.1
    * kernel-livepatch-SLE15-SP6_Update_3-debugsource-8-150600.2.1
    * kernel-livepatch-SLE15-SP6_Update_0-debugsource-10-150600.4.22.1
    * kernel-livepatch-SLE15-SP6_Update_4-debugsource-4-150600.2.1
    * kernel-livepatch-SLE15-SP6_Update_2-debugsource-8-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_17-default-debuginfo-8-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_14-default-8-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_7-default-debuginfo-8-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_7-default-8-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_22-default-debuginfo-4-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_22-default-4-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_25-default-debuginfo-3-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_25-default-3-150600.2.1
    * kernel-livepatch-6_4_0-150600_21-default-debuginfo-10-150600.4.22.1
    * kernel-livepatch-SLE15-SP6_Update_5-debugsource-3-150600.2.1
  * openSUSE Leap 15.4 (ppc64le s390x x86_64)
    * kernel-livepatch-5_14_21-150400_24_136-default-3-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_32-debugsource-3-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_136-default-debuginfo-3-150400.2.1
  * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
    * kernel-livepatch-5_14_21-150400_24_136-default-3-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_32-debugsource-3-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_136-default-debuginfo-3-150400.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-45016.html
  * https://www.suse.com/security/cve/CVE-2024-47684.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1230998
  * https://bugzilla.suse.com/show_bug.cgi?id=1231993

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250212/f12b1cd9/attachment.htm>

From null at suse.de  Wed Feb 12 16:30:14 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Wed, 12 Feb 2025 16:30:14 -0000
Subject: SUSE-SU-2025:0465-1: important: Security update for the Linux Kernel
 (Live Patch 15 for SLE 15 SP5)
Message-ID: <173937781404.21757.18424573424815239610@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP5)

Announcement ID: SUSE-SU-2025:0465-1  
Release Date: 2025-02-12T13:33:36Z  
Rating: important  
References:

  * bsc#1229644
  * bsc#1230998
  * bsc#1231993

  
Cross-References:

  * CVE-2022-48912
  * CVE-2024-45016
  * CVE-2024-47684

  
CVSS scores:

  * CVE-2022-48912 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48912 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45016 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45016 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47684 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * openSUSE Leap 15.3
  * openSUSE Leap 15.5
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise Live Patching 15-SP3
  * SUSE Linux Enterprise Live Patching 15-SP5
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP5
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5

  
  
An update that solves three vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 5.14.21-150500_55_68 fixes several issues.

The following security issues were fixed:

  * CVE-2024-45016: netem: fix return value if duplicate enqueue fails
    (bsc#1230998).
  * CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641)
  * CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us()
    (bsc#1231993).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-466=1 SUSE-2025-461=1 SUSE-2025-465=1
SUSE-2025-472=1

  * SUSE Linux Enterprise Live Patching 15-SP3  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-472=1 SUSE-SLE-
Module-Live-Patching-15-SP3-2025-466=1 SUSE-SLE-Module-Live-
Patching-15-SP3-2025-461=1 SUSE-SLE-Module-Live-Patching-15-SP3-2025-465=1

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-464=1

  * SUSE Linux Enterprise Live Patching 15-SP5  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-464=1

## Package List:

  * openSUSE Leap 15.3 (ppc64le s390x x86_64)
    * kernel-livepatch-5_3_18-150300_59_153-default-debuginfo-13-150300.2.1
    * kernel-livepatch-SLE15-SP3_Update_43-debugsource-12-150300.2.1
    * kernel-livepatch-SLE15-SP3_Update_41-debugsource-16-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_158-default-debuginfo-12-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_158-default-12-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_167-default-debuginfo-7-150300.2.1
    * kernel-livepatch-SLE15-SP3_Update_46-debugsource-7-150300.2.1
    * kernel-livepatch-SLE15-SP3_Update_42-debugsource-13-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_167-default-7-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_150-default-debuginfo-16-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_150-default-16-150300.2.1
  * openSUSE Leap 15.3 (x86_64)
    * kernel-livepatch-5_3_18-150300_59_150-preempt-debuginfo-16-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_153-preempt-13-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_167-preempt-debuginfo-7-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_167-preempt-7-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_150-preempt-16-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_153-preempt-debuginfo-13-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo-12-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_158-preempt-12-150300.2.1
  * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64)
    * kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_167-default-7-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_158-default-12-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_150-default-16-150300.2.1
  * openSUSE Leap 15.5 (ppc64le s390x x86_64)
    * kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_68-default-debuginfo-9-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_15-debugsource-9-150500.2.1
  * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64)
    * kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_68-default-debuginfo-9-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_15-debugsource-9-150500.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2022-48912.html
  * https://www.suse.com/security/cve/CVE-2024-45016.html
  * https://www.suse.com/security/cve/CVE-2024-47684.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1229644
  * https://bugzilla.suse.com/show_bug.cgi?id=1230998
  * https://bugzilla.suse.com/show_bug.cgi?id=1231993

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250212/a42f7159/attachment.htm>

From null at suse.de  Wed Feb 12 16:30:18 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Wed, 12 Feb 2025 16:30:18 -0000
Subject: SUSE-SU-2025:0462-1: important: Security update for the Linux Kernel
 (Live Patch 14 for SLE 15 SP5)
Message-ID: <173937781880.21757.9976566714324971505@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP5)

Announcement ID: SUSE-SU-2025:0462-1  
Release Date: 2025-02-12T15:33:27Z  
Rating: important  
References:

  * bsc#1229644
  * bsc#1229663
  * bsc#1230998
  * bsc#1231993

  
Cross-References:

  * CVE-2022-48912
  * CVE-2022-48923
  * CVE-2024-45016
  * CVE-2024-47684

  
CVSS scores:

  * CVE-2022-48912 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48912 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48923 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2022-48923 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48923 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-45016 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45016 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47684 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * openSUSE Leap 15.5
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise Live Patching 15-SP4
  * SUSE Linux Enterprise Live Patching 15-SP5
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP4
  * SUSE Linux Enterprise Real Time 15 SP5
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5

  
  
An update that solves four vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 5.14.21-150500_55_65 fixes several issues.

The following security issues were fixed:

  * CVE-2024-45016: netem: fix return value if duplicate enqueue fails
    (bsc#1230998).
  * CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641)
  * CVE-2022-48923: btrfs: prevent copying too big compressed lzo segment
    (bsc#1229662)
  * CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us()
    (bsc#1231993).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Live Patching 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-479=1 SUSE-SLE-
Module-Live-Patching-15-SP4-2025-459=1 SUSE-SLE-Module-Live-
Patching-15-SP4-2025-462=1 SUSE-SLE-Module-Live-Patching-15-SP4-2025-475=1

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-459=1 SUSE-2025-462=1 SUSE-2025-475=1
SUSE-2025-479=1

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-480=1 SUSE-2025-463=1 SUSE-2025-467=1
SUSE-2025-473=1 SUSE-2025-460=1

  * SUSE Linux Enterprise Live Patching 15-SP5  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-480=1 SUSE-SLE-
Module-Live-Patching-15-SP5-2025-463=1 SUSE-SLE-Module-Live-
Patching-15-SP5-2025-467=1 SUSE-SLE-Module-Live-Patching-15-SP5-2025-473=1 SUSE-
SLE-Module-Live-Patching-15-SP5-2025-460=1

## Package List:

  * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
    * kernel-livepatch-5_14_21-150400_24_116-default-debuginfo-12-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_122-default-debuginfo-9-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_24-debugsource-12-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_27-debugsource-9-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_116-default-12-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_128-default-4-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_111-default-12-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_111-default-debuginfo-12-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_128-default-debuginfo-4-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_29-debugsource-4-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_25-debugsource-12-150400.2.1
  * openSUSE Leap 15.4 (ppc64le s390x x86_64)
    * kernel-livepatch-5_14_21-150400_24_116-default-debuginfo-12-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_122-default-debuginfo-9-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_24-debugsource-12-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_27-debugsource-9-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_116-default-12-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_128-default-4-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_111-default-12-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_111-default-debuginfo-12-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_128-default-debuginfo-4-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_29-debugsource-4-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_25-debugsource-12-150400.2.1
  * openSUSE Leap 15.5 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP5_Update_12-debugsource-12-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_11-debugsource-12-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_59-default-debuginfo-12-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_62-default-10-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_13-debugsource-10-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_65-default-debuginfo-10-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_14-debugsource-10-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_62-default-debuginfo-10-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_52-default-debuginfo-12-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_44-default-debuginfo-16-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_65-default-10-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_9-debugsource-16-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_52-default-12-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_59-default-12-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1
  * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP5_Update_12-debugsource-12-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_11-debugsource-12-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_59-default-debuginfo-12-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_62-default-10-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_13-debugsource-10-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_65-default-debuginfo-10-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_14-debugsource-10-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_62-default-debuginfo-10-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_52-default-debuginfo-12-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_44-default-debuginfo-16-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_65-default-10-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_9-debugsource-16-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_52-default-12-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_59-default-12-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2022-48912.html
  * https://www.suse.com/security/cve/CVE-2022-48923.html
  * https://www.suse.com/security/cve/CVE-2024-45016.html
  * https://www.suse.com/security/cve/CVE-2024-47684.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1229644
  * https://bugzilla.suse.com/show_bug.cgi?id=1229663
  * https://bugzilla.suse.com/show_bug.cgi?id=1230998
  * https://bugzilla.suse.com/show_bug.cgi?id=1231993

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250212/040e1a3b/attachment.htm>

From null at suse.de  Wed Feb 12 16:30:38 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Wed, 12 Feb 2025 16:30:38 -0000
Subject: SUSE-SU-2025:0458-1: moderate: Security update for podman
Message-ID: <173937783891.21757.5470506165544306439@smelt2.prg2.suse.org>



# Security update for podman

Announcement ID: SUSE-SU-2025:0458-1  
Release Date: 2025-02-12T12:02:33Z  
Rating: moderate  
References:

  * bsc#1227052
  * bsc#1236507

  
Cross-References:

  * CVE-2023-45288
  * CVE-2024-6104

  
CVSS scores:

  * CVE-2023-45288 ( SUSE ):  6.9
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2023-45288 ( SUSE ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-6104 ( SUSE ):  6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
  * CVE-2024-6104 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

  
Affected Products:

  * Containers Module 15-SP6
  * openSUSE Leap 15.5
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for podman fixes the following issues:

  * CVE-2024-6104: possible sensitive data exposure due to hashicorp/go-
    retryablehttp not sanitizing URLs when writing them to log files.
    (bsc#1227052)
  * CVE-2023-45288: possible excessive CPU consumption due to no limit being set
    on the number of CONTINUATION frames read for an HTTP/2 request in
    golang.org/x/net/http2. (bsc#1236507)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-458=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-458=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-458=1

  * Containers Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-458=1

## Package List:

  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
    * podmansh-4.9.5-150500.3.34.2
    * podman-4.9.5-150500.3.34.2
    * podman-remote-debuginfo-4.9.5-150500.3.34.2
    * podman-remote-4.9.5-150500.3.34.2
    * podman-debuginfo-4.9.5-150500.3.34.2
  * openSUSE Leap 15.5 (noarch)
    * podman-docker-4.9.5-150500.3.34.2
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * podmansh-4.9.5-150500.3.34.2
    * podman-4.9.5-150500.3.34.2
    * podman-remote-debuginfo-4.9.5-150500.3.34.2
    * podman-remote-4.9.5-150500.3.34.2
    * podman-debuginfo-4.9.5-150500.3.34.2
  * openSUSE Leap 15.6 (noarch)
    * podman-docker-4.9.5-150500.3.34.2
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * podmansh-4.9.5-150500.3.34.2
    * podman-4.9.5-150500.3.34.2
    * podman-remote-debuginfo-4.9.5-150500.3.34.2
    * podman-remote-4.9.5-150500.3.34.2
    * podman-debuginfo-4.9.5-150500.3.34.2
  * SUSE Linux Enterprise Micro 5.5 (noarch)
    * podman-docker-4.9.5-150500.3.34.2
  * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * podmansh-4.9.5-150500.3.34.2
    * podman-4.9.5-150500.3.34.2
    * podman-remote-debuginfo-4.9.5-150500.3.34.2
    * podman-remote-4.9.5-150500.3.34.2
    * podman-debuginfo-4.9.5-150500.3.34.2
  * Containers Module 15-SP6 (noarch)
    * podman-docker-4.9.5-150500.3.34.2

## References:

  * https://www.suse.com/security/cve/CVE-2023-45288.html
  * https://www.suse.com/security/cve/CVE-2024-6104.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1227052
  * https://bugzilla.suse.com/show_bug.cgi?id=1236507

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250212/50767e07/attachment.htm>

From null at suse.de  Wed Feb 12 20:30:12 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Wed, 12 Feb 2025 20:30:12 -0000
Subject: SUSE-SU-2025:0494-1: important: Security update for the Linux Kernel
 (Live Patch 20 for SLE 15 SP5)
Message-ID: <173939221214.21560.14269537939206838994@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP5)

Announcement ID: SUSE-SU-2025:0494-1  
Release Date: 2025-02-12T18:35:51Z  
Rating: important  
References:

  * bsc#1230998
  * bsc#1231993

  
Cross-References:

  * CVE-2024-45016
  * CVE-2024-47684

  
CVSS scores:

  * CVE-2024-45016 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45016 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47684 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * openSUSE Leap 15.3
  * openSUSE Leap 15.5
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise Live Patching 15-SP3
  * SUSE Linux Enterprise Live Patching 15-SP5
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP5
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 5.14.21-150500_55_83 fixes several issues.

The following security issues were fixed:

  * CVE-2024-45016: netem: fix return value if duplicate enqueue fails
    (bsc#1230998).
  * CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us()
    (bsc#1231993).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-494=1

  * SUSE Linux Enterprise Live Patching 15-SP3  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-494=1

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-491=1 SUSE-2025-492=1

  * SUSE Linux Enterprise Live Patching 15-SP5  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-491=1 SUSE-SLE-
Module-Live-Patching-15-SP5-2025-492=1

## Package List:

  * openSUSE Leap 15.3 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP3_Update_48-debugsource-4-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_174-default-debuginfo-4-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_174-default-4-150300.2.1
  * openSUSE Leap 15.3 (x86_64)
    * kernel-livepatch-5_3_18-150300_59_174-preempt-debuginfo-4-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_174-preempt-4-150300.2.1
  * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64)
    * kernel-livepatch-5_3_18-150300_59_174-default-4-150300.2.1
  * openSUSE Leap 15.5 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP5_Update_19-debugsource-3-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_80-default-debuginfo-3-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_83-default-3-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_80-default-3-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_20-debugsource-3-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_83-default-debuginfo-3-150500.2.1
  * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP5_Update_19-debugsource-3-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_80-default-debuginfo-3-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_83-default-3-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_80-default-3-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_20-debugsource-3-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_83-default-debuginfo-3-150500.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-45016.html
  * https://www.suse.com/security/cve/CVE-2024-47684.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1230998
  * https://bugzilla.suse.com/show_bug.cgi?id=1231993

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250212/719c5d72/attachment.htm>

From null at suse.de  Wed Feb 12 20:30:17 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Wed, 12 Feb 2025 20:30:17 -0000
Subject: SUSE-SU-2025:0489-1: important: Security update for the Linux Kernel
 (Live Patch 10 for SLE 15 SP5)
Message-ID: <173939221703.21560.14551702331627542065@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5)

Announcement ID: SUSE-SU-2025:0489-1  
Release Date: 2025-02-12T19:03:55Z  
Rating: important  
References:

  * bsc#1229644
  * bsc#1229663
  * bsc#1230998
  * bsc#1231993

  
Cross-References:

  * CVE-2022-48912
  * CVE-2022-48923
  * CVE-2024-45016
  * CVE-2024-47684

  
CVSS scores:

  * CVE-2022-48912 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48912 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48923 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2022-48923 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48923 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-45016 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45016 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47684 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * openSUSE Leap 15.5
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise Live Patching 15-SP4
  * SUSE Linux Enterprise Live Patching 15-SP5
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP4
  * SUSE Linux Enterprise Real Time 15 SP5
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5

  
  
An update that solves four vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 5.14.21-150500_55_49 fixes several issues.

The following security issues were fixed:

  * CVE-2024-45016: netem: fix return value if duplicate enqueue fails
    (bsc#1230998).
  * CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641)
  * CVE-2022-48923: btrfs: prevent copying too big compressed lzo segment
    (bsc#1229662)
  * CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us()
    (bsc#1231993).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-489=1

  * SUSE Linux Enterprise Live Patching 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-489=1

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-496=1

  * SUSE Linux Enterprise Live Patching 15-SP5  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-496=1

## Package List:

  * openSUSE Leap 15.4 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP4_Update_28-debugsource-6-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_125-default-debuginfo-6-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1
  * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP4_Update_28-debugsource-6-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_125-default-debuginfo-6-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1
  * openSUSE Leap 15.5 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP5_Update_10-debugsource-14-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_49-default-debuginfo-14-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1
  * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP5_Update_10-debugsource-14-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_49-default-debuginfo-14-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2022-48912.html
  * https://www.suse.com/security/cve/CVE-2022-48923.html
  * https://www.suse.com/security/cve/CVE-2024-45016.html
  * https://www.suse.com/security/cve/CVE-2024-47684.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1229644
  * https://bugzilla.suse.com/show_bug.cgi?id=1229663
  * https://bugzilla.suse.com/show_bug.cgi?id=1230998
  * https://bugzilla.suse.com/show_bug.cgi?id=1231993

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250212/35f9ca1b/attachment.htm>

From null at suse.de  Wed Feb 12 20:30:22 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Wed, 12 Feb 2025 20:30:22 -0000
Subject: SUSE-SU-2025:0487-1: important: Security update for the Linux Kernel
 (Live Patch 17 for SLE 15 SP5)
Message-ID: <173939222261.21560.252426089291771960@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP5)

Announcement ID: SUSE-SU-2025:0487-1  
Release Date: 2025-02-12T17:04:23Z  
Rating: important  
References:

  * bsc#1229644
  * bsc#1230998
  * bsc#1231993

  
Cross-References:

  * CVE-2022-48912
  * CVE-2024-45016
  * CVE-2024-47684

  
CVSS scores:

  * CVE-2022-48912 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48912 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45016 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45016 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47684 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * openSUSE Leap 15.3
  * openSUSE Leap 15.5
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise Live Patching 15-SP3
  * SUSE Linux Enterprise Live Patching 15-SP5
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP5
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5

  
  
An update that solves three vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 5.14.21-150500_55_73 fixes several issues.

The following security issues were fixed:

  * CVE-2024-45016: netem: fix return value if duplicate enqueue fails
    (bsc#1230998).
  * CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641)
  * CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us()
    (bsc#1231993).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-490=1

  * SUSE Linux Enterprise Live Patching 15-SP5  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-490=1

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-487=1 SUSE-2025-488=1

  * SUSE Linux Enterprise Live Patching 15-SP3  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-487=1 SUSE-SLE-
Module-Live-Patching-15-SP3-2025-488=1

## Package List:

  * openSUSE Leap 15.5 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP5_Update_17-debugsource-4-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_73-default-debuginfo-4-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1
  * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64)
    * kernel-livepatch-5_14_21-150500_55_73-default-debuginfo-4-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1
  * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le x86_64)
    * kernel-livepatch-SLE15-SP5_Update_17-debugsource-4-150500.2.1
  * openSUSE Leap 15.3 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP3_Update_45-debugsource-8-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_164-default-debuginfo-8-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_147-default-debuginfo-17-150300.2.1
    * kernel-livepatch-SLE15-SP3_Update_40-debugsource-17-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_164-default-8-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1
  * openSUSE Leap 15.3 (x86_64)
    * kernel-livepatch-5_3_18-150300_59_164-preempt-debuginfo-8-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_147-preempt-debuginfo-17-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_147-preempt-17-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_164-preempt-8-150300.2.1
  * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64)
    * kernel-livepatch-5_3_18-150300_59_164-default-8-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2022-48912.html
  * https://www.suse.com/security/cve/CVE-2024-45016.html
  * https://www.suse.com/security/cve/CVE-2024-47684.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1229644
  * https://bugzilla.suse.com/show_bug.cgi?id=1230998
  * https://bugzilla.suse.com/show_bug.cgi?id=1231993

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250212/ec7759aa/attachment.htm>

From null at suse.de  Wed Feb 12 20:30:27 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Wed, 12 Feb 2025 20:30:27 -0000
Subject: SUSE-SU-2025:0486-1: important: Security update for the Linux Kernel
 (Live Patch 31 for SLE 15 SP4)
Message-ID: <173939222730.21560.12766946214533859679@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 31 for SLE 15 SP4)

Announcement ID: SUSE-SU-2025:0486-1  
Release Date: 2025-02-12T16:03:57Z  
Rating: important  
References:

  * bsc#1229663
  * bsc#1230998
  * bsc#1231993

  
Cross-References:

  * CVE-2022-48923
  * CVE-2024-45016
  * CVE-2024-47684

  
CVSS scores:

  * CVE-2022-48923 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2022-48923 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48923 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-45016 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45016 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47684 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise Live Patching 15-SP4
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Real Time 15 SP4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4

  
  
An update that solves three vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 5.14.21-150400_24_133 fixes several issues.

The following security issues were fixed:

  * CVE-2024-45016: netem: fix return value if duplicate enqueue fails
    (bsc#1230998).
  * CVE-2022-48923: btrfs: prevent copying too big compressed lzo segment
    (bsc#1229662)
  * CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us()
    (bsc#1231993).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-486=1

  * SUSE Linux Enterprise Live Patching 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-486=1

## Package List:

  * openSUSE Leap 15.4 (ppc64le s390x x86_64)
    * kernel-livepatch-5_14_21-150400_24_133-default-debuginfo-3-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_31-debugsource-3-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_133-default-3-150400.2.1
  * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
    * kernel-livepatch-5_14_21-150400_24_133-default-debuginfo-3-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_31-debugsource-3-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_133-default-3-150400.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2022-48923.html
  * https://www.suse.com/security/cve/CVE-2024-45016.html
  * https://www.suse.com/security/cve/CVE-2024-47684.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1229663
  * https://bugzilla.suse.com/show_bug.cgi?id=1230998
  * https://bugzilla.suse.com/show_bug.cgi?id=1231993

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250212/33189fc3/attachment.htm>

From null at suse.de  Thu Feb 13 12:30:12 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Thu, 13 Feb 2025 12:30:12 -0000
Subject: SUSE-SU-2025:0514-1: moderate: Security update for python
Message-ID: <173944981287.21560.9025978109223674543@smelt2.prg2.suse.org>



# Security update for python

Announcement ID: SUSE-SU-2025:0514-1  
Release Date: 2025-02-13T11:50:56Z  
Rating: moderate  
References:

  * bsc#1236705

  
Cross-References:

  * CVE-2025-0938

  
CVSS scores:

  * CVE-2025-0938 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N
  * CVE-2025-0938 ( SUSE ):  4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
  * CVE-2025-0938 ( NVD ):  6.3
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

  
Affected Products:

  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Package Hub 15 15-SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for python fixes the following issues:

  * CVE-2025-0938: functions `urllib.parse.urlsplit` and `urlparse` accept
    domain names including square brackets (bsc#1236705).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-514=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-514=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * libpython2_7-1_0-debuginfo-2.7.18-150000.71.1
    * python-tk-2.7.18-150000.71.1
    * python-tk-debuginfo-2.7.18-150000.71.1
    * python-curses-2.7.18-150000.71.1
    * python-gdbm-2.7.18-150000.71.1
    * python-idle-2.7.18-150000.71.1
    * python-xml-2.7.18-150000.71.1
    * python-curses-debuginfo-2.7.18-150000.71.1
    * python-debuginfo-2.7.18-150000.71.1
    * libpython2_7-1_0-2.7.18-150000.71.1
    * python-demo-2.7.18-150000.71.1
    * python-2.7.18-150000.71.1
    * python-devel-2.7.18-150000.71.1
    * python-debugsource-2.7.18-150000.71.1
    * python-base-debugsource-2.7.18-150000.71.1
    * python-base-2.7.18-150000.71.1
    * python-base-debuginfo-2.7.18-150000.71.1
    * python-gdbm-debuginfo-2.7.18-150000.71.1
    * python-xml-debuginfo-2.7.18-150000.71.1
  * openSUSE Leap 15.6 (x86_64)
    * python-32bit-debuginfo-2.7.18-150000.71.1
    * python-base-32bit-2.7.18-150000.71.1
    * libpython2_7-1_0-32bit-debuginfo-2.7.18-150000.71.1
    * python-32bit-2.7.18-150000.71.1
    * libpython2_7-1_0-32bit-2.7.18-150000.71.1
    * python-base-32bit-debuginfo-2.7.18-150000.71.1
  * openSUSE Leap 15.6 (noarch)
    * python-doc-2.7.18-150000.71.1
    * python-doc-pdf-2.7.18-150000.71.1
  * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64)
    * libpython2_7-1_0-debuginfo-2.7.18-150000.71.1
    * python-curses-2.7.18-150000.71.1
    * python-gdbm-2.7.18-150000.71.1
    * python-xml-2.7.18-150000.71.1
    * python-curses-debuginfo-2.7.18-150000.71.1
    * python-debuginfo-2.7.18-150000.71.1
    * libpython2_7-1_0-2.7.18-150000.71.1
    * python-2.7.18-150000.71.1
    * python-debugsource-2.7.18-150000.71.1
    * python-base-debugsource-2.7.18-150000.71.1
    * python-base-2.7.18-150000.71.1
    * python-base-debuginfo-2.7.18-150000.71.1
    * python-gdbm-debuginfo-2.7.18-150000.71.1
    * python-xml-debuginfo-2.7.18-150000.71.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-0938.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236705

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250213/adc3d902/attachment.htm>

From null at suse.de  Thu Feb 13 12:30:18 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Thu, 13 Feb 2025 12:30:18 -0000
Subject: SUSE-SU-2025:0512-1: important: Security update for libtasn1
Message-ID: <173944981836.21560.3239651529007161746@smelt2.prg2.suse.org>



# Security update for libtasn1

Announcement ID: SUSE-SU-2025:0512-1  
Release Date: 2025-02-13T11:47:14Z  
Rating: important  
References:

  * bsc#1236878

  
Cross-References:

  * CVE-2024-12133

  
CVSS scores:

  * CVE-2024-12133 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-12133 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-12133 ( NVD ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for libtasn1 fixes the following issues:

  * CVE-2024-12133: the processing of input DER data containing a large number
    of SEQUENCE OF or SET OF elements takes quadratic time to complete.
    (bsc#1236878)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-512=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-512=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * libtasn1-6-debuginfo-4.9-3.16.1
    * libtasn1-4.9-3.16.1
    * libtasn1-debugsource-4.9-3.16.1
    * libtasn1-debuginfo-4.9-3.16.1
    * libtasn1-6-4.9-3.16.1
    * libtasn1-devel-4.9-3.16.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64)
    * libtasn1-6-32bit-4.9-3.16.1
    * libtasn1-6-debuginfo-32bit-4.9-3.16.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * libtasn1-6-debuginfo-4.9-3.16.1
    * libtasn1-4.9-3.16.1
    * libtasn1-6-debuginfo-32bit-4.9-3.16.1
    * libtasn1-debugsource-4.9-3.16.1
    * libtasn1-debuginfo-4.9-3.16.1
    * libtasn1-6-32bit-4.9-3.16.1
    * libtasn1-6-4.9-3.16.1
    * libtasn1-devel-4.9-3.16.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-12133.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236878

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250213/ec1be01b/attachment.htm>

From null at suse.de  Thu Feb 13 12:30:24 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Thu, 13 Feb 2025 12:30:24 -0000
Subject: SUSE-SU-2025:0510-1: moderate: Security update for glibc
Message-ID: <173944982413.21560.16588015744773417304@smelt2.prg2.suse.org>



# Security update for glibc

Announcement ID: SUSE-SU-2025:0510-1  
Release Date: 2025-02-13T11:33:45Z  
Rating: moderate  
References:

  * bsc#1228044
  * bsc#1236282

  
Cross-References:

  * CVE-2025-0395

  
CVSS scores:

  * CVE-2025-0395 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-0395 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
  * CVE-2025-0395 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for glibc fixes the following issue:

  * CVE-2025-0395: Fix underallocation of abort_msg_s struct (bsc#1236282, BZ
    #32582))

  * s390x-wcsncmp patch: s390x: Fix segfault in wcsncmp (bsc#1228044).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-510=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-510=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * glibc-debugsource-2.22-114.40.1
    * glibc-devel-2.22-114.40.1
    * glibc-debuginfo-2.22-114.40.1
    * glibc-devel-static-2.22-114.40.1
    * glibc-devel-32bit-2.22-114.40.1
    * nscd-debuginfo-2.22-114.40.1
    * glibc-locale-debuginfo-2.22-114.40.1
    * glibc-32bit-2.22-114.40.1
    * glibc-profile-2.22-114.40.1
    * glibc-locale-debuginfo-32bit-2.22-114.40.1
    * glibc-locale-2.22-114.40.1
    * glibc-profile-32bit-2.22-114.40.1
    * glibc-devel-debuginfo-2.22-114.40.1
    * nscd-2.22-114.40.1
    * glibc-2.22-114.40.1
    * glibc-devel-debuginfo-32bit-2.22-114.40.1
    * glibc-debuginfo-32bit-2.22-114.40.1
    * glibc-locale-32bit-2.22-114.40.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch)
    * glibc-i18ndata-2.22-114.40.1
    * glibc-html-2.22-114.40.1
    * glibc-info-2.22-114.40.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * glibc-debugsource-2.22-114.40.1
    * glibc-devel-2.22-114.40.1
    * glibc-debuginfo-2.22-114.40.1
    * glibc-devel-static-2.22-114.40.1
    * nscd-debuginfo-2.22-114.40.1
    * glibc-profile-2.22-114.40.1
    * glibc-locale-2.22-114.40.1
    * glibc-devel-debuginfo-2.22-114.40.1
    * nscd-2.22-114.40.1
    * glibc-2.22-114.40.1
    * glibc-locale-debuginfo-2.22-114.40.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch)
    * glibc-i18ndata-2.22-114.40.1
    * glibc-html-2.22-114.40.1
    * glibc-info-2.22-114.40.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64)
    * glibc-devel-32bit-2.22-114.40.1
    * glibc-32bit-2.22-114.40.1
    * glibc-locale-debuginfo-32bit-2.22-114.40.1
    * glibc-profile-32bit-2.22-114.40.1
    * glibc-devel-debuginfo-32bit-2.22-114.40.1
    * glibc-debuginfo-32bit-2.22-114.40.1
    * glibc-locale-32bit-2.22-114.40.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-0395.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1228044
  * https://bugzilla.suse.com/show_bug.cgi?id=1236282

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250213/b7bc2d46/attachment.htm>

From null at suse.de  Thu Feb 13 12:30:56 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Thu, 13 Feb 2025 12:30:56 -0000
Subject: SUSE-SU-2025:0503-1: important: Security update for ovmf
Message-ID: <173944985695.21560.16114629416920881808@smelt2.prg2.suse.org>



# Security update for ovmf

Announcement ID: SUSE-SU-2025:0503-1  
Release Date: 2025-02-13T10:12:13Z  
Rating: important  
References:

  * bsc#1218879
  * bsc#1218880
  * bsc#1218881
  * bsc#1218882
  * bsc#1218883
  * bsc#1218884
  * bsc#1218885
  * bsc#1218886
  * bsc#1218887
  * bsc#1225889

  
Cross-References:

  * CVE-2023-45229
  * CVE-2023-45230
  * CVE-2023-45231
  * CVE-2023-45232
  * CVE-2023-45233
  * CVE-2023-45234
  * CVE-2023-45235
  * CVE-2023-45236
  * CVE-2023-45237
  * CVE-2024-1298

  
CVSS scores:

  * CVE-2023-45229 ( SUSE ):  6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-45229 ( NVD ):  6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-45230 ( SUSE ):  8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
  * CVE-2023-45230 ( NVD ):  8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-45230 ( NVD ):  8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
  * CVE-2023-45231 ( SUSE ):  6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-45231 ( NVD ):  6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-45232 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-45232 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-45233 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-45233 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-45234 ( SUSE ):  8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
  * CVE-2023-45234 ( NVD ):  8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-45235 ( SUSE ):  8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
  * CVE-2023-45235 ( NVD ):  8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-45236 ( SUSE ):  5.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
  * CVE-2023-45236 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-45237 ( SUSE ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
  * CVE-2023-45237 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-1298 ( SUSE ):  6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves 10 vulnerabilities can now be installed.

## Description:

This update for ovmf fixes the following issues:

  * CVE-2024-1298: potential division-by-zero crash in edk2 due to UINT32
    overflow in S3 ResumeCount. (bsc#1225889)
  * CVE-2023-45229: out-of-bounds read in edk2 when processing IA_NA/IA_TA
    options in DHCPv6 Advertise messages. (bsc#1218879)
  * CVE-2023-45230: buffer overflow in the DHCPv6 client in edk2 via a long
    Server ID option. (bsc#1218880)
  * CVE-2023-45231: out-of-bounds read in edk2 when handling a ND Redirect
    message with truncated options. (bsc#1218881)
  * CVE-2023-45232: infinite loop in edk2 when parsing unknown options in the
    Destination Options header. (bsc#1218882)
  * CVE-2023-45233: infinite loop in edk2 when parsing PadN options in the
    Destination Options header. (bsc#1218883)
  * CVE-2023-45234: buffer overflow in edk2 when processing DNS Servers options
    in a DHCPv6 Advertise message. (bsc#1218884)
  * CVE-2023-45235: buffer overflow in edk2 when handling the Server ID option
    in a DHCPv6 proxy Advertise message. (bsc#1218885)
  * CVE-2023-45236: predictable TCP Initial Sequence Numbers in edk2 network
    packages. (bsc#1218886)
  * CVE-2023-45237: use of a weak pseudorandom number generator in edk2.
    (bsc#1218887)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-503=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-503=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-503=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-503=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-503=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-503=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-503=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-503=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-503=1

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-503=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-503=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-503=1

## Package List:

  * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch)
    * qemu-uefi-aarch64-202202-150400.5.15.1
    * qemu-ovmf-x86_64-202202-150400.5.15.1
  * SUSE Linux Enterprise Micro 5.4 (noarch)
    * qemu-uefi-aarch64-202202-150400.5.15.1
    * qemu-ovmf-x86_64-202202-150400.5.15.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * ovmf-202202-150400.5.15.1
    * ovmf-tools-202202-150400.5.15.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * qemu-uefi-aarch64-202202-150400.5.15.1
    * qemu-ovmf-x86_64-202202-150400.5.15.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * ovmf-202202-150400.5.15.1
    * ovmf-tools-202202-150400.5.15.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * qemu-uefi-aarch64-202202-150400.5.15.1
    * qemu-ovmf-x86_64-202202-150400.5.15.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 x86_64)
    * ovmf-202202-150400.5.15.1
    * ovmf-tools-202202-150400.5.15.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * qemu-uefi-aarch64-202202-150400.5.15.1
    * qemu-ovmf-x86_64-202202-150400.5.15.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
    * ovmf-202202-150400.5.15.1
    * ovmf-tools-202202-150400.5.15.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * qemu-ovmf-x86_64-202202-150400.5.15.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * ovmf-202202-150400.5.15.1
    * ovmf-tools-202202-150400.5.15.1
  * SUSE Manager Proxy 4.3 (noarch)
    * qemu-ovmf-x86_64-202202-150400.5.15.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * ovmf-202202-150400.5.15.1
    * ovmf-tools-202202-150400.5.15.1
  * SUSE Manager Retail Branch Server 4.3 (noarch)
    * qemu-ovmf-x86_64-202202-150400.5.15.1
  * SUSE Manager Server 4.3 (x86_64)
    * ovmf-202202-150400.5.15.1
    * ovmf-tools-202202-150400.5.15.1
  * SUSE Manager Server 4.3 (noarch)
    * qemu-ovmf-x86_64-202202-150400.5.15.1
  * openSUSE Leap 15.4 (aarch64 x86_64)
    * ovmf-202202-150400.5.15.1
    * ovmf-tools-202202-150400.5.15.1
  * openSUSE Leap 15.4 (noarch)
    * qemu-ovmf-x86_64-202202-150400.5.15.1
    * qemu-uefi-aarch32-202202-150400.5.15.1
    * qemu-ovmf-ia32-202202-150400.5.15.1
    * qemu-uefi-aarch64-202202-150400.5.15.1
  * openSUSE Leap 15.4 (x86_64)
    * qemu-ovmf-x86_64-debug-202202-150400.5.15.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch)
    * qemu-uefi-aarch64-202202-150400.5.15.1
    * qemu-ovmf-x86_64-202202-150400.5.15.1
  * SUSE Linux Enterprise Micro 5.3 (noarch)
    * qemu-uefi-aarch64-202202-150400.5.15.1
    * qemu-ovmf-x86_64-202202-150400.5.15.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-45229.html
  * https://www.suse.com/security/cve/CVE-2023-45230.html
  * https://www.suse.com/security/cve/CVE-2023-45231.html
  * https://www.suse.com/security/cve/CVE-2023-45232.html
  * https://www.suse.com/security/cve/CVE-2023-45233.html
  * https://www.suse.com/security/cve/CVE-2023-45234.html
  * https://www.suse.com/security/cve/CVE-2023-45235.html
  * https://www.suse.com/security/cve/CVE-2023-45236.html
  * https://www.suse.com/security/cve/CVE-2023-45237.html
  * https://www.suse.com/security/cve/CVE-2024-1298.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1218879
  * https://bugzilla.suse.com/show_bug.cgi?id=1218880
  * https://bugzilla.suse.com/show_bug.cgi?id=1218881
  * https://bugzilla.suse.com/show_bug.cgi?id=1218882
  * https://bugzilla.suse.com/show_bug.cgi?id=1218883
  * https://bugzilla.suse.com/show_bug.cgi?id=1218884
  * https://bugzilla.suse.com/show_bug.cgi?id=1218885
  * https://bugzilla.suse.com/show_bug.cgi?id=1218886
  * https://bugzilla.suse.com/show_bug.cgi?id=1218887
  * https://bugzilla.suse.com/show_bug.cgi?id=1225889

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250213/8579508c/attachment.htm>

From null at suse.de  Thu Feb 13 12:31:00 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Thu, 13 Feb 2025 12:31:00 -0000
Subject: SUSE-SU-2025:0502-1: moderate: Security update for python3
Message-ID: <173944986051.21560.11582950332481739409@smelt2.prg2.suse.org>



# Security update for python3

Announcement ID: SUSE-SU-2025:0502-1  
Release Date: 2025-02-13T10:11:12Z  
Rating: moderate  
References:

  * bsc#1236705

  
Cross-References:

  * CVE-2025-0938

  
CVSS scores:

  * CVE-2025-0938 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N
  * CVE-2025-0938 ( SUSE ):  4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
  * CVE-2025-0938 ( NVD ):  6.3
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

  
Affected Products:

  * SUSE Linux Enterprise Micro 5.1

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for python3 fixes the following issues:

  * CVE-2025-0938: domain names containing square brackets are not identified as
    incorrect by urlparse. (bsc#1236705)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro 5.1  
    zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-502=1

## Package List:

  * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
    * libpython3_6m1_0-3.6.15-150000.3.170.1
    * python3-base-debuginfo-3.6.15-150000.3.170.1
    * python3-core-debugsource-3.6.15-150000.3.170.1
    * python3-debuginfo-3.6.15-150000.3.170.1
    * python3-debugsource-3.6.15-150000.3.170.1
    * python3-base-3.6.15-150000.3.170.1
    * python3-3.6.15-150000.3.170.1
    * libpython3_6m1_0-debuginfo-3.6.15-150000.3.170.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-0938.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236705

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250213/62558007/attachment.htm>

From null at suse.de  Thu Feb 13 12:34:56 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Thu, 13 Feb 2025 12:34:56 -0000
Subject: SUSE-SU-2025:0499-1: important: Security update for the Linux Kernel
Message-ID: <173945009693.21560.7115732377942318721@smelt2.prg2.suse.org>



# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2025:0499-1  
Release Date: 2025-02-13T08:15:19Z  
Rating: important  
References:

  * bsc#1012628
  * bsc#1194869
  * bsc#1215199
  * bsc#1216813
  * bsc#1218470
  * bsc#1220711
  * bsc#1221326
  * bsc#1222803
  * bsc#1224049
  * bsc#1225897
  * bsc#1226980
  * bsc#1228592
  * bsc#1229833
  * bsc#1231016
  * bsc#1231088
  * bsc#1232087
  * bsc#1232101
  * bsc#1232158
  * bsc#1232161
  * bsc#1232421
  * bsc#1232882
  * bsc#1233055
  * bsc#1233112
  * bsc#1233221
  * bsc#1233248
  * bsc#1233259
  * bsc#1233260
  * bsc#1233488
  * bsc#1233522
  * bsc#1233638
  * bsc#1233642
  * bsc#1233778
  * bsc#1234195
  * bsc#1234619
  * bsc#1234635
  * bsc#1234683
  * bsc#1234693
  * bsc#1234726
  * bsc#1234825
  * bsc#1234863
  * bsc#1234887
  * bsc#1234888
  * bsc#1234893
  * bsc#1234898
  * bsc#1234901
  * bsc#1234906
  * bsc#1234923
  * bsc#1234931
  * bsc#1234934
  * bsc#1234947
  * bsc#1234957
  * bsc#1235000
  * bsc#1235001
  * bsc#1235011
  * bsc#1235031
  * bsc#1235032
  * bsc#1235035
  * bsc#1235037
  * bsc#1235038
  * bsc#1235039
  * bsc#1235040
  * bsc#1235042
  * bsc#1235043
  * bsc#1235046
  * bsc#1235050
  * bsc#1235051
  * bsc#1235053
  * bsc#1235054
  * bsc#1235057
  * bsc#1235059
  * bsc#1235065
  * bsc#1235070
  * bsc#1235073
  * bsc#1235100
  * bsc#1235112
  * bsc#1235115
  * bsc#1235117
  * bsc#1235122
  * bsc#1235123
  * bsc#1235125
  * bsc#1235132
  * bsc#1235133
  * bsc#1235155
  * bsc#1235160
  * bsc#1235217
  * bsc#1235219
  * bsc#1235220
  * bsc#1235222
  * bsc#1235223
  * bsc#1235224
  * bsc#1235227
  * bsc#1235230
  * bsc#1235241
  * bsc#1235244
  * bsc#1235249
  * bsc#1235251
  * bsc#1235252
  * bsc#1235389
  * bsc#1235390
  * bsc#1235391
  * bsc#1235406
  * bsc#1235410
  * bsc#1235412
  * bsc#1235413
  * bsc#1235415
  * bsc#1235416
  * bsc#1235417
  * bsc#1235418
  * bsc#1235423
  * bsc#1235424
  * bsc#1235425
  * bsc#1235426
  * bsc#1235427
  * bsc#1235428
  * bsc#1235429
  * bsc#1235430
  * bsc#1235433
  * bsc#1235437
  * bsc#1235439
  * bsc#1235441
  * bsc#1235444
  * bsc#1235445
  * bsc#1235449
  * bsc#1235451
  * bsc#1235454
  * bsc#1235458
  * bsc#1235459
  * bsc#1235464
  * bsc#1235466
  * bsc#1235473
  * bsc#1235479
  * bsc#1235480
  * bsc#1235483
  * bsc#1235486
  * bsc#1235487
  * bsc#1235488
  * bsc#1235489
  * bsc#1235491
  * bsc#1235494
  * bsc#1235495
  * bsc#1235496
  * bsc#1235497
  * bsc#1235498
  * bsc#1235500
  * bsc#1235502
  * bsc#1235503
  * bsc#1235519
  * bsc#1235520
  * bsc#1235521
  * bsc#1235523
  * bsc#1235526
  * bsc#1235528
  * bsc#1235532
  * bsc#1235533
  * bsc#1235534
  * bsc#1235537
  * bsc#1235538
  * bsc#1235545
  * bsc#1235552
  * bsc#1235555
  * bsc#1235557
  * bsc#1235563
  * bsc#1235564
  * bsc#1235565
  * bsc#1235568
  * bsc#1235570
  * bsc#1235571
  * bsc#1235577
  * bsc#1235578
  * bsc#1235582
  * bsc#1235583
  * bsc#1235584
  * bsc#1235587
  * bsc#1235611
  * bsc#1235612
  * bsc#1235616
  * bsc#1235622
  * bsc#1235627
  * bsc#1235632
  * bsc#1235635
  * bsc#1235638
  * bsc#1235641
  * bsc#1235643
  * bsc#1235645
  * bsc#1235646
  * bsc#1235647
  * bsc#1235650
  * bsc#1235653
  * bsc#1235656
  * bsc#1235657
  * bsc#1235663
  * bsc#1235686
  * bsc#1235700
  * bsc#1235705
  * bsc#1235707
  * bsc#1235708
  * bsc#1235710
  * bsc#1235714
  * bsc#1235716
  * bsc#1235720
  * bsc#1235723
  * bsc#1235727
  * bsc#1235730
  * bsc#1235737
  * bsc#1235739
  * bsc#1235745
  * bsc#1235747
  * bsc#1235750
  * bsc#1235753
  * bsc#1235759
  * bsc#1235764
  * bsc#1235768
  * bsc#1235776
  * bsc#1235777
  * bsc#1235778
  * bsc#1235779
  * bsc#1235793
  * bsc#1235798
  * bsc#1235806
  * bsc#1235808
  * bsc#1235812
  * bsc#1235814
  * bsc#1235818
  * bsc#1235842
  * bsc#1235865
  * bsc#1235874
  * bsc#1235894
  * bsc#1235902
  * bsc#1235903
  * bsc#1235906
  * bsc#1235914
  * bsc#1235918
  * bsc#1235919
  * bsc#1235920
  * bsc#1235924
  * bsc#1235940
  * bsc#1235941
  * bsc#1235946
  * bsc#1235948
  * bsc#1235952
  * bsc#1235964
  * bsc#1235965
  * bsc#1235967
  * bsc#1235969
  * bsc#1235976
  * bsc#1235977
  * bsc#1236078
  * bsc#1236080
  * bsc#1236082
  * bsc#1236088
  * bsc#1236090
  * bsc#1236091
  * bsc#1236096
  * bsc#1236097
  * bsc#1236098
  * bsc#1236101
  * bsc#1236102
  * bsc#1236104
  * bsc#1236106
  * bsc#1236120
  * bsc#1236125
  * bsc#1236127
  * bsc#1236131
  * bsc#1236138
  * bsc#1236143
  * bsc#1236144
  * bsc#1236145
  * bsc#1236160
  * bsc#1236161
  * bsc#1236163
  * bsc#1236168
  * bsc#1236178
  * bsc#1236180
  * bsc#1236181
  * bsc#1236182
  * bsc#1236190
  * bsc#1236192
  * bsc#1236198
  * bsc#1236227
  * bsc#1236245
  * bsc#1236247
  * bsc#1236248
  * bsc#1236260
  * bsc#1236262
  * bsc#1236628
  * bsc#1236680
  * bsc#1236683
  * bsc#1236685
  * bsc#1236688
  * bsc#1236694
  * bsc#1236696
  * bsc#1236698
  * bsc#1236703
  * bsc#1236732
  * bsc#1236733
  * bsc#1236757
  * bsc#1236758
  * bsc#1236760
  * bsc#1236761

  
Cross-References:

  * CVE-2023-52489
  * CVE-2023-52923
  * CVE-2024-26810
  * CVE-2024-36476
  * CVE-2024-39282
  * CVE-2024-43913
  * CVE-2024-45828
  * CVE-2024-46858
  * CVE-2024-46896
  * CVE-2024-47141
  * CVE-2024-47143
  * CVE-2024-47809
  * CVE-2024-48873
  * CVE-2024-48881
  * CVE-2024-49569
  * CVE-2024-49948
  * CVE-2024-49951
  * CVE-2024-49978
  * CVE-2024-49998
  * CVE-2024-50051
  * CVE-2024-50106
  * CVE-2024-50151
  * CVE-2024-50199
  * CVE-2024-50251
  * CVE-2024-50258
  * CVE-2024-50299
  * CVE-2024-50304
  * CVE-2024-52332
  * CVE-2024-53091
  * CVE-2024-53095
  * CVE-2024-53164
  * CVE-2024-53168
  * CVE-2024-53170
  * CVE-2024-53172
  * CVE-2024-53175
  * CVE-2024-53185
  * CVE-2024-53187
  * CVE-2024-53194
  * CVE-2024-53195
  * CVE-2024-53196
  * CVE-2024-53197
  * CVE-2024-53198
  * CVE-2024-53203
  * CVE-2024-53227
  * CVE-2024-53230
  * CVE-2024-53231
  * CVE-2024-53232
  * CVE-2024-53233
  * CVE-2024-53236
  * CVE-2024-53239
  * CVE-2024-53685
  * CVE-2024-53690
  * CVE-2024-54680
  * CVE-2024-55639
  * CVE-2024-55881
  * CVE-2024-55916
  * CVE-2024-56369
  * CVE-2024-56372
  * CVE-2024-56531
  * CVE-2024-56532
  * CVE-2024-56533
  * CVE-2024-56538
  * CVE-2024-56543
  * CVE-2024-56546
  * CVE-2024-56548
  * CVE-2024-56557
  * CVE-2024-56558
  * CVE-2024-56568
  * CVE-2024-56569
  * CVE-2024-56570
  * CVE-2024-56571
  * CVE-2024-56572
  * CVE-2024-56573
  * CVE-2024-56574
  * CVE-2024-56575
  * CVE-2024-56577
  * CVE-2024-56578
  * CVE-2024-56584
  * CVE-2024-56587
  * CVE-2024-56588
  * CVE-2024-56589
  * CVE-2024-56590
  * CVE-2024-56592
  * CVE-2024-56593
  * CVE-2024-56594
  * CVE-2024-56595
  * CVE-2024-56596
  * CVE-2024-56597
  * CVE-2024-56598
  * CVE-2024-56600
  * CVE-2024-56601
  * CVE-2024-56602
  * CVE-2024-56603
  * CVE-2024-56606
  * CVE-2024-56607
  * CVE-2024-56608
  * CVE-2024-56609
  * CVE-2024-56610
  * CVE-2024-56611
  * CVE-2024-56614
  * CVE-2024-56615
  * CVE-2024-56616
  * CVE-2024-56617
  * CVE-2024-56619
  * CVE-2024-56620
  * CVE-2024-56622
  * CVE-2024-56623
  * CVE-2024-56625
  * CVE-2024-56629
  * CVE-2024-56630
  * CVE-2024-56631
  * CVE-2024-56632
  * CVE-2024-56634
  * CVE-2024-56635
  * CVE-2024-56636
  * CVE-2024-56637
  * CVE-2024-56641
  * CVE-2024-56642
  * CVE-2024-56643
  * CVE-2024-56644
  * CVE-2024-56648
  * CVE-2024-56649
  * CVE-2024-56650
  * CVE-2024-56651
  * CVE-2024-56654
  * CVE-2024-56656
  * CVE-2024-56658
  * CVE-2024-56659
  * CVE-2024-56660
  * CVE-2024-56661
  * CVE-2024-56662
  * CVE-2024-56663
  * CVE-2024-56664
  * CVE-2024-56665
  * CVE-2024-56670
  * CVE-2024-56672
  * CVE-2024-56675
  * CVE-2024-56677
  * CVE-2024-56678
  * CVE-2024-56679
  * CVE-2024-56681
  * CVE-2024-56683
  * CVE-2024-56687
  * CVE-2024-56688
  * CVE-2024-56690
  * CVE-2024-56691
  * CVE-2024-56693
  * CVE-2024-56694
  * CVE-2024-56698
  * CVE-2024-56700
  * CVE-2024-56701
  * CVE-2024-56704
  * CVE-2024-56705
  * CVE-2024-56707
  * CVE-2024-56708
  * CVE-2024-56709
  * CVE-2024-56712
  * CVE-2024-56715
  * CVE-2024-56716
  * CVE-2024-56722
  * CVE-2024-56723
  * CVE-2024-56724
  * CVE-2024-56725
  * CVE-2024-56726
  * CVE-2024-56727
  * CVE-2024-56728
  * CVE-2024-56729
  * CVE-2024-56739
  * CVE-2024-56741
  * CVE-2024-56745
  * CVE-2024-56746
  * CVE-2024-56747
  * CVE-2024-56748
  * CVE-2024-56759
  * CVE-2024-56760
  * CVE-2024-56763
  * CVE-2024-56765
  * CVE-2024-56766
  * CVE-2024-56767
  * CVE-2024-56769
  * CVE-2024-56774
  * CVE-2024-56775
  * CVE-2024-56776
  * CVE-2024-56777
  * CVE-2024-56778
  * CVE-2024-56779
  * CVE-2024-56780
  * CVE-2024-56787
  * CVE-2024-57791
  * CVE-2024-57792
  * CVE-2024-57793
  * CVE-2024-57795
  * CVE-2024-57798
  * CVE-2024-57801
  * CVE-2024-57802
  * CVE-2024-57804
  * CVE-2024-57809
  * CVE-2024-57838
  * CVE-2024-57849
  * CVE-2024-57850
  * CVE-2024-57857
  * CVE-2024-57874
  * CVE-2024-57876
  * CVE-2024-57882
  * CVE-2024-57884
  * CVE-2024-57887
  * CVE-2024-57888
  * CVE-2024-57890
  * CVE-2024-57892
  * CVE-2024-57893
  * CVE-2024-57896
  * CVE-2024-57897
  * CVE-2024-57899
  * CVE-2024-57903
  * CVE-2024-57904
  * CVE-2024-57906
  * CVE-2024-57907
  * CVE-2024-57908
  * CVE-2024-57910
  * CVE-2024-57911
  * CVE-2024-57912
  * CVE-2024-57913
  * CVE-2024-57915
  * CVE-2024-57916
  * CVE-2024-57917
  * CVE-2024-57922
  * CVE-2024-57926
  * CVE-2024-57929
  * CVE-2024-57931
  * CVE-2024-57932
  * CVE-2024-57933
  * CVE-2024-57935
  * CVE-2024-57936
  * CVE-2024-57938
  * CVE-2024-57940
  * CVE-2024-57946
  * CVE-2025-21632
  * CVE-2025-21645
  * CVE-2025-21646
  * CVE-2025-21649
  * CVE-2025-21650
  * CVE-2025-21651
  * CVE-2025-21652
  * CVE-2025-21653
  * CVE-2025-21655
  * CVE-2025-21656
  * CVE-2025-21662
  * CVE-2025-21663
  * CVE-2025-21664
  * CVE-2025-21666
  * CVE-2025-21669
  * CVE-2025-21670
  * CVE-2025-21674
  * CVE-2025-21675
  * CVE-2025-21676
  * CVE-2025-21678
  * CVE-2025-21682

  
CVSS scores:

  * CVE-2023-52489 ( SUSE ):  5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-52923 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2023-52923 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-26810 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-26810 ( NVD ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-36476 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-36476 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-36476 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-39282 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-39282 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-43913 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-43913 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
  * CVE-2024-43913 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-45828 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-45828 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-45828 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-46858 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-46858 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-46896 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-46896 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47141 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47141 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47141 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47143 ( SUSE ):  5.6
    CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47143 ( SUSE ):  4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47143 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47809 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47809 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47809 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-48873 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-48873 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-48873 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-48881 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-48881 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-48881 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49569 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-49569 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49948 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49948 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49951 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49951 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49978 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49978 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49998 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49998 ( NVD ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50051 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-50051 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50051 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50051 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50106 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50106 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50106 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50151 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-50151 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2024-50151 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50199 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50251 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-50251 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50251 ( NVD ):  6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50258 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-50258 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50258 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50299 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50299 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50304 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50304 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-52332 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-52332 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53091 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53091 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53095 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53095 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53164 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53164 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53168 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53168 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53168 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53168 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53170 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53170 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53170 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53170 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53172 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53172 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53175 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-53175 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-53175 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53185 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53185 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53185 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53185 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53187 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-53187 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
  * CVE-2024-53187 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53194 ( SUSE ):  5.4
    CVSS:4.0/AV:P/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53194 ( SUSE ):  6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53194 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53195 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-53195 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-53196 ( SUSE ):  0.0
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-53196 ( SUSE ):  0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N
  * CVE-2024-53197 ( SUSE ):  5.6
    CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-53197 ( SUSE ):  4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-53198 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-53198 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-53203 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53203 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
  * CVE-2024-53203 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53227 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53227 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53227 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53227 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53230 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53230 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53230 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53231 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53231 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53231 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53232 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53232 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53232 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53232 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53233 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53233 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53236 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53236 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53239 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53239 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53239 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53239 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53685 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53685 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53690 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53690 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54680 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-54680 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54680 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-54680 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-55639 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-55639 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-55881 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-55881 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-55916 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-55916 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-55916 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56369 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56369 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56369 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56372 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56372 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56531 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56531 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56532 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56532 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56533 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56533 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56538 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56538 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56538 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56538 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56543 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56543 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56546 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56546 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56548 ( SUSE ):  8.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56548 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56557 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56557 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56558 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56558 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56558 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56568 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56568 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56568 ( NVD ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56569 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56569 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56569 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56570 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56570 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56571 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56571 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56572 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56572 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56572 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56573 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56573 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56574 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56574 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56574 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56575 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56575 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56575 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56577 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56577 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56577 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56578 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56578 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56578 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56584 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56584 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56587 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56587 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56587 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56588 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56588 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56588 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56589 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56589 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56590 ( SUSE ):  6.9
    CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56590 ( SUSE ):  5.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56592 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56592 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56593 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56593 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56593 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56594 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56594 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56595 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56595 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56595 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56596 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56596 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56596 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56597 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56597 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-56598 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56598 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56598 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56600 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56601 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56602 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56602 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56602 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56602 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56603 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56603 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56603 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56603 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56606 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56606 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56606 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56606 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56607 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56607 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56608 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56608 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56608 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56609 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56609 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56610 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56610 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56611 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56611 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56611 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56614 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56614 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56614 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56615 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56615 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56615 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56616 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56616 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56617 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56617 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56617 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56619 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56619 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56619 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56620 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56620 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56620 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56622 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56622 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56622 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56623 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56623 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56623 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56625 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56625 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56629 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56629 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56629 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56630 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56630 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56631 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56631 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56631 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56631 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56632 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56632 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56632 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56634 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56634 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56634 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56635 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56635 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56635 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56635 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56636 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56636 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  * CVE-2024-56637 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56637 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56641 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56641 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56642 ( SUSE ):  7.5
    CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56642 ( SUSE ):  7.1 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56642 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56642 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56643 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56643 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56643 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56644 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56644 ( SUSE ):  2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56648 ( SUSE ):  8.6
    CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56648 ( SUSE ):  8.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56648 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56649 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56649 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56649 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56650 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56650 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56650 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-56651 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56651 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56651 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56651 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56654 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56654 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56654 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56656 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56656 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56656 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56658 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56658 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56658 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56659 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56659 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56659 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56660 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56660 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56660 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56661 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56661 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56661 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56662 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56662 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
  * CVE-2024-56662 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-56663 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56663 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
  * CVE-2024-56663 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-56664 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56664 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56664 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56665 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56665 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56665 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56670 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56670 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56670 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56672 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56672 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56672 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56672 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56675 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56675 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56675 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56675 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56677 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56677 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56678 ( SUSE ):  8.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56678 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56678 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56679 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56679 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56681 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56681 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  * CVE-2024-56683 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56683 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56687 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56687 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56687 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56688 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56688 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56688 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56690 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56690 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56691 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56691 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56693 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56693 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56693 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56694 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56694 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56694 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56698 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56698 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56698 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56700 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56700 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56701 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56701 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56704 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56704 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56704 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56705 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56705 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56707 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56707 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56708 ( SUSE ):  8.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56708 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56708 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56709 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56709 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56712 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56712 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56712 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56715 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56715 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56715 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56716 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56716 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56716 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56722 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56722 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56722 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56723 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56723 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56723 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56724 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56724 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56724 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56725 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56725 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56725 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56726 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56726 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56726 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56727 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56727 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56727 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56728 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56728 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56728 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56729 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56729 ( SUSE ):  2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56729 ( NVD ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56739 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56739 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56739 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56741 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56741 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56741 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56745 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56745 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56745 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56746 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56746 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56746 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56747 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56747 ( SUSE ):  2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56747 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56748 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56748 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56748 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56759 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56759 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56760 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56760 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56760 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56763 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56763 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56763 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56765 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56765 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56765 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56766 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56766 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56766 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56767 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56767 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56767 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56769 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56769 ( SUSE ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-56769 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56774 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56774 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56774 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56775 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56775 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56775 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56776 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56776 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56776 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56777 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56777 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56777 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56778 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56778 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56778 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56779 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56779 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56779 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56780 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56780 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56780 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56787 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56787 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56787 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57791 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57791 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57792 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57792 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57793 ( SUSE ):  6.2
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H
  * CVE-2024-57793 ( SUSE ):  8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:H
  * CVE-2024-57795 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57795 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57798 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57798 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57798 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57801 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57801 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57801 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57801 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57802 ( SUSE ):  2.1
    CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-57802 ( SUSE ):  4.6 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
  * CVE-2024-57802 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57804 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57804 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2024-57809 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57809 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57838 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57838 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57849 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57849 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57850 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57850 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57857 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57857 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57874 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57874 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57874 ( NVD ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
  * CVE-2024-57876 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57876 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57882 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57882 ( SUSE ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
  * CVE-2024-57882 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57884 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57884 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57887 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57887 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57887 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57887 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57888 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57888 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57890 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57890 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
  * CVE-2024-57890 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57892 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57892 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57892 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57893 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57893 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57896 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57896 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57896 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57896 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57897 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57897 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57899 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57899 ( SUSE ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-57903 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57903 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57904 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57904 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57906 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57906 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57907 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57907 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57908 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57908 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57908 ( SUSE ):  3.3 AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57910 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57910 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57910 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-57911 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57911 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-57912 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57912 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57913 ( SUSE ):  0.0
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57913 ( SUSE ):  0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N
  * CVE-2024-57915 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57915 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57915 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57916 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57916 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57917 ( SUSE ):  5.6
    CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57917 ( SUSE ):  4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57922 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57922 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57926 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57926 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57926 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57926 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57929 ( SUSE ):  8.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57929 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57931 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57931 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57932 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57932 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57933 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57933 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57933 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57935 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57935 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57936 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57936 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57938 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57938 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57938 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57940 ( SUSE ):  5.6
    CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57940 ( SUSE ):  4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57940 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57946 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57946 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21632 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21632 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21645 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21645 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21646 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21646 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21649 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21649 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21649 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21650 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21650 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21651 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21651 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21652 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21652 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-21652 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-21652 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-21653 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-21653 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  * CVE-2025-21655 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21655 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21656 ( SUSE ):  1.0
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-21656 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:L
  * CVE-2025-21662 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21662 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21663 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21663 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21664 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21664 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21666 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21666 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21666 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21669 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21669 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21669 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21670 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21670 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21670 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21674 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21674 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21674 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21675 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21675 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21675 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21676 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21676 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21676 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21678 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21678 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21682 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21682 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21682 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * Development Tools Module 15-SP6
  * Legacy Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Availability Extension 15 SP6
  * SUSE Linux Enterprise Live Patching 15-SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Linux Enterprise Workstation Extension 15 SP6

  
  
An update that solves 257 vulnerabilities and has 42 security fixes can now be
installed.

## Description:

The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security
bugfixes.

The following security bugs were fixed:

  * CVE-2025-21682: eth: bnxt: always recalculate features after XDP clearing,
    fix null-deref (bsc#1236703).
  * CVE-2025-21678: gtp: Destroy device along with udp socket's netns dismantle
    (bsc#1236698).
  * CVE-2025-21676: net: fec: handle page_pool_dev_alloc_pages error
    (bsc#1236696).
  * CVE-2025-21675: net/mlx5: Clear port select structure when fail to create
    (bsc#1236694).
  * CVE-2025-21674: net/mlx5e: Fix inversion dependency warning while enabling
    IPsec tunnel (bsc#1236688).
  * CVE-2025-21670: vsock/bpf: return early if transport is not assigned
    (bsc#1236685).
  * CVE-2025-21669: vsock/virtio: discard packets if the transport changes
    (bsc#1236683).
  * CVE-2025-21666: vsock: prevent null-ptr-deref in vsock_*[has_data|has_space]
    (bsc#1236680).
  * CVE-2025-21664: dm thin: make get_first_thin use rcu-safe list first
    function (bsc#1236262).
  * CVE-2025-21663: net: stmmac: dwmac-tegra: Read iommu stream id from device
    tree (bsc#1236260).
  * CVE-2025-21662: net/mlx5: Fix variable not being completed when function
    returns (bsc#1236198).
  * CVE-2025-21655: io_uring/eventfd: ensure io_eventfd_signal() defers another
    RCU period (bsc#1236163).
  * CVE-2025-21653: net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute
    (bsc#1236161).
  * CVE-2025-21652: ipvlan: Fix use-after-free in ipvlan_get_iflink()
    (bsc#1236160).
  * CVE-2025-21651: net: hns3: do not auto enable misc vector (bsc#1236145).
  * CVE-2025-21650: net: hns3: fixed hclge_fetch_pf_reg accesses bar space out
    of bounds issue (bsc#1236144).
  * CVE-2025-21649: net: hns3: fix kernel crash when 1588 is sent on HIP08
    devices (bsc#1236143).
  * CVE-2025-21632: x86/fpu: Ensure shadow stack is active before "getting"
    registers (bsc#1236106).
  * CVE-2024-57946: virtio-blk: do not keep queue frozen during system suspend
    (bsc#1236247).
  * CVE-2024-57938: net/sctp: Prevent autoclose integer overflow in
    sctp_association_init() (bsc#1236182).
  * CVE-2024-57933: gve: guard XSK operations on the existence of queues
    (bsc#1236178).
  * CVE-2024-57932: gve: guard XDP xmit NDO on existence of xdp queues
    (bsc#1236190).
  * CVE-2024-57931: selinux: ignore unknown extended permissions (bsc#1236192).
  * CVE-2024-57929: dm array: fix releasing a faulty array block twice in
    dm_array_cursor_end (bsc#1236096).
  * CVE-2024-57917: topology: Keep the cpumask unchanged when printing cpumap
    (bsc#1236127).
  * CVE-2024-57903: net: restrict SO_REUSEPORT to inet sockets (bsc#1235967).
  * CVE-2024-57896: btrfs: flush delalloc workers queue before stopping cleaner
    kthread during unmount (bsc#1235965).
  * CVE-2024-57892: ocfs2: fix slab-use-after-free due to dangling pointer
    dqi_priv (bsc#1235964).
  * CVE-2024-57884: mm: vmscan: account for free pages to prevent infinite Loop
    in throttle_direct_reclaim() (bsc#1235948).
  * CVE-2024-57882: mptcp: fix TCP options overflow. (bsc#1235914).
  * CVE-2024-57857: RDMA/siw: Remove direct link to net_device (bsc#1235946).
  * CVE-2024-57838: s390/entry: Mark IRQ entries to fix stack depot warnings
    (bsc#1235798).
  * CVE-2024-57809: PCI: imx6: Fix suspend/resume support on i.MX6QDL
    (bsc#1235793).
  * CVE-2024-57804: scsi: mpi3mr: Fix corrupt config pages PHY state is switched
    in sysfs (bsc#1235779).
  * CVE-2024-57802: netrom: check buffer length before accessing it
    (bsc#1235941).
  * CVE-2024-57801: net/mlx5e: Skip restore TC rules for vport rep without
    loaded flag (bsc#1235940).
  * CVE-2024-57795: RDMA/rxe: Remove the direct link to net_device
    (bsc#1235906).
  * CVE-2024-57793: virt: tdx-guest: Just leak decrypted memory on unrecoverable
    errors (bsc#1235768).
  * CVE-2024-57791: net/smc: check return value of sock_recvmsg when draining
    clc data (bsc#1235759).
  * CVE-2024-56775: drm/amd/display: Fix handling of plane refcount
    (bsc#1235657).
  * CVE-2024-56774: btrfs: add a sanity check for btrfs root in
    btrfs_search_slot() (bsc#1235653).
  * CVE-2024-56763: tracing: Prevent bad count for tracing_cpumask_write
    (bsc#1235638).
  * CVE-2024-56759: btrfs: fix use-after-free when COWing tree bock and tracing
    is enabled (bsc#1235645).
  * CVE-2024-56748: scsi: qedf: Fix a possible memory leak in
    qedf_alloc_and_init_sb() (bsc#1235627).
  * CVE-2024-56747: scsi: qedi: Fix a possible memory leak in
    qedi_alloc_and_init_sb() (bsc#1234934).
  * CVE-2024-56729: smb: Initialize cfid->tcon before performing network ops
    (bsc#1235503).
  * CVE-2024-56728: octeontx2-pf: handle otx2_mbox_get_rsp errors in
    otx2_ethtool.c (bsc#1235656).
  * CVE-2024-56727: octeontx2-pf: handle otx2_mbox_get_rsp errors in
    otx2_flows.c (bsc#1235583).
  * CVE-2024-56726: octeontx2-pf: handle otx2_mbox_get_rsp errors in cn10k.c
    (bsc#1235582).
  * CVE-2024-56725: octeontx2-pf: handle otx2_mbox_get_rsp errors in
    otx2_dcbnl.c (bsc#1235578).
  * CVE-2024-56716: netdevsim: prevent bad user input in
    nsim_dev_health_break_write() (bsc#1235587).
  * CVE-2024-56715: ionic: Fix netdev notifier unregister on failure
    (bsc#1235612).
  * CVE-2024-56712: udmabuf: fix memory leak on last export_udmabuf() error path
    (bsc#1235565).
  * CVE-2024-56708: EDAC/igen6: Avoid segmentation fault on module unload
    (bsc#1235564).
  * CVE-2024-56707: octeontx2-pf: handle otx2_mbox_get_rsp errors in
    otx2_dmac_flt.c (bsc#1235545).
  * CVE-2024-56704: 9p/xen: fix release of IRQ (bsc#1235584).
  * CVE-2024-56694: bpf: fix recursive lock when verdict program return SK_PASS
    (bsc#1235412).
  * CVE-2024-56693: brd: defer automatic disk creation until module
    initialization succeeds (bsc#1235418).
  * CVE-2024-56679: octeontx2-pf: handle otx2_mbox_get_rsp errors in
    otx2_common.c (bsc#1235498).
  * CVE-2024-56675: bpf: Fix UAF via mismatching bpf_prog/attachment RCU flavors
    (bsc#1235555).
  * CVE-2024-56665: bpf,perf: Fix invalid prog_array access in
    perf_event_detach_bpf_prog (bsc#1235489).
  * CVE-2024-56664: bpf, sockmap: Fix race between element replace and close()
    (bsc#1235249).
  * CVE-2024-56660: net/mlx5: DR, prevent potential error pointer dereference
    (bsc#1235437).
  * CVE-2024-56659: net: lapb: increase LAPB_HEADER_LEN (bsc#1235439).
  * CVE-2024-56658: net: defer final 'struct net' free in netns dismantle
    (bsc#1235441).
  * CVE-2024-56656: bnxt_en: Fix aggregation ID mask to prevent oops on 5760X
    chips (bsc#1235444).
  * CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check()
    (bsc#1235430).
  * CVE-2024-56649: net: enetc: Do not configure preemptible TCs if SIs do not
    support (bsc#1235449).
  * CVE-2024-56648: net: hsr: avoid potential out-of-bound access in
    fill_frame_info() (bsc#1235451).
  * CVE-2024-56643: dccp: Fix memory leak in dccp_feat_change_recv
    (bsc#1235132).
  * CVE-2024-56641: net/smc: initialize close_work early to avoid warning
    (bsc#1235526).
  * CVE-2024-56637: netfilter: ipset: Hold module reference while requesting a
    module (bsc#1235523).
  * CVE-2024-56636: geneve: do not assume mac header is set in geneve_xmit_skb()
    (bsc#1235520).
  * CVE-2024-56635: net: avoid potential UAF in default_operstate()
    (bsc#1235519).
  * CVE-2024-56631: scsi: sg: Fix slab-use-after-free read in sg_release()
    (bsc#1235480).
  * CVE-2024-56622: scsi: ufs: core: sysfs: Prevent div by zero (bsc#1235251).
  * CVE-2024-56620: scsi: ufs: qcom: Only free platform MSIs when ESI is enabled
    (bsc#1235227).
  * CVE-2024-56617: cacheinfo: Allocate memory during CPU hotplug if not done
    from the primary CPU (bsc#1235429).
  * CVE-2024-56615: bpf: fix OOB devmap writes when deleting elements
    (bsc#1235426).
  * CVE-2024-56614: xsk: fix OOB map writes when deleting elements
    (bsc#1235424).
  * CVE-2024-56611: mm/mempolicy: fix migrate_to_node() assuming there is at
    least one VMA in a MM (bsc#1235391).
  * CVE-2024-56610: kcsan: Turn report_filterlist_lock into a raw_spinlock
    (bsc#1235390).
  * CVE-2024-56608: drm/amd/display: Fix out-of-bounds access in
    'dcn21_link_encoder_create' (bsc#1235487).
  * CVE-2024-56603: net: af_can: do not leave a dangling sk pointer in
    can_create() (bsc#1235415).
  * CVE-2024-56602: net: ieee802154: do not leave a dangling sk pointer in
    ieee802154_create() (bsc#1235521).
  * CVE-2024-56601: net: inet: do not leave a dangling sk pointer in
    inet_create() (bsc#1235230).
  * CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in
    inet6_create() (bsc#1235217).
  * CVE-2024-56592: bpf: Call free_htab_elem() after htab_unlock_bucket()
    (bsc#1235244).
  * CVE-2024-56589: scsi: hisi_sas: Add cond_resched() for no forced preemption
    model (bsc#1235241).
  * CVE-2024-56588: scsi: hisi_sas: Create all dump files during debugfs
    initialization (bsc#1235123).
  * CVE-2024-56570: ovl: Filter invalid inodes with missing lookup function
    (bsc#1235035).
  * CVE-2024-56569: ftrace: Fix regression with module command in
    stack_trace_filter (bsc#1235031).
  * CVE-2024-56568: iommu/arm-smmu: Defer probe of clients after smmu device
    bound (bsc#1235032).
  * CVE-2024-56372: net: tun: fix tun_napi_alloc_frags() (bsc#1235753).
  * CVE-2024-55881: KVM: x86: Play nice with protected guests in
    complete_hypercall_exit() (bsc#1235745).
  * CVE-2024-55639: net: renesas: rswitch: avoid use-after-put for a device tree
    node (bsc#1235737).
  * CVE-2024-53685: ceph: give up on paths longer than PATH_MAX (bsc#1235720).
  * CVE-2024-53236: xsk: Free skb when TX metadata options are invalid
    (bsc#1235000).
  * CVE-2024-53232: iommu/s390: Implement blocking domain (bsc#1235050).
  * CVE-2024-53227: scsi: bfa: Fix use-after-free in bfad_im_module_exit()
    (bsc#1235011).
  * CVE-2024-53203: usb: typec: fix potential array underflow in
    ucsi_ccg_sync_control() (bsc#1235001).
  * CVE-2024-53198: xen: Fix the issue of resource not being properly released
    in xenbus_dev_probe() (bsc#1234923).
  * CVE-2024-53196: KVM: arm64: Do not retire aborted MMIO instruction
    (bsc#1234906).
  * CVE-2024-53195: KVM: arm64: Get rid of userspace_irqchip_in_use
    (bsc#1234957).
  * CVE-2024-53187: io_uring: check for overflows in io_pin_pages (bsc#1234947).
  * CVE-2024-53185: smb: client: fix NULL ptr deref in crypto_aead_setkey()
    (bsc#1234901).
  * CVE-2024-53175: ipc: fix memleak if msg_init_ns failed in create_ipc_ns
    (bsc#1234893).
  * CVE-2024-53172: ubi: fastmap: Fix duplicate slab cache names while attaching
    (bsc#1234898).
  * CVE-2024-53170: block: fix uaf for flush rq while iterating tags
    (bsc#1234888).
  * CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1234863).
  * CVE-2024-53091: bpf: Add sk_is_inet and IS_ICSK check in
    tls_sw_has_ctx_tx/rx (bsc#1233638).
  * CVE-2024-50304: ipv4: ip_tunnel: Fix suspicious RCU usage warning in
    ip_tunnel_find() (bsc#1233522).
  * CVE-2024-50299: sctp: properly validate chunk size in sctp_sf_ootb()
    (bsc#1233488).
  * CVE-2024-50258: net: fix crash when config small
    gso_max_size/gso_ipv4_max_size (bsc#1233221).
  * CVE-2024-50251: netfilter: nft_payload: sanitize offset and length before
    calling skb_checksum() (bsc#1233248).
  * CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unuse_vma (bsc#1233112).
  * CVE-2024-50151: smb: client: fix OOBs when building SMB2_IOCTL request
    (bsc#1233055).
  * CVE-2024-49998: net: dsa: improve shutdown sequence (bsc#1232087).
  * CVE-2024-49978: gso: fix udp gso fraglist segmentation after pull from
    frag_list (bsc#1232101).
  * CVE-2024-49951: Bluetooth: MGMT: Fix possible crash on mgmt_index_removed
    (bsc#1232158).
  * CVE-2024-49948: net: add more sanity checks to qdisc_pkt_len_init()
    (bsc#1232161).
  * CVE-2024-48881: bcache: revert replacing IS_ERR_OR_NULL with IS_ERR again
    (bsc#1235727).
  * CVE-2024-46858: mptcp: pm: Fix uaf in __timer_delete_sync (bsc#1231088).
  * CVE-2024-45828: i3c: mipi-i3c-hci: Mask ring interrupts before ring stop
    request (bsc#1235705).
  * CVE-2024-26810: vfio/pci: Lock external INTx masking ops (bsc#1222803).
  * CVE-2023-52489: mm/sparsemem: fix race in accessing memory_section->usage
    (bsc#1221326).

The following non-security bugs were fixed:

  * ACPI/IORT: Add PMCG platform information for HiSilicon HIP09A (stable-
    fixes).
  * ACPI/IORT: Add PMCG platform information for HiSilicon HIP10/11 (stable-
    fixes).
  * ACPI: PCC: Add PCC shared memory region command and status bitfields
    (stable-fixes).
  * ACPI: fan: cleanup resources in the error path of .probe() (git-fixes).
  * ACPI: resource: Add Asus Vivobook X1504VAP to irq1_level_low_skip_override[]
    (stable-fixes).
  * ACPI: resource: Add TongFang GM5HG0A to irq1_edge_low_force_override[]
    (stable-fixes).
  * ACPI: resource: acpi_dev_irq_override(): Check DMI match last (stable-
    fixes).
  * ALSA: hda/realtek - Add support for ASUS Zen AIO 27 Z272SD_A272SD audio
    (stable-fixes).
  * ALSA: hda/realtek - Fixed headphone distorted sound on Acer Aspire A115-31
    laptop (git-fixes).
  * ALSA: hda/realtek: Add new alc2xx-fixup-headset-mic model (stable-fixes).
  * ALSA: hda/realtek: Add support for Ayaneo System using CS35L41 HDA (stable-
    fixes).
  * ALSA: hda/realtek: Add support for Galaxy Book2 Pro (NP950XEE) (stable-
    fixes).
  * ALSA: hda/realtek: Enable Mute LED on HP Laptop 14s-fq1xxx (stable-fixes).
  * ALSA: hda/realtek: Enable headset mic on Positivo C6400 (stable-fixes).
  * ALSA: hda/realtek: Workaround for resume on Dell Venue 11 Pro 7130
    (bsc#1235686).
  * ALSA: hda: Fix headset detection failure due to unstable sort (git-fixes).
  * ALSA: ump: Use guard() for locking (stable-fixes).
  * ALSA: usb-audio: Add delay quirk for USB Audio Device (stable-fixes).
  * ALSA: usb-audio: Add delay quirk for iBasso DC07 Pro (stable-fixes).
  * ASoC: Intel: avs: Fix theoretical infinite loop (git-fixes).
  * ASoC: acp: Support microphone from Lenovo Go S (stable-fixes).
  * ASoC: mediatek: disable buffer pre-allocation (stable-fixes).
  * ASoC: rockchip: i2s_tdm: Re-add the set_sysclk callback (git-fixes).
  * ASoC: rt722: add delay time to wait for the calibration procedure (stable-
    fixes).
  * ASoC: samsung: Add missing depends on I2C (git-fixes).
  * ASoC: samsung: Add missing selects for MFD_WM8994 (stable-fixes).
  * ASoC: sun4i-spdif: Add clock multiplier settings (git-fixes).
  * ASoC: wm8994: Add depends on MFD core (stable-fixes).
  * Align git commit ID abbreviation guidelines and checks (git-fixes).
  * Bluetooth: Add support ITTIM PE50-M75C (stable-fixes).
  * Bluetooth: L2CAP: accept zero as a special value for MTU auto-selection
    (git-fixes).
  * Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc (git-fixes).
  * Bluetooth: MGMT: Fix Add Device to responding before completing (git-fixes).
  * Bluetooth: btnxpuart: Fix driver sending truncated data (git-fixes).
  * Bluetooth: btnxpuart: Fix glitches seen in dual A2DP streaming (git-fixes).
  * Bluetooth: btusb: Add USB HW IDs for MT7921/MT7922/MT7925 (stable-fixes).
  * Bluetooth: btusb: Add new VID/PID 0489/e111 for MT7925 (stable-fixes).
  * Bluetooth: btusb: Add new VID/PID 13d3/3602 for MT7925 (stable-fixes).
  * Bluetooth: btusb: add callback function in btusb suspend/resume (stable-
    fixes).
  * Bluetooth: btusb: mediatek: add callback function in btusb_disconnect
    (stable-fixes).
  * Bluetooth: hci_sync: Fix not setting Random Address when required (git-
    fixes).
  * EDAC/{i10nm,skx,skx_common}: Support UV systems (bsc#1234693).
  * HID: core: Fix assumption that Resolution Multipliers must be in Logical
    Collections (git-fixes).
  * HID: fix generic desktop D-Pad controls (git-fixes).
  * HID: hid-sensor-hub: do not use stale platform-data on remove (git-fixes).
  * HID: hid-thrustmaster: Fix warning in thrustmaster_probe by adding endpoint
    check (git-fixes).
  * HID: multitouch: fix support for Goodix PID 0x01e9 (git-fixes).
  * Input: atkbd - map F23 key to support default copilot shortcut (stable-
    fixes).
  * Input: bbnsm_pwrkey - add remove hook (git-fixes).
  * Input: bbnsm_pwrkey - fix missed key press after suspend (git-fixes).
  * Input: davinci-keyscan - remove leftover header (git-fixes).
  * Input: xpad - add QH Electronics VID/PID (stable-fixes).
  * Input: xpad - add support for Nacon Evol-X Xbox One Controller (stable-
    fixes).
  * Input: xpad - add support for Nacon Pro Compact (stable-fixes).
  * Input: xpad - add support for wooting two he (arm) (stable-fixes).
  * Input: xpad - add unofficial Xbox 360 wireless receiver clone (stable-
    fixes).
  * Input: xpad - improve name of 8BitDo controller 2dc8:3106 (stable-fixes).
  * KVM: SVM: Allow guest writes to set MSR_AMD64_DE_CFG bits (bsc#1234635).
  * KVM: s390: Reject KVM_SET_GSI_ROUTING on ucontrol VMs (git-fixes
    bsc#1235776).
  * KVM: s390: Reject setting flic pfault attributes on ucontrol VMs (git-fixes
    bsc#1235777).
  * KVM: s390: vsie: fix virtual/physical address in unpin_scb() (git-fixes
    bsc#1235778).
  * NFC: nci: Add bounds checking in nci_hci_create_pipe() (git-fixes).
  * NFSv4.2: fix COPY_NOTIFY xdr buf size calculation (git-fixes).
  * NFSv4.2: mark OFFLOAD_CANCEL MOVEABLE (git-fixes).
  * PCI: Avoid putting some root ports into D3 on TUXEDO Sirius Gen1 (git-
    fixes).
  * PCI: dwc: Always stop link in the dw_pcie_suspend_noirq (git-fixes).
  * PCI: dwc: ep: Prevent changing BAR size/flags in pci_epc_set_bar() (git-
    fixes).
  * PCI: dwc: ep: Write BAR_MASK before iATU registers in pci_epc_set_bar()
    (git-fixes).
  * PCI: endpoint: Destroy the EPC device in devm_pci_epc_destroy() (git-fixes).
  * PCI: endpoint: Finish virtual EP removal in pci_epf_remove_vepf() (git-
    fixes).
  * PCI: endpoint: pci-epf-test: Fix check for DMA MEMCPY test (git-fixes).
  * PCI: endpoint: pci-epf-test: Set dma_chan_rx pointer to NULL on error (git-
    fixes).
  * PCI: imx6: Deassert apps_reset in imx_pcie_deassert_core_reset() (git-
    fixes).
  * PCI: imx6: Skip controller_id generation logic for i.MX7D (git-fixes).
  * PCI: microchip: Set inbound address translation for coherent or non-coherent
    mode (git-fixes).
  * PCI: rcar-ep: Fix incorrect variable used when calling
    devm_request_mem_region() (git-fixes).
  * PM: hibernate: Add error handling for syscore_suspend() (git-fixes).
  * RDMA/bnxt_re: Add send queue size check for variable wqe (git-fixes)
  * RDMA/bnxt_re: Fix MSN table size for variable wqe mode (git-fixes)
  * RDMA/bnxt_re: Fix max SGEs for the Work Request (git-fixes)
  * RDMA/bnxt_re: Fix the max WQE size for static WQE support (git-fixes)
  * RDMA/bnxt_re: Fix the max WQEs used in Static WQE mode (git-fixes)
  * RDMA/bnxt_re: Fix to drop reference to the mmap entry in case of error (git-
    fixes)
  * RDMA/bnxt_re: Fix to export port num to ib_query_qp (git-fixes)
  * RDMA/mlx4: Avoid false error about access to uninitialized gids array (git-
    fixes)
  * RDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error (git-
    fixes)
  * RDMA/mlx5: Fix implicit ODP use after free (git-fixes)
  * RDMA/mlx5: Fix indirect mkey ODP page count (git-fixes)
  * RDMA/rxe: Fix mismatched max_msg_sz (git-fixes)
  * RDMA/rxe: Fix the warning "__rxe_cleanup+0x12c/0x170 [rdma_rxe]" (git-fixes)
  * RDMA/srp: Fix error handling in srp_add_port (git-fixes)
  * Revert "HID: multitouch: Add support for lenovo Y9000P Touchpad" (stable-
    fixes).
  * Revert "drm/i915/dpt: Make DPT object unshrinkable" (stable-fixes).
  * Revert "mtd: spi-nor: core: replace dummy buswidth from addr to data" (git-
    fixes).
  * Revert "usb: gadget: u_serial: Disable ep before setting port to null to fix
    the crash caused by port being null" (stable-fixes).
  * USB: core: Disable LPM only for non-suspended ports (git-fixes).
  * USB: serial: cp210x: add Phoenix Contact UPS Device (stable-fixes).
  * USB: serial: option: add MeiG Smart SRM815 (stable-fixes).
  * USB: serial: option: add Neoway N723-EA support (stable-fixes).
  * USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() (git-
    fixes).
  * USB: usblp: return error when setting unsupported protocol (git-fixes).
  * VFS: use system_unbound_wq for delayed_mntput (bsc#1234683).
  * VMCI: fix reference to ioctl-number.rst (git-fixes).
  * afs: Fix EEXIST error returned from afs_rmdir() to be ENOTEMPTY (git-fixes).
  * afs: Fix cleanup of immediately failed async calls (git-fixes).
  * afs: Fix directory format encoding struct (git-fixes).
  * afs: Fix the fallback handling for the YFS.RemoveFile2 RPC call (git-fixes).
  * afs: Fix the maximum cell name length (git-fixes).
  * arm64/sme: Move storage of reg_smidr to __cpuinfo_store_cpu() (git-fixes)
  * arm64: Filter out SVE hwcaps when FEAT_SVE isn't implemented (git-fixes)
  * arm64: Kconfig: Make SME depend on BROKEN for now (git-fixes bsc#1236245).
  * arm64: dts: rockchip: Add sdmmc/sdio/emmc reset controls for RK3328 (git-
    fixes)
  * arm64: dts: rockchip: add hevc power domain clock to rk3328 (git-fixes).
  * arm64: dts: rockchip: increase gmac rx_delay on rk3399-puma (git-fixes)
  * arm64: ptrace: fix partial SETREGSET for NT_ARM_TAGGED_ADDR_CTRL (git-
    fixes).
  * arm64: tegra: Disable Tegra234 sce-fabric node (git-fixes)
  * arm64: tegra: Fix Tegra234 PCIe interrupt-map (git-fixes)
  * arm64: tegra: Fix typo in Tegra234 dce-fabric compatible (git-fixes)
  * ata: libata-core: Set ATA_QCFLAG_RTF_FILLED in fill_result_tf() (stable-
    fixes).
  * bnxt_en: Fix GSO type for HW GRO packets on 5750X chips (git-fixes)
  * btrfs: fix use-after-free in btrfs_encoded_read_endio() (bsc#1235445).
  * btrfs: fix use-after-free waiting for encoded read endios (bsc#1235445).
  * bus: mhi: host: Free mhi_buf vector inside mhi_alloc_bhie_table() (git-
    fixes).
  * ceph: improve error handling and short/overflow-read logic in
    __ceph_sync_read() (bsc#1228592).
  * cleanup: Add conditional guard support (stable-fixes).
  * cleanup: Adjust scoped_guard() macros to avoid potential warning (stable-
    fixes).
  * cleanup: Remove address space of returned pointer (git-fixes).
  * cpufreq: ACPI: Fix max-frequency computation (git-fixes).
  * cpufreq: Do not unregister cpufreq cooling on CPU hotplug (git-fixes).
  * cpufreq: amd-pstate: remove global header file (git-fixes).
  * cpufreq: intel_pstate: Check turbo_is_disabled() in store_no_turbo()
    (bsc#1234619).
  * cpufreq: intel_pstate: Do not update global.turbo_disabled after
    initialization (bsc#1234619).
  * cpufreq: intel_pstate: Drop redundant locking from
    intel_pstate_driver_cleanup() (bsc#1234619).
  * cpufreq: intel_pstate: Fix unchecked HWP MSR access (bsc#1234619).
  * cpufreq: intel_pstate: Fold intel_pstate_max_within_limits() into caller
    (bsc#1234619).
  * cpufreq: intel_pstate: Get rid of unnecessary READ_ONCE() annotations
    (bsc#1234619).
  * cpufreq: intel_pstate: Make hwp_notify_lock a raw spinlock (git-fixes).
  * cpufreq: intel_pstate: Read global.no_turbo under READ_ONCE() (bsc#1234619).
  * cpufreq: intel_pstate: Rearrange show_no_turbo() and store_no_turbo()
    (bsc#1234619).
  * cpufreq: intel_pstate: Refine computation of P-state for given frequency
    (bsc#1234619).
  * cpufreq: intel_pstate: Replace three global.turbo_disabled checks
    (bsc#1234619).
  * cpufreq: intel_pstate: Revise global turbo disable check (bsc#1234619).
  * cpufreq: intel_pstate: Simplify spinlock locking (bsc#1234619).
  * cpufreq: intel_pstate: Update the maximum CPU frequency consistently
    (bsc#1234619).
  * cpufreq: intel_pstate: Use HWP to initialize ITMT if CPPC is missing (git-
    fixes).
  * cpufreq: intel_pstate: Use __ro_after_init for three variables
    (bsc#1234619).
  * cpufreq: intel_pstate: Wait for canceled delayed work to complete
    (bsc#1234619).
  * cpufreq: intel_pstate: fix pstate limits enforcement for adjust_perf call
    back (git-fixes).
  * cpuidle: Avoid potential overflow in integer multiplication (git-fixes).
  * cpupower: fix TSC MHz calculation (git-fixes).
  * crypto: caam - use JobR's space to access page 0 regs (git-fixes).
  * crypto: ecc - Prevent ecc_digits_from_bytes from reading too many bytes
    (git-fixes).
  * crypto: ecdsa - Avoid signed integer overflow on signature decoding (stable-
    fixes).
  * crypto: ecdsa - Convert byte arrays with key coordinates to digits (stable-
    fixes).
  * crypto: ecdsa - Rename keylen to bufsize where necessary (stable-fixes).
  * crypto: ecdsa - Use ecc_digits_from_bytes to convert signature (stable-
    fixes).
  * crypto: iaa - Fix IAA disabling that occurs when sync_mode is set to 'async'
    (git-fixes).
  * crypto: ixp4xx - fix OF node reference leaks in init_ixp_crypto() (git-
    fixes).
  * crypto: qce - fix goto jump in error path (git-fixes).
  * crypto: qce - fix priority to be less than ARMv8 CE (git-fixes).
  * crypto: qce - unregister previously registered algos in error path (git-
    fixes).
  * devcoredump: cleanup some comments (git-fixes).
  * dlm: fix possible lkb_resource null dereference (git-fixes).
  * dmaengine: ti: edma: fix OF node reference leaks in edma_driver (git-fixes).
  * docs: media: update location of the media patches (stable-fixes).
  * docs: power: Fix footnote reference for Toshiba Satellite P10-554 (git-
    fixes).
  * driver core: class: Fix wild pointer dereferences in API
    class_dev_iter_next() (git-fixes).
  * drivers/card_reader/rtsx_usb: Restore interrupt based detection (git-fixes).
  * drm/amd/display: Add check for granularity in dml ceil/floor helpers
    (stable-fixes).
  * drm/amd/display: Fix DSC-re-computing (stable-fixes).
  * drm/amd/display: Fix incorrect DSC recompute trigger (stable-fixes).
  * drm/amd/display: Use HW lock mgr for PSR1 (stable-fixes).
  * drm/amd/display: increase MAX_SURFACES to the value supported by hw (stable-
    fixes).
  * drm/amd/pm: Fix an error handling path in
    vega10_enable_se_edc_force_stall_config() (git-fixes).
  * drm/amdgpu/vcn: reset fw_shared under SRIOV (git-fixes).
  * drm/amdgpu: Fix potential NULL pointer dereference in
    atomctrl_get_smc_sclk_range_table (git-fixes).
  * drm/amdgpu: always sync the GFX pipe on ctx switch (stable-fixes).
  * drm/amdgpu: simplify return statement in amdgpu_ras_eeprom_init (git-fixes).
  * drm/amdgpu: tear down ttm range manager for doorbell in amdgpu_ttm_fini()
    (git-fixes).
  * drm/amdkfd: Correct the migration DMA map direction (stable-fixes).
  * drm/amdkfd: fixed page fault when enable MES shader debugger (git-fixes).
  * drm/bridge: it6505: Change definition of AUX_FIFO_MAX_SIZE (git-fixes).
  * drm/etnaviv: Fix page property being used for non writecombine buffers (git-
    fixes).
  * drm/i915/fb: Relax clear color alignment to 64 bytes (stable-fixes).
  * drm/mediatek: Add return value check when reading DPCD (git-fixes).
  * drm/mediatek: Add support for 180-degree rotation in the display driver
    (git-fixes).
  * drm/mediatek: Fix YCbCr422 color format issue for DP (git-fixes).
  * drm/mediatek: Fix mode valid issue for dp (git-fixes).
  * drm/mediatek: Set private->all_drm_private[i]->drm to NULL if mtk_drm_bind
    returns err (git-fixes).
  * drm/mediatek: mtk_dsi: Add registers to pdata to fix MT8186/MT8188 (git-
    fixes).
  * drm/mediatek: stop selecting foreign drivers (git-fixes).
  * drm/msm/dp: set safe_to_exit_level before printing it (git-fixes).
  * drm/msm/dpu: link DSPP_2/_3 blocks on SC8180X (git-fixes).
  * drm/msm/dpu: link DSPP_2/_3 blocks on SM8150 (git-fixes).
  * drm/msm/dpu: link DSPP_2/_3 blocks on SM8250 (git-fixes).
  * drm/msm/dpu: link DSPP_2/_3 blocks on SM8350 (git-fixes).
  * drm/msm/dpu: link DSPP_2/_3 blocks on SM8550 (git-fixes).
  * drm/msm: Check return value of of_dma_configure() (git-fixes).
  * drm/msm: do not clean up priv->kms prematurely (git-fixes).
  * drm/rcar-du: dsi: Fix PHY lock bit check (git-fixes).
  * drm/rockchip: cdn-dp: Use drm_connector_helper_hpd_irq_event() (git-fixes).
  * drm/rockchip: vop2: Check linear format for Cluster windows on rk3566/8
    (git-fixes).
  * drm/rockchip: vop2: Fix cluster windows alpha ctrl regsiters offset (git-
    fixes).
  * drm/rockchip: vop2: Fix the mixer alpha setup for layer 0 (git-fixes).
  * drm/tidss: Clear the interrupt status for interrupts being disabled (git-
    fixes).
  * drm/tidss: Fix issue in irq handling causing irq-flood issue (git-fixes).
  * drm/v3d: Assign job pointer to NULL before signaling the fence (git-fixes).
  * drm/v3d: Ensure job pointer is set to NULL after job completion (git-fixes).
  * drm/v3d: Stop active perfmon if it is being destroyed (git-fixes).
  * drm/vmwgfx: Add new keep_resv BO param (git-fixes).
  * exfat: ensure that ctime is updated whenever the mtime is (git-fixes).
  * exfat: fix the infinite loop in __exfat_free_cluster() (git-fixes).
  * exfat: fix the infinite loop in exfat_readdir() (git-fixes).
  * fbdev: omapfb: Fix an OF node leak in dss_of_port_get_parent_device() (git-
    fixes).
  * genirq: Make handle_enforce_irqctx() unconditionally available (git-fixes).
  * genksyms: fix memory leak when the same symbol is added from source (git-
    fixes).
  * genksyms: fix memory leak when the same symbol is read from *.symref file
    (git-fixes).
  * gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (git-fixes).
  * gpio: mxc: remove dead code after switch to DT-only (git-fixes).
  * gpio: xilinx: Convert gpio_lock to raw spinlock (git-fixes).
  * gtp: Use for_each_netdev_rcu() in gtp_genl_dump_pdp() (git-fixes).
  * hwmon: (drivetemp) Fix driver producing garbage data when SCSI errors occur
    (git-fixes).
  * hwmon: (drivetemp) Set scsi command timeout to 10s (stable-fixes).
  * hwmon: (tmp513) Fix division of negative numbers (git-fixes).
  * hyperv: Do not overlap the hvcall IO areas in get_vtl() (git-fixes).
  * i2c: core: fix reference leak in i2c_register_adapter() (git-fixes).
  * i2c: i801: Add support for Intel Arrow Lake-H (stable-fixes).
  * i2c: i801: Add support for Intel Panther Lake (stable-fixes).
  * i2c: mux: demux-pinctrl: check initial mux selection, too (git-fixes).
  * i2c: rcar: fix NACK handling when being a target (git-fixes).
  * i2c: xgene-slimpro: Migrate to use generic PCC shmem related macros (stable-
    fixes).
  * ibmvnic: Free any outstanding tx skbs during scrq reset (bsc#1226980).
  * ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe()
    (git-fixes).
  * iio: adc: ad7124: Disable all channels at probe time (git-fixes).
  * iio: adc: ad_sigma_delta: Handle CS assertion as intended in
    ad_sd_read_reg_raw() (git-fixes).
  * iio: adc: at91: call input_free_device() on allocated iio_dev (git-fixes).
  * iio: adc: rockchip_saradc: fix information leak in triggered buffer (git-
    fixes).
  * iio: adc: ti-ads124s08: Use gpiod_set_value_cansleep() (git-fixes).
  * iio: adc: ti-ads8688: fix information leak in triggered buffer (git-fixes).
  * iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered
    buffer (git-fixes).
  * iio: gyro: fxas21002c: Fix missing data update in trigger handler (git-
    fixes).
  * iio: iio-mux: kzalloc instead of devm_kzalloc to ensure page alignment (git-
    fixes).
  * iio: imu: kmx61: fix information leak in triggered buffer (git-fixes).
  * iio: inkern: call iio_device_put() only on mapped devices (git-fixes).
  * iio: light: as73211: fix channel handling in only-color triggered buffer
    (git-fixes).
  * iio: light: vcnl4035: fix information leak in triggered buffer (git-fixes).
  * iio: pressure: zpa2326: fix information leak in triggered buffer (git-
    fixes).
  * iio: test : check null return of kunit_kmalloc in iio_rescale_test_scale
    (git-fixes).
  * intel_th: core: fix kernel-doc warnings (git-fixes).
  * ipmi: ipmb: Add check devm_kasprintf() returned value (git-fixes).
  * ipmi: ssif_bmc: Fix new request loss when bmc ready for a response (git-
    fixes).
  * irqchip/gic-v3: Force propagation of the active state with a read-back
    (stable-fixes).
  * irqchip/gic: Correct declaration of *percpu_base pointer in union gic_base
    (stable-fixes).
  * kABI workaround for struct auto_pin_cfg_item change (git-fixes).
  * kconfig: fix file name in warnings when loading KCONFIG_DEFCONFIG_LIST (git-
    fixes).
  * kheaders: Ignore silly-rename files (stable-fixes).
  * ktest.pl: Avoid false positives with grub2 skip regex (stable-fixes).
  * ktest.pl: Check kernelrelease return in get_version (git-fixes).
  * ktest.pl: Fix typo "accesing" (git-fixes).
  * ktest.pl: Fix typo in comment (git-fixes).
  * ktest.pl: Remove unused declarations in run_bisect_test function (git-
    fixes).
  * ktest: force $buildonly = 1 for 'make_warnings_file' test type (stable-
    fixes).
  * landlock: Handle weird files (git-fixes).
  * latencytop: use correct kernel-doc format for func params (git-fixes).
  * leds: lp8860: Write full EEPROM, not only half of it (git-fixes).
  * leds: netxbig: Fix an OF node reference leak in netxbig_leds_get_of_pdata()
    (git-fixes).
  * lib/inflate.c: remove dead code (git-fixes).
  * lib/stackdepot: print disabled message only if truly disabled (git-fixes).
  * mac802154: check local interfaces before deleting sdata list (stable-fixes).
  * mailbox: pcc: Add support for platform notification handling (stable-fixes).
  * mailbox: pcc: Support shared interrupt for multiple subspaces (stable-
    fixes).
  * mailbox: tegra-hsp: Clear mailbox before using message (git-fixes).
  * maple_tree: simplify split calculation (git-fixes).
  * media: camif-core: Add check for clk_enable() (git-fixes).
  * media: ccs: Clean up parsed CCS static data on parse failure (git-fixes).
  * media: ccs: Fix CCS static data parsing for large block sizes (git-fixes).
  * media: ccs: Fix cleanup order in ccs_probe() (git-fixes).
  * media: dvb-usb-v2: af9035: fix ISO C90 compilation error on
    af9035_i2c_master_xfer (git-fixes).
  * media: dvb: mb86a16: check the return value of mb86a16_read() (git-fixes).
  * media: firewire: firedtv-avc.c: replace BUG with proper, error return (git-
    fixes).
  * media: i2c: imx412: Add missing newline to prints (git-fixes).
  * media: i2c: ov9282: Correct the exposure offset (git-fixes).
  * media: imx-jpeg: Fix potential error pointer dereference in detach_pm()
    (git-fixes).
  * media: imx296: Add standby delay during probe (git-fixes).
  * media: lmedm04: Handle errors for lme2510_int_read (git-fixes).
  * media: marvell: Add check for clk_enable() (git-fixes).
  * media: mc: fix endpoint iteration (git-fixes).
  * media: mipi-csis: Add check for clk_enable() (git-fixes).
  * media: nxp: imx8-isi: fix v4l2-compliance test errors (git-fixes).
  * media: ov08x40: Fix hblank out of range issue (git-fixes).
  * media: ov5640: fix get_light_freq on auto (git-fixes).
  * media: rc: iguanair: handle timeouts (git-fixes).
  * media: rkisp1: Fix unused value issue (git-fixes).
  * media: uvcvideo: Drop uvcvideo fix due to regression (bsc#1235894)
  * media: uvcvideo: Fix crash during unbind if gpio unit is in use (git-fixes).
  * media: uvcvideo: Fix double free in error path (git-fixes).
  * media: uvcvideo: Fix event flags in uvc_ctrl_send_events (git-fixes).
  * media: uvcvideo: Force UVC version to 1.0a for 0408:4035 (stable-fixes).
  * media: uvcvideo: Only save async fh if success (git-fixes).
  * media: uvcvideo: Propagate buf->error to userspace (git-fixes).
  * media: uvcvideo: Remove dangling pointers (git-fixes).
  * media: uvcvideo: Remove redundant NULL assignment (git-fixes).
  * media: uvcvideo: Support partial control reads (git-fixes).
  * memory tiering: count PGPROMOTE_SUCCESS when mem tiering is enabled (git-
    fixes).
  * memory-failure: use a folio in me_huge_page() (git-fixes).
  * memory: tegra20-emc: fix an OF node reference bug in
    tegra_emc_find_node_by_ram_code() (git-fixes).
  * misc: fastrpc: Deregister device nodes properly in error scenarios (git-
    fixes).
  * misc: fastrpc: Fix copy buffer page size (git-fixes).
  * misc: fastrpc: Fix registered buffer page address (git-fixes).
  * misc: microchip: pci1xxxx: Resolve kernel panic during GPIO IRQ handling
    (git-fixes).
  * misc: microchip: pci1xxxx: Resolve return code mismatch during GPIO set
    config (git-fixes).
  * misc: misc_minor_alloc to use ida for all dynamic/misc dynamic minors (git-
    fixes).
  * mm, kmsan: fix infinite recursion due to RCU critical section (git-fixes).
  * mm,page_owner: do not remove __GFP_NOLOCKDEP in add_stack_record_to_list
    (git-fixes).
  * mm/compaction: fix UBSAN shift-out-of-bounds warning (git fixes
    (mm/compaction)).
  * mm/memory-failure: cast index to loff_t before shifting it (git-fixes).
  * mm/memory-failure: check the mapcount of the precise page (git-fixes).
  * mm/memory-failure: fix crash in split_huge_page_to_list from
    soft_offline_page (git-fixes).
  * mm/memory-failure: pass the folio and the page to collect_procs() (git-
    fixes).
  * mm/memory-failure: use raw_spinlock_t in struct memory_failure_cpu (git-
    fixes).
  * mm/memory_hotplug: add missing mem_hotplug_lock (git-fixes).
  * mm/memory_hotplug: fix error handling in add_memory_resource() (git-fixes).
  * mm/memory_hotplug: prevent accessing by index=-1 (git-fixes).
  * mm/memory_hotplug: use pfn math in place of direct struct page manipulation
    (git-fixes).
  * mm/migrate: correct nr_failed in migrate_pages_sync() (git-fixes).
  * mm/migrate: fix deadlock in migrate_pages_batch() on large folios (git-
    fixes).
  * mm/migrate: putback split folios when numa hint migration fails (git-fixes).
  * mm/migrate: split source folio if it is on deferred split list (git-fixes).
  * mm/page_owner: remove free_ts from page_owner output (git-fixes).
  * mm/rodata_test: use READ_ONCE() to read const variable (git-fixes).
  * mm: convert DAX lock/unlock page to lock/unlock folio (git-fixes).
  * mm: memory-failure: ensure moving HWPoison flag to the raw error pages (git-
    fixes).
  * mm: memory-failure: fetch compound head after extra page refcnt is held
    (git-fixes).
  * mm: memory-failure: fix potential page refcnt leak in memory_failure() (git-
    fixes).
  * mm: memory-failure: fix race window when trying to get hugetlb folio (git-
    fixes).
  * mm: memory-failure: remove unneeded PageHuge() check (git-fixes).
  * mm: prevent derefencing NULL ptr in pfn_section_valid() (git-fixes).
  * modpost: fix the missed iteration for the max bit in do_input() (git-fixes).
  * mtd: onenand: Fix uninitialized retlen in do_otp_read() (git-fixes).
  * mtd: spinand: Remove write_enable_op() in markbad() (git-fixes).
  * net/rose: prevent integer overflows in rose_setsockopt() (git-fixes).
  * net: mana: Add get_link and get_link_ksettings in ethtool (bsc#1236761).
  * net: mana: Cleanup "mana" debugfs dir after cleanup of all children
    (bsc#1236760).
  * net: mana: Enable debugfs files for MANA device (bsc#1236758).
  * net: netvsc: Update default VMBus channels (bsc#1236757).
  * net: phy: c45-tjaxx: add delay between MDIO write and read in soft_reset
    (git-fixes).
  * net: rose: fix timer races against user threads (git-fixes).
  * net: usb: qmi_wwan: add Telit FE910C04 compositions (stable-fixes).
  * net: usb: rtl8150: enable basic endpoint checking (git-fixes).
  * net: wwan: iosm: Properly check for valid exec stage in ipc_mmio_init()
    (git-fixes).
  * net: wwan: t7xx: Fix FSM command timeout issue (git-fixes).
  * netfilter: nf_tables: validate family when identifying table via handle
    (bsc#1233778 ZDI-24-1454).
  * nilfs2: fix possible int overflows in nilfs_fiemap() (git-fixes).
  * nvme-tcp: Fix I/O queue cpu spreading for multiple controllers (git-fixes).
  * nvme: Add error check for xa_store in nvme_get_effects_log (git-fixes).
  * nvme: Add error path for xa_store in nvme_init_effects (git-fixes).
  * nvme: fix bogus kzalloc() return check in nvme_init_effects_log() (git-
    fixes).
  * nvmet: propagate npwg topology (git-fixes).
  * ocfs2: temporarily disable upstream patch (bsc#1236138)
  * padata: add pd get/put refcnt helper (git-fixes).
  * padata: avoid UAF for reorder_work (git-fixes).
  * padata: fix UAF in padata_reorder (git-fixes).
  * pinctrl: amd: Take suspend type into consideration which pins are non-wake
    (git-fixes).
  * pinctrl: samsung: fix fwnode refcount cleanup if platform_get_irq_optional()
    fails (git-fixes).
  * platform/x86/amd/pmc: Only disable IRQ1 wakeup where i8042 actually enabled
    it (git-fixes).
  * platform/x86/intel-uncore-freq: Ignore minor version change (bsc#1225897).
  * platform/x86/intel/tpmi: Add defines to get version information
    (bsc#1225897).
  * pm:cpupower: Add missing powercap_set_enabled() stub function (git-fixes).
  * power: ip5xxx_power: Fix return value on ADC read errors (git-fixes).
  * powerpc/iommu: Move pSeries specific functions to pseries/iommu.c
    (bsc#1220711 ltc#205755).
  * powerpc/iommu: Only build sPAPR access functions on pSeries (bsc#1220711
    ltc#205755).
  * powerpc/powernv/pci: Remove MVE code (bsc#1220711 ltc#205755).
  * powerpc/powernv/pci: Remove ioda1 support (bsc#1220711 ltc#205755).
  * powerpc/powernv/pci: Remove last IODA1 defines (bsc#1220711 ltc#205755).
  * powerpc/pseries/eeh: Fix get PE state translation (bsc#1215199).
  * powerpc/pseries/iommu: IOMMU incorrectly marks MMIO range in DDW
    (bsc#1218470 ltc#204531).
  * powerpc/pseries/vas: Add close() callback in vas_vm_ops struct
    (bsc#1234825).
  * pps: add an error check in parport_attach (git-fixes).
  * pps: remove usage of the deprecated ida_simple_xx() API (stable-fixes).
  * printk: Add is_printk_legacy_deferred() (bsc#1236733).
  * printk: Defer legacy printing when holding printk_cpu_sync (bsc#1236733).
  * pwm: stm32-lp: Add check for clk_enable() (git-fixes).
  * pwm: stm32: Add check for clk_enable() (git-fixes).
  * r8169: enable SG/TSO on selected chip versions per default (bsc#1235874).
  * rcu-tasks: Pull sampling of ->percpu_dequeue_lim out of loop (git-fixes)
  * rcu/tree: Defer setting of jiffies during stall reset (git-fixes)
  * rcu: Dump memory object info if callback function is invalid (git-fixes)
  * rcu: Eliminate rcu_gp_slow_unregister() false positive (git-fixes)
  * rcuscale: Move rcu_scale_writer() (git-fixes)
  * rdma/cxgb4: Prevent potential integer overflow on 32bit (git-fixes)
  * regulator: core: Add missing newline character (git-fixes).
  * regulator: of: Implement the unwind path of of_regulator_match() (git-
    fixes).
  * remoteproc: core: Fix ida_free call while not allocated (git-fixes).
  * rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read (git-fixes).
  * rtc: zynqmp: Fix optional clock name property (git-fixes).
  * s390x config: IOMMU_DEFAULT_DMA_LAZY=y (bsc#1235646)
  * samples/landlock: Fix possible NULL dereference in parse_path() (git-fixes).
  * sched/fair: Fix value reported by hot tasks pulled in /proc/schedstat
    (bsc#1235865).
  * sched/fair: Fix value reported by hot tasks pulled in /proc/schedstat -kabi
    (bsc#1235865).
  * scsi: storvsc: Ratelimit warning logs to prevent VM denial of service (git-
    fixes).
  * seccomp: Stub for !CONFIG_SECCOMP (stable-fixes).
  * selftest: media_tests: fix trivial UAF typo (git-fixes).
  * selftests/alsa: Fix circular dependency involving global-timer (stable-
    fixes).
  * selftests/landlock: Fix error message (git-fixes).
  * selftests/mm/cow: modify the incorrect checking parameters (git-fixes).
  * selftests/powerpc: Fix argument order to timer_sub() (git-fixes).
  * selftests: harness: fix printing of mismatch values in __EXPECT() (git-
    fixes).
  * selftests: mptcp: avoid spurious errors on disconnect (git-fixes).
  * selftests: tc-testing: reduce rshift value (stable-fixes).
  * selftests: timers: clocksource-switch: Adapt progress to kselftest framework
    (git-fixes).
  * selinux: Fix SCTP error inconsistency in selinux_socket_bind() (git-fixes).
  * serial: 8250: Adjust the timeout for FIFO mode (git-fixes).
  * serial: sh-sci: Do not probe the serial port if its slot in sci_ports[] is
    in use (git-fixes).
  * serial: sh-sci: Drop __initdata macro for port_cfg (git-fixes).
  * soc: atmel: fix device_node release in atmel_soc_device_init() (git-fixes).
  * soc: mediatek: mtk-devapc: Fix leaking IO map on error paths (git-fixes).
  * soc: qcom: smem_state: fix missing of_node_put in error path (git-fixes).
  * soc: qcom: socinfo: Avoid out of bounds read of serial number (git-fixes).
  * sound: usb: enable DSD output for ddHiFi TC44C (stable-fixes).
  * sound: usb: format: do not warn that raw DSD is unsupported (stable-fixes).
  * spi: zynq-qspi: Add check for clk_enable() (git-fixes).
  * srcu: Fix srcu_struct node grpmask overflow on 64-bit systems (git-fixes)
  * srcu: Only accelerate on enqueue time (git-fixes)
  * stackdepot: rename pool_index to pool_index_plus_1 (git-fixes).
  * stackdepot: respect __GFP_NOLOCKDEP allocation flag (git-fixes).
  * staging: iio: ad9832: Correct phase range check (git-fixes).
  * staging: iio: ad9834: Correct phase range check (git-fixes).
  * staging: media: imx: fix OF node leak in imx_media_add_of_subdevs() (git-
    fixes).
  * staging: media: max96712: fix kernel oops when removing module (git-fixes).
  * thermal: of: fix OF node leak in of_thermal_zone_find() (git-fixes).
  * thunderbolt: Add support for Intel Lunar Lake (stable-fixes).
  * thunderbolt: Add support for Intel Panther Lake-M/P (stable-fixes).
  * tipc: fix NULL deref in cleanup_bearer() (bsc#1235433).
  * tools: Sync if_xdp.h uapi tooling header (git-fixes).
  * tpm: Map the ACPI provided event log (bsc#1233260 bsc#1233259 bsc#1232421).
  * tty: serial: 8250: Fix another runtime PM usage counter underflow (git-
    fixes).
  * tty: xilinx_uartps: split sysrq handling (git-fixes).
  * ubifs: skip dumping tnc tree when zroot is null (git-fixes).
  * uio: Fix return value of poll (git-fixes).
  * uio: uio_dmem_genirq: check the return value of devm_kasprintf() (git-
    fixes).
  * usb-storage: Add max sectors quirk for Nokia 208 (stable-fixes).
  * usb: chipidea: add CI_HDRC_FORCE_VBUS_ACTIVE_ALWAYS flag (stable-fixes).
  * usb: chipidea: ci_hdrc_imx: decrement device's refcount in .remove() and in
    the error path of .probe() (git-fixes).
  * usb: dwc3-am62: Disable autosuspend during remove (git-fixes).
  * usb: dwc3-am62: Fix an OF node leak in phy_syscon_pll_refclk() (git-fixes).
  * usb: dwc3: gadget: fix writing NYET threshold (git-fixes).
  * usb: fix reference leak in usb_new_device() (git-fixes).
  * usb: gadget: configfs: Ignore trailing LF for user strings to cdev (git-
    fixes).
  * usb: gadget: f_fs: Remove WARN_ON in functionfs_bind (git-fixes).
  * usb: gadget: f_tcm: Decrement command ref count on cleanup (git-fixes).
  * usb: gadget: f_tcm: Do not free command immediately (git-fixes).
  * usb: gadget: f_tcm: Do not prepare BOT write request twice (git-fixes).
  * usb: gadget: f_tcm: Fix Get/SetInterface return value (git-fixes).
  * usb: gadget: f_tcm: Translate error to sense (git-fixes).
  * usb: gadget: f_tcm: ep_autoconfig with fullspeed endpoint (git-fixes).
  * usb: gadget: f_uac2: Fix incorrect setting of bNumEndpoints (git-fixes).
  * usb: gadget: u_serial: Disable ep before setting port to null to fix the
    crash caused by port being null (git-fixes).
  * usb: host: xhci-plat: Assign shared_hcd->rsrc_start (git-fixes).
  * usb: typec: fix pm usage counter imbalance in ucsi_ccg_sync_control()
    (bsc#1235001)
  * usb: typec: tcpm/tcpci_maxim: fix error code in
    max_contaminant_read_resistance_kohm() (git-fixes).
  * usb: typec: tcpm: set SRC_SEND_CAPABILITIES timeout to PD_T_SENDER_RESPONSE
    (git-fixes).
  * usbnet: ipheth: break up NCM header size computation (git-fixes).
  * usbnet: ipheth: check that DPE points past NCM header (git-fixes).
  * usbnet: ipheth: fix DPE OoB read (git-fixes).
  * usbnet: ipheth: fix possible overflow in DPE length check (git-fixes).
  * usbnet: ipheth: refactor NCM datagram loop (git-fixes).
  * usbnet: ipheth: use static NDP16 location in URB (git-fixes).
  * virtio-mem: check if the config changed before fake offlining memory (git-
    fixes).
  * virtio-mem: convert most offline_and_remove_memory() errors to -EBUSY (git-
    fixes).
  * virtio-mem: keep retrying on offline_and_remove_memory() errors in Sub Block
    Mode (SBM) (git-fixes).
  * virtio-mem: remove unsafe unplug in Big Block Mode (BBM) (git-fixes).
  * vmscan,migrate: fix page count imbalance on node stats when demoting pages
    (git-fixes).
  * vsock/virtio: cancel close work in the destructor (git-fixes)
  * vsock: Keep the binding until socket destruction (git-fixes)
  * vsock: reset socket state when de-assigning the transport (git-fixes)
  * watchdog: rzg2l_wdt: Power on the watchdog domain in the restart handler
    (stable-fixes).
  * watchdog: rzg2l_wdt: Rely on the reset driver for doing proper reset
    (stable-fixes).
  * watchdog: rzg2l_wdt: Remove reset de-assert from probe (stable-fixes).
  * wifi: ath11k: Fix unexpected return buffer manager error for WCN6750/WCN6855
    (git-fixes).
  * wifi: ath11k: cleanup struct ath11k_mon_data (git-fixes).
  * wifi: ath12k: fix atomic calls in ath12k_mac_op_set_bitrate_mask() (stable-
    fixes).
  * wifi: ath12k: fix tx power, max reg power update to firmware (git-fixes).
  * wifi: brcmfmac: add missing header include for brcmf_dbg (git-fixes).
  * wifi: cfg80211: adjust allocation of colocated AP data (git-fixes).
  * wifi: iwlwifi: fw: read STEP table from correct UEFI var (git-fixes).
  * wifi: mac80211: Add non-atomic station iterator (stable-fixes).
  * wifi: mac80211: Fix common size calculation for ML element (git-fixes).
  * wifi: mac80211: do not flush non-uploaded STAs (git-fixes).
  * wifi: mac80211: export ieee80211_purge_tx_queue() for drivers (stable-
    fixes).
  * wifi: mac80211: fix mbss changed flags corruption on 32 bit systems (stable-
    fixes).
  * wifi: mac80211: fix tid removal during mesh forwarding (git-fixes).
  * wifi: mac80211: prohibit deactivating all links (git-fixes).
  * wifi: mac80211: wake the queues in case of failure in resume (stable-fixes).
  * wifi: mt76: mt76u_vendor_request: Do not print error messages when -EPROTO
    (git-fixes).
  * wifi: mt76: mt7915: Fix mesh scan on MT7916 DBDC (git-fixes).
  * wifi: mt76: mt7915: add module param to select 5 GHz or 6 GHz on MT7916
    (git-fixes).
  * wifi: mt76: mt7915: firmware restart on devices with a second pcie link
    (git-fixes).
  * wifi: mt76: mt7915: fix overflows seen when writing limit attributes (git-
    fixes).
  * wifi: mt76: mt7915: fix register mapping (git-fixes).
  * wifi: mt76: mt7921: fix using incorrect group cipher after disconnection
    (git-fixes).
  * wifi: mt76: mt7925: fix off by one in mt7925_load_clc() (git-fixes).
  * wifi: mt76: mt7996: add max mpdu len capability (git-fixes).
  * wifi: mt76: mt7996: fix HE Phy capability (git-fixes).
  * wifi: mt76: mt7996: fix definition of tx descriptor (git-fixes).
  * wifi: mt76: mt7996: fix incorrect indexing of MIB FW event (git-fixes).
  * wifi: mt76: mt7996: fix ldpc setting (git-fixes).
  * wifi: mt76: mt7996: fix overflows seen when writing limit attributes (git-
    fixes).
  * wifi: mt76: mt7996: fix register mapping (git-fixes).
  * wifi: mt76: mt7996: fix rx filter setting for bfee functionality (git-
    fixes).
  * wifi: mt76: mt7996: fix the capability of reception of EHT MU PPDU (git-
    fixes).
  * wifi: rtlwifi: destroy workqueue at rtl_deinit_core (git-fixes).
  * wifi: rtlwifi: do not complete firmware loading needlessly (git-fixes).
  * wifi: rtlwifi: fix init_sw_vars leak when probe fails (git-fixes).
  * wifi: rtlwifi: fix memory leaks and invalid access at probe error path (git-
    fixes).
  * wifi: rtlwifi: pci: wait for firmware loading before releasing memory (git-
    fixes).
  * wifi: rtlwifi: remove unused check_buddy_priv (git-fixes).
  * wifi: rtlwifi: rtl8192se: rise completion of firmware loading as last step
    (git-fixes).
  * wifi: rtlwifi: rtl8821ae: Fix media status report (git-fixes).
  * wifi: rtlwifi: rtl8821ae: phy: restore removed code to fix infinite loop
    (git-fixes).
  * wifi: rtlwifi: usb: fix workqueue leak when probe fails (git-fixes).
  * wifi: rtlwifi: wait for firmware loading before releasing memory (git-
    fixes).
  * wifi: rtw88: use ieee80211_purge_tx_queue() to purge TX skb (stable-fixes).
  * wifi: rtw89: mcc: consider time limits not divisible by 1024 (git-fixes).
  * wifi: wcn36xx: fix channel survey memory allocation size (git-fixes).
  * wifi: wlcore: fix unbalanced pm_runtime calls (git-fixes).
  * workqueue: Add rcu lock check at the end of work item execution
    (bsc#1236732).
  * x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0
    (git-fixes).
  * xfs: Add error handling for xfs_reflink_cancel_cow_range (git-fixes).
  * xfs: Propagate errors from xfs_reflink_cancel_cow_range in
    xfs_dax_write_iomap_end (git-fixes).

## Special Instructions and Notes:

  * Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-499=1 SUSE-2025-499=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-499=1

  * Development Tools Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-499=1

  * Legacy Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2025-499=1

  * SUSE Linux Enterprise Live Patching 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-499=1  
Please note that this is the initial kernel livepatch without fixes itself, this
package is later updated by separate standalone kernel livepatch updates.

  * SUSE Linux Enterprise High Availability Extension 15 SP6  
    zypper in -t patch SUSE-SLE-Product-HA-15-SP6-2025-499=1

  * SUSE Linux Enterprise Workstation Extension 15 SP6  
    zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2025-499=1

## Package List:

  * openSUSE Leap 15.6 (noarch nosrc)
    * kernel-docs-6.4.0-150600.23.38.1
  * openSUSE Leap 15.6 (noarch)
    * kernel-devel-6.4.0-150600.23.38.1
    * kernel-source-vanilla-6.4.0-150600.23.38.1
    * kernel-macros-6.4.0-150600.23.38.1
    * kernel-source-6.4.0-150600.23.38.1
    * kernel-docs-html-6.4.0-150600.23.38.1
  * openSUSE Leap 15.6 (nosrc ppc64le x86_64)
    * kernel-debug-6.4.0-150600.23.38.1
  * openSUSE Leap 15.6 (ppc64le x86_64)
    * kernel-debug-devel-debuginfo-6.4.0-150600.23.38.1
    * kernel-debug-debuginfo-6.4.0-150600.23.38.1
    * kernel-debug-debugsource-6.4.0-150600.23.38.1
    * kernel-debug-devel-6.4.0-150600.23.38.1
  * openSUSE Leap 15.6 (x86_64)
    * kernel-default-vdso-6.4.0-150600.23.38.1
    * kernel-kvmsmall-vdso-6.4.0-150600.23.38.1
    * kernel-kvmsmall-vdso-debuginfo-6.4.0-150600.23.38.1
    * kernel-default-vdso-debuginfo-6.4.0-150600.23.38.1
    * kernel-debug-vdso-6.4.0-150600.23.38.1
    * kernel-debug-vdso-debuginfo-6.4.0-150600.23.38.1
  * openSUSE Leap 15.6 (aarch64 ppc64le x86_64)
    * kernel-kvmsmall-debuginfo-6.4.0-150600.23.38.1
    * kernel-kvmsmall-debugsource-6.4.0-150600.23.38.1
    * kernel-default-base-6.4.0-150600.23.38.1.150600.12.16.2
    * kernel-kvmsmall-devel-6.4.0-150600.23.38.1
    * kernel-kvmsmall-devel-debuginfo-6.4.0-150600.23.38.1
    * kernel-default-base-rebuild-6.4.0-150600.23.38.1.150600.12.16.2
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * dlm-kmp-default-6.4.0-150600.23.38.1
    * kernel-default-optional-debuginfo-6.4.0-150600.23.38.1
    * kernel-default-optional-6.4.0-150600.23.38.1
    * reiserfs-kmp-default-debuginfo-6.4.0-150600.23.38.1
    * kernel-default-extra-6.4.0-150600.23.38.1
    * kernel-obs-build-6.4.0-150600.23.38.1
    * kernel-syms-6.4.0-150600.23.38.1
    * kernel-obs-qa-6.4.0-150600.23.38.1
    * cluster-md-kmp-default-debuginfo-6.4.0-150600.23.38.1
    * gfs2-kmp-default-debuginfo-6.4.0-150600.23.38.1
    * ocfs2-kmp-default-debuginfo-6.4.0-150600.23.38.1
    * kernel-default-debugsource-6.4.0-150600.23.38.1
    * kselftests-kmp-default-debuginfo-6.4.0-150600.23.38.1
    * kernel-default-extra-debuginfo-6.4.0-150600.23.38.1
    * kselftests-kmp-default-6.4.0-150600.23.38.1
    * dlm-kmp-default-debuginfo-6.4.0-150600.23.38.1
    * ocfs2-kmp-default-6.4.0-150600.23.38.1
    * kernel-default-devel-debuginfo-6.4.0-150600.23.38.1
    * reiserfs-kmp-default-6.4.0-150600.23.38.1
    * kernel-obs-build-debugsource-6.4.0-150600.23.38.1
    * kernel-default-debuginfo-6.4.0-150600.23.38.1
    * gfs2-kmp-default-6.4.0-150600.23.38.1
    * kernel-default-livepatch-6.4.0-150600.23.38.1
    * kernel-default-devel-6.4.0-150600.23.38.1
    * cluster-md-kmp-default-6.4.0-150600.23.38.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 nosrc)
    * kernel-default-6.4.0-150600.23.38.1
  * openSUSE Leap 15.6 (ppc64le s390x x86_64)
    * kernel-livepatch-6_4_0-150600_23_38-default-1-150600.13.3.2
    * kernel-livepatch-SLE15-SP6_Update_8-debugsource-1-150600.13.3.2
    * kernel-livepatch-6_4_0-150600_23_38-default-debuginfo-1-150600.13.3.2
    * kernel-default-livepatch-devel-6.4.0-150600.23.38.1
  * openSUSE Leap 15.6 (aarch64 nosrc ppc64le x86_64)
    * kernel-kvmsmall-6.4.0-150600.23.38.1
  * openSUSE Leap 15.6 (nosrc s390x)
    * kernel-zfcpdump-6.4.0-150600.23.38.1
  * openSUSE Leap 15.6 (s390x)
    * kernel-zfcpdump-debugsource-6.4.0-150600.23.38.1
    * kernel-zfcpdump-debuginfo-6.4.0-150600.23.38.1
  * openSUSE Leap 15.6 (nosrc)
    * dtb-aarch64-6.4.0-150600.23.38.1
  * openSUSE Leap 15.6 (aarch64)
    * dtb-renesas-6.4.0-150600.23.38.1
    * cluster-md-kmp-64kb-debuginfo-6.4.0-150600.23.38.1
    * reiserfs-kmp-64kb-6.4.0-150600.23.38.1
    * dtb-apple-6.4.0-150600.23.38.1
    * dtb-rockchip-6.4.0-150600.23.38.1
    * kselftests-kmp-64kb-6.4.0-150600.23.38.1
    * dtb-xilinx-6.4.0-150600.23.38.1
    * dtb-marvell-6.4.0-150600.23.38.1
    * dlm-kmp-64kb-6.4.0-150600.23.38.1
    * dtb-freescale-6.4.0-150600.23.38.1
    * dtb-exynos-6.4.0-150600.23.38.1
    * dtb-allwinner-6.4.0-150600.23.38.1
    * dlm-kmp-64kb-debuginfo-6.4.0-150600.23.38.1
    * dtb-amlogic-6.4.0-150600.23.38.1
    * dtb-broadcom-6.4.0-150600.23.38.1
    * dtb-hisilicon-6.4.0-150600.23.38.1
    * kernel-64kb-debuginfo-6.4.0-150600.23.38.1
    * ocfs2-kmp-64kb-6.4.0-150600.23.38.1
    * dtb-qcom-6.4.0-150600.23.38.1
    * kernel-64kb-extra-6.4.0-150600.23.38.1
    * kernel-64kb-devel-debuginfo-6.4.0-150600.23.38.1
    * dtb-cavium-6.4.0-150600.23.38.1
    * reiserfs-kmp-64kb-debuginfo-6.4.0-150600.23.38.1
    * dtb-amazon-6.4.0-150600.23.38.1
    * kernel-64kb-devel-6.4.0-150600.23.38.1
    * dtb-amd-6.4.0-150600.23.38.1
    * kernel-64kb-optional-debuginfo-6.4.0-150600.23.38.1
    * dtb-mediatek-6.4.0-150600.23.38.1
    * dtb-socionext-6.4.0-150600.23.38.1
    * kernel-64kb-extra-debuginfo-6.4.0-150600.23.38.1
    * dtb-arm-6.4.0-150600.23.38.1
    * gfs2-kmp-64kb-debuginfo-6.4.0-150600.23.38.1
    * kselftests-kmp-64kb-debuginfo-6.4.0-150600.23.38.1
    * dtb-lg-6.4.0-150600.23.38.1
    * kernel-64kb-optional-6.4.0-150600.23.38.1
    * ocfs2-kmp-64kb-debuginfo-6.4.0-150600.23.38.1
    * dtb-sprd-6.4.0-150600.23.38.1
    * cluster-md-kmp-64kb-6.4.0-150600.23.38.1
    * dtb-apm-6.4.0-150600.23.38.1
    * gfs2-kmp-64kb-6.4.0-150600.23.38.1
    * dtb-nvidia-6.4.0-150600.23.38.1
    * dtb-altera-6.4.0-150600.23.38.1
    * kernel-64kb-debugsource-6.4.0-150600.23.38.1
  * openSUSE Leap 15.6 (aarch64 nosrc)
    * kernel-64kb-6.4.0-150600.23.38.1
  * Basesystem Module 15-SP6 (aarch64 nosrc)
    * kernel-64kb-6.4.0-150600.23.38.1
  * Basesystem Module 15-SP6 (aarch64)
    * kernel-64kb-devel-6.4.0-150600.23.38.1
    * kernel-64kb-devel-debuginfo-6.4.0-150600.23.38.1
    * kernel-64kb-debuginfo-6.4.0-150600.23.38.1
    * kernel-64kb-debugsource-6.4.0-150600.23.38.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64 nosrc)
    * kernel-default-6.4.0-150600.23.38.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le x86_64)
    * kernel-default-base-6.4.0-150600.23.38.1.150600.12.16.2
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * kernel-default-devel-6.4.0-150600.23.38.1
    * kernel-default-devel-debuginfo-6.4.0-150600.23.38.1
    * kernel-default-debuginfo-6.4.0-150600.23.38.1
    * kernel-default-debugsource-6.4.0-150600.23.38.1
  * Basesystem Module 15-SP6 (noarch)
    * kernel-devel-6.4.0-150600.23.38.1
    * kernel-macros-6.4.0-150600.23.38.1
  * Basesystem Module 15-SP6 (nosrc s390x)
    * kernel-zfcpdump-6.4.0-150600.23.38.1
  * Basesystem Module 15-SP6 (s390x)
    * kernel-zfcpdump-debugsource-6.4.0-150600.23.38.1
    * kernel-zfcpdump-debuginfo-6.4.0-150600.23.38.1
  * Development Tools Module 15-SP6 (noarch nosrc)
    * kernel-docs-6.4.0-150600.23.38.1
  * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * kernel-obs-build-6.4.0-150600.23.38.1
    * kernel-obs-build-debugsource-6.4.0-150600.23.38.1
    * kernel-syms-6.4.0-150600.23.38.1
  * Development Tools Module 15-SP6 (noarch)
    * kernel-source-6.4.0-150600.23.38.1
  * Legacy Module 15-SP6 (nosrc)
    * kernel-default-6.4.0-150600.23.38.1
  * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * reiserfs-kmp-default-6.4.0-150600.23.38.1
    * reiserfs-kmp-default-debuginfo-6.4.0-150600.23.38.1
    * kernel-default-debuginfo-6.4.0-150600.23.38.1
    * kernel-default-debugsource-6.4.0-150600.23.38.1
  * SUSE Linux Enterprise Live Patching 15-SP6 (nosrc)
    * kernel-default-6.4.0-150600.23.38.1
  * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64)
    * kernel-livepatch-6_4_0-150600_23_38-default-debuginfo-1-150600.13.3.2
    * kernel-default-debugsource-6.4.0-150600.23.38.1
    * kernel-default-debuginfo-6.4.0-150600.23.38.1
    * kernel-livepatch-6_4_0-150600_23_38-default-1-150600.13.3.2
    * kernel-livepatch-SLE15-SP6_Update_8-debugsource-1-150600.13.3.2
    * kernel-default-livepatch-6.4.0-150600.23.38.1
    * kernel-default-livepatch-devel-6.4.0-150600.23.38.1
  * SUSE Linux Enterprise High Availability Extension 15 SP6 (aarch64 ppc64le
    s390x x86_64)
    * dlm-kmp-default-debuginfo-6.4.0-150600.23.38.1
    * ocfs2-kmp-default-6.4.0-150600.23.38.1
    * ocfs2-kmp-default-debuginfo-6.4.0-150600.23.38.1
    * dlm-kmp-default-6.4.0-150600.23.38.1
    * kernel-default-debugsource-6.4.0-150600.23.38.1
    * cluster-md-kmp-default-debuginfo-6.4.0-150600.23.38.1
    * gfs2-kmp-default-debuginfo-6.4.0-150600.23.38.1
    * kernel-default-debuginfo-6.4.0-150600.23.38.1
    * gfs2-kmp-default-6.4.0-150600.23.38.1
    * cluster-md-kmp-default-6.4.0-150600.23.38.1
  * SUSE Linux Enterprise High Availability Extension 15 SP6 (nosrc)
    * kernel-default-6.4.0-150600.23.38.1
  * SUSE Linux Enterprise Workstation Extension 15 SP6 (nosrc)
    * kernel-default-6.4.0-150600.23.38.1
  * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64)
    * kernel-default-extra-6.4.0-150600.23.38.1
    * kernel-default-extra-debuginfo-6.4.0-150600.23.38.1
    * kernel-default-debuginfo-6.4.0-150600.23.38.1
    * kernel-default-debugsource-6.4.0-150600.23.38.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-52489.html
  * https://www.suse.com/security/cve/CVE-2023-52923.html
  * https://www.suse.com/security/cve/CVE-2024-26810.html
  * https://www.suse.com/security/cve/CVE-2024-36476.html
  * https://www.suse.com/security/cve/CVE-2024-39282.html
  * https://www.suse.com/security/cve/CVE-2024-43913.html
  * https://www.suse.com/security/cve/CVE-2024-45828.html
  * https://www.suse.com/security/cve/CVE-2024-46858.html
  * https://www.suse.com/security/cve/CVE-2024-46896.html
  * https://www.suse.com/security/cve/CVE-2024-47141.html
  * https://www.suse.com/security/cve/CVE-2024-47143.html
  * https://www.suse.com/security/cve/CVE-2024-47809.html
  * https://www.suse.com/security/cve/CVE-2024-48873.html
  * https://www.suse.com/security/cve/CVE-2024-48881.html
  * https://www.suse.com/security/cve/CVE-2024-49569.html
  * https://www.suse.com/security/cve/CVE-2024-49948.html
  * https://www.suse.com/security/cve/CVE-2024-49951.html
  * https://www.suse.com/security/cve/CVE-2024-49978.html
  * https://www.suse.com/security/cve/CVE-2024-49998.html
  * https://www.suse.com/security/cve/CVE-2024-50051.html
  * https://www.suse.com/security/cve/CVE-2024-50106.html
  * https://www.suse.com/security/cve/CVE-2024-50151.html
  * https://www.suse.com/security/cve/CVE-2024-50199.html
  * https://www.suse.com/security/cve/CVE-2024-50251.html
  * https://www.suse.com/security/cve/CVE-2024-50258.html
  * https://www.suse.com/security/cve/CVE-2024-50299.html
  * https://www.suse.com/security/cve/CVE-2024-50304.html
  * https://www.suse.com/security/cve/CVE-2024-52332.html
  * https://www.suse.com/security/cve/CVE-2024-53091.html
  * https://www.suse.com/security/cve/CVE-2024-53095.html
  * https://www.suse.com/security/cve/CVE-2024-53164.html
  * https://www.suse.com/security/cve/CVE-2024-53168.html
  * https://www.suse.com/security/cve/CVE-2024-53170.html
  * https://www.suse.com/security/cve/CVE-2024-53172.html
  * https://www.suse.com/security/cve/CVE-2024-53175.html
  * https://www.suse.com/security/cve/CVE-2024-53185.html
  * https://www.suse.com/security/cve/CVE-2024-53187.html
  * https://www.suse.com/security/cve/CVE-2024-53194.html
  * https://www.suse.com/security/cve/CVE-2024-53195.html
  * https://www.suse.com/security/cve/CVE-2024-53196.html
  * https://www.suse.com/security/cve/CVE-2024-53197.html
  * https://www.suse.com/security/cve/CVE-2024-53198.html
  * https://www.suse.com/security/cve/CVE-2024-53203.html
  * https://www.suse.com/security/cve/CVE-2024-53227.html
  * https://www.suse.com/security/cve/CVE-2024-53230.html
  * https://www.suse.com/security/cve/CVE-2024-53231.html
  * https://www.suse.com/security/cve/CVE-2024-53232.html
  * https://www.suse.com/security/cve/CVE-2024-53233.html
  * https://www.suse.com/security/cve/CVE-2024-53236.html
  * https://www.suse.com/security/cve/CVE-2024-53239.html
  * https://www.suse.com/security/cve/CVE-2024-53685.html
  * https://www.suse.com/security/cve/CVE-2024-53690.html
  * https://www.suse.com/security/cve/CVE-2024-54680.html
  * https://www.suse.com/security/cve/CVE-2024-55639.html
  * https://www.suse.com/security/cve/CVE-2024-55881.html
  * https://www.suse.com/security/cve/CVE-2024-55916.html
  * https://www.suse.com/security/cve/CVE-2024-56369.html
  * https://www.suse.com/security/cve/CVE-2024-56372.html
  * https://www.suse.com/security/cve/CVE-2024-56531.html
  * https://www.suse.com/security/cve/CVE-2024-56532.html
  * https://www.suse.com/security/cve/CVE-2024-56533.html
  * https://www.suse.com/security/cve/CVE-2024-56538.html
  * https://www.suse.com/security/cve/CVE-2024-56543.html
  * https://www.suse.com/security/cve/CVE-2024-56546.html
  * https://www.suse.com/security/cve/CVE-2024-56548.html
  * https://www.suse.com/security/cve/CVE-2024-56557.html
  * https://www.suse.com/security/cve/CVE-2024-56558.html
  * https://www.suse.com/security/cve/CVE-2024-56568.html
  * https://www.suse.com/security/cve/CVE-2024-56569.html
  * https://www.suse.com/security/cve/CVE-2024-56570.html
  * https://www.suse.com/security/cve/CVE-2024-56571.html
  * https://www.suse.com/security/cve/CVE-2024-56572.html
  * https://www.suse.com/security/cve/CVE-2024-56573.html
  * https://www.suse.com/security/cve/CVE-2024-56574.html
  * https://www.suse.com/security/cve/CVE-2024-56575.html
  * https://www.suse.com/security/cve/CVE-2024-56577.html
  * https://www.suse.com/security/cve/CVE-2024-56578.html
  * https://www.suse.com/security/cve/CVE-2024-56584.html
  * https://www.suse.com/security/cve/CVE-2024-56587.html
  * https://www.suse.com/security/cve/CVE-2024-56588.html
  * https://www.suse.com/security/cve/CVE-2024-56589.html
  * https://www.suse.com/security/cve/CVE-2024-56590.html
  * https://www.suse.com/security/cve/CVE-2024-56592.html
  * https://www.suse.com/security/cve/CVE-2024-56593.html
  * https://www.suse.com/security/cve/CVE-2024-56594.html
  * https://www.suse.com/security/cve/CVE-2024-56595.html
  * https://www.suse.com/security/cve/CVE-2024-56596.html
  * https://www.suse.com/security/cve/CVE-2024-56597.html
  * https://www.suse.com/security/cve/CVE-2024-56598.html
  * https://www.suse.com/security/cve/CVE-2024-56600.html
  * https://www.suse.com/security/cve/CVE-2024-56601.html
  * https://www.suse.com/security/cve/CVE-2024-56602.html
  * https://www.suse.com/security/cve/CVE-2024-56603.html
  * https://www.suse.com/security/cve/CVE-2024-56606.html
  * https://www.suse.com/security/cve/CVE-2024-56607.html
  * https://www.suse.com/security/cve/CVE-2024-56608.html
  * https://www.suse.com/security/cve/CVE-2024-56609.html
  * https://www.suse.com/security/cve/CVE-2024-56610.html
  * https://www.suse.com/security/cve/CVE-2024-56611.html
  * https://www.suse.com/security/cve/CVE-2024-56614.html
  * https://www.suse.com/security/cve/CVE-2024-56615.html
  * https://www.suse.com/security/cve/CVE-2024-56616.html
  * https://www.suse.com/security/cve/CVE-2024-56617.html
  * https://www.suse.com/security/cve/CVE-2024-56619.html
  * https://www.suse.com/security/cve/CVE-2024-56620.html
  * https://www.suse.com/security/cve/CVE-2024-56622.html
  * https://www.suse.com/security/cve/CVE-2024-56623.html
  * https://www.suse.com/security/cve/CVE-2024-56625.html
  * https://www.suse.com/security/cve/CVE-2024-56629.html
  * https://www.suse.com/security/cve/CVE-2024-56630.html
  * https://www.suse.com/security/cve/CVE-2024-56631.html
  * https://www.suse.com/security/cve/CVE-2024-56632.html
  * https://www.suse.com/security/cve/CVE-2024-56634.html
  * https://www.suse.com/security/cve/CVE-2024-56635.html
  * https://www.suse.com/security/cve/CVE-2024-56636.html
  * https://www.suse.com/security/cve/CVE-2024-56637.html
  * https://www.suse.com/security/cve/CVE-2024-56641.html
  * https://www.suse.com/security/cve/CVE-2024-56642.html
  * https://www.suse.com/security/cve/CVE-2024-56643.html
  * https://www.suse.com/security/cve/CVE-2024-56644.html
  * https://www.suse.com/security/cve/CVE-2024-56648.html
  * https://www.suse.com/security/cve/CVE-2024-56649.html
  * https://www.suse.com/security/cve/CVE-2024-56650.html
  * https://www.suse.com/security/cve/CVE-2024-56651.html
  * https://www.suse.com/security/cve/CVE-2024-56654.html
  * https://www.suse.com/security/cve/CVE-2024-56656.html
  * https://www.suse.com/security/cve/CVE-2024-56658.html
  * https://www.suse.com/security/cve/CVE-2024-56659.html
  * https://www.suse.com/security/cve/CVE-2024-56660.html
  * https://www.suse.com/security/cve/CVE-2024-56661.html
  * https://www.suse.com/security/cve/CVE-2024-56662.html
  * https://www.suse.com/security/cve/CVE-2024-56663.html
  * https://www.suse.com/security/cve/CVE-2024-56664.html
  * https://www.suse.com/security/cve/CVE-2024-56665.html
  * https://www.suse.com/security/cve/CVE-2024-56670.html
  * https://www.suse.com/security/cve/CVE-2024-56672.html
  * https://www.suse.com/security/cve/CVE-2024-56675.html
  * https://www.suse.com/security/cve/CVE-2024-56677.html
  * https://www.suse.com/security/cve/CVE-2024-56678.html
  * https://www.suse.com/security/cve/CVE-2024-56679.html
  * https://www.suse.com/security/cve/CVE-2024-56681.html
  * https://www.suse.com/security/cve/CVE-2024-56683.html
  * https://www.suse.com/security/cve/CVE-2024-56687.html
  * https://www.suse.com/security/cve/CVE-2024-56688.html
  * https://www.suse.com/security/cve/CVE-2024-56690.html
  * https://www.suse.com/security/cve/CVE-2024-56691.html
  * https://www.suse.com/security/cve/CVE-2024-56693.html
  * https://www.suse.com/security/cve/CVE-2024-56694.html
  * https://www.suse.com/security/cve/CVE-2024-56698.html
  * https://www.suse.com/security/cve/CVE-2024-56700.html
  * https://www.suse.com/security/cve/CVE-2024-56701.html
  * https://www.suse.com/security/cve/CVE-2024-56704.html
  * https://www.suse.com/security/cve/CVE-2024-56705.html
  * https://www.suse.com/security/cve/CVE-2024-56707.html
  * https://www.suse.com/security/cve/CVE-2024-56708.html
  * https://www.suse.com/security/cve/CVE-2024-56709.html
  * https://www.suse.com/security/cve/CVE-2024-56712.html
  * https://www.suse.com/security/cve/CVE-2024-56715.html
  * https://www.suse.com/security/cve/CVE-2024-56716.html
  * https://www.suse.com/security/cve/CVE-2024-56722.html
  * https://www.suse.com/security/cve/CVE-2024-56723.html
  * https://www.suse.com/security/cve/CVE-2024-56724.html
  * https://www.suse.com/security/cve/CVE-2024-56725.html
  * https://www.suse.com/security/cve/CVE-2024-56726.html
  * https://www.suse.com/security/cve/CVE-2024-56727.html
  * https://www.suse.com/security/cve/CVE-2024-56728.html
  * https://www.suse.com/security/cve/CVE-2024-56729.html
  * https://www.suse.com/security/cve/CVE-2024-56739.html
  * https://www.suse.com/security/cve/CVE-2024-56741.html
  * https://www.suse.com/security/cve/CVE-2024-56745.html
  * https://www.suse.com/security/cve/CVE-2024-56746.html
  * https://www.suse.com/security/cve/CVE-2024-56747.html
  * https://www.suse.com/security/cve/CVE-2024-56748.html
  * https://www.suse.com/security/cve/CVE-2024-56759.html
  * https://www.suse.com/security/cve/CVE-2024-56760.html
  * https://www.suse.com/security/cve/CVE-2024-56763.html
  * https://www.suse.com/security/cve/CVE-2024-56765.html
  * https://www.suse.com/security/cve/CVE-2024-56766.html
  * https://www.suse.com/security/cve/CVE-2024-56767.html
  * https://www.suse.com/security/cve/CVE-2024-56769.html
  * https://www.suse.com/security/cve/CVE-2024-56774.html
  * https://www.suse.com/security/cve/CVE-2024-56775.html
  * https://www.suse.com/security/cve/CVE-2024-56776.html
  * https://www.suse.com/security/cve/CVE-2024-56777.html
  * https://www.suse.com/security/cve/CVE-2024-56778.html
  * https://www.suse.com/security/cve/CVE-2024-56779.html
  * https://www.suse.com/security/cve/CVE-2024-56780.html
  * https://www.suse.com/security/cve/CVE-2024-56787.html
  * https://www.suse.com/security/cve/CVE-2024-57791.html
  * https://www.suse.com/security/cve/CVE-2024-57792.html
  * https://www.suse.com/security/cve/CVE-2024-57793.html
  * https://www.suse.com/security/cve/CVE-2024-57795.html
  * https://www.suse.com/security/cve/CVE-2024-57798.html
  * https://www.suse.com/security/cve/CVE-2024-57801.html
  * https://www.suse.com/security/cve/CVE-2024-57802.html
  * https://www.suse.com/security/cve/CVE-2024-57804.html
  * https://www.suse.com/security/cve/CVE-2024-57809.html
  * https://www.suse.com/security/cve/CVE-2024-57838.html
  * https://www.suse.com/security/cve/CVE-2024-57849.html
  * https://www.suse.com/security/cve/CVE-2024-57850.html
  * https://www.suse.com/security/cve/CVE-2024-57857.html
  * https://www.suse.com/security/cve/CVE-2024-57874.html
  * https://www.suse.com/security/cve/CVE-2024-57876.html
  * https://www.suse.com/security/cve/CVE-2024-57882.html
  * https://www.suse.com/security/cve/CVE-2024-57884.html
  * https://www.suse.com/security/cve/CVE-2024-57887.html
  * https://www.suse.com/security/cve/CVE-2024-57888.html
  * https://www.suse.com/security/cve/CVE-2024-57890.html
  * https://www.suse.com/security/cve/CVE-2024-57892.html
  * https://www.suse.com/security/cve/CVE-2024-57893.html
  * https://www.suse.com/security/cve/CVE-2024-57896.html
  * https://www.suse.com/security/cve/CVE-2024-57897.html
  * https://www.suse.com/security/cve/CVE-2024-57899.html
  * https://www.suse.com/security/cve/CVE-2024-57903.html
  * https://www.suse.com/security/cve/CVE-2024-57904.html
  * https://www.suse.com/security/cve/CVE-2024-57906.html
  * https://www.suse.com/security/cve/CVE-2024-57907.html
  * https://www.suse.com/security/cve/CVE-2024-57908.html
  * https://www.suse.com/security/cve/CVE-2024-57910.html
  * https://www.suse.com/security/cve/CVE-2024-57911.html
  * https://www.suse.com/security/cve/CVE-2024-57912.html
  * https://www.suse.com/security/cve/CVE-2024-57913.html
  * https://www.suse.com/security/cve/CVE-2024-57915.html
  * https://www.suse.com/security/cve/CVE-2024-57916.html
  * https://www.suse.com/security/cve/CVE-2024-57917.html
  * https://www.suse.com/security/cve/CVE-2024-57922.html
  * https://www.suse.com/security/cve/CVE-2024-57926.html
  * https://www.suse.com/security/cve/CVE-2024-57929.html
  * https://www.suse.com/security/cve/CVE-2024-57931.html
  * https://www.suse.com/security/cve/CVE-2024-57932.html
  * https://www.suse.com/security/cve/CVE-2024-57933.html
  * https://www.suse.com/security/cve/CVE-2024-57935.html
  * https://www.suse.com/security/cve/CVE-2024-57936.html
  * https://www.suse.com/security/cve/CVE-2024-57938.html
  * https://www.suse.com/security/cve/CVE-2024-57940.html
  * https://www.suse.com/security/cve/CVE-2024-57946.html
  * https://www.suse.com/security/cve/CVE-2025-21632.html
  * https://www.suse.com/security/cve/CVE-2025-21645.html
  * https://www.suse.com/security/cve/CVE-2025-21646.html
  * https://www.suse.com/security/cve/CVE-2025-21649.html
  * https://www.suse.com/security/cve/CVE-2025-21650.html
  * https://www.suse.com/security/cve/CVE-2025-21651.html
  * https://www.suse.com/security/cve/CVE-2025-21652.html
  * https://www.suse.com/security/cve/CVE-2025-21653.html
  * https://www.suse.com/security/cve/CVE-2025-21655.html
  * https://www.suse.com/security/cve/CVE-2025-21656.html
  * https://www.suse.com/security/cve/CVE-2025-21662.html
  * https://www.suse.com/security/cve/CVE-2025-21663.html
  * https://www.suse.com/security/cve/CVE-2025-21664.html
  * https://www.suse.com/security/cve/CVE-2025-21666.html
  * https://www.suse.com/security/cve/CVE-2025-21669.html
  * https://www.suse.com/security/cve/CVE-2025-21670.html
  * https://www.suse.com/security/cve/CVE-2025-21674.html
  * https://www.suse.com/security/cve/CVE-2025-21675.html
  * https://www.suse.com/security/cve/CVE-2025-21676.html
  * https://www.suse.com/security/cve/CVE-2025-21678.html
  * https://www.suse.com/security/cve/CVE-2025-21682.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1012628
  * https://bugzilla.suse.com/show_bug.cgi?id=1194869
  * https://bugzilla.suse.com/show_bug.cgi?id=1215199
  * https://bugzilla.suse.com/show_bug.cgi?id=1216813
  * https://bugzilla.suse.com/show_bug.cgi?id=1218470
  * https://bugzilla.suse.com/show_bug.cgi?id=1220711
  * https://bugzilla.suse.com/show_bug.cgi?id=1221326
  * https://bugzilla.suse.com/show_bug.cgi?id=1222803
  * https://bugzilla.suse.com/show_bug.cgi?id=1224049
  * https://bugzilla.suse.com/show_bug.cgi?id=1225897
  * https://bugzilla.suse.com/show_bug.cgi?id=1226980
  * https://bugzilla.suse.com/show_bug.cgi?id=1228592
  * https://bugzilla.suse.com/show_bug.cgi?id=1229833
  * https://bugzilla.suse.com/show_bug.cgi?id=1231016
  * https://bugzilla.suse.com/show_bug.cgi?id=1231088
  * https://bugzilla.suse.com/show_bug.cgi?id=1232087
  * https://bugzilla.suse.com/show_bug.cgi?id=1232101
  * https://bugzilla.suse.com/show_bug.cgi?id=1232158
  * https://bugzilla.suse.com/show_bug.cgi?id=1232161
  * https://bugzilla.suse.com/show_bug.cgi?id=1232421
  * https://bugzilla.suse.com/show_bug.cgi?id=1232882
  * https://bugzilla.suse.com/show_bug.cgi?id=1233055
  * https://bugzilla.suse.com/show_bug.cgi?id=1233112
  * https://bugzilla.suse.com/show_bug.cgi?id=1233221
  * https://bugzilla.suse.com/show_bug.cgi?id=1233248
  * https://bugzilla.suse.com/show_bug.cgi?id=1233259
  * https://bugzilla.suse.com/show_bug.cgi?id=1233260
  * https://bugzilla.suse.com/show_bug.cgi?id=1233488
  * https://bugzilla.suse.com/show_bug.cgi?id=1233522
  * https://bugzilla.suse.com/show_bug.cgi?id=1233638
  * https://bugzilla.suse.com/show_bug.cgi?id=1233642
  * https://bugzilla.suse.com/show_bug.cgi?id=1233778
  * https://bugzilla.suse.com/show_bug.cgi?id=1234195
  * https://bugzilla.suse.com/show_bug.cgi?id=1234619
  * https://bugzilla.suse.com/show_bug.cgi?id=1234635
  * https://bugzilla.suse.com/show_bug.cgi?id=1234683
  * https://bugzilla.suse.com/show_bug.cgi?id=1234693
  * https://bugzilla.suse.com/show_bug.cgi?id=1234726
  * https://bugzilla.suse.com/show_bug.cgi?id=1234825
  * https://bugzilla.suse.com/show_bug.cgi?id=1234863
  * https://bugzilla.suse.com/show_bug.cgi?id=1234887
  * https://bugzilla.suse.com/show_bug.cgi?id=1234888
  * https://bugzilla.suse.com/show_bug.cgi?id=1234893
  * https://bugzilla.suse.com/show_bug.cgi?id=1234898
  * https://bugzilla.suse.com/show_bug.cgi?id=1234901
  * https://bugzilla.suse.com/show_bug.cgi?id=1234906
  * https://bugzilla.suse.com/show_bug.cgi?id=1234923
  * https://bugzilla.suse.com/show_bug.cgi?id=1234931
  * https://bugzilla.suse.com/show_bug.cgi?id=1234934
  * https://bugzilla.suse.com/show_bug.cgi?id=1234947
  * https://bugzilla.suse.com/show_bug.cgi?id=1234957
  * https://bugzilla.suse.com/show_bug.cgi?id=1235000
  * https://bugzilla.suse.com/show_bug.cgi?id=1235001
  * https://bugzilla.suse.com/show_bug.cgi?id=1235011
  * https://bugzilla.suse.com/show_bug.cgi?id=1235031
  * https://bugzilla.suse.com/show_bug.cgi?id=1235032
  * https://bugzilla.suse.com/show_bug.cgi?id=1235035
  * https://bugzilla.suse.com/show_bug.cgi?id=1235037
  * https://bugzilla.suse.com/show_bug.cgi?id=1235038
  * https://bugzilla.suse.com/show_bug.cgi?id=1235039
  * https://bugzilla.suse.com/show_bug.cgi?id=1235040
  * https://bugzilla.suse.com/show_bug.cgi?id=1235042
  * https://bugzilla.suse.com/show_bug.cgi?id=1235043
  * https://bugzilla.suse.com/show_bug.cgi?id=1235046
  * https://bugzilla.suse.com/show_bug.cgi?id=1235050
  * https://bugzilla.suse.com/show_bug.cgi?id=1235051
  * https://bugzilla.suse.com/show_bug.cgi?id=1235053
  * https://bugzilla.suse.com/show_bug.cgi?id=1235054
  * https://bugzilla.suse.com/show_bug.cgi?id=1235057
  * https://bugzilla.suse.com/show_bug.cgi?id=1235059
  * https://bugzilla.suse.com/show_bug.cgi?id=1235065
  * https://bugzilla.suse.com/show_bug.cgi?id=1235070
  * https://bugzilla.suse.com/show_bug.cgi?id=1235073
  * https://bugzilla.suse.com/show_bug.cgi?id=1235100
  * https://bugzilla.suse.com/show_bug.cgi?id=1235112
  * https://bugzilla.suse.com/show_bug.cgi?id=1235115
  * https://bugzilla.suse.com/show_bug.cgi?id=1235117
  * https://bugzilla.suse.com/show_bug.cgi?id=1235122
  * https://bugzilla.suse.com/show_bug.cgi?id=1235123
  * https://bugzilla.suse.com/show_bug.cgi?id=1235125
  * https://bugzilla.suse.com/show_bug.cgi?id=1235132
  * https://bugzilla.suse.com/show_bug.cgi?id=1235133
  * https://bugzilla.suse.com/show_bug.cgi?id=1235155
  * https://bugzilla.suse.com/show_bug.cgi?id=1235160
  * https://bugzilla.suse.com/show_bug.cgi?id=1235217
  * https://bugzilla.suse.com/show_bug.cgi?id=1235219
  * https://bugzilla.suse.com/show_bug.cgi?id=1235220
  * https://bugzilla.suse.com/show_bug.cgi?id=1235222
  * https://bugzilla.suse.com/show_bug.cgi?id=1235223
  * https://bugzilla.suse.com/show_bug.cgi?id=1235224
  * https://bugzilla.suse.com/show_bug.cgi?id=1235227
  * https://bugzilla.suse.com/show_bug.cgi?id=1235230
  * https://bugzilla.suse.com/show_bug.cgi?id=1235241
  * https://bugzilla.suse.com/show_bug.cgi?id=1235244
  * https://bugzilla.suse.com/show_bug.cgi?id=1235249
  * https://bugzilla.suse.com/show_bug.cgi?id=1235251
  * https://bugzilla.suse.com/show_bug.cgi?id=1235252
  * https://bugzilla.suse.com/show_bug.cgi?id=1235389
  * https://bugzilla.suse.com/show_bug.cgi?id=1235390
  * https://bugzilla.suse.com/show_bug.cgi?id=1235391
  * https://bugzilla.suse.com/show_bug.cgi?id=1235406
  * https://bugzilla.suse.com/show_bug.cgi?id=1235410
  * https://bugzilla.suse.com/show_bug.cgi?id=1235412
  * https://bugzilla.suse.com/show_bug.cgi?id=1235413
  * https://bugzilla.suse.com/show_bug.cgi?id=1235415
  * https://bugzilla.suse.com/show_bug.cgi?id=1235416
  * https://bugzilla.suse.com/show_bug.cgi?id=1235417
  * https://bugzilla.suse.com/show_bug.cgi?id=1235418
  * https://bugzilla.suse.com/show_bug.cgi?id=1235423
  * https://bugzilla.suse.com/show_bug.cgi?id=1235424
  * https://bugzilla.suse.com/show_bug.cgi?id=1235425
  * https://bugzilla.suse.com/show_bug.cgi?id=1235426
  * https://bugzilla.suse.com/show_bug.cgi?id=1235427
  * https://bugzilla.suse.com/show_bug.cgi?id=1235428
  * https://bugzilla.suse.com/show_bug.cgi?id=1235429
  * https://bugzilla.suse.com/show_bug.cgi?id=1235430
  * https://bugzilla.suse.com/show_bug.cgi?id=1235433
  * https://bugzilla.suse.com/show_bug.cgi?id=1235437
  * https://bugzilla.suse.com/show_bug.cgi?id=1235439
  * https://bugzilla.suse.com/show_bug.cgi?id=1235441
  * https://bugzilla.suse.com/show_bug.cgi?id=1235444
  * https://bugzilla.suse.com/show_bug.cgi?id=1235445
  * https://bugzilla.suse.com/show_bug.cgi?id=1235449
  * https://bugzilla.suse.com/show_bug.cgi?id=1235451
  * https://bugzilla.suse.com/show_bug.cgi?id=1235454
  * https://bugzilla.suse.com/show_bug.cgi?id=1235458
  * https://bugzilla.suse.com/show_bug.cgi?id=1235459
  * https://bugzilla.suse.com/show_bug.cgi?id=1235464
  * https://bugzilla.suse.com/show_bug.cgi?id=1235466
  * https://bugzilla.suse.com/show_bug.cgi?id=1235473
  * https://bugzilla.suse.com/show_bug.cgi?id=1235479
  * https://bugzilla.suse.com/show_bug.cgi?id=1235480
  * https://bugzilla.suse.com/show_bug.cgi?id=1235483
  * https://bugzilla.suse.com/show_bug.cgi?id=1235486
  * https://bugzilla.suse.com/show_bug.cgi?id=1235487
  * https://bugzilla.suse.com/show_bug.cgi?id=1235488
  * https://bugzilla.suse.com/show_bug.cgi?id=1235489
  * https://bugzilla.suse.com/show_bug.cgi?id=1235491
  * https://bugzilla.suse.com/show_bug.cgi?id=1235494
  * https://bugzilla.suse.com/show_bug.cgi?id=1235495
  * https://bugzilla.suse.com/show_bug.cgi?id=1235496
  * https://bugzilla.suse.com/show_bug.cgi?id=1235497
  * https://bugzilla.suse.com/show_bug.cgi?id=1235498
  * https://bugzilla.suse.com/show_bug.cgi?id=1235500
  * https://bugzilla.suse.com/show_bug.cgi?id=1235502
  * https://bugzilla.suse.com/show_bug.cgi?id=1235503
  * https://bugzilla.suse.com/show_bug.cgi?id=1235519
  * https://bugzilla.suse.com/show_bug.cgi?id=1235520
  * https://bugzilla.suse.com/show_bug.cgi?id=1235521
  * https://bugzilla.suse.com/show_bug.cgi?id=1235523
  * https://bugzilla.suse.com/show_bug.cgi?id=1235526
  * https://bugzilla.suse.com/show_bug.cgi?id=1235528
  * https://bugzilla.suse.com/show_bug.cgi?id=1235532
  * https://bugzilla.suse.com/show_bug.cgi?id=1235533
  * https://bugzilla.suse.com/show_bug.cgi?id=1235534
  * https://bugzilla.suse.com/show_bug.cgi?id=1235537
  * https://bugzilla.suse.com/show_bug.cgi?id=1235538
  * https://bugzilla.suse.com/show_bug.cgi?id=1235545
  * https://bugzilla.suse.com/show_bug.cgi?id=1235552
  * https://bugzilla.suse.com/show_bug.cgi?id=1235555
  * https://bugzilla.suse.com/show_bug.cgi?id=1235557
  * https://bugzilla.suse.com/show_bug.cgi?id=1235563
  * https://bugzilla.suse.com/show_bug.cgi?id=1235564
  * https://bugzilla.suse.com/show_bug.cgi?id=1235565
  * https://bugzilla.suse.com/show_bug.cgi?id=1235568
  * https://bugzilla.suse.com/show_bug.cgi?id=1235570
  * https://bugzilla.suse.com/show_bug.cgi?id=1235571
  * https://bugzilla.suse.com/show_bug.cgi?id=1235577
  * https://bugzilla.suse.com/show_bug.cgi?id=1235578
  * https://bugzilla.suse.com/show_bug.cgi?id=1235582
  * https://bugzilla.suse.com/show_bug.cgi?id=1235583
  * https://bugzilla.suse.com/show_bug.cgi?id=1235584
  * https://bugzilla.suse.com/show_bug.cgi?id=1235587
  * https://bugzilla.suse.com/show_bug.cgi?id=1235611
  * https://bugzilla.suse.com/show_bug.cgi?id=1235612
  * https://bugzilla.suse.com/show_bug.cgi?id=1235616
  * https://bugzilla.suse.com/show_bug.cgi?id=1235622
  * https://bugzilla.suse.com/show_bug.cgi?id=1235627
  * https://bugzilla.suse.com/show_bug.cgi?id=1235632
  * https://bugzilla.suse.com/show_bug.cgi?id=1235635
  * https://bugzilla.suse.com/show_bug.cgi?id=1235638
  * https://bugzilla.suse.com/show_bug.cgi?id=1235641
  * https://bugzilla.suse.com/show_bug.cgi?id=1235643
  * https://bugzilla.suse.com/show_bug.cgi?id=1235645
  * https://bugzilla.suse.com/show_bug.cgi?id=1235646
  * https://bugzilla.suse.com/show_bug.cgi?id=1235647
  * https://bugzilla.suse.com/show_bug.cgi?id=1235650
  * https://bugzilla.suse.com/show_bug.cgi?id=1235653
  * https://bugzilla.suse.com/show_bug.cgi?id=1235656
  * https://bugzilla.suse.com/show_bug.cgi?id=1235657
  * https://bugzilla.suse.com/show_bug.cgi?id=1235663
  * https://bugzilla.suse.com/show_bug.cgi?id=1235686
  * https://bugzilla.suse.com/show_bug.cgi?id=1235700
  * https://bugzilla.suse.com/show_bug.cgi?id=1235705
  * https://bugzilla.suse.com/show_bug.cgi?id=1235707
  * https://bugzilla.suse.com/show_bug.cgi?id=1235708
  * https://bugzilla.suse.com/show_bug.cgi?id=1235710
  * https://bugzilla.suse.com/show_bug.cgi?id=1235714
  * https://bugzilla.suse.com/show_bug.cgi?id=1235716
  * https://bugzilla.suse.com/show_bug.cgi?id=1235720
  * https://bugzilla.suse.com/show_bug.cgi?id=1235723
  * https://bugzilla.suse.com/show_bug.cgi?id=1235727
  * https://bugzilla.suse.com/show_bug.cgi?id=1235730
  * https://bugzilla.suse.com/show_bug.cgi?id=1235737
  * https://bugzilla.suse.com/show_bug.cgi?id=1235739
  * https://bugzilla.suse.com/show_bug.cgi?id=1235745
  * https://bugzilla.suse.com/show_bug.cgi?id=1235747
  * https://bugzilla.suse.com/show_bug.cgi?id=1235750
  * https://bugzilla.suse.com/show_bug.cgi?id=1235753
  * https://bugzilla.suse.com/show_bug.cgi?id=1235759
  * https://bugzilla.suse.com/show_bug.cgi?id=1235764
  * https://bugzilla.suse.com/show_bug.cgi?id=1235768
  * https://bugzilla.suse.com/show_bug.cgi?id=1235776
  * https://bugzilla.suse.com/show_bug.cgi?id=1235777
  * https://bugzilla.suse.com/show_bug.cgi?id=1235778
  * https://bugzilla.suse.com/show_bug.cgi?id=1235779
  * https://bugzilla.suse.com/show_bug.cgi?id=1235793
  * https://bugzilla.suse.com/show_bug.cgi?id=1235798
  * https://bugzilla.suse.com/show_bug.cgi?id=1235806
  * https://bugzilla.suse.com/show_bug.cgi?id=1235808
  * https://bugzilla.suse.com/show_bug.cgi?id=1235812
  * https://bugzilla.suse.com/show_bug.cgi?id=1235814
  * https://bugzilla.suse.com/show_bug.cgi?id=1235818
  * https://bugzilla.suse.com/show_bug.cgi?id=1235842
  * https://bugzilla.suse.com/show_bug.cgi?id=1235865
  * https://bugzilla.suse.com/show_bug.cgi?id=1235874
  * https://bugzilla.suse.com/show_bug.cgi?id=1235894
  * https://bugzilla.suse.com/show_bug.cgi?id=1235902
  * https://bugzilla.suse.com/show_bug.cgi?id=1235903
  * https://bugzilla.suse.com/show_bug.cgi?id=1235906
  * https://bugzilla.suse.com/show_bug.cgi?id=1235914
  * https://bugzilla.suse.com/show_bug.cgi?id=1235918
  * https://bugzilla.suse.com/show_bug.cgi?id=1235919
  * https://bugzilla.suse.com/show_bug.cgi?id=1235920
  * https://bugzilla.suse.com/show_bug.cgi?id=1235924
  * https://bugzilla.suse.com/show_bug.cgi?id=1235940
  * https://bugzilla.suse.com/show_bug.cgi?id=1235941
  * https://bugzilla.suse.com/show_bug.cgi?id=1235946
  * https://bugzilla.suse.com/show_bug.cgi?id=1235948
  * https://bugzilla.suse.com/show_bug.cgi?id=1235952
  * https://bugzilla.suse.com/show_bug.cgi?id=1235964
  * https://bugzilla.suse.com/show_bug.cgi?id=1235965
  * https://bugzilla.suse.com/show_bug.cgi?id=1235967
  * https://bugzilla.suse.com/show_bug.cgi?id=1235969
  * https://bugzilla.suse.com/show_bug.cgi?id=1235976
  * https://bugzilla.suse.com/show_bug.cgi?id=1235977
  * https://bugzilla.suse.com/show_bug.cgi?id=1236078
  * https://bugzilla.suse.com/show_bug.cgi?id=1236080
  * https://bugzilla.suse.com/show_bug.cgi?id=1236082
  * https://bugzilla.suse.com/show_bug.cgi?id=1236088
  * https://bugzilla.suse.com/show_bug.cgi?id=1236090
  * https://bugzilla.suse.com/show_bug.cgi?id=1236091
  * https://bugzilla.suse.com/show_bug.cgi?id=1236096
  * https://bugzilla.suse.com/show_bug.cgi?id=1236097
  * https://bugzilla.suse.com/show_bug.cgi?id=1236098
  * https://bugzilla.suse.com/show_bug.cgi?id=1236101
  * https://bugzilla.suse.com/show_bug.cgi?id=1236102
  * https://bugzilla.suse.com/show_bug.cgi?id=1236104
  * https://bugzilla.suse.com/show_bug.cgi?id=1236106
  * https://bugzilla.suse.com/show_bug.cgi?id=1236120
  * https://bugzilla.suse.com/show_bug.cgi?id=1236125
  * https://bugzilla.suse.com/show_bug.cgi?id=1236127
  * https://bugzilla.suse.com/show_bug.cgi?id=1236131
  * https://bugzilla.suse.com/show_bug.cgi?id=1236138
  * https://bugzilla.suse.com/show_bug.cgi?id=1236143
  * https://bugzilla.suse.com/show_bug.cgi?id=1236144
  * https://bugzilla.suse.com/show_bug.cgi?id=1236145
  * https://bugzilla.suse.com/show_bug.cgi?id=1236160
  * https://bugzilla.suse.com/show_bug.cgi?id=1236161
  * https://bugzilla.suse.com/show_bug.cgi?id=1236163
  * https://bugzilla.suse.com/show_bug.cgi?id=1236168
  * https://bugzilla.suse.com/show_bug.cgi?id=1236178
  * https://bugzilla.suse.com/show_bug.cgi?id=1236180
  * https://bugzilla.suse.com/show_bug.cgi?id=1236181
  * https://bugzilla.suse.com/show_bug.cgi?id=1236182
  * https://bugzilla.suse.com/show_bug.cgi?id=1236190
  * https://bugzilla.suse.com/show_bug.cgi?id=1236192
  * https://bugzilla.suse.com/show_bug.cgi?id=1236198
  * https://bugzilla.suse.com/show_bug.cgi?id=1236227
  * https://bugzilla.suse.com/show_bug.cgi?id=1236245
  * https://bugzilla.suse.com/show_bug.cgi?id=1236247
  * https://bugzilla.suse.com/show_bug.cgi?id=1236248
  * https://bugzilla.suse.com/show_bug.cgi?id=1236260
  * https://bugzilla.suse.com/show_bug.cgi?id=1236262
  * https://bugzilla.suse.com/show_bug.cgi?id=1236628
  * https://bugzilla.suse.com/show_bug.cgi?id=1236680
  * https://bugzilla.suse.com/show_bug.cgi?id=1236683
  * https://bugzilla.suse.com/show_bug.cgi?id=1236685
  * https://bugzilla.suse.com/show_bug.cgi?id=1236688
  * https://bugzilla.suse.com/show_bug.cgi?id=1236694
  * https://bugzilla.suse.com/show_bug.cgi?id=1236696
  * https://bugzilla.suse.com/show_bug.cgi?id=1236698
  * https://bugzilla.suse.com/show_bug.cgi?id=1236703
  * https://bugzilla.suse.com/show_bug.cgi?id=1236732
  * https://bugzilla.suse.com/show_bug.cgi?id=1236733
  * https://bugzilla.suse.com/show_bug.cgi?id=1236757
  * https://bugzilla.suse.com/show_bug.cgi?id=1236758
  * https://bugzilla.suse.com/show_bug.cgi?id=1236760
  * https://bugzilla.suse.com/show_bug.cgi?id=1236761

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250213/cf376ba3/attachment.htm>

From null at suse.de  Thu Feb 13 16:30:20 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Thu, 13 Feb 2025 16:30:20 -0000
Subject: SUSE-SU-2025:0517-1: important: Security update for the Linux Kernel
Message-ID: <173946422051.13737.9492080938140203187@smelt2.prg2.suse.org>



# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2025:0517-1  
Release Date: 2025-02-13T12:02:02Z  
Rating: important  
References:

  * bsc#1215420
  * bsc#1224763
  * bsc#1231847
  * bsc#1233112
  * bsc#1234025
  * bsc#1235217
  * bsc#1235230
  * bsc#1235249
  * bsc#1235430
  * bsc#1235441
  * bsc#1235466
  * bsc#1235645
  * bsc#1235759
  * bsc#1235814
  * bsc#1235818
  * bsc#1235920
  * bsc#1236104

  
Cross-References:

  * CVE-2023-4244
  * CVE-2023-52923
  * CVE-2024-35863
  * CVE-2024-50199
  * CVE-2024-53104
  * CVE-2024-56600
  * CVE-2024-56601
  * CVE-2024-56623
  * CVE-2024-56650
  * CVE-2024-56658
  * CVE-2024-56664
  * CVE-2024-56759
  * CVE-2024-57791
  * CVE-2024-57798
  * CVE-2024-57849
  * CVE-2024-57893

  
CVSS scores:

  * CVE-2023-4244 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-4244 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-52923 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2023-52923 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-35863 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-35863 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50199 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56600 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56601 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56623 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56623 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56623 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56650 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56650 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56650 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-56658 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56658 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56658 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56664 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56664 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56664 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56759 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57791 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57791 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57798 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57798 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57798 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57849 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57849 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57893 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57893 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.3
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Availability Extension 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise Live Patching 15-SP3
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.2
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 Business Critical Linux
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Manager Proxy 4.2
  * SUSE Manager Retail Branch Server 4.2
  * SUSE Manager Server 4.2

  
  
An update that solves 16 vulnerabilities and has one security fix can now be
installed.

## Description:

The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security
bugfixes.

The following security bugs were fixed:

  * CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break()
    (bsc#1224763).
  * CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unuse_vma (bsc#1233112).
  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1234025).
  * CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in
    inet6_create() (bsc#1235217).
  * CVE-2024-56601: net: inet: do not leave a dangling sk pointer in
    inet_create() (bsc#1235230).
  * CVE-2024-56623: scsi: qla2xxx: Fix use after free on unload (bsc#1235466).
  * CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check()
    (bsc#1235430).
  * CVE-2024-56658: net: defer final 'struct net' free in netns dismantle
    (bsc#1235441).
  * CVE-2024-56664: bpf, sockmap: Fix race between element replace and close()
    (bsc#1235249).
  * CVE-2024-56759: btrfs: fix use-after-free when COWing tree bock and tracing
    is enabled (bsc#1235645).
  * CVE-2024-57791: net/smc: check return value of sock_recvmsg when draining
    clc data (bsc#1235759).
  * CVE-2024-57798: drm/dp_mst: Ensure mst_primary pointer is valid in
    drm_dp_mst_handle_up_req() (bsc#1235818).
  * CVE-2024-57849: s390/cpum_sf: Handle CPU hotplug remove during sampling
    (bsc#1235814).
  * CVE-2024-57893: ALSA: seq: oss: Fix races at processing SysEx messages
    (bsc#1235920).

The following non-security bugs were fixed:

  * NFS: Adjust the amount of readahead performed by NFS readdir (bsc#1231847).
  * NFS: Do not flush the readdir cache in nfs_dentry_iput() (bsc#1231847).
  * NFS: Improve heuristic for readdirplus (bsc#1231847).
  * NFS: Reduce readdir stack usage (bsc#1231847).
  * NFS: Trigger the "ls -l" readdir heuristic sooner (bsc#1231847).
  * NFS: Use kmemdup_nul() in nfs_readdir_make_qstr() (bsc#1231847).

## Special Instructions and Notes:

  * Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro 5.1  
    zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-517=1

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-517=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-517=1

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-517=1

  * SUSE Linux Enterprise Live Patching 15-SP3  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-517=1

  * SUSE Linux Enterprise High Availability Extension 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2025-517=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-517=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-517=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-517=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-517=1

## Package List:

  * SUSE Linux Enterprise Micro 5.1 (aarch64 nosrc s390x x86_64)
    * kernel-default-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
    * kernel-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-base-5.3.18-150300.59.191.1.150300.18.113.1
    * kernel-default-debugsource-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Micro 5.2 (aarch64 nosrc s390x x86_64)
    * kernel-default-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Micro 5.2 (aarch64 x86_64)
    * kernel-default-base-5.3.18-150300.59.191.1.150300.18.113.1
  * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
    * kernel-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-debugsource-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 nosrc s390x x86_64)
    * kernel-default-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 x86_64)
    * kernel-default-base-5.3.18-150300.59.191.1.150300.18.113.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
    * kernel-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-debugsource-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (noarch nosrc)
    * kernel-docs-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (noarch)
    * kernel-devel-5.3.18-150300.59.191.1
    * kernel-source-5.3.18-150300.59.191.1
    * kernel-source-vanilla-5.3.18-150300.59.191.1
    * kernel-macros-5.3.18-150300.59.191.1
    * kernel-docs-html-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (nosrc ppc64le x86_64)
    * kernel-debug-5.3.18-150300.59.191.1
    * kernel-kvmsmall-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (ppc64le x86_64)
    * kernel-kvmsmall-debugsource-5.3.18-150300.59.191.1
    * kernel-kvmsmall-devel-5.3.18-150300.59.191.1
    * kernel-debug-debugsource-5.3.18-150300.59.191.1
    * kernel-debug-devel-5.3.18-150300.59.191.1
    * kernel-kvmsmall-debuginfo-5.3.18-150300.59.191.1
    * kernel-debug-debuginfo-5.3.18-150300.59.191.1
    * kernel-kvmsmall-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-debug-devel-debuginfo-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64)
    * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * cluster-md-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-base-5.3.18-150300.59.191.1.150300.18.113.1
    * kernel-default-livepatch-5.3.18-150300.59.191.1
    * kernel-default-extra-5.3.18-150300.59.191.1
    * kernel-obs-build-5.3.18-150300.59.191.1
    * kernel-obs-qa-5.3.18-150300.59.191.1
    * cluster-md-kmp-default-5.3.18-150300.59.191.1
    * kernel-default-debugsource-5.3.18-150300.59.191.1
    * dlm-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * gfs2-kmp-default-5.3.18-150300.59.191.1
    * kernel-default-optional-debuginfo-5.3.18-150300.59.191.1
    * reiserfs-kmp-default-5.3.18-150300.59.191.1
    * kernel-default-optional-5.3.18-150300.59.191.1
    * kernel-default-base-rebuild-5.3.18-150300.59.191.1.150300.18.113.1
    * kernel-default-devel-5.3.18-150300.59.191.1
    * ocfs2-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * kselftests-kmp-default-5.3.18-150300.59.191.1
    * kernel-default-debuginfo-5.3.18-150300.59.191.1
    * ocfs2-kmp-default-5.3.18-150300.59.191.1
    * kernel-default-devel-debuginfo-5.3.18-150300.59.191.1
    * dlm-kmp-default-5.3.18-150300.59.191.1
    * kernel-default-extra-debuginfo-5.3.18-150300.59.191.1
    * gfs2-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * kselftests-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-syms-5.3.18-150300.59.191.1
    * kernel-obs-build-debugsource-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 nosrc)
    * kernel-default-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP3_Update_53-debugsource-1-150300.7.3.1
    * kernel-livepatch-5_3_18-150300_59_191-default-debuginfo-1-150300.7.3.1
    * kernel-livepatch-5_3_18-150300_59_191-default-1-150300.7.3.1
    * kernel-default-livepatch-devel-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (x86_64)
    * kernel-livepatch-5_3_18-150300_59_191-preempt-1-150300.7.3.1
    * kernel-livepatch-5_3_18-150300_59_191-preempt-debuginfo-1-150300.7.3.1
  * openSUSE Leap 15.3 (aarch64 x86_64)
    * gfs2-kmp-preempt-5.3.18-150300.59.191.1
    * reiserfs-kmp-preempt-5.3.18-150300.59.191.1
    * ocfs2-kmp-preempt-debuginfo-5.3.18-150300.59.191.1
    * kselftests-kmp-preempt-debuginfo-5.3.18-150300.59.191.1
    * reiserfs-kmp-preempt-debuginfo-5.3.18-150300.59.191.1
    * dlm-kmp-preempt-5.3.18-150300.59.191.1
    * kernel-preempt-extra-5.3.18-150300.59.191.1
    * kernel-preempt-optional-5.3.18-150300.59.191.1
    * cluster-md-kmp-preempt-5.3.18-150300.59.191.1
    * kernel-preempt-devel-5.3.18-150300.59.191.1
    * kernel-preempt-extra-debuginfo-5.3.18-150300.59.191.1
    * gfs2-kmp-preempt-debuginfo-5.3.18-150300.59.191.1
    * kernel-preempt-debugsource-5.3.18-150300.59.191.1
    * kernel-preempt-optional-debuginfo-5.3.18-150300.59.191.1
    * ocfs2-kmp-preempt-5.3.18-150300.59.191.1
    * kernel-preempt-devel-debuginfo-5.3.18-150300.59.191.1
    * kselftests-kmp-preempt-5.3.18-150300.59.191.1
    * kernel-preempt-debuginfo-5.3.18-150300.59.191.1
    * dlm-kmp-preempt-debuginfo-5.3.18-150300.59.191.1
    * cluster-md-kmp-preempt-debuginfo-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (aarch64 nosrc x86_64)
    * kernel-preempt-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (nosrc s390x)
    * kernel-zfcpdump-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (s390x)
    * kernel-zfcpdump-debugsource-5.3.18-150300.59.191.1
    * kernel-zfcpdump-debuginfo-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (nosrc)
    * dtb-aarch64-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (aarch64)
    * dtb-arm-5.3.18-150300.59.191.1
    * dtb-sprd-5.3.18-150300.59.191.1
    * kernel-64kb-debuginfo-5.3.18-150300.59.191.1
    * kernel-64kb-devel-debuginfo-5.3.18-150300.59.191.1
    * dtb-zte-5.3.18-150300.59.191.1
    * dtb-broadcom-5.3.18-150300.59.191.1
    * dtb-socionext-5.3.18-150300.59.191.1
    * cluster-md-kmp-64kb-debuginfo-5.3.18-150300.59.191.1
    * gfs2-kmp-64kb-5.3.18-150300.59.191.1
    * dtb-amd-5.3.18-150300.59.191.1
    * cluster-md-kmp-64kb-5.3.18-150300.59.191.1
    * dlm-kmp-64kb-debuginfo-5.3.18-150300.59.191.1
    * dtb-xilinx-5.3.18-150300.59.191.1
    * kernel-64kb-optional-5.3.18-150300.59.191.1
    * kernel-64kb-extra-debuginfo-5.3.18-150300.59.191.1
    * dtb-lg-5.3.18-150300.59.191.1
    * dlm-kmp-64kb-5.3.18-150300.59.191.1
    * reiserfs-kmp-64kb-5.3.18-150300.59.191.1
    * kselftests-kmp-64kb-debuginfo-5.3.18-150300.59.191.1
    * ocfs2-kmp-64kb-debuginfo-5.3.18-150300.59.191.1
    * kernel-64kb-optional-debuginfo-5.3.18-150300.59.191.1
    * dtb-al-5.3.18-150300.59.191.1
    * dtb-exynos-5.3.18-150300.59.191.1
    * dtb-rockchip-5.3.18-150300.59.191.1
    * dtb-amlogic-5.3.18-150300.59.191.1
    * dtb-cavium-5.3.18-150300.59.191.1
    * dtb-qcom-5.3.18-150300.59.191.1
    * dtb-mediatek-5.3.18-150300.59.191.1
    * kernel-64kb-debugsource-5.3.18-150300.59.191.1
    * gfs2-kmp-64kb-debuginfo-5.3.18-150300.59.191.1
    * dtb-marvell-5.3.18-150300.59.191.1
    * dtb-freescale-5.3.18-150300.59.191.1
    * dtb-nvidia-5.3.18-150300.59.191.1
    * dtb-altera-5.3.18-150300.59.191.1
    * dtb-renesas-5.3.18-150300.59.191.1
    * kselftests-kmp-64kb-5.3.18-150300.59.191.1
    * kernel-64kb-devel-5.3.18-150300.59.191.1
    * dtb-hisilicon-5.3.18-150300.59.191.1
    * dtb-apm-5.3.18-150300.59.191.1
    * ocfs2-kmp-64kb-5.3.18-150300.59.191.1
    * dtb-allwinner-5.3.18-150300.59.191.1
    * reiserfs-kmp-64kb-debuginfo-5.3.18-150300.59.191.1
    * kernel-64kb-extra-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (aarch64 nosrc)
    * kernel-64kb-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Live Patching 15-SP3 (nosrc)
    * kernel-default-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64)
    * kernel-livepatch-5_3_18-150300_59_191-default-1-150300.7.3.1
    * kernel-default-debugsource-5.3.18-150300.59.191.1
    * kernel-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-livepatch-5.3.18-150300.59.191.1
    * kernel-default-livepatch-devel-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise High Availability Extension 15 SP3 (aarch64 ppc64le
    s390x x86_64)
    * ocfs2-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * cluster-md-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * cluster-md-kmp-default-5.3.18-150300.59.191.1
    * gfs2-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-debugsource-5.3.18-150300.59.191.1
    * kernel-default-debuginfo-5.3.18-150300.59.191.1
    * ocfs2-kmp-default-5.3.18-150300.59.191.1
    * dlm-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * gfs2-kmp-default-5.3.18-150300.59.191.1
    * dlm-kmp-default-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise High Availability Extension 15 SP3 (nosrc)
    * kernel-default-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 nosrc)
    * kernel-64kb-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64)
    * kernel-64kb-debuginfo-5.3.18-150300.59.191.1
    * kernel-64kb-debugsource-5.3.18-150300.59.191.1
    * kernel-64kb-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-64kb-devel-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 nosrc
    x86_64)
    * kernel-preempt-5.3.18-150300.59.191.1
    * kernel-default-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-obs-build-5.3.18-150300.59.191.1
    * kernel-default-devel-5.3.18-150300.59.191.1
    * kernel-syms-5.3.18-150300.59.191.1
    * reiserfs-kmp-default-5.3.18-150300.59.191.1
    * kernel-preempt-devel-5.3.18-150300.59.191.1
    * kernel-preempt-debugsource-5.3.18-150300.59.191.1
    * kernel-default-debugsource-5.3.18-150300.59.191.1
    * kernel-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-preempt-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-base-5.3.18-150300.59.191.1.150300.18.113.1
    * kernel-preempt-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-obs-build-debugsource-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * kernel-devel-5.3.18-150300.59.191.1
    * kernel-macros-5.3.18-150300.59.191.1
    * kernel-source-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch nosrc)
    * kernel-docs-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 nosrc)
    * kernel-64kb-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64)
    * kernel-64kb-debuginfo-5.3.18-150300.59.191.1
    * kernel-64kb-debugsource-5.3.18-150300.59.191.1
    * kernel-64kb-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-64kb-devel-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64
    nosrc)
    * kernel-default-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-obs-build-5.3.18-150300.59.191.1
    * kernel-default-devel-5.3.18-150300.59.191.1
    * reiserfs-kmp-default-5.3.18-150300.59.191.1
    * kernel-default-debugsource-5.3.18-150300.59.191.1
    * kernel-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-base-5.3.18-150300.59.191.1.150300.18.113.1
    * kernel-syms-5.3.18-150300.59.191.1
    * kernel-default-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-obs-build-debugsource-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * kernel-devel-5.3.18-150300.59.191.1
    * kernel-macros-5.3.18-150300.59.191.1
    * kernel-source-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch nosrc)
    * kernel-docs-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 nosrc x86_64)
    * kernel-preempt-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 x86_64)
    * kernel-preempt-devel-5.3.18-150300.59.191.1
    * kernel-preempt-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-preempt-debugsource-5.3.18-150300.59.191.1
    * kernel-preempt-debuginfo-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (nosrc s390x)
    * kernel-zfcpdump-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (s390x)
    * kernel-zfcpdump-debugsource-5.3.18-150300.59.191.1
    * kernel-zfcpdump-debuginfo-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc ppc64le
    x86_64)
    * kernel-default-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-obs-build-5.3.18-150300.59.191.1
    * kernel-default-devel-5.3.18-150300.59.191.1
    * reiserfs-kmp-default-5.3.18-150300.59.191.1
    * kernel-default-debugsource-5.3.18-150300.59.191.1
    * kernel-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-base-5.3.18-150300.59.191.1.150300.18.113.1
    * kernel-syms-5.3.18-150300.59.191.1
    * kernel-default-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-obs-build-debugsource-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * kernel-devel-5.3.18-150300.59.191.1
    * kernel-macros-5.3.18-150300.59.191.1
    * kernel-source-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch nosrc)
    * kernel-docs-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc x86_64)
    * kernel-preempt-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64)
    * kernel-preempt-devel-5.3.18-150300.59.191.1
    * kernel-preempt-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-preempt-debugsource-5.3.18-150300.59.191.1
    * kernel-preempt-debuginfo-5.3.18-150300.59.191.1
  * SUSE Enterprise Storage 7.1 (aarch64 nosrc)
    * kernel-64kb-5.3.18-150300.59.191.1
  * SUSE Enterprise Storage 7.1 (aarch64)
    * kernel-64kb-debuginfo-5.3.18-150300.59.191.1
    * kernel-64kb-debugsource-5.3.18-150300.59.191.1
    * kernel-64kb-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-64kb-devel-5.3.18-150300.59.191.1
  * SUSE Enterprise Storage 7.1 (aarch64 nosrc x86_64)
    * kernel-preempt-5.3.18-150300.59.191.1
    * kernel-default-5.3.18-150300.59.191.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-obs-build-5.3.18-150300.59.191.1
    * kernel-default-devel-5.3.18-150300.59.191.1
    * kernel-syms-5.3.18-150300.59.191.1
    * reiserfs-kmp-default-5.3.18-150300.59.191.1
    * kernel-preempt-devel-5.3.18-150300.59.191.1
    * kernel-preempt-debugsource-5.3.18-150300.59.191.1
    * kernel-default-debugsource-5.3.18-150300.59.191.1
    * kernel-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-preempt-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-base-5.3.18-150300.59.191.1.150300.18.113.1
    * kernel-preempt-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-obs-build-debugsource-5.3.18-150300.59.191.1
  * SUSE Enterprise Storage 7.1 (noarch)
    * kernel-devel-5.3.18-150300.59.191.1
    * kernel-macros-5.3.18-150300.59.191.1
    * kernel-source-5.3.18-150300.59.191.1
  * SUSE Enterprise Storage 7.1 (noarch nosrc)
    * kernel-docs-5.3.18-150300.59.191.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-4244.html
  * https://www.suse.com/security/cve/CVE-2023-52923.html
  * https://www.suse.com/security/cve/CVE-2024-35863.html
  * https://www.suse.com/security/cve/CVE-2024-50199.html
  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://www.suse.com/security/cve/CVE-2024-56600.html
  * https://www.suse.com/security/cve/CVE-2024-56601.html
  * https://www.suse.com/security/cve/CVE-2024-56623.html
  * https://www.suse.com/security/cve/CVE-2024-56650.html
  * https://www.suse.com/security/cve/CVE-2024-56658.html
  * https://www.suse.com/security/cve/CVE-2024-56664.html
  * https://www.suse.com/security/cve/CVE-2024-56759.html
  * https://www.suse.com/security/cve/CVE-2024-57791.html
  * https://www.suse.com/security/cve/CVE-2024-57798.html
  * https://www.suse.com/security/cve/CVE-2024-57849.html
  * https://www.suse.com/security/cve/CVE-2024-57893.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1215420
  * https://bugzilla.suse.com/show_bug.cgi?id=1224763
  * https://bugzilla.suse.com/show_bug.cgi?id=1231847
  * https://bugzilla.suse.com/show_bug.cgi?id=1233112
  * https://bugzilla.suse.com/show_bug.cgi?id=1234025
  * https://bugzilla.suse.com/show_bug.cgi?id=1235217
  * https://bugzilla.suse.com/show_bug.cgi?id=1235230
  * https://bugzilla.suse.com/show_bug.cgi?id=1235249
  * https://bugzilla.suse.com/show_bug.cgi?id=1235430
  * https://bugzilla.suse.com/show_bug.cgi?id=1235441
  * https://bugzilla.suse.com/show_bug.cgi?id=1235466
  * https://bugzilla.suse.com/show_bug.cgi?id=1235645
  * https://bugzilla.suse.com/show_bug.cgi?id=1235759
  * https://bugzilla.suse.com/show_bug.cgi?id=1235814
  * https://bugzilla.suse.com/show_bug.cgi?id=1235818
  * https://bugzilla.suse.com/show_bug.cgi?id=1235920
  * https://bugzilla.suse.com/show_bug.cgi?id=1236104

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250213/5cdae0c6/attachment.htm>

From null at suse.de  Thu Feb 13 16:30:23 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Thu, 13 Feb 2025 16:30:23 -0000
Subject: SUSE-SU-2025:0516-1: moderate: Security update for qemu
Message-ID: <173946422325.13737.18401371316076059163@smelt2.prg2.suse.org>



# Security update for qemu

Announcement ID: SUSE-SU-2025:0516-1  
Release Date: 2025-02-13T11:59:11Z  
Rating: moderate  
References:

  * bsc#1215192

  
Cross-References:

  * CVE-2023-42467

  
CVSS scores:

  * CVE-2023-42467 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-42467 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * openSUSE Leap 15.5
  * SUSE Linux Enterprise Micro 5.5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for qemu fixes the following issues:

  * CVE-2023-42467: Disallow block sizes smaller than 512 (bsc#1215192).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-516=1

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-516=1

## Package List:

  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * qemu-ui-spice-core-7.1.0-150500.49.30.1
    * qemu-block-curl-7.1.0-150500.49.30.1
    * qemu-guest-agent-7.1.0-150500.49.30.1
    * qemu-chardev-spice-debuginfo-7.1.0-150500.49.30.1
    * qemu-hw-display-virtio-vga-7.1.0-150500.49.30.1
    * qemu-debuginfo-7.1.0-150500.49.30.1
    * qemu-audio-spice-debuginfo-7.1.0-150500.49.30.1
    * qemu-hw-usb-redirect-7.1.0-150500.49.30.1
    * qemu-hw-display-qxl-7.1.0-150500.49.30.1
    * qemu-chardev-spice-7.1.0-150500.49.30.1
    * qemu-ui-opengl-debuginfo-7.1.0-150500.49.30.1
    * qemu-guest-agent-debuginfo-7.1.0-150500.49.30.1
    * qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.30.1
    * qemu-hw-display-virtio-gpu-7.1.0-150500.49.30.1
    * qemu-audio-spice-7.1.0-150500.49.30.1
    * qemu-debugsource-7.1.0-150500.49.30.1
    * qemu-block-curl-debuginfo-7.1.0-150500.49.30.1
    * qemu-tools-7.1.0-150500.49.30.1
    * qemu-ui-spice-core-debuginfo-7.1.0-150500.49.30.1
    * qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.30.1
    * qemu-7.1.0-150500.49.30.1
    * qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.30.1
    * qemu-ui-opengl-7.1.0-150500.49.30.1
    * qemu-tools-debuginfo-7.1.0-150500.49.30.1
    * qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.30.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64)
    * qemu-arm-debuginfo-7.1.0-150500.49.30.1
    * qemu-arm-7.1.0-150500.49.30.1
  * SUSE Linux Enterprise Micro 5.5 (noarch)
    * qemu-vgabios-1.16.0_0_gd239552-150500.49.30.1
    * qemu-SLOF-7.1.0-150500.49.30.1
    * qemu-ipxe-1.0.0+-150500.49.30.1
    * qemu-sgabios-8-150500.49.30.1
    * qemu-seabios-1.16.0_0_gd239552-150500.49.30.1
  * SUSE Linux Enterprise Micro 5.5 (ppc64le)
    * qemu-ppc-debuginfo-7.1.0-150500.49.30.1
    * qemu-ppc-7.1.0-150500.49.30.1
  * SUSE Linux Enterprise Micro 5.5 (s390x)
    * qemu-s390x-7.1.0-150500.49.30.1
    * qemu-s390x-debuginfo-7.1.0-150500.49.30.1
  * SUSE Linux Enterprise Micro 5.5 (x86_64)
    * qemu-accel-tcg-x86-7.1.0-150500.49.30.1
    * qemu-x86-debuginfo-7.1.0-150500.49.30.1
    * qemu-x86-7.1.0-150500.49.30.1
    * qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.30.1
  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
    * qemu-accel-qtest-debuginfo-7.1.0-150500.49.30.1
    * qemu-block-dmg-7.1.0-150500.49.30.1
    * qemu-ksm-7.1.0-150500.49.30.1
    * qemu-ui-spice-core-7.1.0-150500.49.30.1
    * qemu-arm-7.1.0-150500.49.30.1
    * qemu-ivshmem-tools-7.1.0-150500.49.30.1
    * qemu-hw-usb-redirect-7.1.0-150500.49.30.1
    * qemu-vhost-user-gpu-debuginfo-7.1.0-150500.49.30.1
    * qemu-ui-curses-7.1.0-150500.49.30.1
    * qemu-chardev-baum-7.1.0-150500.49.30.1
    * qemu-audio-jack-7.1.0-150500.49.30.1
    * qemu-hw-usb-smartcard-debuginfo-7.1.0-150500.49.30.1
    * qemu-audio-dbus-7.1.0-150500.49.30.1
    * qemu-linux-user-7.1.0-150500.49.30.1
    * qemu-hw-display-virtio-gpu-7.1.0-150500.49.30.1
    * qemu-block-curl-debuginfo-7.1.0-150500.49.30.1
    * qemu-chardev-baum-debuginfo-7.1.0-150500.49.30.1
    * qemu-linux-user-debuginfo-7.1.0-150500.49.30.1
    * qemu-audio-pa-7.1.0-150500.49.30.1
    * qemu-7.1.0-150500.49.30.1
    * qemu-ui-opengl-7.1.0-150500.49.30.1
    * qemu-ui-spice-app-7.1.0-150500.49.30.1
    * qemu-ui-dbus-7.1.0-150500.49.30.1
    * qemu-audio-oss-7.1.0-150500.49.30.1
    * qemu-ui-gtk-7.1.0-150500.49.30.1
    * qemu-hw-s390x-virtio-gpu-ccw-debuginfo-7.1.0-150500.49.30.1
    * qemu-ui-spice-app-debuginfo-7.1.0-150500.49.30.1
    * qemu-chardev-spice-debuginfo-7.1.0-150500.49.30.1
    * qemu-s390x-7.1.0-150500.49.30.1
    * qemu-audio-spice-debuginfo-7.1.0-150500.49.30.1
    * qemu-extra-7.1.0-150500.49.30.1
    * qemu-chardev-spice-7.1.0-150500.49.30.1
    * qemu-guest-agent-debuginfo-7.1.0-150500.49.30.1
    * qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.30.1
    * qemu-block-ssh-7.1.0-150500.49.30.1
    * qemu-tools-7.1.0-150500.49.30.1
    * qemu-ui-spice-core-debuginfo-7.1.0-150500.49.30.1
    * qemu-audio-pa-debuginfo-7.1.0-150500.49.30.1
    * qemu-accel-qtest-7.1.0-150500.49.30.1
    * qemu-audio-alsa-debuginfo-7.1.0-150500.49.30.1
    * qemu-vhost-user-gpu-7.1.0-150500.49.30.1
    * qemu-block-gluster-debuginfo-7.1.0-150500.49.30.1
    * qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.30.1
    * qemu-arm-debuginfo-7.1.0-150500.49.30.1
    * qemu-extra-debuginfo-7.1.0-150500.49.30.1
    * qemu-x86-debuginfo-7.1.0-150500.49.30.1
    * qemu-hw-display-virtio-gpu-pci-7.1.0-150500.49.30.1
    * qemu-ui-gtk-debuginfo-7.1.0-150500.49.30.1
    * qemu-block-gluster-7.1.0-150500.49.30.1
    * qemu-hw-display-virtio-vga-7.1.0-150500.49.30.1
    * qemu-hw-usb-host-7.1.0-150500.49.30.1
    * qemu-ppc-debuginfo-7.1.0-150500.49.30.1
    * qemu-block-iscsi-7.1.0-150500.49.30.1
    * qemu-block-ssh-debuginfo-7.1.0-150500.49.30.1
    * qemu-hw-usb-smartcard-7.1.0-150500.49.30.1
    * qemu-x86-7.1.0-150500.49.30.1
    * qemu-hw-usb-host-debuginfo-7.1.0-150500.49.30.1
    * qemu-block-dmg-debuginfo-7.1.0-150500.49.30.1
    * qemu-audio-spice-7.1.0-150500.49.30.1
    * qemu-linux-user-debugsource-7.1.0-150500.49.30.1
    * qemu-block-iscsi-debuginfo-7.1.0-150500.49.30.1
    * qemu-tools-debuginfo-7.1.0-150500.49.30.1
    * qemu-s390x-debuginfo-7.1.0-150500.49.30.1
    * qemu-headless-7.1.0-150500.49.30.1
    * qemu-ui-curses-debuginfo-7.1.0-150500.49.30.1
    * qemu-audio-jack-debuginfo-7.1.0-150500.49.30.1
    * qemu-block-nfs-7.1.0-150500.49.30.1
    * qemu-block-curl-7.1.0-150500.49.30.1
    * qemu-guest-agent-7.1.0-150500.49.30.1
    * qemu-debuginfo-7.1.0-150500.49.30.1
    * qemu-ppc-7.1.0-150500.49.30.1
    * qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.30.1
    * qemu-hw-display-virtio-gpu-pci-debuginfo-7.1.0-150500.49.30.1
    * qemu-hw-display-qxl-7.1.0-150500.49.30.1
    * qemu-hw-s390x-virtio-gpu-ccw-7.1.0-150500.49.30.1
    * qemu-audio-oss-debuginfo-7.1.0-150500.49.30.1
    * qemu-ivshmem-tools-debuginfo-7.1.0-150500.49.30.1
    * qemu-block-nfs-debuginfo-7.1.0-150500.49.30.1
    * qemu-ui-opengl-debuginfo-7.1.0-150500.49.30.1
    * qemu-audio-alsa-7.1.0-150500.49.30.1
    * qemu-ui-dbus-debuginfo-7.1.0-150500.49.30.1
    * qemu-debugsource-7.1.0-150500.49.30.1
    * qemu-accel-tcg-x86-7.1.0-150500.49.30.1
    * qemu-audio-dbus-debuginfo-7.1.0-150500.49.30.1
    * qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.30.1
    * qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.30.1
  * openSUSE Leap 15.5 (s390x x86_64 i586)
    * qemu-kvm-7.1.0-150500.49.30.1
  * openSUSE Leap 15.5 (noarch)
    * qemu-sgabios-8-150500.49.30.1
    * qemu-microvm-7.1.0-150500.49.30.1
    * qemu-lang-7.1.0-150500.49.30.1
    * qemu-vgabios-1.16.0_0_gd239552-150500.49.30.1
    * qemu-SLOF-7.1.0-150500.49.30.1
    * qemu-skiboot-7.1.0-150500.49.30.1
    * qemu-ipxe-1.0.0+-150500.49.30.1
    * qemu-seabios-1.16.0_0_gd239552-150500.49.30.1
  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
    * qemu-block-rbd-7.1.0-150500.49.30.1
    * qemu-block-rbd-debuginfo-7.1.0-150500.49.30.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-42467.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1215192

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250213/79db0a74/attachment.htm>

From null at suse.de  Thu Feb 13 20:30:06 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Thu, 13 Feb 2025 20:30:06 -0000
Subject: SUSE-SU-2025:0521-1: important: Security update for python312
Message-ID: <173947860602.21757.15745341527373368364@smelt2.prg2.suse.org>



# Security update for python312

Announcement ID: SUSE-SU-2025:0521-1  
Release Date: 2025-02-13T16:11:53Z  
Rating: important  
References:

  * bsc#1228165
  * bsc#1234290
  * bsc#1236705

  
Cross-References:

  * CVE-2024-12254
  * CVE-2025-0938

  
CVSS scores:

  * CVE-2024-12254 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2024-12254 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-12254 ( NVD ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2024-12254 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-0938 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N
  * CVE-2025-0938 ( SUSE ):  4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
  * CVE-2025-0938 ( NVD ):  6.3
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

  
Affected Products:

  * openSUSE Leap 15.6
  * Python 3 Module 15-SP6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves two vulnerabilities and has one security fix can now be
installed.

## Description:

This update for python312 fixes the following issues:

  * CVE-2025-0938: Functions `urllib.parse.urlsplit` and `urlparse` accept
    domain names including square brackets (bsc#1236705).
  * CVE-2024-12254: Unbounded memory buffering in
    SelectorSocketTransport.writelines() (bsc#1234290).

Other bugfixes:

  * Position of SUSE Python interpreters on Externally managed environments
    (bsc#1228165).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-521=1 openSUSE-SLE-15.6-2025-521=1

  * Python 3 Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2025-521=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * libpython3_12-1_0-debuginfo-3.12.9-150600.3.18.1
    * python312-tk-3.12.9-150600.3.18.1
    * python312-curses-3.12.9-150600.3.18.1
    * python312-debugsource-3.12.9-150600.3.18.1
    * python312-idle-3.12.9-150600.3.18.1
    * python312-base-3.12.9-150600.3.18.1
    * python312-doc-devhelp-3.12.9-150600.3.18.1
    * python312-tk-debuginfo-3.12.9-150600.3.18.1
    * python312-debuginfo-3.12.9-150600.3.18.1
    * libpython3_12-1_0-3.12.9-150600.3.18.1
    * python312-base-debuginfo-3.12.9-150600.3.18.1
    * python312-testsuite-3.12.9-150600.3.18.1
    * python312-testsuite-debuginfo-3.12.9-150600.3.18.1
    * python312-dbm-3.12.9-150600.3.18.1
    * python312-curses-debuginfo-3.12.9-150600.3.18.1
    * python312-doc-3.12.9-150600.3.18.1
    * python312-3.12.9-150600.3.18.1
    * python312-devel-3.12.9-150600.3.18.1
    * python312-dbm-debuginfo-3.12.9-150600.3.18.1
    * python312-core-debugsource-3.12.9-150600.3.18.1
    * python312-tools-3.12.9-150600.3.18.1
  * openSUSE Leap 15.6 (x86_64)
    * python312-32bit-3.12.9-150600.3.18.1
    * python312-base-32bit-3.12.9-150600.3.18.1
    * libpython3_12-1_0-32bit-debuginfo-3.12.9-150600.3.18.1
    * python312-base-32bit-debuginfo-3.12.9-150600.3.18.1
    * libpython3_12-1_0-32bit-3.12.9-150600.3.18.1
    * python312-32bit-debuginfo-3.12.9-150600.3.18.1
  * openSUSE Leap 15.6 (aarch64_ilp32)
    * python312-base-64bit-debuginfo-3.12.9-150600.3.18.1
    * libpython3_12-1_0-64bit-debuginfo-3.12.9-150600.3.18.1
    * python312-64bit-3.12.9-150600.3.18.1
    * libpython3_12-1_0-64bit-3.12.9-150600.3.18.1
    * python312-64bit-debuginfo-3.12.9-150600.3.18.1
    * python312-base-64bit-3.12.9-150600.3.18.1
  * Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * libpython3_12-1_0-debuginfo-3.12.9-150600.3.18.1
    * python312-3.12.9-150600.3.18.1
    * python312-devel-3.12.9-150600.3.18.1
    * python312-idle-3.12.9-150600.3.18.1
    * python312-dbm-debuginfo-3.12.9-150600.3.18.1
    * python312-curses-3.12.9-150600.3.18.1
    * python312-tk-3.12.9-150600.3.18.1
    * python312-tk-debuginfo-3.12.9-150600.3.18.1
    * python312-debugsource-3.12.9-150600.3.18.1
    * libpython3_12-1_0-3.12.9-150600.3.18.1
    * python312-base-debuginfo-3.12.9-150600.3.18.1
    * python312-base-3.12.9-150600.3.18.1
    * python312-debuginfo-3.12.9-150600.3.18.1
    * python312-core-debugsource-3.12.9-150600.3.18.1
    * python312-tools-3.12.9-150600.3.18.1
    * python312-dbm-3.12.9-150600.3.18.1
    * python312-curses-debuginfo-3.12.9-150600.3.18.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-12254.html
  * https://www.suse.com/security/cve/CVE-2025-0938.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1228165
  * https://bugzilla.suse.com/show_bug.cgi?id=1234290
  * https://bugzilla.suse.com/show_bug.cgi?id=1236705

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250213/0507df85/attachment.htm>

From null at suse.de  Fri Feb 14 08:30:11 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 14 Feb 2025 08:30:11 -0000
Subject: SUSE-SU-2025:0546-1: moderate: Security update
 golang-github-prometheus-prometheus
Message-ID: <173952181124.21560.6313162177320129115@smelt2.prg2.suse.org>



# Security update golang-github-prometheus-prometheus

Announcement ID: SUSE-SU-2025:0546-1  
Release Date: 2025-02-14T07:24:45Z  
Rating: moderate  
References:

  * bsc#1232970
  * jsc#MSQA-914
  * jsc#PED-11649

  
Cross-References:

  * CVE-2024-51744

  
CVSS scores:

  * CVE-2024-51744 ( SUSE ):  2.1
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-51744 ( SUSE ):  3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
  * CVE-2024-51744 ( NVD ):  3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

  
Affected Products:

  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Manager Proxy 4.3
  * SUSE Manager Proxy 4.3 Module
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Package Hub 15 15-SP6

  
  
An update that solves one vulnerability and contains two features can now be
installed.

## Description:

golang-github-prometheus-prometheus was updated from version 2.45.6 to 2.53.3
(jsc#PED-11649):

  * Security issues fixed:
  * CVE-2024-51744: Updated golang-jwt to version 5.0 to fix bad error handling
    (bsc#1232970)

  * Highlights of other changes:

  * Performance:
    * Significant enhancements to PromQL execution speed, TSDB operations (especially querying and compaction) and remote write operations.
    * Default GOGC value lowered to 75 for better memory management. 
    * Option to limit memory usage from dropped targets added.
  * New Features:
    * Experimental OpenTelemetry ingestion.
    * Automatic memory limit handling.
    * Native histogram support, including new functions, UI enhancements, and improved scraping.
    * Improved alerting features, such as relabeling rules for AlertmanagerConfig and a new query_offset option.
    * Expanded service discovery options with added metadata and support for new services.
    * New promtool commands for PromQL formatting, label manipulation, metric pushing, and OpenMetrics dumping.
  * Bug Fixes:
    * Numerous fixes across scraping, API, TSDB, PromQL, and service discovery.
  * For a detailed list of changes consult the package changelog or
    https://github.com/prometheus/prometheus/compare/v2.45.6...v2.53.3

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-546=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-546=1

  * SUSE Manager Proxy 4.3 Module  
    zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.3-2025-546=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * firewalld-prometheus-config-0.1-150100.4.23.1
    * golang-github-prometheus-prometheus-2.53.3-150100.4.23.1
  * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64)
    * golang-github-prometheus-prometheus-2.53.3-150100.4.23.1
  * SUSE Manager Proxy 4.3 Module (aarch64 ppc64le s390x x86_64)
    * golang-github-prometheus-prometheus-2.53.3-150100.4.23.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-51744.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1232970
  * https://jira.suse.com/browse/MSQA-914
  * https://jira.suse.com/browse/PED-11649

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250214/01a17b5d/attachment.htm>

From null at suse.de  Fri Feb 14 08:30:16 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 14 Feb 2025 08:30:16 -0000
Subject: SUSE-SU-2025:0545-1: moderate: Security update for grafana
Message-ID: <173952181695.21560.15535622824250159195@smelt2.prg2.suse.org>



# Security update for grafana

Announcement ID: SUSE-SU-2025:0545-1  
Release Date: 2025-02-14T07:24:23Z  
Rating: moderate  
References:

  * bsc#1212641
  * bsc#1219912
  * bsc#1231024
  * bsc#1234554
  * bsc#1236301
  * jsc#MSQA-914
  * jsc#PED-11591
  * jsc#PED-11649

  
Cross-References:

  * CVE-2023-3128
  * CVE-2023-6152
  * CVE-2024-45337
  * CVE-2024-6837
  * CVE-2024-8118

  
CVSS scores:

  * CVE-2023-3128 ( SUSE ):  9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
  * CVE-2023-3128 ( NVD ):  9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
  * CVE-2023-3128 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-6152 ( SUSE ):  5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
  * CVE-2023-6152 ( NVD ):  5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
  * CVE-2023-6152 ( NVD ):  5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
  * CVE-2024-45337 ( SUSE ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45337 ( NVD ):  9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
  * CVE-2024-6837 ( SUSE ):  5.3
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-6837 ( SUSE ):  5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
  * CVE-2024-8118 ( SUSE ):  4.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
  * CVE-2024-8118 ( NVD ):  5.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

  
Affected Products:

  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Package Hub 15 15-SP6

  
  
An update that solves five vulnerabilities and contains three features can now
be installed.

## Description:

This update for grafana fixes the following issues:

grafana was updated from version 9.5.18 to 10.4.13
(jsc#PED-11591,jsc#PED-11649):

  * Security issues fixed:
  * CVE-2024-45337: Prevent possible misuse of ServerConfig.PublicKeyCallback by
    upgrading golang.org/x/crypto (bsc#1234554)
  * CVE-2023-3128: Fixed authentication bypass using Azure AD OAuth
    (bsc#1212641)
  * CVE-2023-6152: Add email verification when updating user email (bsc#1219912)
  * CVE-2024-6837: Fixed potential data source permission escalation
    (bsc#1236301)
  * CVE-2024-8118: Fixed permission on external alerting rule write endpoint
    (bsc#1231024)

  * Potential breaking changes in version 10:

  * In panels using the `extract fields` transformation, where one of the
    extracted names collides with one of the already existing ields, the
    extracted field will be renamed.
  * For the existing backend mode users who have table visualization might see
    some inconsistencies on their panels. We have updated the table column
    naming. This will potentially affect field transformations and/or field
    overrides. To resolve this either: update transformation or field override.
  * For the existing backend mode users who have Transformations with the `time`
    field, might see their transformations are not working. Those panels that
    have broken transformations will fail to render. This is because we changed
    the field key. To resolve this either: Remove the affected panel and re-
    create it; Select the `Time` field again; Edit the `time` field as `Time`
    for transformation in `panel.json` or `dashboard.json`
  * The following data source permission endpoints have been removed: `GET
    /datasources/:datasourceId/permissions` `POST
    /api/datasources/:datasourceId/permissions` `DELETE
    /datasources/:datasourceId/permissions` `POST
    /datasources/:datasourceId/enable-permissions` `POST
    /datasources/:datasourceId/disable-permissions`
    * Please use the following endpoints instead: `GET /api/access-control/datasources/:uid` for listing data source permissions `POST /api/access-control/datasources/:uid/users/:id`, `POST /api/access-control/datasources/:uid/teams/:id` and `POST /api/access-control/datasources/:uid/buildInRoles/:id` for adding or removing data source permissions
  * If you are using Terraform Grafana provider to manage data source
    permissions, you will need to upgrade your provider.
  * For the existing backend mode users who have table visualization might see
    some inconsistencies on their panels. We have updated the table column
    naming. This will potentially affect field transformations and/or field
    overrides.
  * The deprecated `/playlists/{uid}/dashboards` API endpoint has been removed.
    Dashboard information can be retrieved from the `/dashboard/...` APIs.
  * The `PUT /api/folders/:uid` endpoint no more supports modifying the folder's
    `UID`
  * Removed all components for the old panel header design.
  * Please review https://grafana.com/docs/grafana/next/breaking-
    changes/breaking-changes-v10-3/ for more details
  * OAuth role mapping enforcement: This change impacts GitHub, Gitlab, Okta,
    and Generic OAuth. To avoid overriding manually set roles, enable the
    skip_org_role_sync option in the Grafana configuration for your OAuth
    provider before upgrading
  * Angular has been deprecated
  * Grafana legacy alerting has been deprecated
  * API keys are migrating to service accounts
  * The experimental &#8220;dashboard previews&#8221; feature is removed
  * Usernames are now case-insensitive by default
  * Grafana OAuth integrations do not work anymore with email lookups
  * The &#8220;Alias&#8221; field in the CloudWatch data source is removed
  * Athena data source plugin must be updated to version &gt;=2.9.3
  * Redshift data source plugin must be updated to version &gt;=1.8.3
  * DoiT International BigQuery plugin no longer supported
  * Please review https://grafana.com/docs/grafana/next/breaking-
    changes/breaking-changes-v10-0 for more details

  * This update brings many new features, enhancements and fixes highlighted at:

  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-4/
  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-3/
  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-2/
  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-1/
  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-0/

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-545=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-545=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * grafana-10.4.13-150200.3.59.1
    * grafana-debuginfo-10.4.13-150200.3.59.1
  * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64)
    * grafana-10.4.13-150200.3.59.1
    * grafana-debuginfo-10.4.13-150200.3.59.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-3128.html
  * https://www.suse.com/security/cve/CVE-2023-6152.html
  * https://www.suse.com/security/cve/CVE-2024-45337.html
  * https://www.suse.com/security/cve/CVE-2024-6837.html
  * https://www.suse.com/security/cve/CVE-2024-8118.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1212641
  * https://bugzilla.suse.com/show_bug.cgi?id=1219912
  * https://bugzilla.suse.com/show_bug.cgi?id=1231024
  * https://bugzilla.suse.com/show_bug.cgi?id=1234554
  * https://bugzilla.suse.com/show_bug.cgi?id=1236301
  * https://jira.suse.com/browse/MSQA-914
  * https://jira.suse.com/browse/PED-11591
  * https://jira.suse.com/browse/PED-11649

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250214/7dc2a28a/attachment.htm>

From null at suse.de  Fri Feb 14 08:31:13 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 14 Feb 2025 08:31:13 -0000
Subject: SUSE-SU-2025:0532-1: moderate: Security update for SUSE Manager
 Client Tools
Message-ID: <173952187359.21560.8518772759875033045@smelt2.prg2.suse.org>



# Security update for SUSE Manager Client Tools

Announcement ID: SUSE-SU-2025:0532-1  
Release Date: 2025-02-14T07:20:13Z  
Rating: moderate  
References:

  * bsc#1229079
  * bsc#1229104
  * bsc#1230361
  * bsc#1231497
  * bsc#1231568
  * bsc#1231759
  * bsc#1232575
  * bsc#1232769
  * bsc#1232817
  * bsc#1233202
  * bsc#1233279
  * bsc#1233630
  * bsc#1233660
  * bsc#1234123
  * jsc#ECO-3319
  * jsc#MSQA-914

  
Cross-References:

  * CVE-2024-22037

  
CVSS scores:

  * CVE-2024-22037 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L
  * CVE-2024-22037 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-22037 ( NVD ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2024-22037 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

  
Affected Products:

  * SUSE Manager Client Tools for RHEL, Liberty and Clones 9

  
  
An update that solves one vulnerability, contains two features and has 13
security fixes can now be installed.

## Description:

This update fixes the following issues:

scap-security-guide was updated to version 0.1.75 (jsc#ECO-3319):

  * Added Ism profile for OL8, OL9
  * Added new product kylinserver10
  * Created OL10 product
  * Release SLMicro5 product
  * Replaced two date injections by SOURCE_DATE_EPOCH to make reproducible
    (bsc#1230361)
  * Updated PCI-DSS control file for version 4.0.1

spacecmd was updated to version 5.0.11-0:

  * Updated translation strings

uyuni-tools was updated from version 0.1.23-0 to 0.1.27-0:

  * Security issues fixed:
  * CVE-2024-22037: Use podman secret to store the database credentials
    (bsc#1231497)
  * Other changes and bugs fixed:
  * Version 0.1.27-0
    * Bump the default image tag to 5.0.3
    * IsInstalled function fix
    * Run systemctl daemon-reload after changing the container image config (bsc#1233279)
    * Coco-replicas-upgrade
    * Persist search server indexes (bsc#1231759)
    * Sync deletes files during migration (bsc#1233660)
    * Ignore coco and hub images when applying PTF if they are not ailable (bsc#1229079)
    * Add --registry back to mgrpxy (bsc#1233202)
    * Only add java.hostname on migrated server if not present
    * Consider the configuration file to detect the coco or hub api images should be pulled (bsc#1229104)
    * Only raise an error if cloudguestregistryauth fails for PAYG (bsc#1233630)
    * Add registry.suse.com login to mgradm upgrade podman list (bsc#1234123)
  * Version 0.1.26-0
    * Ignore all zypper caches during migration (bsc#1232769)
    * Use the uyuni network for all podman containers (bsc#1232817)
  * Version 0.1.25-0
    * Don't migrate enabled systemd services, recreate them (bsc#1232575)
  * Version 0.1.24-0
    * Redact JSESSIONID and pxt-session-cookie values from logs and console output (bsc#1231568)

## Special Instructions and Notes:

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Manager Client Tools for RHEL, Liberty and Clones 9  
    zypper in -t patch SUSE-EL-9-CLIENT-TOOLS-2025-532=1

## Package List:

  * SUSE Manager Client Tools for RHEL, Liberty and Clones 9 (aarch64 ppc64le
    s390x x86_64)
    * mgrctl-0.1.28-1.14.1
    * mgrctl-debuginfo-0.1.28-1.14.1
  * SUSE Manager Client Tools for RHEL, Liberty and Clones 9 (noarch)
    * mgrctl-zsh-completion-0.1.28-1.14.1
    * scap-security-guide-redhat-0.1.75-1.32.1
    * spacecmd-5.0.11-1.44.1
    * mgrctl-bash-completion-0.1.28-1.14.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-22037.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1229079
  * https://bugzilla.suse.com/show_bug.cgi?id=1229104
  * https://bugzilla.suse.com/show_bug.cgi?id=1230361
  * https://bugzilla.suse.com/show_bug.cgi?id=1231497
  * https://bugzilla.suse.com/show_bug.cgi?id=1231568
  * https://bugzilla.suse.com/show_bug.cgi?id=1231759
  * https://bugzilla.suse.com/show_bug.cgi?id=1232575
  * https://bugzilla.suse.com/show_bug.cgi?id=1232769
  * https://bugzilla.suse.com/show_bug.cgi?id=1232817
  * https://bugzilla.suse.com/show_bug.cgi?id=1233202
  * https://bugzilla.suse.com/show_bug.cgi?id=1233279
  * https://bugzilla.suse.com/show_bug.cgi?id=1233630
  * https://bugzilla.suse.com/show_bug.cgi?id=1233660
  * https://bugzilla.suse.com/show_bug.cgi?id=1234123
  * https://jira.suse.com/browse/ECO-3319
  * https://jira.suse.com/browse/MSQA-914

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250214/dfc3a0d1/attachment.htm>

From null at suse.de  Fri Feb 14 08:31:24 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 14 Feb 2025 08:31:24 -0000
Subject: SUSE-SU-2025:0529-1: moderate: Security update for SUSE Manager
 Client Tools MU 5.0.3
Message-ID: <173952188425.21560.4703585097997805467@smelt2.prg2.suse.org>



# Security update for SUSE Manager Client Tools MU 5.0.3

Announcement ID: SUSE-SU-2025:0529-1  
Release Date: 2025-02-14T07:19:47Z  
Rating: moderate  
References:

  * bsc#1229079
  * bsc#1229104
  * bsc#1231497
  * bsc#1231568
  * bsc#1231759
  * bsc#1232575
  * bsc#1232769
  * bsc#1232817
  * bsc#1233202
  * bsc#1233279
  * bsc#1233630
  * bsc#1233660
  * bsc#1234123
  * jsc#MSQA-914

  
Cross-References:

  * CVE-2024-22037

  
CVSS scores:

  * CVE-2024-22037 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L
  * CVE-2024-22037 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-22037 ( NVD ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2024-22037 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

  
Affected Products:

  * SUSE Manager Client Tools for Debian 12

  
  
An update that solves one vulnerability, contains one feature and has 12
security fixes can now be installed.

## Description:

This update fixes the following issues:

spacecmd was updated to version 5.0.11-0:

  * Updated translation strings

uyuni-tools was updated from version 0.1.23-0 to 0.1.27-0:

  * Security issues fixed:
  * CVE-2024-22037: Use podman secret to store the database credentials
    (bsc#1231497)
  * Other changes and bugs fixed:
  * Version 0.1.27-0
    * Bump the default image tag to 5.0.3
    * IsInstalled function fix
    * Run systemctl daemon-reload after changing the container image config (bsc#1233279)
    * Coco-replicas-upgrade
    * Persist search server indexes (bsc#1231759)
    * Sync deletes files during migration (bsc#1233660)
    * Ignore coco and hub images when applying PTF if they are not ailable (bsc#1229079)
    * Add --registry back to mgrpxy (bsc#1233202)
    * Only add java.hostname on migrated server if not present
    * Consider the configuration file to detect the coco or hub api images should be pulled (bsc#1229104)
    * Only raise an error if cloudguestregistryauth fails for PAYG (bsc#1233630)
    * Add registry.suse.com login to mgradm upgrade podman list (bsc#1234123)
  * Version 0.1.26-0
    * Ignore all zypper caches during migration (bsc#1232769)
    * Use the uyuni network for all podman containers (bsc#1232817)
  * Version 0.1.25-0
    * Don't migrate enabled systemd services, recreate them (bsc#1232575)
  * Version 0.1.24-0
    * Redact JSESSIONID and pxt-session-cookie values from logs and console output (bsc#1231568)

## Special Instructions and Notes:

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Manager Client Tools for Debian 12  
    zypper in -t patch SUSE-Debian-12-CLIENT-TOOLS-x86_64-2025-529=1

## Package List:

  * SUSE Manager Client Tools for Debian 12 (all)
    * mgrctl-fish-completion-0.1.28-2.16.1
    * mgrctl-bash-completion-0.1.28-2.16.1
    * spacecmd-5.0.11-3.26.1
    * mgrctl-zsh-completion-0.1.28-2.16.1
  * SUSE Manager Client Tools for Debian 12 (amd64)
    * mgrctl-0.1.28-2.16.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-22037.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1229079
  * https://bugzilla.suse.com/show_bug.cgi?id=1229104
  * https://bugzilla.suse.com/show_bug.cgi?id=1231497
  * https://bugzilla.suse.com/show_bug.cgi?id=1231568
  * https://bugzilla.suse.com/show_bug.cgi?id=1231759
  * https://bugzilla.suse.com/show_bug.cgi?id=1232575
  * https://bugzilla.suse.com/show_bug.cgi?id=1232769
  * https://bugzilla.suse.com/show_bug.cgi?id=1232817
  * https://bugzilla.suse.com/show_bug.cgi?id=1233202
  * https://bugzilla.suse.com/show_bug.cgi?id=1233279
  * https://bugzilla.suse.com/show_bug.cgi?id=1233630
  * https://bugzilla.suse.com/show_bug.cgi?id=1233660
  * https://bugzilla.suse.com/show_bug.cgi?id=1234123
  * https://jira.suse.com/browse/MSQA-914

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250214/76afef92/attachment.htm>

From null at suse.de  Fri Feb 14 08:31:37 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 14 Feb 2025 08:31:37 -0000
Subject: SUSE-SU-202501:15288-1: moderate: Security update for SUSE Manager
 Client Tools
Message-ID: <173952189721.21560.2096135588352940062@smelt2.prg2.suse.org>



# Security update for SUSE Manager Client Tools

Announcement ID: SUSE-SU-202501:15288-1  
Release Date: 2025-02-14T07:19:41Z  
Rating: moderate  
References:

  * bsc#1229079
  * bsc#1229104
  * bsc#1231497
  * bsc#1231568
  * bsc#1231759
  * bsc#1232575
  * bsc#1232769
  * bsc#1232817
  * bsc#1233202
  * bsc#1233279
  * bsc#1233630
  * bsc#1233660
  * bsc#1234123
  * jsc#MSQA-914

  
Cross-References:

  * CVE-2024-22037

  
CVSS scores:

  * CVE-2024-22037 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L
  * CVE-2024-22037 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-22037 ( NVD ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2024-22037 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

  
Affected Products:

  * SUSE Manager Client Tools for Ubuntu 24.04 2404

  
  
An update that solves one vulnerability, contains one feature and has 12
security fixes can now be installed.

## Description:

This update fixes the following issues:

spacecmd was updated to version 5.0.11-0:

  * Updated translation strings

uyuni-tools was updated from version 0.1.23-0 to 0.1.27-0:

  * Security issues fixed:
  * CVE-2024-22037: Use podman secret to store the database credentials
    (bsc#1231497)
  * Other changes and bugs fixed:
  * Version 0.1.27-0
    * Bump the default image tag to 5.0.3
    * IsInstalled function fix
    * Run systemctl daemon-reload after changing the container image config (bsc#1233279)
    * Coco-replicas-upgrade
    * Persist search server indexes (bsc#1231759)
    * Sync deletes files during migration (bsc#1233660)
    * Ignore coco and hub images when applying PTF if they are not ailable (bsc#1229079)
    * Add --registry back to mgrpxy (bsc#1233202)
    * Only add java.hostname on migrated server if not present
    * Consider the configuration file to detect the coco or hub api images should be pulled (bsc#1229104)
    * Only raise an error if cloudguestregistryauth fails for PAYG (bsc#1233630)
    * Add registry.suse.com login to mgradm upgrade podman list (bsc#1234123)
  * Version 0.1.26-0
    * Ignore all zypper caches during migration (bsc#1232769)
    * Use the uyuni network for all podman containers (bsc#1232817)
  * Version 0.1.25-0
    * Don't migrate enabled systemd services, recreate them (bsc#1232575)
  * Version 0.1.24-0
    * Redact JSESSIONID and pxt-session-cookie values from logs and console output (bsc#1231568)

## Special Instructions and Notes:

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Manager Client Tools for Ubuntu 24.04 2404  
    zypper in -t patch suse-ubu244ct-client-tools-202501-15288=1

## Package List:

  * SUSE Manager Client Tools for Ubuntu 24.04 2404 (all)
    * mgrctl-bash-completion-0.1.28-2.6.2
    * mgrctl-fish-completion-0.1.28-2.6.2
    * spacecmd-5.0.11-2.6.1
    * mgrctl-zsh-completion-0.1.28-2.6.2
  * SUSE Manager Client Tools for Ubuntu 24.04 2404 (amd64)
    * mgrctl-0.1.28-2.6.2

## References:

  * https://www.suse.com/security/cve/CVE-2024-22037.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1229079
  * https://bugzilla.suse.com/show_bug.cgi?id=1229104
  * https://bugzilla.suse.com/show_bug.cgi?id=1231497
  * https://bugzilla.suse.com/show_bug.cgi?id=1231568
  * https://bugzilla.suse.com/show_bug.cgi?id=1231759
  * https://bugzilla.suse.com/show_bug.cgi?id=1232575
  * https://bugzilla.suse.com/show_bug.cgi?id=1232769
  * https://bugzilla.suse.com/show_bug.cgi?id=1232817
  * https://bugzilla.suse.com/show_bug.cgi?id=1233202
  * https://bugzilla.suse.com/show_bug.cgi?id=1233279
  * https://bugzilla.suse.com/show_bug.cgi?id=1233630
  * https://bugzilla.suse.com/show_bug.cgi?id=1233660
  * https://bugzilla.suse.com/show_bug.cgi?id=1234123
  * https://jira.suse.com/browse/MSQA-914

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250214/a2c5c8f1/attachment.htm>

From null at suse.de  Fri Feb 14 08:31:49 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 14 Feb 2025 08:31:49 -0000
Subject: SUSE-SU-202501:15287-1: moderate: Security update for SUSE Manager
 Client Tools
Message-ID: <173952190919.21560.7051247187453925034@smelt2.prg2.suse.org>



# Security update for SUSE Manager Client Tools

Announcement ID: SUSE-SU-202501:15287-1  
Release Date: 2025-02-14T07:19:35Z  
Rating: moderate  
References:

  * bsc#1229079
  * bsc#1229104
  * bsc#1230361
  * bsc#1231497
  * bsc#1231568
  * bsc#1231759
  * bsc#1232575
  * bsc#1232769
  * bsc#1232817
  * bsc#1233202
  * bsc#1233279
  * bsc#1233630
  * bsc#1233660
  * bsc#1234123
  * jsc#ECO-3319
  * jsc#MSQA-914

  
Cross-References:

  * CVE-2024-22037

  
CVSS scores:

  * CVE-2024-22037 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L
  * CVE-2024-22037 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-22037 ( NVD ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2024-22037 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

  
Affected Products:

  * SUSE Manager Client Tools for Ubuntu 22.04 2204

  
  
An update that solves one vulnerability, contains two features and has 13
security fixes can now be installed.

## Description:

This update fixes the following issues:

scap-security-guide was updated to version 0.1.75 (jsc#ECO-3319):

  * Added Ism profile for OL8, OL9
  * Added new product kylinserver10
  * Created OL10 product
  * Release SLMicro5 product
  * Replaced two date injections by SOURCE_DATE_EPOCH to make reproducible
    (bsc#1230361)
  * Updated PCI-DSS control file for version 4.0.1

spacecmd was updated to version 5.0.11-0:

  * Updated translation strings

uyuni-tools was updated from version 0.1.23-0 to 0.1.27-0:

  * Security issues fixed:
  * CVE-2024-22037: Use podman secret to store the database credentials
    (bsc#1231497)
  * Other changes and bugs fixed:
  * Version 0.1.27-0
    * Bump the default image tag to 5.0.3
    * IsInstalled function fix
    * Run systemctl daemon-reload after changing the container image config (bsc#1233279)
    * Coco-replicas-upgrade
    * Persist search server indexes (bsc#1231759)
    * Sync deletes files during migration (bsc#1233660)
    * Ignore coco and hub images when applying PTF if they are not ailable (bsc#1229079)
    * Add --registry back to mgrpxy (bsc#1233202)
    * Only add java.hostname on migrated server if not present
    * Consider the configuration file to detect the coco or hub api images should be pulled (bsc#1229104)
    * Only raise an error if cloudguestregistryauth fails for PAYG (bsc#1233630)
    * Add registry.suse.com login to mgradm upgrade podman list (bsc#1234123)
  * Version 0.1.26-0
    * Ignore all zypper caches during migration (bsc#1232769)
    * Use the uyuni network for all podman containers (bsc#1232817)
  * Version 0.1.25-0
    * Don't migrate enabled systemd services, recreate them (bsc#1232575)
  * Version 0.1.24-0
    * Redact JSESSIONID and pxt-session-cookie values from logs and console output (bsc#1231568)

## Special Instructions and Notes:

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Manager Client Tools for Ubuntu 22.04 2204  
    zypper in -t patch suse-ubu224ct-client-tools-202501-15287=1

## Package List:

  * SUSE Manager Client Tools for Ubuntu 22.04 2204 (all)
    * mgrctl-fish-completion-0.1.28-2.16.2
    * mgrctl-bash-completion-0.1.28-2.16.2
    * spacecmd-5.0.11-2.50.2
    * scap-security-guide-ubuntu-0.1.75-2.34.2
    * mgrctl-zsh-completion-0.1.28-2.16.2
  * SUSE Manager Client Tools for Ubuntu 22.04 2204 (amd64)
    * mgrctl-0.1.28-2.16.2

## References:

  * https://www.suse.com/security/cve/CVE-2024-22037.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1229079
  * https://bugzilla.suse.com/show_bug.cgi?id=1229104
  * https://bugzilla.suse.com/show_bug.cgi?id=1230361
  * https://bugzilla.suse.com/show_bug.cgi?id=1231497
  * https://bugzilla.suse.com/show_bug.cgi?id=1231568
  * https://bugzilla.suse.com/show_bug.cgi?id=1231759
  * https://bugzilla.suse.com/show_bug.cgi?id=1232575
  * https://bugzilla.suse.com/show_bug.cgi?id=1232769
  * https://bugzilla.suse.com/show_bug.cgi?id=1232817
  * https://bugzilla.suse.com/show_bug.cgi?id=1233202
  * https://bugzilla.suse.com/show_bug.cgi?id=1233279
  * https://bugzilla.suse.com/show_bug.cgi?id=1233630
  * https://bugzilla.suse.com/show_bug.cgi?id=1233660
  * https://bugzilla.suse.com/show_bug.cgi?id=1234123
  * https://jira.suse.com/browse/ECO-3319
  * https://jira.suse.com/browse/MSQA-914

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250214/98275eee/attachment.htm>

From null at suse.de  Fri Feb 14 08:32:02 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 14 Feb 2025 08:32:02 -0000
Subject: SUSE-SU-202501:15286-1: moderate: Security update for SUSE Manager
 Client Tools
Message-ID: <173952192275.21560.10492723780224912013@smelt2.prg2.suse.org>



# Security update for SUSE Manager Client Tools

Announcement ID: SUSE-SU-202501:15286-1  
Release Date: 2025-02-14T07:19:29Z  
Rating: moderate  
References:

  * bsc#1228182
  * bsc#1228690
  * bsc#1229079
  * bsc#1229104
  * bsc#1230361
  * bsc#1231497
  * bsc#1231568
  * bsc#1231759
  * bsc#1232575
  * bsc#1232769
  * bsc#1232817
  * bsc#1233202
  * bsc#1233279
  * bsc#1233630
  * bsc#1233660
  * bsc#1233667
  * bsc#1234123
  * jsc#ECO-3319
  * jsc#MSQA-914

  
Cross-References:

  * CVE-2024-22037

  
CVSS scores:

  * CVE-2024-22037 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L
  * CVE-2024-22037 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-22037 ( NVD ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2024-22037 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

  
Affected Products:

  * SUSE Manager Client Tools for Ubuntu 20.04 2004

  
  
An update that solves one vulnerability, contains two features and has 16
security fixes can now be installed.

## Description:

This update fixes the following issues:

salt:

  * Build all python bindings for all flavors
  * Fixed the condition of alternatives for Tumbleweed and Leap 16
  * Handle logger exception when flushing already closed file
  * Included passlib as a recommended dependency
  * Make minion reconnecting on changing master IP (bsc#1228182)
  * Make Salt Bundle more tolerant to long running jobs (bsc#1228690)
  * Removed System V init support
  * Reverted setting SELinux context for minion service (bsc#1233667)
  * Use update-alternatives for salt-call and fix builing on EL8

scap-security-guide was updated to version 0.1.75 (jsc#ECO-3319):

  * Added Ism profile for OL8, OL9
  * Added new product kylinserver10
  * Created OL10 product
  * Release SLMicro5 product
  * Replaced two date injections by SOURCE_DATE_EPOCH to make reproducible
    (bsc#1230361)
  * Updated PCI-DSS control file for version 4.0.1

spacecmd was updated to version 5.0.11-0:

  * Updated translation strings

uyuni-tools was updated from version 0.1.23-0 to 0.1.27-0:

  * Security issues fixed:
  * CVE-2024-22037: Use podman secret to store the database credentials
    (bsc#1231497)
  * Other changes and bugs fixed:
  * Version 0.1.27-0
    * Bump the default image tag to 5.0.3
    * IsInstalled function fix
    * Run systemctl daemon-reload after changing the container image config (bsc#1233279)
    * Coco-replicas-upgrade
    * Persist search server indexes (bsc#1231759)
    * Sync deletes files during migration (bsc#1233660)
    * Ignore coco and hub images when applying PTF if they are not ailable (bsc#1229079)
    * Add --registry back to mgrpxy (bsc#1233202)
    * Only add java.hostname on migrated server if not present
    * Consider the configuration file to detect the coco or hub api images should be pulled (bsc#1229104)
    * Only raise an error if cloudguestregistryauth fails for PAYG (bsc#1233630)
    * Add registry.suse.com login to mgradm upgrade podman list (bsc#1234123)
  * Version 0.1.26-0
    * Ignore all zypper caches during migration (bsc#1232769)
    * Use the uyuni network for all podman containers (bsc#1232817)
  * Version 0.1.25-0
    * Don't migrate enabled systemd services, recreate them (bsc#1232575)
  * Version 0.1.24-0
    * Redact JSESSIONID and pxt-session-cookie values from logs and console output (bsc#1231568)

## Special Instructions and Notes:

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Manager Client Tools for Ubuntu 20.04 2004  
    zypper in -t patch suse-ubu204ct-client-tools-202501-15286=1

## Package List:

  * SUSE Manager Client Tools for Ubuntu 20.04 2004 (all)
    * scap-security-guide-ubuntu-0.1.75-2.55.2
    * salt-common-3006.0+ds-1+2.134.2
    * mgrctl-bash-completion-0.1.28-2.16.2
    * mgrctl-fish-completion-0.1.28-2.16.2
    * spacecmd-5.0.11-2.95.2
    * salt-minion-3006.0+ds-1+2.134.2
    * mgrctl-zsh-completion-0.1.28-2.16.2
  * SUSE Manager Client Tools for Ubuntu 20.04 2004 (amd64)
    * mgrctl-0.1.28-2.16.2

## References:

  * https://www.suse.com/security/cve/CVE-2024-22037.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1228182
  * https://bugzilla.suse.com/show_bug.cgi?id=1228690
  * https://bugzilla.suse.com/show_bug.cgi?id=1229079
  * https://bugzilla.suse.com/show_bug.cgi?id=1229104
  * https://bugzilla.suse.com/show_bug.cgi?id=1230361
  * https://bugzilla.suse.com/show_bug.cgi?id=1231497
  * https://bugzilla.suse.com/show_bug.cgi?id=1231568
  * https://bugzilla.suse.com/show_bug.cgi?id=1231759
  * https://bugzilla.suse.com/show_bug.cgi?id=1232575
  * https://bugzilla.suse.com/show_bug.cgi?id=1232769
  * https://bugzilla.suse.com/show_bug.cgi?id=1232817
  * https://bugzilla.suse.com/show_bug.cgi?id=1233202
  * https://bugzilla.suse.com/show_bug.cgi?id=1233279
  * https://bugzilla.suse.com/show_bug.cgi?id=1233630
  * https://bugzilla.suse.com/show_bug.cgi?id=1233660
  * https://bugzilla.suse.com/show_bug.cgi?id=1233667
  * https://bugzilla.suse.com/show_bug.cgi?id=1234123
  * https://jira.suse.com/browse/ECO-3319
  * https://jira.suse.com/browse/MSQA-914

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250214/37207f81/attachment.htm>

From null at suse.de  Fri Feb 14 08:32:18 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 14 Feb 2025 08:32:18 -0000
Subject: SUSE-SU-2025:0525-1: moderate: Security update for SUSE Manager
 Client Tools
Message-ID: <173952193809.21560.15589941998011405184@smelt2.prg2.suse.org>



# Security update for SUSE Manager Client Tools

Announcement ID: SUSE-SU-2025:0525-1  
Release Date: 2025-02-14T07:19:20Z  
Rating: moderate  
References:

  * bsc#1212641
  * bsc#1219912
  * bsc#1229079
  * bsc#1229104
  * bsc#1231024
  * bsc#1231497
  * bsc#1231568
  * bsc#1231759
  * bsc#1232575
  * bsc#1232769
  * bsc#1232817
  * bsc#1232970
  * bsc#1233202
  * bsc#1233279
  * bsc#1233630
  * bsc#1233660
  * bsc#1234123
  * bsc#1234554
  * bsc#1235145
  * bsc#1236301
  * jsc#MSQA-914
  * jsc#PED-11591
  * jsc#PED-11649
  * jsc#SUMA-314

  
Cross-References:

  * CVE-2023-3128
  * CVE-2023-6152
  * CVE-2024-22037
  * CVE-2024-45337
  * CVE-2024-51744
  * CVE-2024-6837
  * CVE-2024-8118

  
CVSS scores:

  * CVE-2023-3128 ( SUSE ):  9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
  * CVE-2023-3128 ( NVD ):  9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
  * CVE-2023-3128 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-6152 ( SUSE ):  5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
  * CVE-2023-6152 ( NVD ):  5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
  * CVE-2023-6152 ( NVD ):  5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
  * CVE-2024-22037 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L
  * CVE-2024-22037 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-22037 ( NVD ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2024-22037 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-45337 ( SUSE ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45337 ( NVD ):  9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
  * CVE-2024-51744 ( SUSE ):  2.1
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-51744 ( SUSE ):  3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
  * CVE-2024-51744 ( NVD ):  3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
  * CVE-2024-6837 ( SUSE ):  5.3
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-6837 ( SUSE ):  5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
  * CVE-2024-8118 ( SUSE ):  4.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
  * CVE-2024-8118 ( NVD ):  5.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.3
  * openSUSE Leap 15.4
  * openSUSE Leap 15.5
  * openSUSE Leap 15.6
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise Desktop 15
  * SUSE Linux Enterprise Desktop 15 SP1
  * SUSE Linux Enterprise Desktop 15 SP2
  * SUSE Linux Enterprise Desktop 15 SP3
  * SUSE Linux Enterprise Desktop 15 SP4
  * SUSE Linux Enterprise Desktop 15 SP5
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15
  * SUSE Linux Enterprise High Performance Computing 15 SP1
  * SUSE Linux Enterprise High Performance Computing 15 SP2
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.0
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP1
  * SUSE Linux Enterprise Real Time 15 SP2
  * SUSE Linux Enterprise Real Time 15 SP3
  * SUSE Linux Enterprise Real Time 15 SP4
  * SUSE Linux Enterprise Real Time 15 SP5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15
  * SUSE Linux Enterprise Server 15 SP1
  * SUSE Linux Enterprise Server 15 SP2
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15
  * SUSE Linux Enterprise Server for SAP Applications 15 SP1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Manager Client Tools for SLE 15
  * SUSE Manager Client Tools for SLE Micro 5
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3
  * SUSE Package Hub 15 15-SP6

  
  
An update that solves seven vulnerabilities, contains four features and has 13
security fixes can now be installed.

## Description:

This update fixes the following issues:

dracut-saltboot was updated to version 0.1.1728559936.c16d4fb:

  * Added MAC based terminal naming option (jsc#SUMA-314)

golang-github-prometheus-prometheus was updated from version 2.45.6 to 2.53.3
(jsc#PED-11649):

  * Security issues fixed:
  * CVE-2024-51744: Updated golang-jwt to version 5.0 to fix bad error handling
    (bsc#1232970)

  * Highlights of other changes:

  * Performance:
    * Significant enhancements to PromQL execution speed, TSDB operations (especially querying and compaction) and remote write operations.
    * Default GOGC value lowered to 75 for better memory management. 
    * Option to limit memory usage from dropped targets added.
  * New Features:
    * Experimental OpenTelemetry ingestion.
    * Automatic memory limit handling.
    * Native histogram support, including new functions, UI enhancements, and improved scraping.
    * Improved alerting features, such as relabeling rules for AlertmanagerConfig and a new query_offset option.
    * Expanded service discovery options with added metadata and support for new services.
    * New promtool commands for PromQL formatting, label manipulation, metric pushing, and OpenMetrics dumping.
  * Bug Fixes:
    * Numerous fixes across scraping, API, TSDB, PromQL, and service discovery.
  * For a detailed list of changes consult the package changelog or
    https://github.com/prometheus/prometheus/compare/v2.45.6...v2.53.3

grafana was updated from version 9.5.18 to 10.4.13
(jsc#PED-11591,jsc#PED-11649):

  * Security issues fixed:
  * CVE-2024-45337: Prevent possible misuse of ServerConfig.PublicKeyCallback by
    upgrading golang.org/x/crypto (bsc#1234554)
  * CVE-2023-3128: Fixed authentication bypass using Azure AD OAuth
    (bsc#1212641)
  * CVE-2023-6152: Add email verification when updating user email (bsc#1219912)
  * CVE-2024-6837: Fixed potential data source permission escalation
    (bsc#1236301)
  * CVE-2024-8118: Fixed permission on external alerting rule write endpoint
    (bsc#1231024)

  * Potential breaking changes in version 10:

  * In panels using the `extract fields` transformation, where one of the
    extracted names collides with one of the already existing ields, the
    extracted field will be renamed.
  * For the existing backend mode users who have table visualization might see
    some inconsistencies on their panels. We have updated the table column
    naming. This will potentially affect field transformations and/or field
    overrides. To resolve this either: update transformation or field override.
  * For the existing backend mode users who have Transformations with the `time`
    field, might see their transformations are not working. Those panels that
    have broken transformations will fail to render. This is because we changed
    the field key. To resolve this either: Remove the affected panel and re-
    create it; Select the `Time` field again; Edit the `time` field as `Time`
    for transformation in `panel.json` or `dashboard.json`
  * The following data source permission endpoints have been removed: `GET
    /datasources/:datasourceId/permissions` `POST
    /api/datasources/:datasourceId/permissions` `DELETE
    /datasources/:datasourceId/permissions` `POST
    /datasources/:datasourceId/enable-permissions` `POST
    /datasources/:datasourceId/disable-permissions`
    * Please use the following endpoints instead: `GET /api/access-control/datasources/:uid` for listing data source permissions `POST /api/access-control/datasources/:uid/users/:id`, `POST /api/access-control/datasources/:uid/teams/:id` and `POST /api/access-control/datasources/:uid/buildInRoles/:id` for adding or removing data source permissions
  * If you are using Terraform Grafana provider to manage data source
    permissions, you will need to upgrade your provider.
  * For the existing backend mode users who have table visualization might see
    some inconsistencies on their panels. We have updated the table column
    naming. This will potentially affect field transformations and/or field
    overrides.
  * The deprecated `/playlists/{uid}/dashboards` API endpoint has been removed.
    Dashboard information can be retrieved from the `/dashboard/...` APIs.
  * The `PUT /api/folders/:uid` endpoint no more supports modifying the folder's
    `UID`
  * Removed all components for the old panel header design.
  * Please review https://grafana.com/docs/grafana/next/breaking-
    changes/breaking-changes-v10-3/ for more details
  * OAuth role mapping enforcement: This change impacts GitHub, Gitlab, Okta,
    and Generic OAuth. To avoid overriding manually set roles, enable the
    skip_org_role_sync option in the Grafana configuration for your OAuth
    provider before upgrading
  * Angular has been deprecated
  * Grafana legacy alerting has been deprecated
  * API keys are migrating to service accounts
  * The experimental ?dashboard previews? feature is removed
  * Usernames are now case-insensitive by default
  * Grafana OAuth integrations do not work anymore with email lookups
  * The ?Alias? field in the CloudWatch data source is removed
  * Athena data source plugin must be updated to version >=2.9.3
  * Redshift data source plugin must be updated to version >=1.8.3
  * DoiT International BigQuery plugin no longer supported
  * Please review https://grafana.com/docs/grafana/next/breaking-
    changes/breaking-changes-v10-0 for more details

  * This update brings many new features, enhancements and fixes highlighted at:

  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-4/
  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-3/
  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-2/
  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-1/
  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-0/:

spacecmd was updated to version 5.0.11-0:

  * Updated translation strings

supportutils-plugin-salt was updated to version 1.2.3:

  * Adjusted requirements for plugin to allow compatibility with supportutils
    3.2.9 release (bsc#1235145)
  * Provide backwards-compatible scripts version

supportutils-plugin-susemanager-client was updated to version 5.0.4-0:

  * Adjusted requirements for plugin to allow compatibility with supportutils
    3.2.9 release (bsc#1235145)

uyuni-tools was updated from version 0.1.23-0 to 0.1.27-0:

  * Security issues fixed:
  * CVE-2024-22037: Use podman secret to store the database credentials
    (bsc#1231497)
  * Other changes and bugs fixed:
  * Version 0.1.27-0
    * Bump the default image tag to 5.0.3
    * IsInstalled function fix
    * Run systemctl daemon-reload after changing the container image config (bsc#1233279)
    * Coco-replicas-upgrade
    * Persist search server indexes (bsc#1231759)
    * Sync deletes files during migration (bsc#1233660)
    * Ignore coco and hub images when applying PTF if they are not ailable (bsc#1229079)
    * Add --registry back to mgrpxy (bsc#1233202)
    * Only add java.hostname on migrated server if not present
    * Consider the configuration file to detect the coco or hub api images should be pulled (bsc#1229104)
    * Only raise an error if cloudguestregistryauth fails for PAYG (bsc#1233630)
    * Add registry.suse.com login to mgradm upgrade podman list (bsc#1234123)
  * Version 0.1.26-0
    * Ignore all zypper caches during migration (bsc#1232769)
    * Use the uyuni network for all podman containers (bsc#1232817)
  * Version 0.1.25-0
    * Don't migrate enabled systemd services, recreate them (bsc#1232575)
  * Version 0.1.24-0
    * Redact JSESSIONID and pxt-session-cookie values from logs and console output (bsc#1231568)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-525=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-525=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-525=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-525=1

  * SUSE Manager Client Tools for SLE 15  
    zypper in -t patch SUSE-SLE-Manager-Tools-15-2025-525=1

  * SUSE Manager Client Tools for SLE Micro 5  
    zypper in -t patch SUSE-SLE-Manager-Tools-For-Micro-5-2025-525=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-525=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-525=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-525=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-525=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-525=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-525=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-525=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-525=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-525=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-525=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-525=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-525=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-525=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-525=1

## Package List:

  * SUSE Manager Retail Branch Server 4.3 (noarch)
    * supportutils-plugin-salt-1.2.3-150000.3.16.1
  * SUSE Manager Server 4.3 (noarch)
    * supportutils-plugin-salt-1.2.3-150000.3.16.1
  * SUSE Enterprise Storage 7.1 (noarch)
    * supportutils-plugin-salt-1.2.3-150000.3.16.1
  * openSUSE Leap 15.6 (noarch)
    * supportutils-plugin-salt-1.2.3-150000.3.16.1
    * dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1
    * supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1
    * spacecmd-5.0.11-150000.3.130.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * golang-github-prometheus-promu-0.17.0-150000.3.24.1
  * SUSE Manager Client Tools for SLE 15 (noarch)
    * mgrctl-lang-0.1.28-150000.1.16.1
    * mgrctl-bash-completion-0.1.28-150000.1.16.1
    * dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1
    * mgrctl-zsh-completion-0.1.28-150000.1.16.1
    * supportutils-plugin-salt-1.2.3-150000.3.16.1
    * spacecmd-5.0.11-150000.3.130.1
    * supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1
  * SUSE Manager Client Tools for SLE 15 (aarch64 ppc64le s390x x86_64)
    * grafana-debuginfo-10.4.13-150000.1.66.1
    * grafana-10.4.13-150000.1.66.1
    * golang-github-prometheus-prometheus-2.53.3-150000.3.59.1
    * mgrctl-debuginfo-0.1.28-150000.1.16.1
    * mgrctl-0.1.28-150000.1.16.1
    * firewalld-prometheus-config-0.1-150000.3.59.1
  * SUSE Manager Client Tools for SLE Micro 5 (noarch)
    * mgrctl-lang-0.1.28-150000.1.16.1
    * dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1
    * mgrctl-zsh-completion-0.1.28-150000.1.16.1
    * mgrctl-bash-completion-0.1.28-150000.1.16.1
  * SUSE Manager Client Tools for SLE Micro 5 (aarch64 s390x x86_64)
    * mgrctl-debuginfo-0.1.28-150000.1.16.1
    * mgrctl-0.1.28-150000.1.16.1
  * Basesystem Module 15-SP6 (noarch)
    * supportutils-plugin-salt-1.2.3-150000.3.16.1
  * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64)
    * golang-github-prometheus-promu-0.17.0-150000.3.24.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * supportutils-plugin-salt-1.2.3-150000.3.16.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * supportutils-plugin-salt-1.2.3-150000.3.16.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * supportutils-plugin-salt-1.2.3-150000.3.16.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * supportutils-plugin-salt-1.2.3-150000.3.16.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * supportutils-plugin-salt-1.2.3-150000.3.16.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * supportutils-plugin-salt-1.2.3-150000.3.16.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * supportutils-plugin-salt-1.2.3-150000.3.16.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * supportutils-plugin-salt-1.2.3-150000.3.16.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * supportutils-plugin-salt-1.2.3-150000.3.16.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * supportutils-plugin-salt-1.2.3-150000.3.16.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * supportutils-plugin-salt-1.2.3-150000.3.16.1
  * SUSE Manager Proxy 4.3 (noarch)
    * supportutils-plugin-salt-1.2.3-150000.3.16.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-3128.html
  * https://www.suse.com/security/cve/CVE-2023-6152.html
  * https://www.suse.com/security/cve/CVE-2024-22037.html
  * https://www.suse.com/security/cve/CVE-2024-45337.html
  * https://www.suse.com/security/cve/CVE-2024-51744.html
  * https://www.suse.com/security/cve/CVE-2024-6837.html
  * https://www.suse.com/security/cve/CVE-2024-8118.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1212641
  * https://bugzilla.suse.com/show_bug.cgi?id=1219912
  * https://bugzilla.suse.com/show_bug.cgi?id=1229079
  * https://bugzilla.suse.com/show_bug.cgi?id=1229104
  * https://bugzilla.suse.com/show_bug.cgi?id=1231024
  * https://bugzilla.suse.com/show_bug.cgi?id=1231497
  * https://bugzilla.suse.com/show_bug.cgi?id=1231568
  * https://bugzilla.suse.com/show_bug.cgi?id=1231759
  * https://bugzilla.suse.com/show_bug.cgi?id=1232575
  * https://bugzilla.suse.com/show_bug.cgi?id=1232769
  * https://bugzilla.suse.com/show_bug.cgi?id=1232817
  * https://bugzilla.suse.com/show_bug.cgi?id=1232970
  * https://bugzilla.suse.com/show_bug.cgi?id=1233202
  * https://bugzilla.suse.com/show_bug.cgi?id=1233279
  * https://bugzilla.suse.com/show_bug.cgi?id=1233630
  * https://bugzilla.suse.com/show_bug.cgi?id=1233660
  * https://bugzilla.suse.com/show_bug.cgi?id=1234123
  * https://bugzilla.suse.com/show_bug.cgi?id=1234554
  * https://bugzilla.suse.com/show_bug.cgi?id=1235145
  * https://bugzilla.suse.com/show_bug.cgi?id=1236301
  * https://jira.suse.com/browse/MSQA-914
  * https://jira.suse.com/browse/PED-11591
  * https://jira.suse.com/browse/PED-11649
  * https://jira.suse.com/browse/SUMA-314

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250214/bf71268a/attachment.htm>

From null at suse.de  Fri Feb 14 08:32:34 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 14 Feb 2025 08:32:34 -0000
Subject: SUSE-SU-2025:0524-1: moderate: Security update for SUSE Manager
 Client Tools
Message-ID: <173952195440.21560.17280984625865060890@smelt2.prg2.suse.org>



# Security update for SUSE Manager Client Tools

Announcement ID: SUSE-SU-2025:0524-1  
Release Date: 2025-02-14T07:16:37Z  
Rating: moderate  
References:

  * bsc#1212641
  * bsc#1219912
  * bsc#1229079
  * bsc#1229104
  * bsc#1231024
  * bsc#1231497
  * bsc#1231568
  * bsc#1231759
  * bsc#1232575
  * bsc#1232769
  * bsc#1232817
  * bsc#1232970
  * bsc#1233202
  * bsc#1233279
  * bsc#1233630
  * bsc#1233660
  * bsc#1234123
  * bsc#1234554
  * bsc#1235145
  * bsc#1236301
  * jsc#MSQA-914
  * jsc#PED-11591
  * jsc#PED-11649

  
Cross-References:

  * CVE-2023-3128
  * CVE-2023-6152
  * CVE-2024-22037
  * CVE-2024-45337
  * CVE-2024-51744
  * CVE-2024-6837
  * CVE-2024-8118

  
CVSS scores:

  * CVE-2023-3128 ( SUSE ):  9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
  * CVE-2023-3128 ( NVD ):  9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
  * CVE-2023-3128 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-6152 ( SUSE ):  5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
  * CVE-2023-6152 ( NVD ):  5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
  * CVE-2023-6152 ( NVD ):  5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
  * CVE-2024-22037 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L
  * CVE-2024-22037 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-22037 ( NVD ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2024-22037 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-45337 ( SUSE ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45337 ( NVD ):  9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
  * CVE-2024-51744 ( SUSE ):  2.1
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-51744 ( SUSE ):  3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
  * CVE-2024-51744 ( NVD ):  3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
  * CVE-2024-6837 ( SUSE ):  5.3
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-6837 ( SUSE ):  5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
  * CVE-2024-8118 ( SUSE ):  4.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
  * CVE-2024-8118 ( NVD ):  5.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

  
Affected Products:

  * SUSE Linux Enterprise Desktop 12
  * SUSE Linux Enterprise Desktop 12 SP1
  * SUSE Linux Enterprise Desktop 12 SP2
  * SUSE Linux Enterprise Desktop 12 SP3
  * SUSE Linux Enterprise Desktop 12 SP4
  * SUSE Linux Enterprise High Performance Computing 12 SP2
  * SUSE Linux Enterprise High Performance Computing 12 SP3
  * SUSE Linux Enterprise High Performance Computing 12 SP4
  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12
  * SUSE Linux Enterprise Server 12 SP1
  * SUSE Linux Enterprise Server 12 SP2
  * SUSE Linux Enterprise Server 12 SP3
  * SUSE Linux Enterprise Server 12 SP4
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server for SAP Applications 12
  * SUSE Linux Enterprise Server for SAP Applications 12 SP1
  * SUSE Linux Enterprise Server for SAP Applications 12 SP2
  * SUSE Linux Enterprise Server for SAP Applications 12 SP3
  * SUSE Linux Enterprise Server for SAP Applications 12 SP4
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5
  * SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2
  * SUSE Manager Client Tools for SLE 12

  
  
An update that solves seven vulnerabilities, contains three features and has 13
security fixes can now be installed.

## Description:

This update fixes the following issues:

golang-github-prometheus-prometheus was updated from version 2.45.6 to 2.53.3
(jsc#PED-11649):

  * Security issues fixed:
  * CVE-2024-51744: Updated golang-jwt to version 5.0 to fix bad error handling
    (bsc#1232970)

  * Highlights of other changes:

  * Performance:
    * Significant enhancements to PromQL execution speed, TSDB operations (especially querying and compaction) and remote write operations.
    * Default GOGC value lowered to 75 for better memory management. 
    * Option to limit memory usage from dropped targets added.
  * New Features:
    * Experimental OpenTelemetry ingestion.
    * Automatic memory limit handling.
    * Native histogram support, including new functions, UI enhancements, and improved scraping.
    * Improved alerting features, such as relabeling rules for AlertmanagerConfig and a new query_offset option.
    * Expanded service discovery options with added metadata and support for new services.
    * New promtool commands for PromQL formatting, label manipulation, metric pushing, and OpenMetrics dumping.
  * Bug Fixes:
    * Numerous fixes across scraping, API, TSDB, PromQL, and service discovery.
  * For a detailed list of changes consult the package changelog or
    https://github.com/prometheus/prometheus/compare/v2.45.6...v2.53.3

golang-github-prometheus-promu was updated to version 0.17.0:

  * Added codesign utility function

grafana was updated from version 9.5.18 to 10.4.13
(jsc#PED-11591,jsc#PED-11649):

  * Security issues fixed:
  * CVE-2024-45337: Prevent possible misuse of ServerConfig.PublicKeyCallback by
    upgrading golang.org/x/crypto (bsc#1234554)
  * CVE-2023-3128: Fixed authentication bypass using Azure AD OAuth
    (bsc#1212641)
  * CVE-2023-6152: Add email verification when updating user email (bsc#1219912)
  * CVE-2024-6837: Fixed potential data source permission escalation
    (bsc#1236301)
  * CVE-2024-8118: Fixed permission on external alerting rule write endpoint
    (bsc#1231024)

  * Potential breaking changes in version 10:

  * In panels using the `extract fields` transformation, where one of the
    extracted names collides with one of the already existing ields, the
    extracted field will be renamed.
  * For the existing backend mode users who have table visualization might see
    some inconsistencies on their panels. We have updated the table column
    naming. This will potentially affect field transformations and/or field
    overrides. To resolve this either: update transformation or field override.
  * For the existing backend mode users who have Transformations with the `time`
    field, might see their transformations are not working. Those panels that
    have broken transformations will fail to render. This is because we changed
    the field key. To resolve this either: Remove the affected panel and re-
    create it; Select the `Time` field again; Edit the `time` field as `Time`
    for transformation in `panel.json` or `dashboard.json`
  * The following data source permission endpoints have been removed: `GET
    /datasources/:datasourceId/permissions` `POST
    /api/datasources/:datasourceId/permissions` `DELETE
    /datasources/:datasourceId/permissions` `POST
    /datasources/:datasourceId/enable-permissions` `POST
    /datasources/:datasourceId/disable-permissions`
    * Please use the following endpoints instead: `GET /api/access-control/datasources/:uid` for listing data source permissions `POST /api/access-control/datasources/:uid/users/:id`, `POST /api/access-control/datasources/:uid/teams/:id` and `POST /api/access-control/datasources/:uid/buildInRoles/:id` for adding or removing data source permissions
  * If you are using Terraform Grafana provider to manage data source
    permissions, you will need to upgrade your provider.
  * For the existing backend mode users who have table visualization might see
    some inconsistencies on their panels. We have updated the table column
    naming. This will potentially affect field transformations and/or field
    overrides.
  * The deprecated `/playlists/{uid}/dashboards` API endpoint has been removed.
    Dashboard information can be retrieved from the `/dashboard/...` APIs.
  * The `PUT /api/folders/:uid` endpoint no more supports modifying the folder's
    `UID`
  * Removed all components for the old panel header design.
  * Please review https://grafana.com/docs/grafana/next/breaking-
    changes/breaking-changes-v10-3/ for more details
  * OAuth role mapping enforcement: This change impacts GitHub, Gitlab, Okta,
    and Generic OAuth. To avoid overriding manually set roles, enable the
    skip_org_role_sync option in the Grafana configuration for your OAuth
    provider before upgrading
  * Angular has been deprecated
  * Grafana legacy alerting has been deprecated
  * API keys are migrating to service accounts
  * The experimental &#8220;dashboard previews&#8221; feature is removed
  * Usernames are now case-insensitive by default
  * Grafana OAuth integrations do not work anymore with email lookups
  * The &#8220;Alias&#8221; field in the CloudWatch data source is removed
  * Athena data source plugin must be updated to version &gt;=2.9.3
  * Redshift data source plugin must be updated to version &gt;=1.8.3
  * DoiT International BigQuery plugin no longer supported
  * Please review https://grafana.com/docs/grafana/next/breaking-
    changes/breaking-changes-v10-0 for more details

  * This update brings many new features, enhancements and fixes highlighted at:

  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-4/
  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-3/
  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-2/
  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-1/
  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-0/

spacecmd was updated to version 5.0.11-0:

  * Updated translation strings

supportutils-plugin-salt was updated to version 1.2.3:

  * Adjusted requirements for plugin to allow compatibility with supportutils
    3.2.9 release (bsc#1235145)
  * Provide backwards-compatible scripts version

supportutils-plugin-susemanager-client was updated to version 5.0.4-0:

  * Adjusted requirements for plugin to allow compatibility with supportutils
    3.2.9 release (bsc#1235145)

uyuni-tools was updated from version 0.1.23-0 to 0.1.27-0:

  * Security issues fixed:
  * CVE-2024-22037: Use podman secret to store the database credentials
    (bsc#1231497)
  * Other changes and bugs fixed:
  * Version 0.1.27-0
    * Bump the default image tag to 5.0.3
    * IsInstalled function fix
    * Run systemctl daemon-reload after changing the container image config (bsc#1233279)
    * Coco-replicas-upgrade
    * Persist search server indexes (bsc#1231759)
    * Sync deletes files during migration (bsc#1233660)
    * Ignore coco and hub images when applying PTF if they are not ailable (bsc#1229079)
    * Add --registry back to mgrpxy (bsc#1233202)
    * Only add java.hostname on migrated server if not present
    * Consider the configuration file to detect the coco or hub api images should be pulled (bsc#1229104)
    * Only raise an error if cloudguestregistryauth fails for PAYG (bsc#1233630)
    * Add registry.suse.com login to mgradm upgrade podman list (bsc#1234123)
  * Version 0.1.26-0
    * Ignore all zypper caches during migration (bsc#1232769)
    * Use the uyuni network for all podman containers (bsc#1232817)
  * Version 0.1.25-0
    * Don't migrate enabled systemd services, recreate them (bsc#1232575)
    * Redact JSESSIONID and pxt-session-cookie values from logs and console output (bsc#1231568)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Manager Client Tools for SLE 12  
    zypper in -t patch SUSE-SLE-Manager-Tools-12-2025-524=1

## Package List:

  * SUSE Manager Client Tools for SLE 12 (aarch64 ppc64le s390x x86_64)
    * mgrctl-0.1.28-1.16.1
    * mgrctl-debuginfo-0.1.28-1.16.1
    * golang-github-prometheus-prometheus-2.53.3-1.56.1
    * golang-github-prometheus-promu-0.17.0-1.24.1
    * grafana-10.4.13-1.66.2
  * SUSE Manager Client Tools for SLE 12 (noarch)
    * supportutils-plugin-susemanager-client-5.0.4-6.33.1
    * mgrctl-zsh-completion-0.1.28-1.16.1
    * mgrctl-bash-completion-0.1.28-1.16.1
    * supportutils-plugin-salt-1.2.3-6.25.1
    * spacecmd-5.0.11-38.153.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-3128.html
  * https://www.suse.com/security/cve/CVE-2023-6152.html
  * https://www.suse.com/security/cve/CVE-2024-22037.html
  * https://www.suse.com/security/cve/CVE-2024-45337.html
  * https://www.suse.com/security/cve/CVE-2024-51744.html
  * https://www.suse.com/security/cve/CVE-2024-6837.html
  * https://www.suse.com/security/cve/CVE-2024-8118.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1212641
  * https://bugzilla.suse.com/show_bug.cgi?id=1219912
  * https://bugzilla.suse.com/show_bug.cgi?id=1229079
  * https://bugzilla.suse.com/show_bug.cgi?id=1229104
  * https://bugzilla.suse.com/show_bug.cgi?id=1231024
  * https://bugzilla.suse.com/show_bug.cgi?id=1231497
  * https://bugzilla.suse.com/show_bug.cgi?id=1231568
  * https://bugzilla.suse.com/show_bug.cgi?id=1231759
  * https://bugzilla.suse.com/show_bug.cgi?id=1232575
  * https://bugzilla.suse.com/show_bug.cgi?id=1232769
  * https://bugzilla.suse.com/show_bug.cgi?id=1232817
  * https://bugzilla.suse.com/show_bug.cgi?id=1232970
  * https://bugzilla.suse.com/show_bug.cgi?id=1233202
  * https://bugzilla.suse.com/show_bug.cgi?id=1233279
  * https://bugzilla.suse.com/show_bug.cgi?id=1233630
  * https://bugzilla.suse.com/show_bug.cgi?id=1233660
  * https://bugzilla.suse.com/show_bug.cgi?id=1234123
  * https://bugzilla.suse.com/show_bug.cgi?id=1234554
  * https://bugzilla.suse.com/show_bug.cgi?id=1235145
  * https://bugzilla.suse.com/show_bug.cgi?id=1236301
  * https://jira.suse.com/browse/MSQA-914
  * https://jira.suse.com/browse/PED-11591
  * https://jira.suse.com/browse/PED-11649

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250214/c1861d9d/attachment.htm>

From null at suse.de  Fri Feb 14 12:30:06 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 14 Feb 2025 12:30:06 -0000
Subject: SUSE-SU-2025:0548-1: important: Security update for libtasn1
Message-ID: <173953620685.21560.866728368618840950@smelt2.prg2.suse.org>



# Security update for libtasn1

Announcement ID: SUSE-SU-2025:0548-1  
Release Date: 2025-02-14T10:20:38Z  
Rating: important  
References:

  * bsc#1236878

  
Cross-References:

  * CVE-2024-12133

  
CVSS scores:

  * CVE-2024-12133 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-12133 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-12133 ( NVD ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Micro for Rancher 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for libtasn1 fixes the following issues:

  * CVE-2024-12133: the processing of input DER data containing a large number
    of SEQUENCE OF or SET OF elements takes quadratic time to complete.
    (bsc#1236878)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-548=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-548=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-548=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-548=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-548=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-548=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-548=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-548=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-548=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-548=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-548=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-548=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-548=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-548=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-548=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-548=1

  * SUSE Linux Enterprise Micro 5.1  
    zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-548=1

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-548=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-548=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-548=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-548=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-548=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-548=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-548=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-548=1

## Package List:

  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-devel-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * Basesystem Module 15-SP6 (x86_64)
    * libtasn1-6-32bit-4.13-150000.4.11.1
    * libtasn1-6-32bit-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-devel-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64)
    * libtasn1-6-32bit-4.13-150000.4.11.1
    * libtasn1-6-32bit-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-devel-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
    * libtasn1-6-32bit-4.13-150000.4.11.1
    * libtasn1-6-32bit-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-devel-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
    * libtasn1-6-32bit-4.13-150000.4.11.1
    * libtasn1-6-32bit-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-devel-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64)
    * libtasn1-6-32bit-4.13-150000.4.11.1
    * libtasn1-6-32bit-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-devel-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64)
    * libtasn1-6-32bit-4.13-150000.4.11.1
    * libtasn1-6-32bit-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-devel-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (x86_64)
    * libtasn1-6-32bit-4.13-150000.4.11.1
    * libtasn1-6-32bit-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-devel-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64)
    * libtasn1-6-32bit-4.13-150000.4.11.1
    * libtasn1-6-32bit-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-devel-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64)
    * libtasn1-6-32bit-4.13-150000.4.11.1
    * libtasn1-6-32bit-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-devel-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64)
    * libtasn1-6-32bit-4.13-150000.4.11.1
    * libtasn1-6-32bit-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-devel-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
    * libtasn1-6-32bit-4.13-150000.4.11.1
    * libtasn1-6-32bit-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-devel-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64)
    * libtasn1-6-32bit-4.13-150000.4.11.1
    * libtasn1-6-32bit-debuginfo-4.13-150000.4.11.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * libtasn1-6-32bit-4.13-150000.4.11.1
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-6-32bit-debuginfo-4.13-150000.4.11.1
    * libtasn1-devel-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * libtasn1-6-32bit-4.13-150000.4.11.1
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-6-32bit-debuginfo-4.13-150000.4.11.1
    * libtasn1-devel-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-devel-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * SUSE Manager Server 4.3 (x86_64)
    * libtasn1-6-32bit-4.13-150000.4.11.1
    * libtasn1-6-32bit-debuginfo-4.13-150000.4.11.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-devel-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * SUSE Enterprise Storage 7.1 (x86_64)
    * libtasn1-6-32bit-4.13-150000.4.11.1
    * libtasn1-6-32bit-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-devel-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * openSUSE Leap 15.6 (x86_64)
    * libtasn1-6-32bit-4.13-150000.4.11.1
    * libtasn1-devel-32bit-4.13-150000.4.11.1
    * libtasn1-6-32bit-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-12133.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236878

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250214/e7686436/attachment.htm>

From null at suse.de  Fri Feb 14 16:33:23 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 14 Feb 2025 16:33:23 -0000
Subject: SUSE-SU-2025:0557-1: important: Security update for the Linux Kernel
Message-ID: <173955080390.19940.13067416496138464328@smelt2.prg2.suse.org>



# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2025:0557-1  
Release Date: 2025-02-14T15:26:54Z  
Rating: important  
References:

  * bsc#1012628
  * bsc#1194869
  * bsc#1215199
  * bsc#1216813
  * bsc#1218470
  * bsc#1220711
  * bsc#1222803
  * bsc#1224049
  * bsc#1225897
  * bsc#1226980
  * bsc#1228592
  * bsc#1229833
  * bsc#1231016
  * bsc#1231088
  * bsc#1232087
  * bsc#1232101
  * bsc#1232158
  * bsc#1232161
  * bsc#1232421
  * bsc#1232882
  * bsc#1233055
  * bsc#1233112
  * bsc#1233221
  * bsc#1233248
  * bsc#1233259
  * bsc#1233260
  * bsc#1233488
  * bsc#1233522
  * bsc#1233638
  * bsc#1233642
  * bsc#1233778
  * bsc#1234195
  * bsc#1234619
  * bsc#1234635
  * bsc#1234683
  * bsc#1234693
  * bsc#1234726
  * bsc#1234825
  * bsc#1234863
  * bsc#1234887
  * bsc#1234888
  * bsc#1234893
  * bsc#1234898
  * bsc#1234901
  * bsc#1234906
  * bsc#1234923
  * bsc#1234931
  * bsc#1234934
  * bsc#1234947
  * bsc#1234957
  * bsc#1235000
  * bsc#1235001
  * bsc#1235011
  * bsc#1235031
  * bsc#1235032
  * bsc#1235035
  * bsc#1235037
  * bsc#1235038
  * bsc#1235039
  * bsc#1235040
  * bsc#1235042
  * bsc#1235043
  * bsc#1235046
  * bsc#1235050
  * bsc#1235051
  * bsc#1235053
  * bsc#1235054
  * bsc#1235057
  * bsc#1235059
  * bsc#1235065
  * bsc#1235070
  * bsc#1235073
  * bsc#1235100
  * bsc#1235112
  * bsc#1235115
  * bsc#1235117
  * bsc#1235122
  * bsc#1235123
  * bsc#1235125
  * bsc#1235132
  * bsc#1235133
  * bsc#1235155
  * bsc#1235160
  * bsc#1235217
  * bsc#1235219
  * bsc#1235220
  * bsc#1235222
  * bsc#1235223
  * bsc#1235224
  * bsc#1235227
  * bsc#1235230
  * bsc#1235241
  * bsc#1235244
  * bsc#1235249
  * bsc#1235251
  * bsc#1235252
  * bsc#1235389
  * bsc#1235390
  * bsc#1235391
  * bsc#1235406
  * bsc#1235410
  * bsc#1235412
  * bsc#1235413
  * bsc#1235415
  * bsc#1235416
  * bsc#1235417
  * bsc#1235418
  * bsc#1235423
  * bsc#1235424
  * bsc#1235425
  * bsc#1235426
  * bsc#1235427
  * bsc#1235428
  * bsc#1235429
  * bsc#1235430
  * bsc#1235433
  * bsc#1235437
  * bsc#1235439
  * bsc#1235441
  * bsc#1235444
  * bsc#1235445
  * bsc#1235449
  * bsc#1235451
  * bsc#1235454
  * bsc#1235458
  * bsc#1235459
  * bsc#1235464
  * bsc#1235466
  * bsc#1235473
  * bsc#1235479
  * bsc#1235480
  * bsc#1235483
  * bsc#1235486
  * bsc#1235487
  * bsc#1235488
  * bsc#1235489
  * bsc#1235491
  * bsc#1235494
  * bsc#1235495
  * bsc#1235496
  * bsc#1235497
  * bsc#1235498
  * bsc#1235500
  * bsc#1235502
  * bsc#1235503
  * bsc#1235519
  * bsc#1235520
  * bsc#1235521
  * bsc#1235523
  * bsc#1235526
  * bsc#1235528
  * bsc#1235532
  * bsc#1235533
  * bsc#1235534
  * bsc#1235537
  * bsc#1235538
  * bsc#1235545
  * bsc#1235552
  * bsc#1235555
  * bsc#1235557
  * bsc#1235563
  * bsc#1235564
  * bsc#1235565
  * bsc#1235568
  * bsc#1235570
  * bsc#1235571
  * bsc#1235577
  * bsc#1235578
  * bsc#1235582
  * bsc#1235583
  * bsc#1235584
  * bsc#1235587
  * bsc#1235611
  * bsc#1235612
  * bsc#1235616
  * bsc#1235622
  * bsc#1235627
  * bsc#1235632
  * bsc#1235635
  * bsc#1235638
  * bsc#1235641
  * bsc#1235643
  * bsc#1235645
  * bsc#1235646
  * bsc#1235647
  * bsc#1235650
  * bsc#1235653
  * bsc#1235656
  * bsc#1235657
  * bsc#1235663
  * bsc#1235686
  * bsc#1235700
  * bsc#1235705
  * bsc#1235707
  * bsc#1235708
  * bsc#1235710
  * bsc#1235714
  * bsc#1235716
  * bsc#1235720
  * bsc#1235723
  * bsc#1235727
  * bsc#1235730
  * bsc#1235737
  * bsc#1235739
  * bsc#1235745
  * bsc#1235747
  * bsc#1235750
  * bsc#1235753
  * bsc#1235759
  * bsc#1235764
  * bsc#1235768
  * bsc#1235776
  * bsc#1235777
  * bsc#1235778
  * bsc#1235779
  * bsc#1235793
  * bsc#1235798
  * bsc#1235806
  * bsc#1235808
  * bsc#1235812
  * bsc#1235814
  * bsc#1235818
  * bsc#1235842
  * bsc#1235865
  * bsc#1235874
  * bsc#1235894
  * bsc#1235902
  * bsc#1235903
  * bsc#1235906
  * bsc#1235914
  * bsc#1235918
  * bsc#1235919
  * bsc#1235920
  * bsc#1235924
  * bsc#1235940
  * bsc#1235941
  * bsc#1235946
  * bsc#1235948
  * bsc#1235952
  * bsc#1235964
  * bsc#1235965
  * bsc#1235967
  * bsc#1235969
  * bsc#1235976
  * bsc#1235977
  * bsc#1236078
  * bsc#1236080
  * bsc#1236082
  * bsc#1236088
  * bsc#1236090
  * bsc#1236091
  * bsc#1236096
  * bsc#1236097
  * bsc#1236098
  * bsc#1236101
  * bsc#1236102
  * bsc#1236104
  * bsc#1236106
  * bsc#1236120
  * bsc#1236125
  * bsc#1236127
  * bsc#1236131
  * bsc#1236138
  * bsc#1236143
  * bsc#1236144
  * bsc#1236145
  * bsc#1236160
  * bsc#1236161
  * bsc#1236163
  * bsc#1236168
  * bsc#1236178
  * bsc#1236180
  * bsc#1236181
  * bsc#1236182
  * bsc#1236190
  * bsc#1236192
  * bsc#1236198
  * bsc#1236227
  * bsc#1236245
  * bsc#1236247
  * bsc#1236248
  * bsc#1236260
  * bsc#1236262
  * bsc#1236628
  * bsc#1236680
  * bsc#1236683
  * bsc#1236685
  * bsc#1236688
  * bsc#1236694
  * bsc#1236696
  * bsc#1236698
  * bsc#1236703
  * bsc#1236732
  * bsc#1236733
  * bsc#1236757
  * bsc#1236758
  * bsc#1236760
  * bsc#1236761
  * jsc#PED-7242

  
Cross-References:

  * CVE-2023-52923
  * CVE-2024-36476
  * CVE-2024-39282
  * CVE-2024-43913
  * CVE-2024-45828
  * CVE-2024-46858
  * CVE-2024-46896
  * CVE-2024-47141
  * CVE-2024-47143
  * CVE-2024-47809
  * CVE-2024-48873
  * CVE-2024-48881
  * CVE-2024-49569
  * CVE-2024-49948
  * CVE-2024-49951
  * CVE-2024-49978
  * CVE-2024-49998
  * CVE-2024-50051
  * CVE-2024-50106
  * CVE-2024-50151
  * CVE-2024-50199
  * CVE-2024-50251
  * CVE-2024-50258
  * CVE-2024-50299
  * CVE-2024-50304
  * CVE-2024-52332
  * CVE-2024-53091
  * CVE-2024-53095
  * CVE-2024-53164
  * CVE-2024-53168
  * CVE-2024-53170
  * CVE-2024-53172
  * CVE-2024-53175
  * CVE-2024-53185
  * CVE-2024-53187
  * CVE-2024-53194
  * CVE-2024-53195
  * CVE-2024-53196
  * CVE-2024-53197
  * CVE-2024-53198
  * CVE-2024-53203
  * CVE-2024-53227
  * CVE-2024-53230
  * CVE-2024-53231
  * CVE-2024-53232
  * CVE-2024-53233
  * CVE-2024-53236
  * CVE-2024-53239
  * CVE-2024-53685
  * CVE-2024-53690
  * CVE-2024-54680
  * CVE-2024-55639
  * CVE-2024-55881
  * CVE-2024-55916
  * CVE-2024-56369
  * CVE-2024-56372
  * CVE-2024-56531
  * CVE-2024-56532
  * CVE-2024-56533
  * CVE-2024-56538
  * CVE-2024-56543
  * CVE-2024-56546
  * CVE-2024-56548
  * CVE-2024-56557
  * CVE-2024-56558
  * CVE-2024-56568
  * CVE-2024-56569
  * CVE-2024-56570
  * CVE-2024-56571
  * CVE-2024-56572
  * CVE-2024-56573
  * CVE-2024-56574
  * CVE-2024-56575
  * CVE-2024-56577
  * CVE-2024-56578
  * CVE-2024-56584
  * CVE-2024-56587
  * CVE-2024-56588
  * CVE-2024-56589
  * CVE-2024-56590
  * CVE-2024-56592
  * CVE-2024-56593
  * CVE-2024-56594
  * CVE-2024-56595
  * CVE-2024-56596
  * CVE-2024-56597
  * CVE-2024-56598
  * CVE-2024-5660
  * CVE-2024-56600
  * CVE-2024-56601
  * CVE-2024-56602
  * CVE-2024-56603
  * CVE-2024-56606
  * CVE-2024-56607
  * CVE-2024-56608
  * CVE-2024-56609
  * CVE-2024-56610
  * CVE-2024-56611
  * CVE-2024-56614
  * CVE-2024-56615
  * CVE-2024-56616
  * CVE-2024-56617
  * CVE-2024-56619
  * CVE-2024-56620
  * CVE-2024-56622
  * CVE-2024-56623
  * CVE-2024-56625
  * CVE-2024-56629
  * CVE-2024-56630
  * CVE-2024-56631
  * CVE-2024-56632
  * CVE-2024-56634
  * CVE-2024-56635
  * CVE-2024-56636
  * CVE-2024-56637
  * CVE-2024-56641
  * CVE-2024-56642
  * CVE-2024-56643
  * CVE-2024-56644
  * CVE-2024-56648
  * CVE-2024-56649
  * CVE-2024-56650
  * CVE-2024-56651
  * CVE-2024-56654
  * CVE-2024-56656
  * CVE-2024-56658
  * CVE-2024-56659
  * CVE-2024-56660
  * CVE-2024-56661
  * CVE-2024-56662
  * CVE-2024-56663
  * CVE-2024-56664
  * CVE-2024-56665
  * CVE-2024-56670
  * CVE-2024-56672
  * CVE-2024-56675
  * CVE-2024-56677
  * CVE-2024-56678
  * CVE-2024-56679
  * CVE-2024-56681
  * CVE-2024-56683
  * CVE-2024-56687
  * CVE-2024-56688
  * CVE-2024-56690
  * CVE-2024-56691
  * CVE-2024-56693
  * CVE-2024-56694
  * CVE-2024-56698
  * CVE-2024-56700
  * CVE-2024-56701
  * CVE-2024-56704
  * CVE-2024-56705
  * CVE-2024-56707
  * CVE-2024-56708
  * CVE-2024-56709
  * CVE-2024-56712
  * CVE-2024-56715
  * CVE-2024-56716
  * CVE-2024-56722
  * CVE-2024-56723
  * CVE-2024-56724
  * CVE-2024-56725
  * CVE-2024-56726
  * CVE-2024-56727
  * CVE-2024-56728
  * CVE-2024-56729
  * CVE-2024-56739
  * CVE-2024-56741
  * CVE-2024-56745
  * CVE-2024-56746
  * CVE-2024-56747
  * CVE-2024-56748
  * CVE-2024-56759
  * CVE-2024-56760
  * CVE-2024-56763
  * CVE-2024-56765
  * CVE-2024-56766
  * CVE-2024-56767
  * CVE-2024-56769
  * CVE-2024-56774
  * CVE-2024-56775
  * CVE-2024-56776
  * CVE-2024-56777
  * CVE-2024-56778
  * CVE-2024-56779
  * CVE-2024-56780
  * CVE-2024-56787
  * CVE-2024-57791
  * CVE-2024-57792
  * CVE-2024-57793
  * CVE-2024-57795
  * CVE-2024-57798
  * CVE-2024-57801
  * CVE-2024-57802
  * CVE-2024-57804
  * CVE-2024-57809
  * CVE-2024-57838
  * CVE-2024-57849
  * CVE-2024-57850
  * CVE-2024-57857
  * CVE-2024-57874
  * CVE-2024-57876
  * CVE-2024-57882
  * CVE-2024-57884
  * CVE-2024-57887
  * CVE-2024-57888
  * CVE-2024-57890
  * CVE-2024-57892
  * CVE-2024-57893
  * CVE-2024-57896
  * CVE-2024-57897
  * CVE-2024-57899
  * CVE-2024-57903
  * CVE-2024-57904
  * CVE-2024-57906
  * CVE-2024-57907
  * CVE-2024-57908
  * CVE-2024-57910
  * CVE-2024-57911
  * CVE-2024-57912
  * CVE-2024-57913
  * CVE-2024-57915
  * CVE-2024-57916
  * CVE-2024-57917
  * CVE-2024-57922
  * CVE-2024-57926
  * CVE-2024-57929
  * CVE-2024-57931
  * CVE-2024-57932
  * CVE-2024-57933
  * CVE-2024-57935
  * CVE-2024-57936
  * CVE-2024-57938
  * CVE-2024-57940
  * CVE-2024-57946
  * CVE-2025-21632
  * CVE-2025-21645
  * CVE-2025-21646
  * CVE-2025-21649
  * CVE-2025-21650
  * CVE-2025-21651
  * CVE-2025-21652
  * CVE-2025-21653
  * CVE-2025-21655
  * CVE-2025-21656
  * CVE-2025-21662
  * CVE-2025-21663
  * CVE-2025-21664
  * CVE-2025-21666
  * CVE-2025-21669
  * CVE-2025-21670
  * CVE-2025-21674
  * CVE-2025-21675
  * CVE-2025-21676
  * CVE-2025-21678
  * CVE-2025-21682

  
CVSS scores:

  * CVE-2023-52923 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2023-52923 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-36476 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-36476 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-36476 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-39282 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-39282 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-43913 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-43913 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
  * CVE-2024-43913 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-45828 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-45828 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-45828 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-46858 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-46858 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-46896 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-46896 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47141 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47141 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47141 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47143 ( SUSE ):  5.6
    CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47143 ( SUSE ):  4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47143 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47809 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47809 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47809 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-48873 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-48873 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-48873 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-48881 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-48881 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-48881 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49569 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-49569 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49948 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49948 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49951 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49951 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49978 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49978 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49998 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49998 ( NVD ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50051 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-50051 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50051 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50051 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50106 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50106 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50106 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50151 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-50151 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2024-50151 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50199 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50251 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-50251 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50251 ( NVD ):  6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50258 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-50258 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50258 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50299 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50299 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50304 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50304 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-52332 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-52332 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53091 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53091 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53095 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53095 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53164 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53164 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53168 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53168 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53168 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53168 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53170 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53170 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53170 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53170 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53172 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53172 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53175 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-53175 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-53175 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53185 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53185 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53185 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53185 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53187 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-53187 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
  * CVE-2024-53187 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53194 ( SUSE ):  5.4
    CVSS:4.0/AV:P/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53194 ( SUSE ):  6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53194 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53195 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-53195 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-53196 ( SUSE ):  0.0
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-53196 ( SUSE ):  0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N
  * CVE-2024-53197 ( SUSE ):  5.6
    CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-53197 ( SUSE ):  4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-53198 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-53198 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-53203 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53203 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
  * CVE-2024-53203 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53227 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53227 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53227 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53227 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53230 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53230 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53230 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53231 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53231 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53231 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53232 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53232 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53232 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53232 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53233 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53233 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53236 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53236 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53239 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53239 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53239 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53239 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53685 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53685 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53690 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53690 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54680 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-54680 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54680 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54680 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-55639 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-55639 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-55881 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-55881 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-55916 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-55916 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-55916 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56369 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56369 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56369 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56372 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56372 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56531 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56531 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56532 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56532 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56533 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56533 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56538 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56538 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56538 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56538 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56543 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56543 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56546 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56546 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56548 ( SUSE ):  8.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56548 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56557 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56557 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56558 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56558 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56558 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56568 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56568 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56568 ( NVD ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56569 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56569 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56569 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56570 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56570 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56571 ( SUSE ):  0.0
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-56571 ( SUSE ):  0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N
  * CVE-2024-56572 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56572 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56572 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56573 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56573 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56574 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56574 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56574 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56575 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56575 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56575 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56577 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56577 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56577 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56578 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56578 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56578 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56584 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56584 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56587 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56587 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56587 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56588 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56588 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56588 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56589 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56589 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56590 ( SUSE ):  6.9
    CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56590 ( SUSE ):  5.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56592 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56592 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56593 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56593 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56593 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56594 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56594 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56595 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56595 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56595 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56596 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56596 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56596 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56597 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56597 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-56598 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56598 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56598 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-5660 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56600 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56601 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56602 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56602 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56602 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56602 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56603 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56603 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56603 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56603 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56606 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56606 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56606 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56606 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56607 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56607 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56608 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56608 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56608 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56609 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56609 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56610 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56610 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56611 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56611 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56611 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56614 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56614 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56614 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56615 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56615 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56615 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56616 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56616 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56617 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56617 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56617 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56619 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56619 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56619 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56620 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56620 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56620 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56622 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56622 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56622 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56623 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56623 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56623 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56625 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56625 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56629 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56629 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56629 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56630 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56630 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56631 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56631 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56631 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56631 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56632 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56632 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56632 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56634 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56634 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56634 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56635 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56635 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56635 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56635 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56636 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56636 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  * CVE-2024-56637 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56637 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56641 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56641 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56642 ( SUSE ):  7.5
    CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56642 ( SUSE ):  7.1 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56642 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56642 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56643 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56643 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56643 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56644 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56644 ( SUSE ):  2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56648 ( SUSE ):  8.6
    CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56648 ( SUSE ):  8.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56648 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56649 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56649 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56649 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56650 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56650 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56650 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-56651 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56651 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56651 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56651 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56654 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56654 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56654 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56656 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56656 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56656 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56658 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56658 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56658 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56659 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56659 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56659 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56660 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56660 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56660 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56661 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56661 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56661 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56662 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56662 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
  * CVE-2024-56662 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-56663 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56663 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
  * CVE-2024-56663 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-56664 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56664 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56664 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56665 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56665 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56665 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56670 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56670 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56670 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56672 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56672 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56672 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56672 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56675 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56675 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56675 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56675 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56677 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56677 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56678 ( SUSE ):  8.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56678 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56678 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56679 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56679 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56681 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56681 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  * CVE-2024-56683 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56683 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56687 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56687 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56687 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56688 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56688 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56688 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56690 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56690 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56691 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56691 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56693 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56693 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56693 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56694 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56694 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56694 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56698 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56698 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56698 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56700 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56700 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56701 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56701 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56704 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56704 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56704 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56705 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56705 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56707 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56707 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56708 ( SUSE ):  8.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56708 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56708 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56709 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56709 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56712 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56712 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56712 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56715 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56715 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56715 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56716 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56716 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56716 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56722 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56722 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56722 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56723 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56723 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56723 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56724 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56724 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56724 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56725 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56725 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56725 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56726 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56726 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56726 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56727 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56727 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56727 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56728 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56728 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56728 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56729 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56729 ( SUSE ):  2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56729 ( NVD ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56739 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56739 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56739 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56741 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56741 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56741 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56745 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56745 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56745 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56746 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56746 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56746 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56747 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56747 ( SUSE ):  2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56747 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56748 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56748 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56748 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56759 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56759 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56760 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56760 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56760 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56763 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56763 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56763 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56765 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56765 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56765 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56765 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56766 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56766 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56766 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56767 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56767 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56767 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56769 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56769 ( SUSE ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-56769 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56774 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56774 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56774 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56775 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56775 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56775 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56776 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56776 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56776 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56777 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56777 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56777 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56778 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56778 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56778 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56779 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56779 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56779 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56780 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56780 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56780 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56787 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56787 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56787 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57791 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57791 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57792 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57792 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57793 ( SUSE ):  6.2
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H
  * CVE-2024-57793 ( SUSE ):  8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:H
  * CVE-2024-57795 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57795 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57795 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57798 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57798 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57798 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57801 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57801 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57801 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57801 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57802 ( SUSE ):  2.1
    CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-57802 ( SUSE ):  4.6 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
  * CVE-2024-57802 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57804 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57804 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2024-57809 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57809 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57838 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57838 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57849 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57849 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57850 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57850 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57857 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57857 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57857 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57874 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57874 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57874 ( NVD ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
  * CVE-2024-57876 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57876 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57882 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57882 ( SUSE ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
  * CVE-2024-57882 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57884 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57884 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57887 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57887 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57887 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57887 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57888 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57888 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57890 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57890 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
  * CVE-2024-57890 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57892 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57892 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57892 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57892 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57893 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57893 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57896 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57896 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57896 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57896 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57897 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57897 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57899 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57899 ( SUSE ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-57903 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57903 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57904 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57904 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57906 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57906 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57907 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57907 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57908 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57908 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57908 ( SUSE ):  3.3 AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57910 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57910 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57910 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-57911 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57911 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-57912 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57912 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57913 ( SUSE ):  0.0
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57913 ( SUSE ):  0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N
  * CVE-2024-57915 ( SUSE ):  0.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57915 ( SUSE ):  0.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:N
  * CVE-2024-57915 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57916 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57916 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57917 ( SUSE ):  5.6
    CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57917 ( SUSE ):  4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57922 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57922 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57926 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57926 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57926 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57926 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57929 ( SUSE ):  8.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57929 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57931 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57931 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57932 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57932 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57933 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57933 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57933 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57935 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57935 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57936 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57936 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57938 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57938 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57938 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57940 ( SUSE ):  5.6
    CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57940 ( SUSE ):  4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57940 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57946 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57946 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21632 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21632 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21645 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21645 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21646 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21646 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21649 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21649 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21649 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21650 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21650 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21651 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21651 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21652 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21652 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-21652 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-21652 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-21653 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-21653 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  * CVE-2025-21655 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21655 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21656 ( SUSE ):  1.0
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-21656 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:L
  * CVE-2025-21662 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21662 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21663 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21663 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21664 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21664 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21666 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21666 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21666 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21669 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21669 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21669 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21670 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21670 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21670 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21674 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21674 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21674 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21675 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21675 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21675 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21676 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21676 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21676 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21678 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21678 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21682 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21682 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21682 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Live Patching 15-SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Real Time Module 15-SP6

  
  
An update that solves 256 vulnerabilities, contains one feature and has 42
security fixes can now be installed.

## Description:

The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various
security bugfixes.

The following security bugs were fixed:

  * CVE-2024-45828: i3c: mipi-i3c-hci: Mask ring interrupts before ring stop
    request (bsc#1235705).
  * CVE-2024-46858: mptcp: pm: Fix uaf in __timer_delete_sync (bsc#1231088).
  * CVE-2024-48881: bcache: revert replacing IS_ERR_OR_NULL with IS_ERR again
    (bsc#1235727).
  * CVE-2024-49948: net: add more sanity checks to qdisc_pkt_len_init()
    (bsc#1232161).
  * CVE-2024-49951: Bluetooth: MGMT: Fix possible crash on mgmt_index_removed
    (bsc#1232158).
  * CVE-2024-49978: gso: fix udp gso fraglist segmentation after pull from
    frag_list (bsc#1232101).
  * CVE-2024-49998: net: dsa: improve shutdown sequence (bsc#1232087).
  * CVE-2024-50151: smb: client: fix OOBs when building SMB2_IOCTL request
    (bsc#1233055).
  * CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unuse_vma (bsc#1233112).
  * CVE-2024-50251: netfilter: nft_payload: sanitize offset and length before
    calling skb_checksum() (bsc#1233248).
  * CVE-2024-50258: net: fix crash when config small
    gso_max_size/gso_ipv4_max_size (bsc#1233221).
  * CVE-2024-50299: sctp: properly validate chunk size in sctp_sf_ootb()
    (bsc#1233488).
  * CVE-2024-50304: ipv4: ip_tunnel: Fix suspicious RCU usage warning in
    ip_tunnel_find() (bsc#1233522).
  * CVE-2024-53091: bpf: Add sk_is_inet and IS_ICSK check in
    tls_sw_has_ctx_tx/rx (bsc#1233638).
  * CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1234863).
  * CVE-2024-53170: block: fix uaf for flush rq while iterating tags
    (bsc#1234888).
  * CVE-2024-53172: ubi: fastmap: Fix duplicate slab cache names while attaching
    (bsc#1234898).
  * CVE-2024-53175: ipc: fix memleak if msg_init_ns failed in create_ipc_ns
    (bsc#1234893).
  * CVE-2024-53185: smb: client: fix NULL ptr deref in crypto_aead_setkey()
    (bsc#1234901).
  * CVE-2024-53187: io_uring: check for overflows in io_pin_pages (bsc#1234947).
  * CVE-2024-53195: KVM: arm64: Get rid of userspace_irqchip_in_use
    (bsc#1234957).
  * CVE-2024-53196: KVM: arm64: Do not retire aborted MMIO instruction
    (bsc#1234906).
  * CVE-2024-53198: xen: Fix the issue of resource not being properly released
    in xenbus_dev_probe() (bsc#1234923).
  * CVE-2024-53203: usb: typec: fix potential array underflow in
    ucsi_ccg_sync_control() (bsc#1235001).
  * CVE-2024-53227: scsi: bfa: Fix use-after-free in bfad_im_module_exit()
    (bsc#1235011).
  * CVE-2024-53232: iommu/s390: Implement blocking domain (bsc#1235050).
  * CVE-2024-53236: xsk: Free skb when TX metadata options are invalid
    (bsc#1235000).
  * CVE-2024-53685: ceph: give up on paths longer than PATH_MAX (bsc#1235720).
  * CVE-2024-55639: net: renesas: rswitch: avoid use-after-put for a device tree
    node (bsc#1235737).
  * CVE-2024-55881: KVM: x86: Play nice with protected guests in
    complete_hypercall_exit() (bsc#1235745).
  * CVE-2024-56372: net: tun: fix tun_napi_alloc_frags() (bsc#1235753).
  * CVE-2024-56568: iommu/arm-smmu: Defer probe of clients after smmu device
    bound (bsc#1235032).
  * CVE-2024-56569: ftrace: Fix regression with module command in
    stack_trace_filter (bsc#1235031).
  * CVE-2024-56570: ovl: Filter invalid inodes with missing lookup function
    (bsc#1235035).
  * CVE-2024-56588: scsi: hisi_sas: Create all dump files during debugfs
    initialization (bsc#1235123).
  * CVE-2024-56589: scsi: hisi_sas: Add cond_resched() for no forced preemption
    model (bsc#1235241).
  * CVE-2024-56592: bpf: Call free_htab_elem() after htab_unlock_bucket()
    (bsc#1235244).
  * CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in
    inet6_create() (bsc#1235217).
  * CVE-2024-56601: net: inet: do not leave a dangling sk pointer in
    inet_create() (bsc#1235230).
  * CVE-2024-56602: net: ieee802154: do not leave a dangling sk pointer in
    ieee802154_create() (bsc#1235521).
  * CVE-2024-56603: net: af_can: do not leave a dangling sk pointer in
    can_create() (bsc#1235415).
  * CVE-2024-56608: drm/amd/display: Fix out-of-bounds access in
    'dcn21_link_encoder_create' (bsc#1235487).
  * CVE-2024-56610: kcsan: Turn report_filterlist_lock into a raw_spinlock
    (bsc#1235390).
  * CVE-2024-56611: mm/mempolicy: fix migrate_to_node() assuming there is at
    least one VMA in a MM (bsc#1235391).
  * CVE-2024-56614: xsk: fix OOB map writes when deleting elements
    (bsc#1235424).
  * CVE-2024-56615: bpf: fix OOB devmap writes when deleting elements
    (bsc#1235426).
  * CVE-2024-56617: cacheinfo: Allocate memory during CPU hotplug if not done
    from the primary CPU (bsc#1235429).
  * CVE-2024-56620: scsi: ufs: qcom: Only free platform MSIs when ESI is enabled
    (bsc#1235227).
  * CVE-2024-56622: scsi: ufs: core: sysfs: Prevent div by zero (bsc#1235251).
  * CVE-2024-56631: scsi: sg: Fix slab-use-after-free read in sg_release()
    (bsc#1235480).
  * CVE-2024-56635: net: avoid potential UAF in default_operstate()
    (bsc#1235519).
  * CVE-2024-56636: geneve: do not assume mac header is set in geneve_xmit_skb()
    (bsc#1235520).
  * CVE-2024-56637: netfilter: ipset: Hold module reference while requesting a
    module (bsc#1235523).
  * CVE-2024-56641: net/smc: initialize close_work early to avoid warning
    (bsc#1235526).
  * CVE-2024-56643: dccp: Fix memory leak in dccp_feat_change_recv
    (bsc#1235132).
  * CVE-2024-56648: net: hsr: avoid potential out-of-bound access in
    fill_frame_info() (bsc#1235451).
  * CVE-2024-56649: net: enetc: Do not configure preemptible TCs if SIs do not
    support (bsc#1235449).
  * CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check()
    (bsc#1235430).
  * CVE-2024-56656: bnxt_en: Fix aggregation ID mask to prevent oops on 5760X
    chips (bsc#1235444).
  * CVE-2024-56658: net: defer final 'struct net' free in netns dismantle
    (bsc#1235441).
  * CVE-2024-56659: net: lapb: increase LAPB_HEADER_LEN (bsc#1235439).
  * CVE-2024-56660: net/mlx5: DR, prevent potential error pointer dereference
    (bsc#1235437).
  * CVE-2024-56664: bpf, sockmap: Fix race between element replace and close()
    (bsc#1235249).
  * CVE-2024-56665: bpf,perf: Fix invalid prog_array access in
    perf_event_detach_bpf_prog (bsc#1235489).
  * CVE-2024-56675: bpf: Fix UAF via mismatching bpf_prog/attachment RCU flavors
    (bsc#1235555).
  * CVE-2024-56679: octeontx2-pf: handle otx2_mbox_get_rsp errors in
    otx2_common.c (bsc#1235498).
  * CVE-2024-56693: brd: defer automatic disk creation until module
    initialization succeeds (bsc#1235418).
  * CVE-2024-56694: bpf: fix recursive lock when verdict program return SK_PASS
    (bsc#1235412).
  * CVE-2024-56704: 9p/xen: fix release of IRQ (bsc#1235584).
  * CVE-2024-56707: octeontx2-pf: handle otx2_mbox_get_rsp errors in
    otx2_dmac_flt.c (bsc#1235545).
  * CVE-2024-56708: EDAC/igen6: Avoid segmentation fault on module unload
    (bsc#1235564).
  * CVE-2024-56712: udmabuf: fix memory leak on last export_udmabuf() error path
    (bsc#1235565).
  * CVE-2024-56715: ionic: Fix netdev notifier unregister on failure
    (bsc#1235612).
  * CVE-2024-56716: netdevsim: prevent bad user input in
    nsim_dev_health_break_write() (bsc#1235587).
  * CVE-2024-56725: octeontx2-pf: handle otx2_mbox_get_rsp errors in
    otx2_dcbnl.c (bsc#1235578).
  * CVE-2024-56726: octeontx2-pf: handle otx2_mbox_get_rsp errors in cn10k.c
    (bsc#1235582).
  * CVE-2024-56727: octeontx2-pf: handle otx2_mbox_get_rsp errors in
    otx2_flows.c (bsc#1235583).
  * CVE-2024-56728: octeontx2-pf: handle otx2_mbox_get_rsp errors in
    otx2_ethtool.c (bsc#1235656).
  * CVE-2024-56729: smb: Initialize cfid->tcon before performing network ops
    (bsc#1235503).
  * CVE-2024-56747: scsi: qedi: Fix a possible memory leak in
    qedi_alloc_and_init_sb() (bsc#1234934).
  * CVE-2024-56748: scsi: qedf: Fix a possible memory leak in
    qedf_alloc_and_init_sb() (bsc#1235627).
  * CVE-2024-56759: btrfs: fix use-after-free when COWing tree bock and tracing
    is enabled (bsc#1235645).
  * CVE-2024-56763: tracing: Prevent bad count for tracing_cpumask_write
    (bsc#1235638).
  * CVE-2024-56774: btrfs: add a sanity check for btrfs root in
    btrfs_search_slot() (bsc#1235653).
  * CVE-2024-56775: drm/amd/display: Fix handling of plane refcount
    (bsc#1235657).
  * CVE-2024-57791: net/smc: check return value of sock_recvmsg when draining
    clc data (bsc#1235759).
  * CVE-2024-57793: virt: tdx-guest: Just leak decrypted memory on unrecoverable
    errors (bsc#1235768).
  * CVE-2024-57795: RDMA/rxe: Remove the direct link to net_device
    (bsc#1235906).
  * CVE-2024-57801: net/mlx5e: Skip restore TC rules for vport rep without
    loaded flag (bsc#1235940).
  * CVE-2024-57802: netrom: check buffer length before accessing it
    (bsc#1235941).
  * CVE-2024-57804: scsi: mpi3mr: Fix corrupt config pages PHY state is switched
    in sysfs (bsc#1235779).
  * CVE-2024-57809: PCI: imx6: Fix suspend/resume support on i.MX6QDL
    (bsc#1235793).
  * CVE-2024-57838: s390/entry: Mark IRQ entries to fix stack depot warnings
    (bsc#1235798).
  * CVE-2024-57857: RDMA/siw: Remove direct link to net_device (bsc#1235946).
  * CVE-2024-57882: mptcp: fix TCP options overflow. (bsc#1235914).
  * CVE-2024-57884: mm: vmscan: account for free pages to prevent infinite Loop
    in throttle_direct_reclaim() (bsc#1235948).
  * CVE-2024-57892: ocfs2: fix slab-use-after-free due to dangling pointer
    dqi_priv (bsc#1235964).
  * CVE-2024-57896: btrfs: flush delalloc workers queue before stopping cleaner
    kthread during unmount (bsc#1235965).
  * CVE-2024-57903: net: restrict SO_REUSEPORT to inet sockets (bsc#1235967).
  * CVE-2024-57917: topology: Keep the cpumask unchanged when printing cpumap
    (bsc#1236127).
  * CVE-2024-57929: dm array: fix releasing a faulty array block twice in
    dm_array_cursor_end (bsc#1236096).
  * CVE-2024-57931: selinux: ignore unknown extended permissions (bsc#1236192).
  * CVE-2024-57932: gve: guard XDP xmit NDO on existence of xdp queues
    (bsc#1236190).
  * CVE-2024-57933: gve: guard XSK operations on the existence of queues
    (bsc#1236178).
  * CVE-2024-57938: net/sctp: Prevent autoclose integer overflow in
    sctp_association_init() (bsc#1236182).
  * CVE-2024-57946: virtio-blk: do not keep queue frozen during system suspend
    (bsc#1236247).
  * CVE-2025-21632: x86/fpu: Ensure shadow stack is active before "getting"
    registers (bsc#1236106).
  * CVE-2025-21649: net: hns3: fix kernel crash when 1588 is sent on HIP08
    devices (bsc#1236143).
  * CVE-2025-21650: net: hns3: fixed hclge_fetch_pf_reg accesses bar space out
    of bounds issue (bsc#1236144).
  * CVE-2025-21651: net: hns3: do not auto enable misc vector (bsc#1236145).
  * CVE-2025-21652: ipvlan: Fix use-after-free in ipvlan_get_iflink()
    (bsc#1236160).
  * CVE-2025-21653: net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute
    (bsc#1236161).
  * CVE-2025-21655: io_uring/eventfd: ensure io_eventfd_signal() defers another
    RCU period (bsc#1236163).
  * CVE-2025-21662: net/mlx5: Fix variable not being completed when function
    returns (bsc#1236198).
  * CVE-2025-21663: net: stmmac: dwmac-tegra: Read iommu stream id from device
    tree (bsc#1236260).
  * CVE-2025-21664: dm thin: make get_first_thin use rcu-safe list first
    function (bsc#1236262).
  * CVE-2025-21666: vsock: prevent null-ptr-deref in vsock_*[has_data|has_space]
    (bsc#1236680).
  * CVE-2025-21669: vsock/virtio: discard packets if the transport changes
    (bsc#1236683).
  * CVE-2025-21670: vsock/bpf: return early if transport is not assigned
    (bsc#1236685).
  * CVE-2025-21674: net/mlx5e: Fix inversion dependency warning while enabling
    IPsec tunnel (bsc#1236688).
  * CVE-2025-21675: net/mlx5: Clear port select structure when fail to create
    (bsc#1236694).
  * CVE-2025-21676: net: fec: handle page_pool_dev_alloc_pages error
    (bsc#1236696).
  * CVE-2025-21678: gtp: Destroy device along with udp socket's netns dismantle
    (bsc#1236698).
  * CVE-2025-21682: eth: bnxt: always recalculate features after XDP clearing,
    fix null-deref (bsc#1236703).

The following non-security bugs were fixed:

  * ACPI/IORT: Add PMCG platform information for HiSilicon HIP09A (stable-
    fixes).
  * ACPI/IORT: Add PMCG platform information for HiSilicon HIP10/11 (stable-
    fixes).
  * ACPI: PCC: Add PCC shared memory region command and status bitfields
    (stable-fixes).
  * ACPI: fan: cleanup resources in the error path of .probe() (git-fixes).
  * ACPI: resource: Add Asus Vivobook X1504VAP to irq1_level_low_skip_override[]
    (stable-fixes).
  * ACPI: resource: Add TongFang GM5HG0A to irq1_edge_low_force_override[]
    (stable-fixes).
  * ACPI: resource: acpi_dev_irq_override(): Check DMI match last (stable-
    fixes).
  * ALSA: hda/realtek - Add support for ASUS Zen AIO 27 Z272SD_A272SD audio
    (stable-fixes).
  * ALSA: hda/realtek - Fixed headphone distorted sound on Acer Aspire A115-31
    laptop (git-fixes).
  * ALSA: hda/realtek: Add new alc2xx-fixup-headset-mic model (stable-fixes).
  * ALSA: hda/realtek: Add support for Ayaneo System using CS35L41 HDA (stable-
    fixes).
  * ALSA: hda/realtek: Add support for Galaxy Book2 Pro (NP950XEE) (stable-
    fixes).
  * ALSA: hda/realtek: Enable Mute LED on HP Laptop 14s-fq1xxx (stable-fixes).
  * ALSA: hda/realtek: Enable headset mic on Positivo C6400 (stable-fixes).
  * ALSA: hda/realtek: Workaround for resume on Dell Venue 11 Pro 7130
    (bsc#1235686).
  * ALSA: hda: Fix headset detection failure due to unstable sort (git-fixes).
  * ALSA: ump: Use guard() for locking (stable-fixes).
  * ALSA: usb-audio: Add delay quirk for USB Audio Device (stable-fixes).
  * ALSA: usb-audio: Add delay quirk for iBasso DC07 Pro (stable-fixes).
  * ASoC: Intel: avs: Fix theoretical infinite loop (git-fixes).
  * ASoC: acp: Support microphone from Lenovo Go S (stable-fixes).
  * ASoC: mediatek: disable buffer pre-allocation (stable-fixes).
  * ASoC: rockchip: i2s_tdm: Re-add the set_sysclk callback (git-fixes).
  * ASoC: rt722: add delay time to wait for the calibration procedure (stable-
    fixes).
  * ASoC: samsung: Add missing depends on I2C (git-fixes).
  * ASoC: samsung: Add missing selects for MFD_WM8994 (stable-fixes).
  * ASoC: sun4i-spdif: Add clock multiplier settings (git-fixes).
  * ASoC: wm8994: Add depends on MFD core (stable-fixes).
  * Align git commit ID abbreviation guidelines and checks (git-fixes).
  * Bluetooth: Add support ITTIM PE50-M75C (stable-fixes).
  * Bluetooth: L2CAP: accept zero as a special value for MTU auto-selection
    (git-fixes).
  * Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc (git-fixes).
  * Bluetooth: MGMT: Fix Add Device to responding before completing (git-fixes).
  * Bluetooth: btnxpuart: Fix driver sending truncated data (git-fixes).
  * Bluetooth: btnxpuart: Fix glitches seen in dual A2DP streaming (git-fixes).
  * Bluetooth: btusb: Add USB HW IDs for MT7921/MT7922/MT7925 (stable-fixes).
  * Bluetooth: btusb: Add new VID/PID 0489/e111 for MT7925 (stable-fixes).
  * Bluetooth: btusb: Add new VID/PID 13d3/3602 for MT7925 (stable-fixes).
  * Bluetooth: btusb: add callback function in btusb suspend/resume (stable-
    fixes).
  * Bluetooth: btusb: mediatek: add callback function in btusb_disconnect
    (stable-fixes).
  * Bluetooth: hci_sync: Fix not setting Random Address when required (git-
    fixes).
  * uvcvideo: drop fix due to regression (bsc#1235894)
  * EDAC/{i10nm,skx,skx_common}: Support UV systems (bsc#1234693).
  * HID: core: Fix assumption that Resolution Multipliers must be in Logical
    Collections (git-fixes).
  * HID: fix generic desktop D-Pad controls (git-fixes).
  * HID: hid-sensor-hub: do not use stale platform-data on remove (git-fixes).
  * HID: hid-thrustmaster: Fix warning in thrustmaster_probe by adding endpoint
    check (git-fixes).
  * HID: multitouch: fix support for Goodix PID 0x01e9 (git-fixes).
  * Input: atkbd - map F23 key to support default copilot shortcut (stable-
    fixes).
  * Input: bbnsm_pwrkey - add remove hook (git-fixes).
  * Input: bbnsm_pwrkey - fix missed key press after suspend (git-fixes).
  * Input: davinci-keyscan - remove leftover header (git-fixes).
  * Input: xpad - add QH Electronics VID/PID (stable-fixes).
  * Input: xpad - add support for Nacon Evol-X Xbox One Controller (stable-
    fixes).
  * Input: xpad - add support for Nacon Pro Compact (stable-fixes).
  * Input: xpad - add support for wooting two he (arm) (stable-fixes).
  * Input: xpad - add unofficial Xbox 360 wireless receiver clone (stable-
    fixes).
  * Input: xpad - improve name of 8BitDo controller 2dc8:3106 (stable-fixes).
  * KVM: SVM: Allow guest writes to set MSR_AMD64_DE_CFG bits (bsc#1234635).
  * KVM: s390: Reject KVM_SET_GSI_ROUTING on ucontrol VMs (git-fixes
    bsc#1235776).
  * KVM: s390: Reject setting flic pfault attributes on ucontrol VMs (git-fixes
    bsc#1235777).
  * KVM: s390: vsie: fix virtual/physical address in unpin_scb() (git-fixes
    bsc#1235778).
  * Move upstreamed DRM patch into sorted section
  * Move upstreamed NFS patch into sorted section
  * Move upstreamed TPM patch into sorted section
  * Move upstreamed lpfc patches into sorted section
  * Move upstreamed ppc patch into sorted section
  * Move upstreamed sound patch into sorted section
  * NFC: nci: Add bounds checking in nci_hci_create_pipe() (git-fixes).
  * NFSv4.2: fix COPY_NOTIFY xdr buf size calculation (git-fixes).
  * NFSv4.2: mark OFFLOAD_CANCEL MOVEABLE (git-fixes).
  * PCI: Avoid putting some root ports into D3 on TUXEDO Sirius Gen1 (git-
    fixes).
  * PCI: dwc: Always stop link in the dw_pcie_suspend_noirq (git-fixes).
  * PCI: dwc: ep: Prevent changing BAR size/flags in pci_epc_set_bar() (git-
    fixes).
  * PCI: dwc: ep: Write BAR_MASK before iATU registers in pci_epc_set_bar()
    (git-fixes).
  * PCI: endpoint: Destroy the EPC device in devm_pci_epc_destroy() (git-fixes).
  * PCI: endpoint: Finish virtual EP removal in pci_epf_remove_vepf() (git-
    fixes).
  * PCI: endpoint: pci-epf-test: Fix check for DMA MEMCPY test (git-fixes).
  * PCI: endpoint: pci-epf-test: Set dma_chan_rx pointer to NULL on error (git-
    fixes).
  * PCI: imx6: Deassert apps_reset in imx_pcie_deassert_core_reset() (git-
    fixes).
  * PCI: imx6: Skip controller_id generation logic for i.MX7D (git-fixes).
  * PCI: microchip: Set inbound address translation for coherent or non-coherent
    mode (git-fixes).
  * PCI: rcar-ep: Fix incorrect variable used when calling
    devm_request_mem_region() (git-fixes).
  * PM: hibernate: Add error handling for syscore_suspend() (git-fixes).
  * RDMA/bnxt_re: Add send queue size check for variable wqe (git-fixes)
  * RDMA/bnxt_re: Fix MSN table size for variable wqe mode (git-fixes)
  * RDMA/bnxt_re: Fix max SGEs for the Work Request (git-fixes)
  * RDMA/bnxt_re: Fix the max WQE size for static WQE support (git-fixes)
  * RDMA/bnxt_re: Fix the max WQEs used in Static WQE mode (git-fixes)
  * RDMA/bnxt_re: Fix to drop reference to the mmap entry in case of error (git-
    fixes)
  * RDMA/bnxt_re: Fix to export port num to ib_query_qp (git-fixes)
  * RDMA/mlx4: Avoid false error about access to uninitialized gids array (git-
    fixes)
  * RDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error (git-
    fixes)
  * RDMA/mlx5: Fix implicit ODP use after free (git-fixes)
  * RDMA/mlx5: Fix indirect mkey ODP page count (git-fixes)
  * RDMA/rxe: Fix mismatched max_msg_sz (git-fixes)
  * RDMA/rxe: Fix the warning "__rxe_cleanup+0x12c/0x170 [rdma_rxe]" (git-fixes)
  * RDMA/srp: Fix error handling in srp_add_port (git-fixes)
  * USB: core: Disable LPM only for non-suspended ports (git-fixes).
  * USB: serial: cp210x: add Phoenix Contact UPS Device (stable-fixes).
  * USB: serial: option: add MeiG Smart SRM815 (stable-fixes).
  * USB: serial: option: add Neoway N723-EA support (stable-fixes).
  * USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() (git-
    fixes).
  * USB: usblp: return error when setting unsupported protocol (git-fixes).
  * Update patches.suse/nvme-tcp-Fix-I-O-queue-cpu-spreading-for-multiple-
    co.patch (git-fixes bsc#1224049).
  * VFS: use system_unbound_wq for delayed_mntput (bsc#1234683).
  * VMCI: fix reference to ioctl-number.rst (git-fixes).
  * afs: Fix EEXIST error returned from afs_rmdir() to be ENOTEMPTY (git-fixes).
  * afs: Fix cleanup of immediately failed async calls (git-fixes).
  * afs: Fix directory format encoding struct (git-fixes).
  * afs: Fix the fallback handling for the YFS.RemoveFile2 RPC call (git-fixes).
  * afs: Fix the maximum cell name length (git-fixes).
  * arm64/sme: Move storage of reg_smidr to __cpuinfo_store_cpu() (git-fixes)
  * arm64: Filter out SVE hwcaps when FEAT_SVE isn't implemented (git-fixes)
  * arm64: Kconfig: Make SME depend on BROKEN for now (git-fixes bsc#1236245).
  * arm64: dts: rockchip: Add sdmmc/sdio/emmc reset controls for RK3328 (git-
    fixes)
  * arm64: dts: rockchip: add hevc power domain clock to rk3328 (git-fixes).
  * arm64: dts: rockchip: increase gmac rx_delay on rk3399-puma (git-fixes)
  * arm64: ptrace: fix partial SETREGSET for NT_ARM_TAGGED_ADDR_CTRL (git-
    fixes).
  * arm64: tegra: Disable Tegra234 sce-fabric node (git-fixes)
  * arm64: tegra: Fix Tegra234 PCIe interrupt-map (git-fixes)
  * arm64: tegra: Fix typo in Tegra234 dce-fabric compatible (git-fixes)
  * ata: libata-core: Set ATA_QCFLAG_RTF_FILLED in fill_result_tf() (stable-
    fixes).
  * bnxt_en: Fix GSO type for HW GRO packets on 5750X chips (git-fixes)
  * btrfs: fix use-after-free in btrfs_encoded_read_endio() (bsc#1235445).
  * btrfs: fix use-after-free waiting for encoded read endios (bsc#1235445).
  * bus: mhi: host: Free mhi_buf vector inside mhi_alloc_bhie_table() (git-
    fixes).
  * ceph: improve error handling and short/overflow-read logic in
    __ceph_sync_read() (bsc#1228592).
  * cleanup: Add conditional guard support (stable-fixes).
  * cleanup: Adjust scoped_guard() macros to avoid potential warning (stable-
    fixes).
  * cleanup: Remove address space of returned pointer (git-fixes).
  * cpufreq: ACPI: Fix max-frequency computation (git-fixes).
  * cpufreq: Do not unregister cpufreq cooling on CPU hotplug (git-fixes).
  * cpufreq: amd-pstate: remove global header file (git-fixes).
  * cpufreq: intel_pstate: Check turbo_is_disabled() in store_no_turbo()
    (bsc#1234619).
  * cpufreq: intel_pstate: Do not update global.turbo_disabled after
    initialization (bsc#1234619).
  * cpufreq: intel_pstate: Drop redundant locking from
    intel_pstate_driver_cleanup() (bsc#1234619).
  * cpufreq: intel_pstate: Fix unchecked HWP MSR access (bsc#1234619).
  * cpufreq: intel_pstate: Fold intel_pstate_max_within_limits() into caller
    (bsc#1234619).
  * cpufreq: intel_pstate: Get rid of unnecessary READ_ONCE() annotations
    (bsc#1234619).
  * cpufreq: intel_pstate: Make hwp_notify_lock a raw spinlock (git-fixes).
  * cpufreq: intel_pstate: Read global.no_turbo under READ_ONCE() (bsc#1234619).
  * cpufreq: intel_pstate: Rearrange show_no_turbo() and store_no_turbo()
    (bsc#1234619).
  * cpufreq: intel_pstate: Refine computation of P-state for given frequency
    (bsc#1234619).
  * cpufreq: intel_pstate: Replace three global.turbo_disabled checks
    (bsc#1234619).
  * cpufreq: intel_pstate: Revise global turbo disable check (bsc#1234619).
  * cpufreq: intel_pstate: Simplify spinlock locking (bsc#1234619).
  * cpufreq: intel_pstate: Update the maximum CPU frequency consistently
    (bsc#1234619).
  * cpufreq: intel_pstate: Use HWP to initialize ITMT if CPPC is missing (git-
    fixes).
  * cpufreq: intel_pstate: Use __ro_after_init for three variables
    (bsc#1234619).
  * cpufreq: intel_pstate: Wait for canceled delayed work to complete
    (bsc#1234619).
  * cpufreq: intel_pstate: fix pstate limits enforcement for adjust_perf call
    back (git-fixes).
  * cpuidle: Avoid potential overflow in integer multiplication (git-fixes).
  * cpupower: fix TSC MHz calculation (git-fixes).
  * crypto: caam - use JobR's space to access page 0 regs (git-fixes).
  * crypto: ecc - Prevent ecc_digits_from_bytes from reading too many bytes
    (git-fixes).
  * crypto: ecdsa - Avoid signed integer overflow on signature decoding (stable-
    fixes).
  * crypto: ecdsa - Convert byte arrays with key coordinates to digits (stable-
    fixes).
  * crypto: ecdsa - Rename keylen to bufsize where necessary (stable-fixes).
  * crypto: ecdsa - Use ecc_digits_from_bytes to convert signature (stable-
    fixes).
  * crypto: iaa - Fix IAA disabling that occurs when sync_mode is set to 'async'
    (git-fixes).
  * crypto: ixp4xx - fix OF node reference leaks in init_ixp_crypto() (git-
    fixes).
  * crypto: qce - fix goto jump in error path (git-fixes).
  * crypto: qce - fix priority to be less than ARMv8 CE (git-fixes).
  * crypto: qce - unregister previously registered algos in error path (git-
    fixes).
  * devcoredump: cleanup some comments (git-fixes).
  * dlm: fix possible lkb_resource null dereference (git-fixes).
  * dmaengine: ti: edma: fix OF node reference leaks in edma_driver (git-fixes).
  * doc/README.SUSE: Point to the updated version of LKMPG
  * docs: media: update location of the media patches (stable-fixes).
  * docs: power: Fix footnote reference for Toshiba Satellite P10-554 (git-
    fixes).
  * driver core: class: Fix wild pointer dereferences in API
    class_dev_iter_next() (git-fixes).
  * drivers/card_reader/rtsx_usb: Restore interrupt based detection (git-fixes).
  * drm/amd/display: Add check for granularity in dml ceil/floor helpers
    (stable-fixes).
  * drm/amd/display: Fix DSC-re-computing (stable-fixes).
  * drm/amd/display: Fix incorrect DSC recompute trigger (stable-fixes).
  * drm/amd/display: Use HW lock mgr for PSR1 (stable-fixes).
  * drm/amd/display: increase MAX_SURFACES to the value supported by hw (stable-
    fixes).
  * drm/amd/pm: Fix an error handling path in
    vega10_enable_se_edc_force_stall_config() (git-fixes).
  * drm/amdgpu/vcn: reset fw_shared under SRIOV (git-fixes).
  * drm/amdgpu: Fix potential NULL pointer dereference in
    atomctrl_get_smc_sclk_range_table (git-fixes).
  * drm/amdgpu: always sync the GFX pipe on ctx switch (stable-fixes).
  * drm/amdgpu: simplify return statement in amdgpu_ras_eeprom_init (git-fixes).
  * drm/amdgpu: tear down ttm range manager for doorbell in amdgpu_ttm_fini()
    (git-fixes).
  * drm/amdkfd: Correct the migration DMA map direction (stable-fixes).
  * drm/amdkfd: fixed page fault when enable MES shader debugger (git-fixes).
  * drm/bridge: it6505: Change definition of AUX_FIFO_MAX_SIZE (git-fixes).
  * drm/etnaviv: Fix page property being used for non writecombine buffers (git-
    fixes).
  * drm/i915/fb: Relax clear color alignment to 64 bytes (stable-fixes).
  * drm/mediatek: Add return value check when reading DPCD (git-fixes).
  * drm/mediatek: Add support for 180-degree rotation in the display driver
    (git-fixes).
  * drm/mediatek: Fix YCbCr422 color format issue for DP (git-fixes).
  * drm/mediatek: Fix mode valid issue for dp (git-fixes).
  * drm/mediatek: Set private->all_drm_private[i]->drm to NULL if mtk_drm_bind
    returns err (git-fixes).
  * drm/mediatek: mtk_dsi: Add registers to pdata to fix MT8186/MT8188 (git-
    fixes).
  * drm/mediatek: stop selecting foreign drivers (git-fixes).
  * drm/msm/dp: set safe_to_exit_level before printing it (git-fixes).
  * drm/msm/dpu: link DSPP_2/_3 blocks on SC8180X (git-fixes).
  * drm/msm/dpu: link DSPP_2/_3 blocks on SM8150 (git-fixes).
  * drm/msm/dpu: link DSPP_2/_3 blocks on SM8250 (git-fixes).
  * drm/msm/dpu: link DSPP_2/_3 blocks on SM8350 (git-fixes).
  * drm/msm/dpu: link DSPP_2/_3 blocks on SM8550 (git-fixes).
  * drm/msm: Check return value of of_dma_configure() (git-fixes).
  * drm/msm: do not clean up priv->kms prematurely (git-fixes).
  * drm/rcar-du: dsi: Fix PHY lock bit check (git-fixes).
  * drm/rockchip: cdn-dp: Use drm_connector_helper_hpd_irq_event() (git-fixes).
  * drm/rockchip: vop2: Check linear format for Cluster windows on rk3566/8
    (git-fixes).
  * drm/rockchip: vop2: Fix cluster windows alpha ctrl regsiters offset (git-
    fixes).
  * drm/rockchip: vop2: Fix the mixer alpha setup for layer 0 (git-fixes).
  * drm/tidss: Clear the interrupt status for interrupts being disabled (git-
    fixes).
  * drm/tidss: Fix issue in irq handling causing irq-flood issue (git-fixes).
  * drm/v3d: Assign job pointer to NULL before signaling the fence (git-fixes).
  * drm/v3d: Ensure job pointer is set to NULL after job completion (git-fixes).
  * drm/v3d: Stop active perfmon if it is being destroyed (git-fixes).
  * drm/vmwgfx: Add new keep_resv BO param (git-fixes).
  * exfat: ensure that ctime is updated whenever the mtime is (git-fixes).
  * exfat: fix the infinite loop in __exfat_free_cluster() (git-fixes).
  * exfat: fix the infinite loop in exfat_readdir() (git-fixes).
  * fbdev: omapfb: Fix an OF node leak in dss_of_port_get_parent_device() (git-
    fixes).
  * genirq: Make handle_enforce_irqctx() unconditionally available (git-fixes).
  * genksyms: fix memory leak when the same symbol is added from source (git-
    fixes).
  * genksyms: fix memory leak when the same symbol is read from *.symref file
    (git-fixes).
  * gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (git-fixes).
  * gpio: mxc: remove dead code after switch to DT-only (git-fixes).
  * gpio: xilinx: Convert gpio_lock to raw spinlock (git-fixes).
  * gtp: Use for_each_netdev_rcu() in gtp_genl_dump_pdp() (git-fixes).
  * hwmon: (drivetemp) Fix driver producing garbage data when SCSI errors occur
    (git-fixes).
  * hwmon: (drivetemp) Set scsi command timeout to 10s (stable-fixes).
  * hwmon: (tmp513) Fix division of negative numbers (git-fixes).
  * hyperv: Do not overlap the hvcall IO areas in get_vtl() (git-fixes).
  * i2c: core: fix reference leak in i2c_register_adapter() (git-fixes).
  * i2c: i801: Add support for Intel Arrow Lake-H (stable-fixes).
  * i2c: i801: Add support for Intel Panther Lake (stable-fixes).
  * i2c: mux: demux-pinctrl: check initial mux selection, too (git-fixes).
  * i2c: rcar: fix NACK handling when being a target (git-fixes).
  * i2c: xgene-slimpro: Migrate to use generic PCC shmem related macros (stable-
    fixes).
  * ibmvnic: Free any outstanding tx skbs during scrq reset (bsc#1226980).
  * ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe()
    (git-fixes).
  * iio: adc: ad7124: Disable all channels at probe time (git-fixes).
  * iio: adc: ad_sigma_delta: Handle CS assertion as intended in
    ad_sd_read_reg_raw() (git-fixes).
  * iio: adc: at91: call input_free_device() on allocated iio_dev (git-fixes).
  * iio: adc: rockchip_saradc: fix information leak in triggered buffer (git-
    fixes).
  * iio: adc: ti-ads124s08: Use gpiod_set_value_cansleep() (git-fixes).
  * iio: adc: ti-ads8688: fix information leak in triggered buffer (git-fixes).
  * iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered
    buffer (git-fixes).
  * iio: gyro: fxas21002c: Fix missing data update in trigger handler (git-
    fixes).
  * iio: iio-mux: kzalloc instead of devm_kzalloc to ensure page alignment (git-
    fixes).
  * iio: imu: kmx61: fix information leak in triggered buffer (git-fixes).
  * iio: inkern: call iio_device_put() only on mapped devices (git-fixes).
  * iio: light: as73211: fix channel handling in only-color triggered buffer
    (git-fixes).
  * iio: light: vcnl4035: fix information leak in triggered buffer (git-fixes).
  * iio: pressure: zpa2326: fix information leak in triggered buffer (git-
    fixes).
  * iio: test : check null return of kunit_kmalloc in iio_rescale_test_scale
    (git-fixes).
  * intel_th: core: fix kernel-doc warnings (git-fixes).
  * ipmi: ipmb: Add check devm_kasprintf() returned value (git-fixes).
  * ipmi: ssif_bmc: Fix new request loss when bmc ready for a response (git-
    fixes).
  * irqchip/gic-v3: Force propagation of the active state with a read-back
    (stable-fixes).
  * irqchip/gic: Correct declaration of *percpu_base pointer in union gic_base
    (stable-fixes).
  * kABI workaround for struct auto_pin_cfg_item change (git-fixes).
  * kconfig: fix file name in warnings when loading KCONFIG_DEFCONFIG_LIST (git-
    fixes).
  * kheaders: Ignore silly-rename files (stable-fixes).
  * ktest.pl: Avoid false positives with grub2 skip regex (stable-fixes).
  * ktest.pl: Check kernelrelease return in get_version (git-fixes).
  * ktest.pl: Fix typo "accesing" (git-fixes).
  * ktest.pl: Fix typo in comment (git-fixes).
  * ktest.pl: Remove unused declarations in run_bisect_test function (git-
    fixes).
  * ktest: force $buildonly = 1 for 'make_warnings_file' test type (stable-
    fixes).
  * landlock: Handle weird files (git-fixes).
  * latencytop: use correct kernel-doc format for func params (git-fixes).
  * leds: lp8860: Write full EEPROM, not only half of it (git-fixes).
  * leds: netxbig: Fix an OF node reference leak in netxbig_leds_get_of_pdata()
    (git-fixes).
  * lib/inflate.c: remove dead code (git-fixes).
  * lib/stackdepot: print disabled message only if truly disabled (git-fixes).
  * mac802154: check local interfaces before deleting sdata list (stable-fixes).
  * mailbox: pcc: Add support for platform notification handling (stable-fixes).
  * mailbox: pcc: Support shared interrupt for multiple subspaces (stable-
    fixes).
  * mailbox: tegra-hsp: Clear mailbox before using message (git-fixes).
  * maple_tree: simplify split calculation (git-fixes).
  * media: camif-core: Add check for clk_enable() (git-fixes).
  * media: ccs: Clean up parsed CCS static data on parse failure (git-fixes).
  * media: ccs: Fix CCS static data parsing for large block sizes (git-fixes).
  * media: ccs: Fix cleanup order in ccs_probe() (git-fixes).
  * media: dvb-usb-v2: af9035: fix ISO C90 compilation error on
    af9035_i2c_master_xfer (git-fixes).
  * media: dvb: mb86a16: check the return value of mb86a16_read() (git-fixes).
  * media: firewire: firedtv-avc.c: replace BUG with proper, error return (git-
    fixes).
  * media: i2c: imx412: Add missing newline to prints (git-fixes).
  * media: i2c: ov9282: Correct the exposure offset (git-fixes).
  * media: imx-jpeg: Fix potential error pointer dereference in detach_pm()
    (git-fixes).
  * media: imx296: Add standby delay during probe (git-fixes).
  * media: lmedm04: Handle errors for lme2510_int_read (git-fixes).
  * media: marvell: Add check for clk_enable() (git-fixes).
  * media: mc: fix endpoint iteration (git-fixes).
  * media: mipi-csis: Add check for clk_enable() (git-fixes).
  * media: nxp: imx8-isi: fix v4l2-compliance test errors (git-fixes).
  * media: ov08x40: Fix hblank out of range issue (git-fixes).
  * media: ov5640: fix get_light_freq on auto (git-fixes).
  * media: rc: iguanair: handle timeouts (git-fixes).
  * media: rkisp1: Fix unused value issue (git-fixes).
  * media: uvcvideo: Fix crash during unbind if gpio unit is in use (git-fixes).
  * media: uvcvideo: Fix double free in error path (git-fixes).
  * media: uvcvideo: Fix event flags in uvc_ctrl_send_events (git-fixes).
  * media: uvcvideo: Force UVC version to 1.0a for 0408:4035 (stable-fixes).
  * media: uvcvideo: Only save async fh if success (git-fixes).
  * media: uvcvideo: Propagate buf->error to userspace (git-fixes).
  * media: uvcvideo: Remove dangling pointers (git-fixes).
  * media: uvcvideo: Remove redundant NULL assignment (git-fixes).
  * media: uvcvideo: Support partial control reads (git-fixes).
  * memory tiering: count PGPROMOTE_SUCCESS when mem tiering is enabled (git-
    fixes).
  * memory-failure: use a folio in me_huge_page() (git-fixes).
  * memory: tegra20-emc: fix an OF node reference bug in
    tegra_emc_find_node_by_ram_code() (git-fixes).
  * misc: fastrpc: Deregister device nodes properly in error scenarios (git-
    fixes).
  * misc: fastrpc: Fix copy buffer page size (git-fixes).
  * misc: fastrpc: Fix registered buffer page address (git-fixes).
  * misc: microchip: pci1xxxx: Resolve kernel panic during GPIO IRQ handling
    (git-fixes).
  * misc: microchip: pci1xxxx: Resolve return code mismatch during GPIO set
    config (git-fixes).
  * misc: misc_minor_alloc to use ida for all dynamic/misc dynamic minors (git-
    fixes).
  * mm, kmsan: fix infinite recursion due to RCU critical section (git-fixes).
  * mm,page_owner: do not remove __GFP_NOLOCKDEP in add_stack_record_to_list
    (git-fixes).
  * mm/compaction: fix UBSAN shift-out-of-bounds warning (git fixes
    (mm/compaction)).
  * mm/memory-failure: cast index to loff_t before shifting it (git-fixes).
  * mm/memory-failure: check the mapcount of the precise page (git-fixes).
  * mm/memory-failure: fix crash in split_huge_page_to_list from
    soft_offline_page (git-fixes).
  * mm/memory-failure: pass the folio and the page to collect_procs() (git-
    fixes).
  * mm/memory-failure: use raw_spinlock_t in struct memory_failure_cpu (git-
    fixes).
  * mm/memory_hotplug: add missing mem_hotplug_lock (git-fixes).
  * mm/memory_hotplug: fix error handling in add_memory_resource() (git-fixes).
  * mm/memory_hotplug: prevent accessing by index=-1 (git-fixes).
  * mm/memory_hotplug: use pfn math in place of direct struct page manipulation
    (git-fixes).
  * mm/migrate: correct nr_failed in migrate_pages_sync() (git-fixes).
  * mm/migrate: fix deadlock in migrate_pages_batch() on large folios (git-
    fixes).
  * mm/migrate: putback split folios when numa hint migration fails (git-fixes).
  * mm/migrate: split source folio if it is on deferred split list (git-fixes).
  * mm/page_owner: remove free_ts from page_owner output (git-fixes).
  * mm/rodata_test: use READ_ONCE() to read const variable (git-fixes).
  * mm: convert DAX lock/unlock page to lock/unlock folio (git-fixes).
  * mm: memory-failure: ensure moving HWPoison flag to the raw error pages (git-
    fixes).
  * mm: memory-failure: fetch compound head after extra page refcnt is held
    (git-fixes).
  * mm: memory-failure: fix potential page refcnt leak in memory_failure() (git-
    fixes).
  * mm: memory-failure: fix race window when trying to get hugetlb folio (git-
    fixes).
  * mm: memory-failure: remove unneeded PageHuge() check (git-fixes).
  * mm: prevent derefencing NULL ptr in pfn_section_valid() (git-fixes).
  * modpost: fix the missed iteration for the max bit in do_input() (git-fixes).
  * mtd: onenand: Fix uninitialized retlen in do_otp_read() (git-fixes).
  * mtd: spinand: Remove write_enable_op() in markbad() (git-fixes).
  * net/rose: prevent integer overflows in rose_setsockopt() (git-fixes).
  * net: mana: Add get_link and get_link_ksettings in ethtool (bsc#1236761).
  * net: mana: Cleanup "mana" debugfs dir after cleanup of all children
    (bsc#1236760).
  * net: mana: Enable debugfs files for MANA device (bsc#1236758).
  * net: netvsc: Update default VMBus channels (bsc#1236757).
  * net: phy: c45-tjaxx: add delay between MDIO write and read in soft_reset
    (git-fixes).
  * net: rose: fix timer races against user threads (git-fixes).
  * net: usb: qmi_wwan: add Telit FE910C04 compositions (stable-fixes).
  * net: usb: rtl8150: enable basic endpoint checking (git-fixes).
  * net: wwan: iosm: Properly check for valid exec stage in ipc_mmio_init()
    (git-fixes).
  * net: wwan: t7xx: Fix FSM command timeout issue (git-fixes).
  * netfilter: nf_tables: validate family when identifying table via handle
    (bsc#1233778 ZDI-24-1454).
  * nilfs2: fix possible int overflows in nilfs_fiemap() (git-fixes).
  * nvme-tcp: Fix I/O queue cpu spreading for multiple controllers (git-fixes).
  * nvme: Add error check for xa_store in nvme_get_effects_log (git-fixes).
  * nvme: Add error path for xa_store in nvme_init_effects (git-fixes).
  * nvme: fix bogus kzalloc() return check in nvme_init_effects_log() (git-
    fixes).
  * nvmet: propagate npwg topology (git-fixes).
  * padata: add pd get/put refcnt helper (git-fixes).
  * padata: avoid UAF for reorder_work (git-fixes).
  * padata: fix UAF in padata_reorder (git-fixes).
  * pinctrl: amd: Take suspend type into consideration which pins are non-wake
    (git-fixes).
  * pinctrl: samsung: fix fwnode refcount cleanup if platform_get_irq_optional()
    fails (git-fixes).
  * platform/x86/amd/pmc: Only disable IRQ1 wakeup where i8042 actually enabled
    it (git-fixes).
  * platform/x86/intel-uncore-freq: Ignore minor version change (bsc#1225897).
  * platform/x86/intel/tpmi: Add defines to get version information
    (bsc#1225897).
  * pm:cpupower: Add missing powercap_set_enabled() stub function (git-fixes).
  * power: ip5xxx_power: Fix return value on ADC read errors (git-fixes).
  * powerpc/iommu: Move pSeries specific functions to pseries/iommu.c
    (bsc#1220711 ltc#205755).
  * powerpc/iommu: Only build sPAPR access functions on pSeries (bsc#1220711
    ltc#205755).
  * powerpc/powernv/pci: Remove MVE code (bsc#1220711 ltc#205755).
  * powerpc/powernv/pci: Remove ioda1 support (bsc#1220711 ltc#205755).
  * powerpc/powernv/pci: Remove last IODA1 defines (bsc#1220711 ltc#205755).
  * powerpc/pseries/eeh: Fix get PE state translation (bsc#1215199).
  * powerpc/pseries/iommu: IOMMU incorrectly marks MMIO range in DDW
    (bsc#1218470 ltc#204531).
  * powerpc/pseries/vas: Add close() callback in vas_vm_ops struct
    (bsc#1234825).
  * pps: add an error check in parport_attach (git-fixes).
  * pps: remove usage of the deprecated ida_simple_xx() API (stable-fixes).
  * printk: Add is_printk_legacy_deferred() (bsc#1236733).
  * printk: Defer legacy printing when holding printk_cpu_sync (bsc#1236733).
  * pwm: stm32-lp: Add check for clk_enable() (git-fixes).
  * pwm: stm32: Add check for clk_enable() (git-fixes).
  * r8169: enable SG/TSO on selected chip versions per default (bsc#1235874).
  * rcu-tasks: Pull sampling of ->percpu_dequeue_lim out of loop (git-fixes)
  * rcu/tree: Defer setting of jiffies during stall reset (git-fixes)
  * rcu: Dump memory object info if callback function is invalid (git-fixes)
  * rcu: Eliminate rcu_gp_slow_unregister() false positive (git-fixes)
  * rcuscale: Move rcu_scale_writer() (git-fixes)
  * rdma/cxgb4: Prevent potential integer overflow on 32bit (git-fixes)
  * regulator: core: Add missing newline character (git-fixes).
  * regulator: of: Implement the unwind path of of_regulator_match() (git-
    fixes).
  * remoteproc: core: Fix ida_free call while not allocated (git-fixes).
  * rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read (git-fixes).
  * rtc: zynqmp: Fix optional clock name property (git-fixes).
  * s390x config: IOMMU_DEFAULT_DMA_LAZY=y (bsc#1235646)
  * samples/landlock: Fix possible NULL dereference in parse_path() (git-fixes).
  * sched/fair: Fix value reported by hot tasks pulled in /proc/schedstat
    (bsc#1235865).
  * sched/fair: Fix value reported by hot tasks pulled in /proc/schedstat -kabi
    (bsc#1235865).
  * scsi: storvsc: Ratelimit warning logs to prevent VM denial of service (git-
    fixes).
  * seccomp: Stub for !CONFIG_SECCOMP (stable-fixes).
  * selftest: media_tests: fix trivial UAF typo (git-fixes).
  * selftests/alsa: Fix circular dependency involving global-timer (stable-
    fixes).
  * selftests/landlock: Fix error message (git-fixes).
  * selftests/mm/cow: modify the incorrect checking parameters (git-fixes).
  * selftests/powerpc: Fix argument order to timer_sub() (git-fixes).
  * selftests: harness: fix printing of mismatch values in __EXPECT() (git-
    fixes).
  * selftests: mptcp: avoid spurious errors on disconnect (git-fixes).
  * selftests: tc-testing: reduce rshift value (stable-fixes).
  * selftests: timers: clocksource-switch: Adapt progress to kselftest framework
    (git-fixes).
  * selinux: Fix SCTP error inconsistency in selinux_socket_bind() (git-fixes).
  * serial: 8250: Adjust the timeout for FIFO mode (git-fixes).
  * serial: sh-sci: Do not probe the serial port if its slot in sci_ports[] is
    in use (git-fixes).
  * serial: sh-sci: Drop __initdata macro for port_cfg (git-fixes).
  * ocfs2: temporarily disable upstream patch (bsc#1236138).
  * soc: atmel: fix device_node release in atmel_soc_device_init() (git-fixes).
  * soc: mediatek: mtk-devapc: Fix leaking IO map on error paths (git-fixes).
  * soc: qcom: smem_state: fix missing of_node_put in error path (git-fixes).
  * soc: qcom: socinfo: Avoid out of bounds read of serial number (git-fixes).
  * sound: usb: enable DSD output for ddHiFi TC44C (stable-fixes).
  * sound: usb: format: do not warn that raw DSD is unsupported (stable-fixes).
  * spi: zynq-qspi: Add check for clk_enable() (git-fixes).
  * srcu: Fix srcu_struct node grpmask overflow on 64-bit systems (git-fixes)
  * srcu: Only accelerate on enqueue time (git-fixes)
  * stackdepot: rename pool_index to pool_index_plus_1 (git-fixes).
  * stackdepot: respect __GFP_NOLOCKDEP allocation flag (git-fixes).
  * staging: iio: ad9832: Correct phase range check (git-fixes).
  * staging: iio: ad9834: Correct phase range check (git-fixes).
  * staging: media: imx: fix OF node leak in imx_media_add_of_subdevs() (git-
    fixes).
  * staging: media: max96712: fix kernel oops when removing module (git-fixes).
  * thermal: of: fix OF node leak in of_thermal_zone_find() (git-fixes).
  * thunderbolt: Add support for Intel Lunar Lake (stable-fixes).
  * thunderbolt: Add support for Intel Panther Lake-M/P (stable-fixes).
  * tipc: fix NULL deref in cleanup_bearer() (bsc#1235433).
  * tools: Sync if_xdp.h uapi tooling header (git-fixes).
  * tpm: Map the ACPI provided event log (bsc#1233260 bsc#1233259 bsc#1232421).
  * tty: serial: 8250: Fix another runtime PM usage counter underflow (git-
    fixes).
  * tty: xilinx_uartps: split sysrq handling (git-fixes).
  * ubifs: skip dumping tnc tree when zroot is null (git-fixes).
  * uio: Fix return value of poll (git-fixes).
  * uio: uio_dmem_genirq: check the return value of devm_kasprintf() (git-
    fixes).
  * usb-storage: Add max sectors quirk for Nokia 208 (stable-fixes).
  * usb: chipidea: add CI_HDRC_FORCE_VBUS_ACTIVE_ALWAYS flag (stable-fixes).
  * usb: chipidea: ci_hdrc_imx: decrement device's refcount in .remove() and in
    the error path of .probe() (git-fixes).
  * usb: dwc3-am62: Disable autosuspend during remove (git-fixes).
  * usb: dwc3-am62: Fix an OF node leak in phy_syscon_pll_refclk() (git-fixes).
  * usb: dwc3: gadget: fix writing NYET threshold (git-fixes).
  * usb: fix reference leak in usb_new_device() (git-fixes).
  * usb: gadget: configfs: Ignore trailing LF for user strings to cdev (git-
    fixes).
  * usb: gadget: f_fs: Remove WARN_ON in functionfs_bind (git-fixes).
  * usb: gadget: f_tcm: Decrement command ref count on cleanup (git-fixes).
  * usb: gadget: f_tcm: Do not free command immediately (git-fixes).
  * usb: gadget: f_tcm: Do not prepare BOT write request twice (git-fixes).
  * usb: gadget: f_tcm: Fix Get/SetInterface return value (git-fixes).
  * usb: gadget: f_tcm: Translate error to sense (git-fixes).
  * usb: gadget: f_tcm: ep_autoconfig with fullspeed endpoint (git-fixes).
  * usb: gadget: f_uac2: Fix incorrect setting of bNumEndpoints (git-fixes).
  * usb: gadget: u_serial: Disable ep before setting port to null to fix the
    crash caused by port being null (git-fixes).
  * usb: host: xhci-plat: Assign shared_hcd->rsrc_start (git-fixes).
  * usb: typec: fix pm usage counter imbalance in ucsi_ccg_sync_control()
    (bsc#1235001)
  * usb: typec: tcpm/tcpci_maxim: fix error code in
    max_contaminant_read_resistance_kohm() (git-fixes).
  * usb: typec: tcpm: set SRC_SEND_CAPABILITIES timeout to PD_T_SENDER_RESPONSE
    (git-fixes).
  * usbnet: ipheth: break up NCM header size computation (git-fixes).
  * usbnet: ipheth: check that DPE points past NCM header (git-fixes).
  * usbnet: ipheth: fix DPE OoB read (git-fixes).
  * usbnet: ipheth: fix possible overflow in DPE length check (git-fixes).
  * usbnet: ipheth: refactor NCM datagram loop (git-fixes).
  * usbnet: ipheth: use static NDP16 location in URB (git-fixes).
  * vfio/pci: Lock external INTx masking ops (bsc#1222803).
  * virtio-mem: check if the config changed before fake offlining memory (git-
    fixes).
  * virtio-mem: convert most offline_and_remove_memory() errors to -EBUSY (git-
    fixes).
  * virtio-mem: keep retrying on offline_and_remove_memory() errors in Sub Block
    Mode (SBM) (git-fixes).
  * virtio-mem: remove unsafe unplug in Big Block Mode (BBM) (git-fixes).
  * vmscan,migrate: fix page count imbalance on node stats when demoting pages
    (git-fixes).
  * vsock/virtio: cancel close work in the destructor (git-fixes)
  * vsock: Keep the binding until socket destruction (git-fixes)
  * vsock: reset socket state when de-assigning the transport (git-fixes)
  * watchdog: rzg2l_wdt: Power on the watchdog domain in the restart handler
    (stable-fixes).
  * watchdog: rzg2l_wdt: Rely on the reset driver for doing proper reset
    (stable-fixes).
  * watchdog: rzg2l_wdt: Remove reset de-assert from probe (stable-fixes).
  * wifi: ath11k: Fix unexpected return buffer manager error for WCN6750/WCN6855
    (git-fixes).
  * wifi: ath11k: cleanup struct ath11k_mon_data (git-fixes).
  * wifi: ath12k: fix atomic calls in ath12k_mac_op_set_bitrate_mask() (stable-
    fixes).
  * wifi: ath12k: fix tx power, max reg power update to firmware (git-fixes).
  * wifi: brcmfmac: add missing header include for brcmf_dbg (git-fixes).
  * wifi: cfg80211: adjust allocation of colocated AP data (git-fixes).
  * wifi: iwlwifi: fw: read STEP table from correct UEFI var (git-fixes).
  * wifi: mac80211: Add non-atomic station iterator (stable-fixes).
  * wifi: mac80211: Fix common size calculation for ML element (git-fixes).
  * wifi: mac80211: do not flush non-uploaded STAs (git-fixes).
  * wifi: mac80211: export ieee80211_purge_tx_queue() for drivers (stable-
    fixes).
  * wifi: mac80211: fix mbss changed flags corruption on 32 bit systems (stable-
    fixes).
  * wifi: mac80211: fix tid removal during mesh forwarding (git-fixes).
  * wifi: mac80211: prohibit deactivating all links (git-fixes).
  * wifi: mac80211: wake the queues in case of failure in resume (stable-fixes).
  * wifi: mt76: mt76u_vendor_request: Do not print error messages when -EPROTO
    (git-fixes).
  * wifi: mt76: mt7915: Fix mesh scan on MT7916 DBDC (git-fixes).
  * wifi: mt76: mt7915: add module param to select 5 GHz or 6 GHz on MT7916
    (git-fixes).
  * wifi: mt76: mt7915: firmware restart on devices with a second pcie link
    (git-fixes).
  * wifi: mt76: mt7915: fix overflows seen when writing limit attributes (git-
    fixes).
  * wifi: mt76: mt7915: fix register mapping (git-fixes).
  * wifi: mt76: mt7921: fix using incorrect group cipher after disconnection
    (git-fixes).
  * wifi: mt76: mt7925: fix off by one in mt7925_load_clc() (git-fixes).
  * wifi: mt76: mt7996: add max mpdu len capability (git-fixes).
  * wifi: mt76: mt7996: fix HE Phy capability (git-fixes).
  * wifi: mt76: mt7996: fix definition of tx descriptor (git-fixes).
  * wifi: mt76: mt7996: fix incorrect indexing of MIB FW event (git-fixes).
  * wifi: mt76: mt7996: fix ldpc setting (git-fixes).
  * wifi: mt76: mt7996: fix overflows seen when writing limit attributes (git-
    fixes).
  * wifi: mt76: mt7996: fix register mapping (git-fixes).
  * wifi: mt76: mt7996: fix rx filter setting for bfee functionality (git-
    fixes).
  * wifi: mt76: mt7996: fix the capability of reception of EHT MU PPDU (git-
    fixes).
  * wifi: rtlwifi: destroy workqueue at rtl_deinit_core (git-fixes).
  * wifi: rtlwifi: do not complete firmware loading needlessly (git-fixes).
  * wifi: rtlwifi: fix init_sw_vars leak when probe fails (git-fixes).
  * wifi: rtlwifi: fix memory leaks and invalid access at probe error path (git-
    fixes).
  * wifi: rtlwifi: pci: wait for firmware loading before releasing memory (git-
    fixes).
  * wifi: rtlwifi: remove unused check_buddy_priv (git-fixes).
  * wifi: rtlwifi: rtl8192se: rise completion of firmware loading as last step
    (git-fixes).
  * wifi: rtlwifi: rtl8821ae: Fix media status report (git-fixes).
  * wifi: rtlwifi: rtl8821ae: phy: restore removed code to fix infinite loop
    (git-fixes).
  * wifi: rtlwifi: usb: fix workqueue leak when probe fails (git-fixes).
  * wifi: rtlwifi: wait for firmware loading before releasing memory (git-
    fixes).
  * wifi: rtw88: use ieee80211_purge_tx_queue() to purge TX skb (stable-fixes).
  * wifi: rtw89: mcc: consider time limits not divisible by 1024 (git-fixes).
  * wifi: wcn36xx: fix channel survey memory allocation size (git-fixes).
  * wifi: wlcore: fix unbalanced pm_runtime calls (git-fixes).
  * workqueue: Add rcu lock check at the end of work item execution
    (bsc#1236732).
  * x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0
    (git-fixes).
  * xfs: Add error handling for xfs_reflink_cancel_cow_range (git-fixes).
  * xfs: Propagate errors from xfs_reflink_cancel_cow_range in
    xfs_dax_write_iomap_end (git-fixes).

## Special Instructions and Notes:

  * Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-557=1

  * SUSE Linux Enterprise Live Patching 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-557=1

  * SUSE Real Time Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-RT-15-SP6-2025-557=1

## Package List:

  * openSUSE Leap 15.6 (x86_64)
    * kernel-rt-devel-6.4.0-150600.10.26.1
    * reiserfs-kmp-rt-6.4.0-150600.10.26.1
    * reiserfs-kmp-rt-debuginfo-6.4.0-150600.10.26.1
    * gfs2-kmp-rt-debuginfo-6.4.0-150600.10.26.1
    * dlm-kmp-rt-6.4.0-150600.10.26.1
    * kernel-rt-debugsource-6.4.0-150600.10.26.1
    * cluster-md-kmp-rt-debuginfo-6.4.0-150600.10.26.1
    * kernel-rt_debug-devel-6.4.0-150600.10.26.1
    * kernel-rt-devel-debuginfo-6.4.0-150600.10.26.1
    * ocfs2-kmp-rt-debuginfo-6.4.0-150600.10.26.1
    * kernel-rt_debug-debugsource-6.4.0-150600.10.26.1
    * kernel-rt-extra-6.4.0-150600.10.26.1
    * kernel-rt-livepatch-devel-6.4.0-150600.10.26.1
    * kernel-syms-rt-6.4.0-150600.10.26.1
    * dlm-kmp-rt-debuginfo-6.4.0-150600.10.26.1
    * kernel-rt_debug-devel-debuginfo-6.4.0-150600.10.26.1
    * cluster-md-kmp-rt-6.4.0-150600.10.26.1
    * kernel-rt_debug-vdso-6.4.0-150600.10.26.1
    * kernel-rt-debuginfo-6.4.0-150600.10.26.1
    * gfs2-kmp-rt-6.4.0-150600.10.26.1
    * kernel-rt-vdso-debuginfo-6.4.0-150600.10.26.1
    * kernel-rt_debug-vdso-debuginfo-6.4.0-150600.10.26.1
    * kernel-rt-optional-debuginfo-6.4.0-150600.10.26.1
    * kernel-rt-vdso-6.4.0-150600.10.26.1
    * kselftests-kmp-rt-6.4.0-150600.10.26.1
    * kernel-rt-extra-debuginfo-6.4.0-150600.10.26.1
    * kernel-rt_debug-debuginfo-6.4.0-150600.10.26.1
    * kselftests-kmp-rt-debuginfo-6.4.0-150600.10.26.1
    * kernel-rt-optional-6.4.0-150600.10.26.1
    * ocfs2-kmp-rt-6.4.0-150600.10.26.1
  * openSUSE Leap 15.6 (noarch)
    * kernel-source-rt-6.4.0-150600.10.26.1
    * kernel-devel-rt-6.4.0-150600.10.26.1
  * openSUSE Leap 15.6 (nosrc x86_64)
    * kernel-rt-6.4.0-150600.10.26.1
    * kernel-rt_debug-6.4.0-150600.10.26.1
  * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64)
    * kernel-livepatch-6_4_0-150600_10_26-rt-debuginfo-1-150600.1.3.1
    * kernel-livepatch-6_4_0-150600_10_26-rt-1-150600.1.3.1
    * kernel-livepatch-SLE15-SP6-RT_Update_8-debugsource-1-150600.1.3.1
  * SUSE Real Time Module 15-SP6 (x86_64)
    * kernel-rt-devel-debuginfo-6.4.0-150600.10.26.1
    * kernel-rt-debuginfo-6.4.0-150600.10.26.1
    * ocfs2-kmp-rt-debuginfo-6.4.0-150600.10.26.1
    * kernel-rt-devel-6.4.0-150600.10.26.1
    * gfs2-kmp-rt-6.4.0-150600.10.26.1
    * kernel-rt_debug-debugsource-6.4.0-150600.10.26.1
    * gfs2-kmp-rt-debuginfo-6.4.0-150600.10.26.1
    * dlm-kmp-rt-6.4.0-150600.10.26.1
    * kernel-syms-rt-6.4.0-150600.10.26.1
    * kernel-rt-debugsource-6.4.0-150600.10.26.1
    * cluster-md-kmp-rt-debuginfo-6.4.0-150600.10.26.1
    * dlm-kmp-rt-debuginfo-6.4.0-150600.10.26.1
    * kernel-rt_debug-debuginfo-6.4.0-150600.10.26.1
    * kernel-rt_debug-devel-debuginfo-6.4.0-150600.10.26.1
    * cluster-md-kmp-rt-6.4.0-150600.10.26.1
    * kernel-rt_debug-devel-6.4.0-150600.10.26.1
    * ocfs2-kmp-rt-6.4.0-150600.10.26.1
  * SUSE Real Time Module 15-SP6 (noarch)
    * kernel-source-rt-6.4.0-150600.10.26.1
    * kernel-devel-rt-6.4.0-150600.10.26.1
  * SUSE Real Time Module 15-SP6 (nosrc x86_64)
    * kernel-rt-6.4.0-150600.10.26.1
    * kernel-rt_debug-6.4.0-150600.10.26.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-52923.html
  * https://www.suse.com/security/cve/CVE-2024-36476.html
  * https://www.suse.com/security/cve/CVE-2024-39282.html
  * https://www.suse.com/security/cve/CVE-2024-43913.html
  * https://www.suse.com/security/cve/CVE-2024-45828.html
  * https://www.suse.com/security/cve/CVE-2024-46858.html
  * https://www.suse.com/security/cve/CVE-2024-46896.html
  * https://www.suse.com/security/cve/CVE-2024-47141.html
  * https://www.suse.com/security/cve/CVE-2024-47143.html
  * https://www.suse.com/security/cve/CVE-2024-47809.html
  * https://www.suse.com/security/cve/CVE-2024-48873.html
  * https://www.suse.com/security/cve/CVE-2024-48881.html
  * https://www.suse.com/security/cve/CVE-2024-49569.html
  * https://www.suse.com/security/cve/CVE-2024-49948.html
  * https://www.suse.com/security/cve/CVE-2024-49951.html
  * https://www.suse.com/security/cve/CVE-2024-49978.html
  * https://www.suse.com/security/cve/CVE-2024-49998.html
  * https://www.suse.com/security/cve/CVE-2024-50051.html
  * https://www.suse.com/security/cve/CVE-2024-50106.html
  * https://www.suse.com/security/cve/CVE-2024-50151.html
  * https://www.suse.com/security/cve/CVE-2024-50199.html
  * https://www.suse.com/security/cve/CVE-2024-50251.html
  * https://www.suse.com/security/cve/CVE-2024-50258.html
  * https://www.suse.com/security/cve/CVE-2024-50299.html
  * https://www.suse.com/security/cve/CVE-2024-50304.html
  * https://www.suse.com/security/cve/CVE-2024-52332.html
  * https://www.suse.com/security/cve/CVE-2024-53091.html
  * https://www.suse.com/security/cve/CVE-2024-53095.html
  * https://www.suse.com/security/cve/CVE-2024-53164.html
  * https://www.suse.com/security/cve/CVE-2024-53168.html
  * https://www.suse.com/security/cve/CVE-2024-53170.html
  * https://www.suse.com/security/cve/CVE-2024-53172.html
  * https://www.suse.com/security/cve/CVE-2024-53175.html
  * https://www.suse.com/security/cve/CVE-2024-53185.html
  * https://www.suse.com/security/cve/CVE-2024-53187.html
  * https://www.suse.com/security/cve/CVE-2024-53194.html
  * https://www.suse.com/security/cve/CVE-2024-53195.html
  * https://www.suse.com/security/cve/CVE-2024-53196.html
  * https://www.suse.com/security/cve/CVE-2024-53197.html
  * https://www.suse.com/security/cve/CVE-2024-53198.html
  * https://www.suse.com/security/cve/CVE-2024-53203.html
  * https://www.suse.com/security/cve/CVE-2024-53227.html
  * https://www.suse.com/security/cve/CVE-2024-53230.html
  * https://www.suse.com/security/cve/CVE-2024-53231.html
  * https://www.suse.com/security/cve/CVE-2024-53232.html
  * https://www.suse.com/security/cve/CVE-2024-53233.html
  * https://www.suse.com/security/cve/CVE-2024-53236.html
  * https://www.suse.com/security/cve/CVE-2024-53239.html
  * https://www.suse.com/security/cve/CVE-2024-53685.html
  * https://www.suse.com/security/cve/CVE-2024-53690.html
  * https://www.suse.com/security/cve/CVE-2024-54680.html
  * https://www.suse.com/security/cve/CVE-2024-55639.html
  * https://www.suse.com/security/cve/CVE-2024-55881.html
  * https://www.suse.com/security/cve/CVE-2024-55916.html
  * https://www.suse.com/security/cve/CVE-2024-56369.html
  * https://www.suse.com/security/cve/CVE-2024-56372.html
  * https://www.suse.com/security/cve/CVE-2024-56531.html
  * https://www.suse.com/security/cve/CVE-2024-56532.html
  * https://www.suse.com/security/cve/CVE-2024-56533.html
  * https://www.suse.com/security/cve/CVE-2024-56538.html
  * https://www.suse.com/security/cve/CVE-2024-56543.html
  * https://www.suse.com/security/cve/CVE-2024-56546.html
  * https://www.suse.com/security/cve/CVE-2024-56548.html
  * https://www.suse.com/security/cve/CVE-2024-56557.html
  * https://www.suse.com/security/cve/CVE-2024-56558.html
  * https://www.suse.com/security/cve/CVE-2024-56568.html
  * https://www.suse.com/security/cve/CVE-2024-56569.html
  * https://www.suse.com/security/cve/CVE-2024-56570.html
  * https://www.suse.com/security/cve/CVE-2024-56571.html
  * https://www.suse.com/security/cve/CVE-2024-56572.html
  * https://www.suse.com/security/cve/CVE-2024-56573.html
  * https://www.suse.com/security/cve/CVE-2024-56574.html
  * https://www.suse.com/security/cve/CVE-2024-56575.html
  * https://www.suse.com/security/cve/CVE-2024-56577.html
  * https://www.suse.com/security/cve/CVE-2024-56578.html
  * https://www.suse.com/security/cve/CVE-2024-56584.html
  * https://www.suse.com/security/cve/CVE-2024-56587.html
  * https://www.suse.com/security/cve/CVE-2024-56588.html
  * https://www.suse.com/security/cve/CVE-2024-56589.html
  * https://www.suse.com/security/cve/CVE-2024-56590.html
  * https://www.suse.com/security/cve/CVE-2024-56592.html
  * https://www.suse.com/security/cve/CVE-2024-56593.html
  * https://www.suse.com/security/cve/CVE-2024-56594.html
  * https://www.suse.com/security/cve/CVE-2024-56595.html
  * https://www.suse.com/security/cve/CVE-2024-56596.html
  * https://www.suse.com/security/cve/CVE-2024-56597.html
  * https://www.suse.com/security/cve/CVE-2024-56598.html
  * https://www.suse.com/security/cve/CVE-2024-5660.html
  * https://www.suse.com/security/cve/CVE-2024-56600.html
  * https://www.suse.com/security/cve/CVE-2024-56601.html
  * https://www.suse.com/security/cve/CVE-2024-56602.html
  * https://www.suse.com/security/cve/CVE-2024-56603.html
  * https://www.suse.com/security/cve/CVE-2024-56606.html
  * https://www.suse.com/security/cve/CVE-2024-56607.html
  * https://www.suse.com/security/cve/CVE-2024-56608.html
  * https://www.suse.com/security/cve/CVE-2024-56609.html
  * https://www.suse.com/security/cve/CVE-2024-56610.html
  * https://www.suse.com/security/cve/CVE-2024-56611.html
  * https://www.suse.com/security/cve/CVE-2024-56614.html
  * https://www.suse.com/security/cve/CVE-2024-56615.html
  * https://www.suse.com/security/cve/CVE-2024-56616.html
  * https://www.suse.com/security/cve/CVE-2024-56617.html
  * https://www.suse.com/security/cve/CVE-2024-56619.html
  * https://www.suse.com/security/cve/CVE-2024-56620.html
  * https://www.suse.com/security/cve/CVE-2024-56622.html
  * https://www.suse.com/security/cve/CVE-2024-56623.html
  * https://www.suse.com/security/cve/CVE-2024-56625.html
  * https://www.suse.com/security/cve/CVE-2024-56629.html
  * https://www.suse.com/security/cve/CVE-2024-56630.html
  * https://www.suse.com/security/cve/CVE-2024-56631.html
  * https://www.suse.com/security/cve/CVE-2024-56632.html
  * https://www.suse.com/security/cve/CVE-2024-56634.html
  * https://www.suse.com/security/cve/CVE-2024-56635.html
  * https://www.suse.com/security/cve/CVE-2024-56636.html
  * https://www.suse.com/security/cve/CVE-2024-56637.html
  * https://www.suse.com/security/cve/CVE-2024-56641.html
  * https://www.suse.com/security/cve/CVE-2024-56642.html
  * https://www.suse.com/security/cve/CVE-2024-56643.html
  * https://www.suse.com/security/cve/CVE-2024-56644.html
  * https://www.suse.com/security/cve/CVE-2024-56648.html
  * https://www.suse.com/security/cve/CVE-2024-56649.html
  * https://www.suse.com/security/cve/CVE-2024-56650.html
  * https://www.suse.com/security/cve/CVE-2024-56651.html
  * https://www.suse.com/security/cve/CVE-2024-56654.html
  * https://www.suse.com/security/cve/CVE-2024-56656.html
  * https://www.suse.com/security/cve/CVE-2024-56658.html
  * https://www.suse.com/security/cve/CVE-2024-56659.html
  * https://www.suse.com/security/cve/CVE-2024-56660.html
  * https://www.suse.com/security/cve/CVE-2024-56661.html
  * https://www.suse.com/security/cve/CVE-2024-56662.html
  * https://www.suse.com/security/cve/CVE-2024-56663.html
  * https://www.suse.com/security/cve/CVE-2024-56664.html
  * https://www.suse.com/security/cve/CVE-2024-56665.html
  * https://www.suse.com/security/cve/CVE-2024-56670.html
  * https://www.suse.com/security/cve/CVE-2024-56672.html
  * https://www.suse.com/security/cve/CVE-2024-56675.html
  * https://www.suse.com/security/cve/CVE-2024-56677.html
  * https://www.suse.com/security/cve/CVE-2024-56678.html
  * https://www.suse.com/security/cve/CVE-2024-56679.html
  * https://www.suse.com/security/cve/CVE-2024-56681.html
  * https://www.suse.com/security/cve/CVE-2024-56683.html
  * https://www.suse.com/security/cve/CVE-2024-56687.html
  * https://www.suse.com/security/cve/CVE-2024-56688.html
  * https://www.suse.com/security/cve/CVE-2024-56690.html
  * https://www.suse.com/security/cve/CVE-2024-56691.html
  * https://www.suse.com/security/cve/CVE-2024-56693.html
  * https://www.suse.com/security/cve/CVE-2024-56694.html
  * https://www.suse.com/security/cve/CVE-2024-56698.html
  * https://www.suse.com/security/cve/CVE-2024-56700.html
  * https://www.suse.com/security/cve/CVE-2024-56701.html
  * https://www.suse.com/security/cve/CVE-2024-56704.html
  * https://www.suse.com/security/cve/CVE-2024-56705.html
  * https://www.suse.com/security/cve/CVE-2024-56707.html
  * https://www.suse.com/security/cve/CVE-2024-56708.html
  * https://www.suse.com/security/cve/CVE-2024-56709.html
  * https://www.suse.com/security/cve/CVE-2024-56712.html
  * https://www.suse.com/security/cve/CVE-2024-56715.html
  * https://www.suse.com/security/cve/CVE-2024-56716.html
  * https://www.suse.com/security/cve/CVE-2024-56722.html
  * https://www.suse.com/security/cve/CVE-2024-56723.html
  * https://www.suse.com/security/cve/CVE-2024-56724.html
  * https://www.suse.com/security/cve/CVE-2024-56725.html
  * https://www.suse.com/security/cve/CVE-2024-56726.html
  * https://www.suse.com/security/cve/CVE-2024-56727.html
  * https://www.suse.com/security/cve/CVE-2024-56728.html
  * https://www.suse.com/security/cve/CVE-2024-56729.html
  * https://www.suse.com/security/cve/CVE-2024-56739.html
  * https://www.suse.com/security/cve/CVE-2024-56741.html
  * https://www.suse.com/security/cve/CVE-2024-56745.html
  * https://www.suse.com/security/cve/CVE-2024-56746.html
  * https://www.suse.com/security/cve/CVE-2024-56747.html
  * https://www.suse.com/security/cve/CVE-2024-56748.html
  * https://www.suse.com/security/cve/CVE-2024-56759.html
  * https://www.suse.com/security/cve/CVE-2024-56760.html
  * https://www.suse.com/security/cve/CVE-2024-56763.html
  * https://www.suse.com/security/cve/CVE-2024-56765.html
  * https://www.suse.com/security/cve/CVE-2024-56766.html
  * https://www.suse.com/security/cve/CVE-2024-56767.html
  * https://www.suse.com/security/cve/CVE-2024-56769.html
  * https://www.suse.com/security/cve/CVE-2024-56774.html
  * https://www.suse.com/security/cve/CVE-2024-56775.html
  * https://www.suse.com/security/cve/CVE-2024-56776.html
  * https://www.suse.com/security/cve/CVE-2024-56777.html
  * https://www.suse.com/security/cve/CVE-2024-56778.html
  * https://www.suse.com/security/cve/CVE-2024-56779.html
  * https://www.suse.com/security/cve/CVE-2024-56780.html
  * https://www.suse.com/security/cve/CVE-2024-56787.html
  * https://www.suse.com/security/cve/CVE-2024-57791.html
  * https://www.suse.com/security/cve/CVE-2024-57792.html
  * https://www.suse.com/security/cve/CVE-2024-57793.html
  * https://www.suse.com/security/cve/CVE-2024-57795.html
  * https://www.suse.com/security/cve/CVE-2024-57798.html
  * https://www.suse.com/security/cve/CVE-2024-57801.html
  * https://www.suse.com/security/cve/CVE-2024-57802.html
  * https://www.suse.com/security/cve/CVE-2024-57804.html
  * https://www.suse.com/security/cve/CVE-2024-57809.html
  * https://www.suse.com/security/cve/CVE-2024-57838.html
  * https://www.suse.com/security/cve/CVE-2024-57849.html
  * https://www.suse.com/security/cve/CVE-2024-57850.html
  * https://www.suse.com/security/cve/CVE-2024-57857.html
  * https://www.suse.com/security/cve/CVE-2024-57874.html
  * https://www.suse.com/security/cve/CVE-2024-57876.html
  * https://www.suse.com/security/cve/CVE-2024-57882.html
  * https://www.suse.com/security/cve/CVE-2024-57884.html
  * https://www.suse.com/security/cve/CVE-2024-57887.html
  * https://www.suse.com/security/cve/CVE-2024-57888.html
  * https://www.suse.com/security/cve/CVE-2024-57890.html
  * https://www.suse.com/security/cve/CVE-2024-57892.html
  * https://www.suse.com/security/cve/CVE-2024-57893.html
  * https://www.suse.com/security/cve/CVE-2024-57896.html
  * https://www.suse.com/security/cve/CVE-2024-57897.html
  * https://www.suse.com/security/cve/CVE-2024-57899.html
  * https://www.suse.com/security/cve/CVE-2024-57903.html
  * https://www.suse.com/security/cve/CVE-2024-57904.html
  * https://www.suse.com/security/cve/CVE-2024-57906.html
  * https://www.suse.com/security/cve/CVE-2024-57907.html
  * https://www.suse.com/security/cve/CVE-2024-57908.html
  * https://www.suse.com/security/cve/CVE-2024-57910.html
  * https://www.suse.com/security/cve/CVE-2024-57911.html
  * https://www.suse.com/security/cve/CVE-2024-57912.html
  * https://www.suse.com/security/cve/CVE-2024-57913.html
  * https://www.suse.com/security/cve/CVE-2024-57915.html
  * https://www.suse.com/security/cve/CVE-2024-57916.html
  * https://www.suse.com/security/cve/CVE-2024-57917.html
  * https://www.suse.com/security/cve/CVE-2024-57922.html
  * https://www.suse.com/security/cve/CVE-2024-57926.html
  * https://www.suse.com/security/cve/CVE-2024-57929.html
  * https://www.suse.com/security/cve/CVE-2024-57931.html
  * https://www.suse.com/security/cve/CVE-2024-57932.html
  * https://www.suse.com/security/cve/CVE-2024-57933.html
  * https://www.suse.com/security/cve/CVE-2024-57935.html
  * https://www.suse.com/security/cve/CVE-2024-57936.html
  * https://www.suse.com/security/cve/CVE-2024-57938.html
  * https://www.suse.com/security/cve/CVE-2024-57940.html
  * https://www.suse.com/security/cve/CVE-2024-57946.html
  * https://www.suse.com/security/cve/CVE-2025-21632.html
  * https://www.suse.com/security/cve/CVE-2025-21645.html
  * https://www.suse.com/security/cve/CVE-2025-21646.html
  * https://www.suse.com/security/cve/CVE-2025-21649.html
  * https://www.suse.com/security/cve/CVE-2025-21650.html
  * https://www.suse.com/security/cve/CVE-2025-21651.html
  * https://www.suse.com/security/cve/CVE-2025-21652.html
  * https://www.suse.com/security/cve/CVE-2025-21653.html
  * https://www.suse.com/security/cve/CVE-2025-21655.html
  * https://www.suse.com/security/cve/CVE-2025-21656.html
  * https://www.suse.com/security/cve/CVE-2025-21662.html
  * https://www.suse.com/security/cve/CVE-2025-21663.html
  * https://www.suse.com/security/cve/CVE-2025-21664.html
  * https://www.suse.com/security/cve/CVE-2025-21666.html
  * https://www.suse.com/security/cve/CVE-2025-21669.html
  * https://www.suse.com/security/cve/CVE-2025-21670.html
  * https://www.suse.com/security/cve/CVE-2025-21674.html
  * https://www.suse.com/security/cve/CVE-2025-21675.html
  * https://www.suse.com/security/cve/CVE-2025-21676.html
  * https://www.suse.com/security/cve/CVE-2025-21678.html
  * https://www.suse.com/security/cve/CVE-2025-21682.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1012628
  * https://bugzilla.suse.com/show_bug.cgi?id=1194869
  * https://bugzilla.suse.com/show_bug.cgi?id=1215199
  * https://bugzilla.suse.com/show_bug.cgi?id=1216813
  * https://bugzilla.suse.com/show_bug.cgi?id=1218470
  * https://bugzilla.suse.com/show_bug.cgi?id=1220711
  * https://bugzilla.suse.com/show_bug.cgi?id=1222803
  * https://bugzilla.suse.com/show_bug.cgi?id=1224049
  * https://bugzilla.suse.com/show_bug.cgi?id=1225897
  * https://bugzilla.suse.com/show_bug.cgi?id=1226980
  * https://bugzilla.suse.com/show_bug.cgi?id=1228592
  * https://bugzilla.suse.com/show_bug.cgi?id=1229833
  * https://bugzilla.suse.com/show_bug.cgi?id=1231016
  * https://bugzilla.suse.com/show_bug.cgi?id=1231088
  * https://bugzilla.suse.com/show_bug.cgi?id=1232087
  * https://bugzilla.suse.com/show_bug.cgi?id=1232101
  * https://bugzilla.suse.com/show_bug.cgi?id=1232158
  * https://bugzilla.suse.com/show_bug.cgi?id=1232161
  * https://bugzilla.suse.com/show_bug.cgi?id=1232421
  * https://bugzilla.suse.com/show_bug.cgi?id=1232882
  * https://bugzilla.suse.com/show_bug.cgi?id=1233055
  * https://bugzilla.suse.com/show_bug.cgi?id=1233112
  * https://bugzilla.suse.com/show_bug.cgi?id=1233221
  * https://bugzilla.suse.com/show_bug.cgi?id=1233248
  * https://bugzilla.suse.com/show_bug.cgi?id=1233259
  * https://bugzilla.suse.com/show_bug.cgi?id=1233260
  * https://bugzilla.suse.com/show_bug.cgi?id=1233488
  * https://bugzilla.suse.com/show_bug.cgi?id=1233522
  * https://bugzilla.suse.com/show_bug.cgi?id=1233638
  * https://bugzilla.suse.com/show_bug.cgi?id=1233642
  * https://bugzilla.suse.com/show_bug.cgi?id=1233778
  * https://bugzilla.suse.com/show_bug.cgi?id=1234195
  * https://bugzilla.suse.com/show_bug.cgi?id=1234619
  * https://bugzilla.suse.com/show_bug.cgi?id=1234635
  * https://bugzilla.suse.com/show_bug.cgi?id=1234683
  * https://bugzilla.suse.com/show_bug.cgi?id=1234693
  * https://bugzilla.suse.com/show_bug.cgi?id=1234726
  * https://bugzilla.suse.com/show_bug.cgi?id=1234825
  * https://bugzilla.suse.com/show_bug.cgi?id=1234863
  * https://bugzilla.suse.com/show_bug.cgi?id=1234887
  * https://bugzilla.suse.com/show_bug.cgi?id=1234888
  * https://bugzilla.suse.com/show_bug.cgi?id=1234893
  * https://bugzilla.suse.com/show_bug.cgi?id=1234898
  * https://bugzilla.suse.com/show_bug.cgi?id=1234901
  * https://bugzilla.suse.com/show_bug.cgi?id=1234906
  * https://bugzilla.suse.com/show_bug.cgi?id=1234923
  * https://bugzilla.suse.com/show_bug.cgi?id=1234931
  * https://bugzilla.suse.com/show_bug.cgi?id=1234934
  * https://bugzilla.suse.com/show_bug.cgi?id=1234947
  * https://bugzilla.suse.com/show_bug.cgi?id=1234957
  * https://bugzilla.suse.com/show_bug.cgi?id=1235000
  * https://bugzilla.suse.com/show_bug.cgi?id=1235001
  * https://bugzilla.suse.com/show_bug.cgi?id=1235011
  * https://bugzilla.suse.com/show_bug.cgi?id=1235031
  * https://bugzilla.suse.com/show_bug.cgi?id=1235032
  * https://bugzilla.suse.com/show_bug.cgi?id=1235035
  * https://bugzilla.suse.com/show_bug.cgi?id=1235037
  * https://bugzilla.suse.com/show_bug.cgi?id=1235038
  * https://bugzilla.suse.com/show_bug.cgi?id=1235039
  * https://bugzilla.suse.com/show_bug.cgi?id=1235040
  * https://bugzilla.suse.com/show_bug.cgi?id=1235042
  * https://bugzilla.suse.com/show_bug.cgi?id=1235043
  * https://bugzilla.suse.com/show_bug.cgi?id=1235046
  * https://bugzilla.suse.com/show_bug.cgi?id=1235050
  * https://bugzilla.suse.com/show_bug.cgi?id=1235051
  * https://bugzilla.suse.com/show_bug.cgi?id=1235053
  * https://bugzilla.suse.com/show_bug.cgi?id=1235054
  * https://bugzilla.suse.com/show_bug.cgi?id=1235057
  * https://bugzilla.suse.com/show_bug.cgi?id=1235059
  * https://bugzilla.suse.com/show_bug.cgi?id=1235065
  * https://bugzilla.suse.com/show_bug.cgi?id=1235070
  * https://bugzilla.suse.com/show_bug.cgi?id=1235073
  * https://bugzilla.suse.com/show_bug.cgi?id=1235100
  * https://bugzilla.suse.com/show_bug.cgi?id=1235112
  * https://bugzilla.suse.com/show_bug.cgi?id=1235115
  * https://bugzilla.suse.com/show_bug.cgi?id=1235117
  * https://bugzilla.suse.com/show_bug.cgi?id=1235122
  * https://bugzilla.suse.com/show_bug.cgi?id=1235123
  * https://bugzilla.suse.com/show_bug.cgi?id=1235125
  * https://bugzilla.suse.com/show_bug.cgi?id=1235132
  * https://bugzilla.suse.com/show_bug.cgi?id=1235133
  * https://bugzilla.suse.com/show_bug.cgi?id=1235155
  * https://bugzilla.suse.com/show_bug.cgi?id=1235160
  * https://bugzilla.suse.com/show_bug.cgi?id=1235217
  * https://bugzilla.suse.com/show_bug.cgi?id=1235219
  * https://bugzilla.suse.com/show_bug.cgi?id=1235220
  * https://bugzilla.suse.com/show_bug.cgi?id=1235222
  * https://bugzilla.suse.com/show_bug.cgi?id=1235223
  * https://bugzilla.suse.com/show_bug.cgi?id=1235224
  * https://bugzilla.suse.com/show_bug.cgi?id=1235227
  * https://bugzilla.suse.com/show_bug.cgi?id=1235230
  * https://bugzilla.suse.com/show_bug.cgi?id=1235241
  * https://bugzilla.suse.com/show_bug.cgi?id=1235244
  * https://bugzilla.suse.com/show_bug.cgi?id=1235249
  * https://bugzilla.suse.com/show_bug.cgi?id=1235251
  * https://bugzilla.suse.com/show_bug.cgi?id=1235252
  * https://bugzilla.suse.com/show_bug.cgi?id=1235389
  * https://bugzilla.suse.com/show_bug.cgi?id=1235390
  * https://bugzilla.suse.com/show_bug.cgi?id=1235391
  * https://bugzilla.suse.com/show_bug.cgi?id=1235406
  * https://bugzilla.suse.com/show_bug.cgi?id=1235410
  * https://bugzilla.suse.com/show_bug.cgi?id=1235412
  * https://bugzilla.suse.com/show_bug.cgi?id=1235413
  * https://bugzilla.suse.com/show_bug.cgi?id=1235415
  * https://bugzilla.suse.com/show_bug.cgi?id=1235416
  * https://bugzilla.suse.com/show_bug.cgi?id=1235417
  * https://bugzilla.suse.com/show_bug.cgi?id=1235418
  * https://bugzilla.suse.com/show_bug.cgi?id=1235423
  * https://bugzilla.suse.com/show_bug.cgi?id=1235424
  * https://bugzilla.suse.com/show_bug.cgi?id=1235425
  * https://bugzilla.suse.com/show_bug.cgi?id=1235426
  * https://bugzilla.suse.com/show_bug.cgi?id=1235427
  * https://bugzilla.suse.com/show_bug.cgi?id=1235428
  * https://bugzilla.suse.com/show_bug.cgi?id=1235429
  * https://bugzilla.suse.com/show_bug.cgi?id=1235430
  * https://bugzilla.suse.com/show_bug.cgi?id=1235433
  * https://bugzilla.suse.com/show_bug.cgi?id=1235437
  * https://bugzilla.suse.com/show_bug.cgi?id=1235439
  * https://bugzilla.suse.com/show_bug.cgi?id=1235441
  * https://bugzilla.suse.com/show_bug.cgi?id=1235444
  * https://bugzilla.suse.com/show_bug.cgi?id=1235445
  * https://bugzilla.suse.com/show_bug.cgi?id=1235449
  * https://bugzilla.suse.com/show_bug.cgi?id=1235451
  * https://bugzilla.suse.com/show_bug.cgi?id=1235454
  * https://bugzilla.suse.com/show_bug.cgi?id=1235458
  * https://bugzilla.suse.com/show_bug.cgi?id=1235459
  * https://bugzilla.suse.com/show_bug.cgi?id=1235464
  * https://bugzilla.suse.com/show_bug.cgi?id=1235466
  * https://bugzilla.suse.com/show_bug.cgi?id=1235473
  * https://bugzilla.suse.com/show_bug.cgi?id=1235479
  * https://bugzilla.suse.com/show_bug.cgi?id=1235480
  * https://bugzilla.suse.com/show_bug.cgi?id=1235483
  * https://bugzilla.suse.com/show_bug.cgi?id=1235486
  * https://bugzilla.suse.com/show_bug.cgi?id=1235487
  * https://bugzilla.suse.com/show_bug.cgi?id=1235488
  * https://bugzilla.suse.com/show_bug.cgi?id=1235489
  * https://bugzilla.suse.com/show_bug.cgi?id=1235491
  * https://bugzilla.suse.com/show_bug.cgi?id=1235494
  * https://bugzilla.suse.com/show_bug.cgi?id=1235495
  * https://bugzilla.suse.com/show_bug.cgi?id=1235496
  * https://bugzilla.suse.com/show_bug.cgi?id=1235497
  * https://bugzilla.suse.com/show_bug.cgi?id=1235498
  * https://bugzilla.suse.com/show_bug.cgi?id=1235500
  * https://bugzilla.suse.com/show_bug.cgi?id=1235502
  * https://bugzilla.suse.com/show_bug.cgi?id=1235503
  * https://bugzilla.suse.com/show_bug.cgi?id=1235519
  * https://bugzilla.suse.com/show_bug.cgi?id=1235520
  * https://bugzilla.suse.com/show_bug.cgi?id=1235521
  * https://bugzilla.suse.com/show_bug.cgi?id=1235523
  * https://bugzilla.suse.com/show_bug.cgi?id=1235526
  * https://bugzilla.suse.com/show_bug.cgi?id=1235528
  * https://bugzilla.suse.com/show_bug.cgi?id=1235532
  * https://bugzilla.suse.com/show_bug.cgi?id=1235533
  * https://bugzilla.suse.com/show_bug.cgi?id=1235534
  * https://bugzilla.suse.com/show_bug.cgi?id=1235537
  * https://bugzilla.suse.com/show_bug.cgi?id=1235538
  * https://bugzilla.suse.com/show_bug.cgi?id=1235545
  * https://bugzilla.suse.com/show_bug.cgi?id=1235552
  * https://bugzilla.suse.com/show_bug.cgi?id=1235555
  * https://bugzilla.suse.com/show_bug.cgi?id=1235557
  * https://bugzilla.suse.com/show_bug.cgi?id=1235563
  * https://bugzilla.suse.com/show_bug.cgi?id=1235564
  * https://bugzilla.suse.com/show_bug.cgi?id=1235565
  * https://bugzilla.suse.com/show_bug.cgi?id=1235568
  * https://bugzilla.suse.com/show_bug.cgi?id=1235570
  * https://bugzilla.suse.com/show_bug.cgi?id=1235571
  * https://bugzilla.suse.com/show_bug.cgi?id=1235577
  * https://bugzilla.suse.com/show_bug.cgi?id=1235578
  * https://bugzilla.suse.com/show_bug.cgi?id=1235582
  * https://bugzilla.suse.com/show_bug.cgi?id=1235583
  * https://bugzilla.suse.com/show_bug.cgi?id=1235584
  * https://bugzilla.suse.com/show_bug.cgi?id=1235587
  * https://bugzilla.suse.com/show_bug.cgi?id=1235611
  * https://bugzilla.suse.com/show_bug.cgi?id=1235612
  * https://bugzilla.suse.com/show_bug.cgi?id=1235616
  * https://bugzilla.suse.com/show_bug.cgi?id=1235622
  * https://bugzilla.suse.com/show_bug.cgi?id=1235627
  * https://bugzilla.suse.com/show_bug.cgi?id=1235632
  * https://bugzilla.suse.com/show_bug.cgi?id=1235635
  * https://bugzilla.suse.com/show_bug.cgi?id=1235638
  * https://bugzilla.suse.com/show_bug.cgi?id=1235641
  * https://bugzilla.suse.com/show_bug.cgi?id=1235643
  * https://bugzilla.suse.com/show_bug.cgi?id=1235645
  * https://bugzilla.suse.com/show_bug.cgi?id=1235646
  * https://bugzilla.suse.com/show_bug.cgi?id=1235647
  * https://bugzilla.suse.com/show_bug.cgi?id=1235650
  * https://bugzilla.suse.com/show_bug.cgi?id=1235653
  * https://bugzilla.suse.com/show_bug.cgi?id=1235656
  * https://bugzilla.suse.com/show_bug.cgi?id=1235657
  * https://bugzilla.suse.com/show_bug.cgi?id=1235663
  * https://bugzilla.suse.com/show_bug.cgi?id=1235686
  * https://bugzilla.suse.com/show_bug.cgi?id=1235700
  * https://bugzilla.suse.com/show_bug.cgi?id=1235705
  * https://bugzilla.suse.com/show_bug.cgi?id=1235707
  * https://bugzilla.suse.com/show_bug.cgi?id=1235708
  * https://bugzilla.suse.com/show_bug.cgi?id=1235710
  * https://bugzilla.suse.com/show_bug.cgi?id=1235714
  * https://bugzilla.suse.com/show_bug.cgi?id=1235716
  * https://bugzilla.suse.com/show_bug.cgi?id=1235720
  * https://bugzilla.suse.com/show_bug.cgi?id=1235723
  * https://bugzilla.suse.com/show_bug.cgi?id=1235727
  * https://bugzilla.suse.com/show_bug.cgi?id=1235730
  * https://bugzilla.suse.com/show_bug.cgi?id=1235737
  * https://bugzilla.suse.com/show_bug.cgi?id=1235739
  * https://bugzilla.suse.com/show_bug.cgi?id=1235745
  * https://bugzilla.suse.com/show_bug.cgi?id=1235747
  * https://bugzilla.suse.com/show_bug.cgi?id=1235750
  * https://bugzilla.suse.com/show_bug.cgi?id=1235753
  * https://bugzilla.suse.com/show_bug.cgi?id=1235759
  * https://bugzilla.suse.com/show_bug.cgi?id=1235764
  * https://bugzilla.suse.com/show_bug.cgi?id=1235768
  * https://bugzilla.suse.com/show_bug.cgi?id=1235776
  * https://bugzilla.suse.com/show_bug.cgi?id=1235777
  * https://bugzilla.suse.com/show_bug.cgi?id=1235778
  * https://bugzilla.suse.com/show_bug.cgi?id=1235779
  * https://bugzilla.suse.com/show_bug.cgi?id=1235793
  * https://bugzilla.suse.com/show_bug.cgi?id=1235798
  * https://bugzilla.suse.com/show_bug.cgi?id=1235806
  * https://bugzilla.suse.com/show_bug.cgi?id=1235808
  * https://bugzilla.suse.com/show_bug.cgi?id=1235812
  * https://bugzilla.suse.com/show_bug.cgi?id=1235814
  * https://bugzilla.suse.com/show_bug.cgi?id=1235818
  * https://bugzilla.suse.com/show_bug.cgi?id=1235842
  * https://bugzilla.suse.com/show_bug.cgi?id=1235865
  * https://bugzilla.suse.com/show_bug.cgi?id=1235874
  * https://bugzilla.suse.com/show_bug.cgi?id=1235894
  * https://bugzilla.suse.com/show_bug.cgi?id=1235902
  * https://bugzilla.suse.com/show_bug.cgi?id=1235903
  * https://bugzilla.suse.com/show_bug.cgi?id=1235906
  * https://bugzilla.suse.com/show_bug.cgi?id=1235914
  * https://bugzilla.suse.com/show_bug.cgi?id=1235918
  * https://bugzilla.suse.com/show_bug.cgi?id=1235919
  * https://bugzilla.suse.com/show_bug.cgi?id=1235920
  * https://bugzilla.suse.com/show_bug.cgi?id=1235924
  * https://bugzilla.suse.com/show_bug.cgi?id=1235940
  * https://bugzilla.suse.com/show_bug.cgi?id=1235941
  * https://bugzilla.suse.com/show_bug.cgi?id=1235946
  * https://bugzilla.suse.com/show_bug.cgi?id=1235948
  * https://bugzilla.suse.com/show_bug.cgi?id=1235952
  * https://bugzilla.suse.com/show_bug.cgi?id=1235964
  * https://bugzilla.suse.com/show_bug.cgi?id=1235965
  * https://bugzilla.suse.com/show_bug.cgi?id=1235967
  * https://bugzilla.suse.com/show_bug.cgi?id=1235969
  * https://bugzilla.suse.com/show_bug.cgi?id=1235976
  * https://bugzilla.suse.com/show_bug.cgi?id=1235977
  * https://bugzilla.suse.com/show_bug.cgi?id=1236078
  * https://bugzilla.suse.com/show_bug.cgi?id=1236080
  * https://bugzilla.suse.com/show_bug.cgi?id=1236082
  * https://bugzilla.suse.com/show_bug.cgi?id=1236088
  * https://bugzilla.suse.com/show_bug.cgi?id=1236090
  * https://bugzilla.suse.com/show_bug.cgi?id=1236091
  * https://bugzilla.suse.com/show_bug.cgi?id=1236096
  * https://bugzilla.suse.com/show_bug.cgi?id=1236097
  * https://bugzilla.suse.com/show_bug.cgi?id=1236098
  * https://bugzilla.suse.com/show_bug.cgi?id=1236101
  * https://bugzilla.suse.com/show_bug.cgi?id=1236102
  * https://bugzilla.suse.com/show_bug.cgi?id=1236104
  * https://bugzilla.suse.com/show_bug.cgi?id=1236106
  * https://bugzilla.suse.com/show_bug.cgi?id=1236120
  * https://bugzilla.suse.com/show_bug.cgi?id=1236125
  * https://bugzilla.suse.com/show_bug.cgi?id=1236127
  * https://bugzilla.suse.com/show_bug.cgi?id=1236131
  * https://bugzilla.suse.com/show_bug.cgi?id=1236138
  * https://bugzilla.suse.com/show_bug.cgi?id=1236143
  * https://bugzilla.suse.com/show_bug.cgi?id=1236144
  * https://bugzilla.suse.com/show_bug.cgi?id=1236145
  * https://bugzilla.suse.com/show_bug.cgi?id=1236160
  * https://bugzilla.suse.com/show_bug.cgi?id=1236161
  * https://bugzilla.suse.com/show_bug.cgi?id=1236163
  * https://bugzilla.suse.com/show_bug.cgi?id=1236168
  * https://bugzilla.suse.com/show_bug.cgi?id=1236178
  * https://bugzilla.suse.com/show_bug.cgi?id=1236180
  * https://bugzilla.suse.com/show_bug.cgi?id=1236181
  * https://bugzilla.suse.com/show_bug.cgi?id=1236182
  * https://bugzilla.suse.com/show_bug.cgi?id=1236190
  * https://bugzilla.suse.com/show_bug.cgi?id=1236192
  * https://bugzilla.suse.com/show_bug.cgi?id=1236198
  * https://bugzilla.suse.com/show_bug.cgi?id=1236227
  * https://bugzilla.suse.com/show_bug.cgi?id=1236245
  * https://bugzilla.suse.com/show_bug.cgi?id=1236247
  * https://bugzilla.suse.com/show_bug.cgi?id=1236248
  * https://bugzilla.suse.com/show_bug.cgi?id=1236260
  * https://bugzilla.suse.com/show_bug.cgi?id=1236262
  * https://bugzilla.suse.com/show_bug.cgi?id=1236628
  * https://bugzilla.suse.com/show_bug.cgi?id=1236680
  * https://bugzilla.suse.com/show_bug.cgi?id=1236683
  * https://bugzilla.suse.com/show_bug.cgi?id=1236685
  * https://bugzilla.suse.com/show_bug.cgi?id=1236688
  * https://bugzilla.suse.com/show_bug.cgi?id=1236694
  * https://bugzilla.suse.com/show_bug.cgi?id=1236696
  * https://bugzilla.suse.com/show_bug.cgi?id=1236698
  * https://bugzilla.suse.com/show_bug.cgi?id=1236703
  * https://bugzilla.suse.com/show_bug.cgi?id=1236732
  * https://bugzilla.suse.com/show_bug.cgi?id=1236733
  * https://bugzilla.suse.com/show_bug.cgi?id=1236757
  * https://bugzilla.suse.com/show_bug.cgi?id=1236758
  * https://bugzilla.suse.com/show_bug.cgi?id=1236760
  * https://bugzilla.suse.com/show_bug.cgi?id=1236761
  * https://jira.suse.com/browse/PED-7242

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250214/eac26a1f/attachment.htm>

From null at suse.de  Fri Feb 14 16:33:29 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 14 Feb 2025 16:33:29 -0000
Subject: SUSE-SU-2025:0558-1: moderate: Security update for buildah
Message-ID: <173955080934.19940.4955275270025275687@smelt2.prg2.suse.org>



# Security update for buildah

Announcement ID: SUSE-SU-2025:0558-1  
Release Date: 2025-02-14T15:28:52Z  
Rating: moderate  
References:

  * bsc#1236531

  
Cross-References:

  * CVE-2023-45288

  
CVSS scores:

  * CVE-2023-45288 ( SUSE ):  6.9
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2023-45288 ( SUSE ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

  
Affected Products:

  * openSUSE Leap 15.4

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for buildah fixes the following issues:

  * CVE-2023-45288: possible excessive CPU consumption due to no limit being set
    on the number of CONTINUATION frames read for an HTTP/2 request in
    golang.org/x/net/http2. (bsc#1236531)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-558=1

## Package List:

  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * buildah-1.35.5-150400.3.39.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-45288.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236531

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250214/586fb4bb/attachment.htm>

From null at suse.de  Fri Feb 14 16:34:43 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 14 Feb 2025 16:34:43 -0000
Subject: SUSE-SU-2025:0556-1: important: Security update for the Linux Kernel
Message-ID: <173955088360.19940.12471240456342857380@smelt2.prg2.suse.org>



# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2025:0556-1  
Release Date: 2025-02-14T15:26:36Z  
Rating: important  
References:

  * bsc#1194869
  * bsc#1216813
  * bsc#1223384
  * bsc#1225736
  * bsc#1226848
  * bsc#1226980
  * bsc#1228537
  * bsc#1228592
  * bsc#1230341
  * bsc#1230432
  * bsc#1230527
  * bsc#1230697
  * bsc#1231088
  * bsc#1231847
  * bsc#1232914
  * bsc#1233028
  * bsc#1233055
  * bsc#1233097
  * bsc#1233103
  * bsc#1233112
  * bsc#1233464
  * bsc#1233488
  * bsc#1233642
  * bsc#1233778
  * bsc#1234024
  * bsc#1234025
  * bsc#1234078
  * bsc#1234087
  * bsc#1234153
  * bsc#1234155
  * bsc#1234223
  * bsc#1234381
  * bsc#1234683
  * bsc#1234690
  * bsc#1234825
  * bsc#1234829
  * bsc#1234832
  * bsc#1234884
  * bsc#1234889
  * bsc#1234896
  * bsc#1234899
  * bsc#1234900
  * bsc#1234905
  * bsc#1234909
  * bsc#1234916
  * bsc#1234918
  * bsc#1234922
  * bsc#1234930
  * bsc#1234931
  * bsc#1234934
  * bsc#1234962
  * bsc#1234999
  * bsc#1235002
  * bsc#1235009
  * bsc#1235011
  * bsc#1235053
  * bsc#1235057
  * bsc#1235059
  * bsc#1235100
  * bsc#1235122
  * bsc#1235123
  * bsc#1235133
  * bsc#1235134
  * bsc#1235217
  * bsc#1235222
  * bsc#1235230
  * bsc#1235249
  * bsc#1235410
  * bsc#1235430
  * bsc#1235433
  * bsc#1235441
  * bsc#1235451
  * bsc#1235458
  * bsc#1235466
  * bsc#1235473
  * bsc#1235480
  * bsc#1235491
  * bsc#1235495
  * bsc#1235496
  * bsc#1235521
  * bsc#1235557
  * bsc#1235563
  * bsc#1235570
  * bsc#1235584
  * bsc#1235611
  * bsc#1235635
  * bsc#1235641
  * bsc#1235643
  * bsc#1235645
  * bsc#1235647
  * bsc#1235723
  * bsc#1235739
  * bsc#1235747
  * bsc#1235759
  * bsc#1235764
  * bsc#1235768
  * bsc#1235806
  * bsc#1235812
  * bsc#1235814
  * bsc#1235818
  * bsc#1235842
  * bsc#1235920
  * bsc#1235969
  * bsc#1236628

  
Cross-References:

  * CVE-2024-26758
  * CVE-2024-26943
  * CVE-2024-36898
  * CVE-2024-38599
  * CVE-2024-41047
  * CVE-2024-45019
  * CVE-2024-46858
  * CVE-2024-50051
  * CVE-2024-50136
  * CVE-2024-50142
  * CVE-2024-50151
  * CVE-2024-50195
  * CVE-2024-50199
  * CVE-2024-50210
  * CVE-2024-50275
  * CVE-2024-50299
  * CVE-2024-53095
  * CVE-2024-53103
  * CVE-2024-53104
  * CVE-2024-53112
  * CVE-2024-53121
  * CVE-2024-53127
  * CVE-2024-53129
  * CVE-2024-53138
  * CVE-2024-53141
  * CVE-2024-53144
  * CVE-2024-53148
  * CVE-2024-53151
  * CVE-2024-53166
  * CVE-2024-53169
  * CVE-2024-53171
  * CVE-2024-53174
  * CVE-2024-53177
  * CVE-2024-53208
  * CVE-2024-53209
  * CVE-2024-53215
  * CVE-2024-53217
  * CVE-2024-53224
  * CVE-2024-53227
  * CVE-2024-53229
  * CVE-2024-53690
  * CVE-2024-54680
  * CVE-2024-55916
  * CVE-2024-56531
  * CVE-2024-56532
  * CVE-2024-56533
  * CVE-2024-56557
  * CVE-2024-56558
  * CVE-2024-56562
  * CVE-2024-56567
  * CVE-2024-56588
  * CVE-2024-56595
  * CVE-2024-56596
  * CVE-2024-56597
  * CVE-2024-56600
  * CVE-2024-56601
  * CVE-2024-56602
  * CVE-2024-56623
  * CVE-2024-56629
  * CVE-2024-56631
  * CVE-2024-56642
  * CVE-2024-56644
  * CVE-2024-56645
  * CVE-2024-56648
  * CVE-2024-56650
  * CVE-2024-56658
  * CVE-2024-56661
  * CVE-2024-56664
  * CVE-2024-56678
  * CVE-2024-56681
  * CVE-2024-56698
  * CVE-2024-56701
  * CVE-2024-56704
  * CVE-2024-56722
  * CVE-2024-56739
  * CVE-2024-56745
  * CVE-2024-56747
  * CVE-2024-56754
  * CVE-2024-56756
  * CVE-2024-56759
  * CVE-2024-56765
  * CVE-2024-56776
  * CVE-2024-56777
  * CVE-2024-56778
  * CVE-2024-57791
  * CVE-2024-57792
  * CVE-2024-57793
  * CVE-2024-57798
  * CVE-2024-57849
  * CVE-2024-57850
  * CVE-2024-57876
  * CVE-2024-57893
  * CVE-2024-57897
  * CVE-2024-8805

  
CVSS scores:

  * CVE-2024-26758 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-26758 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-26943 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-36898 ( SUSE ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
  * CVE-2024-38599 ( SUSE ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
  * CVE-2024-41047 ( SUSE ):  0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N
  * CVE-2024-45019 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-45019 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-46858 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-46858 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50051 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-50051 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50051 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50051 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50136 ( SUSE ):  0.0
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-50136 ( SUSE ):  0.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
  * CVE-2024-50136 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50142 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-50142 ( SUSE ):  6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
  * CVE-2024-50142 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50151 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-50151 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2024-50151 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50195 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50195 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50199 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50210 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-50210 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50210 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50275 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50275 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50299 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50299 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53095 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53095 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53103 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53103 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53112 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53112 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53112 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53121 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53121 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53127 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53129 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53129 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53138 ( SUSE ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
  * CVE-2024-53138 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53141 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53141 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53141 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53144 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53148 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53148 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53151 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53151 ( SUSE ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-53151 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53166 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53166 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53166 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53166 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53169 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53169 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53171 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53171 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53171 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53171 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53174 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53174 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53174 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53177 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53177 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53177 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53208 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53208 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53208 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53209 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53209 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-53215 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53215 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53215 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53217 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53217 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53217 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53224 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53224 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53224 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53227 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53227 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53227 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53227 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53229 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53229 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53690 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53690 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54680 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-54680 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54680 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54680 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-55916 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-55916 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-55916 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56531 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56531 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56532 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56532 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56533 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56533 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56557 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56557 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56558 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56558 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56558 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56562 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56562 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56567 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56567 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56567 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56588 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56588 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56588 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56595 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56595 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56595 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56596 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56596 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56596 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56597 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56597 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-56600 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56600 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56601 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56602 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56602 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56602 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56602 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56623 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56623 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56623 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56629 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56629 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56629 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56631 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56631 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56631 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56631 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56642 ( SUSE ):  7.5
    CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56642 ( SUSE ):  7.1 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56642 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56642 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56644 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56644 ( SUSE ):  2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56645 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56645 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56648 ( SUSE ):  8.6
    CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56648 ( SUSE ):  8.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56648 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56650 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56650 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56650 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-56658 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56658 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56658 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56661 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56661 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56661 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56664 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56664 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56664 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56678 ( SUSE ):  8.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56678 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56678 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56681 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56681 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  * CVE-2024-56698 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56698 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56698 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56701 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56701 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56704 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56704 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56704 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56722 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56722 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56722 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56739 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56739 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56739 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56745 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56745 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56745 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56747 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56747 ( SUSE ):  2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56747 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56754 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56754 ( SUSE ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-56754 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56756 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56756 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-56756 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56759 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56759 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56765 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56765 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56765 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56765 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56776 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56776 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56776 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56777 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56777 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56777 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56778 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56778 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56778 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57791 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57791 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57792 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57792 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57793 ( SUSE ):  6.2
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H
  * CVE-2024-57793 ( SUSE ):  8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:H
  * CVE-2024-57798 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57798 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57798 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57849 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57849 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57850 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57850 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57876 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57876 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57893 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57893 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57897 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57897 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-8805 ( SUSE ):  8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-8805 ( NVD ):  8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-8805 ( NVD ):  8.8 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.5
  * SUSE Linux Enterprise Micro 5.5

  
  
An update that solves 94 vulnerabilities and has 10 security fixes can now be
installed.

## Description:

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various
security bugfixes.

The following security bugs were fixed:

  * CVE-2024-57897: drm/amdkfd: Correct the migration DMA map direction
    (bsc#1235969).
  * CVE-2024-57893: ALSA: seq: oss: Fix races at processing SysEx messages
    (bsc#1235920).
  * CVE-2024-57876: drm/dp_mst: Fix resetting msg rx state after topology
    removal (bsc#1235806).
  * CVE-2024-57849: s390/cpum_sf: Handle CPU hotplug remove during sampling
    (bsc#1235814).
  * CVE-2024-57798: drm/dp_mst: Ensure mst_primary pointer is valid in
    drm_dp_mst_handle_up_req() (bsc#1235818).
  * CVE-2024-57793: virt: tdx-guest: Just leak decrypted memory on unrecoverable
    errors (bsc#1235768).
  * CVE-2024-57792: power: supply: gpio-charger: Fix set charge current limits
    (bsc#1235764).
  * CVE-2024-57791: net/smc: check return value of sock_recvmsg when draining
    clc data (bsc#1235759).
  * CVE-2024-56759: btrfs: fix use-after-free when COWing tree bock and tracing
    is enabled (bsc#1235645).
  * CVE-2024-56747: scsi: qedi: Fix a possible memory leak in
    qedi_alloc_and_init_sb() (bsc#1234934).
  * CVE-2024-56704: 9p/xen: fix release of IRQ (bsc#1235584).
  * CVE-2024-56664: bpf, sockmap: Fix race between element replace and close()
    (bsc#1235249).
  * CVE-2024-56658: net: defer final 'struct net' free in netns dismantle
    (bsc#1235441).
  * CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check()
    (bsc#1235430).
  * CVE-2024-56648: net: hsr: avoid potential out-of-bound access in
    fill_frame_info() (bsc#1235451).
  * CVE-2024-56642: tipc: Fix use-after-free of kernel socket in
    cleanup_bearer() (bsc#1235433).
  * CVE-2024-56631: scsi: sg: Fix slab-use-after-free read in sg_release()
    (bsc#1235480).
  * CVE-2024-56623: scsi: qla2xxx: Fix use after free on unload (bsc#1235466).
  * CVE-2024-56602: net: ieee802154: do not leave a dangling sk pointer in
    ieee802154_create() (bsc#1235521).
  * CVE-2024-56601: net: inet: do not leave a dangling sk pointer in
    inet_create() (bsc#1235230).
  * CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in
    inet6_create() (bsc#1235217).
  * CVE-2024-56588: scsi: hisi_sas: Create all dump files during debugfs
    initialization (bsc#1235123).
  * CVE-2024-53227: scsi: bfa: Fix use-after-free in bfad_im_module_exit()
    (bsc#1235011).
  * CVE-2024-53209: bnxt_en: Fix receive ring space parameters when XDP is
    active (bsc#1235002).
  * CVE-2024-53177: smb: prevent use-after-free due to open_cached_dir error
    paths (bsc#1234896).
  * CVE-2024-53166: block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234884).
  * CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt
    (bsc#1234381).
  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1234025).
  * CVE-2024-50299: sctp: properly validate chunk size in sctp_sf_ootb()
    (bsc#1233488).
  * CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unuse_vma (bsc#1233112).
  * CVE-2024-50151: smb: client: fix OOBs when building SMB2_IOCTL request
    (bsc#1233055).
  * CVE-2024-50142: xfrm: validate new SA's prefixlen using SA family when
    sel.family is unset (bsc#1233028).
  * CVE-2024-46858: mptcp: pm: Fix uaf in __timer_delete_sync (bsc#1231088).
  * CVE-2024-36898: gpiolib: cdev: fix uninitialised kfifo (bsc#1225736).

The following non-security bugs were fixed:

  * NFS: Adjust the amount of readahead performed by NFS readdir (bsc#1231847).
  * NFS: Do not flush the readdir cache in nfs_dentry_iput() (bsc#1231847).
  * NFS: Improve heuristic for readdirplus (bsc#1231847).
  * NFS: Trigger the "ls -l" readdir heuristic sooner (bsc#1231847).
  * VFS: use system_unbound_wq for delayed_mntput (bsc#1234683).
  * ceph: improve error handling and short/overflow-read logic in
    __ceph_sync_read() (bsc#1228592).
  * ibmvnic: Free any outstanding tx skbs during scrq reset (bsc#1226980).
  * netfilter: nf_tables: validate family when identifying table via handle
    (bsc#1233778 ZDI-24-1454).
  * powerpc/pseries/vas: Add close() callback in vas_vm_ops struct
    (bsc#1234825).
  * tipc: fix NULL deref in cleanup_bearer() (bsc#1235433).
  * x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0
    (git-fixes).

## Special Instructions and Notes:

  * Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-556=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-556=1

## Package List:

  * openSUSE Leap 15.5 (noarch)
    * kernel-devel-rt-5.14.21-150500.13.85.1
    * kernel-source-rt-5.14.21-150500.13.85.1
  * openSUSE Leap 15.5 (x86_64)
    * kernel-rt-vdso-debuginfo-5.14.21-150500.13.85.1
    * kernel-rt-optional-5.14.21-150500.13.85.1
    * kernel-rt_debug-devel-5.14.21-150500.13.85.1
    * kernel-syms-rt-5.14.21-150500.13.85.1
    * kernel-rt-vdso-5.14.21-150500.13.85.1
    * ocfs2-kmp-rt-5.14.21-150500.13.85.1
    * kernel-rt-optional-debuginfo-5.14.21-150500.13.85.1
    * kselftests-kmp-rt-debuginfo-5.14.21-150500.13.85.1
    * kernel-rt-livepatch-devel-5.14.21-150500.13.85.1
    * cluster-md-kmp-rt-5.14.21-150500.13.85.1
    * kernel-rt-debugsource-5.14.21-150500.13.85.1
    * kernel-rt-devel-5.14.21-150500.13.85.1
    * kernel-rt-extra-debuginfo-5.14.21-150500.13.85.1
    * reiserfs-kmp-rt-debuginfo-5.14.21-150500.13.85.1
    * kernel-rt-devel-debuginfo-5.14.21-150500.13.85.1
    * gfs2-kmp-rt-5.14.21-150500.13.85.1
    * dlm-kmp-rt-5.14.21-150500.13.85.1
    * kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.85.1
    * kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.85.1
    * kernel-rt_debug-debuginfo-5.14.21-150500.13.85.1
    * kernel-rt_debug-vdso-5.14.21-150500.13.85.1
    * kernel-rt_debug-debugsource-5.14.21-150500.13.85.1
    * kernel-rt-livepatch-5.14.21-150500.13.85.1
    * dlm-kmp-rt-debuginfo-5.14.21-150500.13.85.1
    * kselftests-kmp-rt-5.14.21-150500.13.85.1
    * gfs2-kmp-rt-debuginfo-5.14.21-150500.13.85.1
    * ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.85.1
    * kernel-rt-extra-5.14.21-150500.13.85.1
    * kernel-rt-debuginfo-5.14.21-150500.13.85.1
    * cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.85.1
    * reiserfs-kmp-rt-5.14.21-150500.13.85.1
  * openSUSE Leap 15.5 (nosrc x86_64)
    * kernel-rt_debug-5.14.21-150500.13.85.1
    * kernel-rt-5.14.21-150500.13.85.1
  * SUSE Linux Enterprise Micro 5.5 (nosrc x86_64)
    * kernel-rt-5.14.21-150500.13.85.1
  * SUSE Linux Enterprise Micro 5.5 (x86_64)
    * kernel-rt-debuginfo-5.14.21-150500.13.85.1
    * kernel-rt-debugsource-5.14.21-150500.13.85.1
  * SUSE Linux Enterprise Micro 5.5 (noarch)
    * kernel-source-rt-5.14.21-150500.13.85.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-26758.html
  * https://www.suse.com/security/cve/CVE-2024-26943.html
  * https://www.suse.com/security/cve/CVE-2024-36898.html
  * https://www.suse.com/security/cve/CVE-2024-38599.html
  * https://www.suse.com/security/cve/CVE-2024-41047.html
  * https://www.suse.com/security/cve/CVE-2024-45019.html
  * https://www.suse.com/security/cve/CVE-2024-46858.html
  * https://www.suse.com/security/cve/CVE-2024-50051.html
  * https://www.suse.com/security/cve/CVE-2024-50136.html
  * https://www.suse.com/security/cve/CVE-2024-50142.html
  * https://www.suse.com/security/cve/CVE-2024-50151.html
  * https://www.suse.com/security/cve/CVE-2024-50195.html
  * https://www.suse.com/security/cve/CVE-2024-50199.html
  * https://www.suse.com/security/cve/CVE-2024-50210.html
  * https://www.suse.com/security/cve/CVE-2024-50275.html
  * https://www.suse.com/security/cve/CVE-2024-50299.html
  * https://www.suse.com/security/cve/CVE-2024-53095.html
  * https://www.suse.com/security/cve/CVE-2024-53103.html
  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://www.suse.com/security/cve/CVE-2024-53112.html
  * https://www.suse.com/security/cve/CVE-2024-53121.html
  * https://www.suse.com/security/cve/CVE-2024-53127.html
  * https://www.suse.com/security/cve/CVE-2024-53129.html
  * https://www.suse.com/security/cve/CVE-2024-53138.html
  * https://www.suse.com/security/cve/CVE-2024-53141.html
  * https://www.suse.com/security/cve/CVE-2024-53144.html
  * https://www.suse.com/security/cve/CVE-2024-53148.html
  * https://www.suse.com/security/cve/CVE-2024-53151.html
  * https://www.suse.com/security/cve/CVE-2024-53166.html
  * https://www.suse.com/security/cve/CVE-2024-53169.html
  * https://www.suse.com/security/cve/CVE-2024-53171.html
  * https://www.suse.com/security/cve/CVE-2024-53174.html
  * https://www.suse.com/security/cve/CVE-2024-53177.html
  * https://www.suse.com/security/cve/CVE-2024-53208.html
  * https://www.suse.com/security/cve/CVE-2024-53209.html
  * https://www.suse.com/security/cve/CVE-2024-53215.html
  * https://www.suse.com/security/cve/CVE-2024-53217.html
  * https://www.suse.com/security/cve/CVE-2024-53224.html
  * https://www.suse.com/security/cve/CVE-2024-53227.html
  * https://www.suse.com/security/cve/CVE-2024-53229.html
  * https://www.suse.com/security/cve/CVE-2024-53690.html
  * https://www.suse.com/security/cve/CVE-2024-54680.html
  * https://www.suse.com/security/cve/CVE-2024-55916.html
  * https://www.suse.com/security/cve/CVE-2024-56531.html
  * https://www.suse.com/security/cve/CVE-2024-56532.html
  * https://www.suse.com/security/cve/CVE-2024-56533.html
  * https://www.suse.com/security/cve/CVE-2024-56557.html
  * https://www.suse.com/security/cve/CVE-2024-56558.html
  * https://www.suse.com/security/cve/CVE-2024-56562.html
  * https://www.suse.com/security/cve/CVE-2024-56567.html
  * https://www.suse.com/security/cve/CVE-2024-56588.html
  * https://www.suse.com/security/cve/CVE-2024-56595.html
  * https://www.suse.com/security/cve/CVE-2024-56596.html
  * https://www.suse.com/security/cve/CVE-2024-56597.html
  * https://www.suse.com/security/cve/CVE-2024-56600.html
  * https://www.suse.com/security/cve/CVE-2024-56601.html
  * https://www.suse.com/security/cve/CVE-2024-56602.html
  * https://www.suse.com/security/cve/CVE-2024-56623.html
  * https://www.suse.com/security/cve/CVE-2024-56629.html
  * https://www.suse.com/security/cve/CVE-2024-56631.html
  * https://www.suse.com/security/cve/CVE-2024-56642.html
  * https://www.suse.com/security/cve/CVE-2024-56644.html
  * https://www.suse.com/security/cve/CVE-2024-56645.html
  * https://www.suse.com/security/cve/CVE-2024-56648.html
  * https://www.suse.com/security/cve/CVE-2024-56650.html
  * https://www.suse.com/security/cve/CVE-2024-56658.html
  * https://www.suse.com/security/cve/CVE-2024-56661.html
  * https://www.suse.com/security/cve/CVE-2024-56664.html
  * https://www.suse.com/security/cve/CVE-2024-56678.html
  * https://www.suse.com/security/cve/CVE-2024-56681.html
  * https://www.suse.com/security/cve/CVE-2024-56698.html
  * https://www.suse.com/security/cve/CVE-2024-56701.html
  * https://www.suse.com/security/cve/CVE-2024-56704.html
  * https://www.suse.com/security/cve/CVE-2024-56722.html
  * https://www.suse.com/security/cve/CVE-2024-56739.html
  * https://www.suse.com/security/cve/CVE-2024-56745.html
  * https://www.suse.com/security/cve/CVE-2024-56747.html
  * https://www.suse.com/security/cve/CVE-2024-56754.html
  * https://www.suse.com/security/cve/CVE-2024-56756.html
  * https://www.suse.com/security/cve/CVE-2024-56759.html
  * https://www.suse.com/security/cve/CVE-2024-56765.html
  * https://www.suse.com/security/cve/CVE-2024-56776.html
  * https://www.suse.com/security/cve/CVE-2024-56777.html
  * https://www.suse.com/security/cve/CVE-2024-56778.html
  * https://www.suse.com/security/cve/CVE-2024-57791.html
  * https://www.suse.com/security/cve/CVE-2024-57792.html
  * https://www.suse.com/security/cve/CVE-2024-57793.html
  * https://www.suse.com/security/cve/CVE-2024-57798.html
  * https://www.suse.com/security/cve/CVE-2024-57849.html
  * https://www.suse.com/security/cve/CVE-2024-57850.html
  * https://www.suse.com/security/cve/CVE-2024-57876.html
  * https://www.suse.com/security/cve/CVE-2024-57893.html
  * https://www.suse.com/security/cve/CVE-2024-57897.html
  * https://www.suse.com/security/cve/CVE-2024-8805.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1194869
  * https://bugzilla.suse.com/show_bug.cgi?id=1216813
  * https://bugzilla.suse.com/show_bug.cgi?id=1223384
  * https://bugzilla.suse.com/show_bug.cgi?id=1225736
  * https://bugzilla.suse.com/show_bug.cgi?id=1226848
  * https://bugzilla.suse.com/show_bug.cgi?id=1226980
  * https://bugzilla.suse.com/show_bug.cgi?id=1228537
  * https://bugzilla.suse.com/show_bug.cgi?id=1228592
  * https://bugzilla.suse.com/show_bug.cgi?id=1230341
  * https://bugzilla.suse.com/show_bug.cgi?id=1230432
  * https://bugzilla.suse.com/show_bug.cgi?id=1230527
  * https://bugzilla.suse.com/show_bug.cgi?id=1230697
  * https://bugzilla.suse.com/show_bug.cgi?id=1231088
  * https://bugzilla.suse.com/show_bug.cgi?id=1231847
  * https://bugzilla.suse.com/show_bug.cgi?id=1232914
  * https://bugzilla.suse.com/show_bug.cgi?id=1233028
  * https://bugzilla.suse.com/show_bug.cgi?id=1233055
  * https://bugzilla.suse.com/show_bug.cgi?id=1233097
  * https://bugzilla.suse.com/show_bug.cgi?id=1233103
  * https://bugzilla.suse.com/show_bug.cgi?id=1233112
  * https://bugzilla.suse.com/show_bug.cgi?id=1233464
  * https://bugzilla.suse.com/show_bug.cgi?id=1233488
  * https://bugzilla.suse.com/show_bug.cgi?id=1233642
  * https://bugzilla.suse.com/show_bug.cgi?id=1233778
  * https://bugzilla.suse.com/show_bug.cgi?id=1234024
  * https://bugzilla.suse.com/show_bug.cgi?id=1234025
  * https://bugzilla.suse.com/show_bug.cgi?id=1234078
  * https://bugzilla.suse.com/show_bug.cgi?id=1234087
  * https://bugzilla.suse.com/show_bug.cgi?id=1234153
  * https://bugzilla.suse.com/show_bug.cgi?id=1234155
  * https://bugzilla.suse.com/show_bug.cgi?id=1234223
  * https://bugzilla.suse.com/show_bug.cgi?id=1234381
  * https://bugzilla.suse.com/show_bug.cgi?id=1234683
  * https://bugzilla.suse.com/show_bug.cgi?id=1234690
  * https://bugzilla.suse.com/show_bug.cgi?id=1234825
  * https://bugzilla.suse.com/show_bug.cgi?id=1234829
  * https://bugzilla.suse.com/show_bug.cgi?id=1234832
  * https://bugzilla.suse.com/show_bug.cgi?id=1234884
  * https://bugzilla.suse.com/show_bug.cgi?id=1234889
  * https://bugzilla.suse.com/show_bug.cgi?id=1234896
  * https://bugzilla.suse.com/show_bug.cgi?id=1234899
  * https://bugzilla.suse.com/show_bug.cgi?id=1234900
  * https://bugzilla.suse.com/show_bug.cgi?id=1234905
  * https://bugzilla.suse.com/show_bug.cgi?id=1234909
  * https://bugzilla.suse.com/show_bug.cgi?id=1234916
  * https://bugzilla.suse.com/show_bug.cgi?id=1234918
  * https://bugzilla.suse.com/show_bug.cgi?id=1234922
  * https://bugzilla.suse.com/show_bug.cgi?id=1234930
  * https://bugzilla.suse.com/show_bug.cgi?id=1234931
  * https://bugzilla.suse.com/show_bug.cgi?id=1234934
  * https://bugzilla.suse.com/show_bug.cgi?id=1234962
  * https://bugzilla.suse.com/show_bug.cgi?id=1234999
  * https://bugzilla.suse.com/show_bug.cgi?id=1235002
  * https://bugzilla.suse.com/show_bug.cgi?id=1235009
  * https://bugzilla.suse.com/show_bug.cgi?id=1235011
  * https://bugzilla.suse.com/show_bug.cgi?id=1235053
  * https://bugzilla.suse.com/show_bug.cgi?id=1235057
  * https://bugzilla.suse.com/show_bug.cgi?id=1235059
  * https://bugzilla.suse.com/show_bug.cgi?id=1235100
  * https://bugzilla.suse.com/show_bug.cgi?id=1235122
  * https://bugzilla.suse.com/show_bug.cgi?id=1235123
  * https://bugzilla.suse.com/show_bug.cgi?id=1235133
  * https://bugzilla.suse.com/show_bug.cgi?id=1235134
  * https://bugzilla.suse.com/show_bug.cgi?id=1235217
  * https://bugzilla.suse.com/show_bug.cgi?id=1235222
  * https://bugzilla.suse.com/show_bug.cgi?id=1235230
  * https://bugzilla.suse.com/show_bug.cgi?id=1235249
  * https://bugzilla.suse.com/show_bug.cgi?id=1235410
  * https://bugzilla.suse.com/show_bug.cgi?id=1235430
  * https://bugzilla.suse.com/show_bug.cgi?id=1235433
  * https://bugzilla.suse.com/show_bug.cgi?id=1235441
  * https://bugzilla.suse.com/show_bug.cgi?id=1235451
  * https://bugzilla.suse.com/show_bug.cgi?id=1235458
  * https://bugzilla.suse.com/show_bug.cgi?id=1235466
  * https://bugzilla.suse.com/show_bug.cgi?id=1235473
  * https://bugzilla.suse.com/show_bug.cgi?id=1235480
  * https://bugzilla.suse.com/show_bug.cgi?id=1235491
  * https://bugzilla.suse.com/show_bug.cgi?id=1235495
  * https://bugzilla.suse.com/show_bug.cgi?id=1235496
  * https://bugzilla.suse.com/show_bug.cgi?id=1235521
  * https://bugzilla.suse.com/show_bug.cgi?id=1235557
  * https://bugzilla.suse.com/show_bug.cgi?id=1235563
  * https://bugzilla.suse.com/show_bug.cgi?id=1235570
  * https://bugzilla.suse.com/show_bug.cgi?id=1235584
  * https://bugzilla.suse.com/show_bug.cgi?id=1235611
  * https://bugzilla.suse.com/show_bug.cgi?id=1235635
  * https://bugzilla.suse.com/show_bug.cgi?id=1235641
  * https://bugzilla.suse.com/show_bug.cgi?id=1235643
  * https://bugzilla.suse.com/show_bug.cgi?id=1235645
  * https://bugzilla.suse.com/show_bug.cgi?id=1235647
  * https://bugzilla.suse.com/show_bug.cgi?id=1235723
  * https://bugzilla.suse.com/show_bug.cgi?id=1235739
  * https://bugzilla.suse.com/show_bug.cgi?id=1235747
  * https://bugzilla.suse.com/show_bug.cgi?id=1235759
  * https://bugzilla.suse.com/show_bug.cgi?id=1235764
  * https://bugzilla.suse.com/show_bug.cgi?id=1235768
  * https://bugzilla.suse.com/show_bug.cgi?id=1235806
  * https://bugzilla.suse.com/show_bug.cgi?id=1235812
  * https://bugzilla.suse.com/show_bug.cgi?id=1235814
  * https://bugzilla.suse.com/show_bug.cgi?id=1235818
  * https://bugzilla.suse.com/show_bug.cgi?id=1235842
  * https://bugzilla.suse.com/show_bug.cgi?id=1235920
  * https://bugzilla.suse.com/show_bug.cgi?id=1235969
  * https://bugzilla.suse.com/show_bug.cgi?id=1236628

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250214/2c6265dd/attachment-0001.htm>

From null at suse.de  Fri Feb 14 16:35:05 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 14 Feb 2025 16:35:05 -0000
Subject: SUSE-SU-2025:0555-1: important: Security update for the Linux Kernel
Message-ID: <173955090598.19940.4157130488181620582@smelt2.prg2.suse.org>



# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2025:0555-1  
Release Date: 2025-02-14T15:25:28Z  
Rating: important  
References:

  * bsc#1230697
  * bsc#1231847
  * bsc#1233112
  * bsc#1233642
  * bsc#1234025
  * bsc#1234690
  * bsc#1234884
  * bsc#1234896
  * bsc#1234931
  * bsc#1235134
  * bsc#1235217
  * bsc#1235230
  * bsc#1235249
  * bsc#1235430
  * bsc#1235433
  * bsc#1235441
  * bsc#1235451
  * bsc#1235466
  * bsc#1235480
  * bsc#1235521
  * bsc#1235584
  * bsc#1235645
  * bsc#1235723
  * bsc#1235759
  * bsc#1235764
  * bsc#1235814
  * bsc#1235818
  * bsc#1235920
  * bsc#1235969
  * bsc#1236628

  
Cross-References:

  * CVE-2024-50199
  * CVE-2024-53095
  * CVE-2024-53104
  * CVE-2024-53144
  * CVE-2024-53166
  * CVE-2024-53177
  * CVE-2024-54680
  * CVE-2024-56600
  * CVE-2024-56601
  * CVE-2024-56602
  * CVE-2024-56623
  * CVE-2024-56631
  * CVE-2024-56642
  * CVE-2024-56645
  * CVE-2024-56648
  * CVE-2024-56650
  * CVE-2024-56658
  * CVE-2024-56661
  * CVE-2024-56664
  * CVE-2024-56704
  * CVE-2024-56759
  * CVE-2024-57791
  * CVE-2024-57792
  * CVE-2024-57798
  * CVE-2024-57849
  * CVE-2024-57893
  * CVE-2024-57897
  * CVE-2024-8805

  
CVSS scores:

  * CVE-2024-50199 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53095 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53095 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53144 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53166 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53166 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53166 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53166 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53177 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53177 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53177 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-54680 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-54680 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54680 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54680 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56600 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56601 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56602 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56602 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56602 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56602 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56623 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56623 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56623 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56631 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56631 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56631 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56631 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56642 ( SUSE ):  7.5
    CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56642 ( SUSE ):  7.1 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56642 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56642 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56645 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56645 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56648 ( SUSE ):  8.6
    CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56648 ( SUSE ):  8.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56648 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56650 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56650 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56650 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-56658 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56658 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56658 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56661 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56661 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56661 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56664 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56664 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56664 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56704 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56704 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56704 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56759 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57791 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57791 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57792 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57792 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57798 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57798 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57798 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57849 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57849 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57893 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57893 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57897 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57897 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-8805 ( SUSE ):  8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-8805 ( NVD ):  8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-8805 ( NVD ):  8.8 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4

  
  
An update that solves 28 vulnerabilities and has two security fixes can now be
installed.

## Description:

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various
security bugfixes.

The following security bugs were fixed:

  * CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unuse_vma (bsc#1233112).
  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1234025).
  * CVE-2024-53166: block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234884).
  * CVE-2024-53177: smb: prevent use-after-free due to open_cached_dir error
    paths (bsc#1234896).
  * CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in
    inet6_create() (bsc#1235217).
  * CVE-2024-56601: net: inet: do not leave a dangling sk pointer in
    inet_create() (bsc#1235230).
  * CVE-2024-56602: net: ieee802154: do not leave a dangling sk pointer in
    ieee802154_create() (bsc#1235521).
  * CVE-2024-56623: scsi: qla2xxx: Fix use after free on unload (bsc#1235466).
  * CVE-2024-56631: scsi: sg: Fix slab-use-after-free read in sg_release()
    (bsc#1235480).
  * CVE-2024-56642: tipc: Fix use-after-free of kernel socket in
    cleanup_bearer() (bsc#1235433).
  * CVE-2024-56645: can: j1939: j1939_session_new(): fix skb reference counting
    (bsc#1235134).
  * CVE-2024-56648: net: hsr: avoid potential out-of-bound access in
    fill_frame_info() (bsc#1235451).
  * CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check()
    (bsc#1235430).
  * CVE-2024-56658: net: defer final 'struct net' free in netns dismantle
    (bsc#1235441).
  * CVE-2024-56664: bpf, sockmap: Fix race between element replace and close()
    (bsc#1235249).
  * CVE-2024-56704: 9p/xen: fix release of IRQ (bsc#1235584).
  * CVE-2024-56759: btrfs: fix use-after-free when COWing tree bock and tracing
    is enabled (bsc#1235645).
  * CVE-2024-57791: net/smc: check return value of sock_recvmsg when draining
    clc data (bsc#1235759).
  * CVE-2024-57792: power: supply: gpio-charger: Fix set charge current limits
    (bsc#1235764).
  * CVE-2024-57798: drm/dp_mst: Ensure mst_primary pointer is valid in
    drm_dp_mst_handle_up_req() (bsc#1235818).
  * CVE-2024-57849: s390/cpum_sf: Handle CPU hotplug remove during sampling
    (bsc#1235814).
  * CVE-2024-57893: ALSA: seq: oss: Fix races at processing SysEx messages
    (bsc#1235920).
  * CVE-2024-57897: drm/amdkfd: Correct the migration DMA map direction
    (bsc#1235969).

The following non-security bugs were fixed:

  * NFS: Adjust the amount of readahead performed by NFS readdir (bsc#1231847).
  * NFS: Do not flush the readdir cache in nfs_dentry_iput() (bsc#1231847).
  * NFS: Improve heuristic for readdirplus (bsc#1231847).
  * NFS: Trigger the "ls -l" readdir heuristic sooner (bsc#1231847).
  * tipc: fix NULL deref in cleanup_bearer() (bsc#1235433).
  * x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0
    (git-fixes).

## Special Instructions and Notes:

  * Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-555=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-555=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-555=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-555=1

## Package List:

  * SUSE Linux Enterprise Micro for Rancher 5.3 (nosrc x86_64)
    * kernel-rt-5.14.21-150400.15.109.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64)
    * kernel-rt-debuginfo-5.14.21-150400.15.109.1
    * kernel-rt-debugsource-5.14.21-150400.15.109.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch)
    * kernel-source-rt-5.14.21-150400.15.109.1
  * SUSE Linux Enterprise Micro 5.3 (nosrc x86_64)
    * kernel-rt-5.14.21-150400.15.109.1
  * SUSE Linux Enterprise Micro 5.3 (x86_64)
    * kernel-rt-debuginfo-5.14.21-150400.15.109.1
    * kernel-rt-debugsource-5.14.21-150400.15.109.1
  * SUSE Linux Enterprise Micro 5.3 (noarch)
    * kernel-source-rt-5.14.21-150400.15.109.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (nosrc x86_64)
    * kernel-rt-5.14.21-150400.15.109.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64)
    * kernel-rt-debuginfo-5.14.21-150400.15.109.1
    * kernel-rt-debugsource-5.14.21-150400.15.109.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch)
    * kernel-source-rt-5.14.21-150400.15.109.1
  * SUSE Linux Enterprise Micro 5.4 (nosrc x86_64)
    * kernel-rt-5.14.21-150400.15.109.1
  * SUSE Linux Enterprise Micro 5.4 (x86_64)
    * kernel-rt-debuginfo-5.14.21-150400.15.109.1
    * kernel-rt-debugsource-5.14.21-150400.15.109.1
  * SUSE Linux Enterprise Micro 5.4 (noarch)
    * kernel-source-rt-5.14.21-150400.15.109.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-50199.html
  * https://www.suse.com/security/cve/CVE-2024-53095.html
  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://www.suse.com/security/cve/CVE-2024-53144.html
  * https://www.suse.com/security/cve/CVE-2024-53166.html
  * https://www.suse.com/security/cve/CVE-2024-53177.html
  * https://www.suse.com/security/cve/CVE-2024-54680.html
  * https://www.suse.com/security/cve/CVE-2024-56600.html
  * https://www.suse.com/security/cve/CVE-2024-56601.html
  * https://www.suse.com/security/cve/CVE-2024-56602.html
  * https://www.suse.com/security/cve/CVE-2024-56623.html
  * https://www.suse.com/security/cve/CVE-2024-56631.html
  * https://www.suse.com/security/cve/CVE-2024-56642.html
  * https://www.suse.com/security/cve/CVE-2024-56645.html
  * https://www.suse.com/security/cve/CVE-2024-56648.html
  * https://www.suse.com/security/cve/CVE-2024-56650.html
  * https://www.suse.com/security/cve/CVE-2024-56658.html
  * https://www.suse.com/security/cve/CVE-2024-56661.html
  * https://www.suse.com/security/cve/CVE-2024-56664.html
  * https://www.suse.com/security/cve/CVE-2024-56704.html
  * https://www.suse.com/security/cve/CVE-2024-56759.html
  * https://www.suse.com/security/cve/CVE-2024-57791.html
  * https://www.suse.com/security/cve/CVE-2024-57792.html
  * https://www.suse.com/security/cve/CVE-2024-57798.html
  * https://www.suse.com/security/cve/CVE-2024-57849.html
  * https://www.suse.com/security/cve/CVE-2024-57893.html
  * https://www.suse.com/security/cve/CVE-2024-57897.html
  * https://www.suse.com/security/cve/CVE-2024-8805.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1230697
  * https://bugzilla.suse.com/show_bug.cgi?id=1231847
  * https://bugzilla.suse.com/show_bug.cgi?id=1233112
  * https://bugzilla.suse.com/show_bug.cgi?id=1233642
  * https://bugzilla.suse.com/show_bug.cgi?id=1234025
  * https://bugzilla.suse.com/show_bug.cgi?id=1234690
  * https://bugzilla.suse.com/show_bug.cgi?id=1234884
  * https://bugzilla.suse.com/show_bug.cgi?id=1234896
  * https://bugzilla.suse.com/show_bug.cgi?id=1234931
  * https://bugzilla.suse.com/show_bug.cgi?id=1235134
  * https://bugzilla.suse.com/show_bug.cgi?id=1235217
  * https://bugzilla.suse.com/show_bug.cgi?id=1235230
  * https://bugzilla.suse.com/show_bug.cgi?id=1235249
  * https://bugzilla.suse.com/show_bug.cgi?id=1235430
  * https://bugzilla.suse.com/show_bug.cgi?id=1235433
  * https://bugzilla.suse.com/show_bug.cgi?id=1235441
  * https://bugzilla.suse.com/show_bug.cgi?id=1235451
  * https://bugzilla.suse.com/show_bug.cgi?id=1235466
  * https://bugzilla.suse.com/show_bug.cgi?id=1235480
  * https://bugzilla.suse.com/show_bug.cgi?id=1235521
  * https://bugzilla.suse.com/show_bug.cgi?id=1235584
  * https://bugzilla.suse.com/show_bug.cgi?id=1235645
  * https://bugzilla.suse.com/show_bug.cgi?id=1235723
  * https://bugzilla.suse.com/show_bug.cgi?id=1235759
  * https://bugzilla.suse.com/show_bug.cgi?id=1235764
  * https://bugzilla.suse.com/show_bug.cgi?id=1235814
  * https://bugzilla.suse.com/show_bug.cgi?id=1235818
  * https://bugzilla.suse.com/show_bug.cgi?id=1235920
  * https://bugzilla.suse.com/show_bug.cgi?id=1235969
  * https://bugzilla.suse.com/show_bug.cgi?id=1236628

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250214/a1007815/attachment.htm>

From null at suse.de  Fri Feb 14 16:35:09 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 14 Feb 2025 16:35:09 -0000
Subject: SUSE-SU-2025:0554-1: moderate: Security update for python3
Message-ID: <173955090909.19940.14855288712457732044@smelt2.prg2.suse.org>



# Security update for python3

Announcement ID: SUSE-SU-2025:0554-1  
Release Date: 2025-02-14T15:11:05Z  
Rating: moderate  
References:

  * bsc#1236705

  
Cross-References:

  * CVE-2025-0938

  
CVSS scores:

  * CVE-2025-0938 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N
  * CVE-2025-0938 ( SUSE ):  4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
  * CVE-2025-0938 ( NVD ):  6.3
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

  
Affected Products:

  * Basesystem Module 15-SP6
  * Development Tools Module 15-SP6
  * openSUSE Leap 15.3
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Micro for Rancher 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for python3 fixes the following issues:

  * CVE-2025-0938: domain names containing square brackets are not identified as
    incorrect by urlparse. (bsc#1236705)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-554=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-554=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-554=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-554=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-554=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-554=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-554=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-554=1

  * Development Tools Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-554=1

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-554=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-554=1

## Package List:

  * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
    * python3-dbm-3.6.15-150300.10.81.1
    * python3-devel-debuginfo-3.6.15-150300.10.81.1
    * python3-testsuite-debuginfo-3.6.15-150300.10.81.1
    * python3-tk-3.6.15-150300.10.81.1
    * python3-dbm-debuginfo-3.6.15-150300.10.81.1
    * libpython3_6m1_0-debuginfo-3.6.15-150300.10.81.1
    * python3-debuginfo-3.6.15-150300.10.81.1
    * python3-curses-debuginfo-3.6.15-150300.10.81.1
    * python3-debugsource-3.6.15-150300.10.81.1
    * libpython3_6m1_0-3.6.15-150300.10.81.1
    * python3-testsuite-3.6.15-150300.10.81.1
    * python3-tools-3.6.15-150300.10.81.1
    * python3-doc-3.6.15-150300.10.81.1
    * python3-base-3.6.15-150300.10.81.1
    * python3-doc-devhelp-3.6.15-150300.10.81.1
    * python3-idle-3.6.15-150300.10.81.1
    * python3-devel-3.6.15-150300.10.81.1
    * python3-curses-3.6.15-150300.10.81.1
    * python3-core-debugsource-3.6.15-150300.10.81.1
    * python3-tk-debuginfo-3.6.15-150300.10.81.1
    * python3-3.6.15-150300.10.81.1
    * python3-base-debuginfo-3.6.15-150300.10.81.1
  * openSUSE Leap 15.3 (x86_64)
    * libpython3_6m1_0-32bit-3.6.15-150300.10.81.1
    * libpython3_6m1_0-32bit-debuginfo-3.6.15-150300.10.81.1
  * openSUSE Leap 15.3 (aarch64_ilp32)
    * libpython3_6m1_0-64bit-debuginfo-3.6.15-150300.10.81.1
    * libpython3_6m1_0-64bit-3.6.15-150300.10.81.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * python3-dbm-3.6.15-150300.10.81.1
    * python3-devel-debuginfo-3.6.15-150300.10.81.1
    * python3-testsuite-debuginfo-3.6.15-150300.10.81.1
    * python3-tk-3.6.15-150300.10.81.1
    * python3-dbm-debuginfo-3.6.15-150300.10.81.1
    * libpython3_6m1_0-debuginfo-3.6.15-150300.10.81.1
    * python3-debuginfo-3.6.15-150300.10.81.1
    * python3-curses-debuginfo-3.6.15-150300.10.81.1
    * libpython3_6m1_0-3.6.15-150300.10.81.1
    * python3-debugsource-3.6.15-150300.10.81.1
    * python3-testsuite-3.6.15-150300.10.81.1
    * python3-tools-3.6.15-150300.10.81.1
    * python3-doc-3.6.15-150300.10.81.1
    * python3-base-3.6.15-150300.10.81.1
    * python3-doc-devhelp-3.6.15-150300.10.81.1
    * python3-idle-3.6.15-150300.10.81.1
    * python3-devel-3.6.15-150300.10.81.1
    * python3-curses-3.6.15-150300.10.81.1
    * python3-core-debugsource-3.6.15-150300.10.81.1
    * python3-tk-debuginfo-3.6.15-150300.10.81.1
    * python3-3.6.15-150300.10.81.1
    * python3-base-debuginfo-3.6.15-150300.10.81.1
  * openSUSE Leap 15.6 (x86_64)
    * libpython3_6m1_0-32bit-3.6.15-150300.10.81.1
    * libpython3_6m1_0-32bit-debuginfo-3.6.15-150300.10.81.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * libpython3_6m1_0-3.6.15-150300.10.81.1
    * python3-debugsource-3.6.15-150300.10.81.1
    * libpython3_6m1_0-debuginfo-3.6.15-150300.10.81.1
    * python3-debuginfo-3.6.15-150300.10.81.1
    * python3-base-3.6.15-150300.10.81.1
    * python3-core-debugsource-3.6.15-150300.10.81.1
    * python3-3.6.15-150300.10.81.1
    * python3-base-debuginfo-3.6.15-150300.10.81.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * libpython3_6m1_0-3.6.15-150300.10.81.1
    * python3-debugsource-3.6.15-150300.10.81.1
    * libpython3_6m1_0-debuginfo-3.6.15-150300.10.81.1
    * python3-debuginfo-3.6.15-150300.10.81.1
    * python3-base-3.6.15-150300.10.81.1
    * python3-core-debugsource-3.6.15-150300.10.81.1
    * python3-3.6.15-150300.10.81.1
    * python3-base-debuginfo-3.6.15-150300.10.81.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * libpython3_6m1_0-3.6.15-150300.10.81.1
    * python3-debugsource-3.6.15-150300.10.81.1
    * libpython3_6m1_0-debuginfo-3.6.15-150300.10.81.1
    * python3-debuginfo-3.6.15-150300.10.81.1
    * python3-base-3.6.15-150300.10.81.1
    * python3-core-debugsource-3.6.15-150300.10.81.1
    * python3-3.6.15-150300.10.81.1
    * python3-base-debuginfo-3.6.15-150300.10.81.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * libpython3_6m1_0-3.6.15-150300.10.81.1
    * python3-debugsource-3.6.15-150300.10.81.1
    * libpython3_6m1_0-debuginfo-3.6.15-150300.10.81.1
    * python3-debuginfo-3.6.15-150300.10.81.1
    * python3-base-3.6.15-150300.10.81.1
    * python3-core-debugsource-3.6.15-150300.10.81.1
    * python3-3.6.15-150300.10.81.1
    * python3-base-debuginfo-3.6.15-150300.10.81.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * libpython3_6m1_0-3.6.15-150300.10.81.1
    * python3-debugsource-3.6.15-150300.10.81.1
    * libpython3_6m1_0-debuginfo-3.6.15-150300.10.81.1
    * python3-debuginfo-3.6.15-150300.10.81.1
    * python3-base-3.6.15-150300.10.81.1
    * python3-core-debugsource-3.6.15-150300.10.81.1
    * python3-3.6.15-150300.10.81.1
    * python3-base-debuginfo-3.6.15-150300.10.81.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * libpython3_6m1_0-3.6.15-150300.10.81.1
    * python3-dbm-3.6.15-150300.10.81.1
    * python3-debugsource-3.6.15-150300.10.81.1
    * python3-devel-3.6.15-150300.10.81.1
    * python3-devel-debuginfo-3.6.15-150300.10.81.1
    * python3-idle-3.6.15-150300.10.81.1
    * python3-tk-3.6.15-150300.10.81.1
    * python3-dbm-debuginfo-3.6.15-150300.10.81.1
    * python3-curses-3.6.15-150300.10.81.1
    * libpython3_6m1_0-debuginfo-3.6.15-150300.10.81.1
    * python3-debuginfo-3.6.15-150300.10.81.1
    * python3-base-3.6.15-150300.10.81.1
    * python3-core-debugsource-3.6.15-150300.10.81.1
    * python3-curses-debuginfo-3.6.15-150300.10.81.1
    * python3-tk-debuginfo-3.6.15-150300.10.81.1
    * python3-3.6.15-150300.10.81.1
    * python3-base-debuginfo-3.6.15-150300.10.81.1
  * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * python3-core-debugsource-3.6.15-150300.10.81.1
    * python3-tools-3.6.15-150300.10.81.1
  * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
    * libpython3_6m1_0-3.6.15-150300.10.81.1
    * python3-debugsource-3.6.15-150300.10.81.1
    * libpython3_6m1_0-debuginfo-3.6.15-150300.10.81.1
    * python3-debuginfo-3.6.15-150300.10.81.1
    * python3-base-3.6.15-150300.10.81.1
    * python3-core-debugsource-3.6.15-150300.10.81.1
    * python3-3.6.15-150300.10.81.1
    * python3-base-debuginfo-3.6.15-150300.10.81.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
    * libpython3_6m1_0-3.6.15-150300.10.81.1
    * python3-debugsource-3.6.15-150300.10.81.1
    * libpython3_6m1_0-debuginfo-3.6.15-150300.10.81.1
    * python3-debuginfo-3.6.15-150300.10.81.1
    * python3-base-3.6.15-150300.10.81.1
    * python3-core-debugsource-3.6.15-150300.10.81.1
    * python3-3.6.15-150300.10.81.1
    * python3-base-debuginfo-3.6.15-150300.10.81.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-0938.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236705

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250214/0ef16831/attachment.htm>

From null at suse.de  Fri Feb 14 16:35:13 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 14 Feb 2025 16:35:13 -0000
Subject: SUSE-SU-2025:0552-1: moderate: Security update for python3
Message-ID: <173955091369.19940.4638240339178387900@smelt2.prg2.suse.org>



# Security update for python3

Announcement ID: SUSE-SU-2025:0552-1  
Release Date: 2025-02-14T15:10:11Z  
Rating: moderate  
References:

  * bsc#1236705

  
Cross-References:

  * CVE-2025-0938

  
CVSS scores:

  * CVE-2025-0938 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N
  * CVE-2025-0938 ( SUSE ):  4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
  * CVE-2025-0938 ( NVD ):  6.3
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

  
Affected Products:

  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for python3 fixes the following issues:

  * CVE-2025-0938: domain names containing square brackets are not identified as
    incorrect by urlparse. (bsc#1236705)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-552=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * python3-debugsource-3.4.10-25.148.1
    * python3-base-debuginfo-32bit-3.4.10-25.148.1
    * python3-base-debuginfo-3.4.10-25.148.1
    * libpython3_4m1_0-debuginfo-3.4.10-25.148.1
    * python3-devel-debuginfo-3.4.10-25.148.1
    * python3-debuginfo-3.4.10-25.148.1
    * python3-base-3.4.10-25.148.1
    * python3-curses-3.4.10-25.148.1
    * python3-tk-3.4.10-25.148.1
    * libpython3_4m1_0-debuginfo-32bit-3.4.10-25.148.1
    * python3-3.4.10-25.148.1
    * python3-tk-debuginfo-3.4.10-25.148.1
    * libpython3_4m1_0-3.4.10-25.148.1
    * python3-curses-debuginfo-3.4.10-25.148.1
    * python3-devel-3.4.10-25.148.1
    * libpython3_4m1_0-32bit-3.4.10-25.148.1
    * python3-base-debugsource-3.4.10-25.148.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-0938.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236705

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250214/b8319fa3/attachment.htm>

From null at suse.de  Fri Feb 14 16:35:11 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 14 Feb 2025 16:35:11 -0000
Subject: SUSE-SU-2025:0553-1: moderate: Security update for python
Message-ID: <173955091152.19940.13271272947012360612@smelt2.prg2.suse.org>



# Security update for python

Announcement ID: SUSE-SU-2025:0553-1  
Release Date: 2025-02-14T15:10:20Z  
Rating: moderate  
References:

  * bsc#1236705

  
Cross-References:

  * CVE-2025-0938

  
CVSS scores:

  * CVE-2025-0938 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N
  * CVE-2025-0938 ( SUSE ):  4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
  * CVE-2025-0938 ( NVD ):  6.3
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

  
Affected Products:

  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for python fixes the following issues:

  * CVE-2025-0938: functions `urllib.parse.urlsplit` and `urlparse` accept
    domain names including square brackets (bsc#1236705).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-553=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * python-debuginfo-32bit-2.7.18-33.41.1
    * libpython2_7-1_0-debuginfo-32bit-2.7.18-33.41.1
    * python-idle-2.7.18-33.41.1
    * python-xml-debuginfo-2.7.18-33.41.1
    * python-curses-2.7.18-33.41.1
    * libpython2_7-1_0-debuginfo-2.7.18-33.41.1
    * python-base-2.7.18-33.41.1
    * libpython2_7-1_0-32bit-2.7.18-33.41.1
    * python-gdbm-debuginfo-2.7.18-33.41.1
    * python-xml-2.7.18-33.41.1
    * libpython2_7-1_0-2.7.18-33.41.1
    * python-32bit-2.7.18-33.41.1
    * python-base-32bit-2.7.18-33.41.1
    * python-devel-2.7.18-33.41.1
    * python-curses-debuginfo-2.7.18-33.41.1
    * python-gdbm-2.7.18-33.41.1
    * python-base-debugsource-2.7.18-33.41.1
    * python-2.7.18-33.41.1
    * python-demo-2.7.18-33.41.1
    * python-tk-debuginfo-2.7.18-33.41.1
    * python-tk-2.7.18-33.41.1
    * python-base-debuginfo-32bit-2.7.18-33.41.1
    * python-debugsource-2.7.18-33.41.1
    * python-debuginfo-2.7.18-33.41.1
    * python-base-debuginfo-2.7.18-33.41.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch)
    * python-doc-pdf-2.7.18-33.41.1
    * python-doc-2.7.18-33.41.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-0938.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236705

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250214/b86e26cd/attachment.htm>

From null at suse.de  Fri Feb 14 16:35:17 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 14 Feb 2025 16:35:17 -0000
Subject: SUSE-SU-2025:0551-1: moderate: Security update for python311
Message-ID: <173955091714.19940.5851755568192019315@smelt2.prg2.suse.org>



# Security update for python311

Announcement ID: SUSE-SU-2025:0551-1  
Release Date: 2025-02-14T15:10:00Z  
Rating: moderate  
References:

  * bsc#1228165
  * bsc#1231795
  * bsc#1236705

  
Cross-References:

  * CVE-2025-0938

  
CVSS scores:

  * CVE-2025-0938 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N
  * CVE-2025-0938 ( SUSE ):  4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
  * CVE-2025-0938 ( NVD ):  6.3
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * Python 3 Module 15-SP6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves one vulnerability and has two security fixes can now be
installed.

## Description:

This update for python311 fixes the following issues:

  * CVE-2025-0938: domain names containing square brackets are not identified as
    incorrect by urlparse. (bsc#1236705)

Other fixes:

  * Update to version 3.11.11.
  * Remove -IVendor/ from python-config. (bsc#1231795)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-551=1 openSUSE-SLE-15.6-2025-551=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-551=1

  * Python 3 Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2025-551=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * python311-idle-3.11.11-150600.3.16.2
    * python311-debuginfo-3.11.11-150600.3.16.2
    * python311-curses-debuginfo-3.11.11-150600.3.16.2
    * libpython3_11-1_0-3.11.11-150600.3.16.2
    * libpython3_11-1_0-debuginfo-3.11.11-150600.3.16.2
    * python311-doc-3.11.11-150600.3.16.2
    * python311-testsuite-debuginfo-3.11.11-150600.3.16.2
    * python311-tools-3.11.11-150600.3.16.2
    * python311-dbm-debuginfo-3.11.11-150600.3.16.2
    * python311-3.11.11-150600.3.16.2
    * python311-devel-3.11.11-150600.3.16.2
    * python311-debugsource-3.11.11-150600.3.16.2
    * python311-tk-3.11.11-150600.3.16.2
    * python311-curses-3.11.11-150600.3.16.2
    * python311-dbm-3.11.11-150600.3.16.2
    * python311-testsuite-3.11.11-150600.3.16.2
    * python311-doc-devhelp-3.11.11-150600.3.16.2
    * python311-core-debugsource-3.11.11-150600.3.16.2
    * python311-base-3.11.11-150600.3.16.2
    * python311-tk-debuginfo-3.11.11-150600.3.16.2
    * python311-base-debuginfo-3.11.11-150600.3.16.2
  * openSUSE Leap 15.6 (x86_64)
    * python311-base-32bit-debuginfo-3.11.11-150600.3.16.2
    * python311-base-32bit-3.11.11-150600.3.16.2
    * python311-32bit-3.11.11-150600.3.16.2
    * libpython3_11-1_0-32bit-debuginfo-3.11.11-150600.3.16.2
    * libpython3_11-1_0-32bit-3.11.11-150600.3.16.2
    * python311-32bit-debuginfo-3.11.11-150600.3.16.2
  * openSUSE Leap 15.6 (aarch64_ilp32)
    * libpython3_11-1_0-64bit-debuginfo-3.11.11-150600.3.16.2
    * python311-64bit-3.11.11-150600.3.16.2
    * libpython3_11-1_0-64bit-3.11.11-150600.3.16.2
    * python311-base-64bit-debuginfo-3.11.11-150600.3.16.2
    * python311-base-64bit-3.11.11-150600.3.16.2
    * python311-64bit-debuginfo-3.11.11-150600.3.16.2
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * python311-core-debugsource-3.11.11-150600.3.16.2
    * python311-base-3.11.11-150600.3.16.2
    * libpython3_11-1_0-3.11.11-150600.3.16.2
    * libpython3_11-1_0-debuginfo-3.11.11-150600.3.16.2
    * python311-base-debuginfo-3.11.11-150600.3.16.2
  * Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * python311-dbm-debuginfo-3.11.11-150600.3.16.2
    * python311-3.11.11-150600.3.16.2
    * python311-devel-3.11.11-150600.3.16.2
    * python311-debugsource-3.11.11-150600.3.16.2
    * python311-idle-3.11.11-150600.3.16.2
    * python311-dbm-3.11.11-150600.3.16.2
    * python311-tk-3.11.11-150600.3.16.2
    * python311-debuginfo-3.11.11-150600.3.16.2
    * python311-core-debugsource-3.11.11-150600.3.16.2
    * python311-curses-3.11.11-150600.3.16.2
    * python311-tk-debuginfo-3.11.11-150600.3.16.2
    * python311-curses-debuginfo-3.11.11-150600.3.16.2
    * python311-tools-3.11.11-150600.3.16.2

## References:

  * https://www.suse.com/security/cve/CVE-2025-0938.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1228165
  * https://bugzilla.suse.com/show_bug.cgi?id=1231795
  * https://bugzilla.suse.com/show_bug.cgi?id=1236705

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250214/8a81b8db/attachment.htm>

From null at suse.de  Mon Feb 17 12:30:06 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 17 Feb 2025 12:30:06 -0000
Subject: SUSE-SU-2025:0562-1: low: Security update for glibc
Message-ID: <173979540631.21560.14854459086370786543@smelt2.prg2.suse.org>



# Security update for glibc

Announcement ID: SUSE-SU-2025:0562-1  
Release Date: 2025-02-17T11:45:11Z  
Rating: low  
References:

  * bsc#1236282

  
Cross-References:

  * CVE-2025-0395

  
CVSS scores:

  * CVE-2025-0395 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-0395 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
  * CVE-2025-0395 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * openSUSE Leap 15.3
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Micro for Rancher 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for glibc fixes the following issues:

  * CVE-2025-0395: Fix underallocation of abort_msg_s struct (bsc#1236282)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-562=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-562=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-562=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-562=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-562=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-562=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-562=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-562=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-562=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-562=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-562=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-562=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-562=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-562=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-562=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-562=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-562=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-562=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-562=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-562=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-562=1

  * SUSE Linux Enterprise Micro 5.1  
    zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-562=1

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-562=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-562=1

## Package List:

  * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586 i686)
    * glibc-devel-debuginfo-2.31-150300.92.1
    * glibc-devel-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-profile-2.31-150300.92.1
    * glibc-devel-static-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
    * glibc-extra-2.31-150300.92.1
    * nscd-2.31-150300.92.1
    * nscd-debuginfo-2.31-150300.92.1
    * glibc-extra-debuginfo-2.31-150300.92.1
    * glibc-utils-2.31-150300.92.1
    * glibc-utils-src-debugsource-2.31-150300.92.1
    * glibc-utils-debuginfo-2.31-150300.92.1
  * openSUSE Leap 15.3 (noarch)
    * glibc-info-2.31-150300.92.1
    * glibc-html-2.31-150300.92.1
    * glibc-lang-2.31-150300.92.1
    * glibc-i18ndata-2.31-150300.92.1
  * openSUSE Leap 15.3 (x86_64)
    * glibc-profile-32bit-2.31-150300.92.1
    * glibc-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-static-32bit-2.31-150300.92.1
    * glibc-devel-32bit-debuginfo-2.31-150300.92.1
    * glibc-locale-base-32bit-2.31-150300.92.1
    * glibc-utils-32bit-2.31-150300.92.1
    * glibc-utils-32bit-debuginfo-2.31-150300.92.1
    * glibc-32bit-2.31-150300.92.1
    * glibc-locale-base-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-2.31-150300.92.1
  * openSUSE Leap 15.3 (aarch64_ilp32)
    * glibc-utils-64bit-debuginfo-2.31-150300.92.1
    * glibc-locale-base-64bit-debuginfo-2.31-150300.92.1
    * glibc-devel-64bit-debuginfo-2.31-150300.92.1
    * glibc-devel-static-64bit-2.31-150300.92.1
    * glibc-utils-64bit-2.31-150300.92.1
    * glibc-64bit-debuginfo-2.31-150300.92.1
    * glibc-64bit-2.31-150300.92.1
    * glibc-devel-64bit-2.31-150300.92.1
    * glibc-locale-base-64bit-2.31-150300.92.1
    * glibc-profile-64bit-2.31-150300.92.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * glibc-devel-debuginfo-2.31-150300.92.1
    * glibc-devel-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * glibc-devel-debuginfo-2.31-150300.92.1
    * glibc-devel-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * glibc-devel-debuginfo-2.31-150300.92.1
    * glibc-devel-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * glibc-devel-debuginfo-2.31-150300.92.1
    * glibc-devel-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * glibc-devel-debuginfo-2.31-150300.92.1
    * glibc-devel-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * glibc-extra-2.31-150300.92.1
    * glibc-devel-debuginfo-2.31-150300.92.1
    * glibc-devel-2.31-150300.92.1
    * nscd-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * nscd-debuginfo-2.31-150300.92.1
    * glibc-extra-debuginfo-2.31-150300.92.1
    * glibc-utils-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-utils-src-debugsource-2.31-150300.92.1
    * glibc-profile-2.31-150300.92.1
    * glibc-utils-debuginfo-2.31-150300.92.1
    * glibc-devel-static-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * glibc-info-2.31-150300.92.1
    * glibc-lang-2.31-150300.92.1
    * glibc-i18ndata-2.31-150300.92.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64)
    * glibc-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-debuginfo-2.31-150300.92.1
    * glibc-locale-base-32bit-2.31-150300.92.1
    * glibc-32bit-2.31-150300.92.1
    * glibc-locale-base-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-2.31-150300.92.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * glibc-extra-2.31-150300.92.1
    * glibc-devel-debuginfo-2.31-150300.92.1
    * glibc-devel-2.31-150300.92.1
    * nscd-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * nscd-debuginfo-2.31-150300.92.1
    * glibc-extra-debuginfo-2.31-150300.92.1
    * glibc-utils-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-utils-src-debugsource-2.31-150300.92.1
    * glibc-profile-2.31-150300.92.1
    * glibc-utils-debuginfo-2.31-150300.92.1
    * glibc-devel-static-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * glibc-info-2.31-150300.92.1
    * glibc-lang-2.31-150300.92.1
    * glibc-i18ndata-2.31-150300.92.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
    * glibc-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-debuginfo-2.31-150300.92.1
    * glibc-locale-base-32bit-2.31-150300.92.1
    * glibc-32bit-2.31-150300.92.1
    * glibc-locale-base-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-2.31-150300.92.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * glibc-extra-2.31-150300.92.1
    * glibc-devel-debuginfo-2.31-150300.92.1
    * glibc-devel-2.31-150300.92.1
    * nscd-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * nscd-debuginfo-2.31-150300.92.1
    * glibc-extra-debuginfo-2.31-150300.92.1
    * glibc-utils-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-utils-src-debugsource-2.31-150300.92.1
    * glibc-profile-2.31-150300.92.1
    * glibc-utils-debuginfo-2.31-150300.92.1
    * glibc-devel-static-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * glibc-info-2.31-150300.92.1
    * glibc-lang-2.31-150300.92.1
    * glibc-i18ndata-2.31-150300.92.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
    * glibc-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-debuginfo-2.31-150300.92.1
    * glibc-locale-base-32bit-2.31-150300.92.1
    * glibc-32bit-2.31-150300.92.1
    * glibc-locale-base-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-2.31-150300.92.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * glibc-extra-2.31-150300.92.1
    * glibc-devel-debuginfo-2.31-150300.92.1
    * glibc-devel-2.31-150300.92.1
    * nscd-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * nscd-debuginfo-2.31-150300.92.1
    * glibc-extra-debuginfo-2.31-150300.92.1
    * glibc-utils-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-utils-src-debugsource-2.31-150300.92.1
    * glibc-profile-2.31-150300.92.1
    * glibc-utils-debuginfo-2.31-150300.92.1
    * glibc-devel-static-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * glibc-info-2.31-150300.92.1
    * glibc-lang-2.31-150300.92.1
    * glibc-i18ndata-2.31-150300.92.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64)
    * glibc-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-debuginfo-2.31-150300.92.1
    * glibc-locale-base-32bit-2.31-150300.92.1
    * glibc-32bit-2.31-150300.92.1
    * glibc-locale-base-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-2.31-150300.92.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * glibc-extra-2.31-150300.92.1
    * glibc-devel-debuginfo-2.31-150300.92.1
    * glibc-devel-2.31-150300.92.1
    * nscd-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * nscd-debuginfo-2.31-150300.92.1
    * glibc-extra-debuginfo-2.31-150300.92.1
    * glibc-utils-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-utils-src-debugsource-2.31-150300.92.1
    * glibc-profile-2.31-150300.92.1
    * glibc-utils-debuginfo-2.31-150300.92.1
    * glibc-devel-static-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * glibc-info-2.31-150300.92.1
    * glibc-lang-2.31-150300.92.1
    * glibc-i18ndata-2.31-150300.92.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64)
    * glibc-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-debuginfo-2.31-150300.92.1
    * glibc-locale-base-32bit-2.31-150300.92.1
    * glibc-32bit-2.31-150300.92.1
    * glibc-locale-base-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-2.31-150300.92.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * glibc-extra-2.31-150300.92.1
    * glibc-devel-debuginfo-2.31-150300.92.1
    * glibc-devel-2.31-150300.92.1
    * nscd-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * nscd-debuginfo-2.31-150300.92.1
    * glibc-extra-debuginfo-2.31-150300.92.1
    * glibc-utils-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-utils-src-debugsource-2.31-150300.92.1
    * glibc-profile-2.31-150300.92.1
    * glibc-utils-debuginfo-2.31-150300.92.1
    * glibc-devel-static-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * glibc-info-2.31-150300.92.1
    * glibc-lang-2.31-150300.92.1
    * glibc-i18ndata-2.31-150300.92.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (x86_64)
    * glibc-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-debuginfo-2.31-150300.92.1
    * glibc-locale-base-32bit-2.31-150300.92.1
    * glibc-32bit-2.31-150300.92.1
    * glibc-locale-base-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-2.31-150300.92.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * glibc-extra-2.31-150300.92.1
    * glibc-devel-debuginfo-2.31-150300.92.1
    * glibc-devel-2.31-150300.92.1
    * nscd-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * nscd-debuginfo-2.31-150300.92.1
    * glibc-extra-debuginfo-2.31-150300.92.1
    * glibc-utils-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-utils-src-debugsource-2.31-150300.92.1
    * glibc-profile-2.31-150300.92.1
    * glibc-utils-debuginfo-2.31-150300.92.1
    * glibc-devel-static-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * glibc-info-2.31-150300.92.1
    * glibc-lang-2.31-150300.92.1
    * glibc-i18ndata-2.31-150300.92.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64)
    * glibc-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-debuginfo-2.31-150300.92.1
    * glibc-locale-base-32bit-2.31-150300.92.1
    * glibc-32bit-2.31-150300.92.1
    * glibc-locale-base-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-2.31-150300.92.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * glibc-extra-2.31-150300.92.1
    * glibc-devel-debuginfo-2.31-150300.92.1
    * glibc-devel-2.31-150300.92.1
    * nscd-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * nscd-debuginfo-2.31-150300.92.1
    * glibc-extra-debuginfo-2.31-150300.92.1
    * glibc-utils-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-utils-src-debugsource-2.31-150300.92.1
    * glibc-profile-2.31-150300.92.1
    * glibc-utils-debuginfo-2.31-150300.92.1
    * glibc-devel-static-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * glibc-info-2.31-150300.92.1
    * glibc-lang-2.31-150300.92.1
    * glibc-i18ndata-2.31-150300.92.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64)
    * glibc-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-debuginfo-2.31-150300.92.1
    * glibc-locale-base-32bit-2.31-150300.92.1
    * glibc-32bit-2.31-150300.92.1
    * glibc-locale-base-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-2.31-150300.92.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * glibc-extra-2.31-150300.92.1
    * glibc-devel-debuginfo-2.31-150300.92.1
    * glibc-devel-2.31-150300.92.1
    * nscd-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * nscd-debuginfo-2.31-150300.92.1
    * glibc-extra-debuginfo-2.31-150300.92.1
    * glibc-utils-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-utils-src-debugsource-2.31-150300.92.1
    * glibc-profile-2.31-150300.92.1
    * glibc-utils-debuginfo-2.31-150300.92.1
    * glibc-devel-static-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * glibc-info-2.31-150300.92.1
    * glibc-lang-2.31-150300.92.1
    * glibc-i18ndata-2.31-150300.92.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64)
    * glibc-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-debuginfo-2.31-150300.92.1
    * glibc-locale-base-32bit-2.31-150300.92.1
    * glibc-32bit-2.31-150300.92.1
    * glibc-locale-base-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-2.31-150300.92.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * glibc-extra-2.31-150300.92.1
    * glibc-devel-debuginfo-2.31-150300.92.1
    * glibc-devel-2.31-150300.92.1
    * nscd-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * nscd-debuginfo-2.31-150300.92.1
    * glibc-extra-debuginfo-2.31-150300.92.1
    * glibc-utils-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-utils-src-debugsource-2.31-150300.92.1
    * glibc-profile-2.31-150300.92.1
    * glibc-utils-debuginfo-2.31-150300.92.1
    * glibc-devel-static-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * glibc-info-2.31-150300.92.1
    * glibc-lang-2.31-150300.92.1
    * glibc-i18ndata-2.31-150300.92.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
    * glibc-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-debuginfo-2.31-150300.92.1
    * glibc-locale-base-32bit-2.31-150300.92.1
    * glibc-32bit-2.31-150300.92.1
    * glibc-locale-base-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-2.31-150300.92.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * glibc-extra-2.31-150300.92.1
    * glibc-devel-debuginfo-2.31-150300.92.1
    * glibc-devel-2.31-150300.92.1
    * nscd-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * nscd-debuginfo-2.31-150300.92.1
    * glibc-extra-debuginfo-2.31-150300.92.1
    * glibc-utils-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-utils-src-debugsource-2.31-150300.92.1
    * glibc-profile-2.31-150300.92.1
    * glibc-utils-debuginfo-2.31-150300.92.1
    * glibc-devel-static-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * glibc-info-2.31-150300.92.1
    * glibc-lang-2.31-150300.92.1
    * glibc-i18ndata-2.31-150300.92.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64)
    * glibc-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-debuginfo-2.31-150300.92.1
    * glibc-locale-base-32bit-2.31-150300.92.1
    * glibc-32bit-2.31-150300.92.1
    * glibc-locale-base-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-2.31-150300.92.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * glibc-extra-2.31-150300.92.1
    * glibc-devel-debuginfo-2.31-150300.92.1
    * glibc-devel-2.31-150300.92.1
    * nscd-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * nscd-debuginfo-2.31-150300.92.1
    * glibc-32bit-debuginfo-2.31-150300.92.1
    * glibc-extra-debuginfo-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-locale-base-32bit-2.31-150300.92.1
    * glibc-32bit-2.31-150300.92.1
    * glibc-profile-2.31-150300.92.1
    * glibc-locale-base-32bit-debuginfo-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Manager Proxy 4.3 (noarch)
    * glibc-info-2.31-150300.92.1
    * glibc-lang-2.31-150300.92.1
    * glibc-i18ndata-2.31-150300.92.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * glibc-extra-2.31-150300.92.1
    * glibc-devel-debuginfo-2.31-150300.92.1
    * glibc-devel-2.31-150300.92.1
    * nscd-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * nscd-debuginfo-2.31-150300.92.1
    * glibc-32bit-debuginfo-2.31-150300.92.1
    * glibc-extra-debuginfo-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-locale-base-32bit-2.31-150300.92.1
    * glibc-32bit-2.31-150300.92.1
    * glibc-profile-2.31-150300.92.1
    * glibc-locale-base-32bit-debuginfo-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Manager Retail Branch Server 4.3 (noarch)
    * glibc-info-2.31-150300.92.1
    * glibc-lang-2.31-150300.92.1
    * glibc-i18ndata-2.31-150300.92.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * glibc-extra-2.31-150300.92.1
    * glibc-devel-debuginfo-2.31-150300.92.1
    * glibc-devel-2.31-150300.92.1
    * nscd-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * nscd-debuginfo-2.31-150300.92.1
    * glibc-extra-debuginfo-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-profile-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Manager Server 4.3 (noarch)
    * glibc-info-2.31-150300.92.1
    * glibc-lang-2.31-150300.92.1
    * glibc-i18ndata-2.31-150300.92.1
  * SUSE Manager Server 4.3 (x86_64)
    * glibc-locale-base-32bit-2.31-150300.92.1
    * glibc-locale-base-32bit-debuginfo-2.31-150300.92.1
    * glibc-32bit-2.31-150300.92.1
    * glibc-32bit-debuginfo-2.31-150300.92.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * glibc-extra-2.31-150300.92.1
    * glibc-devel-debuginfo-2.31-150300.92.1
    * glibc-devel-2.31-150300.92.1
    * nscd-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * nscd-debuginfo-2.31-150300.92.1
    * glibc-extra-debuginfo-2.31-150300.92.1
    * glibc-utils-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-utils-src-debugsource-2.31-150300.92.1
    * glibc-profile-2.31-150300.92.1
    * glibc-utils-debuginfo-2.31-150300.92.1
    * glibc-devel-static-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Enterprise Storage 7.1 (noarch)
    * glibc-info-2.31-150300.92.1
    * glibc-lang-2.31-150300.92.1
    * glibc-i18ndata-2.31-150300.92.1
  * SUSE Enterprise Storage 7.1 (x86_64)
    * glibc-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-debuginfo-2.31-150300.92.1
    * glibc-locale-base-32bit-2.31-150300.92.1
    * glibc-32bit-2.31-150300.92.1
    * glibc-locale-base-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-2.31-150300.92.1
  * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
    * glibc-devel-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
    * glibc-devel-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
    * glibc-devel-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-0395.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236282

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250217/ff5994d7/attachment.htm>

From null at suse.de  Mon Feb 17 12:30:13 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 17 Feb 2025 12:30:13 -0000
Subject: SUSE-SU-2025:0561-1: important: Security update for openvswitch
Message-ID: <173979541307.21560.17406098807121256523@smelt2.prg2.suse.org>



# Security update for openvswitch

Announcement ID: SUSE-SU-2025:0561-1  
Release Date: 2025-02-17T10:39:51Z  
Rating: important  
References:

  * bsc#1236353

  
Cross-References:

  * CVE-2025-0650

  
CVSS scores:

  * CVE-2025-0650 ( SUSE ):  9.2
    CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-0650 ( SUSE ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0650 ( NVD ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for openvswitch fixes the following issues:

  * CVE-2025-0650: ovn: egress ACLs may be bypassed via specially crafted UDP
    packet. (bsc#1236353)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-561=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-561=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * openvswitch-debuginfo-2.11.5-3.24.2
    * libopenvswitch-2_11-0-2.11.5-3.24.2
    * libopenvswitch-2_11-0-debuginfo-2.11.5-3.24.2
    * openvswitch-2.11.5-3.24.2
    * openvswitch-debugsource-2.11.5-3.24.2
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * openvswitch-debuginfo-2.11.5-3.24.2
    * libopenvswitch-2_11-0-2.11.5-3.24.2
    * libopenvswitch-2_11-0-debuginfo-2.11.5-3.24.2
    * openvswitch-2.11.5-3.24.2
    * openvswitch-debugsource-2.11.5-3.24.2

## References:

  * https://www.suse.com/security/cve/CVE-2025-0650.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236353

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250217/f107a3e3/attachment.htm>

From null at suse.de  Mon Feb 17 16:30:45 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 17 Feb 2025 16:30:45 -0000
Subject: SUSE-SU-2025:0565-1: important: Security update for the Linux Kernel
Message-ID: <173980984522.28497.14819969844733157946@smelt2.prg2.suse.org>



# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2025:0565-1  
Release Date: 2025-02-17T13:28:40Z  
Rating: important  
References:

  * bsc#1221282
  * bsc#1222072
  * bsc#1222803
  * bsc#1224856
  * bsc#1224857
  * bsc#1232161
  * bsc#1233028
  * bsc#1234855
  * bsc#1234901
  * bsc#1234931
  * bsc#1234934
  * bsc#1234963
  * bsc#1235011
  * bsc#1235040
  * bsc#1235053
  * bsc#1235059
  * bsc#1235132
  * bsc#1235155
  * bsc#1235217
  * bsc#1235230
  * bsc#1235252
  * bsc#1235413
  * bsc#1235426
  * bsc#1235430
  * bsc#1235433
  * bsc#1235464
  * bsc#1235466
  * bsc#1235479
  * bsc#1235500
  * bsc#1235523
  * bsc#1235526
  * bsc#1235533
  * bsc#1235557
  * bsc#1235570
  * bsc#1235611
  * bsc#1235627
  * bsc#1235638
  * bsc#1235645
  * bsc#1235700
  * bsc#1235714
  * bsc#1235727
  * bsc#1235747
  * bsc#1235750
  * bsc#1235919
  * bsc#1235924
  * bsc#1235948
  * bsc#1235965
  * bsc#1235967
  * bsc#1236080
  * bsc#1236096
  * bsc#1236161
  * bsc#1236182
  * bsc#1236190
  * bsc#1236192
  * bsc#1236262
  * bsc#1236698
  * bsc#1236703

  
Cross-References:

  * CVE-2021-47222
  * CVE-2021-47223
  * CVE-2024-26644
  * CVE-2024-47809
  * CVE-2024-48881
  * CVE-2024-49948
  * CVE-2024-50142
  * CVE-2024-52332
  * CVE-2024-53155
  * CVE-2024-53185
  * CVE-2024-53197
  * CVE-2024-53227
  * CVE-2024-55916
  * CVE-2024-56369
  * CVE-2024-56532
  * CVE-2024-56533
  * CVE-2024-56539
  * CVE-2024-56574
  * CVE-2024-56593
  * CVE-2024-56594
  * CVE-2024-56600
  * CVE-2024-56601
  * CVE-2024-56615
  * CVE-2024-56623
  * CVE-2024-56630
  * CVE-2024-56637
  * CVE-2024-56641
  * CVE-2024-56643
  * CVE-2024-56650
  * CVE-2024-56661
  * CVE-2024-56662
  * CVE-2024-56681
  * CVE-2024-56700
  * CVE-2024-56722
  * CVE-2024-56739
  * CVE-2024-56747
  * CVE-2024-56748
  * CVE-2024-56759
  * CVE-2024-56763
  * CVE-2024-56769
  * CVE-2024-57884
  * CVE-2024-57890
  * CVE-2024-57896
  * CVE-2024-57899
  * CVE-2024-57903
  * CVE-2024-57922
  * CVE-2024-57929
  * CVE-2024-57931
  * CVE-2024-57932
  * CVE-2024-57938
  * CVE-2025-21653
  * CVE-2025-21664
  * CVE-2025-21678
  * CVE-2025-21682

  
CVSS scores:

  * CVE-2021-47222 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2021-47223 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2021-47223 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-26644 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47809 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47809 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47809 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-48881 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-48881 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-48881 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49948 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49948 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50142 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-50142 ( SUSE ):  6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
  * CVE-2024-50142 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-52332 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-52332 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53155 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53155 ( SUSE ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-53155 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-53185 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53185 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53185 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53185 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53197 ( SUSE ):  5.6
    CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-53197 ( SUSE ):  4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-53227 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53227 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53227 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53227 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-55916 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-55916 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-55916 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56369 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56369 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56369 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56532 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56532 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56533 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56533 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56539 ( SUSE ):  8.6
    CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56539 ( SUSE ):  8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-56574 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56574 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56574 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56593 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56593 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56593 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56594 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56594 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56600 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56600 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56601 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56615 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56615 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56615 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56623 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56623 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56623 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56630 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56630 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56637 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56637 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56641 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56641 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56643 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56643 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56643 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56650 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56650 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56650 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-56661 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56661 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56661 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56662 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56662 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
  * CVE-2024-56662 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-56681 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56681 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  * CVE-2024-56700 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56700 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56722 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56722 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56722 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56739 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56739 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56739 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56747 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56747 ( SUSE ):  2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56747 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56748 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56748 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56748 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56759 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56759 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56763 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56763 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56763 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56769 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56769 ( SUSE ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-56769 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57884 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57884 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57890 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57890 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
  * CVE-2024-57890 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57896 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57896 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57896 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57896 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57899 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57899 ( SUSE ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-57903 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57903 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57922 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57922 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57929 ( SUSE ):  8.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57929 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57931 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57931 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57932 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57932 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57938 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57938 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57938 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21653 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-21653 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  * CVE-2025-21664 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21664 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21678 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21678 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21682 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21682 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21682 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Availability Extension 12 SP5
  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Live Patching 12-SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves 54 vulnerabilities and has three security fixes can now be
installed.

## Description:

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security
bugfixes.

The following security bugs were fixed:

  * CVE-2021-47222: net: bridge: fix vlan tunnel dst refcnt when egressing
    (bsc#1224857).
  * CVE-2021-47223: net: bridge: fix vlan tunnel dst null pointer dereference
    (bsc#1224856).
  * CVE-2024-26644: btrfs: do not abort filesystem when attempting to snapshot
    deleted subvolume (bsc#1222072).
  * CVE-2024-47809: dlm: fix possible lkb_resource null dereference
    (bsc#1235714).
  * CVE-2024-48881: bcache: revert replacing IS_ERR_OR_NULL with IS_ERR again
    (bsc#1235727).
  * CVE-2024-49948: net: add more sanity checks to qdisc_pkt_len_init()
    (bsc#1232161).
  * CVE-2024-50142: xfrm: validate new SA's prefixlen using SA family when
    sel.family is unset (bsc#1233028).
  * CVE-2024-52332: igb: Fix potential invalid memory access in
    igb_init_module() (bsc#1235700).
  * CVE-2024-53155: ocfs2: fix uninitialized value in ocfs2_file_read_iter()
    (bsc#1234855).
  * CVE-2024-53185: smb: client: fix NULL ptr deref in crypto_aead_setkey()
    (bsc#1234901).
  * CVE-2024-53197: ALSA: usb-audio: Fix potential out-of-bound accesses for
    Extigy and Mbox devices (bsc#1235464).
  * CVE-2024-53227: scsi: bfa: Fix use-after-free in bfad_im_module_exit()
    (bsc#1235011).
  * CVE-2024-55916: Drivers: hv: util: Avoid accessing a ringbuffer not
    initialized yet (bsc#1235747).
  * CVE-2024-56369: drm/modes: Avoid divide by zero harder in
    drm_mode_vrefresh() (bsc#1235750).
  * CVE-2024-56532: ALSA: us122l: Use snd_card_free_when_closed() at
    disconnection (bsc#1235059).
  * CVE-2024-56533: ALSA: usx2y: Use snd_card_free_when_closed() at
    disconnection (bsc#1235053).
  * CVE-2024-56539: wifi: mwifiex: Fix memcpy() field-spanning write warning in
    mwifiex_config_scan() (bsc#1234963).
  * CVE-2024-56574: media: ts2020: fix null-ptr-deref in ts2020_probe()
    (bsc#1235040).
  * CVE-2024-56593: wifi: brcmfmac: Fix oops due to NULL pointer dereference in
    brcmf_sdiod_sglist_rw() (bsc#1235252).
  * CVE-2024-56594: drm/amdgpu: set the right AMDGPU sg segment limitation
    (bsc#1235413).
  * CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in
    inet6_create() (bsc#1235217).
  * CVE-2024-56601: net: inet: do not leave a dangling sk pointer in
    inet_create() (bsc#1235230).
  * CVE-2024-56615: bpf: fix OOB devmap writes when deleting elements
    (bsc#1235426).
  * CVE-2024-56623: scsi: qla2xxx: Fix use after free on unload (bsc#1235466).
  * CVE-2024-56630: ocfs2: free inode when ocfs2_get_init_inode() fails
    (bsc#1235479).
  * CVE-2024-56637: netfilter: ipset: Hold module reference while requesting a
    module (bsc#1235523).
  * CVE-2024-56641: net/smc: initialize close_work early to avoid warning
    (bsc#1235526).
  * CVE-2024-56643: dccp: Fix memory leak in dccp_feat_change_recv
    (bsc#1235132).
  * CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check()
    (bsc#1235430).
  * CVE-2024-56662: acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl
    (bsc#1235533).
  * CVE-2024-56681: crypto: bcm - add error check in the ahash_hmac_init
    function (bsc#1235557).
  * CVE-2024-56700: media: wl128x: Fix atomicity violation in fmc_send_cmd()
    (bsc#1235500).
  * CVE-2024-56722: RDMA/hns: Fix cpu stuck caused by printings during reset
    (bsc#1235570).
  * CVE-2024-56739: rtc: check if __rtc_read_time was successful in
    rtc_timer_do_work() (bsc#1235611).
  * CVE-2024-56747: scsi: qedi: Fix a possible memory leak in
    qedi_alloc_and_init_sb() (bsc#1234934).
  * CVE-2024-56748: scsi: qedf: Fix a possible memory leak in
    qedf_alloc_and_init_sb() (bsc#1235627).
  * CVE-2024-56759: btrfs: fix use-after-free when COWing tree bock and tracing
    is enabled (bsc#1235645).
  * CVE-2024-56763: tracing: Prevent bad count for tracing_cpumask_write
    (bsc#1235638).
  * CVE-2024-56769: media: dvb-frontends: dib3000mb: fix uninit-value in
    dib3000_write_reg (bsc#1235155).
  * CVE-2024-57884: mm: vmscan: account for free pages to prevent infinite Loop
    in throttle_direct_reclaim() (bsc#1235948).
  * CVE-2024-57890: RDMA/uverbs: Prevent integer overflow issue (bsc#1235919).
  * CVE-2024-57896: btrfs: flush delalloc workers queue before stopping cleaner
    kthread during unmount (bsc#1235965).
  * CVE-2024-57899: wifi: mac80211: fix mbss changed flags corruption on 32 bit
    systems (bsc#1235924).
  * CVE-2024-57903: net: restrict SO_REUSEPORT to inet sockets (bsc#1235967).
  * CVE-2024-57922: drm/amd/display: Add check for granularity in dml ceil/floor
    helpers (bsc#1236080).
  * CVE-2024-57929: dm array: fix releasing a faulty array block twice in
    dm_array_cursor_end (bsc#1236096).
  * CVE-2024-57931: selinux: ignore unknown extended permissions (bsc#1236192).
  * CVE-2024-57932: gve: guard XDP xmit NDO on existence of xdp queues
    (bsc#1236190).
  * CVE-2024-57938: net/sctp: Prevent autoclose integer overflow in
    sctp_association_init() (bsc#1236182).
  * CVE-2025-21653: net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute
    (bsc#1236161).
  * CVE-2025-21664: dm thin: make get_first_thin use rcu-safe list first
    function (bsc#1236262).
  * CVE-2025-21678: gtp: Destroy device along with udp socket's netns dismantle
    (bsc#1236698).
  * CVE-2025-21682: eth: bnxt: always recalculate features after XDP clearing,
    fix null-deref (bsc#1236703).

The following non-security bugs were fixed:

  * ALSA: usb-audio: Fix a DMA to stack memory bug (git-fixes).
  * drm/modes: Switch to 64bit maths to avoid integer overflow (bsc#1235750).
  * vfio/pci: Lock external INTx masking ops (bsc#1222803).
  * btrfs: fstests btrfs/309 fails on btrfs (bsc#1221282).

## Special Instructions and Notes:

  * Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server for SAP Applications 12 SP5  
    zypper in -t patch SUSE-SLE-HA-12-SP5-2025-565=1

  * SUSE Linux Enterprise High Availability Extension 12 SP5  
    zypper in -t patch SUSE-SLE-HA-12-SP5-2025-565=1

  * SUSE Linux Enterprise Live Patching 12-SP5  
    zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-565=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-565=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-565=1

## Package List:

  * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (nosrc)
    * kernel-default-4.12.14-122.247.1
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64)
    * kernel-default-debugsource-4.12.14-122.247.1
    * kernel-default-debuginfo-4.12.14-122.247.1
  * SUSE Linux Enterprise High Availability Extension 12 SP5 (nosrc)
    * kernel-default-4.12.14-122.247.1
  * SUSE Linux Enterprise High Availability Extension 12 SP5 (ppc64le s390x
    x86_64)
    * kernel-default-debugsource-4.12.14-122.247.1
    * kernel-default-debuginfo-4.12.14-122.247.1
  * SUSE Linux Enterprise Live Patching 12-SP5 (nosrc)
    * kernel-default-4.12.14-122.247.1
  * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64)
    * kgraft-patch-4_12_14-122_247-default-1-8.3.1
    * kernel-default-debuginfo-4.12.14-122.247.1
    * kernel-default-debugsource-4.12.14-122.247.1
    * kernel-default-kgraft-devel-4.12.14-122.247.1
    * kernel-default-kgraft-4.12.14-122.247.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * ocfs2-kmp-default-debuginfo-4.12.14-122.247.1
    * dlm-kmp-default-debuginfo-4.12.14-122.247.1
    * dlm-kmp-default-4.12.14-122.247.1
    * kernel-default-debuginfo-4.12.14-122.247.1
    * cluster-md-kmp-default-debuginfo-4.12.14-122.247.1
    * kernel-default-base-4.12.14-122.247.1
    * kernel-default-devel-4.12.14-122.247.1
    * kernel-syms-4.12.14-122.247.1
    * ocfs2-kmp-default-4.12.14-122.247.1
    * cluster-md-kmp-default-4.12.14-122.247.1
    * kernel-default-base-debuginfo-4.12.14-122.247.1
    * gfs2-kmp-default-debuginfo-4.12.14-122.247.1
    * gfs2-kmp-default-4.12.14-122.247.1
    * kernel-default-debugsource-4.12.14-122.247.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64
    nosrc)
    * kernel-default-4.12.14-122.247.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch)
    * kernel-source-4.12.14-122.247.1
    * kernel-macros-4.12.14-122.247.1
    * kernel-devel-4.12.14-122.247.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x)
    * kernel-default-man-4.12.14-122.247.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (x86_64)
    * kernel-default-devel-debuginfo-4.12.14-122.247.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * ocfs2-kmp-default-debuginfo-4.12.14-122.247.1
    * kernel-default-devel-debuginfo-4.12.14-122.247.1
    * dlm-kmp-default-debuginfo-4.12.14-122.247.1
    * dlm-kmp-default-4.12.14-122.247.1
    * kernel-default-debuginfo-4.12.14-122.247.1
    * cluster-md-kmp-default-debuginfo-4.12.14-122.247.1
    * kernel-default-base-4.12.14-122.247.1
    * kernel-default-devel-4.12.14-122.247.1
    * kernel-syms-4.12.14-122.247.1
    * ocfs2-kmp-default-4.12.14-122.247.1
    * cluster-md-kmp-default-4.12.14-122.247.1
    * kernel-default-base-debuginfo-4.12.14-122.247.1
    * gfs2-kmp-default-debuginfo-4.12.14-122.247.1
    * gfs2-kmp-default-4.12.14-122.247.1
    * kernel-default-debugsource-4.12.14-122.247.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (nosrc x86_64)
    * kernel-default-4.12.14-122.247.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch)
    * kernel-source-4.12.14-122.247.1
    * kernel-macros-4.12.14-122.247.1
    * kernel-devel-4.12.14-122.247.1

## References:

  * https://www.suse.com/security/cve/CVE-2021-47222.html
  * https://www.suse.com/security/cve/CVE-2021-47223.html
  * https://www.suse.com/security/cve/CVE-2024-26644.html
  * https://www.suse.com/security/cve/CVE-2024-47809.html
  * https://www.suse.com/security/cve/CVE-2024-48881.html
  * https://www.suse.com/security/cve/CVE-2024-49948.html
  * https://www.suse.com/security/cve/CVE-2024-50142.html
  * https://www.suse.com/security/cve/CVE-2024-52332.html
  * https://www.suse.com/security/cve/CVE-2024-53155.html
  * https://www.suse.com/security/cve/CVE-2024-53185.html
  * https://www.suse.com/security/cve/CVE-2024-53197.html
  * https://www.suse.com/security/cve/CVE-2024-53227.html
  * https://www.suse.com/security/cve/CVE-2024-55916.html
  * https://www.suse.com/security/cve/CVE-2024-56369.html
  * https://www.suse.com/security/cve/CVE-2024-56532.html
  * https://www.suse.com/security/cve/CVE-2024-56533.html
  * https://www.suse.com/security/cve/CVE-2024-56539.html
  * https://www.suse.com/security/cve/CVE-2024-56574.html
  * https://www.suse.com/security/cve/CVE-2024-56593.html
  * https://www.suse.com/security/cve/CVE-2024-56594.html
  * https://www.suse.com/security/cve/CVE-2024-56600.html
  * https://www.suse.com/security/cve/CVE-2024-56601.html
  * https://www.suse.com/security/cve/CVE-2024-56615.html
  * https://www.suse.com/security/cve/CVE-2024-56623.html
  * https://www.suse.com/security/cve/CVE-2024-56630.html
  * https://www.suse.com/security/cve/CVE-2024-56637.html
  * https://www.suse.com/security/cve/CVE-2024-56641.html
  * https://www.suse.com/security/cve/CVE-2024-56643.html
  * https://www.suse.com/security/cve/CVE-2024-56650.html
  * https://www.suse.com/security/cve/CVE-2024-56661.html
  * https://www.suse.com/security/cve/CVE-2024-56662.html
  * https://www.suse.com/security/cve/CVE-2024-56681.html
  * https://www.suse.com/security/cve/CVE-2024-56700.html
  * https://www.suse.com/security/cve/CVE-2024-56722.html
  * https://www.suse.com/security/cve/CVE-2024-56739.html
  * https://www.suse.com/security/cve/CVE-2024-56747.html
  * https://www.suse.com/security/cve/CVE-2024-56748.html
  * https://www.suse.com/security/cve/CVE-2024-56759.html
  * https://www.suse.com/security/cve/CVE-2024-56763.html
  * https://www.suse.com/security/cve/CVE-2024-56769.html
  * https://www.suse.com/security/cve/CVE-2024-57884.html
  * https://www.suse.com/security/cve/CVE-2024-57890.html
  * https://www.suse.com/security/cve/CVE-2024-57896.html
  * https://www.suse.com/security/cve/CVE-2024-57899.html
  * https://www.suse.com/security/cve/CVE-2024-57903.html
  * https://www.suse.com/security/cve/CVE-2024-57922.html
  * https://www.suse.com/security/cve/CVE-2024-57929.html
  * https://www.suse.com/security/cve/CVE-2024-57931.html
  * https://www.suse.com/security/cve/CVE-2024-57932.html
  * https://www.suse.com/security/cve/CVE-2024-57938.html
  * https://www.suse.com/security/cve/CVE-2025-21653.html
  * https://www.suse.com/security/cve/CVE-2025-21664.html
  * https://www.suse.com/security/cve/CVE-2025-21678.html
  * https://www.suse.com/security/cve/CVE-2025-21682.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1221282
  * https://bugzilla.suse.com/show_bug.cgi?id=1222072
  * https://bugzilla.suse.com/show_bug.cgi?id=1222803
  * https://bugzilla.suse.com/show_bug.cgi?id=1224856
  * https://bugzilla.suse.com/show_bug.cgi?id=1224857
  * https://bugzilla.suse.com/show_bug.cgi?id=1232161
  * https://bugzilla.suse.com/show_bug.cgi?id=1233028
  * https://bugzilla.suse.com/show_bug.cgi?id=1234855
  * https://bugzilla.suse.com/show_bug.cgi?id=1234901
  * https://bugzilla.suse.com/show_bug.cgi?id=1234931
  * https://bugzilla.suse.com/show_bug.cgi?id=1234934
  * https://bugzilla.suse.com/show_bug.cgi?id=1234963
  * https://bugzilla.suse.com/show_bug.cgi?id=1235011
  * https://bugzilla.suse.com/show_bug.cgi?id=1235040
  * https://bugzilla.suse.com/show_bug.cgi?id=1235053
  * https://bugzilla.suse.com/show_bug.cgi?id=1235059
  * https://bugzilla.suse.com/show_bug.cgi?id=1235132
  * https://bugzilla.suse.com/show_bug.cgi?id=1235155
  * https://bugzilla.suse.com/show_bug.cgi?id=1235217
  * https://bugzilla.suse.com/show_bug.cgi?id=1235230
  * https://bugzilla.suse.com/show_bug.cgi?id=1235252
  * https://bugzilla.suse.com/show_bug.cgi?id=1235413
  * https://bugzilla.suse.com/show_bug.cgi?id=1235426
  * https://bugzilla.suse.com/show_bug.cgi?id=1235430
  * https://bugzilla.suse.com/show_bug.cgi?id=1235433
  * https://bugzilla.suse.com/show_bug.cgi?id=1235464
  * https://bugzilla.suse.com/show_bug.cgi?id=1235466
  * https://bugzilla.suse.com/show_bug.cgi?id=1235479
  * https://bugzilla.suse.com/show_bug.cgi?id=1235500
  * https://bugzilla.suse.com/show_bug.cgi?id=1235523
  * https://bugzilla.suse.com/show_bug.cgi?id=1235526
  * https://bugzilla.suse.com/show_bug.cgi?id=1235533
  * https://bugzilla.suse.com/show_bug.cgi?id=1235557
  * https://bugzilla.suse.com/show_bug.cgi?id=1235570
  * https://bugzilla.suse.com/show_bug.cgi?id=1235611
  * https://bugzilla.suse.com/show_bug.cgi?id=1235627
  * https://bugzilla.suse.com/show_bug.cgi?id=1235638
  * https://bugzilla.suse.com/show_bug.cgi?id=1235645
  * https://bugzilla.suse.com/show_bug.cgi?id=1235700
  * https://bugzilla.suse.com/show_bug.cgi?id=1235714
  * https://bugzilla.suse.com/show_bug.cgi?id=1235727
  * https://bugzilla.suse.com/show_bug.cgi?id=1235747
  * https://bugzilla.suse.com/show_bug.cgi?id=1235750
  * https://bugzilla.suse.com/show_bug.cgi?id=1235919
  * https://bugzilla.suse.com/show_bug.cgi?id=1235924
  * https://bugzilla.suse.com/show_bug.cgi?id=1235948
  * https://bugzilla.suse.com/show_bug.cgi?id=1235965
  * https://bugzilla.suse.com/show_bug.cgi?id=1235967
  * https://bugzilla.suse.com/show_bug.cgi?id=1236080
  * https://bugzilla.suse.com/show_bug.cgi?id=1236096
  * https://bugzilla.suse.com/show_bug.cgi?id=1236161
  * https://bugzilla.suse.com/show_bug.cgi?id=1236182
  * https://bugzilla.suse.com/show_bug.cgi?id=1236190
  * https://bugzilla.suse.com/show_bug.cgi?id=1236192
  * https://bugzilla.suse.com/show_bug.cgi?id=1236262
  * https://bugzilla.suse.com/show_bug.cgi?id=1236698
  * https://bugzilla.suse.com/show_bug.cgi?id=1236703

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250217/6bd2e993/attachment.htm>

From null at suse.de  Mon Feb 17 16:31:39 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 17 Feb 2025 16:31:39 -0000
Subject: SUSE-SU-2025:0564-1: important: Security update for the Linux Kernel
Message-ID: <173980989916.28497.6410247059394303624@smelt2.prg2.suse.org>



# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2025:0564-1  
Release Date: 2025-02-17T13:26:35Z  
Rating: important  
References:

  * bsc#1215199
  * bsc#1222803
  * bsc#1224049
  * bsc#1226980
  * bsc#1227937
  * bsc#1231088
  * bsc#1232101
  * bsc#1232161
  * bsc#1233028
  * bsc#1233221
  * bsc#1233248
  * bsc#1233522
  * bsc#1233778
  * bsc#1234070
  * bsc#1234683
  * bsc#1234693
  * bsc#1234947
  * bsc#1235001
  * bsc#1235217
  * bsc#1235230
  * bsc#1235244
  * bsc#1235390
  * bsc#1235418
  * bsc#1235430
  * bsc#1235441
  * bsc#1235485
  * bsc#1235487
  * bsc#1235489
  * bsc#1235498
  * bsc#1235545
  * bsc#1235578
  * bsc#1235582
  * bsc#1235583
  * bsc#1235612
  * bsc#1235638
  * bsc#1235656
  * bsc#1235686
  * bsc#1235865
  * bsc#1235874
  * bsc#1235914
  * bsc#1235941
  * bsc#1235948
  * bsc#1236127
  * bsc#1236160
  * bsc#1236161
  * bsc#1236163
  * bsc#1236182
  * bsc#1236192
  * bsc#1236245
  * bsc#1236247
  * bsc#1236260
  * bsc#1236262
  * bsc#1236628
  * bsc#1236680
  * bsc#1236681
  * bsc#1236682
  * bsc#1236683
  * bsc#1236684
  * bsc#1236685
  * bsc#1236688
  * bsc#1236689
  * bsc#1236694
  * bsc#1236696
  * bsc#1236698
  * bsc#1236702
  * bsc#1236703
  * bsc#1236732
  * bsc#1236733
  * bsc#1236757
  * bsc#1236758
  * bsc#1236759
  * bsc#1236760
  * bsc#1236761
  * jsc#PED-12094
  * jsc#PED-7242

  
Cross-References:

  * CVE-2024-40980
  * CVE-2024-46858
  * CVE-2024-49948
  * CVE-2024-49978
  * CVE-2024-50142
  * CVE-2024-50251
  * CVE-2024-50258
  * CVE-2024-50304
  * CVE-2024-53123
  * CVE-2024-53187
  * CVE-2024-53203
  * CVE-2024-56592
  * CVE-2024-56600
  * CVE-2024-56601
  * CVE-2024-56608
  * CVE-2024-56610
  * CVE-2024-56633
  * CVE-2024-56650
  * CVE-2024-56658
  * CVE-2024-56665
  * CVE-2024-56679
  * CVE-2024-56693
  * CVE-2024-56707
  * CVE-2024-56715
  * CVE-2024-56725
  * CVE-2024-56726
  * CVE-2024-56727
  * CVE-2024-56728
  * CVE-2024-56763
  * CVE-2024-57802
  * CVE-2024-57882
  * CVE-2024-57884
  * CVE-2024-57917
  * CVE-2024-57931
  * CVE-2024-57938
  * CVE-2024-57946
  * CVE-2025-21652
  * CVE-2025-21653
  * CVE-2025-21655
  * CVE-2025-21663
  * CVE-2025-21664
  * CVE-2025-21665
  * CVE-2025-21666
  * CVE-2025-21667
  * CVE-2025-21668
  * CVE-2025-21669
  * CVE-2025-21670
  * CVE-2025-21673
  * CVE-2025-21674
  * CVE-2025-21675
  * CVE-2025-21676
  * CVE-2025-21678
  * CVE-2025-21681
  * CVE-2025-21682

  
CVSS scores:

  * CVE-2024-40980 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-40980 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-46858 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-46858 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-49948 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49948 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49978 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49978 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50142 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-50142 ( SUSE ):  6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
  * CVE-2024-50142 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50251 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-50251 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50251 ( NVD ):  6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50258 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-50258 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50258 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50304 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50304 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53123 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53123 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53187 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-53187 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
  * CVE-2024-53187 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53203 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53203 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
  * CVE-2024-53203 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56592 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56592 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56600 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56600 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56601 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56608 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56608 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56608 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56610 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56610 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56633 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56633 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56650 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56650 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56650 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-56658 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56658 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56658 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56665 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56665 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56665 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56679 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56679 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56693 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56693 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56693 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56707 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56707 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56715 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56715 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56715 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56725 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56725 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56725 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56726 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56726 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56726 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56727 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56727 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56727 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56728 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56728 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56728 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56763 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56763 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56763 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57802 ( SUSE ):  2.1
    CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-57802 ( SUSE ):  4.6 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
  * CVE-2024-57802 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57882 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57882 ( SUSE ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
  * CVE-2024-57882 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57884 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57884 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57917 ( SUSE ):  5.6
    CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57917 ( SUSE ):  4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57931 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57931 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57938 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57938 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57938 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57946 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57946 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21652 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21652 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-21652 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-21652 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-21653 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-21653 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  * CVE-2025-21655 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21655 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21663 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21663 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21664 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21664 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21665 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21665 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21665 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21666 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21666 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21666 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21667 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21667 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21667 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21668 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21668 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
  * CVE-2025-21669 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21669 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21669 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21670 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21670 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21670 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21673 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21673 ( SUSE ):  6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
  * CVE-2025-21673 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21674 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21674 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21674 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21675 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21675 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21675 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21676 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21676 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21676 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21678 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21678 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21681 ( SUSE ):  8.2
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
  * CVE-2025-21681 ( SUSE ):  6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
  * CVE-2025-21682 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21682 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21682 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * Confidential Computing Module 15-SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves 54 vulnerabilities, contains two features and has 19
security fixes can now be installed.

## Description:

The SUSE Linux Enterprise 15 SP6 Confidential Computing kernel was updated to
receive various security bugfixes.

The following security bugs were fixed:

  * CVE-2024-40980: drop_monitor: replace spin_lock by raw_spin_lock
    (bsc#1227937).
  * CVE-2024-46858: mptcp: pm: Fix uaf in __timer_delete_sync (bsc#1231088).
  * CVE-2024-49948: net: add more sanity checks to qdisc_pkt_len_init()
    (bsc#1232161).
  * CVE-2024-49978: gso: fix udp gso fraglist segmentation after pull from
    frag_list (bsc#1232101).
  * CVE-2024-50142: xfrm: validate new SA's prefixlen using SA family when
    sel.family is unset (bsc#1233028).
  * CVE-2024-50251: netfilter: nft_payload: sanitize offset and length before
    calling skb_checksum() (bsc#1233248).
  * CVE-2024-50258: net: fix crash when config small
    gso_max_size/gso_ipv4_max_size (bsc#1233221).
  * CVE-2024-50304: ipv4: ip_tunnel: Fix suspicious RCU usage warning in
    ip_tunnel_find() (bsc#1233522).
  * CVE-2024-53123: mptcp: error out earlier on disconnect (bsc#1234070).
  * CVE-2024-53187: io_uring: check for overflows in io_pin_pages (bsc#1234947).
  * CVE-2024-53203: usb: typec: fix potential array underflow in
    ucsi_ccg_sync_control() (bsc#1235001).
  * CVE-2024-56592: bpf: Call free_htab_elem() after htab_unlock_bucket()
    (bsc#1235244).
  * CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in
    inet6_create() (bsc#1235217).
  * CVE-2024-56601: net: inet: do not leave a dangling sk pointer in
    inet_create() (bsc#1235230).
  * CVE-2024-56608: drm/amd/display: Fix out-of-bounds access in
    'dcn21_link_encoder_create' (bsc#1235487).
  * CVE-2024-56610: kcsan: Turn report_filterlist_lock into a raw_spinlock
    (bsc#1235390).
  * CVE-2024-56633: tcp_bpf: Fix the sk_mem_uncharge logic in tcp_bpf_sendmsg
    (bsc#1235485).
  * CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check()
    (bsc#1235430).
  * CVE-2024-56658: net: defer final 'struct net' free in netns dismantle
    (bsc#1235441).
  * CVE-2024-56665: bpf,perf: Fix invalid prog_array access in
    perf_event_detach_bpf_prog (bsc#1235489).
  * CVE-2024-56679: octeontx2-pf: handle otx2_mbox_get_rsp errors in
    otx2_common.c (bsc#1235498).
  * CVE-2024-56693: brd: defer automatic disk creation until module
    initialization succeeds (bsc#1235418).
  * CVE-2024-56707: octeontx2-pf: handle otx2_mbox_get_rsp errors in
    otx2_dmac_flt.c (bsc#1235545).
  * CVE-2024-56715: ionic: Fix netdev notifier unregister on failure
    (bsc#1235612).
  * CVE-2024-56725: octeontx2-pf: handle otx2_mbox_get_rsp errors in
    otx2_dcbnl.c (bsc#1235578).
  * CVE-2024-56726: octeontx2-pf: handle otx2_mbox_get_rsp errors in cn10k.c
    (bsc#1235582).
  * CVE-2024-56727: octeontx2-pf: handle otx2_mbox_get_rsp errors in
    otx2_flows.c (bsc#1235583).
  * CVE-2024-56728: octeontx2-pf: handle otx2_mbox_get_rsp errors in
    otx2_ethtool.c (bsc#1235656).
  * CVE-2024-56763: tracing: Prevent bad count for tracing_cpumask_write
    (bsc#1235638).
  * CVE-2024-57802: netrom: check buffer length before accessing it
    (bsc#1235941).
  * CVE-2024-57882: mptcp: fix TCP options overflow. (bsc#1235914).
  * CVE-2024-57884: mm: vmscan: account for free pages to prevent infinite Loop
    in throttle_direct_reclaim() (bsc#1235948).
  * CVE-2024-57917: topology: Keep the cpumask unchanged when printing cpumap
    (bsc#1236127).
  * CVE-2024-57931: selinux: ignore unknown extended permissions (bsc#1236192).
  * CVE-2024-57938: net/sctp: Prevent autoclose integer overflow in
    sctp_association_init() (bsc#1236182).
  * CVE-2024-57946: virtio-blk: do not keep queue frozen during system suspend
    (bsc#1236247).
  * CVE-2025-21652: ipvlan: Fix use-after-free in ipvlan_get_iflink()
    (bsc#1236160).
  * CVE-2025-21653: net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute
    (bsc#1236161).
  * CVE-2025-21655: io_uring/eventfd: ensure io_eventfd_signal() defers another
    RCU period (bsc#1236163).
  * CVE-2025-21663: net: stmmac: dwmac-tegra: Read iommu stream id from device
    tree (bsc#1236260).
  * CVE-2025-21664: dm thin: make get_first_thin use rcu-safe list first
    function (bsc#1236262).
  * CVE-2025-21665: filemap: avoid truncating 64-bit offset to 32 bits
    (bsc#1236684).
  * CVE-2025-21666: vsock: prevent null-ptr-deref in vsock_*[has_data|has_space]
    (bsc#1236680).
  * CVE-2025-21667: iomap: avoid avoid truncating 64-bit offset to 32 bits
    (bsc#1236681).
  * CVE-2025-21668: pmdomain: imx8mp-blk-ctrl: add missing loop break condition
    (bsc#1236682).
  * CVE-2025-21669: vsock/virtio: discard packets if the transport changes
    (bsc#1236683).
  * CVE-2025-21670: vsock/bpf: return early if transport is not assigned
    (bsc#1236685).
  * CVE-2025-21673: smb: client: fix double free of TCP_Server_Info::hostname
    (bsc#1236689).
  * CVE-2025-21674: net/mlx5e: Fix inversion dependency warning while enabling
    IPsec tunnel (bsc#1236688).
  * CVE-2025-21675: net/mlx5: Clear port select structure when fail to create
    (bsc#1236694).
  * CVE-2025-21676: net: fec: handle page_pool_dev_alloc_pages error
    (bsc#1236696).
  * CVE-2025-21678: gtp: Destroy device along with udp socket's netns dismantle
    (bsc#1236698).
  * CVE-2025-21681: openvswitch: fix lockup on tx to unregistering netdev with
    carrier (bsc#1236702).
  * CVE-2025-21682: eth: bnxt: always recalculate features after XDP clearing,
    fix null-deref (bsc#1236703).

The following non-security bugs were fixed:

  * ACPI: PRM: Remove unnecessary strict handler address checks (git-fixes).
  * ACPI: fan: cleanup resources in the error path of .probe() (git-fixes).
  * ACPI: property: Fix return value for nval == 0 in acpi_data_prop_read()
    (git-fixes).
  * ACPI: resource: acpi_dev_irq_override(): Check DMI match last (stable-
    fixes).
  * ALSA: hda/realtek - Fixed headphone distorted sound on Acer Aspire A115-31
    laptop (git-fixes).
  * ALSA: hda/realtek: Enable Mute LED on HP Laptop 14s-fq1xxx (stable-fixes).
  * ALSA: hda/realtek: Enable headset mic on Positivo C6400 (stable-fixes).
  * ALSA: hda/realtek: Workaround for resume on Dell Venue 11 Pro 7130
    (bsc#1235686).
  * ALSA: hda: Fix headset detection failure due to unstable sort (git-fixes).
  * ALSA: seq: Make dependency on UMP clearer (git-fixes).
  * ALSA: seq: remove redundant 'tristate' for SND_SEQ_UMP_CLIENT (stable-
    fixes).
  * ALSA: usb-audio: Add delay quirk for USB Audio Device (stable-fixes).
  * ALSA: usb-audio: Add delay quirk for iBasso DC07 Pro (stable-fixes).
  * ASoC: Intel: avs: Abstract IPC handling (stable-fixes).
  * ASoC: Intel: avs: Do not readq() u32 registers (git-fixes).
  * ASoC: Intel: avs: Fix theoretical infinite loop (git-fixes).
  * ASoC: Intel: avs: Prefix SKL/APL-specific members (stable-fixes).
  * ASoC: acp: Support microphone from Lenovo Go S (stable-fixes).
  * ASoC: rockchip: i2s_tdm: Re-add the set_sysclk callback (git-fixes).
  * ASoC: samsung: Add missing depends on I2C (git-fixes).
  * ASoC: samsung: Add missing selects for MFD_WM8994 (stable-fixes).
  * ASoC: sun4i-spdif: Add clock multiplier settings (git-fixes).
  * ASoC: wm8994: Add depends on MFD core (stable-fixes).
  * Bluetooth: L2CAP: accept zero as a special value for MTU auto-selection
    (git-fixes).
  * Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc (git-fixes).
  * Bluetooth: btnxpuart: Fix glitches seen in dual A2DP streaming (git-fixes).
  * EDAC/{i10nm,skx,skx_common}: Support UV systems (bsc#1234693).
  * HID: core: Fix assumption that Resolution Multipliers must be in Logical
    Collections (git-fixes).
  * HID: fix generic desktop D-Pad controls (git-fixes).
  * HID: hid-sensor-hub: do not use stale platform-data on remove (git-fixes).
  * HID: hid-thrustmaster: Fix warning in thrustmaster_probe by adding endpoint
    check (git-fixes).
  * HID: multitouch: fix support for Goodix PID 0x01e9 (git-fixes).
  * Input: atkbd - map F23 key to support default copilot shortcut (stable-
    fixes).
  * Input: bbnsm_pwrkey - add remove hook (git-fixes).
  * Input: davinci-keyscan - remove leftover header (git-fixes).
  * Input: xpad - add QH Electronics VID/PID (stable-fixes).
  * Input: xpad - add support for Nacon Evol-X Xbox One Controller (stable-
    fixes).
  * Input: xpad - add support for Nacon Pro Compact (stable-fixes).
  * Input: xpad - add support for wooting two he (arm) (stable-fixes).
  * Input: xpad - add unofficial Xbox 360 wireless receiver clone (stable-
    fixes).
  * Input: xpad - improve name of 8BitDo controller 2dc8:3106 (stable-fixes).
  * KVM: Allow page-sized MMU caches to be initialized with custom 64-bit values
    (jsc#PED-6143).
  * KVM: x86/mmu: Add Suppress VE bit to EPT
    shadow_mmio_mask/shadow_present_mask (jsc#PED-6143).
  * KVM: x86/mmu: Allow non-zero value for non-present SPTE and removed SPTE
    (jsc#PED-6143).
  * KVM: x86/mmu: Replace hardcoded value 0 for the initial value for SPTE
    (jsc#PED-6143).
  * KVM: x86/mmu: Track shadow MMIO value on a per-VM basis (jsc#PED-6143).
  * NFC: nci: Add bounds checking in nci_hci_create_pipe() (git-fixes).
  * NFSv4.2: fix COPY_NOTIFY xdr buf size calculation (git-fixes).
  * NFSv4.2: mark OFFLOAD_CANCEL MOVEABLE (git-fixes).
  * PCI: Avoid putting some root ports into D3 on TUXEDO Sirius Gen1 (git-
    fixes).
  * PCI: dwc: Always stop link in the dw_pcie_suspend_noirq (git-fixes).
  * PCI: dwc: ep: Prevent changing BAR size/flags in pci_epc_set_bar() (git-
    fixes).
  * PCI: dwc: ep: Write BAR_MASK before iATU registers in pci_epc_set_bar()
    (git-fixes).
  * PCI: endpoint: Destroy the EPC device in devm_pci_epc_destroy() (git-fixes).
  * PCI: endpoint: Finish virtual EP removal in pci_epf_remove_vepf() (git-
    fixes).
  * PCI: endpoint: pci-epf-test: Fix check for DMA MEMCPY test (git-fixes).
  * PCI: endpoint: pci-epf-test: Set dma_chan_rx pointer to NULL on error (git-
    fixes).
  * PCI: imx6: Deassert apps_reset in imx_pcie_deassert_core_reset() (git-
    fixes).
  * PCI: imx6: Skip controller_id generation logic for i.MX7D (git-fixes).
  * PCI: microchip: Set inbound address translation for coherent or non-coherent
    mode (git-fixes).
  * PCI: rcar-ep: Fix incorrect variable used when calling
    devm_request_mem_region() (git-fixes).
  * PM: hibernate: Add error handling for syscore_suspend() (git-fixes).
  * RDMA/bnxt_re: Fix to drop reference to the mmap entry in case of error (git-
    fixes)
  * RDMA/bnxt_re: Fix to export port num to ib_query_qp (git-fixes)
  * RDMA/mlx4: Avoid false error about access to uninitialized gids array (git-
    fixes)
  * RDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error (git-
    fixes)
  * RDMA/mlx5: Fix implicit ODP use after free (git-fixes)
  * RDMA/mlx5: Fix indirect mkey ODP page count (git-fixes)
  * RDMA/rxe: Fix mismatched max_msg_sz (git-fixes)
  * RDMA/rxe: Fix the warning "__rxe_cleanup+0x12c/0x170 [rdma_rxe]" (git-fixes)
  * RDMA/srp: Fix error handling in srp_add_port (git-fixes)
  * Remove "iommu/arm-smmu: Defer probe of clients after smmu device bound",
    reverted by upstream.
  * Revert "HID: multitouch: Add support for lenovo Y9000P Touchpad" (stable-
    fixes).
  * Revert "drm/i915/dpt: Make DPT object unshrinkable" (stable-fixes).
  * Revert "usb: gadget: u_serial: Disable ep before setting port to null to fix
    the crash caused by port being null" (stable-fixes).
  * Revert "Disable ceph".
  * USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() (git-
    fixes).
  * VFS: use system_unbound_wq for delayed_mntput (bsc#1234683).
  * VMCI: fix reference to ioctl-number.rst (git-fixes).
  * afs: Fix EEXIST error returned from afs_rmdir() to be ENOTEMPTY (git-fixes).
  * afs: Fix cleanup of immediately failed async calls (git-fixes).
  * afs: Fix directory format encoding struct (git-fixes).
  * afs: Fix the fallback handling for the YFS.RemoveFile2 RPC call (git-fixes).
  * arm64/sme: Move storage of reg_smidr to __cpuinfo_store_cpu() (git-fixes)
  * arm64: Filter out SVE hwcaps when FEAT_SVE isn't implemented (git-fixes)
  * arm64: Kconfig: Make SME depend on BROKEN for now (git-fixes bsc#1236245)
    Update arm64 default configuration file
  * arm64: dts: rockchip: Add sdmmc/sdio/emmc reset controls for RK3328 (git-
    fixes)
  * arm64: dts: rockchip: increase gmac rx_delay on rk3399-puma (git-fixes)
  * arm64: tegra: Disable Tegra234 sce-fabric node (git-fixes)
  * arm64: tegra: Fix Tegra234 PCIe interrupt-map (git-fixes)
  * arm64: tegra: Fix typo in Tegra234 dce-fabric compatible (git-fixes)
  * ata: libata-core: Set ATA_QCFLAG_RTF_FILLED in fill_result_tf() (stable-
    fixes).
  * bus: mhi: host: Free mhi_buf vector inside mhi_alloc_bhie_table() (git-
    fixes).
  * cpufreq: ACPI: Fix max-frequency computation (git-fixes).
  * cpufreq: Do not unregister cpufreq cooling on CPU hotplug (git-fixes).
  * cpufreq: amd-pstate: remove global header file (git-fixes).
  * cpufreq: imx6q: Do not disable 792 Mhz OPP unnecessarily (git-fixes).
  * cpufreq: imx6q: do not warn for disabling a non-existing frequency (git-
    fixes).
  * cpufreq: intel_pstate: Make hwp_notify_lock a raw spinlock (git-fixes).
  * cpufreq: intel_pstate: Use HWP to initialize ITMT if CPPC is missing (git-
    fixes).
  * cpufreq: intel_pstate: fix pstate limits enforcement for adjust_perf call
    back (git-fixes).
  * cpufreq: mediatek-hw: Do not error out if supply is not found (git-fixes).
  * cpufreq: mediatek-hw: Wait for CPU supplies before probing (git-fixes).
  * cpufreq: qcom-nvmem: Enable virtual power domain devices (git-fixes).
  * cpufreq: qcom-nvmem: Simplify driver data allocation (stable-fixes).
  * cpufreq: qcom-nvmem: add support for IPQ8064 (git-fixes).
  * cpufreq: qcom-nvmem: drop pvs_ver for format a fuses (git-fixes).
  * cpufreq: qcom-nvmem: fix memory leaks in probe error paths (git-fixes).
  * cpufreq: qcom-nvmem: use SoC ID-s from bindings (git-fixes).
  * cpufreq: qcom-nvmem: use helper to get SMEM SoC ID (git-fixes).
  * cpufreq: qcom: Fix qcom_cpufreq_hw_recalc_rate() to query LUT if LMh IRQ is
    not available (git-fixes).
  * cpufreq: qcom: Implement clk_ops::determine_rate() for qcom_cpufreq* clocks
    (git-fixes).
  * cpuidle: Avoid potential overflow in integer multiplication (git-fixes).
  * cpupower: fix TSC MHz calculation (git-fixes).
  * crypto: caam - use JobR's space to access page 0 regs (git-fixes).
  * crypto: hisilicon/sec2 - fix for aead icv error (git-fixes).
  * crypto: hisilicon/sec2 - fix for aead invalid authsize (git-fixes).
  * crypto: hisilicon/sec2 - optimize the error return process (stable-fixes).
  * crypto: iaa - Fix IAA disabling that occurs when sync_mode is set to 'async'
    (git-fixes).
  * crypto: ixp4xx - fix OF node reference leaks in init_ixp_crypto() (git-
    fixes).
  * crypto: qce - fix goto jump in error path (git-fixes).
  * crypto: qce - fix priority to be less than ARMv8 CE (git-fixes).
  * crypto: qce - unregister previously registered algos in error path (git-
    fixes).
  * devcoredump: cleanup some comments (git-fixes).
  * dmaengine: ti: edma: fix OF node reference leaks in edma_driver (git-fixes).
  * docs: power: Fix footnote reference for Toshiba Satellite P10-554 (git-
    fixes).
  * driver core: class: Fix wild pointer dereferences in API
    class_dev_iter_next() (git-fixes).
  * drivers/card_reader/rtsx_usb: Restore interrupt based detection (git-fixes).
  * drm/amd/display: Use HW lock mgr for PSR1 (stable-fixes).
  * drm/amd/pm: Fix an error handling path in
    vega10_enable_se_edc_force_stall_config() (git-fixes).
  * drm/amdgpu/vcn: reset fw_shared under SRIOV (git-fixes).
  * drm/amdgpu: Fix potential NULL pointer dereference in
    atomctrl_get_smc_sclk_range_table (git-fixes).
  * drm/amdgpu: always sync the GFX pipe on ctx switch (stable-fixes).
  * drm/amdgpu: fix UVD contiguous CS mapping problem (bsc#1236759).
  * drm/amdgpu: simplify return statement in amdgpu_ras_eeprom_init (git-fixes).
  * drm/amdgpu: tear down ttm range manager for doorbell in amdgpu_ttm_fini()
    (git-fixes).
  * drm/bridge: it6505: Change definition of AUX_FIFO_MAX_SIZE (git-fixes).
  * drm/etnaviv: Fix page property being used for non writecombine buffers (git-
    fixes).
  * drm/i915/dp: Iterate DSC BPP from high to low on all platforms (git-fixes).
  * drm/i915/fb: Relax clear color alignment to 64 bytes (stable-fixes).
  * drm/i915/guc: Debug print LRC state entries only if the context is pinned
    (git-fixes).
  * drm/i915/pmu: Fix zero delta busyness issue (git-fixes).
  * drm/komeda: Add check for komeda_get_layer_fourcc_list() (git-fixes).
  * drm/mgag200: Added support for the new device G200eH5 (jsc#PED-12094)
  * drm/msm/dp: set safe_to_exit_level before printing it (git-fixes).
  * drm/msm/dpu: link DSPP_2/_3 blocks on SC8180X (git-fixes).
  * drm/msm/dpu: link DSPP_2/_3 blocks on SM8150 (git-fixes).
  * drm/msm/dpu: link DSPP_2/_3 blocks on SM8250 (git-fixes).
  * drm/msm/dpu: link DSPP_2/_3 blocks on SM8350 (git-fixes).
  * drm/msm/dpu: link DSPP_2/_3 blocks on SM8550 (git-fixes).
  * drm/msm: Check return value of of_dma_configure() (git-fixes).
  * drm/msm: do not clean up priv->kms prematurely (git-fixes).
  * drm/rcar-du: dsi: Fix PHY lock bit check (git-fixes).
  * drm/rockchip: cdn-dp: Use drm_connector_helper_hpd_irq_event() (git-fixes).
  * drm/rockchip: move output interface related definition to rockchip_drm_drv.h
    (stable-fixes).
  * drm/rockchip: vop2: Check linear format for Cluster windows on rk3566/8
    (git-fixes).
  * drm/rockchip: vop2: Fix cluster windows alpha ctrl regsiters offset (git-
    fixes).
  * drm/rockchip: vop2: Fix the mixer alpha setup for layer 0 (git-fixes).
  * drm/rockchip: vop2: Fix the windows switch between different layers (git-
    fixes).
  * drm/rockchip: vop2: Set YUV/RGB overlay mode (stable-fixes).
  * drm/rockchip: vop2: include rockchip_drm_drv.h (git-fixes).
  * drm/rockchip: vop2: set bg dly and prescan dly at vop2_post_config (stable-
    fixes).
  * drm/tidss: Clear the interrupt status for interrupts being disabled (git-
    fixes).
  * drm/tidss: Fix issue in irq handling causing irq-flood issue (git-fixes).
  * drm/v3d: Assign job pointer to NULL before signaling the fence (git-fixes).
  * drm/v3d: Stop active perfmon if it is being destroyed (git-fixes).
  * fbdev: omapfb: Fix an OF node leak in dss_of_port_get_parent_device() (git-
    fixes).
  * firmware: iscsi_ibft: fix ISCSI_IBFT Kconfig entry (git-fixes).
  * futex: Do not include process MM in futex key on no-MMU (git-fixes).
  * genirq: Make handle_enforce_irqctx() unconditionally available (git-fixes).
  * genksyms: fix memory leak when the same symbol is added from source (git-
    fixes).
  * genksyms: fix memory leak when the same symbol is read from *.symref file
    (git-fixes).
  * gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (git-fixes).
  * gpio: mxc: remove dead code after switch to DT-only (git-fixes).
  * gpio: pca953x: Improve interrupt support (git-fixes).
  * gpu: drm_dp_cec: fix broken CEC adapter properties check (git-fixes).
  * gtp: Use for_each_netdev_rcu() in gtp_genl_dump_pdp() (git-fixes).
  * hwmon: (drivetemp) Set scsi command timeout to 10s (stable-fixes).
  * hyperv: Do not overlap the hvcall IO areas in get_vtl() (git-fixes).
  * ibmvnic: Free any outstanding tx skbs during scrq reset (bsc#1226980).
  * iio: adc: ad_sigma_delta: Handle CS assertion as intended in
    ad_sd_read_reg_raw() (git-fixes).
  * iio: iio-mux: kzalloc instead of devm_kzalloc to ensure page alignment (git-
    fixes).
  * iio: light: as73211: fix channel handling in only-color triggered buffer
    (git-fixes).
  * intel_th: core: fix kernel-doc warnings (git-fixes).
  * ipmi: ipmb: Add check devm_kasprintf() returned value (git-fixes).
  * ipmi: ssif_bmc: Fix new request loss when bmc ready for a response (git-
    fixes).
  * kconfig: fix file name in warnings when loading KCONFIG_DEFCONFIG_LIST (git-
    fixes).
  * kheaders: Ignore silly-rename files (stable-fixes).
  * ktest.pl: Avoid false positives with grub2 skip regex (stable-fixes).
  * ktest.pl: Check kernelrelease return in get_version (git-fixes).
  * ktest.pl: Fix typo "accesing" (git-fixes).
  * ktest.pl: Fix typo in comment (git-fixes).
  * ktest.pl: Remove unused declarations in run_bisect_test function (git-
    fixes).
  * ktest: force $buildonly = 1 for 'make_warnings_file' test type (stable-
    fixes).
  * landlock: Handle weird files (git-fixes).
  * latencytop: use correct kernel-doc format for func params (git-fixes).
  * leds: lp8860: Write full EEPROM, not only half of it (git-fixes).
  * leds: netxbig: Fix an OF node reference leak in netxbig_leds_get_of_pdata()
    (git-fixes).
  * lib/inflate.c: remove dead code (git-fixes).
  * lockdep: fix deadlock issue between lockdep and rcu (git-fixes).
  * locking/lockdep: Avoid creating new name string literals in
    lockdep_set_subclass() (git-fixes).
  * locking/rwsem: Add __always_inline annotation to __down_write_common() and
    inlined callers (git-fixes).
  * mac802154: check local interfaces before deleting sdata list (stable-fixes).
  * mailbox: tegra-hsp: Clear mailbox before using message (git-fixes).
  * maple_tree: simplify split calculation (git-fixes).
  * media: camif-core: Add check for clk_enable() (git-fixes).
  * media: ccs: Clean up parsed CCS static data on parse failure (git-fixes).
  * media: ccs: Fix CCS static data parsing for large block sizes (git-fixes).
  * media: ccs: Fix cleanup order in ccs_probe() (git-fixes).
  * media: dvb-usb-v2: af9035: fix ISO C90 compilation error on
    af9035_i2c_master_xfer (git-fixes).
  * media: dvb: mb86a16: check the return value of mb86a16_read() (git-fixes).
  * media: firewire: firedtv-avc.c: replace BUG with proper, error return (git-
    fixes).
  * media: i2c: imx412: Add missing newline to prints (git-fixes).
  * media: i2c: ov9282: Correct the exposure offset (git-fixes).
  * media: imx-jpeg: Fix potential error pointer dereference in detach_pm()
    (git-fixes).
  * media: imx296: Add standby delay during probe (git-fixes).
  * media: lmedm04: Handle errors for lme2510_int_read (git-fixes).
  * media: marvell: Add check for clk_enable() (git-fixes).
  * media: mc: fix endpoint iteration (git-fixes).
  * media: mipi-csis: Add check for clk_enable() (git-fixes).
  * media: nxp: imx8-isi: fix v4l2-compliance test errors (git-fixes).
  * media: ov08x40: Fix hblank out of range issue (git-fixes).
  * media: ov5640: fix get_light_freq on auto (git-fixes).
  * media: rc: iguanair: handle timeouts (git-fixes).
  * media: rkisp1: Fix unused value issue (git-fixes).
  * media: uvcvideo: Fix crash during unbind if gpio unit is in use (git-fixes).
  * media: uvcvideo: Fix double free in error path (git-fixes).
  * media: uvcvideo: Fix event flags in uvc_ctrl_send_events (git-fixes).
  * media: uvcvideo: Only save async fh if success (git-fixes).
  * media: uvcvideo: Propagate buf->error to userspace (git-fixes).
  * media: uvcvideo: Remove dangling pointers (git-fixes).
  * media: uvcvideo: Remove redundant NULL assignment (git-fixes).
  * media: uvcvideo: Support partial control reads (git-fixes).
  * memory: tegra20-emc: fix an OF node reference bug in
    tegra_emc_find_node_by_ram_code() (git-fixes).
  * misc: fastrpc: Deregister device nodes properly in error scenarios (git-
    fixes).
  * misc: fastrpc: Fix copy buffer page size (git-fixes).
  * misc: fastrpc: Fix registered buffer page address (git-fixes).
  * misc: misc_minor_alloc to use ida for all dynamic/misc dynamic minors (git-
    fixes).
  * mm/compaction: fix UBSAN shift-out-of-bounds warning (git fixes
    (mm/compaction)).
  * mm/rodata_test: use READ_ONCE() to read const variable (git-fixes).
  * mptcp: fix recvbuffer adjust on sleeping rcvmsg (git-fixes)
  * mtd: onenand: Fix uninitialized retlen in do_otp_read() (git-fixes).
  * mtd: spinand: Remove write_enable_op() in markbad() (git-fixes).
  * net/rose: prevent integer overflows in rose_setsockopt() (git-fixes).
  * net: mana: Add get_link and get_link_ksettings in ethtool (bsc#1236761).
  * net: mana: Cleanup "mana" debugfs dir after cleanup of all children
    (bsc#1236760).
  * net: mana: Enable debugfs files for MANA device (bsc#1236758).
  * net: netvsc: Update default VMBus channels (bsc#1236757).
  * net: phy: c45-tjaxx: add delay between MDIO write and read in soft_reset
    (git-fixes).
  * net: rose: fix timer races against user threads (git-fixes).
  * net: usb: rtl8150: enable basic endpoint checking (git-fixes).
  * netfilter: nf_tables: validate family when identifying table via handle
    (bsc#1233778 ZDI-24-1454).
  * nilfs2: fix possible int overflows in nilfs_fiemap() (git-fixes).
  * nvme-tcp: Fix I/O queue cpu spreading for multiple controllers (git-fixes).
  * nvme: Add error check for xa_store in nvme_get_effects_log (git-fixes).
  * nvme: Add error path for xa_store in nvme_init_effects (git-fixes).
  * nvme: fix bogus kzalloc() return check in nvme_init_effects_log() (git-
    fixes).
  * nvmet: propagate npwg topology (git-fixes).
  * padata: add pd get/put refcnt helper (git-fixes).
  * padata: avoid UAF for reorder_work (git-fixes).
  * padata: fix UAF in padata_reorder (git-fixes).
  * pinctrl: amd: Take suspend type into consideration which pins are non-wake
    (git-fixes).
  * pinctrl: samsung: fix fwnode refcount cleanup if platform_get_irq_optional()
    fails (git-fixes).
  * pm:cpupower: Add missing powercap_set_enabled() stub function (git-fixes).
  * power: ip5xxx_power: Fix return value on ADC read errors (git-fixes).
  * powerpc/pseries/eeh: Fix get PE state translation (bsc#1215199).
  * pps: add an error check in parport_attach (git-fixes).
  * pps: remove usage of the deprecated ida_simple_xx() API (stable-fixes).
  * printk: Add is_printk_legacy_deferred() (bsc#1236733).
  * printk: Defer legacy printing when holding printk_cpu_sync (bsc#1236733).
  * pwm: stm32-lp: Add check for clk_enable() (git-fixes).
  * pwm: stm32: Add check for clk_enable() (git-fixes).
  * r8169: enable SG/TSO on selected chip versions per default (bsc#1235874).
  * rcu-tasks: Pull sampling of ->percpu_dequeue_lim out of loop (git-fixes)
  * rcu/tree: Defer setting of jiffies during stall reset (git-fixes)
  * rcu: Dump memory object info if callback function is invalid (git-fixes)
  * rcu: Eliminate rcu_gp_slow_unregister() false positive (git-fixes)
  * rcuscale: Move rcu_scale_writer() (git-fixes)
  * rdma/cxgb4: Prevent potential integer overflow on 32bit (git-fixes)
  * regulator: core: Add missing newline character (git-fixes).
  * regulator: of: Implement the unwind path of of_regulator_match() (git-
    fixes).
  * remoteproc: core: Fix ida_free call while not allocated (git-fixes).
  * rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read (git-fixes).
  * rtc: zynqmp: Fix optional clock name property (git-fixes).
  * samples/landlock: Fix possible NULL dereference in parse_path() (git-fixes).
  * sched/fair: Fix value reported by hot tasks pulled in /proc/schedstat
    (bsc#1235865).
  * sched/fair: Fix value reported by hot tasks pulled in /proc/schedstat -kabi
    (bsc#1235865).
  * scsi: storvsc: Ratelimit warning logs to prevent VM denial of service (git-
    fixes).
  * seccomp: Stub for !CONFIG_SECCOMP (stable-fixes).
  * selftest: media_tests: fix trivial UAF typo (git-fixes).
  * selftests/alsa: Fix circular dependency involving global-timer (stable-
    fixes).
  * selftests/futex: pass _GNU_SOURCE without a value to the compiler (git-
    fixes).
  * selftests/landlock: Fix error message (git-fixes).
  * selftests/mm/cow: modify the incorrect checking parameters (git-fixes).
  * selftests/powerpc: Fix argument order to timer_sub() (git-fixes).
  * selftests: harness: fix printing of mismatch values in __EXPECT() (git-
    fixes).
  * selftests: tc-testing: reduce rshift value (stable-fixes).
  * selftests: timers: clocksource-switch: Adapt progress to kselftest framework
    (git-fixes).
  * selinux: Fix SCTP error inconsistency in selinux_socket_bind() (git-fixes).
  * serial: 8250: Adjust the timeout for FIFO mode (git-fixes).
  * serial: sc16is7xx: use device_property APIs when configuring irda mode
    (stable-fixes).
  * serial: sh-sci: Do not probe the serial port if its slot in sci_ports[] is
    in use (git-fixes).
  * serial: sh-sci: Drop __initdata macro for port_cfg (git-fixes).
  * soc: atmel: fix device_node release in atmel_soc_device_init() (git-fixes).
  * soc: mediatek: mtk-devapc: Fix leaking IO map on error paths (git-fixes).
  * soc: qcom: smem: introduce qcom_smem_get_soc_id() (git-fixes).
  * soc: qcom: smem_state: fix missing of_node_put in error path (git-fixes).
  * soc: qcom: socinfo: Avoid out of bounds read of serial number (git-fixes).
  * soc: qcom: socinfo: move SMEM item struct and defines to a header (git-
    fixes).
  * spi: zynq-qspi: Add check for clk_enable() (git-fixes).
  * srcu: Fix srcu_struct node grpmask overflow on 64-bit systems (git-fixes)
  * srcu: Only accelerate on enqueue time (git-fixes)
  * staging: media: imx: fix OF node leak in imx_media_add_of_subdevs() (git-
    fixes).
  * staging: media: max96712: fix kernel oops when removing module (git-fixes).
  * tools: Sync if_xdp.h uapi tooling header (git-fixes).
  * tty: xilinx_uartps: split sysrq handling (git-fixes).
  * ubifs: skip dumping tnc tree when zroot is null (git-fixes).
  * uio: Fix return value of poll (git-fixes).
  * uio: uio_dmem_genirq: check the return value of devm_kasprintf() (git-
    fixes).
  * usb: chipidea: ci_hdrc_imx: decrement device's refcount in .remove() and in
    the error path of .probe() (git-fixes).
  * usb: dwc3-am62: Fix an OF node leak in phy_syscon_pll_refclk() (git-fixes).
  * usb: gadget: f_tcm: Decrement command ref count on cleanup (git-fixes).
  * usb: gadget: f_tcm: Do not free command immediately (git-fixes).
  * usb: gadget: f_tcm: Do not prepare BOT write request twice (git-fixes).
  * usb: gadget: f_tcm: Fix Get/SetInterface return value (git-fixes).
  * usb: gadget: f_tcm: Translate error to sense (git-fixes).
  * usb: gadget: f_tcm: ep_autoconfig with fullspeed endpoint (git-fixes).
  * usb: host: xhci-plat: Assign shared_hcd->rsrc_start (git-fixes).
  * usb: typec: fix pm usage counter imbalance in ucsi_ccg_sync_control()
    (bsc#1235001)
  * usb: typec: tcpm: set SRC_SEND_CAPABILITIES timeout to PD_T_SENDER_RESPONSE
    (git-fixes).
  * usbnet: ipheth: break up NCM header size computation (git-fixes).
  * usbnet: ipheth: check that DPE points past NCM header (git-fixes).
  * usbnet: ipheth: fix DPE OoB read (git-fixes).
  * usbnet: ipheth: fix possible overflow in DPE length check (git-fixes).
  * usbnet: ipheth: refactor NCM datagram loop (git-fixes).
  * usbnet: ipheth: use static NDP16 location in URB (git-fixes).
  * vfio/pci: Lock external INTx masking ops (bsc#1222803).
  * virtio-mem: check if the config changed before fake offlining memory (git-
    fixes).
  * virtio-mem: convert most offline_and_remove_memory() errors to -EBUSY (git-
    fixes).
  * virtio-mem: keep retrying on offline_and_remove_memory() errors in Sub Block
    Mode (SBM) (git-fixes).
  * virtio-mem: remove unsafe unplug in Big Block Mode (BBM) (git-fixes).
  * vsock/virtio: cancel close work in the destructor (git-fixes)
  * vsock: Keep the binding until socket destruction (git-fixes)
  * vsock: reset socket state when de-assigning the transport (git-fixes)
  * wifi: ath11k: Fix unexpected return buffer manager error for WCN6750/WCN6855
    (git-fixes).
  * wifi: ath11k: cleanup struct ath11k_mon_data (git-fixes).
  * wifi: ath12k: fix tx power, max reg power update to firmware (git-fixes).
  * wifi: brcmfmac: add missing header include for brcmf_dbg (git-fixes).
  * wifi: cfg80211: adjust allocation of colocated AP data (git-fixes).
  * wifi: iwlwifi: fw: read STEP table from correct UEFI var (git-fixes).
  * wifi: mac80211: Fix common size calculation for ML element (git-fixes).
  * wifi: mac80211: do not flush non-uploaded STAs (git-fixes).
  * wifi: mac80211: fix tid removal during mesh forwarding (git-fixes).
  * wifi: mac80211: prohibit deactivating all links (git-fixes).
  * wifi: mt76: connac: move mt7615_mcu_del_wtbl_all to connac (stable-fixes).
  * wifi: mt76: mt76u_vendor_request: Do not print error messages when -EPROTO
    (git-fixes).
  * wifi: mt76: mt7915: Fix mesh scan on MT7916 DBDC (git-fixes).
  * wifi: mt76: mt7915: add module param to select 5 GHz or 6 GHz on MT7916
    (git-fixes).
  * wifi: mt76: mt7915: firmware restart on devices with a second pcie link
    (git-fixes).
  * wifi: mt76: mt7915: fix omac index assignment after hardware reset (git-
    fixes).
  * wifi: mt76: mt7915: fix overflows seen when writing limit attributes (git-
    fixes).
  * wifi: mt76: mt7915: fix register mapping (git-fixes).
  * wifi: mt76: mt7915: improve hardware restart reliability (stable-fixes).
  * wifi: mt76: mt7921: fix using incorrect group cipher after disconnection
    (git-fixes).
  * wifi: mt76: mt7925: fix off by one in mt7925_load_clc() (git-fixes).
  * wifi: mt76: mt7996: add max mpdu len capability (git-fixes).
  * wifi: mt76: mt7996: fix HE Phy capability (git-fixes).
  * wifi: mt76: mt7996: fix definition of tx descriptor (git-fixes).
  * wifi: mt76: mt7996: fix incorrect indexing of MIB FW event (git-fixes).
  * wifi: mt76: mt7996: fix ldpc setting (git-fixes).
  * wifi: mt76: mt7996: fix overflows seen when writing limit attributes (git-
    fixes).
  * wifi: mt76: mt7996: fix register mapping (git-fixes).
  * wifi: mt76: mt7996: fix rx filter setting for bfee functionality (git-
    fixes).
  * wifi: mt76: mt7996: fix the capability of reception of EHT MU PPDU (git-
    fixes).
  * wifi: rtlwifi: destroy workqueue at rtl_deinit_core (git-fixes).
  * wifi: rtlwifi: do not complete firmware loading needlessly (git-fixes).
  * wifi: rtlwifi: fix init_sw_vars leak when probe fails (git-fixes).
  * wifi: rtlwifi: fix memory leaks and invalid access at probe error path (git-
    fixes).
  * wifi: rtlwifi: pci: wait for firmware loading before releasing memory (git-
    fixes).
  * wifi: rtlwifi: remove unused check_buddy_priv (git-fixes).
  * wifi: rtlwifi: rtl8192se: rise completion of firmware loading as last step
    (git-fixes).
  * wifi: rtlwifi: rtl8821ae: Fix media status report (git-fixes).
  * wifi: rtlwifi: rtl8821ae: phy: restore removed code to fix infinite loop
    (git-fixes).
  * wifi: rtlwifi: usb: fix workqueue leak when probe fails (git-fixes).
  * wifi: rtlwifi: wait for firmware loading before releasing memory (git-
    fixes).
  * wifi: rtw89: mcc: consider time limits not divisible by 1024 (git-fixes).
  * wifi: wcn36xx: fix channel survey memory allocation size (git-fixes).
  * wifi: wlcore: fix unbalanced pm_runtime calls (git-fixes).
  * workqueue: Add rcu lock check at the end of work item execution
    (bsc#1236732).
  * xfs: Add error handling for xfs_reflink_cancel_cow_range (git-fixes).
  * xfs: Propagate errors from xfs_reflink_cancel_cow_range in
    xfs_dax_write_iomap_end (git-fixes).

## Special Instructions and Notes:

  * Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * Confidential Computing Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Confidential-Computing-15-SP6-2025-564=1

## Package List:

  * Confidential Computing Module 15-SP6 (nosrc x86_64)
    * kernel-coco-6.4.0-15061.15.coco15sp6.1
    * kernel-coco_debug-6.4.0-15061.15.coco15sp6.1
  * Confidential Computing Module 15-SP6 (x86_64)
    * kernel-coco-debuginfo-6.4.0-15061.15.coco15sp6.1
    * kernel-coco_debug-debugsource-6.4.0-15061.15.coco15sp6.1
    * kernel-coco_debug-devel-6.4.0-15061.15.coco15sp6.1
    * reiserfs-kmp-coco-debuginfo-6.4.0-15061.15.coco15sp6.1
    * kernel-coco-vdso-debuginfo-6.4.0-15061.15.coco15sp6.1
    * kernel-coco-devel-6.4.0-15061.15.coco15sp6.1
    * reiserfs-kmp-coco-6.4.0-15061.15.coco15sp6.1
    * kernel-syms-coco-6.4.0-15061.15.coco15sp6.1
    * kernel-coco_debug-devel-debuginfo-6.4.0-15061.15.coco15sp6.1
    * kernel-coco-debugsource-6.4.0-15061.15.coco15sp6.1
    * kernel-coco_debug-debuginfo-6.4.0-15061.15.coco15sp6.1
  * Confidential Computing Module 15-SP6 (noarch)
    * kernel-devel-coco-6.4.0-15061.15.coco15sp6.1
    * kernel-source-coco-6.4.0-15061.15.coco15sp6.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-40980.html
  * https://www.suse.com/security/cve/CVE-2024-46858.html
  * https://www.suse.com/security/cve/CVE-2024-49948.html
  * https://www.suse.com/security/cve/CVE-2024-49978.html
  * https://www.suse.com/security/cve/CVE-2024-50142.html
  * https://www.suse.com/security/cve/CVE-2024-50251.html
  * https://www.suse.com/security/cve/CVE-2024-50258.html
  * https://www.suse.com/security/cve/CVE-2024-50304.html
  * https://www.suse.com/security/cve/CVE-2024-53123.html
  * https://www.suse.com/security/cve/CVE-2024-53187.html
  * https://www.suse.com/security/cve/CVE-2024-53203.html
  * https://www.suse.com/security/cve/CVE-2024-56592.html
  * https://www.suse.com/security/cve/CVE-2024-56600.html
  * https://www.suse.com/security/cve/CVE-2024-56601.html
  * https://www.suse.com/security/cve/CVE-2024-56608.html
  * https://www.suse.com/security/cve/CVE-2024-56610.html
  * https://www.suse.com/security/cve/CVE-2024-56633.html
  * https://www.suse.com/security/cve/CVE-2024-56650.html
  * https://www.suse.com/security/cve/CVE-2024-56658.html
  * https://www.suse.com/security/cve/CVE-2024-56665.html
  * https://www.suse.com/security/cve/CVE-2024-56679.html
  * https://www.suse.com/security/cve/CVE-2024-56693.html
  * https://www.suse.com/security/cve/CVE-2024-56707.html
  * https://www.suse.com/security/cve/CVE-2024-56715.html
  * https://www.suse.com/security/cve/CVE-2024-56725.html
  * https://www.suse.com/security/cve/CVE-2024-56726.html
  * https://www.suse.com/security/cve/CVE-2024-56727.html
  * https://www.suse.com/security/cve/CVE-2024-56728.html
  * https://www.suse.com/security/cve/CVE-2024-56763.html
  * https://www.suse.com/security/cve/CVE-2024-57802.html
  * https://www.suse.com/security/cve/CVE-2024-57882.html
  * https://www.suse.com/security/cve/CVE-2024-57884.html
  * https://www.suse.com/security/cve/CVE-2024-57917.html
  * https://www.suse.com/security/cve/CVE-2024-57931.html
  * https://www.suse.com/security/cve/CVE-2024-57938.html
  * https://www.suse.com/security/cve/CVE-2024-57946.html
  * https://www.suse.com/security/cve/CVE-2025-21652.html
  * https://www.suse.com/security/cve/CVE-2025-21653.html
  * https://www.suse.com/security/cve/CVE-2025-21655.html
  * https://www.suse.com/security/cve/CVE-2025-21663.html
  * https://www.suse.com/security/cve/CVE-2025-21664.html
  * https://www.suse.com/security/cve/CVE-2025-21665.html
  * https://www.suse.com/security/cve/CVE-2025-21666.html
  * https://www.suse.com/security/cve/CVE-2025-21667.html
  * https://www.suse.com/security/cve/CVE-2025-21668.html
  * https://www.suse.com/security/cve/CVE-2025-21669.html
  * https://www.suse.com/security/cve/CVE-2025-21670.html
  * https://www.suse.com/security/cve/CVE-2025-21673.html
  * https://www.suse.com/security/cve/CVE-2025-21674.html
  * https://www.suse.com/security/cve/CVE-2025-21675.html
  * https://www.suse.com/security/cve/CVE-2025-21676.html
  * https://www.suse.com/security/cve/CVE-2025-21678.html
  * https://www.suse.com/security/cve/CVE-2025-21681.html
  * https://www.suse.com/security/cve/CVE-2025-21682.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1215199
  * https://bugzilla.suse.com/show_bug.cgi?id=1222803
  * https://bugzilla.suse.com/show_bug.cgi?id=1224049
  * https://bugzilla.suse.com/show_bug.cgi?id=1226980
  * https://bugzilla.suse.com/show_bug.cgi?id=1227937
  * https://bugzilla.suse.com/show_bug.cgi?id=1231088
  * https://bugzilla.suse.com/show_bug.cgi?id=1232101
  * https://bugzilla.suse.com/show_bug.cgi?id=1232161
  * https://bugzilla.suse.com/show_bug.cgi?id=1233028
  * https://bugzilla.suse.com/show_bug.cgi?id=1233221
  * https://bugzilla.suse.com/show_bug.cgi?id=1233248
  * https://bugzilla.suse.com/show_bug.cgi?id=1233522
  * https://bugzilla.suse.com/show_bug.cgi?id=1233778
  * https://bugzilla.suse.com/show_bug.cgi?id=1234070
  * https://bugzilla.suse.com/show_bug.cgi?id=1234683
  * https://bugzilla.suse.com/show_bug.cgi?id=1234693
  * https://bugzilla.suse.com/show_bug.cgi?id=1234947
  * https://bugzilla.suse.com/show_bug.cgi?id=1235001
  * https://bugzilla.suse.com/show_bug.cgi?id=1235217
  * https://bugzilla.suse.com/show_bug.cgi?id=1235230
  * https://bugzilla.suse.com/show_bug.cgi?id=1235244
  * https://bugzilla.suse.com/show_bug.cgi?id=1235390
  * https://bugzilla.suse.com/show_bug.cgi?id=1235418
  * https://bugzilla.suse.com/show_bug.cgi?id=1235430
  * https://bugzilla.suse.com/show_bug.cgi?id=1235441
  * https://bugzilla.suse.com/show_bug.cgi?id=1235485
  * https://bugzilla.suse.com/show_bug.cgi?id=1235487
  * https://bugzilla.suse.com/show_bug.cgi?id=1235489
  * https://bugzilla.suse.com/show_bug.cgi?id=1235498
  * https://bugzilla.suse.com/show_bug.cgi?id=1235545
  * https://bugzilla.suse.com/show_bug.cgi?id=1235578
  * https://bugzilla.suse.com/show_bug.cgi?id=1235582
  * https://bugzilla.suse.com/show_bug.cgi?id=1235583
  * https://bugzilla.suse.com/show_bug.cgi?id=1235612
  * https://bugzilla.suse.com/show_bug.cgi?id=1235638
  * https://bugzilla.suse.com/show_bug.cgi?id=1235656
  * https://bugzilla.suse.com/show_bug.cgi?id=1235686
  * https://bugzilla.suse.com/show_bug.cgi?id=1235865
  * https://bugzilla.suse.com/show_bug.cgi?id=1235874
  * https://bugzilla.suse.com/show_bug.cgi?id=1235914
  * https://bugzilla.suse.com/show_bug.cgi?id=1235941
  * https://bugzilla.suse.com/show_bug.cgi?id=1235948
  * https://bugzilla.suse.com/show_bug.cgi?id=1236127
  * https://bugzilla.suse.com/show_bug.cgi?id=1236160
  * https://bugzilla.suse.com/show_bug.cgi?id=1236161
  * https://bugzilla.suse.com/show_bug.cgi?id=1236163
  * https://bugzilla.suse.com/show_bug.cgi?id=1236182
  * https://bugzilla.suse.com/show_bug.cgi?id=1236192
  * https://bugzilla.suse.com/show_bug.cgi?id=1236245
  * https://bugzilla.suse.com/show_bug.cgi?id=1236247
  * https://bugzilla.suse.com/show_bug.cgi?id=1236260
  * https://bugzilla.suse.com/show_bug.cgi?id=1236262
  * https://bugzilla.suse.com/show_bug.cgi?id=1236628
  * https://bugzilla.suse.com/show_bug.cgi?id=1236680
  * https://bugzilla.suse.com/show_bug.cgi?id=1236681
  * https://bugzilla.suse.com/show_bug.cgi?id=1236682
  * https://bugzilla.suse.com/show_bug.cgi?id=1236683
  * https://bugzilla.suse.com/show_bug.cgi?id=1236684
  * https://bugzilla.suse.com/show_bug.cgi?id=1236685
  * https://bugzilla.suse.com/show_bug.cgi?id=1236688
  * https://bugzilla.suse.com/show_bug.cgi?id=1236689
  * https://bugzilla.suse.com/show_bug.cgi?id=1236694
  * https://bugzilla.suse.com/show_bug.cgi?id=1236696
  * https://bugzilla.suse.com/show_bug.cgi?id=1236698
  * https://bugzilla.suse.com/show_bug.cgi?id=1236702
  * https://bugzilla.suse.com/show_bug.cgi?id=1236703
  * https://bugzilla.suse.com/show_bug.cgi?id=1236732
  * https://bugzilla.suse.com/show_bug.cgi?id=1236733
  * https://bugzilla.suse.com/show_bug.cgi?id=1236757
  * https://bugzilla.suse.com/show_bug.cgi?id=1236758
  * https://bugzilla.suse.com/show_bug.cgi?id=1236759
  * https://bugzilla.suse.com/show_bug.cgi?id=1236760
  * https://bugzilla.suse.com/show_bug.cgi?id=1236761
  * https://jira.suse.com/browse/PED-12094
  * https://jira.suse.com/browse/PED-7242

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250217/0ff2f262/attachment.htm>

From null at suse.de  Tue Feb 18 08:30:07 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Tue, 18 Feb 2025 08:30:07 -0000
Subject: SUSE-SU-2025:0569-1: moderate: Security update for ucode-intel
Message-ID: <173986740789.21560.6232814234805119506@smelt2.prg2.suse.org>



# Security update for ucode-intel

Announcement ID: SUSE-SU-2025:0569-1  
Release Date: 2025-02-18T06:43:36Z  
Rating: moderate  
References:

  * bsc#1237096

  
Cross-References:

  * CVE-2024-31068
  * CVE-2024-36293
  * CVE-2024-37020
  * CVE-2024-39355

  
CVSS scores:

  * CVE-2024-31068 ( SUSE ):  5.6
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-31068 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H
  * CVE-2024-31068 ( NVD ):  5.6
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2024-31068 ( NVD ):  5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H
  * CVE-2024-36293 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-36293 ( SUSE ):  6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
  * CVE-2024-36293 ( NVD ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2024-36293 ( NVD ):  6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
  * CVE-2024-37020 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-37020 ( SUSE ):  3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L
  * CVE-2024-37020 ( NVD ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2024-37020 ( NVD ):  3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L
  * CVE-2024-37020 ( NVD ):  3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L
  * CVE-2024-39355 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-39355 ( SUSE ):  6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
  * CVE-2024-39355 ( NVD ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2024-39355 ( NVD ):  6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves four vulnerabilities can now be installed.

## Description:

This update for ucode-intel fixes the following issues:

  * Intel CPU Microcode was updated to the 20250211 release (bsc#1237096)

  * CVE-2024-31068: Improper Finite State Machines (FSMs) in Hardware Logic for
    some Intel Processors may allow privileged user to potentially enable denial
    of service via local access.

  * CVE-2024-36293: A potential security vulnerability in some Intel Software
    Guard Extensions (Intel SGX) Platforms may allow denial of service. Intel is
    releasing microcode updates to mitigate this potential vulnerability.
  * CVE-2024-39355: A potential security vulnerability in some 13th and 14th
    Generation Intel Core Processors may allow denial of service. Intel is
    releasing microcode and UEFI reference code updates to mitigate this
    potential vulnerability.
  * CVE-2024-37020: A potential security vulnerability in the Intel Data
    Streaming Accelerator (Intel DSA) for some Intel Xeon Processors may allow
    denial of service. Intel is releasing software updates to mitigate this
    potential vulnerability.

New Platforms | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:--------- |
SRF-SP | C0 | 06-af-03/01 | | 03000330 | Xeon 6700-Series Processors with
E-Cores ### Updated Platforms | Processor | Stepping | F-M-S/PI | Old Ver | New
Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:--------- |
ADL | C0 | 06-97-02/07 | 00000037 | 00000038 | Core Gen12 | ADL | H0 |
06-97-05/07 | 00000037 | 00000038 | Core Gen12 | ADL | L0 | 06-9a-03/80 |
00000435 | 00000436 | Core Gen12 | ADL | R0 | 06-9a-04/80 | 00000435 | 00000436
| Core Gen12 | ADL-N | N0 | 06-be-00/19 | 0000001a | 0000001c | Core
i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E | AZB | A0/R0 |
06-9a-04/40 | 00000007 | 00000009 | Intel(R) Atom(R) C1100 | CFL-H | R0 |
06-9e-0d/22 | 00000100 | 00000102 | Core Gen9 Mobile | CFL-H/S/E3 | U0 |
06-9e-0a/22 | 000000f8 | 000000fa | Core Gen8 Desktop, Mobile, Xeon E | EMR-SP |
A0 | 06-cf-01/87 | 21000283 | 21000291 | Xeon Scalable Gen5 | EMR-SP | A1 |
06-cf-02/87 | 21000283 | 21000291 | Xeon Scalable Gen5 | ICL-D | B0 |
06-6c-01/10 | 010002b0 | 010002c0 | Xeon D-17xx, D-27xx | ICX-SP | Dx/M1 |
06-6a-06/87 | 0d0003e7 | 0d0003f5 | Xeon Scalable Gen3 | RPL-E/HX/S | B0 |
06-b7-01/32 | 0000012b | 0000012c | Core Gen13/Gen14 | RPL-H/P/PX 6+8 | J0 |
06-ba-02/e0 | 00004123 | 00004124 | Core Gen13 | RPL-HX/S | C0 | 06-bf-02/07 |
00000037 | 00000038 | Core Gen13/Gen14 | RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00004123
| 00004124 | Core Gen13 | RPL-S | H0 | 06-bf-05/07 | 00000037 | 00000038 | Core
Gen13/Gen14 | RKL-S | B0 | 06-a7-01/02 | 00000062 | 00000063 | Core Gen11 | SPR-
HBM | Bx | 06-8f-08/10 | 2c000390 | 2c0003e0 | Xeon Max | SPR-SP | E4/S2 |
06-8f-07/87 | 2b000603 | 2b000620 | Xeon Scalable Gen4 | SPR-SP | E5/S3 |
06-8f-08/87 | 2b000603 | 2b000620 | Xeon Scalable Gen4 | TWL | N0 | 06-be-00/19
| 0000001a | 0000001c | Core i3-N305/N300, N50/N97/N100/N200, Atom
x7211E/x7213E/x7425E ### New Disclosures Updated in Prior Releases | Processor |
Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:--------- |
CFL-H/S | P0 | 06-9e-0c/22 | 000000f6 | 000000f8 | Core Gen9

## Special Instructions and Notes:

  * Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-569=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-569=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * ucode-intel-debugsource-20250211-149.2
    * ucode-intel-20250211-149.2
    * ucode-intel-debuginfo-20250211-149.2
  * SUSE Linux Enterprise Server 12 SP5 LTSS (x86_64)
    * ucode-intel-debugsource-20250211-149.2
    * ucode-intel-20250211-149.2
    * ucode-intel-debuginfo-20250211-149.2

## References:

  * https://www.suse.com/security/cve/CVE-2024-31068.html
  * https://www.suse.com/security/cve/CVE-2024-36293.html
  * https://www.suse.com/security/cve/CVE-2024-37020.html
  * https://www.suse.com/security/cve/CVE-2024-39355.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237096

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250218/8acc70f9/attachment.htm>

From null at suse.de  Tue Feb 18 12:30:09 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Tue, 18 Feb 2025 12:30:09 -0000
Subject: SUSE-SU-2025:0574-1: important: Security update for emacs
Message-ID: <173988180981.21560.4077709017862392863@smelt2.prg2.suse.org>



# Security update for emacs

Announcement ID: SUSE-SU-2025:0574-1  
Release Date: 2025-02-18T09:36:24Z  
Rating: important  
References:

  * bsc#1237091

  
Cross-References:

  * CVE-2025-1244

  
CVSS scores:

  * CVE-2025-1244 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-1244 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1244 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for emacs fixes the following issues:

  * CVE-2025-1244: improper handling of custom "man" URI schemes allow for shell
    command injections. (bsc#1237091)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-574=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-574=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * emacs-nox-24.3-25.23.1
    * emacs-x11-24.3-25.23.1
    * emacs-debuginfo-24.3-25.23.1
    * etags-debuginfo-24.3-25.23.1
    * emacs-24.3-25.23.1
    * emacs-nox-debuginfo-24.3-25.23.1
    * etags-24.3-25.23.1
    * emacs-x11-debuginfo-24.3-25.23.1
    * emacs-debugsource-24.3-25.23.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch)
    * emacs-el-24.3-25.23.1
    * emacs-info-24.3-25.23.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * emacs-nox-24.3-25.23.1
    * emacs-x11-24.3-25.23.1
    * emacs-debuginfo-24.3-25.23.1
    * etags-debuginfo-24.3-25.23.1
    * emacs-24.3-25.23.1
    * emacs-nox-debuginfo-24.3-25.23.1
    * etags-24.3-25.23.1
    * emacs-x11-debuginfo-24.3-25.23.1
    * emacs-debugsource-24.3-25.23.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch)
    * emacs-el-24.3-25.23.1
    * emacs-info-24.3-25.23.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-1244.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237091

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250218/8cba03ed/attachment.htm>

From null at suse.de  Tue Feb 18 16:30:09 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Tue, 18 Feb 2025 16:30:09 -0000
Subject: SUSE-SU-2025:0583-1: important: Security update for openvswitch
Message-ID: <173989620955.21560.16800247193113308681@smelt2.prg2.suse.org>



# Security update for openvswitch

Announcement ID: SUSE-SU-2025:0583-1  
Release Date: 2025-02-18T15:02:50Z  
Rating: important  
References:

  * bsc#1236353

  
Cross-References:

  * CVE-2025-0650

  
CVSS scores:

  * CVE-2025-0650 ( SUSE ):  9.2
    CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-0650 ( SUSE ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0650 ( NVD ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.6
  * Server Applications Module 15-SP6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Package Hub 15 15-SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for openvswitch fixes the following issues:

  * CVE-2025-0650: ovn: egress ACLs may be bypassed via specially crafted UDP
    packet (bsc#1236353).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-583=1 openSUSE-SLE-15.6-2025-583=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-583=1

  * Server Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-583=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * openvswitch-debuginfo-3.1.0-150600.33.6.1
    * ovn-vtep-debuginfo-23.03.0-150600.33.6.1
    * ovn-host-debuginfo-23.03.0-150600.33.6.1
    * openvswitch-debugsource-3.1.0-150600.33.6.1
    * openvswitch-ipsec-3.1.0-150600.33.6.1
    * openvswitch-test-debuginfo-3.1.0-150600.33.6.1
    * openvswitch-test-3.1.0-150600.33.6.1
    * openvswitch-vtep-3.1.0-150600.33.6.1
    * ovn-23.03.0-150600.33.6.1
    * openvswitch-devel-3.1.0-150600.33.6.1
    * openvswitch-3.1.0-150600.33.6.1
    * ovn-vtep-23.03.0-150600.33.6.1
    * libopenvswitch-3_1-0-debuginfo-3.1.0-150600.33.6.1
    * python3-ovs-3.1.0-150600.33.6.1
    * ovn-central-23.03.0-150600.33.6.1
    * ovn-debuginfo-23.03.0-150600.33.6.1
    * libopenvswitch-3_1-0-3.1.0-150600.33.6.1
    * ovn-central-debuginfo-23.03.0-150600.33.6.1
    * openvswitch-pki-3.1.0-150600.33.6.1
    * libovn-23_03-0-23.03.0-150600.33.6.1
    * ovn-docker-23.03.0-150600.33.6.1
    * openvswitch-vtep-debuginfo-3.1.0-150600.33.6.1
    * libovn-23_03-0-debuginfo-23.03.0-150600.33.6.1
    * ovn-host-23.03.0-150600.33.6.1
    * ovn-devel-23.03.0-150600.33.6.1
  * openSUSE Leap 15.6 (noarch)
    * openvswitch-doc-3.1.0-150600.33.6.1
    * ovn-doc-23.03.0-150600.33.6.1
  * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64)
    * python3-ovs-3.1.0-150600.33.6.1
    * openvswitch-debuginfo-3.1.0-150600.33.6.1
    * openvswitch-debugsource-3.1.0-150600.33.6.1
  * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * openvswitch-debuginfo-3.1.0-150600.33.6.1
    * ovn-vtep-debuginfo-23.03.0-150600.33.6.1
    * ovn-host-debuginfo-23.03.0-150600.33.6.1
    * openvswitch-debugsource-3.1.0-150600.33.6.1
    * openvswitch-ipsec-3.1.0-150600.33.6.1
    * openvswitch-test-debuginfo-3.1.0-150600.33.6.1
    * openvswitch-test-3.1.0-150600.33.6.1
    * openvswitch-vtep-3.1.0-150600.33.6.1
    * ovn-23.03.0-150600.33.6.1
    * openvswitch-devel-3.1.0-150600.33.6.1
    * openvswitch-3.1.0-150600.33.6.1
    * ovn-vtep-23.03.0-150600.33.6.1
    * libopenvswitch-3_1-0-debuginfo-3.1.0-150600.33.6.1
    * python3-ovs-3.1.0-150600.33.6.1
    * ovn-central-23.03.0-150600.33.6.1
    * ovn-debuginfo-23.03.0-150600.33.6.1
    * libopenvswitch-3_1-0-3.1.0-150600.33.6.1
    * ovn-central-debuginfo-23.03.0-150600.33.6.1
    * openvswitch-pki-3.1.0-150600.33.6.1
    * libovn-23_03-0-23.03.0-150600.33.6.1
    * ovn-docker-23.03.0-150600.33.6.1
    * openvswitch-vtep-debuginfo-3.1.0-150600.33.6.1
    * libovn-23_03-0-debuginfo-23.03.0-150600.33.6.1
    * ovn-host-23.03.0-150600.33.6.1
    * ovn-devel-23.03.0-150600.33.6.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-0650.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236353

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250218/df9c509d/attachment.htm>

From null at suse.de  Tue Feb 18 16:30:12 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Tue, 18 Feb 2025 16:30:12 -0000
Subject: SUSE-SU-2025:0582-1: low: Security update for glibc
Message-ID: <173989621216.21560.1694327269986482363@smelt2.prg2.suse.org>



# Security update for glibc

Announcement ID: SUSE-SU-2025:0582-1  
Release Date: 2025-02-18T14:55:38Z  
Rating: low  
References:

  * bsc#1236282

  
Cross-References:

  * CVE-2025-0395

  
CVSS scores:

  * CVE-2025-0395 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-0395 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
  * CVE-2025-0395 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * Development Tools Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for glibc fixes the following issues:

  * CVE-2025-0395: Fix underallocation of abort_msg_s struct (bsc#1236282)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-582=1 SUSE-2025-582=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-582=1

  * Development Tools Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-582=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586 i686)
    * glibc-locale-base-debuginfo-2.38-150600.14.23.1
    * glibc-devel-debuginfo-2.38-150600.14.23.1
    * glibc-profile-2.38-150600.14.23.1
    * glibc-debugsource-2.38-150600.14.23.1
    * libnsl1-2.38-150600.14.23.1
    * libnsl1-debuginfo-2.38-150600.14.23.1
    * glibc-debuginfo-2.38-150600.14.23.1
    * glibc-locale-base-2.38-150600.14.23.1
    * glibc-devel-2.38-150600.14.23.1
    * glibc-devel-static-2.38-150600.14.23.1
    * glibc-locale-2.38-150600.14.23.1
    * glibc-2.38-150600.14.23.1
  * openSUSE Leap 15.6 (x86_64)
    * glibc-utils-32bit-debuginfo-2.38-150600.14.23.1
    * glibc-devel-32bit-2.38-150600.14.23.1
    * glibc-32bit-debuginfo-2.38-150600.14.23.1
    * libnsl1-32bit-2.38-150600.14.23.1
    * libnsl1-32bit-debuginfo-2.38-150600.14.23.1
    * glibc-locale-base-32bit-2.38-150600.14.23.1
    * glibc-locale-base-32bit-debuginfo-2.38-150600.14.23.1
    * glibc-profile-32bit-2.38-150600.14.23.1
    * glibc-devel-32bit-debuginfo-2.38-150600.14.23.1
    * glibc-32bit-2.38-150600.14.23.1
    * glibc-devel-static-32bit-2.38-150600.14.23.1
    * glibc-utils-32bit-2.38-150600.14.23.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * glibc-utils-debuginfo-2.38-150600.14.23.1
    * nscd-debuginfo-2.38-150600.14.23.1
    * nscd-2.38-150600.14.23.1
    * glibc-extra-2.38-150600.14.23.1
    * glibc-utils-2.38-150600.14.23.1
    * glibc-extra-debuginfo-2.38-150600.14.23.1
    * glibc-utils-src-debugsource-2.38-150600.14.23.1
  * openSUSE Leap 15.6 (noarch)
    * glibc-lang-2.38-150600.14.23.1
    * glibc-info-2.38-150600.14.23.1
    * glibc-i18ndata-2.38-150600.14.23.1
    * glibc-html-2.38-150600.14.23.1
  * openSUSE Leap 15.6 (aarch64_ilp32)
    * glibc-devel-static-64bit-2.38-150600.14.23.1
    * glibc-utils-64bit-debuginfo-2.38-150600.14.23.1
    * glibc-64bit-debuginfo-2.38-150600.14.23.1
    * libnsl1-64bit-debuginfo-2.38-150600.14.23.1
    * glibc-locale-base-64bit-debuginfo-2.38-150600.14.23.1
    * glibc-profile-64bit-2.38-150600.14.23.1
    * glibc-utils-64bit-2.38-150600.14.23.1
    * glibc-locale-base-64bit-2.38-150600.14.23.1
    * glibc-devel-64bit-2.38-150600.14.23.1
    * glibc-64bit-2.38-150600.14.23.1
    * libnsl1-64bit-2.38-150600.14.23.1
    * glibc-devel-64bit-debuginfo-2.38-150600.14.23.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * glibc-locale-base-debuginfo-2.38-150600.14.23.1
    * nscd-debuginfo-2.38-150600.14.23.1
    * glibc-devel-debuginfo-2.38-150600.14.23.1
    * glibc-profile-2.38-150600.14.23.1
    * glibc-debugsource-2.38-150600.14.23.1
    * nscd-2.38-150600.14.23.1
    * glibc-extra-2.38-150600.14.23.1
    * libnsl1-2.38-150600.14.23.1
    * libnsl1-debuginfo-2.38-150600.14.23.1
    * glibc-debuginfo-2.38-150600.14.23.1
    * glibc-locale-base-2.38-150600.14.23.1
    * glibc-extra-debuginfo-2.38-150600.14.23.1
    * glibc-devel-2.38-150600.14.23.1
    * glibc-locale-2.38-150600.14.23.1
    * glibc-2.38-150600.14.23.1
  * Basesystem Module 15-SP6 (noarch)
    * glibc-lang-2.38-150600.14.23.1
    * glibc-i18ndata-2.38-150600.14.23.1
    * glibc-info-2.38-150600.14.23.1
  * Basesystem Module 15-SP6 (x86_64)
    * glibc-32bit-debuginfo-2.38-150600.14.23.1
    * libnsl1-32bit-2.38-150600.14.23.1
    * libnsl1-32bit-debuginfo-2.38-150600.14.23.1
    * glibc-locale-base-32bit-2.38-150600.14.23.1
    * glibc-locale-base-32bit-debuginfo-2.38-150600.14.23.1
    * glibc-32bit-2.38-150600.14.23.1
  * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * glibc-utils-debuginfo-2.38-150600.14.23.1
    * glibc-debugsource-2.38-150600.14.23.1
    * glibc-debuginfo-2.38-150600.14.23.1
    * glibc-utils-2.38-150600.14.23.1
    * glibc-devel-static-2.38-150600.14.23.1
    * glibc-utils-src-debugsource-2.38-150600.14.23.1
  * Development Tools Module 15-SP6 (x86_64)
    * glibc-devel-32bit-2.38-150600.14.23.1
    * glibc-32bit-debuginfo-2.38-150600.14.23.1
    * glibc-devel-32bit-debuginfo-2.38-150600.14.23.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-0395.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236282

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250218/27ace40e/attachment.htm>

From null at suse.de  Tue Feb 18 16:30:14 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Tue, 18 Feb 2025 16:30:14 -0000
Subject: SUSE-SU-2025:0581-1: moderate: Security update for buildah
Message-ID: <173989621439.21560.542639065108505613@smelt2.prg2.suse.org>



# Security update for buildah

Announcement ID: SUSE-SU-2025:0581-1  
Release Date: 2025-02-18T14:54:18Z  
Rating: moderate  
References:

  * bsc#1236531

  
Cross-References:

  * CVE-2023-45288

  
CVSS scores:

  * CVE-2023-45288 ( SUSE ):  6.9
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2023-45288 ( SUSE ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

  
Affected Products:

  * Containers Module 15-SP6
  * openSUSE Leap 15.5
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for buildah fixes the following issues:

  * CVE-2023-45288: possible excessive CPU consumption due to no limit being set
    on the number of CONTINUATION frames read for an HTTP/2 request in
    golang.org/x/net/http2. (bsc#1236531)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-581=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-581=1

  * Containers Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-581=1

## Package List:

  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
    * buildah-1.35.5-150500.3.28.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * buildah-1.35.5-150500.3.28.1
  * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * buildah-1.35.5-150500.3.28.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-45288.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236531

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250218/5d964552/attachment.htm>

From null at suse.de  Tue Feb 18 16:30:16 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Tue, 18 Feb 2025 16:30:16 -0000
Subject: SUSE-SU-2025:0580-1: important: Security update for
 google-osconfig-agent
Message-ID: <173989621679.21560.2294868110055254949@smelt2.prg2.suse.org>



# Security update for google-osconfig-agent

Announcement ID: SUSE-SU-2025:0580-1  
Release Date: 2025-02-18T14:52:44Z  
Rating: important  
References:

  * bsc#1236560

  
Cross-References:

  * CVE-2024-45339

  
CVSS scores:

  * CVE-2024-45339 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-45339 ( SUSE ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
  * CVE-2024-45339 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

  
Affected Products:

  * Public Cloud Module 12
  * SUSE Linux Enterprise High Performance Computing 12 SP2
  * SUSE Linux Enterprise High Performance Computing 12 SP3
  * SUSE Linux Enterprise High Performance Computing 12 SP4
  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12
  * SUSE Linux Enterprise Server 12 SP1
  * SUSE Linux Enterprise Server 12 SP2
  * SUSE Linux Enterprise Server 12 SP3
  * SUSE Linux Enterprise Server 12 SP4
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server for SAP Applications 12
  * SUSE Linux Enterprise Server for SAP Applications 12 SP1
  * SUSE Linux Enterprise Server for SAP Applications 12 SP2
  * SUSE Linux Enterprise Server for SAP Applications 12 SP3
  * SUSE Linux Enterprise Server for SAP Applications 12 SP4
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for google-osconfig-agent fixes the following issues:

  * CVE-2024-45339: github.com/golang/glog: a privileged process' log file path
    can be easily predicted and used to overwrite other sensitive files in a
    system. (bsc#1236560)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * Public Cloud Module 12  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2025-580=1

## Package List:

  * Public Cloud Module 12 (aarch64 ppc64le s390x x86_64)
    * google-osconfig-agent-20250115.01-1.35.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-45339.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236560

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250218/53c989bf/attachment.htm>

From null at suse.de  Tue Feb 18 16:30:19 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Tue, 18 Feb 2025 16:30:19 -0000
Subject: SUSE-SU-2025:0579-1: moderate: Security update for podman
Message-ID: <173989621957.21560.15150619843715190300@smelt2.prg2.suse.org>



# Security update for podman

Announcement ID: SUSE-SU-2025:0579-1  
Release Date: 2025-02-18T13:00:27Z  
Rating: moderate  
References:

  * bsc#1227052
  * bsc#1236507

  
Cross-References:

  * CVE-2023-45288
  * CVE-2024-6104

  
CVSS scores:

  * CVE-2023-45288 ( SUSE ):  6.9
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2023-45288 ( SUSE ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-6104 ( SUSE ):  6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
  * CVE-2024-6104 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for podman fixes the following issues:

  * CVE-2024-6104: possible sensitive data exposure due to hashicorp/go-
    retryablehttp not sanitizing URLs when writing them to log files.
    (bsc#1227052)
  * CVE-2023-45288: possible excessive CPU consumption due to no limit being set
    on the number of CONTINUATION frames read for an HTTP/2 request in
    golang.org/x/net/http2. (bsc#1236507)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-579=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-579=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-579=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-579=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-579=1

## Package List:

  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * podmansh-4.9.5-150400.4.38.1
    * podman-remote-debuginfo-4.9.5-150400.4.38.1
    * podman-debuginfo-4.9.5-150400.4.38.1
    * podman-4.9.5-150400.4.38.1
    * podman-remote-4.9.5-150400.4.38.1
  * openSUSE Leap 15.4 (noarch)
    * podman-docker-4.9.5-150400.4.38.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * podman-4.9.5-150400.4.38.1
    * podman-remote-4.9.5-150400.4.38.1
    * podman-remote-debuginfo-4.9.5-150400.4.38.1
    * podman-debuginfo-4.9.5-150400.4.38.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * podman-4.9.5-150400.4.38.1
    * podman-remote-4.9.5-150400.4.38.1
    * podman-remote-debuginfo-4.9.5-150400.4.38.1
    * podman-debuginfo-4.9.5-150400.4.38.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * podman-4.9.5-150400.4.38.1
    * podman-remote-4.9.5-150400.4.38.1
    * podman-remote-debuginfo-4.9.5-150400.4.38.1
    * podman-debuginfo-4.9.5-150400.4.38.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * podman-4.9.5-150400.4.38.1
    * podman-remote-4.9.5-150400.4.38.1
    * podman-remote-debuginfo-4.9.5-150400.4.38.1
    * podman-debuginfo-4.9.5-150400.4.38.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-45288.html
  * https://www.suse.com/security/cve/CVE-2024-6104.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1227052
  * https://bugzilla.suse.com/show_bug.cgi?id=1236507

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250218/88102486/attachment.htm>

From null at suse.de  Tue Feb 18 16:30:24 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Tue, 18 Feb 2025 16:30:24 -0000
Subject: SUSE-SU-2025:0578-1: important: Security update for openvswitch
Message-ID: <173989622474.21560.15311821024115279584@smelt2.prg2.suse.org>



# Security update for openvswitch

Announcement ID: SUSE-SU-2025:0578-1  
Release Date: 2025-02-18T12:53:28Z  
Rating: important  
References:

  * bsc#1236353

  
Cross-References:

  * CVE-2025-0650

  
CVSS scores:

  * CVE-2025-0650 ( SUSE ):  9.2
    CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-0650 ( SUSE ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0650 ( NVD ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for openvswitch fixes the following issues:

  * CVE-2025-0650: ovn: egress ACLs may be bypassed via specially crafted UDP
    packet (bsc#1236353).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-578=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-578=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-578=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-578=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-578=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-578=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-578=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-578=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-578=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-578=1

## Package List:

  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * libovn-20_06-0-20.06.2-150400.24.26.1
    * openvswitch-debugsource-2.14.2-150400.24.26.1
    * ovn-central-20.06.2-150400.24.26.1
    * ovn-host-debuginfo-20.06.2-150400.24.26.1
    * ovn-devel-20.06.2-150400.24.26.1
    * ovn-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-devel-2.14.2-150400.24.26.1
    * ovn-vtep-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-ipsec-2.14.2-150400.24.26.1
    * openvswitch-vtep-debuginfo-2.14.2-150400.24.26.1
    * ovn-vtep-20.06.2-150400.24.26.1
    * libovn-20_06-0-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-pki-2.14.2-150400.24.26.1
    * ovn-host-20.06.2-150400.24.26.1
    * libopenvswitch-2_14-0-2.14.2-150400.24.26.1
    * python3-ovs-2.14.2-150400.24.26.1
    * openvswitch-2.14.2-150400.24.26.1
    * openvswitch-test-debuginfo-2.14.2-150400.24.26.1
    * ovn-central-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-test-2.14.2-150400.24.26.1
    * openvswitch-vtep-2.14.2-150400.24.26.1
    * libopenvswitch-2_14-0-debuginfo-2.14.2-150400.24.26.1
    * ovn-20.06.2-150400.24.26.1
    * openvswitch-debuginfo-2.14.2-150400.24.26.1
    * ovn-docker-20.06.2-150400.24.26.1
  * openSUSE Leap 15.4 (noarch)
    * ovn-doc-20.06.2-150400.24.26.1
    * openvswitch-doc-2.14.2-150400.24.26.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * libovn-20_06-0-20.06.2-150400.24.26.1
    * openvswitch-debugsource-2.14.2-150400.24.26.1
    * ovn-central-20.06.2-150400.24.26.1
    * ovn-host-debuginfo-20.06.2-150400.24.26.1
    * ovn-devel-20.06.2-150400.24.26.1
    * ovn-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-devel-2.14.2-150400.24.26.1
    * ovn-vtep-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-ipsec-2.14.2-150400.24.26.1
    * openvswitch-vtep-debuginfo-2.14.2-150400.24.26.1
    * ovn-vtep-20.06.2-150400.24.26.1
    * libovn-20_06-0-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-pki-2.14.2-150400.24.26.1
    * ovn-host-20.06.2-150400.24.26.1
    * libopenvswitch-2_14-0-2.14.2-150400.24.26.1
    * python3-ovs-2.14.2-150400.24.26.1
    * openvswitch-2.14.2-150400.24.26.1
    * openvswitch-test-debuginfo-2.14.2-150400.24.26.1
    * ovn-central-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-test-2.14.2-150400.24.26.1
    * openvswitch-vtep-2.14.2-150400.24.26.1
    * libopenvswitch-2_14-0-debuginfo-2.14.2-150400.24.26.1
    * ovn-20.06.2-150400.24.26.1
    * openvswitch-debuginfo-2.14.2-150400.24.26.1
    * ovn-docker-20.06.2-150400.24.26.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * libovn-20_06-0-20.06.2-150400.24.26.1
    * openvswitch-debugsource-2.14.2-150400.24.26.1
    * ovn-central-20.06.2-150400.24.26.1
    * ovn-host-debuginfo-20.06.2-150400.24.26.1
    * ovn-devel-20.06.2-150400.24.26.1
    * ovn-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-devel-2.14.2-150400.24.26.1
    * ovn-vtep-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-ipsec-2.14.2-150400.24.26.1
    * openvswitch-vtep-debuginfo-2.14.2-150400.24.26.1
    * ovn-vtep-20.06.2-150400.24.26.1
    * libovn-20_06-0-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-pki-2.14.2-150400.24.26.1
    * ovn-host-20.06.2-150400.24.26.1
    * libopenvswitch-2_14-0-2.14.2-150400.24.26.1
    * python3-ovs-2.14.2-150400.24.26.1
    * openvswitch-2.14.2-150400.24.26.1
    * openvswitch-test-debuginfo-2.14.2-150400.24.26.1
    * ovn-central-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-test-2.14.2-150400.24.26.1
    * openvswitch-vtep-2.14.2-150400.24.26.1
    * libopenvswitch-2_14-0-debuginfo-2.14.2-150400.24.26.1
    * ovn-20.06.2-150400.24.26.1
    * openvswitch-debuginfo-2.14.2-150400.24.26.1
    * ovn-docker-20.06.2-150400.24.26.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * libovn-20_06-0-20.06.2-150400.24.26.1
    * openvswitch-debugsource-2.14.2-150400.24.26.1
    * ovn-central-20.06.2-150400.24.26.1
    * ovn-host-debuginfo-20.06.2-150400.24.26.1
    * ovn-devel-20.06.2-150400.24.26.1
    * ovn-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-devel-2.14.2-150400.24.26.1
    * ovn-vtep-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-ipsec-2.14.2-150400.24.26.1
    * openvswitch-vtep-debuginfo-2.14.2-150400.24.26.1
    * ovn-vtep-20.06.2-150400.24.26.1
    * libovn-20_06-0-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-pki-2.14.2-150400.24.26.1
    * ovn-host-20.06.2-150400.24.26.1
    * libopenvswitch-2_14-0-2.14.2-150400.24.26.1
    * python3-ovs-2.14.2-150400.24.26.1
    * openvswitch-2.14.2-150400.24.26.1
    * openvswitch-test-debuginfo-2.14.2-150400.24.26.1
    * ovn-central-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-test-2.14.2-150400.24.26.1
    * openvswitch-vtep-2.14.2-150400.24.26.1
    * libopenvswitch-2_14-0-debuginfo-2.14.2-150400.24.26.1
    * ovn-20.06.2-150400.24.26.1
    * openvswitch-debuginfo-2.14.2-150400.24.26.1
    * ovn-docker-20.06.2-150400.24.26.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * libovn-20_06-0-20.06.2-150400.24.26.1
    * openvswitch-debugsource-2.14.2-150400.24.26.1
    * ovn-central-20.06.2-150400.24.26.1
    * ovn-host-debuginfo-20.06.2-150400.24.26.1
    * ovn-devel-20.06.2-150400.24.26.1
    * ovn-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-devel-2.14.2-150400.24.26.1
    * ovn-vtep-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-ipsec-2.14.2-150400.24.26.1
    * openvswitch-vtep-debuginfo-2.14.2-150400.24.26.1
    * ovn-vtep-20.06.2-150400.24.26.1
    * libovn-20_06-0-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-pki-2.14.2-150400.24.26.1
    * ovn-host-20.06.2-150400.24.26.1
    * libopenvswitch-2_14-0-2.14.2-150400.24.26.1
    * python3-ovs-2.14.2-150400.24.26.1
    * openvswitch-2.14.2-150400.24.26.1
    * openvswitch-test-debuginfo-2.14.2-150400.24.26.1
    * ovn-central-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-test-2.14.2-150400.24.26.1
    * openvswitch-vtep-2.14.2-150400.24.26.1
    * libopenvswitch-2_14-0-debuginfo-2.14.2-150400.24.26.1
    * ovn-20.06.2-150400.24.26.1
    * openvswitch-debuginfo-2.14.2-150400.24.26.1
    * ovn-docker-20.06.2-150400.24.26.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * libovn-20_06-0-20.06.2-150400.24.26.1
    * openvswitch-debugsource-2.14.2-150400.24.26.1
    * ovn-central-20.06.2-150400.24.26.1
    * ovn-host-debuginfo-20.06.2-150400.24.26.1
    * ovn-devel-20.06.2-150400.24.26.1
    * ovn-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-devel-2.14.2-150400.24.26.1
    * ovn-vtep-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-ipsec-2.14.2-150400.24.26.1
    * openvswitch-vtep-debuginfo-2.14.2-150400.24.26.1
    * ovn-vtep-20.06.2-150400.24.26.1
    * libovn-20_06-0-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-pki-2.14.2-150400.24.26.1
    * ovn-host-20.06.2-150400.24.26.1
    * libopenvswitch-2_14-0-2.14.2-150400.24.26.1
    * python3-ovs-2.14.2-150400.24.26.1
    * openvswitch-2.14.2-150400.24.26.1
    * openvswitch-test-debuginfo-2.14.2-150400.24.26.1
    * ovn-central-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-test-2.14.2-150400.24.26.1
    * openvswitch-vtep-2.14.2-150400.24.26.1
    * libopenvswitch-2_14-0-debuginfo-2.14.2-150400.24.26.1
    * ovn-20.06.2-150400.24.26.1
    * openvswitch-debuginfo-2.14.2-150400.24.26.1
    * ovn-docker-20.06.2-150400.24.26.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * libovn-20_06-0-20.06.2-150400.24.26.1
    * openvswitch-debugsource-2.14.2-150400.24.26.1
    * ovn-central-20.06.2-150400.24.26.1
    * ovn-host-debuginfo-20.06.2-150400.24.26.1
    * ovn-devel-20.06.2-150400.24.26.1
    * ovn-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-devel-2.14.2-150400.24.26.1
    * ovn-vtep-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-ipsec-2.14.2-150400.24.26.1
    * openvswitch-vtep-debuginfo-2.14.2-150400.24.26.1
    * ovn-vtep-20.06.2-150400.24.26.1
    * libovn-20_06-0-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-pki-2.14.2-150400.24.26.1
    * ovn-host-20.06.2-150400.24.26.1
    * libopenvswitch-2_14-0-2.14.2-150400.24.26.1
    * python3-ovs-2.14.2-150400.24.26.1
    * openvswitch-2.14.2-150400.24.26.1
    * openvswitch-test-debuginfo-2.14.2-150400.24.26.1
    * ovn-central-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-test-2.14.2-150400.24.26.1
    * openvswitch-vtep-2.14.2-150400.24.26.1
    * libopenvswitch-2_14-0-debuginfo-2.14.2-150400.24.26.1
    * ovn-20.06.2-150400.24.26.1
    * openvswitch-debuginfo-2.14.2-150400.24.26.1
    * ovn-docker-20.06.2-150400.24.26.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * libovn-20_06-0-20.06.2-150400.24.26.1
    * openvswitch-debugsource-2.14.2-150400.24.26.1
    * ovn-central-20.06.2-150400.24.26.1
    * ovn-host-debuginfo-20.06.2-150400.24.26.1
    * ovn-devel-20.06.2-150400.24.26.1
    * ovn-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-devel-2.14.2-150400.24.26.1
    * ovn-vtep-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-ipsec-2.14.2-150400.24.26.1
    * openvswitch-vtep-debuginfo-2.14.2-150400.24.26.1
    * ovn-vtep-20.06.2-150400.24.26.1
    * libovn-20_06-0-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-pki-2.14.2-150400.24.26.1
    * ovn-host-20.06.2-150400.24.26.1
    * libopenvswitch-2_14-0-2.14.2-150400.24.26.1
    * python3-ovs-2.14.2-150400.24.26.1
    * openvswitch-2.14.2-150400.24.26.1
    * openvswitch-test-debuginfo-2.14.2-150400.24.26.1
    * ovn-central-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-test-2.14.2-150400.24.26.1
    * openvswitch-vtep-2.14.2-150400.24.26.1
    * libopenvswitch-2_14-0-debuginfo-2.14.2-150400.24.26.1
    * ovn-20.06.2-150400.24.26.1
    * openvswitch-debuginfo-2.14.2-150400.24.26.1
    * ovn-docker-20.06.2-150400.24.26.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * libovn-20_06-0-20.06.2-150400.24.26.1
    * openvswitch-debugsource-2.14.2-150400.24.26.1
    * ovn-central-20.06.2-150400.24.26.1
    * ovn-host-debuginfo-20.06.2-150400.24.26.1
    * ovn-devel-20.06.2-150400.24.26.1
    * ovn-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-devel-2.14.2-150400.24.26.1
    * ovn-vtep-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-ipsec-2.14.2-150400.24.26.1
    * openvswitch-vtep-debuginfo-2.14.2-150400.24.26.1
    * ovn-vtep-20.06.2-150400.24.26.1
    * libovn-20_06-0-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-pki-2.14.2-150400.24.26.1
    * ovn-host-20.06.2-150400.24.26.1
    * libopenvswitch-2_14-0-2.14.2-150400.24.26.1
    * python3-ovs-2.14.2-150400.24.26.1
    * openvswitch-2.14.2-150400.24.26.1
    * openvswitch-test-debuginfo-2.14.2-150400.24.26.1
    * ovn-central-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-test-2.14.2-150400.24.26.1
    * openvswitch-vtep-2.14.2-150400.24.26.1
    * libopenvswitch-2_14-0-debuginfo-2.14.2-150400.24.26.1
    * ovn-20.06.2-150400.24.26.1
    * openvswitch-debuginfo-2.14.2-150400.24.26.1
    * ovn-docker-20.06.2-150400.24.26.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * libovn-20_06-0-20.06.2-150400.24.26.1
    * openvswitch-debugsource-2.14.2-150400.24.26.1
    * ovn-central-20.06.2-150400.24.26.1
    * ovn-host-debuginfo-20.06.2-150400.24.26.1
    * ovn-devel-20.06.2-150400.24.26.1
    * ovn-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-devel-2.14.2-150400.24.26.1
    * ovn-vtep-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-ipsec-2.14.2-150400.24.26.1
    * openvswitch-vtep-debuginfo-2.14.2-150400.24.26.1
    * ovn-vtep-20.06.2-150400.24.26.1
    * libovn-20_06-0-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-pki-2.14.2-150400.24.26.1
    * ovn-host-20.06.2-150400.24.26.1
    * libopenvswitch-2_14-0-2.14.2-150400.24.26.1
    * python3-ovs-2.14.2-150400.24.26.1
    * openvswitch-2.14.2-150400.24.26.1
    * openvswitch-test-debuginfo-2.14.2-150400.24.26.1
    * ovn-central-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-test-2.14.2-150400.24.26.1
    * openvswitch-vtep-2.14.2-150400.24.26.1
    * libopenvswitch-2_14-0-debuginfo-2.14.2-150400.24.26.1
    * ovn-20.06.2-150400.24.26.1
    * openvswitch-debuginfo-2.14.2-150400.24.26.1
    * ovn-docker-20.06.2-150400.24.26.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-0650.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236353

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250218/c7623f3a/attachment.htm>

From null at suse.de  Tue Feb 18 16:31:46 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Tue, 18 Feb 2025 16:31:46 -0000
Subject: SUSE-SU-2025:0577-1: important: Security update for the Linux Kernel
Message-ID: <173989630637.21560.17273921273444949975@smelt2.prg2.suse.org>



# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2025:0577-1  
Release Date: 2025-02-18T12:51:54Z  
Rating: important  
References:

  * bsc#1194869
  * bsc#1216813
  * bsc#1223384
  * bsc#1225736
  * bsc#1226848
  * bsc#1226980
  * bsc#1228537
  * bsc#1228592
  * bsc#1230341
  * bsc#1230432
  * bsc#1230527
  * bsc#1230697
  * bsc#1231088
  * bsc#1231847
  * bsc#1232914
  * bsc#1233028
  * bsc#1233055
  * bsc#1233097
  * bsc#1233103
  * bsc#1233112
  * bsc#1233464
  * bsc#1233488
  * bsc#1233642
  * bsc#1233778
  * bsc#1234024
  * bsc#1234025
  * bsc#1234078
  * bsc#1234087
  * bsc#1234153
  * bsc#1234155
  * bsc#1234223
  * bsc#1234381
  * bsc#1234683
  * bsc#1234690
  * bsc#1234825
  * bsc#1234829
  * bsc#1234832
  * bsc#1234884
  * bsc#1234889
  * bsc#1234896
  * bsc#1234899
  * bsc#1234900
  * bsc#1234905
  * bsc#1234909
  * bsc#1234916
  * bsc#1234918
  * bsc#1234922
  * bsc#1234930
  * bsc#1234931
  * bsc#1234934
  * bsc#1234962
  * bsc#1234999
  * bsc#1235002
  * bsc#1235009
  * bsc#1235011
  * bsc#1235053
  * bsc#1235057
  * bsc#1235059
  * bsc#1235100
  * bsc#1235122
  * bsc#1235123
  * bsc#1235133
  * bsc#1235134
  * bsc#1235217
  * bsc#1235222
  * bsc#1235230
  * bsc#1235249
  * bsc#1235410
  * bsc#1235430
  * bsc#1235433
  * bsc#1235441
  * bsc#1235451
  * bsc#1235458
  * bsc#1235466
  * bsc#1235473
  * bsc#1235480
  * bsc#1235491
  * bsc#1235495
  * bsc#1235496
  * bsc#1235521
  * bsc#1235557
  * bsc#1235563
  * bsc#1235570
  * bsc#1235584
  * bsc#1235611
  * bsc#1235635
  * bsc#1235641
  * bsc#1235643
  * bsc#1235645
  * bsc#1235647
  * bsc#1235723
  * bsc#1235739
  * bsc#1235747
  * bsc#1235759
  * bsc#1235764
  * bsc#1235768
  * bsc#1235806
  * bsc#1235812
  * bsc#1235814
  * bsc#1235818
  * bsc#1235842
  * bsc#1235920
  * bsc#1235969
  * bsc#1236628

  
Cross-References:

  * CVE-2024-26758
  * CVE-2024-26943
  * CVE-2024-36898
  * CVE-2024-38599
  * CVE-2024-41047
  * CVE-2024-45019
  * CVE-2024-46858
  * CVE-2024-50051
  * CVE-2024-50136
  * CVE-2024-50142
  * CVE-2024-50151
  * CVE-2024-50195
  * CVE-2024-50199
  * CVE-2024-50210
  * CVE-2024-50275
  * CVE-2024-50299
  * CVE-2024-53095
  * CVE-2024-53103
  * CVE-2024-53104
  * CVE-2024-53112
  * CVE-2024-53121
  * CVE-2024-53127
  * CVE-2024-53129
  * CVE-2024-53138
  * CVE-2024-53141
  * CVE-2024-53144
  * CVE-2024-53148
  * CVE-2024-53151
  * CVE-2024-53166
  * CVE-2024-53169
  * CVE-2024-53171
  * CVE-2024-53174
  * CVE-2024-53177
  * CVE-2024-53208
  * CVE-2024-53209
  * CVE-2024-53215
  * CVE-2024-53217
  * CVE-2024-53224
  * CVE-2024-53227
  * CVE-2024-53229
  * CVE-2024-53690
  * CVE-2024-54680
  * CVE-2024-55916
  * CVE-2024-56531
  * CVE-2024-56532
  * CVE-2024-56533
  * CVE-2024-56557
  * CVE-2024-56558
  * CVE-2024-56562
  * CVE-2024-56567
  * CVE-2024-56588
  * CVE-2024-56595
  * CVE-2024-56596
  * CVE-2024-56597
  * CVE-2024-56600
  * CVE-2024-56601
  * CVE-2024-56602
  * CVE-2024-56623
  * CVE-2024-56629
  * CVE-2024-56631
  * CVE-2024-56642
  * CVE-2024-56644
  * CVE-2024-56645
  * CVE-2024-56648
  * CVE-2024-56650
  * CVE-2024-56658
  * CVE-2024-56661
  * CVE-2024-56664
  * CVE-2024-56678
  * CVE-2024-56681
  * CVE-2024-56698
  * CVE-2024-56701
  * CVE-2024-56704
  * CVE-2024-56722
  * CVE-2024-56739
  * CVE-2024-56745
  * CVE-2024-56747
  * CVE-2024-56754
  * CVE-2024-56756
  * CVE-2024-56759
  * CVE-2024-56765
  * CVE-2024-56776
  * CVE-2024-56777
  * CVE-2024-56778
  * CVE-2024-57791
  * CVE-2024-57792
  * CVE-2024-57793
  * CVE-2024-57798
  * CVE-2024-57849
  * CVE-2024-57850
  * CVE-2024-57876
  * CVE-2024-57893
  * CVE-2024-57897
  * CVE-2024-8805

  
CVSS scores:

  * CVE-2024-26758 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-26758 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-26943 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-36898 ( SUSE ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
  * CVE-2024-38599 ( SUSE ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
  * CVE-2024-41047 ( SUSE ):  0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N
  * CVE-2024-45019 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-45019 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-46858 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-46858 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50051 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-50051 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50051 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50051 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50136 ( SUSE ):  0.0
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-50136 ( SUSE ):  0.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
  * CVE-2024-50136 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50142 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-50142 ( SUSE ):  6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
  * CVE-2024-50142 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50151 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-50151 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2024-50151 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50195 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50195 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50199 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50210 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-50210 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50210 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50275 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50275 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50299 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50299 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53095 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53095 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53103 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53103 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53112 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53112 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53112 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53121 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53121 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53127 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53129 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53129 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53138 ( SUSE ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
  * CVE-2024-53138 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53141 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53141 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53141 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53144 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53148 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53148 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53151 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53151 ( SUSE ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-53151 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53166 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53166 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53166 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53166 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53169 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53169 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53171 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53171 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53171 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53171 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53174 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53174 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53174 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53177 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53177 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53177 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53208 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53208 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53208 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53209 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53209 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-53215 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53215 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53215 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53217 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53217 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53217 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53224 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53224 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53224 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53227 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53227 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53227 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53227 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53229 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53229 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53690 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53690 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54680 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-54680 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54680 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54680 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-55916 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-55916 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-55916 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56531 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56531 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56532 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56532 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56533 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56533 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56557 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56557 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56558 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56558 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56558 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56562 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56562 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56567 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56567 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56567 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56588 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56588 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56588 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56595 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56595 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56595 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56596 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56596 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56596 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56597 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56597 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-56600 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56600 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56601 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56602 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56602 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56602 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56602 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56623 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56623 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56623 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56629 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56629 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56629 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56631 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56631 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56631 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56631 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56642 ( SUSE ):  7.5
    CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56642 ( SUSE ):  7.1 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56642 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56642 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56644 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56644 ( SUSE ):  2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56645 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56645 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56648 ( SUSE ):  8.6
    CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56648 ( SUSE ):  8.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56648 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56650 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56650 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56650 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-56658 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56658 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56658 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56661 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56661 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56661 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56664 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56664 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56664 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56678 ( SUSE ):  8.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56678 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56678 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56681 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56681 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  * CVE-2024-56698 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56698 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56698 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56701 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56701 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56704 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56704 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56704 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56722 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56722 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56722 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56739 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56739 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56739 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56745 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56745 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56745 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56747 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56747 ( SUSE ):  2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56747 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56754 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56754 ( SUSE ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-56754 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56756 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56756 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-56756 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56759 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56759 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56765 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56765 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56765 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56765 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56776 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56776 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56776 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56777 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56777 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56777 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56778 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56778 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56778 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57791 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57791 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57792 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57792 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57793 ( SUSE ):  6.2
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H
  * CVE-2024-57793 ( SUSE ):  8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:H
  * CVE-2024-57798 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57798 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57798 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57849 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57849 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57850 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57850 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57876 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57876 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57893 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57893 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57897 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57897 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-8805 ( SUSE ):  8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-8805 ( NVD ):  8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-8805 ( NVD ):  8.8 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.5
  * SUSE Linux Enterprise High Availability Extension 15 SP5
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Live Patching 15-SP5
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP5
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5

  
  
An update that solves 94 vulnerabilities and has 10 security fixes can now be
installed.

## Description:

The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security
bugfixes.

The following security bugs were fixed:

  * CVE-2024-36898: gpiolib: cdev: fix uninitialised kfifo (bsc#1225736).
  * CVE-2024-46858: mptcp: pm: Fix uaf in __timer_delete_sync (bsc#1231088).
  * CVE-2024-50142: xfrm: validate new SA's prefixlen using SA family when
    sel.family is unset (bsc#1233028).
  * CVE-2024-50151: smb: client: fix OOBs when building SMB2_IOCTL request
    (bsc#1233055).
  * CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unuse_vma (bsc#1233112).
  * CVE-2024-50299: sctp: properly validate chunk size in sctp_sf_ootb()
    (bsc#1233488).
  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1234025).
  * CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt
    (bsc#1234381).
  * CVE-2024-53166: block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234884).
  * CVE-2024-53177: smb: prevent use-after-free due to open_cached_dir error
    paths (bsc#1234896).
  * CVE-2024-53209: bnxt_en: Fix receive ring space parameters when XDP is
    active (bsc#1235002).
  * CVE-2024-53227: scsi: bfa: Fix use-after-free in bfad_im_module_exit()
    (bsc#1235011).
  * CVE-2024-56588: scsi: hisi_sas: Create all dump files during debugfs
    initialization (bsc#1235123).
  * CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in
    inet6_create() (bsc#1235217).
  * CVE-2024-56601: net: inet: do not leave a dangling sk pointer in
    inet_create() (bsc#1235230).
  * CVE-2024-56602: net: ieee802154: do not leave a dangling sk pointer in
    ieee802154_create() (bsc#1235521).
  * CVE-2024-56623: scsi: qla2xxx: Fix use after free on unload (bsc#1235466).
  * CVE-2024-56631: scsi: sg: Fix slab-use-after-free read in sg_release()
    (bsc#1235480).
  * CVE-2024-56642: tipc: Fix use-after-free of kernel socket in
    cleanup_bearer() (bsc#1235433).
  * CVE-2024-56645: can: j1939: j1939_session_new(): fix skb reference counting
    (bsc#1235134).
  * CVE-2024-56648: net: hsr: avoid potential out-of-bound access in
    fill_frame_info() (bsc#1235451).
  * CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check()
    (bsc#1235430).
  * CVE-2024-56658: net: defer final 'struct net' free in netns dismantle
    (bsc#1235441).
  * CVE-2024-56664: bpf, sockmap: Fix race between element replace and close()
    (bsc#1235249).
  * CVE-2024-56704: 9p/xen: fix release of IRQ (bsc#1235584).
  * CVE-2024-56747: scsi: qedi: Fix a possible memory leak in
    qedi_alloc_and_init_sb() (bsc#1234934).
  * CVE-2024-56759: btrfs: fix use-after-free when COWing tree bock and tracing
    is enabled (bsc#1235645).
  * CVE-2024-57791: net/smc: check return value of sock_recvmsg when draining
    clc data (bsc#1235759).
  * CVE-2024-57792: power: supply: gpio-charger: Fix set charge current limits
    (bsc#1235764).
  * CVE-2024-57793: virt: tdx-guest: Just leak decrypted memory on unrecoverable
    errors (bsc#1235768).
  * CVE-2024-57798: drm/dp_mst: Ensure mst_primary pointer is valid in
    drm_dp_mst_handle_up_req() (bsc#1235818).
  * CVE-2024-57849: s390/cpum_sf: Handle CPU hotplug remove during sampling
    (bsc#1235814).
  * CVE-2024-57876: drm/dp_mst: Fix resetting msg rx state after topology
    removal (bsc#1235806).
  * CVE-2024-57893: ALSA: seq: oss: Fix races at processing SysEx messages
    (bsc#1235920).
  * CVE-2024-57897: drm/amdkfd: Correct the migration DMA map direction
    (bsc#1235969).

The following non-security bugs were fixed:

  * NFS: Adjust the amount of readahead performed by NFS readdir (bsc#1231847).
  * NFS: Do not flush the readdir cache in nfs_dentry_iput() (bsc#1231847).
  * NFS: Improve heuristic for readdirplus (bsc#1231847).
  * NFS: Trigger the "ls -l" readdir heuristic sooner (bsc#1231847).
  * VFS: use system_unbound_wq for delayed_mntput (bsc#1234683).
  * ceph: improve error handling and short/overflow-read logic in
    __ceph_sync_read() (bsc#1228592).
  * ibmvnic: Free any outstanding tx skbs during scrq reset (bsc#1226980).
  * netfilter: nf_tables: validate family when identifying table via handle
    (bsc#1233778).
  * powerpc/pseries/vas: Add close() callback in vas_vm_ops struct
    (bsc#1234825).
  * tipc: fix NULL deref in cleanup_bearer() (bsc#1235433).
  * x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0
    (git-fixes).

## Special Instructions and Notes:

  * Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-577=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-577=1

  * SUSE Linux Enterprise Live Patching 15-SP5  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-577=1

  * SUSE Linux Enterprise High Availability Extension 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HA-15-SP5-2025-577=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-577=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-577=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-577=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-577=1

## Package List:

  * openSUSE Leap 15.5 (noarch nosrc)
    * kernel-docs-5.14.21-150500.55.94.1
  * openSUSE Leap 15.5 (noarch)
    * kernel-macros-5.14.21-150500.55.94.1
    * kernel-source-5.14.21-150500.55.94.1
    * kernel-source-vanilla-5.14.21-150500.55.94.1
    * kernel-devel-5.14.21-150500.55.94.1
    * kernel-docs-html-5.14.21-150500.55.94.1
  * openSUSE Leap 15.5 (nosrc ppc64le x86_64)
    * kernel-debug-5.14.21-150500.55.94.1
  * openSUSE Leap 15.5 (ppc64le x86_64)
    * kernel-debug-devel-debuginfo-5.14.21-150500.55.94.1
    * kernel-debug-debugsource-5.14.21-150500.55.94.1
    * kernel-debug-devel-5.14.21-150500.55.94.1
    * kernel-debug-debuginfo-5.14.21-150500.55.94.1
  * openSUSE Leap 15.5 (x86_64)
    * kernel-default-vdso-5.14.21-150500.55.94.1
    * kernel-kvmsmall-vdso-5.14.21-150500.55.94.1
    * kernel-kvmsmall-vdso-debuginfo-5.14.21-150500.55.94.1
    * kernel-debug-vdso-5.14.21-150500.55.94.1
    * kernel-default-vdso-debuginfo-5.14.21-150500.55.94.1
    * kernel-debug-vdso-debuginfo-5.14.21-150500.55.94.1
  * openSUSE Leap 15.5 (aarch64 ppc64le x86_64)
    * kernel-kvmsmall-devel-5.14.21-150500.55.94.1
    * kernel-kvmsmall-devel-debuginfo-5.14.21-150500.55.94.1
    * kernel-kvmsmall-debuginfo-5.14.21-150500.55.94.1
    * kernel-kvmsmall-debugsource-5.14.21-150500.55.94.1
    * kernel-default-base-rebuild-5.14.21-150500.55.94.1.150500.6.43.1
    * kernel-default-base-5.14.21-150500.55.94.1.150500.6.43.1
  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
    * kernel-default-devel-5.14.21-150500.55.94.1
    * kernel-syms-5.14.21-150500.55.94.1
    * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.94.1
    * reiserfs-kmp-default-5.14.21-150500.55.94.1
    * kselftests-kmp-default-5.14.21-150500.55.94.1
    * kernel-default-debugsource-5.14.21-150500.55.94.1
    * kernel-default-livepatch-5.14.21-150500.55.94.1
    * gfs2-kmp-default-debuginfo-5.14.21-150500.55.94.1
    * kernel-obs-build-5.14.21-150500.55.94.1
    * kernel-obs-build-debugsource-5.14.21-150500.55.94.1
    * dlm-kmp-default-debuginfo-5.14.21-150500.55.94.1
    * kernel-default-debuginfo-5.14.21-150500.55.94.1
    * ocfs2-kmp-default-5.14.21-150500.55.94.1
    * kernel-default-devel-debuginfo-5.14.21-150500.55.94.1
    * kernel-obs-qa-5.14.21-150500.55.94.1
    * kernel-default-optional-5.14.21-150500.55.94.1
    * kselftests-kmp-default-debuginfo-5.14.21-150500.55.94.1
    * kernel-default-optional-debuginfo-5.14.21-150500.55.94.1
    * dlm-kmp-default-5.14.21-150500.55.94.1
    * kernel-default-extra-5.14.21-150500.55.94.1
    * cluster-md-kmp-default-5.14.21-150500.55.94.1
    * gfs2-kmp-default-5.14.21-150500.55.94.1
    * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.94.1
    * kernel-default-extra-debuginfo-5.14.21-150500.55.94.1
    * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.94.1
  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 nosrc)
    * kernel-default-5.14.21-150500.55.94.1
  * openSUSE Leap 15.5 (ppc64le s390x x86_64)
    * kernel-default-livepatch-devel-5.14.21-150500.55.94.1
    * kernel-livepatch-5_14_21-150500_55_94-default-1-150500.11.3.1
    * kernel-livepatch-5_14_21-150500_55_94-default-debuginfo-1-150500.11.3.1
    * kernel-livepatch-SLE15-SP5_Update_23-debugsource-1-150500.11.3.1
  * openSUSE Leap 15.5 (aarch64 nosrc ppc64le x86_64)
    * kernel-kvmsmall-5.14.21-150500.55.94.1
  * openSUSE Leap 15.5 (nosrc s390x)
    * kernel-zfcpdump-5.14.21-150500.55.94.1
  * openSUSE Leap 15.5 (s390x)
    * kernel-zfcpdump-debuginfo-5.14.21-150500.55.94.1
    * kernel-zfcpdump-debugsource-5.14.21-150500.55.94.1
  * openSUSE Leap 15.5 (nosrc)
    * dtb-aarch64-5.14.21-150500.55.94.1
  * openSUSE Leap 15.5 (aarch64)
    * dtb-altera-5.14.21-150500.55.94.1
    * dtb-cavium-5.14.21-150500.55.94.1
    * dtb-rockchip-5.14.21-150500.55.94.1
    * dtb-socionext-5.14.21-150500.55.94.1
    * dtb-nvidia-5.14.21-150500.55.94.1
    * ocfs2-kmp-64kb-5.14.21-150500.55.94.1
    * ocfs2-kmp-64kb-debuginfo-5.14.21-150500.55.94.1
    * dtb-allwinner-5.14.21-150500.55.94.1
    * dtb-arm-5.14.21-150500.55.94.1
    * kernel-64kb-debuginfo-5.14.21-150500.55.94.1
    * dlm-kmp-64kb-debuginfo-5.14.21-150500.55.94.1
    * cluster-md-kmp-64kb-5.14.21-150500.55.94.1
    * cluster-md-kmp-64kb-debuginfo-5.14.21-150500.55.94.1
    * dtb-marvell-5.14.21-150500.55.94.1
    * kernel-64kb-optional-5.14.21-150500.55.94.1
    * dtb-sprd-5.14.21-150500.55.94.1
    * gfs2-kmp-64kb-5.14.21-150500.55.94.1
    * dtb-hisilicon-5.14.21-150500.55.94.1
    * dlm-kmp-64kb-5.14.21-150500.55.94.1
    * kernel-64kb-devel-5.14.21-150500.55.94.1
    * dtb-amd-5.14.21-150500.55.94.1
    * dtb-qcom-5.14.21-150500.55.94.1
    * kernel-64kb-optional-debuginfo-5.14.21-150500.55.94.1
    * dtb-lg-5.14.21-150500.55.94.1
    * kselftests-kmp-64kb-5.14.21-150500.55.94.1
    * gfs2-kmp-64kb-debuginfo-5.14.21-150500.55.94.1
    * dtb-renesas-5.14.21-150500.55.94.1
    * dtb-broadcom-5.14.21-150500.55.94.1
    * dtb-amlogic-5.14.21-150500.55.94.1
    * kernel-64kb-extra-5.14.21-150500.55.94.1
    * reiserfs-kmp-64kb-debuginfo-5.14.21-150500.55.94.1
    * kselftests-kmp-64kb-debuginfo-5.14.21-150500.55.94.1
    * dtb-amazon-5.14.21-150500.55.94.1
    * kernel-64kb-devel-debuginfo-5.14.21-150500.55.94.1
    * reiserfs-kmp-64kb-5.14.21-150500.55.94.1
    * dtb-mediatek-5.14.21-150500.55.94.1
    * dtb-exynos-5.14.21-150500.55.94.1
    * dtb-apm-5.14.21-150500.55.94.1
    * dtb-xilinx-5.14.21-150500.55.94.1
    * dtb-freescale-5.14.21-150500.55.94.1
    * kernel-64kb-extra-debuginfo-5.14.21-150500.55.94.1
    * kernel-64kb-debugsource-5.14.21-150500.55.94.1
    * dtb-apple-5.14.21-150500.55.94.1
  * openSUSE Leap 15.5 (aarch64 nosrc)
    * kernel-64kb-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64 nosrc)
    * kernel-default-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 x86_64)
    * kernel-default-base-5.14.21-150500.55.94.1.150500.6.43.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * kernel-default-debuginfo-5.14.21-150500.55.94.1
    * kernel-default-debugsource-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise Live Patching 15-SP5 (nosrc)
    * kernel-default-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64)
    * kernel-default-livepatch-devel-5.14.21-150500.55.94.1
    * kernel-default-livepatch-5.14.21-150500.55.94.1
    * kernel-livepatch-5_14_21-150500_55_94-default-debuginfo-1-150500.11.3.1
    * kernel-default-debuginfo-5.14.21-150500.55.94.1
    * kernel-livepatch-5_14_21-150500_55_94-default-1-150500.11.3.1
    * kernel-default-debugsource-5.14.21-150500.55.94.1
    * kernel-livepatch-SLE15-SP5_Update_23-debugsource-1-150500.11.3.1
  * SUSE Linux Enterprise High Availability Extension 15 SP5 (aarch64 ppc64le
    s390x x86_64)
    * gfs2-kmp-default-debuginfo-5.14.21-150500.55.94.1
    * dlm-kmp-default-5.14.21-150500.55.94.1
    * cluster-md-kmp-default-5.14.21-150500.55.94.1
    * gfs2-kmp-default-5.14.21-150500.55.94.1
    * dlm-kmp-default-debuginfo-5.14.21-150500.55.94.1
    * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.94.1
    * kernel-default-debuginfo-5.14.21-150500.55.94.1
    * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.94.1
    * kernel-default-debugsource-5.14.21-150500.55.94.1
    * ocfs2-kmp-default-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise High Availability Extension 15 SP5 (nosrc)
    * kernel-default-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    nosrc)
    * kernel-64kb-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64)
    * kernel-64kb-devel-5.14.21-150500.55.94.1
    * kernel-64kb-devel-debuginfo-5.14.21-150500.55.94.1
    * kernel-64kb-debuginfo-5.14.21-150500.55.94.1
    * kernel-64kb-debugsource-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 nosrc
    x86_64)
    * kernel-default-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * kernel-default-devel-5.14.21-150500.55.94.1
    * kernel-syms-5.14.21-150500.55.94.1
    * kernel-default-devel-debuginfo-5.14.21-150500.55.94.1
    * kernel-obs-build-5.14.21-150500.55.94.1
    * kernel-obs-build-debugsource-5.14.21-150500.55.94.1
    * kernel-default-debuginfo-5.14.21-150500.55.94.1
    * kernel-default-debugsource-5.14.21-150500.55.94.1
    * kernel-default-base-5.14.21-150500.55.94.1.150500.6.43.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * kernel-devel-5.14.21-150500.55.94.1
    * kernel-macros-5.14.21-150500.55.94.1
    * kernel-source-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch nosrc)
    * kernel-docs-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 nosrc)
    * kernel-64kb-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64)
    * kernel-64kb-devel-5.14.21-150500.55.94.1
    * kernel-64kb-devel-debuginfo-5.14.21-150500.55.94.1
    * kernel-64kb-debuginfo-5.14.21-150500.55.94.1
    * kernel-64kb-debugsource-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 nosrc
    x86_64)
    * kernel-default-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * kernel-default-devel-5.14.21-150500.55.94.1
    * kernel-syms-5.14.21-150500.55.94.1
    * kernel-default-devel-debuginfo-5.14.21-150500.55.94.1
    * kernel-obs-build-5.14.21-150500.55.94.1
    * kernel-obs-build-debugsource-5.14.21-150500.55.94.1
    * kernel-default-debuginfo-5.14.21-150500.55.94.1
    * kernel-default-debugsource-5.14.21-150500.55.94.1
    * kernel-default-base-5.14.21-150500.55.94.1.150500.6.43.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * kernel-devel-5.14.21-150500.55.94.1
    * kernel-macros-5.14.21-150500.55.94.1
    * kernel-source-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch nosrc)
    * kernel-docs-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 nosrc)
    * kernel-64kb-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64)
    * kernel-64kb-devel-5.14.21-150500.55.94.1
    * kernel-64kb-devel-debuginfo-5.14.21-150500.55.94.1
    * kernel-64kb-debuginfo-5.14.21-150500.55.94.1
    * kernel-64kb-debugsource-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64
    nosrc)
    * kernel-default-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le x86_64)
    * kernel-default-base-5.14.21-150500.55.94.1.150500.6.43.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * kernel-default-devel-5.14.21-150500.55.94.1
    * kernel-syms-5.14.21-150500.55.94.1
    * kernel-default-devel-debuginfo-5.14.21-150500.55.94.1
    * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.94.1
    * kernel-obs-build-5.14.21-150500.55.94.1
    * kernel-obs-build-debugsource-5.14.21-150500.55.94.1
    * reiserfs-kmp-default-5.14.21-150500.55.94.1
    * kernel-default-debuginfo-5.14.21-150500.55.94.1
    * kernel-default-debugsource-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * kernel-devel-5.14.21-150500.55.94.1
    * kernel-macros-5.14.21-150500.55.94.1
    * kernel-source-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch nosrc)
    * kernel-docs-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (nosrc s390x)
    * kernel-zfcpdump-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (s390x)
    * kernel-zfcpdump-debuginfo-5.14.21-150500.55.94.1
    * kernel-zfcpdump-debugsource-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (nosrc ppc64le
    x86_64)
    * kernel-default-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * kernel-default-devel-5.14.21-150500.55.94.1
    * kernel-syms-5.14.21-150500.55.94.1
    * kernel-default-devel-debuginfo-5.14.21-150500.55.94.1
    * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.94.1
    * kernel-obs-build-5.14.21-150500.55.94.1
    * kernel-obs-build-debugsource-5.14.21-150500.55.94.1
    * reiserfs-kmp-default-5.14.21-150500.55.94.1
    * kernel-default-debuginfo-5.14.21-150500.55.94.1
    * kernel-default-debugsource-5.14.21-150500.55.94.1
    * kernel-default-base-5.14.21-150500.55.94.1.150500.6.43.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * kernel-devel-5.14.21-150500.55.94.1
    * kernel-macros-5.14.21-150500.55.94.1
    * kernel-source-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch nosrc)
    * kernel-docs-5.14.21-150500.55.94.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-26758.html
  * https://www.suse.com/security/cve/CVE-2024-26943.html
  * https://www.suse.com/security/cve/CVE-2024-36898.html
  * https://www.suse.com/security/cve/CVE-2024-38599.html
  * https://www.suse.com/security/cve/CVE-2024-41047.html
  * https://www.suse.com/security/cve/CVE-2024-45019.html
  * https://www.suse.com/security/cve/CVE-2024-46858.html
  * https://www.suse.com/security/cve/CVE-2024-50051.html
  * https://www.suse.com/security/cve/CVE-2024-50136.html
  * https://www.suse.com/security/cve/CVE-2024-50142.html
  * https://www.suse.com/security/cve/CVE-2024-50151.html
  * https://www.suse.com/security/cve/CVE-2024-50195.html
  * https://www.suse.com/security/cve/CVE-2024-50199.html
  * https://www.suse.com/security/cve/CVE-2024-50210.html
  * https://www.suse.com/security/cve/CVE-2024-50275.html
  * https://www.suse.com/security/cve/CVE-2024-50299.html
  * https://www.suse.com/security/cve/CVE-2024-53095.html
  * https://www.suse.com/security/cve/CVE-2024-53103.html
  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://www.suse.com/security/cve/CVE-2024-53112.html
  * https://www.suse.com/security/cve/CVE-2024-53121.html
  * https://www.suse.com/security/cve/CVE-2024-53127.html
  * https://www.suse.com/security/cve/CVE-2024-53129.html
  * https://www.suse.com/security/cve/CVE-2024-53138.html
  * https://www.suse.com/security/cve/CVE-2024-53141.html
  * https://www.suse.com/security/cve/CVE-2024-53144.html
  * https://www.suse.com/security/cve/CVE-2024-53148.html
  * https://www.suse.com/security/cve/CVE-2024-53151.html
  * https://www.suse.com/security/cve/CVE-2024-53166.html
  * https://www.suse.com/security/cve/CVE-2024-53169.html
  * https://www.suse.com/security/cve/CVE-2024-53171.html
  * https://www.suse.com/security/cve/CVE-2024-53174.html
  * https://www.suse.com/security/cve/CVE-2024-53177.html
  * https://www.suse.com/security/cve/CVE-2024-53208.html
  * https://www.suse.com/security/cve/CVE-2024-53209.html
  * https://www.suse.com/security/cve/CVE-2024-53215.html
  * https://www.suse.com/security/cve/CVE-2024-53217.html
  * https://www.suse.com/security/cve/CVE-2024-53224.html
  * https://www.suse.com/security/cve/CVE-2024-53227.html
  * https://www.suse.com/security/cve/CVE-2024-53229.html
  * https://www.suse.com/security/cve/CVE-2024-53690.html
  * https://www.suse.com/security/cve/CVE-2024-54680.html
  * https://www.suse.com/security/cve/CVE-2024-55916.html
  * https://www.suse.com/security/cve/CVE-2024-56531.html
  * https://www.suse.com/security/cve/CVE-2024-56532.html
  * https://www.suse.com/security/cve/CVE-2024-56533.html
  * https://www.suse.com/security/cve/CVE-2024-56557.html
  * https://www.suse.com/security/cve/CVE-2024-56558.html
  * https://www.suse.com/security/cve/CVE-2024-56562.html
  * https://www.suse.com/security/cve/CVE-2024-56567.html
  * https://www.suse.com/security/cve/CVE-2024-56588.html
  * https://www.suse.com/security/cve/CVE-2024-56595.html
  * https://www.suse.com/security/cve/CVE-2024-56596.html
  * https://www.suse.com/security/cve/CVE-2024-56597.html
  * https://www.suse.com/security/cve/CVE-2024-56600.html
  * https://www.suse.com/security/cve/CVE-2024-56601.html
  * https://www.suse.com/security/cve/CVE-2024-56602.html
  * https://www.suse.com/security/cve/CVE-2024-56623.html
  * https://www.suse.com/security/cve/CVE-2024-56629.html
  * https://www.suse.com/security/cve/CVE-2024-56631.html
  * https://www.suse.com/security/cve/CVE-2024-56642.html
  * https://www.suse.com/security/cve/CVE-2024-56644.html
  * https://www.suse.com/security/cve/CVE-2024-56645.html
  * https://www.suse.com/security/cve/CVE-2024-56648.html
  * https://www.suse.com/security/cve/CVE-2024-56650.html
  * https://www.suse.com/security/cve/CVE-2024-56658.html
  * https://www.suse.com/security/cve/CVE-2024-56661.html
  * https://www.suse.com/security/cve/CVE-2024-56664.html
  * https://www.suse.com/security/cve/CVE-2024-56678.html
  * https://www.suse.com/security/cve/CVE-2024-56681.html
  * https://www.suse.com/security/cve/CVE-2024-56698.html
  * https://www.suse.com/security/cve/CVE-2024-56701.html
  * https://www.suse.com/security/cve/CVE-2024-56704.html
  * https://www.suse.com/security/cve/CVE-2024-56722.html
  * https://www.suse.com/security/cve/CVE-2024-56739.html
  * https://www.suse.com/security/cve/CVE-2024-56745.html
  * https://www.suse.com/security/cve/CVE-2024-56747.html
  * https://www.suse.com/security/cve/CVE-2024-56754.html
  * https://www.suse.com/security/cve/CVE-2024-56756.html
  * https://www.suse.com/security/cve/CVE-2024-56759.html
  * https://www.suse.com/security/cve/CVE-2024-56765.html
  * https://www.suse.com/security/cve/CVE-2024-56776.html
  * https://www.suse.com/security/cve/CVE-2024-56777.html
  * https://www.suse.com/security/cve/CVE-2024-56778.html
  * https://www.suse.com/security/cve/CVE-2024-57791.html
  * https://www.suse.com/security/cve/CVE-2024-57792.html
  * https://www.suse.com/security/cve/CVE-2024-57793.html
  * https://www.suse.com/security/cve/CVE-2024-57798.html
  * https://www.suse.com/security/cve/CVE-2024-57849.html
  * https://www.suse.com/security/cve/CVE-2024-57850.html
  * https://www.suse.com/security/cve/CVE-2024-57876.html
  * https://www.suse.com/security/cve/CVE-2024-57893.html
  * https://www.suse.com/security/cve/CVE-2024-57897.html
  * https://www.suse.com/security/cve/CVE-2024-8805.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1194869
  * https://bugzilla.suse.com/show_bug.cgi?id=1216813
  * https://bugzilla.suse.com/show_bug.cgi?id=1223384
  * https://bugzilla.suse.com/show_bug.cgi?id=1225736
  * https://bugzilla.suse.com/show_bug.cgi?id=1226848
  * https://bugzilla.suse.com/show_bug.cgi?id=1226980
  * https://bugzilla.suse.com/show_bug.cgi?id=1228537
  * https://bugzilla.suse.com/show_bug.cgi?id=1228592
  * https://bugzilla.suse.com/show_bug.cgi?id=1230341
  * https://bugzilla.suse.com/show_bug.cgi?id=1230432
  * https://bugzilla.suse.com/show_bug.cgi?id=1230527
  * https://bugzilla.suse.com/show_bug.cgi?id=1230697
  * https://bugzilla.suse.com/show_bug.cgi?id=1231088
  * https://bugzilla.suse.com/show_bug.cgi?id=1231847
  * https://bugzilla.suse.com/show_bug.cgi?id=1232914
  * https://bugzilla.suse.com/show_bug.cgi?id=1233028
  * https://bugzilla.suse.com/show_bug.cgi?id=1233055
  * https://bugzilla.suse.com/show_bug.cgi?id=1233097
  * https://bugzilla.suse.com/show_bug.cgi?id=1233103
  * https://bugzilla.suse.com/show_bug.cgi?id=1233112
  * https://bugzilla.suse.com/show_bug.cgi?id=1233464
  * https://bugzilla.suse.com/show_bug.cgi?id=1233488
  * https://bugzilla.suse.com/show_bug.cgi?id=1233642
  * https://bugzilla.suse.com/show_bug.cgi?id=1233778
  * https://bugzilla.suse.com/show_bug.cgi?id=1234024
  * https://bugzilla.suse.com/show_bug.cgi?id=1234025
  * https://bugzilla.suse.com/show_bug.cgi?id=1234078
  * https://bugzilla.suse.com/show_bug.cgi?id=1234087
  * https://bugzilla.suse.com/show_bug.cgi?id=1234153
  * https://bugzilla.suse.com/show_bug.cgi?id=1234155
  * https://bugzilla.suse.com/show_bug.cgi?id=1234223
  * https://bugzilla.suse.com/show_bug.cgi?id=1234381
  * https://bugzilla.suse.com/show_bug.cgi?id=1234683
  * https://bugzilla.suse.com/show_bug.cgi?id=1234690
  * https://bugzilla.suse.com/show_bug.cgi?id=1234825
  * https://bugzilla.suse.com/show_bug.cgi?id=1234829
  * https://bugzilla.suse.com/show_bug.cgi?id=1234832
  * https://bugzilla.suse.com/show_bug.cgi?id=1234884
  * https://bugzilla.suse.com/show_bug.cgi?id=1234889
  * https://bugzilla.suse.com/show_bug.cgi?id=1234896
  * https://bugzilla.suse.com/show_bug.cgi?id=1234899
  * https://bugzilla.suse.com/show_bug.cgi?id=1234900
  * https://bugzilla.suse.com/show_bug.cgi?id=1234905
  * https://bugzilla.suse.com/show_bug.cgi?id=1234909
  * https://bugzilla.suse.com/show_bug.cgi?id=1234916
  * https://bugzilla.suse.com/show_bug.cgi?id=1234918
  * https://bugzilla.suse.com/show_bug.cgi?id=1234922
  * https://bugzilla.suse.com/show_bug.cgi?id=1234930
  * https://bugzilla.suse.com/show_bug.cgi?id=1234931
  * https://bugzilla.suse.com/show_bug.cgi?id=1234934
  * https://bugzilla.suse.com/show_bug.cgi?id=1234962
  * https://bugzilla.suse.com/show_bug.cgi?id=1234999
  * https://bugzilla.suse.com/show_bug.cgi?id=1235002
  * https://bugzilla.suse.com/show_bug.cgi?id=1235009
  * https://bugzilla.suse.com/show_bug.cgi?id=1235011
  * https://bugzilla.suse.com/show_bug.cgi?id=1235053
  * https://bugzilla.suse.com/show_bug.cgi?id=1235057
  * https://bugzilla.suse.com/show_bug.cgi?id=1235059
  * https://bugzilla.suse.com/show_bug.cgi?id=1235100
  * https://bugzilla.suse.com/show_bug.cgi?id=1235122
  * https://bugzilla.suse.com/show_bug.cgi?id=1235123
  * https://bugzilla.suse.com/show_bug.cgi?id=1235133
  * https://bugzilla.suse.com/show_bug.cgi?id=1235134
  * https://bugzilla.suse.com/show_bug.cgi?id=1235217
  * https://bugzilla.suse.com/show_bug.cgi?id=1235222
  * https://bugzilla.suse.com/show_bug.cgi?id=1235230
  * https://bugzilla.suse.com/show_bug.cgi?id=1235249
  * https://bugzilla.suse.com/show_bug.cgi?id=1235410
  * https://bugzilla.suse.com/show_bug.cgi?id=1235430
  * https://bugzilla.suse.com/show_bug.cgi?id=1235433
  * https://bugzilla.suse.com/show_bug.cgi?id=1235441
  * https://bugzilla.suse.com/show_bug.cgi?id=1235451
  * https://bugzilla.suse.com/show_bug.cgi?id=1235458
  * https://bugzilla.suse.com/show_bug.cgi?id=1235466
  * https://bugzilla.suse.com/show_bug.cgi?id=1235473
  * https://bugzilla.suse.com/show_bug.cgi?id=1235480
  * https://bugzilla.suse.com/show_bug.cgi?id=1235491
  * https://bugzilla.suse.com/show_bug.cgi?id=1235495
  * https://bugzilla.suse.com/show_bug.cgi?id=1235496
  * https://bugzilla.suse.com/show_bug.cgi?id=1235521
  * https://bugzilla.suse.com/show_bug.cgi?id=1235557
  * https://bugzilla.suse.com/show_bug.cgi?id=1235563
  * https://bugzilla.suse.com/show_bug.cgi?id=1235570
  * https://bugzilla.suse.com/show_bug.cgi?id=1235584
  * https://bugzilla.suse.com/show_bug.cgi?id=1235611
  * https://bugzilla.suse.com/show_bug.cgi?id=1235635
  * https://bugzilla.suse.com/show_bug.cgi?id=1235641
  * https://bugzilla.suse.com/show_bug.cgi?id=1235643
  * https://bugzilla.suse.com/show_bug.cgi?id=1235645
  * https://bugzilla.suse.com/show_bug.cgi?id=1235647
  * https://bugzilla.suse.com/show_bug.cgi?id=1235723
  * https://bugzilla.suse.com/show_bug.cgi?id=1235739
  * https://bugzilla.suse.com/show_bug.cgi?id=1235747
  * https://bugzilla.suse.com/show_bug.cgi?id=1235759
  * https://bugzilla.suse.com/show_bug.cgi?id=1235764
  * https://bugzilla.suse.com/show_bug.cgi?id=1235768
  * https://bugzilla.suse.com/show_bug.cgi?id=1235806
  * https://bugzilla.suse.com/show_bug.cgi?id=1235812
  * https://bugzilla.suse.com/show_bug.cgi?id=1235814
  * https://bugzilla.suse.com/show_bug.cgi?id=1235818
  * https://bugzilla.suse.com/show_bug.cgi?id=1235842
  * https://bugzilla.suse.com/show_bug.cgi?id=1235920
  * https://bugzilla.suse.com/show_bug.cgi?id=1235969
  * https://bugzilla.suse.com/show_bug.cgi?id=1236628

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250218/b6a14a59/attachment.htm>

From null at suse.de  Tue Feb 18 16:32:09 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Tue, 18 Feb 2025 16:32:09 -0000
Subject: SUSE-SU-2025:0576-1: important: Security update for the Linux Kernel
Message-ID: <173989632947.21560.18329298628216033385@smelt2.prg2.suse.org>



# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2025:0576-1  
Release Date: 2025-02-18T12:50:33Z  
Rating: important  
References:

  * bsc#1230697
  * bsc#1231847
  * bsc#1233112
  * bsc#1233642
  * bsc#1234025
  * bsc#1234690
  * bsc#1234884
  * bsc#1234896
  * bsc#1234931
  * bsc#1235134
  * bsc#1235217
  * bsc#1235230
  * bsc#1235249
  * bsc#1235430
  * bsc#1235433
  * bsc#1235441
  * bsc#1235451
  * bsc#1235466
  * bsc#1235480
  * bsc#1235521
  * bsc#1235584
  * bsc#1235645
  * bsc#1235723
  * bsc#1235759
  * bsc#1235764
  * bsc#1235814
  * bsc#1235818
  * bsc#1235920
  * bsc#1235969
  * bsc#1236628

  
Cross-References:

  * CVE-2024-50199
  * CVE-2024-53095
  * CVE-2024-53104
  * CVE-2024-53144
  * CVE-2024-53166
  * CVE-2024-53177
  * CVE-2024-54680
  * CVE-2024-56600
  * CVE-2024-56601
  * CVE-2024-56602
  * CVE-2024-56623
  * CVE-2024-56631
  * CVE-2024-56642
  * CVE-2024-56645
  * CVE-2024-56648
  * CVE-2024-56650
  * CVE-2024-56658
  * CVE-2024-56661
  * CVE-2024-56664
  * CVE-2024-56704
  * CVE-2024-56759
  * CVE-2024-57791
  * CVE-2024-57792
  * CVE-2024-57798
  * CVE-2024-57849
  * CVE-2024-57893
  * CVE-2024-57897
  * CVE-2024-8805

  
CVSS scores:

  * CVE-2024-50199 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53095 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53095 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53144 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53166 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53166 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53166 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53166 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53177 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53177 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53177 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-54680 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-54680 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54680 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54680 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56600 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56601 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56602 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56602 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56602 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56602 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56623 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56623 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56623 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56631 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56631 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56631 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56631 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56642 ( SUSE ):  7.5
    CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56642 ( SUSE ):  7.1 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56642 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56642 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56645 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56645 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56648 ( SUSE ):  8.6
    CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56648 ( SUSE ):  8.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56648 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56650 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56650 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56650 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-56658 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56658 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56658 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56661 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56661 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56661 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56664 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56664 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56664 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56704 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56704 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56704 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56759 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57791 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57791 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57792 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57792 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57798 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57798 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57798 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57849 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57849 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57893 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57893 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57897 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57897 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-8805 ( SUSE ):  8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-8805 ( NVD ):  8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-8805 ( NVD ):  8.8 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise High Availability Extension 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise Live Patching 15-SP4
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Real Time 15 SP4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves 28 vulnerabilities and has two security fixes can now be
installed.

## Description:

The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security
bugfixes.

The following security bugs were fixed:

  * CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unuse_vma (bsc#1233112).
  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1234025).
  * CVE-2024-53166: block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234884).
  * CVE-2024-53177: smb: prevent use-after-free due to open_cached_dir error
    paths (bsc#1234896).
  * CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in
    inet6_create() (bsc#1235217).
  * CVE-2024-56601: net: inet: do not leave a dangling sk pointer in
    inet_create() (bsc#1235230).
  * CVE-2024-56602: net: ieee802154: do not leave a dangling sk pointer in
    ieee802154_create() (bsc#1235521).
  * CVE-2024-56623: scsi: qla2xxx: Fix use after free on unload (bsc#1235466).
  * CVE-2024-56631: scsi: sg: Fix slab-use-after-free read in sg_release()
    (bsc#1235480).
  * CVE-2024-56642: tipc: Fix use-after-free of kernel socket in
    cleanup_bearer() (bsc#1235433).
  * CVE-2024-56645: can: j1939: j1939_session_new(): fix skb reference counting
    (bsc#1235134).
  * CVE-2024-56648: net: hsr: avoid potential out-of-bound access in
    fill_frame_info() (bsc#1235451).
  * CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check()
    (bsc#1235430).
  * CVE-2024-56658: net: defer final 'struct net' free in netns dismantle
    (bsc#1235441).
  * CVE-2024-56664: bpf, sockmap: Fix race between element replace and close()
    (bsc#1235249).
  * CVE-2024-56704: 9p/xen: fix release of IRQ (bsc#1235584).
  * CVE-2024-56759: btrfs: fix use-after-free when COWing tree bock and tracing
    is enabled (bsc#1235645).
  * CVE-2024-57791: net/smc: check return value of sock_recvmsg when draining
    clc data (bsc#1235759).
  * CVE-2024-57792: power: supply: gpio-charger: Fix set charge current limits
    (bsc#1235764).
  * CVE-2024-57798: drm/dp_mst: Ensure mst_primary pointer is valid in
    drm_dp_mst_handle_up_req() (bsc#1235818).
  * CVE-2024-57849: s390/cpum_sf: Handle CPU hotplug remove during sampling
    (bsc#1235814).
  * CVE-2024-57893: ALSA: seq: oss: Fix races at processing SysEx messages
    (bsc#1235920).
  * CVE-2024-57897: drm/amdkfd: Correct the migration DMA map direction
    (bsc#1235969).

The following non-security bugs were fixed:

  * NFS: Adjust the amount of readahead performed by NFS readdir (bsc#1231847).
  * NFS: Do not flush the readdir cache in nfs_dentry_iput() (bsc#1231847).
  * NFS: Improve heuristic for readdirplus (bsc#1231847).
  * NFS: Trigger the "ls -l" readdir heuristic sooner (bsc#1231847).
  * tipc: fix NULL deref in cleanup_bearer() (bsc#1235433).
  * x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0
    (git-fixes).

## Special Instructions and Notes:

  * Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-576=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-576=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-576=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-576=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-576=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-576=1

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-576=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-576=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-576=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-576=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-576=1

  * SUSE Linux Enterprise Live Patching 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-576=1  
Please note that this is the initial kernel livepatch without fixes itself, this
package is later updated by separate standalone kernel livepatch updates.

  * SUSE Linux Enterprise High Availability Extension 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2025-576=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-576=1

## Package List:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc)
    * kernel-64kb-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64)
    * kernel-64kb-devel-5.14.21-150400.24.150.1
    * kernel-64kb-debuginfo-5.14.21-150400.24.150.1
    * kernel-64kb-debugsource-5.14.21-150400.24.150.1
    * kernel-64kb-devel-debuginfo-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc
    x86_64)
    * kernel-default-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-debugsource-5.14.21-150400.24.150.1
    * reiserfs-kmp-default-5.14.21-150400.24.150.1
    * kernel-obs-build-5.14.21-150400.24.150.1
    * kernel-obs-build-debugsource-5.14.21-150400.24.150.1
    * kernel-default-devel-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-base-5.14.21-150400.24.150.1.150400.24.74.1
    * kernel-default-devel-5.14.21-150400.24.150.1
    * kernel-syms-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * kernel-source-5.14.21-150400.24.150.1
    * kernel-devel-5.14.21-150400.24.150.1
    * kernel-macros-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch nosrc)
    * kernel-docs-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 nosrc)
    * kernel-64kb-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64)
    * kernel-64kb-devel-5.14.21-150400.24.150.1
    * kernel-64kb-debuginfo-5.14.21-150400.24.150.1
    * kernel-64kb-debugsource-5.14.21-150400.24.150.1
    * kernel-64kb-devel-debuginfo-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64
    nosrc)
    * kernel-default-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le x86_64)
    * kernel-default-base-5.14.21-150400.24.150.1.150400.24.74.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-debugsource-5.14.21-150400.24.150.1
    * reiserfs-kmp-default-5.14.21-150400.24.150.1
    * kernel-obs-build-5.14.21-150400.24.150.1
    * kernel-obs-build-debugsource-5.14.21-150400.24.150.1
    * kernel-default-devel-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-devel-5.14.21-150400.24.150.1
    * kernel-syms-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * kernel-source-5.14.21-150400.24.150.1
    * kernel-devel-5.14.21-150400.24.150.1
    * kernel-macros-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch nosrc)
    * kernel-docs-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (nosrc s390x)
    * kernel-zfcpdump-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (s390x)
    * kernel-zfcpdump-debugsource-5.14.21-150400.24.150.1
    * kernel-zfcpdump-debuginfo-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (nosrc ppc64le
    x86_64)
    * kernel-default-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-debugsource-5.14.21-150400.24.150.1
    * reiserfs-kmp-default-5.14.21-150400.24.150.1
    * kernel-obs-build-5.14.21-150400.24.150.1
    * kernel-obs-build-debugsource-5.14.21-150400.24.150.1
    * kernel-default-devel-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-base-5.14.21-150400.24.150.1.150400.24.74.1
    * kernel-default-devel-5.14.21-150400.24.150.1
    * kernel-syms-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * kernel-source-5.14.21-150400.24.150.1
    * kernel-devel-5.14.21-150400.24.150.1
    * kernel-macros-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch nosrc)
    * kernel-docs-5.14.21-150400.24.150.1
  * SUSE Manager Proxy 4.3 (nosrc x86_64)
    * kernel-default-5.14.21-150400.24.150.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * kernel-default-debugsource-5.14.21-150400.24.150.1
    * kernel-default-devel-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-base-5.14.21-150400.24.150.1.150400.24.74.1
    * kernel-default-devel-5.14.21-150400.24.150.1
    * kernel-syms-5.14.21-150400.24.150.1
  * SUSE Manager Proxy 4.3 (noarch)
    * kernel-source-5.14.21-150400.24.150.1
    * kernel-devel-5.14.21-150400.24.150.1
    * kernel-macros-5.14.21-150400.24.150.1
  * SUSE Manager Retail Branch Server 4.3 (nosrc x86_64)
    * kernel-default-5.14.21-150400.24.150.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * kernel-default-debugsource-5.14.21-150400.24.150.1
    * kernel-default-devel-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-base-5.14.21-150400.24.150.1.150400.24.74.1
    * kernel-default-devel-5.14.21-150400.24.150.1
  * SUSE Manager Retail Branch Server 4.3 (noarch)
    * kernel-devel-5.14.21-150400.24.150.1
    * kernel-macros-5.14.21-150400.24.150.1
  * SUSE Manager Server 4.3 (nosrc ppc64le s390x x86_64)
    * kernel-default-5.14.21-150400.24.150.1
  * SUSE Manager Server 4.3 (ppc64le x86_64)
    * kernel-default-base-5.14.21-150400.24.150.1.150400.24.74.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * kernel-default-debugsource-5.14.21-150400.24.150.1
    * kernel-default-devel-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-devel-5.14.21-150400.24.150.1
    * kernel-syms-5.14.21-150400.24.150.1
  * SUSE Manager Server 4.3 (noarch)
    * kernel-source-5.14.21-150400.24.150.1
    * kernel-devel-5.14.21-150400.24.150.1
    * kernel-macros-5.14.21-150400.24.150.1
  * SUSE Manager Server 4.3 (nosrc s390x)
    * kernel-zfcpdump-5.14.21-150400.24.150.1
  * SUSE Manager Server 4.3 (s390x)
    * kernel-zfcpdump-debugsource-5.14.21-150400.24.150.1
    * kernel-zfcpdump-debuginfo-5.14.21-150400.24.150.1
  * openSUSE Leap 15.4 (noarch nosrc)
    * kernel-docs-5.14.21-150400.24.150.1
  * openSUSE Leap 15.4 (noarch)
    * kernel-source-vanilla-5.14.21-150400.24.150.1
    * kernel-source-5.14.21-150400.24.150.1
    * kernel-macros-5.14.21-150400.24.150.1
    * kernel-devel-5.14.21-150400.24.150.1
    * kernel-docs-html-5.14.21-150400.24.150.1
  * openSUSE Leap 15.4 (nosrc ppc64le x86_64)
    * kernel-debug-5.14.21-150400.24.150.1
  * openSUSE Leap 15.4 (ppc64le x86_64)
    * kernel-debug-debugsource-5.14.21-150400.24.150.1
    * kernel-debug-devel-debuginfo-5.14.21-150400.24.150.1
    * kernel-debug-debuginfo-5.14.21-150400.24.150.1
    * kernel-debug-devel-5.14.21-150400.24.150.1
  * openSUSE Leap 15.4 (aarch64 ppc64le x86_64)
    * kernel-kvmsmall-debuginfo-5.14.21-150400.24.150.1
    * kernel-kvmsmall-devel-5.14.21-150400.24.150.1
    * kernel-kvmsmall-devel-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-base-5.14.21-150400.24.150.1.150400.24.74.1
    * kernel-kvmsmall-debugsource-5.14.21-150400.24.150.1
    * kernel-default-base-rebuild-5.14.21-150400.24.150.1.150400.24.74.1
  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
    * kernel-default-extra-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-debugsource-5.14.21-150400.24.150.1
    * reiserfs-kmp-default-5.14.21-150400.24.150.1
    * kernel-default-livepatch-5.14.21-150400.24.150.1
    * dlm-kmp-default-debuginfo-5.14.21-150400.24.150.1
    * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.150.1
    * kselftests-kmp-default-debuginfo-5.14.21-150400.24.150.1
    * cluster-md-kmp-default-debuginfo-5.14.21-150400.24.150.1
    * kselftests-kmp-default-5.14.21-150400.24.150.1
    * kernel-default-optional-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-debuginfo-5.14.21-150400.24.150.1
    * kernel-syms-5.14.21-150400.24.150.1
    * gfs2-kmp-default-5.14.21-150400.24.150.1
    * ocfs2-kmp-default-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-devel-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-extra-5.14.21-150400.24.150.1
    * gfs2-kmp-default-debuginfo-5.14.21-150400.24.150.1
    * kernel-obs-qa-5.14.21-150400.24.150.1
    * kernel-obs-build-5.14.21-150400.24.150.1
    * cluster-md-kmp-default-5.14.21-150400.24.150.1
    * kernel-obs-build-debugsource-5.14.21-150400.24.150.1
    * dlm-kmp-default-5.14.21-150400.24.150.1
    * ocfs2-kmp-default-5.14.21-150400.24.150.1
    * kernel-default-devel-5.14.21-150400.24.150.1
    * kernel-default-optional-5.14.21-150400.24.150.1
  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 nosrc)
    * kernel-default-5.14.21-150400.24.150.1
  * openSUSE Leap 15.4 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP4_Update_36-debugsource-1-150400.9.3.1
    * kernel-livepatch-5_14_21-150400_24_150-default-debuginfo-1-150400.9.3.1
    * kernel-default-livepatch-devel-5.14.21-150400.24.150.1
    * kernel-livepatch-5_14_21-150400_24_150-default-1-150400.9.3.1
  * openSUSE Leap 15.4 (aarch64 nosrc ppc64le x86_64)
    * kernel-kvmsmall-5.14.21-150400.24.150.1
  * openSUSE Leap 15.4 (nosrc s390x)
    * kernel-zfcpdump-5.14.21-150400.24.150.1
  * openSUSE Leap 15.4 (s390x)
    * kernel-zfcpdump-debugsource-5.14.21-150400.24.150.1
    * kernel-zfcpdump-debuginfo-5.14.21-150400.24.150.1
  * openSUSE Leap 15.4 (nosrc)
    * dtb-aarch64-5.14.21-150400.24.150.1
  * openSUSE Leap 15.4 (aarch64)
    * gfs2-kmp-64kb-debuginfo-5.14.21-150400.24.150.1
    * dtb-altera-5.14.21-150400.24.150.1
    * dtb-nvidia-5.14.21-150400.24.150.1
    * dtb-rockchip-5.14.21-150400.24.150.1
    * kernel-64kb-devel-5.14.21-150400.24.150.1
    * dtb-cavium-5.14.21-150400.24.150.1
    * reiserfs-kmp-64kb-debuginfo-5.14.21-150400.24.150.1
    * gfs2-kmp-64kb-5.14.21-150400.24.150.1
    * dtb-apple-5.14.21-150400.24.150.1
    * ocfs2-kmp-64kb-5.14.21-150400.24.150.1
    * kselftests-kmp-64kb-5.14.21-150400.24.150.1
    * kernel-64kb-devel-debuginfo-5.14.21-150400.24.150.1
    * dtb-amd-5.14.21-150400.24.150.1
    * dtb-apm-5.14.21-150400.24.150.1
    * dtb-allwinner-5.14.21-150400.24.150.1
    * dtb-amlogic-5.14.21-150400.24.150.1
    * reiserfs-kmp-64kb-5.14.21-150400.24.150.1
    * dtb-qcom-5.14.21-150400.24.150.1
    * dtb-exynos-5.14.21-150400.24.150.1
    * dtb-freescale-5.14.21-150400.24.150.1
    * kernel-64kb-optional-debuginfo-5.14.21-150400.24.150.1
    * dtb-socionext-5.14.21-150400.24.150.1
    * dtb-marvell-5.14.21-150400.24.150.1
    * dtb-xilinx-5.14.21-150400.24.150.1
    * dtb-mediatek-5.14.21-150400.24.150.1
    * dtb-sprd-5.14.21-150400.24.150.1
    * dtb-hisilicon-5.14.21-150400.24.150.1
    * kernel-64kb-debugsource-5.14.21-150400.24.150.1
    * ocfs2-kmp-64kb-debuginfo-5.14.21-150400.24.150.1
    * dtb-renesas-5.14.21-150400.24.150.1
    * dlm-kmp-64kb-debuginfo-5.14.21-150400.24.150.1
    * kselftests-kmp-64kb-debuginfo-5.14.21-150400.24.150.1
    * dtb-amazon-5.14.21-150400.24.150.1
    * dtb-broadcom-5.14.21-150400.24.150.1
    * cluster-md-kmp-64kb-5.14.21-150400.24.150.1
    * cluster-md-kmp-64kb-debuginfo-5.14.21-150400.24.150.1
    * kernel-64kb-debuginfo-5.14.21-150400.24.150.1
    * kernel-64kb-optional-5.14.21-150400.24.150.1
    * dtb-arm-5.14.21-150400.24.150.1
    * dtb-lg-5.14.21-150400.24.150.1
    * kernel-64kb-extra-debuginfo-5.14.21-150400.24.150.1
    * dlm-kmp-64kb-5.14.21-150400.24.150.1
    * kernel-64kb-extra-5.14.21-150400.24.150.1
  * openSUSE Leap 15.4 (aarch64 nosrc)
    * kernel-64kb-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 nosrc s390x x86_64)
    * kernel-default-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 x86_64)
    * kernel-default-base-5.14.21-150400.24.150.1.150400.24.74.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * kernel-default-debugsource-5.14.21-150400.24.150.1
    * kernel-default-debuginfo-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 nosrc s390x x86_64)
    * kernel-default-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 x86_64)
    * kernel-default-base-5.14.21-150400.24.150.1.150400.24.74.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * kernel-default-debugsource-5.14.21-150400.24.150.1
    * kernel-default-debuginfo-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 nosrc s390x x86_64)
    * kernel-default-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64)
    * kernel-default-base-5.14.21-150400.24.150.1.150400.24.74.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * kernel-default-debugsource-5.14.21-150400.24.150.1
    * kernel-default-debuginfo-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 nosrc s390x x86_64)
    * kernel-default-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64)
    * kernel-default-base-5.14.21-150400.24.150.1.150400.24.74.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * kernel-default-debugsource-5.14.21-150400.24.150.1
    * kernel-default-debuginfo-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Live Patching 15-SP4 (nosrc)
    * kernel-default-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
    * kernel-default-debugsource-5.14.21-150400.24.150.1
    * kernel-livepatch-SLE15-SP4_Update_36-debugsource-1-150400.9.3.1
    * kernel-livepatch-5_14_21-150400_24_150-default-1-150400.9.3.1
    * kernel-default-livepatch-5.14.21-150400.24.150.1
    * kernel-default-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-livepatch-devel-5.14.21-150400.24.150.1
    * kernel-livepatch-5_14_21-150400_24_150-default-debuginfo-1-150400.9.3.1
  * SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le
    s390x x86_64)
    * gfs2-kmp-default-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-debugsource-5.14.21-150400.24.150.1
    * gfs2-kmp-default-5.14.21-150400.24.150.1
    * cluster-md-kmp-default-5.14.21-150400.24.150.1
    * ocfs2-kmp-default-debuginfo-5.14.21-150400.24.150.1
    * cluster-md-kmp-default-debuginfo-5.14.21-150400.24.150.1
    * dlm-kmp-default-5.14.21-150400.24.150.1
    * dlm-kmp-default-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-debuginfo-5.14.21-150400.24.150.1
    * ocfs2-kmp-default-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise High Availability Extension 15 SP4 (nosrc)
    * kernel-default-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    nosrc)
    * kernel-64kb-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64)
    * kernel-64kb-devel-5.14.21-150400.24.150.1
    * kernel-64kb-debuginfo-5.14.21-150400.24.150.1
    * kernel-64kb-debugsource-5.14.21-150400.24.150.1
    * kernel-64kb-devel-debuginfo-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 nosrc
    x86_64)
    * kernel-default-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-debugsource-5.14.21-150400.24.150.1
    * reiserfs-kmp-default-5.14.21-150400.24.150.1
    * kernel-obs-build-5.14.21-150400.24.150.1
    * kernel-obs-build-debugsource-5.14.21-150400.24.150.1
    * kernel-default-devel-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-base-5.14.21-150400.24.150.1.150400.24.74.1
    * kernel-default-devel-5.14.21-150400.24.150.1
    * kernel-syms-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * kernel-source-5.14.21-150400.24.150.1
    * kernel-devel-5.14.21-150400.24.150.1
    * kernel-macros-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch nosrc)
    * kernel-docs-5.14.21-150400.24.150.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-50199.html
  * https://www.suse.com/security/cve/CVE-2024-53095.html
  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://www.suse.com/security/cve/CVE-2024-53144.html
  * https://www.suse.com/security/cve/CVE-2024-53166.html
  * https://www.suse.com/security/cve/CVE-2024-53177.html
  * https://www.suse.com/security/cve/CVE-2024-54680.html
  * https://www.suse.com/security/cve/CVE-2024-56600.html
  * https://www.suse.com/security/cve/CVE-2024-56601.html
  * https://www.suse.com/security/cve/CVE-2024-56602.html
  * https://www.suse.com/security/cve/CVE-2024-56623.html
  * https://www.suse.com/security/cve/CVE-2024-56631.html
  * https://www.suse.com/security/cve/CVE-2024-56642.html
  * https://www.suse.com/security/cve/CVE-2024-56645.html
  * https://www.suse.com/security/cve/CVE-2024-56648.html
  * https://www.suse.com/security/cve/CVE-2024-56650.html
  * https://www.suse.com/security/cve/CVE-2024-56658.html
  * https://www.suse.com/security/cve/CVE-2024-56661.html
  * https://www.suse.com/security/cve/CVE-2024-56664.html
  * https://www.suse.com/security/cve/CVE-2024-56704.html
  * https://www.suse.com/security/cve/CVE-2024-56759.html
  * https://www.suse.com/security/cve/CVE-2024-57791.html
  * https://www.suse.com/security/cve/CVE-2024-57792.html
  * https://www.suse.com/security/cve/CVE-2024-57798.html
  * https://www.suse.com/security/cve/CVE-2024-57849.html
  * https://www.suse.com/security/cve/CVE-2024-57893.html
  * https://www.suse.com/security/cve/CVE-2024-57897.html
  * https://www.suse.com/security/cve/CVE-2024-8805.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1230697
  * https://bugzilla.suse.com/show_bug.cgi?id=1231847
  * https://bugzilla.suse.com/show_bug.cgi?id=1233112
  * https://bugzilla.suse.com/show_bug.cgi?id=1233642
  * https://bugzilla.suse.com/show_bug.cgi?id=1234025
  * https://bugzilla.suse.com/show_bug.cgi?id=1234690
  * https://bugzilla.suse.com/show_bug.cgi?id=1234884
  * https://bugzilla.suse.com/show_bug.cgi?id=1234896
  * https://bugzilla.suse.com/show_bug.cgi?id=1234931
  * https://bugzilla.suse.com/show_bug.cgi?id=1235134
  * https://bugzilla.suse.com/show_bug.cgi?id=1235217
  * https://bugzilla.suse.com/show_bug.cgi?id=1235230
  * https://bugzilla.suse.com/show_bug.cgi?id=1235249
  * https://bugzilla.suse.com/show_bug.cgi?id=1235430
  * https://bugzilla.suse.com/show_bug.cgi?id=1235433
  * https://bugzilla.suse.com/show_bug.cgi?id=1235441
  * https://bugzilla.suse.com/show_bug.cgi?id=1235451
  * https://bugzilla.suse.com/show_bug.cgi?id=1235466
  * https://bugzilla.suse.com/show_bug.cgi?id=1235480
  * https://bugzilla.suse.com/show_bug.cgi?id=1235521
  * https://bugzilla.suse.com/show_bug.cgi?id=1235584
  * https://bugzilla.suse.com/show_bug.cgi?id=1235645
  * https://bugzilla.suse.com/show_bug.cgi?id=1235723
  * https://bugzilla.suse.com/show_bug.cgi?id=1235759
  * https://bugzilla.suse.com/show_bug.cgi?id=1235764
  * https://bugzilla.suse.com/show_bug.cgi?id=1235814
  * https://bugzilla.suse.com/show_bug.cgi?id=1235818
  * https://bugzilla.suse.com/show_bug.cgi?id=1235920
  * https://bugzilla.suse.com/show_bug.cgi?id=1235969
  * https://bugzilla.suse.com/show_bug.cgi?id=1236628

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250218/2e544d96/attachment.htm>

From null at suse.de  Tue Feb 18 20:30:04 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Tue, 18 Feb 2025 20:30:04 -0000
Subject: SUSE-SU-2025:0585-1: moderate: Security update for openssh
Message-ID: <173991060492.3353.6333534468747038544@smelt2.prg2.suse.org>



# Security update for openssh

Announcement ID: SUSE-SU-2025:0585-1  
Release Date: 2025-02-18T16:42:30Z  
Rating: moderate  
References:

  * bsc#1237040
  * bsc#1237041

  
Cross-References:

  * CVE-2025-26465
  * CVE-2025-26466

  
CVSS scores:

  * CVE-2025-26465 ( SUSE ):  6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
  * CVE-2025-26466 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-26466 ( SUSE ):  5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * Desktop Applications Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for openssh fixes the following issues:

  * CVE-2025-26465: Fixed MitM attack against OpenSSH's VerifyHostKeyDNS-enabled
    client (bsc#1237040).
  * CVE-2025-26466: Fixed DoS attack against OpenSSH's client and server
    (bsc#1237041).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-585=1 openSUSE-SLE-15.6-2025-585=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-585=1

  * Desktop Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-585=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * openssh-debugsource-9.6p1-150600.6.15.2
    * openssh-debuginfo-9.6p1-150600.6.15.2
    * openssh-askpass-gnome-debuginfo-9.6p1-150600.6.15.1
    * openssh-common-9.6p1-150600.6.15.2
    * openssh-9.6p1-150600.6.15.2
    * openssh-cavs-9.6p1-150600.6.15.2
    * openssh-clients-9.6p1-150600.6.15.2
    * openssh-common-debuginfo-9.6p1-150600.6.15.2
    * openssh-fips-9.6p1-150600.6.15.2
    * openssh-askpass-gnome-9.6p1-150600.6.15.1
    * openssh-helpers-debuginfo-9.6p1-150600.6.15.2
    * openssh-server-config-disallow-rootlogin-9.6p1-150600.6.15.2
    * openssh-server-9.6p1-150600.6.15.2
    * openssh-helpers-9.6p1-150600.6.15.2
    * openssh-server-debuginfo-9.6p1-150600.6.15.2
    * openssh-cavs-debuginfo-9.6p1-150600.6.15.2
    * openssh-clients-debuginfo-9.6p1-150600.6.15.2
    * openssh-askpass-gnome-debugsource-9.6p1-150600.6.15.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * openssh-debugsource-9.6p1-150600.6.15.2
    * openssh-debuginfo-9.6p1-150600.6.15.2
    * openssh-common-9.6p1-150600.6.15.2
    * openssh-9.6p1-150600.6.15.2
    * openssh-server-debuginfo-9.6p1-150600.6.15.2
    * openssh-clients-9.6p1-150600.6.15.2
    * openssh-common-debuginfo-9.6p1-150600.6.15.2
    * openssh-fips-9.6p1-150600.6.15.2
    * openssh-helpers-debuginfo-9.6p1-150600.6.15.2
    * openssh-server-config-disallow-rootlogin-9.6p1-150600.6.15.2
    * openssh-server-9.6p1-150600.6.15.2
    * openssh-helpers-9.6p1-150600.6.15.2
    * openssh-clients-debuginfo-9.6p1-150600.6.15.2
  * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * openssh-askpass-gnome-debuginfo-9.6p1-150600.6.15.1
    * openssh-askpass-gnome-9.6p1-150600.6.15.1
    * openssh-askpass-gnome-debugsource-9.6p1-150600.6.15.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-26465.html
  * https://www.suse.com/security/cve/CVE-2025-26466.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237040
  * https://bugzilla.suse.com/show_bug.cgi?id=1237041

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250218/d120e98a/attachment.htm>

From null at suse.de  Wed Feb 19 08:30:21 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Wed, 19 Feb 2025 08:30:21 -0000
Subject: SUSE-SU-2025:0588-1: important: Security update for grub2
Message-ID: <173995382197.19016.6027258660453230968@smelt2.prg2.suse.org>



# Security update for grub2

Announcement ID: SUSE-SU-2025:0588-1  
Release Date: 2025-02-19T07:30:54Z  
Rating: important  
References:

  * bsc#1233606
  * bsc#1233608
  * bsc#1233609
  * bsc#1233610
  * bsc#1233612
  * bsc#1233613
  * bsc#1233614
  * bsc#1233615
  * bsc#1233616
  * bsc#1233617
  * bsc#1234958
  * bsc#1236316
  * bsc#1236317
  * bsc#1237002
  * bsc#1237006
  * bsc#1237008
  * bsc#1237009
  * bsc#1237010
  * bsc#1237011
  * bsc#1237012
  * bsc#1237013
  * bsc#1237014

  
Cross-References:

  * CVE-2024-45774
  * CVE-2024-45775
  * CVE-2024-45776
  * CVE-2024-45777
  * CVE-2024-45778
  * CVE-2024-45779
  * CVE-2024-45780
  * CVE-2024-45781
  * CVE-2024-45782
  * CVE-2024-45783
  * CVE-2024-56737
  * CVE-2025-0622
  * CVE-2025-0624
  * CVE-2025-0677
  * CVE-2025-0678
  * CVE-2025-0684
  * CVE-2025-0685
  * CVE-2025-0686
  * CVE-2025-0689
  * CVE-2025-0690
  * CVE-2025-1118
  * CVE-2025-1125

  
CVSS scores:

  * CVE-2024-45774 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45774 ( NVD ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45775 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45775 ( NVD ):  5.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H
  * CVE-2024-45776 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45776 ( NVD ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45777 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45778 ( SUSE ):  3.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L
  * CVE-2024-45779 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45780 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45781 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45781 ( NVD ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45782 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45783 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45783 ( NVD ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56737 ( SUSE ):  8.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56737 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-56737 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-0622 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0622 ( NVD ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0624 ( SUSE ):  7.6 CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
  * CVE-2025-0677 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0677 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0678 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0678 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0684 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0685 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0685 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0686 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0686 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0689 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0689 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0690 ( SUSE ):  7.3
    CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0690 ( SUSE ):  6.1 CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1118 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-1118 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
  * CVE-2025-1125 ( SUSE ):  8.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-1125 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Manager Proxy 4.3
  * SUSE Manager Proxy 4.3 Module
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3
  * SUSE Manager Server 4.3 Module

  
  
An update that solves 22 vulnerabilities can now be installed.

## Description:

This update for grub2 fixes the following issues:

  * CVE-2024-45781: Fixed strcpy overflow in ufs. (bsc#1233617)
  * CVE-2024-56737: Fixed a heap-based buffer overflow in hfs. (bsc#1234958)
  * CVE-2024-45782: Fixed strcpy overflow in hfs. (bsc#1233615)
  * CVE-2024-45780: Fixed an overflow in tar/cpio. (bsc#1233614)
  * CVE-2024-45783: Fixed a refcount overflow in hfsplus. (bsc#1233616)
  * CVE-2024-45774: Fixed a heap overflow in JPEG parser. (bsc#1233609)
  * CVE-2024-45775: Fixed a missing NULL check in extcmd parser. (bsc#1233610)
  * CVE-2024-45776: Fixed an overflow in .MO file handling. (bsc#1233612)
  * CVE-2024-45777: Fixed an integer overflow in gettext. (bsc#1233613)
  * CVE-2024-45778: Fixed bfs filesystem by removing it from lockdown capable
    modules. (bsc#1233606)
  * CVE-2024-45779: Fixed a heap overflow in bfs. (bsc#1233608)
  * CVE-2025-0624: Fixed an out-of-bounds write during the network boot process.
    (bsc#1236316)
  * CVE-2025-0622: Fixed a use-after-free when handling hooks during module
    unload in command/gpg . (bsc#1236317)
  * CVE-2025-0690: Fixed an integer overflow that may lead to an out-of-bounds
    write through the read command. (bsc#1237012)
  * CVE-2025-1118: Fixed an issue where the dump command was not being blocked
    when grub was in lockdown mode. (bsc#1237013)
  * CVE-2025-0677: Fixed an integer overflow that may lead to an out-of-bounds
    write when handling symlinks in ufs. (bsc#1237002)
  * CVE-2025-0684: Fixed an integer overflow that may lead to an out-of-bounds
    write when handling symlinks in reiserfs. (bsc#1237008)
  * CVE-2025-0685: Fixed an integer overflow that may lead to an out-of-bounds
    write when handling symlinks in jfs. (bsc#1237009)
  * CVE-2025-0686: Fixed an integer overflow that may lead to an out-of-bounds
    write when handling symlinks in romfs. (bsc#1237010)
  * CVE-2025-0689: Fixed a heap-based buffer overflow in udf that may lead to
    arbitrary code execution. (bsc#1237011)
  * CVE-2025-1125: Fixed an integer overflow that may lead to an out-of-bounds
    write in hfs. (bsc#1237014)
  * CVE-2025-0678: Fixed an integer overflow that may lead to an out-of-bounds
    write in squash4. (bsc#1237006)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-588=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-588=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-588=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-588=1

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-588=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-588=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-588=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-588=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-588=1

  * SUSE Manager Proxy 4.3 Module  
    zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.3-2025-588=1

  * SUSE Manager Server 4.3 Module  
    zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2025-588=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-588=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-588=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-588=1

## Package List:

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * grub2-debuginfo-2.06-150400.11.55.2
    * grub2-2.06-150400.11.55.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * grub2-x86_64-efi-2.06-150400.11.55.2
    * grub2-systemd-sleep-plugin-2.06-150400.11.55.2
    * grub2-powerpc-ieee1275-2.06-150400.11.55.2
    * grub2-x86_64-xen-2.06-150400.11.55.2
    * grub2-i386-pc-2.06-150400.11.55.2
    * grub2-snapper-plugin-2.06-150400.11.55.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
    * grub2-debugsource-2.06-150400.11.55.2
  * SUSE Manager Proxy 4.3 (x86_64)
    * grub2-debuginfo-2.06-150400.11.55.2
    * grub2-debugsource-2.06-150400.11.55.2
    * grub2-2.06-150400.11.55.2
  * SUSE Manager Proxy 4.3 (noarch)
    * grub2-x86_64-efi-2.06-150400.11.55.2
    * grub2-systemd-sleep-plugin-2.06-150400.11.55.2
    * grub2-x86_64-xen-2.06-150400.11.55.2
    * grub2-i386-pc-2.06-150400.11.55.2
    * grub2-snapper-plugin-2.06-150400.11.55.2
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * grub2-debuginfo-2.06-150400.11.55.2
    * grub2-debugsource-2.06-150400.11.55.2
    * grub2-2.06-150400.11.55.2
  * SUSE Manager Retail Branch Server 4.3 (noarch)
    * grub2-x86_64-efi-2.06-150400.11.55.2
    * grub2-systemd-sleep-plugin-2.06-150400.11.55.2
    * grub2-x86_64-xen-2.06-150400.11.55.2
    * grub2-i386-pc-2.06-150400.11.55.2
    * grub2-snapper-plugin-2.06-150400.11.55.2
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * grub2-debuginfo-2.06-150400.11.55.2
    * grub2-2.06-150400.11.55.2
  * SUSE Manager Server 4.3 (noarch)
    * grub2-x86_64-efi-2.06-150400.11.55.2
    * grub2-systemd-sleep-plugin-2.06-150400.11.55.2
    * grub2-powerpc-ieee1275-2.06-150400.11.55.2
    * grub2-x86_64-xen-2.06-150400.11.55.2
    * grub2-i386-pc-2.06-150400.11.55.2
    * grub2-snapper-plugin-2.06-150400.11.55.2
  * SUSE Manager Server 4.3 (s390x x86_64)
    * grub2-debugsource-2.06-150400.11.55.2
  * SUSE Manager Server 4.3 (s390x)
    * grub2-s390x-emu-2.06-150400.11.55.2
  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * grub2-debuginfo-2.06-150400.11.55.2
    * grub2-2.06-150400.11.55.2
    * grub2-branding-upstream-2.06-150400.11.55.2
  * openSUSE Leap 15.4 (aarch64 s390x x86_64 i586)
    * grub2-debugsource-2.06-150400.11.55.2
  * openSUSE Leap 15.4 (noarch)
    * grub2-i386-pc-extras-2.06-150400.11.55.2
    * grub2-powerpc-ieee1275-2.06-150400.11.55.2
    * grub2-i386-efi-extras-2.06-150400.11.55.2
    * grub2-i386-efi-2.06-150400.11.55.2
    * grub2-powerpc-ieee1275-extras-2.06-150400.11.55.2
    * grub2-x86_64-xen-extras-2.06-150400.11.55.2
    * grub2-arm64-efi-debug-2.06-150400.11.55.2
    * grub2-systemd-sleep-plugin-2.06-150400.11.55.2
    * grub2-x86_64-efi-debug-2.06-150400.11.55.2
    * grub2-i386-pc-debug-2.06-150400.11.55.2
    * grub2-snapper-plugin-2.06-150400.11.55.2
    * grub2-i386-xen-extras-2.06-150400.11.55.2
    * grub2-i386-xen-2.06-150400.11.55.2
    * grub2-arm64-efi-extras-2.06-150400.11.55.2
    * grub2-i386-efi-debug-2.06-150400.11.55.2
    * grub2-i386-pc-2.06-150400.11.55.2
    * grub2-x86_64-efi-2.06-150400.11.55.2
    * grub2-arm64-efi-2.06-150400.11.55.2
    * grub2-powerpc-ieee1275-debug-2.06-150400.11.55.2
    * grub2-x86_64-xen-2.06-150400.11.55.2
    * grub2-x86_64-efi-extras-2.06-150400.11.55.2
    * grub2-s390x-emu-extras-2.06-150400.11.55.2
  * openSUSE Leap 15.4 (s390x)
    * grub2-s390x-emu-debug-2.06-150400.11.55.2
    * grub2-s390x-emu-2.06-150400.11.55.2
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * grub2-debuginfo-2.06-150400.11.55.2
    * grub2-debugsource-2.06-150400.11.55.2
    * grub2-2.06-150400.11.55.2
  * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch)
    * grub2-x86_64-efi-2.06-150400.11.55.2
    * grub2-arm64-efi-2.06-150400.11.55.2
    * grub2-x86_64-xen-2.06-150400.11.55.2
    * grub2-i386-pc-2.06-150400.11.55.2
    * grub2-snapper-plugin-2.06-150400.11.55.2
  * SUSE Linux Enterprise Micro for Rancher 5.3 (s390x)
    * grub2-s390x-emu-2.06-150400.11.55.2
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * grub2-debuginfo-2.06-150400.11.55.2
    * grub2-debugsource-2.06-150400.11.55.2
    * grub2-2.06-150400.11.55.2
  * SUSE Linux Enterprise Micro 5.3 (noarch)
    * grub2-x86_64-efi-2.06-150400.11.55.2
    * grub2-arm64-efi-2.06-150400.11.55.2
    * grub2-x86_64-xen-2.06-150400.11.55.2
    * grub2-i386-pc-2.06-150400.11.55.2
    * grub2-snapper-plugin-2.06-150400.11.55.2
  * SUSE Linux Enterprise Micro 5.3 (s390x)
    * grub2-s390x-emu-2.06-150400.11.55.2
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * grub2-debuginfo-2.06-150400.11.55.2
    * grub2-debugsource-2.06-150400.11.55.2
    * grub2-2.06-150400.11.55.2
  * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch)
    * grub2-x86_64-efi-2.06-150400.11.55.2
    * grub2-arm64-efi-2.06-150400.11.55.2
    * grub2-x86_64-xen-2.06-150400.11.55.2
    * grub2-i386-pc-2.06-150400.11.55.2
    * grub2-snapper-plugin-2.06-150400.11.55.2
  * SUSE Linux Enterprise Micro for Rancher 5.4 (s390x)
    * grub2-s390x-emu-2.06-150400.11.55.2
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * grub2-debuginfo-2.06-150400.11.55.2
    * grub2-debugsource-2.06-150400.11.55.2
    * grub2-2.06-150400.11.55.2
  * SUSE Linux Enterprise Micro 5.4 (noarch)
    * grub2-x86_64-efi-2.06-150400.11.55.2
    * grub2-arm64-efi-2.06-150400.11.55.2
    * grub2-x86_64-xen-2.06-150400.11.55.2
    * grub2-i386-pc-2.06-150400.11.55.2
    * grub2-snapper-plugin-2.06-150400.11.55.2
  * SUSE Linux Enterprise Micro 5.4 (s390x)
    * grub2-s390x-emu-2.06-150400.11.55.2
  * SUSE Manager Proxy 4.3 Module (noarch)
    * grub2-arm64-efi-2.06-150400.11.55.2
  * SUSE Manager Server 4.3 Module (noarch)
    * grub2-powerpc-ieee1275-2.06-150400.11.55.2
    * grub2-arm64-efi-2.06-150400.11.55.2
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * grub2-debuginfo-2.06-150400.11.55.2
    * grub2-debugsource-2.06-150400.11.55.2
    * grub2-2.06-150400.11.55.2
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * grub2-x86_64-efi-2.06-150400.11.55.2
    * grub2-systemd-sleep-plugin-2.06-150400.11.55.2
    * grub2-arm64-efi-2.06-150400.11.55.2
    * grub2-x86_64-xen-2.06-150400.11.55.2
    * grub2-i386-pc-2.06-150400.11.55.2
    * grub2-snapper-plugin-2.06-150400.11.55.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * grub2-debuginfo-2.06-150400.11.55.2
    * grub2-debugsource-2.06-150400.11.55.2
    * grub2-2.06-150400.11.55.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * grub2-x86_64-efi-2.06-150400.11.55.2
    * grub2-systemd-sleep-plugin-2.06-150400.11.55.2
    * grub2-arm64-efi-2.06-150400.11.55.2
    * grub2-x86_64-xen-2.06-150400.11.55.2
    * grub2-i386-pc-2.06-150400.11.55.2
    * grub2-snapper-plugin-2.06-150400.11.55.2
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * grub2-debuginfo-2.06-150400.11.55.2
    * grub2-2.06-150400.11.55.2
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * grub2-x86_64-efi-2.06-150400.11.55.2
    * grub2-systemd-sleep-plugin-2.06-150400.11.55.2
    * grub2-powerpc-ieee1275-2.06-150400.11.55.2
    * grub2-arm64-efi-2.06-150400.11.55.2
    * grub2-x86_64-xen-2.06-150400.11.55.2
    * grub2-i386-pc-2.06-150400.11.55.2
    * grub2-snapper-plugin-2.06-150400.11.55.2
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 s390x x86_64)
    * grub2-debugsource-2.06-150400.11.55.2
  * SUSE Linux Enterprise Server 15 SP4 LTSS (s390x)
    * grub2-s390x-emu-2.06-150400.11.55.2

## References:

  * https://www.suse.com/security/cve/CVE-2024-45774.html
  * https://www.suse.com/security/cve/CVE-2024-45775.html
  * https://www.suse.com/security/cve/CVE-2024-45776.html
  * https://www.suse.com/security/cve/CVE-2024-45777.html
  * https://www.suse.com/security/cve/CVE-2024-45778.html
  * https://www.suse.com/security/cve/CVE-2024-45779.html
  * https://www.suse.com/security/cve/CVE-2024-45780.html
  * https://www.suse.com/security/cve/CVE-2024-45781.html
  * https://www.suse.com/security/cve/CVE-2024-45782.html
  * https://www.suse.com/security/cve/CVE-2024-45783.html
  * https://www.suse.com/security/cve/CVE-2024-56737.html
  * https://www.suse.com/security/cve/CVE-2025-0622.html
  * https://www.suse.com/security/cve/CVE-2025-0624.html
  * https://www.suse.com/security/cve/CVE-2025-0677.html
  * https://www.suse.com/security/cve/CVE-2025-0678.html
  * https://www.suse.com/security/cve/CVE-2025-0684.html
  * https://www.suse.com/security/cve/CVE-2025-0685.html
  * https://www.suse.com/security/cve/CVE-2025-0686.html
  * https://www.suse.com/security/cve/CVE-2025-0689.html
  * https://www.suse.com/security/cve/CVE-2025-0690.html
  * https://www.suse.com/security/cve/CVE-2025-1118.html
  * https://www.suse.com/security/cve/CVE-2025-1125.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1233606
  * https://bugzilla.suse.com/show_bug.cgi?id=1233608
  * https://bugzilla.suse.com/show_bug.cgi?id=1233609
  * https://bugzilla.suse.com/show_bug.cgi?id=1233610
  * https://bugzilla.suse.com/show_bug.cgi?id=1233612
  * https://bugzilla.suse.com/show_bug.cgi?id=1233613
  * https://bugzilla.suse.com/show_bug.cgi?id=1233614
  * https://bugzilla.suse.com/show_bug.cgi?id=1233615
  * https://bugzilla.suse.com/show_bug.cgi?id=1233616
  * https://bugzilla.suse.com/show_bug.cgi?id=1233617
  * https://bugzilla.suse.com/show_bug.cgi?id=1234958
  * https://bugzilla.suse.com/show_bug.cgi?id=1236316
  * https://bugzilla.suse.com/show_bug.cgi?id=1236317
  * https://bugzilla.suse.com/show_bug.cgi?id=1237002
  * https://bugzilla.suse.com/show_bug.cgi?id=1237006
  * https://bugzilla.suse.com/show_bug.cgi?id=1237008
  * https://bugzilla.suse.com/show_bug.cgi?id=1237009
  * https://bugzilla.suse.com/show_bug.cgi?id=1237010
  * https://bugzilla.suse.com/show_bug.cgi?id=1237011
  * https://bugzilla.suse.com/show_bug.cgi?id=1237012
  * https://bugzilla.suse.com/show_bug.cgi?id=1237013
  * https://bugzilla.suse.com/show_bug.cgi?id=1237014

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250219/0ebdf988/attachment.htm>

From null at suse.de  Wed Feb 19 08:30:43 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Wed, 19 Feb 2025 08:30:43 -0000
Subject: SUSE-SU-2025:0587-1: important: Security update for grub2
Message-ID: <173995384359.19016.8826229056754011305@smelt2.prg2.suse.org>



# Security update for grub2

Announcement ID: SUSE-SU-2025:0587-1  
Release Date: 2025-02-19T07:29:36Z  
Rating: important  
References:

  * bsc#1233606
  * bsc#1233608
  * bsc#1233609
  * bsc#1233610
  * bsc#1233612
  * bsc#1233613
  * bsc#1233614
  * bsc#1233615
  * bsc#1233616
  * bsc#1233617
  * bsc#1234958
  * bsc#1236316
  * bsc#1236317
  * bsc#1237002
  * bsc#1237006
  * bsc#1237008
  * bsc#1237009
  * bsc#1237010
  * bsc#1237011
  * bsc#1237012
  * bsc#1237013
  * bsc#1237014

  
Cross-References:

  * CVE-2024-45774
  * CVE-2024-45775
  * CVE-2024-45776
  * CVE-2024-45777
  * CVE-2024-45778
  * CVE-2024-45779
  * CVE-2024-45780
  * CVE-2024-45781
  * CVE-2024-45782
  * CVE-2024-45783
  * CVE-2024-56737
  * CVE-2025-0622
  * CVE-2025-0624
  * CVE-2025-0677
  * CVE-2025-0678
  * CVE-2025-0684
  * CVE-2025-0685
  * CVE-2025-0686
  * CVE-2025-0689
  * CVE-2025-0690
  * CVE-2025-1118
  * CVE-2025-1125

  
CVSS scores:

  * CVE-2024-45774 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45774 ( NVD ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45775 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45775 ( NVD ):  5.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H
  * CVE-2024-45776 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45776 ( NVD ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45777 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45778 ( SUSE ):  3.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L
  * CVE-2024-45779 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45780 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45781 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45781 ( NVD ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45782 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45783 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45783 ( NVD ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56737 ( SUSE ):  8.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56737 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-56737 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-0622 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0622 ( NVD ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0624 ( SUSE ):  7.6 CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
  * CVE-2025-0677 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0677 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0678 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0678 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0684 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0685 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0685 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0686 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0686 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0689 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0689 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0690 ( SUSE ):  7.3
    CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0690 ( SUSE ):  6.1 CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1118 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-1118 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
  * CVE-2025-1125 ( SUSE ):  8.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-1125 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.5
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5

  
  
An update that solves 22 vulnerabilities can now be installed.

## Description:

This update for grub2 fixes the following issues:

  * CVE-2024-45781: Fixed strcpy overflow in ufs. (bsc#1233617)
  * CVE-2024-56737: Fixed a heap-based buffer overflow in hfs. (bsc#1234958)
  * CVE-2024-45782: Fixed strcpy overflow in hfs. (bsc#1233615)
  * CVE-2024-45780: Fixed an overflow in tar/cpio. (bsc#1233614)
  * CVE-2024-45783: Fixed a refcount overflow in hfsplus. (bsc#1233616)
  * CVE-2024-45774: Fixed a heap overflow in JPEG parser. (bsc#1233609)
  * CVE-2024-45775: Fixed a missing NULL check in extcmd parser. (bsc#1233610)
  * CVE-2024-45776: Fixed an overflow in .MO file handling. (bsc#1233612)
  * CVE-2024-45777: Fixed an integer overflow in gettext. (bsc#1233613)
  * CVE-2024-45778: Fixed bfs filesystem by removing it from lockdown capable
    modules. (bsc#1233606)
  * CVE-2024-45779: Fixed a heap overflow in bfs. (bsc#1233608)
  * CVE-2025-0624: Fixed an out-of-bounds write during the network boot process.
    (bsc#1236316)
  * CVE-2025-0622: Fixed a use-after-free when handling hooks during module
    unload in command/gpg . (bsc#1236317)
  * CVE-2025-0690: Fixed an integer overflow that may lead to an out-of-bounds
    write through the read command. (bsc#1237012)
  * CVE-2025-1118: Fixed an issue where the dump command was not being blocked
    when grub was in lockdown mode. (bsc#1237013)
  * CVE-2025-0677: Fixed an integer overflow that may lead to an out-of-bounds
    write when handling symlinks in ufs. (bsc#1237002)
  * CVE-2025-0684: Fixed an integer overflow that may lead to an out-of-bounds
    write when handling symlinks in reiserfs. (bsc#1237008)
  * CVE-2025-0685: Fixed an integer overflow that may lead to an out-of-bounds
    write when handling symlinks in jfs. (bsc#1237009)
  * CVE-2025-0686: Fixed an integer overflow that may lead to an out-of-bounds
    write when handling symlinks in romfs. (bsc#1237010)
  * CVE-2025-0689: Fixed a heap-based buffer overflow in udf that may lead to
    arbitrary code execution. (bsc#1237011)
  * CVE-2025-1125: Fixed an integer overflow that may lead to an out-of-bounds
    write in hfs. (bsc#1237014)
  * CVE-2025-0678: Fixed an integer overflow that may lead to an out-of-bounds
    write in squash4. (bsc#1237006)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-587=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-587=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-587=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-587=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-587=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-587=1

## Package List:

  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
    * grub2-debuginfo-2.06-150500.29.43.2
    * grub2-2.06-150500.29.43.2
    * grub2-branding-upstream-2.06-150500.29.43.2
  * openSUSE Leap 15.5 (aarch64 s390x x86_64 i586)
    * grub2-debugsource-2.06-150500.29.43.2
  * openSUSE Leap 15.5 (noarch)
    * grub2-i386-efi-extras-2.06-150500.29.43.2
    * grub2-arm64-efi-2.06-150500.29.43.2
    * grub2-i386-xen-extras-2.06-150500.29.43.2
    * grub2-systemd-sleep-plugin-2.06-150500.29.43.2
    * grub2-powerpc-ieee1275-2.06-150500.29.43.2
    * grub2-arm64-efi-debug-2.06-150500.29.43.2
    * grub2-x86_64-efi-extras-2.06-150500.29.43.2
    * grub2-s390x-emu-extras-2.06-150500.29.43.2
    * grub2-i386-pc-2.06-150500.29.43.2
    * grub2-i386-xen-2.06-150500.29.43.2
    * grub2-powerpc-ieee1275-extras-2.06-150500.29.43.2
    * grub2-x86_64-xen-2.06-150500.29.43.2
    * grub2-i386-xen-debug-2.06-150500.29.43.2
    * grub2-x86_64-xen-extras-2.06-150500.29.43.2
    * grub2-x86_64-xen-debug-2.06-150500.29.43.2
    * grub2-i386-efi-debug-2.06-150500.29.43.2
    * grub2-powerpc-ieee1275-debug-2.06-150500.29.43.2
    * grub2-i386-pc-debug-2.06-150500.29.43.2
    * grub2-i386-efi-2.06-150500.29.43.2
    * grub2-arm64-efi-extras-2.06-150500.29.43.2
    * grub2-snapper-plugin-2.06-150500.29.43.2
    * grub2-x86_64-efi-debug-2.06-150500.29.43.2
    * grub2-i386-pc-extras-2.06-150500.29.43.2
    * grub2-x86_64-efi-2.06-150500.29.43.2
  * openSUSE Leap 15.5 (s390x)
    * grub2-s390x-emu-debug-2.06-150500.29.43.2
    * grub2-s390x-emu-2.06-150500.29.43.2
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * grub2-debuginfo-2.06-150500.29.43.2
    * grub2-2.06-150500.29.43.2
  * SUSE Linux Enterprise Micro 5.5 (noarch)
    * grub2-snapper-plugin-2.06-150500.29.43.2
    * grub2-i386-pc-2.06-150500.29.43.2
    * grub2-arm64-efi-2.06-150500.29.43.2
    * grub2-powerpc-ieee1275-2.06-150500.29.43.2
    * grub2-x86_64-xen-2.06-150500.29.43.2
    * grub2-x86_64-efi-2.06-150500.29.43.2
  * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64)
    * grub2-debugsource-2.06-150500.29.43.2
  * SUSE Linux Enterprise Micro 5.5 (s390x)
    * grub2-s390x-emu-2.06-150500.29.43.2
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * grub2-debuginfo-2.06-150500.29.43.2
    * grub2-2.06-150500.29.43.2
    * grub2-debugsource-2.06-150500.29.43.2
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * grub2-snapper-plugin-2.06-150500.29.43.2
    * grub2-i386-pc-2.06-150500.29.43.2
    * grub2-arm64-efi-2.06-150500.29.43.2
    * grub2-systemd-sleep-plugin-2.06-150500.29.43.2
    * grub2-x86_64-xen-2.06-150500.29.43.2
    * grub2-x86_64-efi-2.06-150500.29.43.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * grub2-debuginfo-2.06-150500.29.43.2
    * grub2-2.06-150500.29.43.2
    * grub2-debugsource-2.06-150500.29.43.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * grub2-snapper-plugin-2.06-150500.29.43.2
    * grub2-i386-pc-2.06-150500.29.43.2
    * grub2-arm64-efi-2.06-150500.29.43.2
    * grub2-systemd-sleep-plugin-2.06-150500.29.43.2
    * grub2-x86_64-xen-2.06-150500.29.43.2
    * grub2-x86_64-efi-2.06-150500.29.43.2
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * grub2-debuginfo-2.06-150500.29.43.2
    * grub2-2.06-150500.29.43.2
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * grub2-snapper-plugin-2.06-150500.29.43.2
    * grub2-i386-pc-2.06-150500.29.43.2
    * grub2-arm64-efi-2.06-150500.29.43.2
    * grub2-systemd-sleep-plugin-2.06-150500.29.43.2
    * grub2-powerpc-ieee1275-2.06-150500.29.43.2
    * grub2-x86_64-xen-2.06-150500.29.43.2
    * grub2-x86_64-efi-2.06-150500.29.43.2
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 s390x x86_64)
    * grub2-debugsource-2.06-150500.29.43.2
  * SUSE Linux Enterprise Server 15 SP5 LTSS (s390x)
    * grub2-s390x-emu-2.06-150500.29.43.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * grub2-debuginfo-2.06-150500.29.43.2
    * grub2-2.06-150500.29.43.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * grub2-snapper-plugin-2.06-150500.29.43.2
    * grub2-i386-pc-2.06-150500.29.43.2
    * grub2-systemd-sleep-plugin-2.06-150500.29.43.2
    * grub2-powerpc-ieee1275-2.06-150500.29.43.2
    * grub2-x86_64-xen-2.06-150500.29.43.2
    * grub2-x86_64-efi-2.06-150500.29.43.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64)
    * grub2-debugsource-2.06-150500.29.43.2

## References:

  * https://www.suse.com/security/cve/CVE-2024-45774.html
  * https://www.suse.com/security/cve/CVE-2024-45775.html
  * https://www.suse.com/security/cve/CVE-2024-45776.html
  * https://www.suse.com/security/cve/CVE-2024-45777.html
  * https://www.suse.com/security/cve/CVE-2024-45778.html
  * https://www.suse.com/security/cve/CVE-2024-45779.html
  * https://www.suse.com/security/cve/CVE-2024-45780.html
  * https://www.suse.com/security/cve/CVE-2024-45781.html
  * https://www.suse.com/security/cve/CVE-2024-45782.html
  * https://www.suse.com/security/cve/CVE-2024-45783.html
  * https://www.suse.com/security/cve/CVE-2024-56737.html
  * https://www.suse.com/security/cve/CVE-2025-0622.html
  * https://www.suse.com/security/cve/CVE-2025-0624.html
  * https://www.suse.com/security/cve/CVE-2025-0677.html
  * https://www.suse.com/security/cve/CVE-2025-0678.html
  * https://www.suse.com/security/cve/CVE-2025-0684.html
  * https://www.suse.com/security/cve/CVE-2025-0685.html
  * https://www.suse.com/security/cve/CVE-2025-0686.html
  * https://www.suse.com/security/cve/CVE-2025-0689.html
  * https://www.suse.com/security/cve/CVE-2025-0690.html
  * https://www.suse.com/security/cve/CVE-2025-1118.html
  * https://www.suse.com/security/cve/CVE-2025-1125.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1233606
  * https://bugzilla.suse.com/show_bug.cgi?id=1233608
  * https://bugzilla.suse.com/show_bug.cgi?id=1233609
  * https://bugzilla.suse.com/show_bug.cgi?id=1233610
  * https://bugzilla.suse.com/show_bug.cgi?id=1233612
  * https://bugzilla.suse.com/show_bug.cgi?id=1233613
  * https://bugzilla.suse.com/show_bug.cgi?id=1233614
  * https://bugzilla.suse.com/show_bug.cgi?id=1233615
  * https://bugzilla.suse.com/show_bug.cgi?id=1233616
  * https://bugzilla.suse.com/show_bug.cgi?id=1233617
  * https://bugzilla.suse.com/show_bug.cgi?id=1234958
  * https://bugzilla.suse.com/show_bug.cgi?id=1236316
  * https://bugzilla.suse.com/show_bug.cgi?id=1236317
  * https://bugzilla.suse.com/show_bug.cgi?id=1237002
  * https://bugzilla.suse.com/show_bug.cgi?id=1237006
  * https://bugzilla.suse.com/show_bug.cgi?id=1237008
  * https://bugzilla.suse.com/show_bug.cgi?id=1237009
  * https://bugzilla.suse.com/show_bug.cgi?id=1237010
  * https://bugzilla.suse.com/show_bug.cgi?id=1237011
  * https://bugzilla.suse.com/show_bug.cgi?id=1237012
  * https://bugzilla.suse.com/show_bug.cgi?id=1237013
  * https://bugzilla.suse.com/show_bug.cgi?id=1237014

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250219/c412c961/attachment.htm>

From null at suse.de  Wed Feb 19 08:31:03 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Wed, 19 Feb 2025 08:31:03 -0000
Subject: SUSE-SU-2025:0586-1: important: Security update for grub2
Message-ID: <173995386328.19016.15557462285732601019@smelt2.prg2.suse.org>



# Security update for grub2

Announcement ID: SUSE-SU-2025:0586-1  
Release Date: 2025-02-19T07:29:02Z  
Rating: important  
References:

  * bsc#1229163
  * bsc#1229164
  * bsc#1233606
  * bsc#1233608
  * bsc#1233609
  * bsc#1233610
  * bsc#1233612
  * bsc#1233613
  * bsc#1233614
  * bsc#1233615
  * bsc#1233616
  * bsc#1233617
  * bsc#1234958
  * bsc#1236316
  * bsc#1236317
  * bsc#1237002
  * bsc#1237006
  * bsc#1237008
  * bsc#1237009
  * bsc#1237010
  * bsc#1237011
  * bsc#1237012
  * bsc#1237013
  * bsc#1237014

  
Cross-References:

  * CVE-2024-45774
  * CVE-2024-45775
  * CVE-2024-45776
  * CVE-2024-45777
  * CVE-2024-45778
  * CVE-2024-45779
  * CVE-2024-45780
  * CVE-2024-45781
  * CVE-2024-45782
  * CVE-2024-45783
  * CVE-2024-49504
  * CVE-2024-56737
  * CVE-2025-0622
  * CVE-2025-0624
  * CVE-2025-0677
  * CVE-2025-0678
  * CVE-2025-0684
  * CVE-2025-0685
  * CVE-2025-0686
  * CVE-2025-0689
  * CVE-2025-0690
  * CVE-2025-1118
  * CVE-2025-1125

  
CVSS scores:

  * CVE-2024-45774 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45774 ( NVD ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45775 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45775 ( NVD ):  5.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H
  * CVE-2024-45776 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45776 ( NVD ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45777 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45778 ( SUSE ):  3.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L
  * CVE-2024-45779 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45780 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45781 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45781 ( NVD ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45782 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45783 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45783 ( NVD ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49504 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-49504 ( SUSE ):  6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-49504 ( NVD ):  7.0
    CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2024-56737 ( SUSE ):  8.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56737 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-56737 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-0622 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0622 ( NVD ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0624 ( SUSE ):  7.6 CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
  * CVE-2025-0677 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0677 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0678 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0678 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0684 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0685 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0685 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0686 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0686 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0689 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0689 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0690 ( SUSE ):  7.3
    CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0690 ( SUSE ):  6.1 CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1118 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-1118 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
  * CVE-2025-1125 ( SUSE ):  8.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-1125 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * Server Applications Module 15-SP6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves 23 vulnerabilities and has one security fix can now be
installed.

## Description:

This update for grub2 fixes the following issues:

  * CVE-2024-45781: Fixed strcpy overflow in ufs. (bsc#1233617)
  * CVE-2024-56737: Fixed a heap-based buffer overflow in hfs. (bsc#1234958)
  * CVE-2024-45782: Fixed strcpy overflow in hfs. (bsc#1233615)
  * CVE-2024-45780: Fixed an overflow in tar/cpio. (bsc#1233614)
  * CVE-2024-45783: Fixed a refcount overflow in hfsplus. (bsc#1233616)
  * CVE-2024-45774: Fixed a heap overflow in JPEG parser. (bsc#1233609)
  * CVE-2024-45775: Fixed a missing NULL check in extcmd parser. (bsc#1233610)
  * CVE-2024-45776: Fixed an overflow in .MO file handling. (bsc#1233612)
  * CVE-2024-45777: Fixed an integer overflow in gettext. (bsc#1233613)
  * CVE-2024-45778: Fixed bfs filesystem by removing it from lockdown capable
    modules. (bsc#1233606)
  * CVE-2024-45779: Fixed a heap overflow in bfs. (bsc#1233608)
  * CVE-2024-49504: Fixed an issue that can bypass TPM-bound disk encryption on
    SL(E)M encrypted Images. (bsc#1229164)
  * CVE-2025-0624: Fixed an out-of-bounds write during the network boot process.
    (bsc#1236316)
  * CVE-2025-0622: Fixed a use-after-free when handling hooks during module
    unload in command/gpg . (bsc#1236317)
  * CVE-2025-0690: Fixed an integer overflow that may lead to an out-of-bounds
    write through the read command. (bsc#1237012)
  * CVE-2025-1118: Fixed an issue where the dump command was not being blocked
    when grub was in lockdown mode. (bsc#1237013)
  * CVE-2025-0677: Fixed an integer overflow that may lead to an out-of-bounds
    write when handling symlinks in ufs. (bsc#1237002)
  * CVE-2025-0684: Fixed an integer overflow that may lead to an out-of-bounds
    write when handling symlinks in reiserfs. (bsc#1237008)
  * CVE-2025-0685: Fixed an integer overflow that may lead to an out-of-bounds
    write when handling symlinks in jfs. (bsc#1237009)
  * CVE-2025-0686: Fixed an integer overflow that may lead to an out-of-bounds
    write when handling symlinks in romfs. (bsc#1237010)
  * CVE-2025-0689: Fixed a heap-based buffer overflow in udf that may lead to
    arbitrary code execution. (bsc#1237011)
  * CVE-2025-1125: Fixed an integer overflow that may lead to an out-of-bounds
    write in hfs. (bsc#1237014)
  * CVE-2025-0678: Fixed an integer overflow that may lead to an out-of-bounds
    write in squash4. (bsc#1237006)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-586=1

  * Server Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-586=1

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-586=1 openSUSE-SLE-15.6-2025-586=1

## Package List:

  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * grub2-debuginfo-2.12-150600.8.18.2
    * grub2-2.12-150600.8.18.2
  * Basesystem Module 15-SP6 (noarch)
    * grub2-powerpc-ieee1275-2.12-150600.8.18.2
    * grub2-systemd-sleep-plugin-2.12-150600.8.18.2
    * grub2-x86_64-efi-2.12-150600.8.18.2
    * grub2-snapper-plugin-2.12-150600.8.18.2
    * grub2-i386-pc-2.12-150600.8.18.2
    * grub2-arm64-efi-2.12-150600.8.18.2
  * Basesystem Module 15-SP6 (aarch64 s390x x86_64)
    * grub2-debugsource-2.12-150600.8.18.2
  * Basesystem Module 15-SP6 (s390x)
    * grub2-s390x-emu-2.12-150600.8.18.2
  * Server Applications Module 15-SP6 (noarch)
    * grub2-x86_64-xen-2.12-150600.8.18.2
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * grub2-branding-upstream-2.12-150600.8.18.2
    * grub2-debuginfo-2.12-150600.8.18.2
    * grub2-2.12-150600.8.18.2
  * openSUSE Leap 15.6 (aarch64 s390x x86_64 i586)
    * grub2-debugsource-2.12-150600.8.18.2
  * openSUSE Leap 15.6 (noarch)
    * grub2-powerpc-ieee1275-2.12-150600.8.18.2
    * grub2-x86_64-efi-extras-2.12-150600.8.18.2
    * grub2-i386-pc-extras-2.12-150600.8.18.2
    * grub2-x86_64-xen-debug-2.12-150600.8.18.2
    * grub2-i386-efi-extras-2.12-150600.8.18.2
    * grub2-arm64-efi-2.12-150600.8.18.2
    * grub2-i386-pc-debug-2.12-150600.8.18.2
    * grub2-x86_64-xen-2.12-150600.8.18.2
    * grub2-i386-efi-debug-2.12-150600.8.18.2
    * grub2-snapper-plugin-2.12-150600.8.18.2
    * grub2-s390x-emu-extras-2.12-150600.8.18.2
    * grub2-i386-xen-debug-2.12-150600.8.18.2
    * grub2-powerpc-ieee1275-debug-2.12-150600.8.18.2
    * grub2-systemd-sleep-plugin-2.12-150600.8.18.2
    * grub2-i386-pc-2.12-150600.8.18.2
    * grub2-arm64-efi-debug-2.12-150600.8.18.2
    * grub2-i386-xen-2.12-150600.8.18.2
    * grub2-arm64-efi-extras-2.12-150600.8.18.2
    * grub2-x86_64-efi-debug-2.12-150600.8.18.2
    * grub2-x86_64-xen-extras-2.12-150600.8.18.2
    * grub2-powerpc-ieee1275-extras-2.12-150600.8.18.2
    * grub2-x86_64-efi-2.12-150600.8.18.2
    * grub2-i386-efi-2.12-150600.8.18.2
    * grub2-i386-xen-extras-2.12-150600.8.18.2
  * openSUSE Leap 15.6 (s390x)
    * grub2-s390x-emu-debug-2.12-150600.8.18.2
    * grub2-s390x-emu-2.12-150600.8.18.2

## References:

  * https://www.suse.com/security/cve/CVE-2024-45774.html
  * https://www.suse.com/security/cve/CVE-2024-45775.html
  * https://www.suse.com/security/cve/CVE-2024-45776.html
  * https://www.suse.com/security/cve/CVE-2024-45777.html
  * https://www.suse.com/security/cve/CVE-2024-45778.html
  * https://www.suse.com/security/cve/CVE-2024-45779.html
  * https://www.suse.com/security/cve/CVE-2024-45780.html
  * https://www.suse.com/security/cve/CVE-2024-45781.html
  * https://www.suse.com/security/cve/CVE-2024-45782.html
  * https://www.suse.com/security/cve/CVE-2024-45783.html
  * https://www.suse.com/security/cve/CVE-2024-49504.html
  * https://www.suse.com/security/cve/CVE-2024-56737.html
  * https://www.suse.com/security/cve/CVE-2025-0622.html
  * https://www.suse.com/security/cve/CVE-2025-0624.html
  * https://www.suse.com/security/cve/CVE-2025-0677.html
  * https://www.suse.com/security/cve/CVE-2025-0678.html
  * https://www.suse.com/security/cve/CVE-2025-0684.html
  * https://www.suse.com/security/cve/CVE-2025-0685.html
  * https://www.suse.com/security/cve/CVE-2025-0686.html
  * https://www.suse.com/security/cve/CVE-2025-0689.html
  * https://www.suse.com/security/cve/CVE-2025-0690.html
  * https://www.suse.com/security/cve/CVE-2025-1118.html
  * https://www.suse.com/security/cve/CVE-2025-1125.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1229163
  * https://bugzilla.suse.com/show_bug.cgi?id=1229164
  * https://bugzilla.suse.com/show_bug.cgi?id=1233606
  * https://bugzilla.suse.com/show_bug.cgi?id=1233608
  * https://bugzilla.suse.com/show_bug.cgi?id=1233609
  * https://bugzilla.suse.com/show_bug.cgi?id=1233610
  * https://bugzilla.suse.com/show_bug.cgi?id=1233612
  * https://bugzilla.suse.com/show_bug.cgi?id=1233613
  * https://bugzilla.suse.com/show_bug.cgi?id=1233614
  * https://bugzilla.suse.com/show_bug.cgi?id=1233615
  * https://bugzilla.suse.com/show_bug.cgi?id=1233616
  * https://bugzilla.suse.com/show_bug.cgi?id=1233617
  * https://bugzilla.suse.com/show_bug.cgi?id=1234958
  * https://bugzilla.suse.com/show_bug.cgi?id=1236316
  * https://bugzilla.suse.com/show_bug.cgi?id=1236317
  * https://bugzilla.suse.com/show_bug.cgi?id=1237002
  * https://bugzilla.suse.com/show_bug.cgi?id=1237006
  * https://bugzilla.suse.com/show_bug.cgi?id=1237008
  * https://bugzilla.suse.com/show_bug.cgi?id=1237009
  * https://bugzilla.suse.com/show_bug.cgi?id=1237010
  * https://bugzilla.suse.com/show_bug.cgi?id=1237011
  * https://bugzilla.suse.com/show_bug.cgi?id=1237012
  * https://bugzilla.suse.com/show_bug.cgi?id=1237013
  * https://bugzilla.suse.com/show_bug.cgi?id=1237014

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250219/e653050b/attachment.htm>

From null at suse.de  Wed Feb 19 12:30:05 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Wed, 19 Feb 2025 12:30:05 -0000
Subject: SUSE-SU-2025:0591-1: moderate: Security update for ucode-intel
Message-ID: <173996820578.27275.2544912460243250684@smelt2.prg2.suse.org>



# Security update for ucode-intel

Announcement ID: SUSE-SU-2025:0591-1  
Release Date: 2025-02-19T10:35:47Z  
Rating: moderate  
References:

  * bsc#1237096

  
Cross-References:

  * CVE-2024-31068
  * CVE-2024-36293
  * CVE-2024-37020
  * CVE-2024-39355

  
CVSS scores:

  * CVE-2024-31068 ( SUSE ):  5.6
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-31068 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H
  * CVE-2024-31068 ( NVD ):  5.6
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2024-31068 ( NVD ):  5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H
  * CVE-2024-36293 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-36293 ( SUSE ):  6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
  * CVE-2024-36293 ( NVD ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2024-36293 ( NVD ):  6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
  * CVE-2024-37020 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-37020 ( SUSE ):  3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L
  * CVE-2024-37020 ( NVD ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2024-37020 ( NVD ):  3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L
  * CVE-2024-37020 ( NVD ):  3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L
  * CVE-2024-39355 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-39355 ( SUSE ):  6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
  * CVE-2024-39355 ( NVD ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2024-39355 ( NVD ):  6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Micro for Rancher 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves four vulnerabilities can now be installed.

## Description:

This update for ucode-intel fixes the following issues:

  * Intel CPU Microcode was updated to the 20250211 release (bsc#1237096)

  * CVE-2024-31068: Improper Finite State Machines (FSMs) in Hardware Logic for
    some Intel Processors may allow privileged user to potentially enable denial
    of service via local access.

  * CVE-2024-36293: A potential security vulnerability in some Intel Software
    Guard Extensions (Intel SGX) Platforms may allow denial of service. Intel is
    releasing microcode updates to mitigate this potential vulnerability.
  * CVE-2024-39355: A potential security vulnerability in some 13th and 14th
    Generation Intel Core Processors may allow denial of service. Intel is
    releasing microcode and UEFI reference code updates to mitigate this
    potential vulnerability.
  * CVE-2024-37020: A potential security vulnerability in the Intel Data
    Streaming Accelerator (Intel DSA) for some Intel Xeon Processors may allow
    denial of service. Intel is releasing software updates to mitigate this
    potential vulnerability.

  * New Platforms | Processor | Stepping | F-M-S/PI | Old Ver | New Ver |
    Products
    |:---------------|:---------|:------------|:---------|:---------|:---------
    | SRF-SP | C0 | 06-af-03/01 | | 03000330 | Xeon 6700-Series Processors with
    E-Cores ### Updated Platforms | Processor | Stepping | F-M-S/PI | Old Ver |
    New Ver | Products
    |:---------------|:---------|:------------|:---------|:---------|:---------
    | ADL | C0 | 06-97-02/07 | 00000037 | 00000038 | Core Gen12 | ADL | H0 |
    06-97-05/07 | 00000037 | 00000038 | Core Gen12 | ADL | L0 | 06-9a-03/80 |
    00000435 | 00000436 | Core Gen12 | ADL | R0 | 06-9a-04/80 | 00000435 |
    00000436 | Core Gen12 | ADL-N | N0 | 06-be-00/19 | 0000001a | 0000001c |
    Core i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E | AZB |
    A0/R0 | 06-9a-04/40 | 00000007 | 00000009 | Intel(R) Atom(R) C1100 | CFL-H |
    R0 | 06-9e-0d/22 | 00000100 | 00000102 | Core Gen9 Mobile | CFL-H/S/E3 | U0
    | 06-9e-0a/22 | 000000f8 | 000000fa | Core Gen8 Desktop, Mobile, Xeon E |
    EMR-SP | A0 | 06-cf-01/87 | 21000283 | 21000291 | Xeon Scalable Gen5 | EMR-
    SP | A1 | 06-cf-02/87 | 21000283 | 21000291 | Xeon Scalable Gen5 | ICL-D |
    B0 | 06-6c-01/10 | 010002b0 | 010002c0 | Xeon D-17xx, D-27xx | ICX-SP |
    Dx/M1 | 06-6a-06/87 | 0d0003e7 | 0d0003f5 | Xeon Scalable Gen3 | RPL-E/HX/S
    | B0 | 06-b7-01/32 | 0000012b | 0000012c | Core Gen13/Gen14 | RPL-H/P/PX 6+8
    | J0 | 06-ba-02/e0 | 00004123 | 00004124 | Core Gen13 | RPL-HX/S | C0 |
    06-bf-02/07 | 00000037 | 00000038 | Core Gen13/Gen14 | RPL-U 2+8 | Q0 |
    06-ba-03/e0 | 00004123 | 00004124 | Core Gen13 | RPL-S | H0 | 06-bf-05/07 |
    00000037 | 00000038 | Core Gen13/Gen14 | RKL-S | B0 | 06-a7-01/02 | 00000062
    | 00000063 | Core Gen11 | SPR-HBM | Bx | 06-8f-08/10 | 2c000390 | 2c0003e0 |
    Xeon Max | SPR-SP | E4/S2 | 06-8f-07/87 | 2b000603 | 2b000620 | Xeon
    Scalable Gen4 | SPR-SP | E5/S3 | 06-8f-08/87 | 2b000603 | 2b000620 | Xeon
    Scalable Gen4 | TWL | N0 | 06-be-00/19 | 0000001a | 0000001c | Core
    i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E ### New
    Disclosures Updated in Prior Releases | Processor | Stepping | F-M-S/PI |
    Old Ver | New Ver | Products
    |:---------------|:---------|:------------|:---------|:---------|:---------
    | CFL-H/S | P0 | 06-9e-0c/22 | 000000f6 | 000000f8 | Core Gen9

## Special Instructions and Notes:

  * Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-591=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-591=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-591=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-591=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-591=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-591=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-591=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-591=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-591=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-591=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-591=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-591=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-591=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-591=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-591=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-591=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-591=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-591=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-591=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-591=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-591=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-591=1

  * SUSE Linux Enterprise Micro 5.1  
    zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-591=1

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-591=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-591=1

## Package List:

  * openSUSE Leap 15.6 (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Linux Enterprise Micro 5.3 (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Linux Enterprise Micro 5.4 (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Linux Enterprise Micro 5.5 (x86_64)
    * ucode-intel-20250211-150200.53.1
  * Basesystem Module 15-SP6 (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Manager Server 4.3 (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Enterprise Storage 7.1 (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Linux Enterprise Micro 5.1 (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Linux Enterprise Micro 5.2 (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64)
    * ucode-intel-20250211-150200.53.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-31068.html
  * https://www.suse.com/security/cve/CVE-2024-36293.html
  * https://www.suse.com/security/cve/CVE-2024-37020.html
  * https://www.suse.com/security/cve/CVE-2024-39355.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237096

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250219/8d7eb822/attachment.htm>

From null at suse.de  Wed Feb 19 12:30:10 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Wed, 19 Feb 2025 12:30:10 -0000
Subject: SUSE-SU-2025:0590-1: important: Security update for netty,
 netty-tcnative
Message-ID: <173996821086.27275.6349552019299392253@smelt2.prg2.suse.org>



# Security update for netty, netty-tcnative

Announcement ID: SUSE-SU-2025:0590-1  
Release Date: 2025-02-19T10:34:42Z  
Rating: important  
References:

  * bsc#1237037
  * bsc#1237038

  
Cross-References:

  * CVE-2025-24970
  * CVE-2025-25193

  
CVSS scores:

  * CVE-2025-24970 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-24970 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-25193 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-25193 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * Development Tools Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Package Hub 15 15-SP6

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for netty, netty-tcnative fixes the following issues:

  * CVE-2025-24970: incorrect validation of packets by SslHandler can lead to a
    native crash. (bsc#1237037)
  * CVE-2025-25193: unsafe reading of environment files can lead to an
    application crash. (bsc#1237038)

Update to netty version 4.1.118 and netty-tcnative version 2.0.70 Final.

Other fixes:

  * Fix recycling in CodecOutputList.
  * StreamBufferingEncoder: do not send header frame with priority by default.
  * Notify event loop termination future of unexpected exceptions.
  * Fix AccessControlException in GlobalEventExecutor.
  * AdaptivePoolingAllocator: round chunk sizes up and reduce chunk release
    frequency.
  * Support BouncyCastle FIPS for reading PEM files.
  * Dns: correctly encode DnsPtrRecord.
  * Provide Brotli settings without com.aayushatharva.brotli4j dependency.
  * Make DefaultResourceLeak more resilient against OOM.
  * OpenSslSession: add support to defensively check for peer certs.
  * SslHandler: ensure buffers are never leaked when wrap(...) produces
    SSLException.
  * Correcly handle comments appended to nameserver declarations.
  * PcapWriteHandler: apply fixes so that the handler can append to an existing
    PCAP file when writing the global header.
  * PcapWriteHandler: allow output of PCAP files larger than 2GB.
  * Fix bugs in BoundedInputStream.
  * Fix HTTP header validation bug.
  * AdaptivePoolingAllocator: fix possible race condition in method
    offerToQueue(...).
  * AdaptivePoolingAllocator: make sure the sentinel object
    Magazine.MAGAZINE_FREED not be replaced.
  * Only try to use Zstd and Brotli if the native libs can be loaded.
  * Bump BlockHound version to 1.0.10.RELEASE.
  * Add details to TooLongFrameException message.
  * AdaptivePoolingAllocator: correctly reuse chunks.
  * AdaptivePoolingAllocator: don't fail when we run on a host with 1 core.
  * AdaptivePoolingAllocator: correctly re-use central queue chunks and avoid
    OOM issue.
  * Fix several memory management (leaks and missing checks) issues.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-590=1

  * Development Tools Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-590=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-590=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-590=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-590=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-590=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-590=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-590=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-590=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-590=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-590=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-590=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-590=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-590=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-590=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * netty-4.1.118-150200.4.29.2
    * netty-tcnative-2.0.70-150200.3.25.1
  * openSUSE Leap 15.6 (noarch)
    * netty-javadoc-4.1.118-150200.4.29.2
    * netty-tcnative-javadoc-2.0.70-150200.3.25.1
  * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * netty-tcnative-2.0.70-150200.3.25.1
  * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64)
    * netty-4.1.118-150200.4.29.2
  * SUSE Package Hub 15 15-SP6 (noarch)
    * netty-javadoc-4.1.118-150200.4.29.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * netty-tcnative-2.0.70-150200.3.25.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * netty-tcnative-2.0.70-150200.3.25.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * netty-tcnative-2.0.70-150200.3.25.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * netty-tcnative-2.0.70-150200.3.25.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * netty-tcnative-2.0.70-150200.3.25.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * netty-tcnative-2.0.70-150200.3.25.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * netty-tcnative-2.0.70-150200.3.25.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * netty-tcnative-2.0.70-150200.3.25.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * netty-tcnative-2.0.70-150200.3.25.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * netty-tcnative-2.0.70-150200.3.25.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * netty-tcnative-2.0.70-150200.3.25.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * netty-tcnative-2.0.70-150200.3.25.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-24970.html
  * https://www.suse.com/security/cve/CVE-2025-25193.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237037
  * https://bugzilla.suse.com/show_bug.cgi?id=1237038

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250219/8dfbbded/attachment.htm>

From null at suse.de  Wed Feb 19 12:30:14 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Wed, 19 Feb 2025 12:30:14 -0000
Subject: SUSE-SU-2025:0589-1: important: Security update for emacs
Message-ID: <173996821458.27275.5592025062539082023@smelt2.prg2.suse.org>



# Security update for emacs

Announcement ID: SUSE-SU-2025:0589-1  
Release Date: 2025-02-19T10:31:31Z  
Rating: important  
References:

  * bsc#1237091

  
Cross-References:

  * CVE-2025-1244

  
CVSS scores:

  * CVE-2025-1244 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-1244 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1244 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for emacs fixes the following issues:

  * CVE-2025-1244: improper handling of custom "man" URI schemes allow for shell
    command injections. (bsc#1237091)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-589=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-589=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-589=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-589=1

## Package List:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * etags-debuginfo-25.3-150000.3.25.3
    * emacs-debugsource-25.3-150000.3.25.3
    * emacs-x11-debuginfo-25.3-150000.3.25.3
    * emacs-nox-debuginfo-25.3-150000.3.25.3
    * emacs-nox-25.3-150000.3.25.3
    * emacs-25.3-150000.3.25.3
    * etags-25.3-150000.3.25.3
    * emacs-debuginfo-25.3-150000.3.25.3
    * emacs-x11-25.3-150000.3.25.3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * emacs-info-25.3-150000.3.25.3
    * emacs-el-25.3-150000.3.25.3
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * etags-debuginfo-25.3-150000.3.25.3
    * emacs-debugsource-25.3-150000.3.25.3
    * emacs-x11-debuginfo-25.3-150000.3.25.3
    * emacs-nox-debuginfo-25.3-150000.3.25.3
    * emacs-nox-25.3-150000.3.25.3
    * emacs-25.3-150000.3.25.3
    * etags-25.3-150000.3.25.3
    * emacs-debuginfo-25.3-150000.3.25.3
    * emacs-x11-25.3-150000.3.25.3
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * emacs-info-25.3-150000.3.25.3
    * emacs-el-25.3-150000.3.25.3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * etags-debuginfo-25.3-150000.3.25.3
    * emacs-debugsource-25.3-150000.3.25.3
    * emacs-x11-debuginfo-25.3-150000.3.25.3
    * emacs-nox-debuginfo-25.3-150000.3.25.3
    * emacs-nox-25.3-150000.3.25.3
    * emacs-25.3-150000.3.25.3
    * etags-25.3-150000.3.25.3
    * emacs-debuginfo-25.3-150000.3.25.3
    * emacs-x11-25.3-150000.3.25.3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * emacs-info-25.3-150000.3.25.3
    * emacs-el-25.3-150000.3.25.3
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * etags-debuginfo-25.3-150000.3.25.3
    * emacs-debugsource-25.3-150000.3.25.3
    * emacs-x11-debuginfo-25.3-150000.3.25.3
    * emacs-nox-debuginfo-25.3-150000.3.25.3
    * emacs-nox-25.3-150000.3.25.3
    * emacs-25.3-150000.3.25.3
    * etags-25.3-150000.3.25.3
    * emacs-debuginfo-25.3-150000.3.25.3
    * emacs-x11-25.3-150000.3.25.3
  * SUSE Enterprise Storage 7.1 (noarch)
    * emacs-info-25.3-150000.3.25.3
    * emacs-el-25.3-150000.3.25.3

## References:

  * https://www.suse.com/security/cve/CVE-2025-1244.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237091

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250219/508855ee/attachment.htm>

From null at suse.de  Fri Feb 21 10:05:48 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 21 Feb 2025 10:05:48 -0000
Subject: SUSE-SU-2025:0607-1: important: Security update for grub2
Message-ID: <174013234886.12478.491572864029471509@smelt2.prg2.suse.org>



# Security update for grub2

Announcement ID: SUSE-SU-2025:0607-1  
Release Date: 2025-02-20T21:42:19Z  
Rating: important  
References:

  * bsc#1233606
  * bsc#1233608
  * bsc#1233609
  * bsc#1233610
  * bsc#1233612
  * bsc#1233613
  * bsc#1233614
  * bsc#1233615
  * bsc#1233616
  * bsc#1233617
  * bsc#1234958
  * bsc#1236316
  * bsc#1236317
  * bsc#1237002
  * bsc#1237006
  * bsc#1237008
  * bsc#1237009
  * bsc#1237010
  * bsc#1237011
  * bsc#1237012
  * bsc#1237013
  * bsc#1237014

  
Cross-References:

  * CVE-2024-45774
  * CVE-2024-45775
  * CVE-2024-45776
  * CVE-2024-45777
  * CVE-2024-45778
  * CVE-2024-45779
  * CVE-2024-45780
  * CVE-2024-45781
  * CVE-2024-45782
  * CVE-2024-45783
  * CVE-2024-56737
  * CVE-2025-0622
  * CVE-2025-0624
  * CVE-2025-0677
  * CVE-2025-0678
  * CVE-2025-0684
  * CVE-2025-0685
  * CVE-2025-0686
  * CVE-2025-0689
  * CVE-2025-0690
  * CVE-2025-1118
  * CVE-2025-1125

  
CVSS scores:

  * CVE-2024-45774 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45774 ( NVD ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45775 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45775 ( NVD ):  5.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H
  * CVE-2024-45776 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45776 ( NVD ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45777 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45777 ( NVD ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45778 ( SUSE ):  3.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L
  * CVE-2024-45779 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45780 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45781 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45781 ( NVD ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45782 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45783 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45783 ( NVD ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56737 ( SUSE ):  8.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56737 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-56737 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-0622 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0622 ( NVD ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0624 ( SUSE ):  7.6 CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
  * CVE-2025-0624 ( NVD ):  7.6 CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
  * CVE-2025-0677 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0677 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0677 ( NVD ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0678 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0678 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0684 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0685 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0685 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0686 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0686 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0689 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0689 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0690 ( SUSE ):  7.3
    CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0690 ( SUSE ):  6.1 CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1118 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-1118 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
  * CVE-2025-1118 ( NVD ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
  * CVE-2025-1125 ( SUSE ):  8.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-1125 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.3
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.2
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3

  
  
An update that solves 22 vulnerabilities can now be installed.

## Description:

This update for grub2 fixes the following issues:

  * CVE-2024-45781: Fixed strcpy overflow in ufs. (bsc#1233617)
  * CVE-2024-56737: Fixed a heap-based buffer overflow in hfs. (bsc#1234958)
  * CVE-2024-45782: Fixed strcpy overflow in hfs. (bsc#1233615)
  * CVE-2024-45780: Fixed an overflow in tar/cpio. (bsc#1233614)
  * CVE-2024-45783: Fixed a refcount overflow in hfsplus. (bsc#1233616)
  * CVE-2024-45774: Fixed a heap overflow in JPEG parser. (bsc#1233609)
  * CVE-2024-45775: Fixed a missing NULL check in extcmd parser. (bsc#1233610)
  * CVE-2024-45776: Fixed an overflow in .MO file handling. (bsc#1233612)
  * CVE-2024-45777: Fixed an integer overflow in gettext. (bsc#1233613)
  * CVE-2024-45778: Fixed bfs filesystem by removing it from lockdown capable
    modules. (bsc#1233606)
  * CVE-2024-45779: Fixed a heap overflow in bfs. (bsc#1233608)
  * CVE-2025-0624: Fixed an out-of-bounds write during the network boot process.
    (bsc#1236316)
  * CVE-2025-0622: Fixed a use-after-free when handling hooks during module
    unload in command/gpg . (bsc#1236317)
  * CVE-2025-0690: Fixed an integer overflow that may lead to an out-of-bounds
    write through the read command. (bsc#1237012)
  * CVE-2025-1118: Fixed an issue where the dump command was not being blocked
    when grub was in lockdown mode. (bsc#1237013)
  * CVE-2025-0677: Fixed an integer overflow that may lead to an out-of-bounds
    write when handling symlinks in ufs. (bsc#1237002)
  * CVE-2025-0684: Fixed an integer overflow that may lead to an out-of-bounds
    write when handling symlinks in reiserfs. (bsc#1237008)
  * CVE-2025-0685: Fixed an integer overflow that may lead to an out-of-bounds
    write when handling symlinks in jfs. (bsc#1237009)
  * CVE-2025-0686: Fixed an integer overflow that may lead to an out-of-bounds
    write when handling symlinks in romfs. (bsc#1237010)
  * CVE-2025-0689: Fixed a heap-based buffer overflow in udf that may lead to
    arbitrary code execution. (bsc#1237011)
  * CVE-2025-1125: Fixed an integer overflow that may lead to an out-of-bounds
    write in hfs. (bsc#1237014)
  * CVE-2025-0678: Fixed an integer overflow that may lead to an out-of-bounds
    write in squash4. (bsc#1237006)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-607=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-607=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-607=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-607=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-607=1

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-607=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-607=1

## Package List:

  * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
    * grub2-branding-upstream-2.04-150300.22.52.3
    * grub2-2.04-150300.22.52.3
    * grub2-debuginfo-2.04-150300.22.52.3
  * openSUSE Leap 15.3 (aarch64 s390x x86_64 i586)
    * grub2-debugsource-2.04-150300.22.52.3
  * openSUSE Leap 15.3 (noarch)
    * grub2-arm64-efi-2.04-150300.22.52.3
    * grub2-powerpc-ieee1275-extras-2.04-150300.22.52.3
    * grub2-x86_64-efi-2.04-150300.22.52.3
    * grub2-i386-xen-2.04-150300.22.52.3
    * grub2-x86_64-efi-extras-2.04-150300.22.52.3
    * grub2-i386-efi-2.04-150300.22.52.3
    * grub2-arm64-efi-extras-2.04-150300.22.52.3
    * grub2-i386-pc-extras-2.04-150300.22.52.3
    * grub2-i386-pc-2.04-150300.22.52.3
    * grub2-i386-pc-debug-2.04-150300.22.52.3
    * grub2-x86_64-xen-extras-2.04-150300.22.52.3
    * grub2-i386-xen-extras-2.04-150300.22.52.3
    * grub2-x86_64-efi-debug-2.04-150300.22.52.3
    * grub2-s390x-emu-extras-2.04-150300.22.52.3
    * grub2-i386-efi-debug-2.04-150300.22.52.3
    * grub2-arm64-efi-debug-2.04-150300.22.52.3
    * grub2-powerpc-ieee1275-2.04-150300.22.52.3
    * grub2-powerpc-ieee1275-debug-2.04-150300.22.52.3
    * grub2-snapper-plugin-2.04-150300.22.52.3
    * grub2-i386-efi-extras-2.04-150300.22.52.3
    * grub2-systemd-sleep-plugin-2.04-150300.22.52.3
    * grub2-x86_64-xen-2.04-150300.22.52.3
  * openSUSE Leap 15.3 (s390x)
    * grub2-s390x-emu-2.04-150300.22.52.3
    * grub2-s390x-emu-debug-2.04-150300.22.52.3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * grub2-debugsource-2.04-150300.22.52.3
    * grub2-2.04-150300.22.52.3
    * grub2-debuginfo-2.04-150300.22.52.3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * grub2-arm64-efi-2.04-150300.22.52.3
    * grub2-powerpc-ieee1275-2.04-150300.22.52.3
    * grub2-snapper-plugin-2.04-150300.22.52.3
    * grub2-i386-pc-2.04-150300.22.52.3
    * grub2-x86_64-efi-2.04-150300.22.52.3
    * grub2-systemd-sleep-plugin-2.04-150300.22.52.3
    * grub2-x86_64-xen-2.04-150300.22.52.3
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * grub2-2.04-150300.22.52.3
    * grub2-debuginfo-2.04-150300.22.52.3
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * grub2-arm64-efi-2.04-150300.22.52.3
    * grub2-powerpc-ieee1275-2.04-150300.22.52.3
    * grub2-snapper-plugin-2.04-150300.22.52.3
    * grub2-i386-pc-2.04-150300.22.52.3
    * grub2-x86_64-efi-2.04-150300.22.52.3
    * grub2-systemd-sleep-plugin-2.04-150300.22.52.3
    * grub2-x86_64-xen-2.04-150300.22.52.3
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 s390x x86_64)
    * grub2-debugsource-2.04-150300.22.52.3
  * SUSE Linux Enterprise Server 15 SP3 LTSS (s390x)
    * grub2-s390x-emu-2.04-150300.22.52.3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * grub2-2.04-150300.22.52.3
    * grub2-debuginfo-2.04-150300.22.52.3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * grub2-arm64-efi-2.04-150300.22.52.3
    * grub2-powerpc-ieee1275-2.04-150300.22.52.3
    * grub2-snapper-plugin-2.04-150300.22.52.3
    * grub2-i386-pc-2.04-150300.22.52.3
    * grub2-x86_64-efi-2.04-150300.22.52.3
    * grub2-systemd-sleep-plugin-2.04-150300.22.52.3
    * grub2-x86_64-xen-2.04-150300.22.52.3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64)
    * grub2-debugsource-2.04-150300.22.52.3
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * grub2-debugsource-2.04-150300.22.52.3
    * grub2-2.04-150300.22.52.3
    * grub2-debuginfo-2.04-150300.22.52.3
  * SUSE Enterprise Storage 7.1 (noarch)
    * grub2-arm64-efi-2.04-150300.22.52.3
    * grub2-powerpc-ieee1275-2.04-150300.22.52.3
    * grub2-snapper-plugin-2.04-150300.22.52.3
    * grub2-i386-pc-2.04-150300.22.52.3
    * grub2-x86_64-efi-2.04-150300.22.52.3
    * grub2-systemd-sleep-plugin-2.04-150300.22.52.3
    * grub2-x86_64-xen-2.04-150300.22.52.3
  * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
    * grub2-debugsource-2.04-150300.22.52.3
    * grub2-2.04-150300.22.52.3
    * grub2-debuginfo-2.04-150300.22.52.3
  * SUSE Linux Enterprise Micro 5.2 (noarch)
    * grub2-arm64-efi-2.04-150300.22.52.3
    * grub2-snapper-plugin-2.04-150300.22.52.3
    * grub2-i386-pc-2.04-150300.22.52.3
    * grub2-x86_64-efi-2.04-150300.22.52.3
    * grub2-x86_64-xen-2.04-150300.22.52.3
  * SUSE Linux Enterprise Micro 5.2 (s390x)
    * grub2-s390x-emu-2.04-150300.22.52.3
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
    * grub2-debugsource-2.04-150300.22.52.3
    * grub2-2.04-150300.22.52.3
    * grub2-debuginfo-2.04-150300.22.52.3
  * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch)
    * grub2-arm64-efi-2.04-150300.22.52.3
    * grub2-snapper-plugin-2.04-150300.22.52.3
    * grub2-i386-pc-2.04-150300.22.52.3
    * grub2-x86_64-efi-2.04-150300.22.52.3
    * grub2-x86_64-xen-2.04-150300.22.52.3
  * SUSE Linux Enterprise Micro for Rancher 5.2 (s390x)
    * grub2-s390x-emu-2.04-150300.22.52.3

## References:

  * https://www.suse.com/security/cve/CVE-2024-45774.html
  * https://www.suse.com/security/cve/CVE-2024-45775.html
  * https://www.suse.com/security/cve/CVE-2024-45776.html
  * https://www.suse.com/security/cve/CVE-2024-45777.html
  * https://www.suse.com/security/cve/CVE-2024-45778.html
  * https://www.suse.com/security/cve/CVE-2024-45779.html
  * https://www.suse.com/security/cve/CVE-2024-45780.html
  * https://www.suse.com/security/cve/CVE-2024-45781.html
  * https://www.suse.com/security/cve/CVE-2024-45782.html
  * https://www.suse.com/security/cve/CVE-2024-45783.html
  * https://www.suse.com/security/cve/CVE-2024-56737.html
  * https://www.suse.com/security/cve/CVE-2025-0622.html
  * https://www.suse.com/security/cve/CVE-2025-0624.html
  * https://www.suse.com/security/cve/CVE-2025-0677.html
  * https://www.suse.com/security/cve/CVE-2025-0678.html
  * https://www.suse.com/security/cve/CVE-2025-0684.html
  * https://www.suse.com/security/cve/CVE-2025-0685.html
  * https://www.suse.com/security/cve/CVE-2025-0686.html
  * https://www.suse.com/security/cve/CVE-2025-0689.html
  * https://www.suse.com/security/cve/CVE-2025-0690.html
  * https://www.suse.com/security/cve/CVE-2025-1118.html
  * https://www.suse.com/security/cve/CVE-2025-1125.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1233606
  * https://bugzilla.suse.com/show_bug.cgi?id=1233608
  * https://bugzilla.suse.com/show_bug.cgi?id=1233609
  * https://bugzilla.suse.com/show_bug.cgi?id=1233610
  * https://bugzilla.suse.com/show_bug.cgi?id=1233612
  * https://bugzilla.suse.com/show_bug.cgi?id=1233613
  * https://bugzilla.suse.com/show_bug.cgi?id=1233614
  * https://bugzilla.suse.com/show_bug.cgi?id=1233615
  * https://bugzilla.suse.com/show_bug.cgi?id=1233616
  * https://bugzilla.suse.com/show_bug.cgi?id=1233617
  * https://bugzilla.suse.com/show_bug.cgi?id=1234958
  * https://bugzilla.suse.com/show_bug.cgi?id=1236316
  * https://bugzilla.suse.com/show_bug.cgi?id=1236317
  * https://bugzilla.suse.com/show_bug.cgi?id=1237002
  * https://bugzilla.suse.com/show_bug.cgi?id=1237006
  * https://bugzilla.suse.com/show_bug.cgi?id=1237008
  * https://bugzilla.suse.com/show_bug.cgi?id=1237009
  * https://bugzilla.suse.com/show_bug.cgi?id=1237010
  * https://bugzilla.suse.com/show_bug.cgi?id=1237011
  * https://bugzilla.suse.com/show_bug.cgi?id=1237012
  * https://bugzilla.suse.com/show_bug.cgi?id=1237013
  * https://bugzilla.suse.com/show_bug.cgi?id=1237014

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250221/55da79a2/attachment.htm>

From null at suse.de  Fri Feb 21 10:05:51 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 21 Feb 2025 10:05:51 -0000
Subject: SUSE-SU-2025:0606-1: important: Security update for postgresql13
Message-ID: <174013235145.12478.1800496717328979069@smelt2.prg2.suse.org>



# Security update for postgresql13

Announcement ID: SUSE-SU-2025:0606-1  
Release Date: 2025-02-20T16:21:35Z  
Rating: important  
References:

  * bsc#1237093

  
Cross-References:

  * CVE-2025-1094

  
CVSS scores:

  * CVE-2025-1094 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-1094 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1094 ( NVD ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for postgresql13 fixes the following issues:

Upgrade to 13.20:

  * CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-
    encoded input strings (bsc#1237093).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-606=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-606=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * postgresql13-plperl-13.20-3.60.1
    * postgresql13-server-debuginfo-13.20-3.60.1
    * postgresql13-contrib-debuginfo-13.20-3.60.1
    * postgresql13-contrib-13.20-3.60.1
    * postgresql13-plpython-debuginfo-13.20-3.60.1
    * postgresql13-plperl-debuginfo-13.20-3.60.1
    * postgresql13-pltcl-13.20-3.60.1
    * postgresql13-devel-13.20-3.60.1
    * postgresql13-plpython-13.20-3.60.1
    * postgresql13-debugsource-13.20-3.60.1
    * postgresql13-devel-debuginfo-13.20-3.60.1
    * postgresql13-debuginfo-13.20-3.60.1
    * postgresql13-pltcl-debuginfo-13.20-3.60.1
    * postgresql13-server-13.20-3.60.1
    * postgresql13-13.20-3.60.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch)
    * postgresql13-docs-13.20-3.60.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (ppc64le s390x x86_64)
    * postgresql13-server-devel-debuginfo-13.20-3.60.1
    * postgresql13-server-devel-13.20-3.60.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * postgresql13-plperl-13.20-3.60.1
    * postgresql13-server-debuginfo-13.20-3.60.1
    * postgresql13-contrib-debuginfo-13.20-3.60.1
    * postgresql13-contrib-13.20-3.60.1
    * postgresql13-plpython-debuginfo-13.20-3.60.1
    * postgresql13-server-devel-13.20-3.60.1
    * postgresql13-server-devel-debuginfo-13.20-3.60.1
    * postgresql13-plperl-debuginfo-13.20-3.60.1
    * postgresql13-pltcl-13.20-3.60.1
    * postgresql13-devel-13.20-3.60.1
    * postgresql13-plpython-13.20-3.60.1
    * postgresql13-debugsource-13.20-3.60.1
    * postgresql13-devel-debuginfo-13.20-3.60.1
    * postgresql13-debuginfo-13.20-3.60.1
    * postgresql13-pltcl-debuginfo-13.20-3.60.1
    * postgresql13-server-13.20-3.60.1
    * postgresql13-13.20-3.60.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch)
    * postgresql13-docs-13.20-3.60.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-1094.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237093

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250221/b75a00ec/attachment.htm>

From null at suse.de  Fri Feb 21 10:05:55 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 21 Feb 2025 10:05:55 -0000
Subject: SUSE-SU-2025:0605-1: moderate: Security update for openssh
Message-ID: <174013235550.12478.16896612627887397542@smelt2.prg2.suse.org>



# Security update for openssh

Announcement ID: SUSE-SU-2025:0605-1  
Release Date: 2025-02-20T14:43:40Z  
Rating: moderate  
References:

  * bsc#1237040

  
Cross-References:

  * CVE-2025-26465

  
CVSS scores:

  * CVE-2025-26465 ( SUSE ):  6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
  * CVE-2025-26465 ( NVD ):  6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

  
Affected Products:

  * openSUSE Leap 15.3
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Micro for Rancher 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for openssh fixes the following issues:

  * CVE-2025-26465: Fixed MitM attack against OpenSSH's VerifyHostKeyDNS-enabled
    client (bsc#1237040).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-605=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-605=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-605=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-605=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-605=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-605=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-605=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-605=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-605=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-605=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-605=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-605=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-605=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-605=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-605=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-605=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-605=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-605=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-605=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-605=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-605=1

  * SUSE Linux Enterprise Micro 5.1  
    zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-605=1

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-605=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-605=1

## Package List:

  * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-cavs-debuginfo-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debuginfo-8.4p1-150300.3.42.1
    * openssh-helpers-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-cavs-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debugsource-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-helpers-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debuginfo-8.4p1-150300.3.42.1
    * openssh-helpers-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debugsource-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-helpers-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debuginfo-8.4p1-150300.3.42.1
    * openssh-helpers-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debugsource-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-helpers-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debuginfo-8.4p1-150300.3.42.1
    * openssh-helpers-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debugsource-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-helpers-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debuginfo-8.4p1-150300.3.42.1
    * openssh-helpers-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debugsource-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-helpers-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debuginfo-8.4p1-150300.3.42.1
    * openssh-helpers-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debugsource-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-helpers-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debuginfo-8.4p1-150300.3.42.1
    * openssh-helpers-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debugsource-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-helpers-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debuginfo-8.4p1-150300.3.42.1
    * openssh-helpers-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debugsource-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-helpers-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debuginfo-8.4p1-150300.3.42.1
    * openssh-helpers-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debugsource-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-helpers-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debuginfo-8.4p1-150300.3.42.1
    * openssh-helpers-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debugsource-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-helpers-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debuginfo-8.4p1-150300.3.42.1
    * openssh-helpers-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debugsource-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-helpers-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debuginfo-8.4p1-150300.3.42.1
    * openssh-helpers-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debugsource-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-helpers-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-helpers-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-helpers-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-helpers-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-helpers-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-helpers-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-helpers-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debuginfo-8.4p1-150300.3.42.1
    * openssh-helpers-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debugsource-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-helpers-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-26465.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237040

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250221/2a156e06/attachment.htm>

From null at suse.de  Fri Feb 21 10:06:11 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 21 Feb 2025 10:06:11 -0000
Subject: SUSE-SU-2025:0517-2: important: Security update for the Linux Kernel
Message-ID: <174013237151.12478.15030640183822636292@smelt2.prg2.suse.org>



# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2025:0517-2  
Release Date: 2025-02-20T12:33:01Z  
Rating: important  
References:

  * bsc#1215420
  * bsc#1224763
  * bsc#1231847
  * bsc#1233112
  * bsc#1234025
  * bsc#1235217
  * bsc#1235230
  * bsc#1235249
  * bsc#1235430
  * bsc#1235441
  * bsc#1235466
  * bsc#1235645
  * bsc#1235759
  * bsc#1235814
  * bsc#1235818
  * bsc#1235920
  * bsc#1236104

  
Cross-References:

  * CVE-2023-4244
  * CVE-2023-52923
  * CVE-2024-35863
  * CVE-2024-50199
  * CVE-2024-53104
  * CVE-2024-56600
  * CVE-2024-56601
  * CVE-2024-56623
  * CVE-2024-56650
  * CVE-2024-56658
  * CVE-2024-56664
  * CVE-2024-56759
  * CVE-2024-57791
  * CVE-2024-57798
  * CVE-2024-57849
  * CVE-2024-57893

  
CVSS scores:

  * CVE-2023-4244 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-4244 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-4244 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-52923 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2023-52923 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-35863 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-35863 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50199 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56600 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56601 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56623 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56623 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56623 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56650 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56650 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56650 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-56658 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56658 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56658 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56664 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56664 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56664 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56759 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57791 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57791 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57798 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57798 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57798 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57849 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57849 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57893 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57893 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.3
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Availability Extension 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise Live Patching 15-SP3
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.2
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 Business Critical Linux
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Manager Proxy 4.2
  * SUSE Manager Retail Branch Server 4.2
  * SUSE Manager Server 4.2

  
  
An update that solves 16 vulnerabilities and has one security fix can now be
installed.

## Description:

The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security
bugfixes.

NOTE: This update was retracted due to a regression in NFS.

The following security bugs were fixed:

  * CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break()
    (bsc#1224763).
  * CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unuse_vma (bsc#1233112).
  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1234025).
  * CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in
    inet6_create() (bsc#1235217).
  * CVE-2024-56601: net: inet: do not leave a dangling sk pointer in
    inet_create() (bsc#1235230).
  * CVE-2024-56623: scsi: qla2xxx: Fix use after free on unload (bsc#1235466).
  * CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check()
    (bsc#1235430).
  * CVE-2024-56658: net: defer final 'struct net' free in netns dismantle
    (bsc#1235441).
  * CVE-2024-56664: bpf, sockmap: Fix race between element replace and close()
    (bsc#1235249).
  * CVE-2024-56759: btrfs: fix use-after-free when COWing tree bock and tracing
    is enabled (bsc#1235645).
  * CVE-2024-57791: net/smc: check return value of sock_recvmsg when draining
    clc data (bsc#1235759).
  * CVE-2024-57798: drm/dp_mst: Ensure mst_primary pointer is valid in
    drm_dp_mst_handle_up_req() (bsc#1235818).
  * CVE-2024-57849: s390/cpum_sf: Handle CPU hotplug remove during sampling
    (bsc#1235814).
  * CVE-2024-57893: ALSA: seq: oss: Fix races at processing SysEx messages
    (bsc#1235920).

The following non-security bugs were fixed:

  * NFS: Adjust the amount of readahead performed by NFS readdir (bsc#1231847).
  * NFS: Do not flush the readdir cache in nfs_dentry_iput() (bsc#1231847).
  * NFS: Improve heuristic for readdirplus (bsc#1231847).
  * NFS: Reduce readdir stack usage (bsc#1231847).
  * NFS: Trigger the "ls -l" readdir heuristic sooner (bsc#1231847).
  * NFS: Use kmemdup_nul() in nfs_readdir_make_qstr() (bsc#1231847).

## Special Instructions and Notes:

  * Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro 5.1  
    zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-517=1

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-517=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-517=1

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-517=1

  * SUSE Linux Enterprise Live Patching 15-SP3  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-517=1

  * SUSE Linux Enterprise High Availability Extension 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2025-517=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-517=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-517=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-517=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-517=1

## Package List:

  * SUSE Linux Enterprise Micro 5.1 (aarch64 nosrc s390x x86_64)
    * kernel-default-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
    * kernel-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-base-5.3.18-150300.59.191.1.150300.18.113.1
    * kernel-default-debugsource-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Micro 5.2 (aarch64 nosrc s390x x86_64)
    * kernel-default-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Micro 5.2 (aarch64 x86_64)
    * kernel-default-base-5.3.18-150300.59.191.1.150300.18.113.1
  * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
    * kernel-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-debugsource-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 nosrc s390x x86_64)
    * kernel-default-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 x86_64)
    * kernel-default-base-5.3.18-150300.59.191.1.150300.18.113.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
    * kernel-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-debugsource-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (noarch nosrc)
    * kernel-docs-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (noarch)
    * kernel-macros-5.3.18-150300.59.191.1
    * kernel-source-5.3.18-150300.59.191.1
    * kernel-docs-html-5.3.18-150300.59.191.1
    * kernel-source-vanilla-5.3.18-150300.59.191.1
    * kernel-devel-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (nosrc ppc64le x86_64)
    * kernel-debug-5.3.18-150300.59.191.1
    * kernel-kvmsmall-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (ppc64le x86_64)
    * kernel-debug-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-debug-debugsource-5.3.18-150300.59.191.1
    * kernel-kvmsmall-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-kvmsmall-devel-5.3.18-150300.59.191.1
    * kernel-kvmsmall-debugsource-5.3.18-150300.59.191.1
    * kernel-debug-devel-5.3.18-150300.59.191.1
    * kernel-debug-debuginfo-5.3.18-150300.59.191.1
    * kernel-kvmsmall-debuginfo-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64)
    * kernel-default-optional-5.3.18-150300.59.191.1
    * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * cluster-md-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-livepatch-5.3.18-150300.59.191.1
    * kernel-default-optional-debuginfo-5.3.18-150300.59.191.1
    * kernel-syms-5.3.18-150300.59.191.1
    * kernel-obs-build-5.3.18-150300.59.191.1
    * ocfs2-kmp-default-5.3.18-150300.59.191.1
    * gfs2-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-devel-5.3.18-150300.59.191.1
    * kernel-obs-qa-5.3.18-150300.59.191.1
    * kernel-default-base-5.3.18-150300.59.191.1.150300.18.113.1
    * gfs2-kmp-default-5.3.18-150300.59.191.1
    * dlm-kmp-default-5.3.18-150300.59.191.1
    * kselftests-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * ocfs2-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-base-rebuild-5.3.18-150300.59.191.1.150300.18.113.1
    * kernel-default-extra-debuginfo-5.3.18-150300.59.191.1
    * reiserfs-kmp-default-5.3.18-150300.59.191.1
    * kernel-default-debugsource-5.3.18-150300.59.191.1
    * kernel-default-extra-5.3.18-150300.59.191.1
    * dlm-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * cluster-md-kmp-default-5.3.18-150300.59.191.1
    * kselftests-kmp-default-5.3.18-150300.59.191.1
    * kernel-obs-build-debugsource-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 nosrc)
    * kernel-default-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (ppc64le s390x x86_64)
    * kernel-default-livepatch-devel-5.3.18-150300.59.191.1
    * kernel-livepatch-5_3_18-150300_59_191-default-debuginfo-1-150300.7.3.1
    * kernel-livepatch-SLE15-SP3_Update_53-debugsource-1-150300.7.3.1
    * kernel-livepatch-5_3_18-150300_59_191-default-1-150300.7.3.1
  * openSUSE Leap 15.3 (x86_64)
    * kernel-livepatch-5_3_18-150300_59_191-preempt-1-150300.7.3.1
    * kernel-livepatch-5_3_18-150300_59_191-preempt-debuginfo-1-150300.7.3.1
  * openSUSE Leap 15.3 (aarch64 x86_64)
    * cluster-md-kmp-preempt-5.3.18-150300.59.191.1
    * dlm-kmp-preempt-5.3.18-150300.59.191.1
    * reiserfs-kmp-preempt-5.3.18-150300.59.191.1
    * kselftests-kmp-preempt-debuginfo-5.3.18-150300.59.191.1
    * kernel-preempt-optional-debuginfo-5.3.18-150300.59.191.1
    * dlm-kmp-preempt-debuginfo-5.3.18-150300.59.191.1
    * cluster-md-kmp-preempt-debuginfo-5.3.18-150300.59.191.1
    * kernel-preempt-debugsource-5.3.18-150300.59.191.1
    * kernel-preempt-devel-debuginfo-5.3.18-150300.59.191.1
    * kselftests-kmp-preempt-5.3.18-150300.59.191.1
    * gfs2-kmp-preempt-5.3.18-150300.59.191.1
    * kernel-preempt-extra-debuginfo-5.3.18-150300.59.191.1
    * gfs2-kmp-preempt-debuginfo-5.3.18-150300.59.191.1
    * kernel-preempt-optional-5.3.18-150300.59.191.1
    * ocfs2-kmp-preempt-debuginfo-5.3.18-150300.59.191.1
    * ocfs2-kmp-preempt-5.3.18-150300.59.191.1
    * reiserfs-kmp-preempt-debuginfo-5.3.18-150300.59.191.1
    * kernel-preempt-debuginfo-5.3.18-150300.59.191.1
    * kernel-preempt-extra-5.3.18-150300.59.191.1
    * kernel-preempt-devel-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (aarch64 nosrc x86_64)
    * kernel-preempt-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (nosrc s390x)
    * kernel-zfcpdump-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (s390x)
    * kernel-zfcpdump-debuginfo-5.3.18-150300.59.191.1
    * kernel-zfcpdump-debugsource-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (nosrc)
    * dtb-aarch64-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (aarch64)
    * dtb-lg-5.3.18-150300.59.191.1
    * dtb-hisilicon-5.3.18-150300.59.191.1
    * dtb-rockchip-5.3.18-150300.59.191.1
    * dtb-cavium-5.3.18-150300.59.191.1
    * reiserfs-kmp-64kb-debuginfo-5.3.18-150300.59.191.1
    * kernel-64kb-extra-5.3.18-150300.59.191.1
    * cluster-md-kmp-64kb-debuginfo-5.3.18-150300.59.191.1
    * dtb-arm-5.3.18-150300.59.191.1
    * dtb-allwinner-5.3.18-150300.59.191.1
    * dtb-mediatek-5.3.18-150300.59.191.1
    * dtb-amd-5.3.18-150300.59.191.1
    * dtb-nvidia-5.3.18-150300.59.191.1
    * kernel-64kb-debuginfo-5.3.18-150300.59.191.1
    * reiserfs-kmp-64kb-5.3.18-150300.59.191.1
    * dtb-exynos-5.3.18-150300.59.191.1
    * ocfs2-kmp-64kb-5.3.18-150300.59.191.1
    * dtb-freescale-5.3.18-150300.59.191.1
    * dtb-sprd-5.3.18-150300.59.191.1
    * dtb-zte-5.3.18-150300.59.191.1
    * kselftests-kmp-64kb-debuginfo-5.3.18-150300.59.191.1
    * dtb-xilinx-5.3.18-150300.59.191.1
    * dtb-broadcom-5.3.18-150300.59.191.1
    * kernel-64kb-devel-debuginfo-5.3.18-150300.59.191.1
    * dlm-kmp-64kb-5.3.18-150300.59.191.1
    * dlm-kmp-64kb-debuginfo-5.3.18-150300.59.191.1
    * dtb-altera-5.3.18-150300.59.191.1
    * kernel-64kb-optional-5.3.18-150300.59.191.1
    * dtb-socionext-5.3.18-150300.59.191.1
    * dtb-amlogic-5.3.18-150300.59.191.1
    * dtb-apm-5.3.18-150300.59.191.1
    * dtb-al-5.3.18-150300.59.191.1
    * kernel-64kb-extra-debuginfo-5.3.18-150300.59.191.1
    * gfs2-kmp-64kb-debuginfo-5.3.18-150300.59.191.1
    * kernel-64kb-optional-debuginfo-5.3.18-150300.59.191.1
    * dtb-qcom-5.3.18-150300.59.191.1
    * kernel-64kb-devel-5.3.18-150300.59.191.1
    * dtb-marvell-5.3.18-150300.59.191.1
    * kselftests-kmp-64kb-5.3.18-150300.59.191.1
    * cluster-md-kmp-64kb-5.3.18-150300.59.191.1
    * gfs2-kmp-64kb-5.3.18-150300.59.191.1
    * kernel-64kb-debugsource-5.3.18-150300.59.191.1
    * ocfs2-kmp-64kb-debuginfo-5.3.18-150300.59.191.1
    * dtb-renesas-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (aarch64 nosrc)
    * kernel-64kb-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Live Patching 15-SP3 (nosrc)
    * kernel-default-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64)
    * kernel-livepatch-5_3_18-150300_59_191-default-1-150300.7.3.1
    * kernel-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-livepatch-devel-5.3.18-150300.59.191.1
    * kernel-default-debugsource-5.3.18-150300.59.191.1
    * kernel-default-livepatch-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise High Availability Extension 15 SP3 (aarch64 ppc64le
    s390x x86_64)
    * ocfs2-kmp-default-5.3.18-150300.59.191.1
    * ocfs2-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * gfs2-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * cluster-md-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * dlm-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-debuginfo-5.3.18-150300.59.191.1
    * cluster-md-kmp-default-5.3.18-150300.59.191.1
    * kernel-default-debugsource-5.3.18-150300.59.191.1
    * gfs2-kmp-default-5.3.18-150300.59.191.1
    * dlm-kmp-default-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise High Availability Extension 15 SP3 (nosrc)
    * kernel-default-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 nosrc)
    * kernel-64kb-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64)
    * kernel-64kb-devel-5.3.18-150300.59.191.1
    * kernel-64kb-debugsource-5.3.18-150300.59.191.1
    * kernel-64kb-debuginfo-5.3.18-150300.59.191.1
    * kernel-64kb-devel-debuginfo-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 nosrc
    x86_64)
    * kernel-default-5.3.18-150300.59.191.1
    * kernel-preempt-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-preempt-debugsource-5.3.18-150300.59.191.1
    * kernel-preempt-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-devel-5.3.18-150300.59.191.1
    * reiserfs-kmp-default-5.3.18-150300.59.191.1
    * kernel-default-debugsource-5.3.18-150300.59.191.1
    * kernel-default-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-preempt-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-base-5.3.18-150300.59.191.1.150300.18.113.1
    * kernel-obs-build-debugsource-5.3.18-150300.59.191.1
    * kernel-syms-5.3.18-150300.59.191.1
    * kernel-obs-build-5.3.18-150300.59.191.1
    * kernel-preempt-devel-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * kernel-devel-5.3.18-150300.59.191.1
    * kernel-source-5.3.18-150300.59.191.1
    * kernel-macros-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch nosrc)
    * kernel-docs-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 nosrc)
    * kernel-64kb-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64)
    * kernel-64kb-devel-5.3.18-150300.59.191.1
    * kernel-64kb-debugsource-5.3.18-150300.59.191.1
    * kernel-64kb-debuginfo-5.3.18-150300.59.191.1
    * kernel-64kb-devel-debuginfo-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64
    nosrc)
    * kernel-default-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-devel-5.3.18-150300.59.191.1
    * reiserfs-kmp-default-5.3.18-150300.59.191.1
    * kernel-default-debugsource-5.3.18-150300.59.191.1
    * kernel-default-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-base-5.3.18-150300.59.191.1.150300.18.113.1
    * kernel-obs-build-debugsource-5.3.18-150300.59.191.1
    * kernel-syms-5.3.18-150300.59.191.1
    * kernel-obs-build-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * kernel-devel-5.3.18-150300.59.191.1
    * kernel-source-5.3.18-150300.59.191.1
    * kernel-macros-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch nosrc)
    * kernel-docs-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 nosrc x86_64)
    * kernel-preempt-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 x86_64)
    * kernel-preempt-debugsource-5.3.18-150300.59.191.1
    * kernel-preempt-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-preempt-debuginfo-5.3.18-150300.59.191.1
    * kernel-preempt-devel-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (nosrc s390x)
    * kernel-zfcpdump-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (s390x)
    * kernel-zfcpdump-debuginfo-5.3.18-150300.59.191.1
    * kernel-zfcpdump-debugsource-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc ppc64le
    x86_64)
    * kernel-default-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-devel-5.3.18-150300.59.191.1
    * reiserfs-kmp-default-5.3.18-150300.59.191.1
    * kernel-default-debugsource-5.3.18-150300.59.191.1
    * kernel-default-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-base-5.3.18-150300.59.191.1.150300.18.113.1
    * kernel-obs-build-debugsource-5.3.18-150300.59.191.1
    * kernel-syms-5.3.18-150300.59.191.1
    * kernel-obs-build-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * kernel-devel-5.3.18-150300.59.191.1
    * kernel-source-5.3.18-150300.59.191.1
    * kernel-macros-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch nosrc)
    * kernel-docs-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc x86_64)
    * kernel-preempt-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64)
    * kernel-preempt-debugsource-5.3.18-150300.59.191.1
    * kernel-preempt-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-preempt-debuginfo-5.3.18-150300.59.191.1
    * kernel-preempt-devel-5.3.18-150300.59.191.1
  * SUSE Enterprise Storage 7.1 (aarch64 nosrc)
    * kernel-64kb-5.3.18-150300.59.191.1
  * SUSE Enterprise Storage 7.1 (aarch64)
    * kernel-64kb-devel-5.3.18-150300.59.191.1
    * kernel-64kb-debugsource-5.3.18-150300.59.191.1
    * kernel-64kb-debuginfo-5.3.18-150300.59.191.1
    * kernel-64kb-devel-debuginfo-5.3.18-150300.59.191.1
  * SUSE Enterprise Storage 7.1 (aarch64 nosrc x86_64)
    * kernel-default-5.3.18-150300.59.191.1
    * kernel-preempt-5.3.18-150300.59.191.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-preempt-debugsource-5.3.18-150300.59.191.1
    * kernel-preempt-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-devel-5.3.18-150300.59.191.1
    * reiserfs-kmp-default-5.3.18-150300.59.191.1
    * kernel-default-debugsource-5.3.18-150300.59.191.1
    * kernel-default-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-preempt-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-base-5.3.18-150300.59.191.1.150300.18.113.1
    * kernel-obs-build-debugsource-5.3.18-150300.59.191.1
    * kernel-syms-5.3.18-150300.59.191.1
    * kernel-obs-build-5.3.18-150300.59.191.1
    * kernel-preempt-devel-5.3.18-150300.59.191.1
  * SUSE Enterprise Storage 7.1 (noarch)
    * kernel-devel-5.3.18-150300.59.191.1
    * kernel-source-5.3.18-150300.59.191.1
    * kernel-macros-5.3.18-150300.59.191.1
  * SUSE Enterprise Storage 7.1 (noarch nosrc)
    * kernel-docs-5.3.18-150300.59.191.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-4244.html
  * https://www.suse.com/security/cve/CVE-2023-52923.html
  * https://www.suse.com/security/cve/CVE-2024-35863.html
  * https://www.suse.com/security/cve/CVE-2024-50199.html
  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://www.suse.com/security/cve/CVE-2024-56600.html
  * https://www.suse.com/security/cve/CVE-2024-56601.html
  * https://www.suse.com/security/cve/CVE-2024-56623.html
  * https://www.suse.com/security/cve/CVE-2024-56650.html
  * https://www.suse.com/security/cve/CVE-2024-56658.html
  * https://www.suse.com/security/cve/CVE-2024-56664.html
  * https://www.suse.com/security/cve/CVE-2024-56759.html
  * https://www.suse.com/security/cve/CVE-2024-57791.html
  * https://www.suse.com/security/cve/CVE-2024-57798.html
  * https://www.suse.com/security/cve/CVE-2024-57849.html
  * https://www.suse.com/security/cve/CVE-2024-57893.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1215420
  * https://bugzilla.suse.com/show_bug.cgi?id=1224763
  * https://bugzilla.suse.com/show_bug.cgi?id=1231847
  * https://bugzilla.suse.com/show_bug.cgi?id=1233112
  * https://bugzilla.suse.com/show_bug.cgi?id=1234025
  * https://bugzilla.suse.com/show_bug.cgi?id=1235217
  * https://bugzilla.suse.com/show_bug.cgi?id=1235230
  * https://bugzilla.suse.com/show_bug.cgi?id=1235249
  * https://bugzilla.suse.com/show_bug.cgi?id=1235430
  * https://bugzilla.suse.com/show_bug.cgi?id=1235441
  * https://bugzilla.suse.com/show_bug.cgi?id=1235466
  * https://bugzilla.suse.com/show_bug.cgi?id=1235645
  * https://bugzilla.suse.com/show_bug.cgi?id=1235759
  * https://bugzilla.suse.com/show_bug.cgi?id=1235814
  * https://bugzilla.suse.com/show_bug.cgi?id=1235818
  * https://bugzilla.suse.com/show_bug.cgi?id=1235920
  * https://bugzilla.suse.com/show_bug.cgi?id=1236104

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250221/ef31107a/attachment.htm>

From null at suse.de  Fri Feb 21 10:06:25 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 21 Feb 2025 10:06:25 -0000
Subject: SUSE-SU-2025:0603-1: important: Security update for the Linux Kernel
Message-ID: <174013238551.12478.4912879855163175686@smelt2.prg2.suse.org>



# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2025:0603-1  
Release Date: 2025-02-20T10:34:39Z  
Rating: important  
References:

  * bsc#1224763
  * bsc#1234025
  * bsc#1234853
  * bsc#1234891
  * bsc#1234963
  * bsc#1235054
  * bsc#1235061
  * bsc#1235073
  * bsc#1235217
  * bsc#1235230
  * bsc#1235430
  * bsc#1235645
  * bsc#1235812
  * bsc#1235920

  
Cross-References:

  * CVE-2024-35863
  * CVE-2024-53104
  * CVE-2024-53173
  * CVE-2024-53239
  * CVE-2024-56539
  * CVE-2024-56548
  * CVE-2024-56600
  * CVE-2024-56601
  * CVE-2024-56605
  * CVE-2024-56650
  * CVE-2024-56759
  * CVE-2024-57850
  * CVE-2024-57893

  
CVSS scores:

  * CVE-2024-35863 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-35863 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53173 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53173 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53173 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53173 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53239 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53239 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53239 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53239 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56539 ( SUSE ):  8.6
    CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56539 ( SUSE ):  8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-56548 ( SUSE ):  8.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56548 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56600 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56601 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56605 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56605 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56605 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56605 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56650 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56650 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56650 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-56759 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56759 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57850 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57850 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57893 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57893 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Linux Enterprise Server 11 SP4
  * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE

  
  
An update that solves 13 vulnerabilities and has one security fix can now be
installed.

## Description:

The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security
bugfixes.

The following security bugs were fixed:

  * CVE-2024-35863: smb: client: fix potential UAF in is_valid_oplock_break()
    (bsc#1224763).
  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1234025).
  * CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in
    inet6_create() (bsc#1235217).
  * CVE-2024-56601: net: inet: do not leave a dangling sk pointer in
    inet_create() (bsc#1235230).
  * CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check()
    (bsc#1235430).
  * CVE-2024-56759: btrfs: fix use-after-free when COWing tree bock and tracing
    is enabled (bsc#1235645).
  * CVE-2024-57850: jffs2: Prevent rtime decompress memory corruption
    (bsc#1235812).
  * CVE-2024-57893: ALSA: seq: oss: Fix races at processing SysEx messages
    (bsc#1235920).

## Special Instructions and Notes:

  * Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE  
    zypper in -t patch SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2025-603=1

  * SUSE Linux Enterprise Server 11 SP4  
    zypper in -t patch SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2025-603=1

## Package List:

  * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE (nosrc x86_64)
    * kernel-xen-3.0.101-108.177.1
    * kernel-default-3.0.101-108.177.1
    * kernel-ec2-3.0.101-108.177.1
    * kernel-trace-3.0.101-108.177.1
  * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE (x86_64)
    * kernel-default-devel-3.0.101-108.177.1
    * kernel-xen-base-3.0.101-108.177.1
    * kernel-syms-3.0.101-108.177.1
    * kernel-ec2-devel-3.0.101-108.177.1
    * kernel-trace-devel-3.0.101-108.177.1
    * kernel-default-base-3.0.101-108.177.1
    * kernel-xen-devel-3.0.101-108.177.1
    * kernel-source-3.0.101-108.177.1
    * kernel-ec2-base-3.0.101-108.177.1
    * kernel-trace-base-3.0.101-108.177.1
  * SUSE Linux Enterprise Server 11 SP4 (nosrc x86_64)
    * kernel-xen-3.0.101-108.177.1
    * kernel-default-3.0.101-108.177.1
    * kernel-ec2-3.0.101-108.177.1
    * kernel-trace-3.0.101-108.177.1
  * SUSE Linux Enterprise Server 11 SP4 (x86_64)
    * kernel-default-devel-3.0.101-108.177.1
    * kernel-xen-base-3.0.101-108.177.1
    * kernel-syms-3.0.101-108.177.1
    * kernel-ec2-devel-3.0.101-108.177.1
    * kernel-trace-devel-3.0.101-108.177.1
    * kernel-default-base-3.0.101-108.177.1
    * kernel-xen-devel-3.0.101-108.177.1
    * kernel-source-3.0.101-108.177.1
    * kernel-ec2-base-3.0.101-108.177.1
    * kernel-trace-base-3.0.101-108.177.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-35863.html
  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://www.suse.com/security/cve/CVE-2024-53173.html
  * https://www.suse.com/security/cve/CVE-2024-53239.html
  * https://www.suse.com/security/cve/CVE-2024-56539.html
  * https://www.suse.com/security/cve/CVE-2024-56548.html
  * https://www.suse.com/security/cve/CVE-2024-56600.html
  * https://www.suse.com/security/cve/CVE-2024-56601.html
  * https://www.suse.com/security/cve/CVE-2024-56605.html
  * https://www.suse.com/security/cve/CVE-2024-56650.html
  * https://www.suse.com/security/cve/CVE-2024-56759.html
  * https://www.suse.com/security/cve/CVE-2024-57850.html
  * https://www.suse.com/security/cve/CVE-2024-57893.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1224763
  * https://bugzilla.suse.com/show_bug.cgi?id=1234025
  * https://bugzilla.suse.com/show_bug.cgi?id=1234853
  * https://bugzilla.suse.com/show_bug.cgi?id=1234891
  * https://bugzilla.suse.com/show_bug.cgi?id=1234963
  * https://bugzilla.suse.com/show_bug.cgi?id=1235054
  * https://bugzilla.suse.com/show_bug.cgi?id=1235061
  * https://bugzilla.suse.com/show_bug.cgi?id=1235073
  * https://bugzilla.suse.com/show_bug.cgi?id=1235217
  * https://bugzilla.suse.com/show_bug.cgi?id=1235230
  * https://bugzilla.suse.com/show_bug.cgi?id=1235430
  * https://bugzilla.suse.com/show_bug.cgi?id=1235645
  * https://bugzilla.suse.com/show_bug.cgi?id=1235812
  * https://bugzilla.suse.com/show_bug.cgi?id=1235920

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250221/f5cea3c2/attachment.htm>

From null at suse.de  Fri Feb 21 10:06:28 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 21 Feb 2025 10:06:28 -0000
Subject: SUSE-SU-2025:0602-1: important: Security update for helm
Message-ID: <174013238856.12478.11172273647174840623@smelt2.prg2.suse.org>



# Security update for helm

Announcement ID: SUSE-SU-2025:0602-1  
Release Date: 2025-02-20T09:16:12Z  
Rating: important  
References:

  * bsc#1234482
  * bsc#1235318

  
Cross-References:

  * CVE-2024-45337
  * CVE-2024-45338

  
CVSS scores:

  * CVE-2024-45337 ( SUSE ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45337 ( NVD ):  9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
  * CVE-2024-45338 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-45338 ( SUSE ):  5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-45338 ( NVD ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

  
Affected Products:

  * Containers Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Package Hub 15 15-SP6

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for helm fixes the following issues:

Update to version 3.17.1:

  * CVE-2024-45338: Fixed denial of service due to non-linear parsing of case-
    insensitive content (bsc#1235318).
  * CVE-2024-45337: Fixed misuse of ServerConfig.PublicKeyCallback to prevent
    authorization bypass in golang.org/x/crypto (bsc#1234482).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-602=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-602=1

  * Containers Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-602=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-602=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-602=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-602=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-602=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-602=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-602=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-602=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-602=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-602=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-602=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-602=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-602=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-602=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * helm-3.17.1-150000.1.41.1
    * helm-debuginfo-3.17.1-150000.1.41.1
  * openSUSE Leap 15.6 (noarch)
    * helm-bash-completion-3.17.1-150000.1.41.1
    * helm-fish-completion-3.17.1-150000.1.41.1
    * helm-zsh-completion-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * helm-3.17.1-150000.1.41.1
    * helm-debuginfo-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise Micro 5.5 (noarch)
    * helm-bash-completion-3.17.1-150000.1.41.1
  * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * helm-3.17.1-150000.1.41.1
    * helm-debuginfo-3.17.1-150000.1.41.1
  * Containers Module 15-SP6 (noarch)
    * helm-bash-completion-3.17.1-150000.1.41.1
    * helm-zsh-completion-3.17.1-150000.1.41.1
  * SUSE Package Hub 15 15-SP6 (noarch)
    * helm-fish-completion-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * helm-3.17.1-150000.1.41.1
    * helm-debuginfo-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * helm-bash-completion-3.17.1-150000.1.41.1
    * helm-zsh-completion-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * helm-3.17.1-150000.1.41.1
    * helm-debuginfo-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * helm-bash-completion-3.17.1-150000.1.41.1
    * helm-zsh-completion-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * helm-3.17.1-150000.1.41.1
    * helm-debuginfo-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * helm-bash-completion-3.17.1-150000.1.41.1
    * helm-zsh-completion-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * helm-3.17.1-150000.1.41.1
    * helm-debuginfo-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * helm-bash-completion-3.17.1-150000.1.41.1
    * helm-zsh-completion-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * helm-3.17.1-150000.1.41.1
    * helm-debuginfo-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * helm-bash-completion-3.17.1-150000.1.41.1
    * helm-zsh-completion-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * helm-3.17.1-150000.1.41.1
    * helm-debuginfo-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * helm-bash-completion-3.17.1-150000.1.41.1
    * helm-zsh-completion-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * helm-3.17.1-150000.1.41.1
    * helm-debuginfo-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * helm-bash-completion-3.17.1-150000.1.41.1
    * helm-zsh-completion-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * helm-3.17.1-150000.1.41.1
    * helm-debuginfo-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * helm-bash-completion-3.17.1-150000.1.41.1
    * helm-zsh-completion-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * helm-3.17.1-150000.1.41.1
    * helm-debuginfo-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * helm-bash-completion-3.17.1-150000.1.41.1
    * helm-zsh-completion-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * helm-3.17.1-150000.1.41.1
    * helm-debuginfo-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * helm-bash-completion-3.17.1-150000.1.41.1
    * helm-zsh-completion-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * helm-3.17.1-150000.1.41.1
    * helm-debuginfo-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * helm-bash-completion-3.17.1-150000.1.41.1
    * helm-zsh-completion-3.17.1-150000.1.41.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * helm-3.17.1-150000.1.41.1
    * helm-debuginfo-3.17.1-150000.1.41.1
  * SUSE Enterprise Storage 7.1 (noarch)
    * helm-bash-completion-3.17.1-150000.1.41.1
    * helm-zsh-completion-3.17.1-150000.1.41.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-45337.html
  * https://www.suse.com/security/cve/CVE-2024-45338.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1234482
  * https://bugzilla.suse.com/show_bug.cgi?id=1235318

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250221/fbdf0f1a/attachment.htm>

From null at suse.de  Fri Feb 21 10:06:31 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 21 Feb 2025 10:06:31 -0000
Subject: SUSE-SU-2025:0601-1: important: Security update for brise
Message-ID: <174013239155.12478.12359711302855114266@smelt2.prg2.suse.org>



# Security update for brise

Announcement ID: SUSE-SU-2025:0601-1  
Release Date: 2025-02-20T09:14:15Z  
Rating: important  
References:

  * bsc#1234597
  * bsc#1235573

  
Cross-References:

  * CVE-2024-45337
  * CVE-2025-21613

  
CVSS scores:

  * CVE-2024-45337 ( SUSE ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45337 ( NVD ):  9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
  * CVE-2025-21613 ( SUSE ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-21613 ( NVD ):  9.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Clear
  * CVE-2025-21613 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * Desktop Applications Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for brise fixes the following issues:

  * CVE-2025-21613: Fixed argument injection via the URL field (bsc#1235573).
  * CVE-2024-45337: Fixed authorization bypass in golang.org/x/crypto via the
    ServerConfig.PublicKeyCallback callback (bsc#1234597).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-601=1 SUSE-2025-601=1

  * Desktop Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-601=1

## Package List:

  * openSUSE Leap 15.6 (noarch)
    * rime-schema-soutzoe-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-emoji-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-bopomofo-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-wugniu-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-luna-pinyin-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-wubi-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-stenotype-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-pinyin-simp-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-terra-pinyin-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-cantonese-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-default-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-quick-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-custom-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-essay-simp-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-essay-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-ipa-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-scj-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-all-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-double-pinyin-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-array-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-combo-pinyin-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-middle-chinese-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-prelude-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-cangjie-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-stroke-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-extra-20230603+git.5fdd2d6-150600.3.8.1
  * Desktop Applications Module 15-SP6 (noarch)
    * rime-schema-soutzoe-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-emoji-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-bopomofo-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-wugniu-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-luna-pinyin-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-wubi-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-stenotype-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-pinyin-simp-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-terra-pinyin-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-cantonese-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-default-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-quick-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-custom-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-essay-simp-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-essay-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-ipa-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-scj-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-all-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-double-pinyin-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-array-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-combo-pinyin-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-middle-chinese-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-prelude-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-cangjie-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-stroke-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-extra-20230603+git.5fdd2d6-150600.3.8.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-45337.html
  * https://www.suse.com/security/cve/CVE-2025-21613.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1234597
  * https://bugzilla.suse.com/show_bug.cgi?id=1235573

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250221/82b7e9b1/attachment.htm>

From null at suse.de  Fri Feb 21 10:06:41 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 21 Feb 2025 10:06:41 -0000
Subject: SUSE-SU-2025:0599-1: important: Security update for emacs
Message-ID: <174013240184.12478.5096801306209586463@smelt2.prg2.suse.org>



# Security update for emacs

Announcement ID: SUSE-SU-2025:0599-1  
Release Date: 2025-02-19T16:09:36Z  
Rating: important  
References:

  * bsc#1237091

  
Cross-References:

  * CVE-2025-1244

  
CVSS scores:

  * CVE-2025-1244 ( SUSE ):  7.7
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-1244 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1244 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * Desktop Applications Module 15-SP6
  * openSUSE Leap 15.4
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for emacs fixes the following issues:

  * CVE-2025-1244: improper handling of custom "man" URI schemes allow for shell
    command injections. (bsc#1237091)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-599=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-599=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-599=1

  * Desktop Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-599=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-599=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-599=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-599=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-599=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-599=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-599=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-599=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-599=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-599=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-599=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-599=1

## Package List:

  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * emacs-nox-debuginfo-27.2-150400.3.23.2
    * emacs-x11-27.2-150400.3.23.2
    * emacs-debugsource-27.2-150400.3.23.2
    * etags-27.2-150400.3.23.2
    * emacs-x11-debuginfo-27.2-150400.3.23.2
    * emacs-debuginfo-27.2-150400.3.23.2
    * etags-debuginfo-27.2-150400.3.23.2
    * emacs-27.2-150400.3.23.2
    * emacs-nox-27.2-150400.3.23.2
  * openSUSE Leap 15.4 (noarch)
    * emacs-el-27.2-150400.3.23.2
    * emacs-info-27.2-150400.3.23.2
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * emacs-nox-debuginfo-27.2-150400.3.23.2
    * emacs-x11-27.2-150400.3.23.2
    * emacs-debugsource-27.2-150400.3.23.2
    * etags-27.2-150400.3.23.2
    * emacs-x11-debuginfo-27.2-150400.3.23.2
    * emacs-debuginfo-27.2-150400.3.23.2
    * etags-debuginfo-27.2-150400.3.23.2
    * emacs-27.2-150400.3.23.2
    * emacs-nox-27.2-150400.3.23.2
  * openSUSE Leap 15.6 (noarch)
    * emacs-el-27.2-150400.3.23.2
    * emacs-info-27.2-150400.3.23.2
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * emacs-nox-debuginfo-27.2-150400.3.23.2
    * emacs-debugsource-27.2-150400.3.23.2
    * etags-27.2-150400.3.23.2
    * emacs-debuginfo-27.2-150400.3.23.2
    * etags-debuginfo-27.2-150400.3.23.2
    * emacs-27.2-150400.3.23.2
    * emacs-nox-27.2-150400.3.23.2
  * Basesystem Module 15-SP6 (noarch)
    * emacs-el-27.2-150400.3.23.2
    * emacs-info-27.2-150400.3.23.2
  * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * emacs-x11-27.2-150400.3.23.2
    * emacs-x11-debuginfo-27.2-150400.3.23.2
    * emacs-debugsource-27.2-150400.3.23.2
    * emacs-debuginfo-27.2-150400.3.23.2
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * emacs-nox-debuginfo-27.2-150400.3.23.2
    * emacs-x11-27.2-150400.3.23.2
    * emacs-debugsource-27.2-150400.3.23.2
    * etags-27.2-150400.3.23.2
    * emacs-x11-debuginfo-27.2-150400.3.23.2
    * emacs-debuginfo-27.2-150400.3.23.2
    * etags-debuginfo-27.2-150400.3.23.2
    * emacs-27.2-150400.3.23.2
    * emacs-nox-27.2-150400.3.23.2
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * emacs-el-27.2-150400.3.23.2
    * emacs-info-27.2-150400.3.23.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * emacs-nox-debuginfo-27.2-150400.3.23.2
    * emacs-x11-27.2-150400.3.23.2
    * emacs-debugsource-27.2-150400.3.23.2
    * etags-27.2-150400.3.23.2
    * emacs-x11-debuginfo-27.2-150400.3.23.2
    * emacs-debuginfo-27.2-150400.3.23.2
    * etags-debuginfo-27.2-150400.3.23.2
    * emacs-27.2-150400.3.23.2
    * emacs-nox-27.2-150400.3.23.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * emacs-el-27.2-150400.3.23.2
    * emacs-info-27.2-150400.3.23.2
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * emacs-nox-debuginfo-27.2-150400.3.23.2
    * emacs-x11-27.2-150400.3.23.2
    * emacs-debugsource-27.2-150400.3.23.2
    * etags-27.2-150400.3.23.2
    * emacs-x11-debuginfo-27.2-150400.3.23.2
    * emacs-debuginfo-27.2-150400.3.23.2
    * etags-debuginfo-27.2-150400.3.23.2
    * emacs-27.2-150400.3.23.2
    * emacs-nox-27.2-150400.3.23.2
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * emacs-el-27.2-150400.3.23.2
    * emacs-info-27.2-150400.3.23.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * emacs-nox-debuginfo-27.2-150400.3.23.2
    * emacs-x11-27.2-150400.3.23.2
    * emacs-debugsource-27.2-150400.3.23.2
    * etags-27.2-150400.3.23.2
    * emacs-x11-debuginfo-27.2-150400.3.23.2
    * emacs-debuginfo-27.2-150400.3.23.2
    * etags-debuginfo-27.2-150400.3.23.2
    * emacs-27.2-150400.3.23.2
    * emacs-nox-27.2-150400.3.23.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * emacs-el-27.2-150400.3.23.2
    * emacs-info-27.2-150400.3.23.2
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * emacs-nox-debuginfo-27.2-150400.3.23.2
    * emacs-x11-27.2-150400.3.23.2
    * emacs-debugsource-27.2-150400.3.23.2
    * etags-27.2-150400.3.23.2
    * emacs-x11-debuginfo-27.2-150400.3.23.2
    * emacs-debuginfo-27.2-150400.3.23.2
    * etags-debuginfo-27.2-150400.3.23.2
    * emacs-27.2-150400.3.23.2
    * emacs-nox-27.2-150400.3.23.2
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * emacs-el-27.2-150400.3.23.2
    * emacs-info-27.2-150400.3.23.2
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * emacs-nox-debuginfo-27.2-150400.3.23.2
    * emacs-x11-27.2-150400.3.23.2
    * emacs-debugsource-27.2-150400.3.23.2
    * etags-27.2-150400.3.23.2
    * emacs-x11-debuginfo-27.2-150400.3.23.2
    * emacs-debuginfo-27.2-150400.3.23.2
    * etags-debuginfo-27.2-150400.3.23.2
    * emacs-27.2-150400.3.23.2
    * emacs-nox-27.2-150400.3.23.2
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * emacs-el-27.2-150400.3.23.2
    * emacs-info-27.2-150400.3.23.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * emacs-nox-debuginfo-27.2-150400.3.23.2
    * emacs-x11-27.2-150400.3.23.2
    * emacs-debugsource-27.2-150400.3.23.2
    * etags-27.2-150400.3.23.2
    * emacs-x11-debuginfo-27.2-150400.3.23.2
    * emacs-debuginfo-27.2-150400.3.23.2
    * etags-debuginfo-27.2-150400.3.23.2
    * emacs-27.2-150400.3.23.2
    * emacs-nox-27.2-150400.3.23.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * emacs-el-27.2-150400.3.23.2
    * emacs-info-27.2-150400.3.23.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * emacs-nox-debuginfo-27.2-150400.3.23.2
    * emacs-x11-27.2-150400.3.23.2
    * emacs-debugsource-27.2-150400.3.23.2
    * etags-27.2-150400.3.23.2
    * emacs-x11-debuginfo-27.2-150400.3.23.2
    * emacs-debuginfo-27.2-150400.3.23.2
    * etags-debuginfo-27.2-150400.3.23.2
    * emacs-27.2-150400.3.23.2
    * emacs-nox-27.2-150400.3.23.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * emacs-el-27.2-150400.3.23.2
    * emacs-info-27.2-150400.3.23.2
  * SUSE Manager Proxy 4.3 (x86_64)
    * emacs-nox-debuginfo-27.2-150400.3.23.2
    * emacs-debugsource-27.2-150400.3.23.2
    * etags-27.2-150400.3.23.2
    * emacs-debuginfo-27.2-150400.3.23.2
    * etags-debuginfo-27.2-150400.3.23.2
    * emacs-27.2-150400.3.23.2
    * emacs-nox-27.2-150400.3.23.2
  * SUSE Manager Proxy 4.3 (noarch)
    * emacs-el-27.2-150400.3.23.2
    * emacs-info-27.2-150400.3.23.2
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * emacs-nox-debuginfo-27.2-150400.3.23.2
    * emacs-debugsource-27.2-150400.3.23.2
    * etags-27.2-150400.3.23.2
    * emacs-debuginfo-27.2-150400.3.23.2
    * etags-debuginfo-27.2-150400.3.23.2
    * emacs-27.2-150400.3.23.2
    * emacs-nox-27.2-150400.3.23.2
  * SUSE Manager Retail Branch Server 4.3 (noarch)
    * emacs-el-27.2-150400.3.23.2
    * emacs-info-27.2-150400.3.23.2
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * emacs-nox-debuginfo-27.2-150400.3.23.2
    * emacs-debugsource-27.2-150400.3.23.2
    * etags-27.2-150400.3.23.2
    * emacs-debuginfo-27.2-150400.3.23.2
    * etags-debuginfo-27.2-150400.3.23.2
    * emacs-27.2-150400.3.23.2
    * emacs-nox-27.2-150400.3.23.2
  * SUSE Manager Server 4.3 (noarch)
    * emacs-el-27.2-150400.3.23.2
    * emacs-info-27.2-150400.3.23.2

## References:

  * https://www.suse.com/security/cve/CVE-2025-1244.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237091

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250221/e5bceda4/attachment.htm>

From null at suse.de  Fri Feb 21 12:30:23 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 21 Feb 2025 12:30:23 -0000
Subject: SUSE-SU-2025:0624-1: important: Security update for grafana
Message-ID: <174014102366.8028.14536585973422889502@smelt2.prg2.suse.org>



# Security update for grafana

Announcement ID: SUSE-SU-2025:0624-1  
Release Date: 2025-02-21T11:00:27Z  
Rating: important  
References:

  * bsc#1235206
  * bsc#1235574
  * bsc#1236559
  * bsc#1236734

  
Cross-References:

  * CVE-2024-11741
  * CVE-2024-28180
  * CVE-2024-45339
  * CVE-2025-21613

  
CVSS scores:

  * CVE-2024-11741 ( SUSE ):  2.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-11741 ( SUSE ):  3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-11741 ( NVD ):  4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-28180 ( SUSE ):  2.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-28180 ( SUSE ):  4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-28180 ( NVD ):  4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-45339 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-45339 ( SUSE ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
  * CVE-2024-45339 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
  * CVE-2025-21613 ( SUSE ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-21613 ( NVD ):  9.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Clear
  * CVE-2025-21613 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.3
  * openSUSE Leap 15.4
  * openSUSE Leap 15.5
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15
  * SUSE Linux Enterprise Desktop 15 SP1
  * SUSE Linux Enterprise Desktop 15 SP2
  * SUSE Linux Enterprise Desktop 15 SP3
  * SUSE Linux Enterprise Desktop 15 SP4
  * SUSE Linux Enterprise Desktop 15 SP5
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15
  * SUSE Linux Enterprise High Performance Computing 15 SP1
  * SUSE Linux Enterprise High Performance Computing 15 SP2
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise Real Time 15 SP1
  * SUSE Linux Enterprise Real Time 15 SP2
  * SUSE Linux Enterprise Real Time 15 SP3
  * SUSE Linux Enterprise Real Time 15 SP4
  * SUSE Linux Enterprise Real Time 15 SP5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15
  * SUSE Linux Enterprise Server 15 SP1
  * SUSE Linux Enterprise Server 15 SP2
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15
  * SUSE Linux Enterprise Server for SAP Applications 15 SP1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Manager Client Tools for SLE 15

  
  
An update that solves four vulnerabilities can now be installed.

## Description:

This update for grafana fixes the following issues:

grafana was updated from version 10.4.13 to 10.4.15:

  * Security issues fixed:
    * CVE-2024-45339: Fixed vulnerability when creating log files (bsc#1236559)
    * CVE-2024-11741: Fixed the Grafana Alerting VictorOps integration (bsc#1236734)
    * CVE-2025-21613: Removed vulnerable library github.com/go-git/go-git/v5 (bsc#1235574)
    * CVE-2024-28180: Fixed improper handling of highly compressed data (bsc#1235206)
  * Other bugs fixed and changes:
    * Alerting: Do not fetch Orgs if the user is authenticated by apikey/sa or render key
    * Added provisioning directories
    * Use /bin/bash in wrapper scripts

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Manager Client Tools for SLE 15  
    zypper in -t patch SUSE-SLE-Manager-Tools-15-2025-624=1

## Package List:

  * SUSE Manager Client Tools for SLE 15 (aarch64 ppc64le s390x x86_64)
    * grafana-debuginfo-10.4.15-150000.1.71.1
    * grafana-10.4.15-150000.1.71.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-11741.html
  * https://www.suse.com/security/cve/CVE-2024-28180.html
  * https://www.suse.com/security/cve/CVE-2024-45339.html
  * https://www.suse.com/security/cve/CVE-2025-21613.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1235206
  * https://bugzilla.suse.com/show_bug.cgi?id=1235574
  * https://bugzilla.suse.com/show_bug.cgi?id=1236559
  * https://bugzilla.suse.com/show_bug.cgi?id=1236734

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250221/0b365f77/attachment.htm>

From null at suse.de  Fri Feb 21 12:30:27 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 21 Feb 2025 12:30:27 -0000
Subject: SUSE-SU-2025:0623-1: important: Security update for grafana
Message-ID: <174014102795.8028.16469673734609769930@smelt2.prg2.suse.org>



# Security update for grafana

Announcement ID: SUSE-SU-2025:0623-1  
Release Date: 2025-02-21T11:00:15Z  
Rating: important  
References:

  * bsc#1235206
  * bsc#1235574
  * bsc#1236559
  * bsc#1236734

  
Cross-References:

  * CVE-2024-11741
  * CVE-2024-28180
  * CVE-2024-45339
  * CVE-2025-21613

  
CVSS scores:

  * CVE-2024-11741 ( SUSE ):  2.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-11741 ( SUSE ):  3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-11741 ( NVD ):  4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-28180 ( SUSE ):  2.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-28180 ( SUSE ):  4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-28180 ( NVD ):  4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-45339 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-45339 ( SUSE ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
  * CVE-2024-45339 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
  * CVE-2025-21613 ( SUSE ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-21613 ( NVD ):  9.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Clear
  * CVE-2025-21613 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Package Hub 15 15-SP6

  
  
An update that solves four vulnerabilities can now be installed.

## Description:

This update for grafana fixes the following issues:

grafana was updated from version 10.4.13 to 10.4.15:

  * Security issues fixed:
    * CVE-2024-45339: Fixed vulnerability when creating log files (bsc#1236559)
    * CVE-2024-11741: Fixed the Grafana Alerting VictorOps integration (bsc#1236734)
    * CVE-2025-21613: Removed vulnerable library github.com/go-git/go-git/v5 (bsc#1235574)
    * CVE-2024-28180: Fixed improper handling of highly compressed data (bsc#1235206)
  * Other bugs fixed and changes:
    * Alerting: Do not fetch Orgs if the user is authenticated by apikey/sa or render key
    * Added provisioning directories
    * Use /bin/bash in wrapper scripts

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-623=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-623=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * grafana-debuginfo-10.4.15-150200.3.64.1
    * grafana-10.4.15-150200.3.64.1
  * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64)
    * grafana-debuginfo-10.4.15-150200.3.64.1
    * grafana-10.4.15-150200.3.64.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-11741.html
  * https://www.suse.com/security/cve/CVE-2024-28180.html
  * https://www.suse.com/security/cve/CVE-2024-45339.html
  * https://www.suse.com/security/cve/CVE-2025-21613.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1235206
  * https://bugzilla.suse.com/show_bug.cgi?id=1235574
  * https://bugzilla.suse.com/show_bug.cgi?id=1236559
  * https://bugzilla.suse.com/show_bug.cgi?id=1236734

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250221/d113e4af/attachment.htm>

From null at suse.de  Fri Feb 21 12:30:33 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 21 Feb 2025 12:30:33 -0000
Subject: SUSE-SU-2025:0622-1: important: Security update for grafana
Message-ID: <174014103307.8028.11273777418783657813@smelt2.prg2.suse.org>



# Security update for grafana

Announcement ID: SUSE-SU-2025:0622-1  
Release Date: 2025-02-21T10:59:57Z  
Rating: important  
References:

  * bsc#1235206
  * bsc#1235574
  * bsc#1236559
  * bsc#1236734

  
Cross-References:

  * CVE-2024-11741
  * CVE-2024-28180
  * CVE-2024-45339
  * CVE-2025-21613

  
CVSS scores:

  * CVE-2024-11741 ( SUSE ):  2.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-11741 ( SUSE ):  3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-11741 ( NVD ):  4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-28180 ( SUSE ):  2.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-28180 ( SUSE ):  4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-28180 ( NVD ):  4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-45339 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-45339 ( SUSE ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
  * CVE-2024-45339 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
  * CVE-2025-21613 ( SUSE ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-21613 ( NVD ):  9.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Clear
  * CVE-2025-21613 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Linux Enterprise Desktop 12
  * SUSE Linux Enterprise Desktop 12 SP1
  * SUSE Linux Enterprise Desktop 12 SP2
  * SUSE Linux Enterprise Desktop 12 SP3
  * SUSE Linux Enterprise Desktop 12 SP4
  * SUSE Linux Enterprise High Performance Computing 12 SP2
  * SUSE Linux Enterprise High Performance Computing 12 SP3
  * SUSE Linux Enterprise High Performance Computing 12 SP4
  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12
  * SUSE Linux Enterprise Server 12 SP1
  * SUSE Linux Enterprise Server 12 SP2
  * SUSE Linux Enterprise Server 12 SP3
  * SUSE Linux Enterprise Server 12 SP4
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server for SAP Applications 12
  * SUSE Linux Enterprise Server for SAP Applications 12 SP1
  * SUSE Linux Enterprise Server for SAP Applications 12 SP2
  * SUSE Linux Enterprise Server for SAP Applications 12 SP3
  * SUSE Linux Enterprise Server for SAP Applications 12 SP4
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5
  * SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2
  * SUSE Manager Client Tools for SLE 12

  
  
An update that solves four vulnerabilities can now be installed.

## Description:

This update for grafana fixes the following issues:

grafana was updated from version 10.4.13 to 10.4.15:

  * Security issues fixed:
    * CVE-2024-45339: Fixed vulnerability when creating log files (bsc#1236559)
    * CVE-2024-11741: Fixed the Grafana Alerting VictorOps integration (bsc#1236734)
    * CVE-2025-21613: Removed vulnerable library github.com/go-git/go-git/v5 (bsc#1235574)
    * CVE-2024-28180: Fixed improper handling of highly compressed data (bsc#1235206)
  * Other bugs fixed and changes:
    * Alerting: Do not fetch Orgs if the user is authenticated by apikey/sa or render key
    * Added provisioning directories
    * Use /bin/bash in wrapper scripts

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Manager Client Tools for SLE 12  
    zypper in -t patch SUSE-SLE-Manager-Tools-12-2025-622=1

## Package List:

  * SUSE Manager Client Tools for SLE 12 (aarch64 ppc64le s390x x86_64)
    * grafana-10.4.15-1.71.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-11741.html
  * https://www.suse.com/security/cve/CVE-2024-28180.html
  * https://www.suse.com/security/cve/CVE-2024-45339.html
  * https://www.suse.com/security/cve/CVE-2025-21613.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1235206
  * https://bugzilla.suse.com/show_bug.cgi?id=1235574
  * https://bugzilla.suse.com/show_bug.cgi?id=1236559
  * https://bugzilla.suse.com/show_bug.cgi?id=1236734

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250221/28587c2c/attachment.htm>

From null at suse.de  Fri Feb 21 12:30:46 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 21 Feb 2025 12:30:46 -0000
Subject: SUSE-SU-2025:0619-1: important: Security update for postgresql13
Message-ID: <174014104670.8028.17270084007261561104@smelt2.prg2.suse.org>



# Security update for postgresql13

Announcement ID: SUSE-SU-2025:0619-1  
Release Date: 2025-02-21T10:47:52Z  
Rating: important  
References:

  * bsc#1237093

  
Cross-References:

  * CVE-2025-1094

  
CVSS scores:

  * CVE-2025-1094 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-1094 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1094 ( NVD ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * Galera for Ericsson 15 SP5
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for postgresql13 fixes the following issues:

Upgrade to 13.20:

  * CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-
    encoded input strings (bsc#1237093).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-619=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-619=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-619=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-619=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-619=1

  * Galera for Ericsson 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-ERICSSON-2025-619=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-619=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-619=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-619=1

## Package List:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * postgresql13-server-13.20-150200.5.69.1
    * postgresql13-devel-debuginfo-13.20-150200.5.69.1
    * postgresql13-plperl-debuginfo-13.20-150200.5.69.1
    * postgresql13-debugsource-13.20-150200.5.69.1
    * postgresql13-devel-13.20-150200.5.69.1
    * postgresql13-plperl-13.20-150200.5.69.1
    * postgresql13-plpython-debuginfo-13.20-150200.5.69.1
    * postgresql13-contrib-13.20-150200.5.69.1
    * postgresql13-debuginfo-13.20-150200.5.69.1
    * postgresql13-server-devel-debuginfo-13.20-150200.5.69.1
    * postgresql13-plpython-13.20-150200.5.69.1
    * postgresql13-pltcl-13.20-150200.5.69.1
    * postgresql13-server-debuginfo-13.20-150200.5.69.1
    * postgresql13-server-devel-13.20-150200.5.69.1
    * postgresql13-contrib-debuginfo-13.20-150200.5.69.1
    * postgresql13-13.20-150200.5.69.1
    * postgresql13-pltcl-debuginfo-13.20-150200.5.69.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * postgresql13-docs-13.20-150200.5.69.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * postgresql13-server-13.20-150200.5.69.1
    * postgresql13-llvmjit-debuginfo-13.20-150200.5.69.1
    * postgresql13-devel-debuginfo-13.20-150200.5.69.1
    * postgresql13-plperl-debuginfo-13.20-150200.5.69.1
    * postgresql13-debugsource-13.20-150200.5.69.1
    * postgresql13-devel-13.20-150200.5.69.1
    * postgresql13-llvmjit-13.20-150200.5.69.1
    * postgresql13-plperl-13.20-150200.5.69.1
    * postgresql13-plpython-debuginfo-13.20-150200.5.69.1
    * postgresql13-contrib-13.20-150200.5.69.1
    * postgresql13-debuginfo-13.20-150200.5.69.1
    * postgresql13-server-devel-debuginfo-13.20-150200.5.69.1
    * postgresql13-plpython-13.20-150200.5.69.1
    * postgresql13-pltcl-13.20-150200.5.69.1
    * postgresql13-server-debuginfo-13.20-150200.5.69.1
    * postgresql13-server-devel-13.20-150200.5.69.1
    * postgresql13-contrib-debuginfo-13.20-150200.5.69.1
    * postgresql13-llvmjit-devel-13.20-150200.5.69.1
    * postgresql13-13.20-150200.5.69.1
    * postgresql13-pltcl-debuginfo-13.20-150200.5.69.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * postgresql13-docs-13.20-150200.5.69.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * postgresql13-server-13.20-150200.5.69.1
    * postgresql13-llvmjit-debuginfo-13.20-150200.5.69.1
    * postgresql13-devel-debuginfo-13.20-150200.5.69.1
    * postgresql13-plperl-debuginfo-13.20-150200.5.69.1
    * postgresql13-debugsource-13.20-150200.5.69.1
    * postgresql13-devel-13.20-150200.5.69.1
    * postgresql13-llvmjit-13.20-150200.5.69.1
    * postgresql13-plperl-13.20-150200.5.69.1
    * postgresql13-plpython-debuginfo-13.20-150200.5.69.1
    * postgresql13-contrib-13.20-150200.5.69.1
    * postgresql13-debuginfo-13.20-150200.5.69.1
    * postgresql13-server-devel-debuginfo-13.20-150200.5.69.1
    * postgresql13-plpython-13.20-150200.5.69.1
    * postgresql13-pltcl-13.20-150200.5.69.1
    * postgresql13-server-debuginfo-13.20-150200.5.69.1
    * postgresql13-server-devel-13.20-150200.5.69.1
    * postgresql13-contrib-debuginfo-13.20-150200.5.69.1
    * postgresql13-llvmjit-devel-13.20-150200.5.69.1
    * postgresql13-13.20-150200.5.69.1
    * postgresql13-pltcl-debuginfo-13.20-150200.5.69.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * postgresql13-docs-13.20-150200.5.69.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * postgresql13-server-13.20-150200.5.69.1
    * postgresql13-devel-debuginfo-13.20-150200.5.69.1
    * postgresql13-plperl-debuginfo-13.20-150200.5.69.1
    * postgresql13-debugsource-13.20-150200.5.69.1
    * postgresql13-devel-13.20-150200.5.69.1
    * postgresql13-plperl-13.20-150200.5.69.1
    * postgresql13-plpython-debuginfo-13.20-150200.5.69.1
    * postgresql13-contrib-13.20-150200.5.69.1
    * postgresql13-debuginfo-13.20-150200.5.69.1
    * postgresql13-server-devel-debuginfo-13.20-150200.5.69.1
    * postgresql13-plpython-13.20-150200.5.69.1
    * postgresql13-pltcl-13.20-150200.5.69.1
    * postgresql13-server-debuginfo-13.20-150200.5.69.1
    * postgresql13-server-devel-13.20-150200.5.69.1
    * postgresql13-contrib-debuginfo-13.20-150200.5.69.1
    * postgresql13-13.20-150200.5.69.1
    * postgresql13-pltcl-debuginfo-13.20-150200.5.69.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * postgresql13-docs-13.20-150200.5.69.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * postgresql13-server-13.20-150200.5.69.1
    * postgresql13-llvmjit-debuginfo-13.20-150200.5.69.1
    * postgresql13-devel-debuginfo-13.20-150200.5.69.1
    * postgresql13-plperl-debuginfo-13.20-150200.5.69.1
    * postgresql13-debugsource-13.20-150200.5.69.1
    * postgresql13-devel-13.20-150200.5.69.1
    * postgresql13-llvmjit-13.20-150200.5.69.1
    * postgresql13-plperl-13.20-150200.5.69.1
    * postgresql13-plpython-debuginfo-13.20-150200.5.69.1
    * postgresql13-contrib-13.20-150200.5.69.1
    * postgresql13-debuginfo-13.20-150200.5.69.1
    * postgresql13-server-devel-debuginfo-13.20-150200.5.69.1
    * postgresql13-plpython-13.20-150200.5.69.1
    * postgresql13-pltcl-13.20-150200.5.69.1
    * postgresql13-server-debuginfo-13.20-150200.5.69.1
    * postgresql13-server-devel-13.20-150200.5.69.1
    * postgresql13-contrib-debuginfo-13.20-150200.5.69.1
    * postgresql13-llvmjit-devel-13.20-150200.5.69.1
    * postgresql13-13.20-150200.5.69.1
    * postgresql13-pltcl-debuginfo-13.20-150200.5.69.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * postgresql13-docs-13.20-150200.5.69.1
  * Galera for Ericsson 15 SP5 (x86_64)
    * postgresql13-server-13.20-150200.5.69.1
    * postgresql13-devel-debuginfo-13.20-150200.5.69.1
    * postgresql13-plperl-debuginfo-13.20-150200.5.69.1
    * postgresql13-debugsource-13.20-150200.5.69.1
    * postgresql13-devel-13.20-150200.5.69.1
    * postgresql13-plperl-13.20-150200.5.69.1
    * postgresql13-plpython-debuginfo-13.20-150200.5.69.1
    * postgresql13-contrib-13.20-150200.5.69.1
    * postgresql13-debuginfo-13.20-150200.5.69.1
    * postgresql13-server-devel-debuginfo-13.20-150200.5.69.1
    * postgresql13-plpython-13.20-150200.5.69.1
    * postgresql13-pltcl-13.20-150200.5.69.1
    * postgresql13-server-debuginfo-13.20-150200.5.69.1
    * postgresql13-server-devel-13.20-150200.5.69.1
    * postgresql13-contrib-debuginfo-13.20-150200.5.69.1
    * postgresql13-13.20-150200.5.69.1
    * postgresql13-pltcl-debuginfo-13.20-150200.5.69.1
  * Galera for Ericsson 15 SP5 (noarch)
    * postgresql13-docs-13.20-150200.5.69.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * postgresql13-server-13.20-150200.5.69.1
    * postgresql13-devel-debuginfo-13.20-150200.5.69.1
    * postgresql13-plperl-debuginfo-13.20-150200.5.69.1
    * postgresql13-debugsource-13.20-150200.5.69.1
    * postgresql13-devel-13.20-150200.5.69.1
    * postgresql13-plperl-13.20-150200.5.69.1
    * postgresql13-plpython-debuginfo-13.20-150200.5.69.1
    * postgresql13-contrib-13.20-150200.5.69.1
    * postgresql13-debuginfo-13.20-150200.5.69.1
    * postgresql13-server-devel-debuginfo-13.20-150200.5.69.1
    * postgresql13-plpython-13.20-150200.5.69.1
    * postgresql13-pltcl-13.20-150200.5.69.1
    * postgresql13-server-debuginfo-13.20-150200.5.69.1
    * postgresql13-server-devel-13.20-150200.5.69.1
    * postgresql13-contrib-debuginfo-13.20-150200.5.69.1
    * postgresql13-13.20-150200.5.69.1
    * postgresql13-pltcl-debuginfo-13.20-150200.5.69.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * postgresql13-docs-13.20-150200.5.69.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * postgresql13-server-13.20-150200.5.69.1
    * postgresql13-llvmjit-debuginfo-13.20-150200.5.69.1
    * postgresql13-devel-debuginfo-13.20-150200.5.69.1
    * postgresql13-plperl-debuginfo-13.20-150200.5.69.1
    * postgresql13-debugsource-13.20-150200.5.69.1
    * postgresql13-devel-13.20-150200.5.69.1
    * postgresql13-llvmjit-13.20-150200.5.69.1
    * postgresql13-plperl-13.20-150200.5.69.1
    * postgresql13-plpython-debuginfo-13.20-150200.5.69.1
    * postgresql13-contrib-13.20-150200.5.69.1
    * postgresql13-debuginfo-13.20-150200.5.69.1
    * postgresql13-server-devel-debuginfo-13.20-150200.5.69.1
    * postgresql13-plpython-13.20-150200.5.69.1
    * postgresql13-pltcl-13.20-150200.5.69.1
    * postgresql13-server-debuginfo-13.20-150200.5.69.1
    * postgresql13-server-devel-13.20-150200.5.69.1
    * postgresql13-contrib-debuginfo-13.20-150200.5.69.1
    * postgresql13-llvmjit-devel-13.20-150200.5.69.1
    * postgresql13-13.20-150200.5.69.1
    * postgresql13-pltcl-debuginfo-13.20-150200.5.69.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * postgresql13-docs-13.20-150200.5.69.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * postgresql13-server-13.20-150200.5.69.1
    * postgresql13-devel-debuginfo-13.20-150200.5.69.1
    * postgresql13-plperl-debuginfo-13.20-150200.5.69.1
    * postgresql13-debugsource-13.20-150200.5.69.1
    * postgresql13-devel-13.20-150200.5.69.1
    * postgresql13-plperl-13.20-150200.5.69.1
    * postgresql13-plpython-debuginfo-13.20-150200.5.69.1
    * postgresql13-contrib-13.20-150200.5.69.1
    * postgresql13-debuginfo-13.20-150200.5.69.1
    * postgresql13-server-devel-debuginfo-13.20-150200.5.69.1
    * postgresql13-plpython-13.20-150200.5.69.1
    * postgresql13-pltcl-13.20-150200.5.69.1
    * postgresql13-server-debuginfo-13.20-150200.5.69.1
    * postgresql13-server-devel-13.20-150200.5.69.1
    * postgresql13-contrib-debuginfo-13.20-150200.5.69.1
    * postgresql13-13.20-150200.5.69.1
    * postgresql13-pltcl-debuginfo-13.20-150200.5.69.1
  * SUSE Enterprise Storage 7.1 (noarch)
    * postgresql13-docs-13.20-150200.5.69.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-1094.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237093

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250221/886d12da/attachment.htm>

From null at suse.de  Fri Feb 21 12:30:49 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 21 Feb 2025 12:30:49 -0000
Subject: SUSE-SU-2025:0618-1: important: Security update for postgresql17
Message-ID: <174014104936.8028.761925826292526019@smelt2.prg2.suse.org>



# Security update for postgresql17

Announcement ID: SUSE-SU-2025:0618-1  
Release Date: 2025-02-21T10:45:02Z  
Rating: important  
References:

  * bsc#1237093

  
Cross-References:

  * CVE-2025-1094

  
CVSS scores:

  * CVE-2025-1094 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-1094 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1094 ( NVD ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for postgresql17 fixes the following issues:

Upgrade to 17.4:

  * CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-
    encoded input strings (bsc#1237093).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-618=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-618=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-618=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-618=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-618=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-618=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-618=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-618=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-618=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-618=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-618=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-618=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-618=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-618=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-618=1

## Package List:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * libpq5-17.4-150200.5.10.1
    * libpq5-debuginfo-17.4-150200.5.10.1
    * libecpg6-17.4-150200.5.10.1
    * libecpg6-debuginfo-17.4-150200.5.10.1
    * postgresql17-debugsource-17.4-150200.5.10.1
    * postgresql17-debuginfo-17.4-150200.5.10.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * libpq5-17.4-150200.5.10.1
    * libpq5-debuginfo-17.4-150200.5.10.1
    * libecpg6-17.4-150200.5.10.1
    * libecpg6-debuginfo-17.4-150200.5.10.1
    * postgresql17-debugsource-17.4-150200.5.10.1
    * postgresql17-debuginfo-17.4-150200.5.10.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
    * libpq5-32bit-17.4-150200.5.10.1
    * libpq5-32bit-debuginfo-17.4-150200.5.10.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * libpq5-17.4-150200.5.10.1
    * libpq5-debuginfo-17.4-150200.5.10.1
    * libecpg6-17.4-150200.5.10.1
    * libecpg6-debuginfo-17.4-150200.5.10.1
    * postgresql17-debugsource-17.4-150200.5.10.1
    * postgresql17-debuginfo-17.4-150200.5.10.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
    * libpq5-32bit-17.4-150200.5.10.1
    * libpq5-32bit-debuginfo-17.4-150200.5.10.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * postgresql17-server-17.4-150200.5.10.1
    * postgresql17-debugsource-17.4-150200.5.10.1
    * postgresql17-server-debuginfo-17.4-150200.5.10.1
    * postgresql17-debuginfo-17.4-150200.5.10.1
    * postgresql17-server-devel-17.4-150200.5.10.1
    * postgresql17-devel-debuginfo-17.4-150200.5.10.1
    * postgresql17-devel-17.4-150200.5.10.1
    * postgresql17-17.4-150200.5.10.1
    * postgresql17-plpython-17.4-150200.5.10.1
    * libpq5-17.4-150200.5.10.1
    * postgresql17-contrib-17.4-150200.5.10.1
    * postgresql17-contrib-debuginfo-17.4-150200.5.10.1
    * postgresql17-pltcl-17.4-150200.5.10.1
    * libecpg6-debuginfo-17.4-150200.5.10.1
    * libpq5-debuginfo-17.4-150200.5.10.1
    * postgresql17-pltcl-debuginfo-17.4-150200.5.10.1
    * postgresql17-plperl-17.4-150200.5.10.1
    * postgresql17-plpython-debuginfo-17.4-150200.5.10.1
    * libecpg6-17.4-150200.5.10.1
    * postgresql17-plperl-debuginfo-17.4-150200.5.10.1
    * postgresql17-server-devel-debuginfo-17.4-150200.5.10.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * postgresql17-docs-17.4-150200.5.10.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64)
    * libpq5-32bit-17.4-150200.5.10.1
    * libpq5-32bit-debuginfo-17.4-150200.5.10.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * postgresql17-server-17.4-150200.5.10.1
    * postgresql17-debugsource-17.4-150200.5.10.1
    * postgresql17-server-debuginfo-17.4-150200.5.10.1
    * postgresql17-debuginfo-17.4-150200.5.10.1
    * postgresql17-server-devel-17.4-150200.5.10.1
    * postgresql17-devel-debuginfo-17.4-150200.5.10.1
    * postgresql17-devel-17.4-150200.5.10.1
    * postgresql17-17.4-150200.5.10.1
    * postgresql17-plpython-17.4-150200.5.10.1
    * libpq5-17.4-150200.5.10.1
    * postgresql17-contrib-17.4-150200.5.10.1
    * postgresql17-contrib-debuginfo-17.4-150200.5.10.1
    * postgresql17-pltcl-17.4-150200.5.10.1
    * libecpg6-debuginfo-17.4-150200.5.10.1
    * libpq5-debuginfo-17.4-150200.5.10.1
    * postgresql17-pltcl-debuginfo-17.4-150200.5.10.1
    * postgresql17-plperl-17.4-150200.5.10.1
    * postgresql17-plpython-debuginfo-17.4-150200.5.10.1
    * libecpg6-17.4-150200.5.10.1
    * postgresql17-plperl-debuginfo-17.4-150200.5.10.1
    * postgresql17-server-devel-debuginfo-17.4-150200.5.10.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * postgresql17-docs-17.4-150200.5.10.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64)
    * libpq5-32bit-17.4-150200.5.10.1
    * libpq5-32bit-debuginfo-17.4-150200.5.10.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * libpq5-17.4-150200.5.10.1
    * libpq5-debuginfo-17.4-150200.5.10.1
    * libecpg6-17.4-150200.5.10.1
    * libecpg6-debuginfo-17.4-150200.5.10.1
    * postgresql17-debugsource-17.4-150200.5.10.1
    * postgresql17-debuginfo-17.4-150200.5.10.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * libpq5-17.4-150200.5.10.1
    * libpq5-debuginfo-17.4-150200.5.10.1
    * libecpg6-17.4-150200.5.10.1
    * libecpg6-debuginfo-17.4-150200.5.10.1
    * postgresql17-debugsource-17.4-150200.5.10.1
    * postgresql17-debuginfo-17.4-150200.5.10.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64)
    * libpq5-32bit-17.4-150200.5.10.1
    * libpq5-32bit-debuginfo-17.4-150200.5.10.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * postgresql17-server-17.4-150200.5.10.1
    * postgresql17-debugsource-17.4-150200.5.10.1
    * postgresql17-server-debuginfo-17.4-150200.5.10.1
    * postgresql17-debuginfo-17.4-150200.5.10.1
    * postgresql17-server-devel-17.4-150200.5.10.1
    * postgresql17-devel-debuginfo-17.4-150200.5.10.1
    * postgresql17-devel-17.4-150200.5.10.1
    * postgresql17-17.4-150200.5.10.1
    * postgresql17-plpython-17.4-150200.5.10.1
    * libpq5-17.4-150200.5.10.1
    * postgresql17-contrib-17.4-150200.5.10.1
    * postgresql17-contrib-debuginfo-17.4-150200.5.10.1
    * postgresql17-pltcl-17.4-150200.5.10.1
    * libecpg6-debuginfo-17.4-150200.5.10.1
    * libpq5-debuginfo-17.4-150200.5.10.1
    * postgresql17-pltcl-debuginfo-17.4-150200.5.10.1
    * postgresql17-plperl-17.4-150200.5.10.1
    * postgresql17-plpython-debuginfo-17.4-150200.5.10.1
    * libecpg6-17.4-150200.5.10.1
    * postgresql17-plperl-debuginfo-17.4-150200.5.10.1
    * postgresql17-server-devel-debuginfo-17.4-150200.5.10.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * postgresql17-docs-17.4-150200.5.10.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64)
    * libpq5-32bit-17.4-150200.5.10.1
    * libpq5-32bit-debuginfo-17.4-150200.5.10.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * libpq5-17.4-150200.5.10.1
    * libpq5-debuginfo-17.4-150200.5.10.1
    * libecpg6-17.4-150200.5.10.1
    * libecpg6-debuginfo-17.4-150200.5.10.1
    * postgresql17-debugsource-17.4-150200.5.10.1
    * postgresql17-debuginfo-17.4-150200.5.10.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * libpq5-17.4-150200.5.10.1
    * libpq5-debuginfo-17.4-150200.5.10.1
    * libecpg6-17.4-150200.5.10.1
    * libecpg6-debuginfo-17.4-150200.5.10.1
    * postgresql17-debugsource-17.4-150200.5.10.1
    * postgresql17-debuginfo-17.4-150200.5.10.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
    * libpq5-32bit-17.4-150200.5.10.1
    * libpq5-32bit-debuginfo-17.4-150200.5.10.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * postgresql17-server-17.4-150200.5.10.1
    * postgresql17-debugsource-17.4-150200.5.10.1
    * postgresql17-server-debuginfo-17.4-150200.5.10.1
    * postgresql17-debuginfo-17.4-150200.5.10.1
    * postgresql17-server-devel-17.4-150200.5.10.1
    * postgresql17-devel-debuginfo-17.4-150200.5.10.1
    * postgresql17-devel-17.4-150200.5.10.1
    * postgresql17-17.4-150200.5.10.1
    * postgresql17-plpython-17.4-150200.5.10.1
    * libpq5-17.4-150200.5.10.1
    * postgresql17-contrib-17.4-150200.5.10.1
    * postgresql17-contrib-debuginfo-17.4-150200.5.10.1
    * postgresql17-pltcl-17.4-150200.5.10.1
    * libecpg6-debuginfo-17.4-150200.5.10.1
    * libpq5-debuginfo-17.4-150200.5.10.1
    * postgresql17-pltcl-debuginfo-17.4-150200.5.10.1
    * postgresql17-plperl-17.4-150200.5.10.1
    * postgresql17-plpython-debuginfo-17.4-150200.5.10.1
    * libecpg6-17.4-150200.5.10.1
    * postgresql17-plperl-debuginfo-17.4-150200.5.10.1
    * postgresql17-server-devel-debuginfo-17.4-150200.5.10.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * postgresql17-docs-17.4-150200.5.10.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64)
    * libpq5-32bit-17.4-150200.5.10.1
    * libpq5-32bit-debuginfo-17.4-150200.5.10.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * libpq5-32bit-17.4-150200.5.10.1
    * libpq5-17.4-150200.5.10.1
    * libpq5-debuginfo-17.4-150200.5.10.1
    * libpq5-32bit-debuginfo-17.4-150200.5.10.1
    * libecpg6-17.4-150200.5.10.1
    * libecpg6-debuginfo-17.4-150200.5.10.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * libpq5-32bit-17.4-150200.5.10.1
    * libpq5-17.4-150200.5.10.1
    * libpq5-debuginfo-17.4-150200.5.10.1
    * libpq5-32bit-debuginfo-17.4-150200.5.10.1
    * libecpg6-17.4-150200.5.10.1
    * libecpg6-debuginfo-17.4-150200.5.10.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * libecpg6-17.4-150200.5.10.1
    * libpq5-17.4-150200.5.10.1
    * libpq5-debuginfo-17.4-150200.5.10.1
    * libecpg6-debuginfo-17.4-150200.5.10.1
  * SUSE Manager Server 4.3 (s390x)
    * postgresql17-pltcl-debuginfo-17.4-150200.5.10.1
    * postgresql17-plpython-17.4-150200.5.10.1
    * postgresql17-server-devel-17.4-150200.5.10.1
    * postgresql17-plperl-17.4-150200.5.10.1
    * postgresql17-devel-17.4-150200.5.10.1
    * postgresql17-plpython-debuginfo-17.4-150200.5.10.1
    * postgresql17-server-debuginfo-17.4-150200.5.10.1
    * postgresql17-server-17.4-150200.5.10.1
    * postgresql17-contrib-17.4-150200.5.10.1
    * postgresql17-contrib-debuginfo-17.4-150200.5.10.1
    * postgresql17-plperl-debuginfo-17.4-150200.5.10.1
    * postgresql17-devel-debuginfo-17.4-150200.5.10.1
    * postgresql17-server-devel-debuginfo-17.4-150200.5.10.1
    * postgresql17-debugsource-17.4-150200.5.10.1
    * postgresql17-pltcl-17.4-150200.5.10.1
    * postgresql17-17.4-150200.5.10.1
    * postgresql17-debuginfo-17.4-150200.5.10.1
  * SUSE Manager Server 4.3 (noarch)
    * postgresql17-docs-17.4-150200.5.10.1
  * SUSE Manager Server 4.3 (x86_64)
    * libpq5-32bit-17.4-150200.5.10.1
    * libpq5-32bit-debuginfo-17.4-150200.5.10.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * libpq5-17.4-150200.5.10.1
    * libpq5-debuginfo-17.4-150200.5.10.1
    * libecpg6-17.4-150200.5.10.1
    * libecpg6-debuginfo-17.4-150200.5.10.1
    * postgresql17-debugsource-17.4-150200.5.10.1
    * postgresql17-debuginfo-17.4-150200.5.10.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-1094.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237093

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250221/315b0480/attachment.htm>

From null at suse.de  Fri Feb 21 12:30:56 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 21 Feb 2025 12:30:56 -0000
Subject: SUSE-SU-2025:0616-1: important: Security update for postgresql17
Message-ID: <174014105682.8028.711098060549428819@smelt2.prg2.suse.org>



# Security update for postgresql17

Announcement ID: SUSE-SU-2025:0616-1  
Release Date: 2025-02-21T10:42:50Z  
Rating: important  
References:

  * bsc#1237093

  
Cross-References:

  * CVE-2025-1094

  
CVSS scores:

  * CVE-2025-1094 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-1094 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1094 ( NVD ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * Server Applications Module 15-SP6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Package Hub 15 15-SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for postgresql17 fixes the following issues:

Upgrade to 17.4:

  * CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-
    encoded input strings (bsc#1237093).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-616=1

  * Server Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-616=1

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-616=1 openSUSE-SLE-15.6-2025-616=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-616=1

## Package List:

  * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64)
    * postgresql17-llvmjit-debuginfo-17.4-150600.13.10.1
    * postgresql17-debugsource-17.4-150600.13.10.1
    * postgresql17-llvmjit-devel-17.4-150600.13.10.1
    * postgresql17-debuginfo-17.4-150600.13.10.1
    * postgresql17-llvmjit-17.4-150600.13.10.1
    * postgresql17-test-17.4-150600.13.10.1
  * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * postgresql17-plperl-17.4-150600.13.10.1
    * postgresql17-debugsource-17.4-150600.13.10.1
    * postgresql17-server-devel-debuginfo-17.4-150600.13.10.1
    * postgresql17-plperl-debuginfo-17.4-150600.13.10.1
    * postgresql17-pltcl-debuginfo-17.4-150600.13.10.1
    * postgresql17-server-debuginfo-17.4-150600.13.10.1
    * libecpg6-debuginfo-17.4-150600.13.10.1
    * postgresql17-plpython-17.4-150600.13.10.1
    * postgresql17-plpython-debuginfo-17.4-150600.13.10.1
    * postgresql17-server-17.4-150600.13.10.1
    * postgresql17-server-devel-17.4-150600.13.10.1
    * postgresql17-debuginfo-17.4-150600.13.10.1
    * postgresql17-contrib-17.4-150600.13.10.1
    * postgresql17-devel-17.4-150600.13.10.1
    * libecpg6-17.4-150600.13.10.1
    * postgresql17-contrib-debuginfo-17.4-150600.13.10.1
    * postgresql17-pltcl-17.4-150600.13.10.1
    * postgresql17-devel-debuginfo-17.4-150600.13.10.1
  * Server Applications Module 15-SP6 (noarch)
    * postgresql17-docs-17.4-150600.13.10.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * postgresql17-llvmjit-debuginfo-17.4-150600.13.10.1
    * postgresql17-devel-mini-debuginfo-17.4-150600.13.10.1
    * postgresql17-server-devel-debuginfo-17.4-150600.13.10.1
    * libpq5-17.4-150600.13.10.1
    * libecpg6-debuginfo-17.4-150600.13.10.1
    * postgresql17-server-17.4-150600.13.10.1
    * postgresql17-test-17.4-150600.13.10.1
    * postgresql17-mini-debugsource-17.4-150600.13.10.1
    * postgresql17-contrib-17.4-150600.13.10.1
    * postgresql17-plperl-17.4-150600.13.10.1
    * postgresql17-17.4-150600.13.10.1
    * libecpg6-17.4-150600.13.10.1
    * postgresql17-server-debuginfo-17.4-150600.13.10.1
    * libpq5-debuginfo-17.4-150600.13.10.1
    * postgresql17-debuginfo-17.4-150600.13.10.1
    * postgresql17-devel-17.4-150600.13.10.1
    * postgresql17-contrib-debuginfo-17.4-150600.13.10.1
    * postgresql17-devel-debuginfo-17.4-150600.13.10.1
    * postgresql17-debugsource-17.4-150600.13.10.1
    * postgresql17-plperl-debuginfo-17.4-150600.13.10.1
    * postgresql17-pltcl-debuginfo-17.4-150600.13.10.1
    * postgresql17-devel-mini-17.4-150600.13.10.1
    * postgresql17-plpython-17.4-150600.13.10.1
    * postgresql17-plpython-debuginfo-17.4-150600.13.10.1
    * postgresql17-server-devel-17.4-150600.13.10.1
    * postgresql17-llvmjit-devel-17.4-150600.13.10.1
    * postgresql17-llvmjit-17.4-150600.13.10.1
    * postgresql17-pltcl-17.4-150600.13.10.1
  * openSUSE Leap 15.6 (x86_64)
    * libecpg6-32bit-debuginfo-17.4-150600.13.10.1
    * libpq5-32bit-17.4-150600.13.10.1
    * libecpg6-32bit-17.4-150600.13.10.1
    * libpq5-32bit-debuginfo-17.4-150600.13.10.1
  * openSUSE Leap 15.6 (noarch)
    * postgresql17-docs-17.4-150600.13.10.1
  * openSUSE Leap 15.6 (aarch64_ilp32)
    * libpq5-64bit-17.4-150600.13.10.1
    * libecpg6-64bit-17.4-150600.13.10.1
    * libecpg6-64bit-debuginfo-17.4-150600.13.10.1
    * libpq5-64bit-debuginfo-17.4-150600.13.10.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * postgresql17-debugsource-17.4-150600.13.10.1
    * libpq5-17.4-150600.13.10.1
    * libpq5-debuginfo-17.4-150600.13.10.1
    * postgresql17-debuginfo-17.4-150600.13.10.1
    * postgresql17-17.4-150600.13.10.1
  * Basesystem Module 15-SP6 (x86_64)
    * libpq5-32bit-17.4-150600.13.10.1
    * libpq5-32bit-debuginfo-17.4-150600.13.10.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-1094.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237093

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250221/986c7ae5/attachment.htm>

From null at suse.de  Fri Feb 21 12:30:59 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 21 Feb 2025 12:30:59 -0000
Subject: SUSE-SU-2025:0615-1: important: Security update for postgresql14
Message-ID: <174014105947.8028.11798357218114304209@smelt2.prg2.suse.org>



# Security update for postgresql14

Announcement ID: SUSE-SU-2025:0615-1  
Release Date: 2025-02-21T10:41:24Z  
Rating: important  
References:

  * bsc#1237093

  
Cross-References:

  * CVE-2025-1094

  
CVSS scores:

  * CVE-2025-1094 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-1094 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1094 ( NVD ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for postgresql14 fixes the following issues:

Upgrade to 14.17:

  * CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-
    encoded input strings (bsc#1237093).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-615=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-615=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * postgresql14-devel-14.17-3.54.1
    * postgresql14-devel-debuginfo-14.17-3.54.1
    * postgresql14-plpython-14.17-3.54.1
    * postgresql14-debugsource-14.17-3.54.1
    * postgresql14-14.17-3.54.1
    * postgresql14-plpython-debuginfo-14.17-3.54.1
    * postgresql14-pltcl-14.17-3.54.1
    * postgresql14-contrib-debuginfo-14.17-3.54.1
    * postgresql14-plperl-debuginfo-14.17-3.54.1
    * postgresql14-debuginfo-14.17-3.54.1
    * postgresql14-pltcl-debuginfo-14.17-3.54.1
    * postgresql14-server-14.17-3.54.1
    * postgresql14-plperl-14.17-3.54.1
    * postgresql14-server-debuginfo-14.17-3.54.1
    * postgresql14-contrib-14.17-3.54.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch)
    * postgresql14-docs-14.17-3.54.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (ppc64le s390x x86_64)
    * postgresql14-server-devel-debuginfo-14.17-3.54.1
    * postgresql14-server-devel-14.17-3.54.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * postgresql14-devel-14.17-3.54.1
    * postgresql14-devel-debuginfo-14.17-3.54.1
    * postgresql14-plpython-14.17-3.54.1
    * postgresql14-server-devel-debuginfo-14.17-3.54.1
    * postgresql14-debugsource-14.17-3.54.1
    * postgresql14-14.17-3.54.1
    * postgresql14-plpython-debuginfo-14.17-3.54.1
    * postgresql14-pltcl-14.17-3.54.1
    * postgresql14-contrib-debuginfo-14.17-3.54.1
    * postgresql14-plperl-debuginfo-14.17-3.54.1
    * postgresql14-debuginfo-14.17-3.54.1
    * postgresql14-pltcl-debuginfo-14.17-3.54.1
    * postgresql14-server-14.17-3.54.1
    * postgresql14-plperl-14.17-3.54.1
    * postgresql14-server-devel-14.17-3.54.1
    * postgresql14-server-debuginfo-14.17-3.54.1
    * postgresql14-contrib-14.17-3.54.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch)
    * postgresql14-docs-14.17-3.54.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-1094.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237093

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250221/44c0c880/attachment.htm>

From null at suse.de  Fri Feb 21 12:31:01 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 21 Feb 2025 12:31:01 -0000
Subject: SUSE-SU-2025:0614-1: important: Security update for postgresql15
Message-ID: <174014106172.8028.14080015081393818930@smelt2.prg2.suse.org>



# Security update for postgresql15

Announcement ID: SUSE-SU-2025:0614-1  
Release Date: 2025-02-21T10:40:27Z  
Rating: important  
References:

  * bsc#1237093

  
Cross-References:

  * CVE-2025-1094

  
CVSS scores:

  * CVE-2025-1094 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-1094 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1094 ( NVD ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * Legacy Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for postgresql15 fixes the following issues:

Upgrade to 15.12:

  * CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-
    encoded input strings (bsc#1237093).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-614=1 openSUSE-SLE-15.6-2025-614=1

  * Legacy Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2025-614=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * postgresql15-15.12-150600.16.14.1
    * postgresql15-devel-15.12-150600.16.14.1
    * postgresql15-llvmjit-devel-15.12-150600.16.14.1
    * postgresql15-server-15.12-150600.16.14.1
    * postgresql15-llvmjit-15.12-150600.16.14.1
    * postgresql15-pltcl-debuginfo-15.12-150600.16.14.1
    * postgresql15-test-15.12-150600.16.14.1
    * postgresql15-server-debuginfo-15.12-150600.16.14.1
    * postgresql15-devel-debuginfo-15.12-150600.16.14.1
    * postgresql15-debugsource-15.12-150600.16.14.1
    * postgresql15-plperl-15.12-150600.16.14.1
    * postgresql15-llvmjit-debuginfo-15.12-150600.16.14.1
    * postgresql15-plperl-debuginfo-15.12-150600.16.14.1
    * postgresql15-contrib-15.12-150600.16.14.1
    * postgresql15-pltcl-15.12-150600.16.14.1
    * postgresql15-server-devel-15.12-150600.16.14.1
    * postgresql15-plpython-15.12-150600.16.14.1
    * postgresql15-server-devel-debuginfo-15.12-150600.16.14.1
    * postgresql15-contrib-debuginfo-15.12-150600.16.14.1
    * postgresql15-plpython-debuginfo-15.12-150600.16.14.1
    * postgresql15-debuginfo-15.12-150600.16.14.1
  * openSUSE Leap 15.6 (noarch)
    * postgresql15-docs-15.12-150600.16.14.1
  * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * postgresql15-15.12-150600.16.14.1
    * postgresql15-devel-debuginfo-15.12-150600.16.14.1
    * postgresql15-debugsource-15.12-150600.16.14.1
    * postgresql15-plperl-15.12-150600.16.14.1
    * postgresql15-devel-15.12-150600.16.14.1
    * postgresql15-pltcl-15.12-150600.16.14.1
    * postgresql15-server-devel-15.12-150600.16.14.1
    * postgresql15-contrib-debuginfo-15.12-150600.16.14.1
    * postgresql15-server-15.12-150600.16.14.1
    * postgresql15-plperl-debuginfo-15.12-150600.16.14.1
    * postgresql15-plpython-debuginfo-15.12-150600.16.14.1
    * postgresql15-plpython-15.12-150600.16.14.1
    * postgresql15-debuginfo-15.12-150600.16.14.1
    * postgresql15-pltcl-debuginfo-15.12-150600.16.14.1
    * postgresql15-server-devel-debuginfo-15.12-150600.16.14.1
    * postgresql15-contrib-15.12-150600.16.14.1
    * postgresql15-server-debuginfo-15.12-150600.16.14.1
  * Legacy Module 15-SP6 (noarch)
    * postgresql15-docs-15.12-150600.16.14.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-1094.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237093

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250221/8e4b5cbd/attachment.htm>

From null at suse.de  Fri Feb 21 12:31:06 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 21 Feb 2025 12:31:06 -0000
Subject: SUSE-SU-2025:0613-1: moderate: Security update for openssl-1_1
Message-ID: <174014106677.8028.12560031108780417380@smelt2.prg2.suse.org>



# Security update for openssl-1_1

Announcement ID: SUSE-SU-2025:0613-1  
Release Date: 2025-02-21T10:38:08Z  
Rating: moderate  
References:

  * bsc#1236136
  * bsc#1236771

  
Cross-References:

  * CVE-2024-13176

  
CVSS scores:

  * CVE-2024-13176 ( SUSE ):  6.0
    CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-13176 ( SUSE ):  5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-13176 ( NVD ):  4.1 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

  
Affected Products:

  * Basesystem Module 15-SP6
  * Development Tools Module 15-SP6
  * Legacy Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for openssl-1_1 fixes the following issues:

  * CVE-2024-13176: Fixed timing side-channel in the ECDSA signature computation
    (bsc#1236136).

Other bugfixes:

  * Non approved PBKDF parameters wrongly resulting as approved (bsc#1236771).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-613=1 openSUSE-SLE-15.6-2025-613=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-613=1

  * Development Tools Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-613=1

  * Legacy Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2025-613=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * libopenssl1_1-1.1.1w-150600.5.12.2
    * libopenssl1_1-debuginfo-1.1.1w-150600.5.12.2
    * openssl-1_1-1.1.1w-150600.5.12.2
    * openssl-1_1-debuginfo-1.1.1w-150600.5.12.2
    * openssl-1_1-debugsource-1.1.1w-150600.5.12.2
    * libopenssl-1_1-devel-1.1.1w-150600.5.12.2
  * openSUSE Leap 15.6 (x86_64)
    * libopenssl1_1-32bit-debuginfo-1.1.1w-150600.5.12.2
    * libopenssl1_1-32bit-1.1.1w-150600.5.12.2
    * libopenssl-1_1-devel-32bit-1.1.1w-150600.5.12.2
  * openSUSE Leap 15.6 (noarch)
    * openssl-1_1-doc-1.1.1w-150600.5.12.2
  * openSUSE Leap 15.6 (aarch64_ilp32)
    * libopenssl1_1-64bit-debuginfo-1.1.1w-150600.5.12.2
    * libopenssl1_1-64bit-1.1.1w-150600.5.12.2
    * libopenssl-1_1-devel-64bit-1.1.1w-150600.5.12.2
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * libopenssl1_1-debuginfo-1.1.1w-150600.5.12.2
    * libopenssl1_1-1.1.1w-150600.5.12.2
    * openssl-1_1-debuginfo-1.1.1w-150600.5.12.2
    * openssl-1_1-debugsource-1.1.1w-150600.5.12.2
  * Basesystem Module 15-SP6 (x86_64)
    * libopenssl1_1-32bit-debuginfo-1.1.1w-150600.5.12.2
    * libopenssl1_1-32bit-1.1.1w-150600.5.12.2
  * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * openssl-1_1-debuginfo-1.1.1w-150600.5.12.2
    * openssl-1_1-debugsource-1.1.1w-150600.5.12.2
    * libopenssl-1_1-devel-1.1.1w-150600.5.12.2
  * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * openssl-1_1-debugsource-1.1.1w-150600.5.12.2
    * openssl-1_1-debuginfo-1.1.1w-150600.5.12.2
    * openssl-1_1-1.1.1w-150600.5.12.2

## References:

  * https://www.suse.com/security/cve/CVE-2024-13176.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236136
  * https://bugzilla.suse.com/show_bug.cgi?id=1236771

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250221/09f5834f/attachment.htm>

From null at suse.de  Fri Feb 21 12:31:13 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 21 Feb 2025 12:31:13 -0000
Subject: SUSE-SU-2025:0611-1: important: Security update for
 google-osconfig-agent
Message-ID: <174014107315.8028.10241449024415277944@smelt2.prg2.suse.org>



# Security update for google-osconfig-agent

Announcement ID: SUSE-SU-2025:0611-1  
Release Date: 2025-02-21T10:37:16Z  
Rating: important  
References:

  * bsc#1236560

  
Cross-References:

  * CVE-2024-45339

  
CVSS scores:

  * CVE-2024-45339 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-45339 ( SUSE ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
  * CVE-2024-45339 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

  
Affected Products:

  * openSUSE Leap 15.6
  * Public Cloud Module 15-SP3
  * Public Cloud Module 15-SP4
  * Public Cloud Module 15-SP5
  * Public Cloud Module 15-SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Manager Proxy 4.2
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.2
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.2
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for google-osconfig-agent fixes the following issues:

  * CVE-2024-45339: github.com/golang/glog: a privileged process' log file path
    can be easily predicted and used to overwrite other sensitive files in a
    system. (bsc#1236560)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-611=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-611=1

  * Public Cloud Module 15-SP3  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2025-611=1

  * Public Cloud Module 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-611=1

  * Public Cloud Module 15-SP5  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2025-611=1

  * Public Cloud Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-611=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * google-osconfig-agent-20250115.01-150000.1.44.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * google-osconfig-agent-20250115.01-150000.1.44.1
  * Public Cloud Module 15-SP3 (aarch64 ppc64le s390x x86_64)
    * google-osconfig-agent-20250115.01-150000.1.44.1
  * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64)
    * google-osconfig-agent-20250115.01-150000.1.44.1
  * Public Cloud Module 15-SP5 (aarch64 ppc64le s390x x86_64)
    * google-osconfig-agent-20250115.01-150000.1.44.1
  * Public Cloud Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * google-osconfig-agent-20250115.01-150000.1.44.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-45339.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236560

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250221/683f900e/attachment.htm>

From null at suse.de  Fri Feb 21 12:31:20 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 21 Feb 2025 12:31:20 -0000
Subject: SUSE-SU-2025:0609-1: important: Security update for ovmf
Message-ID: <174014108043.8028.3744474742334604540@smelt2.prg2.suse.org>



# Security update for ovmf

Announcement ID: SUSE-SU-2025:0609-1  
Release Date: 2025-02-21T10:33:48Z  
Rating: important  
References:

  * bsc#1237084

  
Affected Products:

  * openSUSE Leap 15.5
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5

  
  
An update that has one security fix can now be installed.

## Description:

This update for ovmf fixes the following issues:

  * PXE boot is failing due to patches applied to fix CVE-2023-45236 and
    CVE-2023-45237 (bsc#1237084).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-609=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-609=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-609=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-609=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-609=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-609=1

## Package List:

  * openSUSE Leap 15.5 (aarch64 x86_64)
    * ovmf-tools-202208-150500.6.9.1
    * ovmf-202208-150500.6.9.1
  * openSUSE Leap 15.5 (noarch)
    * qemu-uefi-aarch32-202208-150500.6.9.1
    * qemu-ovmf-ia32-202208-150500.6.9.1
    * qemu-uefi-aarch64-202208-150500.6.9.1
    * qemu-ovmf-x86_64-202208-150500.6.9.1
  * openSUSE Leap 15.5 (x86_64)
    * qemu-ovmf-x86_64-debug-202208-150500.6.9.1
  * SUSE Linux Enterprise Micro 5.5 (noarch)
    * qemu-uefi-aarch64-202208-150500.6.9.1
    * qemu-ovmf-x86_64-202208-150500.6.9.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * ovmf-tools-202208-150500.6.9.1
    * ovmf-202208-150500.6.9.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * qemu-uefi-aarch64-202208-150500.6.9.1
    * qemu-ovmf-x86_64-202208-150500.6.9.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * ovmf-tools-202208-150500.6.9.1
    * ovmf-202208-150500.6.9.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * qemu-uefi-aarch64-202208-150500.6.9.1
    * qemu-ovmf-x86_64-202208-150500.6.9.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 x86_64)
    * ovmf-tools-202208-150500.6.9.1
    * ovmf-202208-150500.6.9.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * qemu-uefi-aarch64-202208-150500.6.9.1
    * qemu-ovmf-x86_64-202208-150500.6.9.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64)
    * ovmf-tools-202208-150500.6.9.1
    * ovmf-202208-150500.6.9.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * qemu-ovmf-x86_64-202208-150500.6.9.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1237084

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250221/5b60cb6e/attachment.htm>

From null at suse.de  Fri Feb 21 12:31:23 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 21 Feb 2025 12:31:23 -0000
Subject: SUSE-SU-2025:0608-1: important: Security update for ovmf
Message-ID: <174014108300.8028.7773235429066176053@smelt2.prg2.suse.org>



# Security update for ovmf

Announcement ID: SUSE-SU-2025:0608-1  
Release Date: 2025-02-21T10:31:21Z  
Rating: important  
References:

  * bsc#1237084

  
Affected Products:

  * openSUSE Leap 15.6
  * Server Applications Module 15-SP6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Package Hub 15 15-SP6

  
  
An update that has one security fix can now be installed.

## Description:

This update for ovmf fixes the following issues:

  * PXE boot is failing due to patches applied to fix CVE-2023-45236 and
    CVE-2023-45237 (bsc#1237084).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-608=1 openSUSE-SLE-15.6-2025-608=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-608=1

  * Server Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-608=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 x86_64)
    * ovmf-tools-202308-150600.5.14.1
    * ovmf-202308-150600.5.14.1
  * openSUSE Leap 15.6 (noarch)
    * qemu-uefi-aarch64-202308-150600.5.14.1
    * qemu-ovmf-x86_64-202308-150600.5.14.1
    * qemu-uefi-aarch32-202308-150600.5.14.1
    * qemu-ovmf-ia32-202308-150600.5.14.1
  * openSUSE Leap 15.6 (x86_64)
    * qemu-ovmf-x86_64-debug-202308-150600.5.14.1
  * SUSE Package Hub 15 15-SP6 (noarch)
    * qemu-uefi-aarch64-202308-150600.5.14.1
    * qemu-ovmf-x86_64-202308-150600.5.14.1
    * qemu-uefi-aarch32-202308-150600.5.14.1
  * SUSE Package Hub 15 15-SP6 (x86_64)
    * qemu-ovmf-x86_64-debug-202308-150600.5.14.1
  * Server Applications Module 15-SP6 (aarch64 x86_64)
    * ovmf-tools-202308-150600.5.14.1
    * ovmf-202308-150600.5.14.1
  * Server Applications Module 15-SP6 (noarch)
    * qemu-ovmf-x86_64-202308-150600.5.14.1
    * qemu-uefi-aarch64-202308-150600.5.14.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1237084

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250221/4c9babc1/attachment.htm>

From null at suse.de  Fri Feb 21 16:30:05 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 21 Feb 2025 16:30:05 -0000
Subject: SUSE-SU-2025:0638-1: important: Security update for webkit2gtk3
Message-ID: <174015540532.5950.17598594770551778550@smelt2.prg2.suse.org>



# Security update for webkit2gtk3

Announcement ID: SUSE-SU-2025:0638-1  
Release Date: 2025-02-21T15:38:48Z  
Rating: important  
References:

  * bsc#1236946

  
Cross-References:

  * CVE-2024-27856
  * CVE-2024-54543
  * CVE-2024-54658
  * CVE-2025-24143
  * CVE-2025-24150
  * CVE-2025-24158
  * CVE-2025-24162

  
CVSS scores:

  * CVE-2024-27856 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-27856 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-27856 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-54543 ( SUSE ):  7.2
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-54543 ( SUSE ):  8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
  * CVE-2024-54543 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-54543 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-54658 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-54658 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2024-54658 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2025-24143 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-24143 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
  * CVE-2025-24143 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
  * CVE-2025-24143 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
  * CVE-2025-24150 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-24150 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-24150 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-24150 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-24158 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-24158 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2025-24158 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2025-24162 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-24162 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2025-24162 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves seven vulnerabilities can now be installed.

## Description:

This update for webkit2gtk3 fixes the following issues:

Update to version 2.46.6 (bsc#1236946):

  * CVE-2025-24143: A maliciously crafted webpage may be able to fingerprint the
    user.
  * CVE-2025-24150: Copying a URL from Web Inspector may lead to command
    injection.
  * CVE-2025-24158: Processing web content may lead to a denial-of-service.
  * CVE-2025-24162: Processing maliciously crafted web content may lead to an
    unexpected process crash.

Already fixed in previous releases:

  * CVE-2024-54543: Processing maliciously crafted web content may lead to
    memory corruption.
  * CVE-2024-27856: Processing a file may lead to unexpected app termination or
    arbitrary code execution.
  * CVE-2024-54658: Processing web content may lead to a denial-of-service.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-638=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-638=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-638=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-638=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-638=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-638=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-638=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-638=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-638=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-638=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-638=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-638=1

## Package List:

  * openSUSE Leap 15.4 (noarch)
    * WebKitGTK-4.1-lang-2.46.6-150400.4.106.1
    * WebKitGTK-6.0-lang-2.46.6-150400.4.106.1
    * WebKitGTK-4.0-lang-2.46.6-150400.4.106.1
  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKitWebProcessExtension-6_0-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-4_1-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-6_0-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.106.1
    * libwebkitgtk-6_0-4-debuginfo-2.46.6-150400.4.106.1
    * webkitgtk-6_0-injected-bundles-2.46.6-150400.4.106.1
    * webkit-jsc-4.1-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-minibrowser-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-6_0-1-2.46.6-150400.4.106.1
    * webkit-jsc-4-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_1-0-debuginfo-2.46.6-150400.4.106.1
    * webkit-jsc-6.0-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-minibrowser-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2-4_0-2.46.6-150400.4.106.1
    * webkit-jsc-4.1-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150400.4.106.1
    * webkit-jsc-4-debuginfo-2.46.6-150400.4.106.1
    * webkit2gtk3-minibrowser-2.46.6-150400.4.106.1
    * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * webkitgtk-6_0-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * webkit2gtk3-devel-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2-4_1-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_1-0-2.46.6-150400.4.106.1
    * webkit2gtk3-debugsource-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.106.1
    * webkit2gtk4-debugsource-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-debugsource-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150400.4.106.1
    * webkit2gtk4-minibrowser-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-2.46.6-150400.4.106.1
    * libwebkitgtk-6_0-4-2.46.6-150400.4.106.1
    * webkit2gtk4-minibrowser-debuginfo-2.46.6-150400.4.106.1
    * webkit2gtk-4_1-injected-bundles-2.46.6-150400.4.106.1
    * webkit-jsc-6.0-debuginfo-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-devel-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit-6_0-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.106.1
    * webkit2gtk3-minibrowser-debuginfo-2.46.6-150400.4.106.1
    * webkit2gtk4-devel-2.46.6-150400.4.106.1
  * openSUSE Leap 15.4 (x86_64)
    * libwebkit2gtk-4_1-0-32bit-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-32bit-debuginfo-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-32bit-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-32bit-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_1-0-32bit-debuginfo-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-32bit-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-32bit-debuginfo-2.46.6-150400.4.106.1
  * openSUSE Leap 15.4 (aarch64_ilp32)
    * libjavascriptcoregtk-4_0-18-64bit-debuginfo-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-64bit-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_1-0-64bit-debuginfo-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-64bit-debuginfo-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-64bit-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-64bit-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-64bit-debuginfo-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_1-0-64bit-2.46.6-150400.4.106.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * WebKitGTK-4.1-lang-2.46.6-150400.4.106.1
    * WebKitGTK-6.0-lang-2.46.6-150400.4.106.1
    * WebKitGTK-4.0-lang-2.46.6-150400.4.106.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-4_1-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.106.1
    * libwebkitgtk-6_0-4-debuginfo-2.46.6-150400.4.106.1
    * webkitgtk-6_0-injected-bundles-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-6_0-1-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_1-0-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2-4_0-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150400.4.106.1
    * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2-4_1-2.46.6-150400.4.106.1
    * webkit2gtk3-devel-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_1-0-2.46.6-150400.4.106.1
    * webkit2gtk3-debugsource-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.106.1
    * webkit2gtk4-debugsource-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-debugsource-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-2.46.6-150400.4.106.1
    * libwebkitgtk-6_0-4-2.46.6-150400.4.106.1
    * webkit2gtk-4_1-injected-bundles-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-devel-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.106.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * WebKitGTK-4.1-lang-2.46.6-150400.4.106.1
    * WebKitGTK-6.0-lang-2.46.6-150400.4.106.1
    * WebKitGTK-4.0-lang-2.46.6-150400.4.106.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-4_1-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.106.1
    * libwebkitgtk-6_0-4-debuginfo-2.46.6-150400.4.106.1
    * webkitgtk-6_0-injected-bundles-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-6_0-1-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_1-0-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2-4_0-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150400.4.106.1
    * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2-4_1-2.46.6-150400.4.106.1
    * webkit2gtk3-devel-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_1-0-2.46.6-150400.4.106.1
    * webkit2gtk3-debugsource-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.106.1
    * webkit2gtk4-debugsource-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-debugsource-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-2.46.6-150400.4.106.1
    * libwebkitgtk-6_0-4-2.46.6-150400.4.106.1
    * webkit2gtk-4_1-injected-bundles-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-devel-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.106.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * WebKitGTK-4.1-lang-2.46.6-150400.4.106.1
    * WebKitGTK-6.0-lang-2.46.6-150400.4.106.1
    * WebKitGTK-4.0-lang-2.46.6-150400.4.106.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-4_1-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.106.1
    * libwebkitgtk-6_0-4-debuginfo-2.46.6-150400.4.106.1
    * webkitgtk-6_0-injected-bundles-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-6_0-1-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_1-0-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2-4_0-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150400.4.106.1
    * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2-4_1-2.46.6-150400.4.106.1
    * webkit2gtk3-devel-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_1-0-2.46.6-150400.4.106.1
    * webkit2gtk3-debugsource-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.106.1
    * webkit2gtk4-debugsource-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-debugsource-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-2.46.6-150400.4.106.1
    * libwebkitgtk-6_0-4-2.46.6-150400.4.106.1
    * webkit2gtk-4_1-injected-bundles-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-devel-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.106.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * WebKitGTK-4.1-lang-2.46.6-150400.4.106.1
    * WebKitGTK-6.0-lang-2.46.6-150400.4.106.1
    * WebKitGTK-4.0-lang-2.46.6-150400.4.106.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-4_1-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.106.1
    * libwebkitgtk-6_0-4-debuginfo-2.46.6-150400.4.106.1
    * webkitgtk-6_0-injected-bundles-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-6_0-1-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_1-0-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2-4_0-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150400.4.106.1
    * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2-4_1-2.46.6-150400.4.106.1
    * webkit2gtk3-devel-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_1-0-2.46.6-150400.4.106.1
    * webkit2gtk3-debugsource-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.106.1
    * webkit2gtk4-debugsource-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-debugsource-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-2.46.6-150400.4.106.1
    * libwebkitgtk-6_0-4-2.46.6-150400.4.106.1
    * webkit2gtk-4_1-injected-bundles-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-devel-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.106.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * WebKitGTK-4.1-lang-2.46.6-150400.4.106.1
    * WebKitGTK-6.0-lang-2.46.6-150400.4.106.1
    * WebKitGTK-4.0-lang-2.46.6-150400.4.106.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-4_1-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.106.1
    * libwebkitgtk-6_0-4-debuginfo-2.46.6-150400.4.106.1
    * webkitgtk-6_0-injected-bundles-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-6_0-1-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_1-0-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2-4_0-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150400.4.106.1
    * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2-4_1-2.46.6-150400.4.106.1
    * webkit2gtk3-devel-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_1-0-2.46.6-150400.4.106.1
    * webkit2gtk3-debugsource-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.106.1
    * webkit2gtk4-debugsource-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-debugsource-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-2.46.6-150400.4.106.1
    * libwebkitgtk-6_0-4-2.46.6-150400.4.106.1
    * webkit2gtk-4_1-injected-bundles-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-devel-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.106.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * WebKitGTK-4.1-lang-2.46.6-150400.4.106.1
    * WebKitGTK-6.0-lang-2.46.6-150400.4.106.1
    * WebKitGTK-4.0-lang-2.46.6-150400.4.106.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-4_1-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.106.1
    * libwebkitgtk-6_0-4-debuginfo-2.46.6-150400.4.106.1
    * webkitgtk-6_0-injected-bundles-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-6_0-1-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_1-0-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2-4_0-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150400.4.106.1
    * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2-4_1-2.46.6-150400.4.106.1
    * webkit2gtk3-devel-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_1-0-2.46.6-150400.4.106.1
    * webkit2gtk3-debugsource-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.106.1
    * webkit2gtk4-debugsource-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-debugsource-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-2.46.6-150400.4.106.1
    * libwebkitgtk-6_0-4-2.46.6-150400.4.106.1
    * webkit2gtk-4_1-injected-bundles-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-devel-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.106.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * WebKitGTK-4.1-lang-2.46.6-150400.4.106.1
    * WebKitGTK-6.0-lang-2.46.6-150400.4.106.1
    * WebKitGTK-4.0-lang-2.46.6-150400.4.106.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-4_1-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.106.1
    * libwebkitgtk-6_0-4-debuginfo-2.46.6-150400.4.106.1
    * webkitgtk-6_0-injected-bundles-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-6_0-1-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_1-0-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2-4_0-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150400.4.106.1
    * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2-4_1-2.46.6-150400.4.106.1
    * webkit2gtk3-devel-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_1-0-2.46.6-150400.4.106.1
    * webkit2gtk3-debugsource-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.106.1
    * webkit2gtk4-debugsource-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-debugsource-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-2.46.6-150400.4.106.1
    * libwebkitgtk-6_0-4-2.46.6-150400.4.106.1
    * webkit2gtk-4_1-injected-bundles-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-devel-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.106.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * WebKitGTK-4.1-lang-2.46.6-150400.4.106.1
    * WebKitGTK-6.0-lang-2.46.6-150400.4.106.1
    * WebKitGTK-4.0-lang-2.46.6-150400.4.106.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-4_1-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.106.1
    * libwebkitgtk-6_0-4-debuginfo-2.46.6-150400.4.106.1
    * webkitgtk-6_0-injected-bundles-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-6_0-1-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_1-0-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2-4_0-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150400.4.106.1
    * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2-4_1-2.46.6-150400.4.106.1
    * webkit2gtk3-devel-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_1-0-2.46.6-150400.4.106.1
    * webkit2gtk3-debugsource-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.106.1
    * webkit2gtk4-debugsource-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-debugsource-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-2.46.6-150400.4.106.1
    * libwebkitgtk-6_0-4-2.46.6-150400.4.106.1
    * webkit2gtk-4_1-injected-bundles-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-devel-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.106.1
  * SUSE Manager Proxy 4.3 (noarch)
    * WebKitGTK-4.0-lang-2.46.6-150400.4.106.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2-4_0-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-devel-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-debugsource-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-2.46.6-150400.4.106.1
  * SUSE Manager Retail Branch Server 4.3 (noarch)
    * WebKitGTK-4.0-lang-2.46.6-150400.4.106.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2-4_0-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-devel-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-debugsource-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-2.46.6-150400.4.106.1
  * SUSE Manager Server 4.3 (noarch)
    * WebKitGTK-4.0-lang-2.46.6-150400.4.106.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2-4_0-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-devel-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-debugsource-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-2.46.6-150400.4.106.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-27856.html
  * https://www.suse.com/security/cve/CVE-2024-54543.html
  * https://www.suse.com/security/cve/CVE-2024-54658.html
  * https://www.suse.com/security/cve/CVE-2025-24143.html
  * https://www.suse.com/security/cve/CVE-2025-24150.html
  * https://www.suse.com/security/cve/CVE-2025-24158.html
  * https://www.suse.com/security/cve/CVE-2025-24162.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236946

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250221/922e4747/attachment.htm>

From null at suse.de  Fri Feb 21 16:30:08 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 21 Feb 2025 16:30:08 -0000
Subject: SUSE-SU-2025:0637-1: important: Security update for postgresql16
Message-ID: <174015540899.5950.3202357378691972263@smelt2.prg2.suse.org>



# Security update for postgresql16

Announcement ID: SUSE-SU-2025:0637-1  
Release Date: 2025-02-21T14:16:28Z  
Rating: important  
References:

  * bsc#1237093

  
Cross-References:

  * CVE-2025-1094

  
CVSS scores:

  * CVE-2025-1094 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-1094 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1094 ( NVD ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for postgresql16 fixes the following issues:

Upgrade to 16.8:

  * CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-
    encoded input strings (bsc#1237093).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-637=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-637=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * postgresql16-debuginfo-16.8-3.26.1
    * postgresql16-plperl-debuginfo-16.8-3.26.1
    * postgresql16-devel-debuginfo-16.8-3.26.1
    * postgresql16-server-devel-16.8-3.26.1
    * postgresql16-plpython-16.8-3.26.1
    * postgresql16-contrib-debuginfo-16.8-3.26.1
    * postgresql16-devel-16.8-3.26.1
    * postgresql16-16.8-3.26.1
    * postgresql16-server-16.8-3.26.1
    * postgresql16-pltcl-16.8-3.26.1
    * postgresql16-plperl-16.8-3.26.1
    * postgresql16-contrib-16.8-3.26.1
    * postgresql16-server-devel-debuginfo-16.8-3.26.1
    * postgresql16-pltcl-debuginfo-16.8-3.26.1
    * postgresql16-server-debuginfo-16.8-3.26.1
    * postgresql16-debugsource-16.8-3.26.1
    * postgresql16-plpython-debuginfo-16.8-3.26.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch)
    * postgresql16-docs-16.8-3.26.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * postgresql16-debuginfo-16.8-3.26.1
    * postgresql16-plperl-debuginfo-16.8-3.26.1
    * postgresql16-devel-debuginfo-16.8-3.26.1
    * postgresql16-server-devel-16.8-3.26.1
    * postgresql16-plpython-16.8-3.26.1
    * postgresql16-contrib-debuginfo-16.8-3.26.1
    * postgresql16-devel-16.8-3.26.1
    * postgresql16-16.8-3.26.1
    * postgresql16-server-16.8-3.26.1
    * postgresql16-pltcl-16.8-3.26.1
    * postgresql16-plperl-16.8-3.26.1
    * postgresql16-contrib-16.8-3.26.1
    * postgresql16-server-devel-debuginfo-16.8-3.26.1
    * postgresql16-pltcl-debuginfo-16.8-3.26.1
    * postgresql16-server-debuginfo-16.8-3.26.1
    * postgresql16-debugsource-16.8-3.26.1
    * postgresql16-plpython-debuginfo-16.8-3.26.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch)
    * postgresql16-docs-16.8-3.26.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-1094.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237093

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250221/a23ae6a7/attachment.htm>

From null at suse.de  Fri Feb 21 16:30:11 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 21 Feb 2025 16:30:11 -0000
Subject: SUSE-SU-2025:0636-1: important: Security update for postgresql16
Message-ID: <174015541134.5950.1762816999634298886@smelt2.prg2.suse.org>



# Security update for postgresql16

Announcement ID: SUSE-SU-2025:0636-1  
Release Date: 2025-02-21T14:16:02Z  
Rating: important  
References:

  * bsc#1237093

  
Cross-References:

  * CVE-2025-1094

  
CVSS scores:

  * CVE-2025-1094 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-1094 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1094 ( NVD ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for postgresql16 fixes the following issues:

Upgrade to 16.8:

  * CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-
    encoded input strings (bsc#1237093).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-636=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-636=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-636=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-636=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-636=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-636=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-636=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-636=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-636=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-636=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-636=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-636=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-636=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-636=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-636=1

## Package List:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * postgresql16-debuginfo-16.8-150200.5.26.1
    * postgresql16-debugsource-16.8-150200.5.26.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * postgresql16-devel-16.8-150200.5.26.1
    * postgresql16-plpython-16.8-150200.5.26.1
    * postgresql16-plperl-16.8-150200.5.26.1
    * postgresql16-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-16.8-150200.5.26.1
    * postgresql16-contrib-debuginfo-16.8-150200.5.26.1
    * postgresql16-plpython-debuginfo-16.8-150200.5.26.1
    * postgresql16-debuginfo-16.8-150200.5.26.1
    * postgresql16-pltcl-debuginfo-16.8-150200.5.26.1
    * postgresql16-plperl-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-devel-16.8-150200.5.26.1
    * postgresql16-contrib-16.8-150200.5.26.1
    * postgresql16-server-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-16.8-150200.5.26.1
    * postgresql16-debugsource-16.8-150200.5.26.1
    * postgresql16-pltcl-16.8-150200.5.26.1
    * postgresql16-server-debuginfo-16.8-150200.5.26.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * postgresql16-docs-16.8-150200.5.26.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * postgresql16-devel-16.8-150200.5.26.1
    * postgresql16-plpython-16.8-150200.5.26.1
    * postgresql16-plperl-16.8-150200.5.26.1
    * postgresql16-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-16.8-150200.5.26.1
    * postgresql16-contrib-debuginfo-16.8-150200.5.26.1
    * postgresql16-plpython-debuginfo-16.8-150200.5.26.1
    * postgresql16-debuginfo-16.8-150200.5.26.1
    * postgresql16-pltcl-debuginfo-16.8-150200.5.26.1
    * postgresql16-plperl-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-devel-16.8-150200.5.26.1
    * postgresql16-contrib-16.8-150200.5.26.1
    * postgresql16-server-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-16.8-150200.5.26.1
    * postgresql16-debugsource-16.8-150200.5.26.1
    * postgresql16-pltcl-16.8-150200.5.26.1
    * postgresql16-server-debuginfo-16.8-150200.5.26.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * postgresql16-docs-16.8-150200.5.26.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * postgresql16-devel-16.8-150200.5.26.1
    * postgresql16-plpython-16.8-150200.5.26.1
    * postgresql16-plperl-16.8-150200.5.26.1
    * postgresql16-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-16.8-150200.5.26.1
    * postgresql16-contrib-debuginfo-16.8-150200.5.26.1
    * postgresql16-plpython-debuginfo-16.8-150200.5.26.1
    * postgresql16-debuginfo-16.8-150200.5.26.1
    * postgresql16-pltcl-debuginfo-16.8-150200.5.26.1
    * postgresql16-plperl-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-devel-16.8-150200.5.26.1
    * postgresql16-contrib-16.8-150200.5.26.1
    * postgresql16-server-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-16.8-150200.5.26.1
    * postgresql16-debugsource-16.8-150200.5.26.1
    * postgresql16-pltcl-16.8-150200.5.26.1
    * postgresql16-server-debuginfo-16.8-150200.5.26.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * postgresql16-docs-16.8-150200.5.26.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * postgresql16-devel-16.8-150200.5.26.1
    * postgresql16-plpython-16.8-150200.5.26.1
    * postgresql16-plperl-16.8-150200.5.26.1
    * postgresql16-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-16.8-150200.5.26.1
    * postgresql16-contrib-debuginfo-16.8-150200.5.26.1
    * postgresql16-plpython-debuginfo-16.8-150200.5.26.1
    * postgresql16-debuginfo-16.8-150200.5.26.1
    * postgresql16-pltcl-debuginfo-16.8-150200.5.26.1
    * postgresql16-plperl-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-devel-16.8-150200.5.26.1
    * postgresql16-contrib-16.8-150200.5.26.1
    * postgresql16-server-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-16.8-150200.5.26.1
    * postgresql16-debugsource-16.8-150200.5.26.1
    * postgresql16-pltcl-16.8-150200.5.26.1
    * postgresql16-server-debuginfo-16.8-150200.5.26.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * postgresql16-docs-16.8-150200.5.26.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * postgresql16-debuginfo-16.8-150200.5.26.1
    * postgresql16-debugsource-16.8-150200.5.26.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * postgresql16-devel-16.8-150200.5.26.1
    * postgresql16-plpython-16.8-150200.5.26.1
    * postgresql16-plperl-16.8-150200.5.26.1
    * postgresql16-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-16.8-150200.5.26.1
    * postgresql16-contrib-debuginfo-16.8-150200.5.26.1
    * postgresql16-plpython-debuginfo-16.8-150200.5.26.1
    * postgresql16-debuginfo-16.8-150200.5.26.1
    * postgresql16-pltcl-debuginfo-16.8-150200.5.26.1
    * postgresql16-plperl-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-devel-16.8-150200.5.26.1
    * postgresql16-contrib-16.8-150200.5.26.1
    * postgresql16-server-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-16.8-150200.5.26.1
    * postgresql16-debugsource-16.8-150200.5.26.1
    * postgresql16-pltcl-16.8-150200.5.26.1
    * postgresql16-server-debuginfo-16.8-150200.5.26.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * postgresql16-docs-16.8-150200.5.26.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * postgresql16-devel-16.8-150200.5.26.1
    * postgresql16-plpython-16.8-150200.5.26.1
    * postgresql16-plperl-16.8-150200.5.26.1
    * postgresql16-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-16.8-150200.5.26.1
    * postgresql16-contrib-debuginfo-16.8-150200.5.26.1
    * postgresql16-plpython-debuginfo-16.8-150200.5.26.1
    * postgresql16-debuginfo-16.8-150200.5.26.1
    * postgresql16-pltcl-debuginfo-16.8-150200.5.26.1
    * postgresql16-plperl-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-devel-16.8-150200.5.26.1
    * postgresql16-contrib-16.8-150200.5.26.1
    * postgresql16-server-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-16.8-150200.5.26.1
    * postgresql16-debugsource-16.8-150200.5.26.1
    * postgresql16-pltcl-16.8-150200.5.26.1
    * postgresql16-server-debuginfo-16.8-150200.5.26.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * postgresql16-docs-16.8-150200.5.26.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * postgresql16-debuginfo-16.8-150200.5.26.1
    * postgresql16-debugsource-16.8-150200.5.26.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * postgresql16-devel-16.8-150200.5.26.1
    * postgresql16-plpython-16.8-150200.5.26.1
    * postgresql16-plperl-16.8-150200.5.26.1
    * postgresql16-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-16.8-150200.5.26.1
    * postgresql16-contrib-debuginfo-16.8-150200.5.26.1
    * postgresql16-plpython-debuginfo-16.8-150200.5.26.1
    * postgresql16-debuginfo-16.8-150200.5.26.1
    * postgresql16-pltcl-debuginfo-16.8-150200.5.26.1
    * postgresql16-plperl-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-devel-16.8-150200.5.26.1
    * postgresql16-contrib-16.8-150200.5.26.1
    * postgresql16-server-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-16.8-150200.5.26.1
    * postgresql16-debugsource-16.8-150200.5.26.1
    * postgresql16-pltcl-16.8-150200.5.26.1
    * postgresql16-server-debuginfo-16.8-150200.5.26.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * postgresql16-docs-16.8-150200.5.26.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * postgresql16-devel-16.8-150200.5.26.1
    * postgresql16-plpython-16.8-150200.5.26.1
    * postgresql16-plperl-16.8-150200.5.26.1
    * postgresql16-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-16.8-150200.5.26.1
    * postgresql16-contrib-debuginfo-16.8-150200.5.26.1
    * postgresql16-plpython-debuginfo-16.8-150200.5.26.1
    * postgresql16-debuginfo-16.8-150200.5.26.1
    * postgresql16-pltcl-debuginfo-16.8-150200.5.26.1
    * postgresql16-plperl-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-devel-16.8-150200.5.26.1
    * postgresql16-contrib-16.8-150200.5.26.1
    * postgresql16-server-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-16.8-150200.5.26.1
    * postgresql16-debugsource-16.8-150200.5.26.1
    * postgresql16-pltcl-16.8-150200.5.26.1
    * postgresql16-server-debuginfo-16.8-150200.5.26.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * postgresql16-docs-16.8-150200.5.26.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * postgresql16-devel-16.8-150200.5.26.1
    * postgresql16-plpython-16.8-150200.5.26.1
    * postgresql16-plperl-16.8-150200.5.26.1
    * postgresql16-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-16.8-150200.5.26.1
    * postgresql16-contrib-debuginfo-16.8-150200.5.26.1
    * postgresql16-plpython-debuginfo-16.8-150200.5.26.1
    * postgresql16-debuginfo-16.8-150200.5.26.1
    * postgresql16-pltcl-debuginfo-16.8-150200.5.26.1
    * postgresql16-plperl-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-devel-16.8-150200.5.26.1
    * postgresql16-contrib-16.8-150200.5.26.1
    * postgresql16-server-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-16.8-150200.5.26.1
    * postgresql16-debugsource-16.8-150200.5.26.1
    * postgresql16-pltcl-16.8-150200.5.26.1
    * postgresql16-server-debuginfo-16.8-150200.5.26.1
  * SUSE Manager Proxy 4.3 (noarch)
    * postgresql16-docs-16.8-150200.5.26.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * postgresql16-devel-16.8-150200.5.26.1
    * postgresql16-plpython-16.8-150200.5.26.1
    * postgresql16-plperl-16.8-150200.5.26.1
    * postgresql16-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-16.8-150200.5.26.1
    * postgresql16-contrib-debuginfo-16.8-150200.5.26.1
    * postgresql16-plpython-debuginfo-16.8-150200.5.26.1
    * postgresql16-debuginfo-16.8-150200.5.26.1
    * postgresql16-pltcl-debuginfo-16.8-150200.5.26.1
    * postgresql16-plperl-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-devel-16.8-150200.5.26.1
    * postgresql16-contrib-16.8-150200.5.26.1
    * postgresql16-server-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-16.8-150200.5.26.1
    * postgresql16-debugsource-16.8-150200.5.26.1
    * postgresql16-pltcl-16.8-150200.5.26.1
    * postgresql16-server-debuginfo-16.8-150200.5.26.1
  * SUSE Manager Retail Branch Server 4.3 (noarch)
    * postgresql16-docs-16.8-150200.5.26.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * postgresql16-devel-16.8-150200.5.26.1
    * postgresql16-plpython-16.8-150200.5.26.1
    * postgresql16-plperl-16.8-150200.5.26.1
    * postgresql16-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-16.8-150200.5.26.1
    * postgresql16-contrib-debuginfo-16.8-150200.5.26.1
    * postgresql16-plpython-debuginfo-16.8-150200.5.26.1
    * postgresql16-debuginfo-16.8-150200.5.26.1
    * postgresql16-pltcl-debuginfo-16.8-150200.5.26.1
    * postgresql16-plperl-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-devel-16.8-150200.5.26.1
    * postgresql16-contrib-16.8-150200.5.26.1
    * postgresql16-server-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-16.8-150200.5.26.1
    * postgresql16-debugsource-16.8-150200.5.26.1
    * postgresql16-pltcl-16.8-150200.5.26.1
    * postgresql16-server-debuginfo-16.8-150200.5.26.1
  * SUSE Manager Server 4.3 (noarch)
    * postgresql16-docs-16.8-150200.5.26.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * postgresql16-debuginfo-16.8-150200.5.26.1
    * postgresql16-debugsource-16.8-150200.5.26.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-1094.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237093

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250221/04a65d2b/attachment.htm>

From null at suse.de  Fri Feb 21 16:30:14 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 21 Feb 2025 16:30:14 -0000
Subject: SUSE-SU-2025:0635-1: important: Security update for postgresql16
Message-ID: <174015541495.5950.6060619441299938324@smelt2.prg2.suse.org>



# Security update for postgresql16

Announcement ID: SUSE-SU-2025:0635-1  
Release Date: 2025-02-21T14:13:33Z  
Rating: important  
References:

  * bsc#1237093

  
Cross-References:

  * CVE-2025-1094

  
CVSS scores:

  * CVE-2025-1094 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-1094 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1094 ( NVD ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * Server Applications Module 15-SP6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Package Hub 15 15-SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for postgresql16 fixes the following issues:

Upgrade to 16.8:

  * CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-
    encoded input strings (bsc#1237093).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-635=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-635=1

  * Server Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-635=1

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-635=1 openSUSE-SLE-15.6-2025-635=1

## Package List:

  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * postgresql16-16.8-150600.16.15.1
    * postgresql16-debugsource-16.8-150600.16.15.1
    * postgresql16-debuginfo-16.8-150600.16.15.1
  * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64)
    * postgresql16-debuginfo-16.8-150600.16.15.1
    * postgresql16-debugsource-16.8-150600.16.15.1
    * postgresql16-test-16.8-150600.16.15.1
    * postgresql16-llvmjit-16.8-150600.16.15.1
    * postgresql16-llvmjit-debuginfo-16.8-150600.16.15.1
  * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * postgresql16-debuginfo-16.8-150600.16.15.1
    * postgresql16-debugsource-16.8-150600.16.15.1
    * postgresql16-contrib-16.8-150600.16.15.1
    * postgresql16-pltcl-debuginfo-16.8-150600.16.15.1
    * postgresql16-server-devel-debuginfo-16.8-150600.16.15.1
    * postgresql16-plperl-16.8-150600.16.15.1
    * postgresql16-plpython-16.8-150600.16.15.1
    * postgresql16-server-debuginfo-16.8-150600.16.15.1
    * postgresql16-server-devel-16.8-150600.16.15.1
    * postgresql16-server-16.8-150600.16.15.1
    * postgresql16-plpython-debuginfo-16.8-150600.16.15.1
    * postgresql16-plperl-debuginfo-16.8-150600.16.15.1
    * postgresql16-devel-16.8-150600.16.15.1
    * postgresql16-pltcl-16.8-150600.16.15.1
    * postgresql16-contrib-debuginfo-16.8-150600.16.15.1
    * postgresql16-devel-debuginfo-16.8-150600.16.15.1
  * Server Applications Module 15-SP6 (noarch)
    * postgresql16-docs-16.8-150600.16.15.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * postgresql16-debuginfo-16.8-150600.16.15.1
    * postgresql16-server-16.8-150600.16.15.1
    * postgresql16-devel-16.8-150600.16.15.1
    * postgresql16-pltcl-16.8-150600.16.15.1
    * postgresql16-llvmjit-devel-16.8-150600.16.15.1
    * postgresql16-server-debuginfo-16.8-150600.16.15.1
    * postgresql16-server-devel-16.8-150600.16.15.1
    * postgresql16-plperl-debuginfo-16.8-150600.16.15.1
    * postgresql16-devel-debuginfo-16.8-150600.16.15.1
    * postgresql16-contrib-16.8-150600.16.15.1
    * postgresql16-16.8-150600.16.15.1
    * postgresql16-llvmjit-16.8-150600.16.15.1
    * postgresql16-plperl-16.8-150600.16.15.1
    * postgresql16-plpython-debuginfo-16.8-150600.16.15.1
    * postgresql16-contrib-debuginfo-16.8-150600.16.15.1
    * postgresql16-debugsource-16.8-150600.16.15.1
    * postgresql16-test-16.8-150600.16.15.1
    * postgresql16-server-devel-debuginfo-16.8-150600.16.15.1
    * postgresql16-pltcl-debuginfo-16.8-150600.16.15.1
    * postgresql16-plpython-16.8-150600.16.15.1
    * postgresql16-llvmjit-debuginfo-16.8-150600.16.15.1
  * openSUSE Leap 15.6 (noarch)
    * postgresql16-docs-16.8-150600.16.15.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-1094.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237093

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250221/eed38b82/attachment.htm>

From null at suse.de  Fri Feb 21 16:30:17 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 21 Feb 2025 16:30:17 -0000
Subject: SUSE-SU-2025:0634-1: important: Security update for postgresql15
Message-ID: <174015541745.5950.18446620070034678201@smelt2.prg2.suse.org>



# Security update for postgresql15

Announcement ID: SUSE-SU-2025:0634-1  
Release Date: 2025-02-21T14:12:51Z  
Rating: important  
References:

  * bsc#1237093

  
Cross-References:

  * CVE-2025-1094

  
CVSS scores:

  * CVE-2025-1094 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-1094 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1094 ( NVD ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for postgresql15 fixes the following issues:

Upgrade to 15.12:

  * CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-
    encoded input strings (bsc#1237093).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-634=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-634=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * postgresql15-server-devel-15.12-3.38.1
    * postgresql15-server-debuginfo-15.12-3.38.1
    * postgresql15-pltcl-debuginfo-15.12-3.38.1
    * postgresql15-plperl-debuginfo-15.12-3.38.1
    * postgresql15-debugsource-15.12-3.38.1
    * postgresql15-plpython-15.12-3.38.1
    * postgresql15-debuginfo-15.12-3.38.1
    * postgresql15-plpython-debuginfo-15.12-3.38.1
    * postgresql15-server-devel-debuginfo-15.12-3.38.1
    * postgresql15-server-15.12-3.38.1
    * postgresql15-pltcl-15.12-3.38.1
    * postgresql15-15.12-3.38.1
    * postgresql15-contrib-debuginfo-15.12-3.38.1
    * postgresql15-devel-15.12-3.38.1
    * postgresql15-contrib-15.12-3.38.1
    * postgresql15-plperl-15.12-3.38.1
    * postgresql15-devel-debuginfo-15.12-3.38.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch)
    * postgresql15-docs-15.12-3.38.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * postgresql15-server-devel-15.12-3.38.1
    * postgresql15-server-debuginfo-15.12-3.38.1
    * postgresql15-pltcl-debuginfo-15.12-3.38.1
    * postgresql15-plperl-debuginfo-15.12-3.38.1
    * postgresql15-debugsource-15.12-3.38.1
    * postgresql15-plpython-15.12-3.38.1
    * postgresql15-debuginfo-15.12-3.38.1
    * postgresql15-plpython-debuginfo-15.12-3.38.1
    * postgresql15-server-devel-debuginfo-15.12-3.38.1
    * postgresql15-server-15.12-3.38.1
    * postgresql15-pltcl-15.12-3.38.1
    * postgresql15-15.12-3.38.1
    * postgresql15-contrib-debuginfo-15.12-3.38.1
    * postgresql15-devel-15.12-3.38.1
    * postgresql15-contrib-15.12-3.38.1
    * postgresql15-plperl-15.12-3.38.1
    * postgresql15-devel-debuginfo-15.12-3.38.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch)
    * postgresql15-docs-15.12-3.38.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-1094.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237093

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250221/cb91b3aa/attachment.htm>

From null at suse.de  Fri Feb 21 16:30:20 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 21 Feb 2025 16:30:20 -0000
Subject: SUSE-SU-2025:0633-1: important: Security update for postgresql15
Message-ID: <174015542003.5950.2441854479781276828@smelt2.prg2.suse.org>



# Security update for postgresql15

Announcement ID: SUSE-SU-2025:0633-1  
Release Date: 2025-02-21T14:12:15Z  
Rating: important  
References:

  * bsc#1237093

  
Cross-References:

  * CVE-2025-1094

  
CVSS scores:

  * CVE-2025-1094 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-1094 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1094 ( NVD ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for postgresql15 fixes the following issues:

Upgrade to 15.12:

  * CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-
    encoded input strings (bsc#1237093).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-633=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-633=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-633=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-633=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-633=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-633=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-633=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-633=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-633=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-633=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-633=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-633=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-633=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-633=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-633=1

## Package List:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * postgresql15-plpython-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-debuginfo-15.12-150200.5.38.1
    * postgresql15-contrib-debuginfo-15.12-150200.5.38.1
    * postgresql15-plpython-15.12-150200.5.38.1
    * postgresql15-contrib-15.12-150200.5.38.1
    * postgresql15-server-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-debugsource-15.12-150200.5.38.1
    * postgresql15-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-15.12-150200.5.38.1
    * postgresql15-debuginfo-15.12-150200.5.38.1
    * postgresql15-devel-15.12-150200.5.38.1
    * postgresql15-server-15.12-150200.5.38.1
    * postgresql15-server-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-15.12-150200.5.38.1
    * postgresql15-15.12-150200.5.38.1
    * postgresql15-server-devel-15.12-150200.5.38.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * postgresql15-docs-15.12-150200.5.38.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * postgresql15-plpython-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-debuginfo-15.12-150200.5.38.1
    * postgresql15-contrib-debuginfo-15.12-150200.5.38.1
    * postgresql15-plpython-15.12-150200.5.38.1
    * postgresql15-contrib-15.12-150200.5.38.1
    * postgresql15-server-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-debugsource-15.12-150200.5.38.1
    * postgresql15-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-15.12-150200.5.38.1
    * postgresql15-debuginfo-15.12-150200.5.38.1
    * postgresql15-devel-15.12-150200.5.38.1
    * postgresql15-server-15.12-150200.5.38.1
    * postgresql15-server-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-15.12-150200.5.38.1
    * postgresql15-15.12-150200.5.38.1
    * postgresql15-server-devel-15.12-150200.5.38.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * postgresql15-docs-15.12-150200.5.38.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * postgresql15-plpython-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-debuginfo-15.12-150200.5.38.1
    * postgresql15-contrib-debuginfo-15.12-150200.5.38.1
    * postgresql15-plpython-15.12-150200.5.38.1
    * postgresql15-contrib-15.12-150200.5.38.1
    * postgresql15-server-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-debugsource-15.12-150200.5.38.1
    * postgresql15-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-15.12-150200.5.38.1
    * postgresql15-debuginfo-15.12-150200.5.38.1
    * postgresql15-devel-15.12-150200.5.38.1
    * postgresql15-server-15.12-150200.5.38.1
    * postgresql15-server-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-15.12-150200.5.38.1
    * postgresql15-15.12-150200.5.38.1
    * postgresql15-server-devel-15.12-150200.5.38.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * postgresql15-docs-15.12-150200.5.38.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * postgresql15-plpython-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-debuginfo-15.12-150200.5.38.1
    * postgresql15-contrib-debuginfo-15.12-150200.5.38.1
    * postgresql15-plpython-15.12-150200.5.38.1
    * postgresql15-contrib-15.12-150200.5.38.1
    * postgresql15-server-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-debugsource-15.12-150200.5.38.1
    * postgresql15-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-15.12-150200.5.38.1
    * postgresql15-debuginfo-15.12-150200.5.38.1
    * postgresql15-devel-15.12-150200.5.38.1
    * postgresql15-server-15.12-150200.5.38.1
    * postgresql15-server-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-15.12-150200.5.38.1
    * postgresql15-15.12-150200.5.38.1
    * postgresql15-server-devel-15.12-150200.5.38.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * postgresql15-docs-15.12-150200.5.38.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * postgresql15-plpython-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-debuginfo-15.12-150200.5.38.1
    * postgresql15-contrib-debuginfo-15.12-150200.5.38.1
    * postgresql15-plpython-15.12-150200.5.38.1
    * postgresql15-contrib-15.12-150200.5.38.1
    * postgresql15-server-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-debugsource-15.12-150200.5.38.1
    * postgresql15-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-15.12-150200.5.38.1
    * postgresql15-debuginfo-15.12-150200.5.38.1
    * postgresql15-devel-15.12-150200.5.38.1
    * postgresql15-server-15.12-150200.5.38.1
    * postgresql15-server-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-15.12-150200.5.38.1
    * postgresql15-15.12-150200.5.38.1
    * postgresql15-server-devel-15.12-150200.5.38.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * postgresql15-docs-15.12-150200.5.38.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * postgresql15-plpython-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-debuginfo-15.12-150200.5.38.1
    * postgresql15-contrib-debuginfo-15.12-150200.5.38.1
    * postgresql15-plpython-15.12-150200.5.38.1
    * postgresql15-contrib-15.12-150200.5.38.1
    * postgresql15-server-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-debugsource-15.12-150200.5.38.1
    * postgresql15-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-15.12-150200.5.38.1
    * postgresql15-debuginfo-15.12-150200.5.38.1
    * postgresql15-devel-15.12-150200.5.38.1
    * postgresql15-server-15.12-150200.5.38.1
    * postgresql15-server-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-15.12-150200.5.38.1
    * postgresql15-15.12-150200.5.38.1
    * postgresql15-server-devel-15.12-150200.5.38.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * postgresql15-docs-15.12-150200.5.38.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * postgresql15-plpython-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-debuginfo-15.12-150200.5.38.1
    * postgresql15-contrib-debuginfo-15.12-150200.5.38.1
    * postgresql15-plpython-15.12-150200.5.38.1
    * postgresql15-contrib-15.12-150200.5.38.1
    * postgresql15-server-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-debugsource-15.12-150200.5.38.1
    * postgresql15-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-15.12-150200.5.38.1
    * postgresql15-debuginfo-15.12-150200.5.38.1
    * postgresql15-devel-15.12-150200.5.38.1
    * postgresql15-server-15.12-150200.5.38.1
    * postgresql15-server-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-15.12-150200.5.38.1
    * postgresql15-15.12-150200.5.38.1
    * postgresql15-server-devel-15.12-150200.5.38.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * postgresql15-docs-15.12-150200.5.38.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * postgresql15-plpython-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-debuginfo-15.12-150200.5.38.1
    * postgresql15-contrib-debuginfo-15.12-150200.5.38.1
    * postgresql15-plpython-15.12-150200.5.38.1
    * postgresql15-contrib-15.12-150200.5.38.1
    * postgresql15-server-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-debugsource-15.12-150200.5.38.1
    * postgresql15-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-15.12-150200.5.38.1
    * postgresql15-debuginfo-15.12-150200.5.38.1
    * postgresql15-devel-15.12-150200.5.38.1
    * postgresql15-server-15.12-150200.5.38.1
    * postgresql15-server-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-15.12-150200.5.38.1
    * postgresql15-15.12-150200.5.38.1
    * postgresql15-server-devel-15.12-150200.5.38.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * postgresql15-docs-15.12-150200.5.38.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * postgresql15-plpython-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-debuginfo-15.12-150200.5.38.1
    * postgresql15-contrib-debuginfo-15.12-150200.5.38.1
    * postgresql15-plpython-15.12-150200.5.38.1
    * postgresql15-contrib-15.12-150200.5.38.1
    * postgresql15-server-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-debugsource-15.12-150200.5.38.1
    * postgresql15-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-15.12-150200.5.38.1
    * postgresql15-debuginfo-15.12-150200.5.38.1
    * postgresql15-devel-15.12-150200.5.38.1
    * postgresql15-server-15.12-150200.5.38.1
    * postgresql15-server-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-15.12-150200.5.38.1
    * postgresql15-15.12-150200.5.38.1
    * postgresql15-server-devel-15.12-150200.5.38.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * postgresql15-docs-15.12-150200.5.38.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * postgresql15-plpython-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-debuginfo-15.12-150200.5.38.1
    * postgresql15-contrib-debuginfo-15.12-150200.5.38.1
    * postgresql15-plpython-15.12-150200.5.38.1
    * postgresql15-contrib-15.12-150200.5.38.1
    * postgresql15-server-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-debugsource-15.12-150200.5.38.1
    * postgresql15-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-15.12-150200.5.38.1
    * postgresql15-debuginfo-15.12-150200.5.38.1
    * postgresql15-devel-15.12-150200.5.38.1
    * postgresql15-server-15.12-150200.5.38.1
    * postgresql15-server-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-15.12-150200.5.38.1
    * postgresql15-15.12-150200.5.38.1
    * postgresql15-server-devel-15.12-150200.5.38.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * postgresql15-docs-15.12-150200.5.38.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * postgresql15-plpython-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-debuginfo-15.12-150200.5.38.1
    * postgresql15-contrib-debuginfo-15.12-150200.5.38.1
    * postgresql15-plpython-15.12-150200.5.38.1
    * postgresql15-contrib-15.12-150200.5.38.1
    * postgresql15-server-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-debugsource-15.12-150200.5.38.1
    * postgresql15-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-15.12-150200.5.38.1
    * postgresql15-debuginfo-15.12-150200.5.38.1
    * postgresql15-devel-15.12-150200.5.38.1
    * postgresql15-server-15.12-150200.5.38.1
    * postgresql15-server-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-15.12-150200.5.38.1
    * postgresql15-15.12-150200.5.38.1
    * postgresql15-server-devel-15.12-150200.5.38.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * postgresql15-docs-15.12-150200.5.38.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * postgresql15-plpython-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-debuginfo-15.12-150200.5.38.1
    * postgresql15-contrib-debuginfo-15.12-150200.5.38.1
    * postgresql15-plpython-15.12-150200.5.38.1
    * postgresql15-contrib-15.12-150200.5.38.1
    * postgresql15-server-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-debugsource-15.12-150200.5.38.1
    * postgresql15-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-15.12-150200.5.38.1
    * postgresql15-debuginfo-15.12-150200.5.38.1
    * postgresql15-devel-15.12-150200.5.38.1
    * postgresql15-server-15.12-150200.5.38.1
    * postgresql15-server-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-15.12-150200.5.38.1
    * postgresql15-15.12-150200.5.38.1
    * postgresql15-server-devel-15.12-150200.5.38.1
  * SUSE Manager Proxy 4.3 (noarch)
    * postgresql15-docs-15.12-150200.5.38.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * postgresql15-plpython-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-debuginfo-15.12-150200.5.38.1
    * postgresql15-contrib-debuginfo-15.12-150200.5.38.1
    * postgresql15-plpython-15.12-150200.5.38.1
    * postgresql15-contrib-15.12-150200.5.38.1
    * postgresql15-server-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-debugsource-15.12-150200.5.38.1
    * postgresql15-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-15.12-150200.5.38.1
    * postgresql15-debuginfo-15.12-150200.5.38.1
    * postgresql15-devel-15.12-150200.5.38.1
    * postgresql15-server-15.12-150200.5.38.1
    * postgresql15-server-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-15.12-150200.5.38.1
    * postgresql15-15.12-150200.5.38.1
    * postgresql15-server-devel-15.12-150200.5.38.1
  * SUSE Manager Retail Branch Server 4.3 (noarch)
    * postgresql15-docs-15.12-150200.5.38.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * postgresql15-plpython-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-debuginfo-15.12-150200.5.38.1
    * postgresql15-contrib-debuginfo-15.12-150200.5.38.1
    * postgresql15-plpython-15.12-150200.5.38.1
    * postgresql15-contrib-15.12-150200.5.38.1
    * postgresql15-server-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-debugsource-15.12-150200.5.38.1
    * postgresql15-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-15.12-150200.5.38.1
    * postgresql15-debuginfo-15.12-150200.5.38.1
    * postgresql15-devel-15.12-150200.5.38.1
    * postgresql15-server-15.12-150200.5.38.1
    * postgresql15-server-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-15.12-150200.5.38.1
    * postgresql15-15.12-150200.5.38.1
    * postgresql15-server-devel-15.12-150200.5.38.1
  * SUSE Manager Server 4.3 (noarch)
    * postgresql15-docs-15.12-150200.5.38.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * postgresql15-plpython-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-debuginfo-15.12-150200.5.38.1
    * postgresql15-contrib-debuginfo-15.12-150200.5.38.1
    * postgresql15-plpython-15.12-150200.5.38.1
    * postgresql15-contrib-15.12-150200.5.38.1
    * postgresql15-server-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-debugsource-15.12-150200.5.38.1
    * postgresql15-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-15.12-150200.5.38.1
    * postgresql15-debuginfo-15.12-150200.5.38.1
    * postgresql15-devel-15.12-150200.5.38.1
    * postgresql15-server-15.12-150200.5.38.1
    * postgresql15-server-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-15.12-150200.5.38.1
    * postgresql15-15.12-150200.5.38.1
    * postgresql15-server-devel-15.12-150200.5.38.1
  * SUSE Enterprise Storage 7.1 (noarch)
    * postgresql15-docs-15.12-150200.5.38.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-1094.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237093

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250221/29613799/attachment-0001.htm>

From null at suse.de  Fri Feb 21 16:30:22 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 21 Feb 2025 16:30:22 -0000
Subject: SUSE-SU-2025:0632-1: important: Security update for postgresql14
Message-ID: <174015542269.5950.4002537698407892772@smelt2.prg2.suse.org>



# Security update for postgresql14

Announcement ID: SUSE-SU-2025:0632-1  
Release Date: 2025-02-21T14:11:05Z  
Rating: important  
References:

  * bsc#1237093

  
Cross-References:

  * CVE-2025-1094

  
CVSS scores:

  * CVE-2025-1094 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-1094 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1094 ( NVD ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for postgresql14 fixes the following issues:

Upgrade to 14.17:

  * CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-
    encoded input strings (bsc#1237093).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-632=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-632=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-632=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-632=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-632=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-632=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-632=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-632=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-632=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-632=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-632=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-632=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-632=1

## Package List:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * postgresql14-plperl-14.17-150200.5.55.1
    * postgresql14-server-devel-14.17-150200.5.55.1
    * postgresql14-pltcl-14.17-150200.5.55.1
    * postgresql14-server-14.17-150200.5.55.1
    * postgresql14-plperl-debuginfo-14.17-150200.5.55.1
    * postgresql14-plpython-14.17-150200.5.55.1
    * postgresql14-debuginfo-14.17-150200.5.55.1
    * postgresql14-server-debuginfo-14.17-150200.5.55.1
    * postgresql14-14.17-150200.5.55.1
    * postgresql14-server-devel-debuginfo-14.17-150200.5.55.1
    * postgresql14-devel-14.17-150200.5.55.1
    * postgresql14-plpython-debuginfo-14.17-150200.5.55.1
    * postgresql14-pltcl-debuginfo-14.17-150200.5.55.1
    * postgresql14-contrib-14.17-150200.5.55.1
    * postgresql14-contrib-debuginfo-14.17-150200.5.55.1
    * postgresql14-debugsource-14.17-150200.5.55.1
    * postgresql14-devel-debuginfo-14.17-150200.5.55.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * postgresql14-docs-14.17-150200.5.55.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * postgresql14-plperl-14.17-150200.5.55.1
    * postgresql14-server-devel-14.17-150200.5.55.1
    * postgresql14-pltcl-14.17-150200.5.55.1
    * postgresql14-server-14.17-150200.5.55.1
    * postgresql14-plperl-debuginfo-14.17-150200.5.55.1
    * postgresql14-plpython-14.17-150200.5.55.1
    * postgresql14-debuginfo-14.17-150200.5.55.1
    * postgresql14-server-debuginfo-14.17-150200.5.55.1
    * postgresql14-14.17-150200.5.55.1
    * postgresql14-server-devel-debuginfo-14.17-150200.5.55.1
    * postgresql14-devel-14.17-150200.5.55.1
    * postgresql14-plpython-debuginfo-14.17-150200.5.55.1
    * postgresql14-pltcl-debuginfo-14.17-150200.5.55.1
    * postgresql14-contrib-14.17-150200.5.55.1
    * postgresql14-contrib-debuginfo-14.17-150200.5.55.1
    * postgresql14-debugsource-14.17-150200.5.55.1
    * postgresql14-devel-debuginfo-14.17-150200.5.55.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * postgresql14-docs-14.17-150200.5.55.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * postgresql14-plperl-14.17-150200.5.55.1
    * postgresql14-server-devel-14.17-150200.5.55.1
    * postgresql14-pltcl-14.17-150200.5.55.1
    * postgresql14-server-14.17-150200.5.55.1
    * postgresql14-plperl-debuginfo-14.17-150200.5.55.1
    * postgresql14-plpython-14.17-150200.5.55.1
    * postgresql14-debuginfo-14.17-150200.5.55.1
    * postgresql14-server-debuginfo-14.17-150200.5.55.1
    * postgresql14-14.17-150200.5.55.1
    * postgresql14-server-devel-debuginfo-14.17-150200.5.55.1
    * postgresql14-devel-14.17-150200.5.55.1
    * postgresql14-plpython-debuginfo-14.17-150200.5.55.1
    * postgresql14-pltcl-debuginfo-14.17-150200.5.55.1
    * postgresql14-contrib-14.17-150200.5.55.1
    * postgresql14-contrib-debuginfo-14.17-150200.5.55.1
    * postgresql14-debugsource-14.17-150200.5.55.1
    * postgresql14-devel-debuginfo-14.17-150200.5.55.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * postgresql14-docs-14.17-150200.5.55.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * postgresql14-plperl-14.17-150200.5.55.1
    * postgresql14-server-devel-14.17-150200.5.55.1
    * postgresql14-pltcl-14.17-150200.5.55.1
    * postgresql14-server-14.17-150200.5.55.1
    * postgresql14-plperl-debuginfo-14.17-150200.5.55.1
    * postgresql14-plpython-14.17-150200.5.55.1
    * postgresql14-debuginfo-14.17-150200.5.55.1
    * postgresql14-server-debuginfo-14.17-150200.5.55.1
    * postgresql14-14.17-150200.5.55.1
    * postgresql14-server-devel-debuginfo-14.17-150200.5.55.1
    * postgresql14-devel-14.17-150200.5.55.1
    * postgresql14-plpython-debuginfo-14.17-150200.5.55.1
    * postgresql14-pltcl-debuginfo-14.17-150200.5.55.1
    * postgresql14-contrib-14.17-150200.5.55.1
    * postgresql14-contrib-debuginfo-14.17-150200.5.55.1
    * postgresql14-debugsource-14.17-150200.5.55.1
    * postgresql14-devel-debuginfo-14.17-150200.5.55.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * postgresql14-docs-14.17-150200.5.55.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * postgresql14-plperl-14.17-150200.5.55.1
    * postgresql14-server-devel-14.17-150200.5.55.1
    * postgresql14-pltcl-14.17-150200.5.55.1
    * postgresql14-server-14.17-150200.5.55.1
    * postgresql14-plperl-debuginfo-14.17-150200.5.55.1
    * postgresql14-plpython-14.17-150200.5.55.1
    * postgresql14-debuginfo-14.17-150200.5.55.1
    * postgresql14-server-debuginfo-14.17-150200.5.55.1
    * postgresql14-14.17-150200.5.55.1
    * postgresql14-server-devel-debuginfo-14.17-150200.5.55.1
    * postgresql14-devel-14.17-150200.5.55.1
    * postgresql14-plpython-debuginfo-14.17-150200.5.55.1
    * postgresql14-pltcl-debuginfo-14.17-150200.5.55.1
    * postgresql14-contrib-14.17-150200.5.55.1
    * postgresql14-contrib-debuginfo-14.17-150200.5.55.1
    * postgresql14-debugsource-14.17-150200.5.55.1
    * postgresql14-devel-debuginfo-14.17-150200.5.55.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * postgresql14-docs-14.17-150200.5.55.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * postgresql14-llvmjit-14.17-150200.5.55.1
    * postgresql14-plperl-14.17-150200.5.55.1
    * postgresql14-server-devel-14.17-150200.5.55.1
    * postgresql14-pltcl-14.17-150200.5.55.1
    * postgresql14-server-14.17-150200.5.55.1
    * postgresql14-plperl-debuginfo-14.17-150200.5.55.1
    * postgresql14-plpython-14.17-150200.5.55.1
    * postgresql14-debuginfo-14.17-150200.5.55.1
    * postgresql14-server-debuginfo-14.17-150200.5.55.1
    * postgresql14-14.17-150200.5.55.1
    * postgresql14-server-devel-debuginfo-14.17-150200.5.55.1
    * postgresql14-devel-14.17-150200.5.55.1
    * postgresql14-plpython-debuginfo-14.17-150200.5.55.1
    * postgresql14-llvmjit-devel-14.17-150200.5.55.1
    * postgresql14-pltcl-debuginfo-14.17-150200.5.55.1
    * postgresql14-contrib-14.17-150200.5.55.1
    * postgresql14-contrib-debuginfo-14.17-150200.5.55.1
    * postgresql14-debugsource-14.17-150200.5.55.1
    * postgresql14-llvmjit-debuginfo-14.17-150200.5.55.1
    * postgresql14-devel-debuginfo-14.17-150200.5.55.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * postgresql14-docs-14.17-150200.5.55.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * postgresql14-plperl-14.17-150200.5.55.1
    * postgresql14-server-devel-14.17-150200.5.55.1
    * postgresql14-pltcl-14.17-150200.5.55.1
    * postgresql14-server-14.17-150200.5.55.1
    * postgresql14-plperl-debuginfo-14.17-150200.5.55.1
    * postgresql14-plpython-14.17-150200.5.55.1
    * postgresql14-debuginfo-14.17-150200.5.55.1
    * postgresql14-server-debuginfo-14.17-150200.5.55.1
    * postgresql14-14.17-150200.5.55.1
    * postgresql14-server-devel-debuginfo-14.17-150200.5.55.1
    * postgresql14-devel-14.17-150200.5.55.1
    * postgresql14-plpython-debuginfo-14.17-150200.5.55.1
    * postgresql14-pltcl-debuginfo-14.17-150200.5.55.1
    * postgresql14-contrib-14.17-150200.5.55.1
    * postgresql14-contrib-debuginfo-14.17-150200.5.55.1
    * postgresql14-debugsource-14.17-150200.5.55.1
    * postgresql14-devel-debuginfo-14.17-150200.5.55.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * postgresql14-docs-14.17-150200.5.55.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * postgresql14-plperl-14.17-150200.5.55.1
    * postgresql14-server-devel-14.17-150200.5.55.1
    * postgresql14-pltcl-14.17-150200.5.55.1
    * postgresql14-server-14.17-150200.5.55.1
    * postgresql14-plperl-debuginfo-14.17-150200.5.55.1
    * postgresql14-plpython-14.17-150200.5.55.1
    * postgresql14-debuginfo-14.17-150200.5.55.1
    * postgresql14-server-debuginfo-14.17-150200.5.55.1
    * postgresql14-14.17-150200.5.55.1
    * postgresql14-server-devel-debuginfo-14.17-150200.5.55.1
    * postgresql14-devel-14.17-150200.5.55.1
    * postgresql14-plpython-debuginfo-14.17-150200.5.55.1
    * postgresql14-pltcl-debuginfo-14.17-150200.5.55.1
    * postgresql14-contrib-14.17-150200.5.55.1
    * postgresql14-contrib-debuginfo-14.17-150200.5.55.1
    * postgresql14-debugsource-14.17-150200.5.55.1
    * postgresql14-devel-debuginfo-14.17-150200.5.55.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * postgresql14-docs-14.17-150200.5.55.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * postgresql14-llvmjit-14.17-150200.5.55.1
    * postgresql14-plperl-14.17-150200.5.55.1
    * postgresql14-server-devel-14.17-150200.5.55.1
    * postgresql14-pltcl-14.17-150200.5.55.1
    * postgresql14-server-14.17-150200.5.55.1
    * postgresql14-plperl-debuginfo-14.17-150200.5.55.1
    * postgresql14-plpython-14.17-150200.5.55.1
    * postgresql14-debuginfo-14.17-150200.5.55.1
    * postgresql14-server-debuginfo-14.17-150200.5.55.1
    * postgresql14-14.17-150200.5.55.1
    * postgresql14-server-devel-debuginfo-14.17-150200.5.55.1
    * postgresql14-devel-14.17-150200.5.55.1
    * postgresql14-plpython-debuginfo-14.17-150200.5.55.1
    * postgresql14-llvmjit-devel-14.17-150200.5.55.1
    * postgresql14-pltcl-debuginfo-14.17-150200.5.55.1
    * postgresql14-contrib-14.17-150200.5.55.1
    * postgresql14-contrib-debuginfo-14.17-150200.5.55.1
    * postgresql14-debugsource-14.17-150200.5.55.1
    * postgresql14-llvmjit-debuginfo-14.17-150200.5.55.1
    * postgresql14-devel-debuginfo-14.17-150200.5.55.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * postgresql14-docs-14.17-150200.5.55.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * postgresql14-plperl-14.17-150200.5.55.1
    * postgresql14-server-devel-14.17-150200.5.55.1
    * postgresql14-pltcl-14.17-150200.5.55.1
    * postgresql14-server-14.17-150200.5.55.1
    * postgresql14-plperl-debuginfo-14.17-150200.5.55.1
    * postgresql14-plpython-14.17-150200.5.55.1
    * postgresql14-debuginfo-14.17-150200.5.55.1
    * postgresql14-server-debuginfo-14.17-150200.5.55.1
    * postgresql14-14.17-150200.5.55.1
    * postgresql14-server-devel-debuginfo-14.17-150200.5.55.1
    * postgresql14-devel-14.17-150200.5.55.1
    * postgresql14-plpython-debuginfo-14.17-150200.5.55.1
    * postgresql14-pltcl-debuginfo-14.17-150200.5.55.1
    * postgresql14-contrib-14.17-150200.5.55.1
    * postgresql14-contrib-debuginfo-14.17-150200.5.55.1
    * postgresql14-debugsource-14.17-150200.5.55.1
    * postgresql14-devel-debuginfo-14.17-150200.5.55.1
  * SUSE Manager Proxy 4.3 (noarch)
    * postgresql14-docs-14.17-150200.5.55.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * postgresql14-plperl-14.17-150200.5.55.1
    * postgresql14-server-devel-14.17-150200.5.55.1
    * postgresql14-pltcl-14.17-150200.5.55.1
    * postgresql14-server-14.17-150200.5.55.1
    * postgresql14-plperl-debuginfo-14.17-150200.5.55.1
    * postgresql14-plpython-14.17-150200.5.55.1
    * postgresql14-debuginfo-14.17-150200.5.55.1
    * postgresql14-server-debuginfo-14.17-150200.5.55.1
    * postgresql14-14.17-150200.5.55.1
    * postgresql14-server-devel-debuginfo-14.17-150200.5.55.1
    * postgresql14-devel-14.17-150200.5.55.1
    * postgresql14-plpython-debuginfo-14.17-150200.5.55.1
    * postgresql14-pltcl-debuginfo-14.17-150200.5.55.1
    * postgresql14-contrib-14.17-150200.5.55.1
    * postgresql14-contrib-debuginfo-14.17-150200.5.55.1
    * postgresql14-debugsource-14.17-150200.5.55.1
    * postgresql14-devel-debuginfo-14.17-150200.5.55.1
  * SUSE Manager Retail Branch Server 4.3 (noarch)
    * postgresql14-docs-14.17-150200.5.55.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * postgresql14-plperl-14.17-150200.5.55.1
    * postgresql14-server-devel-14.17-150200.5.55.1
    * postgresql14-pltcl-14.17-150200.5.55.1
    * postgresql14-server-14.17-150200.5.55.1
    * postgresql14-plperl-debuginfo-14.17-150200.5.55.1
    * postgresql14-plpython-14.17-150200.5.55.1
    * postgresql14-debuginfo-14.17-150200.5.55.1
    * postgresql14-server-debuginfo-14.17-150200.5.55.1
    * postgresql14-14.17-150200.5.55.1
    * postgresql14-server-devel-debuginfo-14.17-150200.5.55.1
    * postgresql14-devel-14.17-150200.5.55.1
    * postgresql14-plpython-debuginfo-14.17-150200.5.55.1
    * postgresql14-pltcl-debuginfo-14.17-150200.5.55.1
    * postgresql14-contrib-14.17-150200.5.55.1
    * postgresql14-contrib-debuginfo-14.17-150200.5.55.1
    * postgresql14-debugsource-14.17-150200.5.55.1
    * postgresql14-devel-debuginfo-14.17-150200.5.55.1
  * SUSE Manager Server 4.3 (noarch)
    * postgresql14-docs-14.17-150200.5.55.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * postgresql14-plperl-14.17-150200.5.55.1
    * postgresql14-server-devel-14.17-150200.5.55.1
    * postgresql14-pltcl-14.17-150200.5.55.1
    * postgresql14-server-14.17-150200.5.55.1
    * postgresql14-plperl-debuginfo-14.17-150200.5.55.1
    * postgresql14-plpython-14.17-150200.5.55.1
    * postgresql14-debuginfo-14.17-150200.5.55.1
    * postgresql14-server-debuginfo-14.17-150200.5.55.1
    * postgresql14-14.17-150200.5.55.1
    * postgresql14-server-devel-debuginfo-14.17-150200.5.55.1
    * postgresql14-devel-14.17-150200.5.55.1
    * postgresql14-plpython-debuginfo-14.17-150200.5.55.1
    * postgresql14-pltcl-debuginfo-14.17-150200.5.55.1
    * postgresql14-contrib-14.17-150200.5.55.1
    * postgresql14-contrib-debuginfo-14.17-150200.5.55.1
    * postgresql14-debugsource-14.17-150200.5.55.1
    * postgresql14-devel-debuginfo-14.17-150200.5.55.1
  * SUSE Enterprise Storage 7.1 (noarch)
    * postgresql14-docs-14.17-150200.5.55.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-1094.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237093

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250221/65a15a3e/attachment-0001.htm>

From null at suse.de  Fri Feb 21 16:30:26 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 21 Feb 2025 16:30:26 -0000
Subject: SUSE-SU-2025:0631-1: important: Security update for postgresql14
Message-ID: <174015542604.5950.17429254376990459514@smelt2.prg2.suse.org>



# Security update for postgresql14

Announcement ID: SUSE-SU-2025:0631-1  
Release Date: 2025-02-21T14:09:14Z  
Rating: important  
References:

  * bsc#1237093

  
Cross-References:

  * CVE-2025-1094

  
CVSS scores:

  * CVE-2025-1094 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-1094 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1094 ( NVD ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * Legacy Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Package Hub 15 15-SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for postgresql14 fixes the following issues:

Upgrade to 14.17:

  * CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-
    encoded input strings (bsc#1237093).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-631=1 openSUSE-SLE-15.6-2025-631=1

  * Legacy Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2025-631=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-631=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * postgresql14-plperl-debuginfo-14.17-150600.16.14.1
    * postgresql14-devel-debuginfo-14.17-150600.16.14.1
    * postgresql14-server-debuginfo-14.17-150600.16.14.1
    * postgresql14-contrib-14.17-150600.16.14.1
    * postgresql14-14.17-150600.16.14.1
    * postgresql14-pltcl-14.17-150600.16.14.1
    * postgresql14-llvmjit-devel-14.17-150600.16.14.1
    * postgresql14-plpython-debuginfo-14.17-150600.16.14.1
    * postgresql14-server-14.17-150600.16.14.1
    * postgresql14-plpython-14.17-150600.16.14.1
    * postgresql14-contrib-debuginfo-14.17-150600.16.14.1
    * postgresql14-plperl-14.17-150600.16.14.1
    * postgresql14-devel-14.17-150600.16.14.1
    * postgresql14-server-devel-14.17-150600.16.14.1
    * postgresql14-debuginfo-14.17-150600.16.14.1
    * postgresql14-server-devel-debuginfo-14.17-150600.16.14.1
    * postgresql14-llvmjit-debuginfo-14.17-150600.16.14.1
    * postgresql14-llvmjit-14.17-150600.16.14.1
    * postgresql14-debugsource-14.17-150600.16.14.1
    * postgresql14-test-14.17-150600.16.14.1
    * postgresql14-pltcl-debuginfo-14.17-150600.16.14.1
  * openSUSE Leap 15.6 (noarch)
    * postgresql14-docs-14.17-150600.16.14.1
  * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * postgresql14-plpython-debuginfo-14.17-150600.16.14.1
    * postgresql14-plperl-debuginfo-14.17-150600.16.14.1
    * postgresql14-devel-debuginfo-14.17-150600.16.14.1
    * postgresql14-server-devel-14.17-150600.16.14.1
    * postgresql14-server-14.17-150600.16.14.1
    * postgresql14-server-debuginfo-14.17-150600.16.14.1
    * postgresql14-debuginfo-14.17-150600.16.14.1
    * postgresql14-debugsource-14.17-150600.16.14.1
    * postgresql14-server-devel-debuginfo-14.17-150600.16.14.1
    * postgresql14-contrib-14.17-150600.16.14.1
    * postgresql14-plpython-14.17-150600.16.14.1
    * postgresql14-14.17-150600.16.14.1
    * postgresql14-pltcl-14.17-150600.16.14.1
    * postgresql14-pltcl-debuginfo-14.17-150600.16.14.1
    * postgresql14-contrib-debuginfo-14.17-150600.16.14.1
    * postgresql14-plperl-14.17-150600.16.14.1
    * postgresql14-devel-14.17-150600.16.14.1
  * Legacy Module 15-SP6 (noarch)
    * postgresql14-docs-14.17-150600.16.14.1
  * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64)
    * postgresql14-llvmjit-14.17-150600.16.14.1
    * postgresql14-debuginfo-14.17-150600.16.14.1
    * postgresql14-debugsource-14.17-150600.16.14.1
    * postgresql14-test-14.17-150600.16.14.1
    * postgresql14-llvmjit-debuginfo-14.17-150600.16.14.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-1094.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237093

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250221/3918de38/attachment.htm>

From null at suse.de  Fri Feb 21 16:30:45 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 21 Feb 2025 16:30:45 -0000
Subject: SUSE-SU-2025:0629-1: important: Security update for grub2
Message-ID: <174015544517.5950.15409172131196980408@smelt2.prg2.suse.org>



# Security update for grub2

Announcement ID: SUSE-SU-2025:0629-1  
Release Date: 2025-02-21T12:55:16Z  
Rating: important  
References:

  * bsc#1233606
  * bsc#1233608
  * bsc#1233609
  * bsc#1233610
  * bsc#1233612
  * bsc#1233613
  * bsc#1233614
  * bsc#1233615
  * bsc#1233616
  * bsc#1233617
  * bsc#1234958
  * bsc#1236316
  * bsc#1236317
  * bsc#1237002
  * bsc#1237006
  * bsc#1237008
  * bsc#1237009
  * bsc#1237010
  * bsc#1237011
  * bsc#1237012
  * bsc#1237013
  * bsc#1237014

  
Cross-References:

  * CVE-2024-45774
  * CVE-2024-45775
  * CVE-2024-45776
  * CVE-2024-45777
  * CVE-2024-45778
  * CVE-2024-45779
  * CVE-2024-45780
  * CVE-2024-45781
  * CVE-2024-45782
  * CVE-2024-45783
  * CVE-2024-56737
  * CVE-2025-0622
  * CVE-2025-0624
  * CVE-2025-0677
  * CVE-2025-0678
  * CVE-2025-0684
  * CVE-2025-0685
  * CVE-2025-0686
  * CVE-2025-0689
  * CVE-2025-0690
  * CVE-2025-1118
  * CVE-2025-1125

  
CVSS scores:

  * CVE-2024-45774 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45774 ( NVD ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45775 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45775 ( NVD ):  5.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H
  * CVE-2024-45776 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45776 ( NVD ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45777 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45777 ( NVD ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45778 ( SUSE ):  3.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L
  * CVE-2024-45779 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45780 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45781 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45781 ( NVD ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45782 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45783 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45783 ( NVD ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56737 ( SUSE ):  8.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56737 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-56737 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-0622 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0622 ( NVD ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0624 ( SUSE ):  7.6 CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
  * CVE-2025-0624 ( NVD ):  7.6 CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
  * CVE-2025-0677 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0677 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0677 ( NVD ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0678 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0678 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0684 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0685 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0685 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0686 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0686 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0689 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0689 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0690 ( SUSE ):  7.3
    CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0690 ( SUSE ):  6.1 CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1118 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-1118 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
  * CVE-2025-1118 ( NVD ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
  * CVE-2025-1125 ( SUSE ):  8.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-1125 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves 22 vulnerabilities can now be installed.

## Description:

This update for grub2 fixes the following issues:

  * CVE-2024-45781: Fixed strcpy overflow in ufs. (bsc#1233617)
  * CVE-2024-56737: Fixed a heap-based buffer overflow in hfs. (bsc#1234958)
  * CVE-2024-45782: Fixed strcpy overflow in hfs. (bsc#1233615)
  * CVE-2024-45780: Fixed an overflow in tar/cpio. (bsc#1233614)
  * CVE-2024-45783: Fixed a refcount overflow in hfsplus. (bsc#1233616)
  * CVE-2024-45774: Fixed a heap overflow in JPEG parser. (bsc#1233609)
  * CVE-2024-45775: Fixed a missing NULL check in extcmd parser. (bsc#1233610)
  * CVE-2024-45776: Fixed an overflow in .MO file handling. (bsc#1233612)
  * CVE-2024-45777: Fixed an integer overflow in gettext. (bsc#1233613)
  * CVE-2024-45778: Fixed bfs filesystem by removing it from lockdown capable
    modules. (bsc#1233606)
  * CVE-2024-45779: Fixed a heap overflow in bfs. (bsc#1233608)
  * CVE-2025-0624: Fixed an out-of-bounds write during the network boot process.
    (bsc#1236316)
  * CVE-2025-0622: Fixed a use-after-free when handling hooks during module
    unload in command/gpg . (bsc#1236317)
  * CVE-2025-0690: Fixed an integer overflow that may lead to an out-of-bounds
    write through the read command. (bsc#1237012)
  * CVE-2025-1118: Fixed an issue where the dump command was not being blocked
    when grub was in lockdown mode. (bsc#1237013)
  * CVE-2025-0677: Fixed an integer overflow that may lead to an out-of-bounds
    write when handling symlinks in ufs. (bsc#1237002)
  * CVE-2025-0684: Fixed an integer overflow that may lead to an out-of-bounds
    write when handling symlinks in reiserfs. (bsc#1237008)
  * CVE-2025-0685: Fixed an integer overflow that may lead to an out-of-bounds
    write when handling symlinks in jfs. (bsc#1237009)
  * CVE-2025-0686: Fixed an integer overflow that may lead to an out-of-bounds
    write when handling symlinks in romfs. (bsc#1237010)
  * CVE-2025-0689: Fixed a heap-based buffer overflow in udf that may lead to
    arbitrary code execution. (bsc#1237011)
  * CVE-2025-1125: Fixed an integer overflow that may lead to an out-of-bounds
    write in hfs. (bsc#1237014)
  * CVE-2025-0678: Fixed an integer overflow that may lead to an out-of-bounds
    write in squash4. (bsc#1237006)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-629=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-629=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * grub2-debuginfo-2.02-181.2
    * grub2-2.02-181.2
  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64)
    * grub2-arm64-efi-2.02-181.2
  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 s390x x86_64)
    * grub2-debugsource-2.02-181.2
  * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch)
    * grub2-systemd-sleep-plugin-2.02-181.2
    * grub2-x86_64-xen-2.02-181.2
    * grub2-snapper-plugin-2.02-181.2
  * SUSE Linux Enterprise Server 12 SP5 LTSS (ppc64le)
    * grub2-powerpc-ieee1275-2.02-181.2
  * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x)
    * grub2-s390x-emu-2.02-181.2
  * SUSE Linux Enterprise Server 12 SP5 LTSS (x86_64)
    * grub2-x86_64-efi-2.02-181.2
    * grub2-i386-pc-2.02-181.2
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * grub2-2.02-181.2
    * grub2-debugsource-2.02-181.2
    * grub2-debuginfo-2.02-181.2
    * grub2-x86_64-efi-2.02-181.2
    * grub2-i386-pc-2.02-181.2
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch)
    * grub2-systemd-sleep-plugin-2.02-181.2
    * grub2-x86_64-xen-2.02-181.2
    * grub2-snapper-plugin-2.02-181.2

## References:

  * https://www.suse.com/security/cve/CVE-2024-45774.html
  * https://www.suse.com/security/cve/CVE-2024-45775.html
  * https://www.suse.com/security/cve/CVE-2024-45776.html
  * https://www.suse.com/security/cve/CVE-2024-45777.html
  * https://www.suse.com/security/cve/CVE-2024-45778.html
  * https://www.suse.com/security/cve/CVE-2024-45779.html
  * https://www.suse.com/security/cve/CVE-2024-45780.html
  * https://www.suse.com/security/cve/CVE-2024-45781.html
  * https://www.suse.com/security/cve/CVE-2024-45782.html
  * https://www.suse.com/security/cve/CVE-2024-45783.html
  * https://www.suse.com/security/cve/CVE-2024-56737.html
  * https://www.suse.com/security/cve/CVE-2025-0622.html
  * https://www.suse.com/security/cve/CVE-2025-0624.html
  * https://www.suse.com/security/cve/CVE-2025-0677.html
  * https://www.suse.com/security/cve/CVE-2025-0678.html
  * https://www.suse.com/security/cve/CVE-2025-0684.html
  * https://www.suse.com/security/cve/CVE-2025-0685.html
  * https://www.suse.com/security/cve/CVE-2025-0686.html
  * https://www.suse.com/security/cve/CVE-2025-0689.html
  * https://www.suse.com/security/cve/CVE-2025-0690.html
  * https://www.suse.com/security/cve/CVE-2025-1118.html
  * https://www.suse.com/security/cve/CVE-2025-1125.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1233606
  * https://bugzilla.suse.com/show_bug.cgi?id=1233608
  * https://bugzilla.suse.com/show_bug.cgi?id=1233609
  * https://bugzilla.suse.com/show_bug.cgi?id=1233610
  * https://bugzilla.suse.com/show_bug.cgi?id=1233612
  * https://bugzilla.suse.com/show_bug.cgi?id=1233613
  * https://bugzilla.suse.com/show_bug.cgi?id=1233614
  * https://bugzilla.suse.com/show_bug.cgi?id=1233615
  * https://bugzilla.suse.com/show_bug.cgi?id=1233616
  * https://bugzilla.suse.com/show_bug.cgi?id=1233617
  * https://bugzilla.suse.com/show_bug.cgi?id=1234958
  * https://bugzilla.suse.com/show_bug.cgi?id=1236316
  * https://bugzilla.suse.com/show_bug.cgi?id=1236317
  * https://bugzilla.suse.com/show_bug.cgi?id=1237002
  * https://bugzilla.suse.com/show_bug.cgi?id=1237006
  * https://bugzilla.suse.com/show_bug.cgi?id=1237008
  * https://bugzilla.suse.com/show_bug.cgi?id=1237009
  * https://bugzilla.suse.com/show_bug.cgi?id=1237010
  * https://bugzilla.suse.com/show_bug.cgi?id=1237011
  * https://bugzilla.suse.com/show_bug.cgi?id=1237012
  * https://bugzilla.suse.com/show_bug.cgi?id=1237013
  * https://bugzilla.suse.com/show_bug.cgi?id=1237014

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250221/a305675c/attachment.htm>

From null at suse.de  Fri Feb 21 20:30:04 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 21 Feb 2025 20:30:04 -0000
Subject: SUSE-SU-2025:0639-1: important: Security update for webkit2gtk3
Message-ID: <174016980481.8692.13646269710676345840@smelt2.prg2.suse.org>



# Security update for webkit2gtk3

Announcement ID: SUSE-SU-2025:0639-1  
Release Date: 2025-02-21T18:56:56Z  
Rating: important  
References:

  * bsc#1236946

  
Cross-References:

  * CVE-2024-27856
  * CVE-2024-54543
  * CVE-2024-54658
  * CVE-2025-24143
  * CVE-2025-24150
  * CVE-2025-24158
  * CVE-2025-24162

  
CVSS scores:

  * CVE-2024-27856 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-27856 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-27856 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-54543 ( SUSE ):  7.2
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-54543 ( SUSE ):  8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
  * CVE-2024-54543 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-54543 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-54658 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-54658 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2024-54658 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2025-24143 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-24143 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
  * CVE-2025-24143 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
  * CVE-2025-24143 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
  * CVE-2025-24150 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-24150 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-24150 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-24150 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-24158 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-24158 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2025-24158 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2025-24162 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-24162 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2025-24162 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves seven vulnerabilities can now be installed.

## Description:

This update for webkit2gtk3 fixes the following issues:

Update to version 2.46.6 (bsc#1236946):

  * CVE-2025-24143: A maliciously crafted webpage may be able to fingerprint the
    user.
  * CVE-2025-24150: Copying a URL from Web Inspector may lead to command
    injection.
  * CVE-2025-24158: Processing web content may lead to a denial-of-service.
  * CVE-2025-24162: Processing maliciously crafted web content may lead to an
    unexpected process crash.

Already fixed in previous releases:

  * CVE-2024-54543: Processing maliciously crafted web content may lead to
    memory corruption.
  * CVE-2024-27856: Processing a file may lead to unexpected app termination or
    arbitrary code execution.
  * CVE-2024-54658: Processing web content may lead to a denial-of-service.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-639=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-639=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-4.28.1
    * webkit2gtk-4_0-injected-bundles-2.46.6-4.28.1
    * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-4.28.1
    * libjavascriptcoregtk-4_0-18-2.46.6-4.28.1
    * typelib-1_0-JavaScriptCore-4_0-2.46.6-4.28.1
    * webkit2gtk3-devel-2.46.6-4.28.1
    * libwebkit2gtk-4_0-37-2.46.6-4.28.1
    * libwebkit2gtk-4_0-37-debuginfo-2.46.6-4.28.1
    * webkit2gtk3-debugsource-2.46.6-4.28.1
    * typelib-1_0-WebKit2-4_0-2.46.6-4.28.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch)
    * libwebkit2gtk3-lang-2.46.6-4.28.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (ppc64le s390x x86_64)
    * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-4.28.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-4.28.1
    * webkit2gtk-4_0-injected-bundles-2.46.6-4.28.1
    * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-4.28.1
    * libjavascriptcoregtk-4_0-18-2.46.6-4.28.1
    * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-4.28.1
    * typelib-1_0-JavaScriptCore-4_0-2.46.6-4.28.1
    * webkit2gtk3-devel-2.46.6-4.28.1
    * libwebkit2gtk-4_0-37-2.46.6-4.28.1
    * libwebkit2gtk-4_0-37-debuginfo-2.46.6-4.28.1
    * webkit2gtk3-debugsource-2.46.6-4.28.1
    * typelib-1_0-WebKit2-4_0-2.46.6-4.28.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch)
    * libwebkit2gtk3-lang-2.46.6-4.28.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-27856.html
  * https://www.suse.com/security/cve/CVE-2024-54543.html
  * https://www.suse.com/security/cve/CVE-2024-54658.html
  * https://www.suse.com/security/cve/CVE-2025-24143.html
  * https://www.suse.com/security/cve/CVE-2025-24150.html
  * https://www.suse.com/security/cve/CVE-2025-24158.html
  * https://www.suse.com/security/cve/CVE-2025-24162.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236946

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250221/f9b9b491/attachment.htm>

From null at suse.de  Mon Feb 24 08:30:12 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 24 Feb 2025 08:30:12 -0000
Subject: SUSE-SU-2025:0656-1: important: Security update for the Linux Kernel
 (Live Patch 15 for SLE 15 SP5)
Message-ID: <174038581246.8028.7973465075306419202@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP5)

Announcement ID: SUSE-SU-2025:0656-1  
Release Date: 2025-02-22T20:04:03Z  
Rating: important  
References:

  * bsc#1227371
  * bsc#1228585
  * bsc#1236783

  
Cross-References:

  * CVE-2024-36974
  * CVE-2024-40956
  * CVE-2024-53104

  
CVSS scores:

  * CVE-2024-36974 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-40956 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-40956 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.5
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise Live Patching 15-SP5
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP5
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5

  
  
An update that solves three vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 5.14.21-150500_55_68 fixes several issues.

The following security issues were fixed:

  * CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in
    irq_process_work_list (bsc#1228585).
  * CVE-2024-36974: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP
    (bsc#1227371).
  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-656=1 SUSE-2025-654=1

  * SUSE Linux Enterprise Live Patching 15-SP5  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-656=1 SUSE-SLE-
Module-Live-Patching-15-SP5-2025-654=1

## Package List:

  * openSUSE Leap 15.5 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP5_Update_14-debugsource-11-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_68-default-debuginfo-10-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_65-default-debuginfo-11-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_65-default-11-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_15-debugsource-10-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_68-default-10-150500.2.1
  * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP5_Update_14-debugsource-11-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_68-default-debuginfo-10-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_65-default-debuginfo-11-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_65-default-11-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_15-debugsource-10-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_68-default-10-150500.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-36974.html
  * https://www.suse.com/security/cve/CVE-2024-40956.html
  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1227371
  * https://bugzilla.suse.com/show_bug.cgi?id=1228585
  * https://bugzilla.suse.com/show_bug.cgi?id=1236783

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250224/ec7c645f/attachment.htm>

From null at suse.de  Mon Feb 24 08:30:19 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 24 Feb 2025 08:30:19 -0000
Subject: SUSE-SU-2025:0652-1: important: Security update for the Linux Kernel
 (Live Patch 12 for SLE 15 SP5)
Message-ID: <174038581916.8028.14662565020883808973@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP5)

Announcement ID: SUSE-SU-2025:0652-1  
Release Date: 2025-02-22T21:33:30Z  
Rating: important  
References:

  * bsc#1227320
  * bsc#1227371
  * bsc#1228585
  * bsc#1236783

  
Cross-References:

  * CVE-2024-35789
  * CVE-2024-36974
  * CVE-2024-40956
  * CVE-2024-53104

  
CVSS scores:

  * CVE-2024-35789 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-36974 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-40956 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-40956 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.3
  * openSUSE Leap 15.5
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise Live Patching 15-SP3
  * SUSE Linux Enterprise Live Patching 15-SP5
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP5
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5

  
  
An update that solves four vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 5.14.21-150500_55_59 fixes several issues.

The following security issues were fixed:

  * CVE-2024-35789: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN
    changes (bsc#1227320).
  * CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in
    irq_process_work_list (bsc#1228585).
  * CVE-2024-36974: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP
    (bsc#1227371).
  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-652=1

  * SUSE Linux Enterprise Live Patching 15-SP3  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-652=1

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-657=1

  * SUSE Linux Enterprise Live Patching 15-SP5  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-657=1

## Package List:

  * openSUSE Leap 15.3 (ppc64le s390x x86_64)
    * kernel-livepatch-5_3_18-150300_59_150-default-17-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_150-default-debuginfo-17-150300.2.1
    * kernel-livepatch-SLE15-SP3_Update_41-debugsource-17-150300.2.1
  * openSUSE Leap 15.3 (x86_64)
    * kernel-livepatch-5_3_18-150300_59_150-preempt-17-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_150-preempt-debuginfo-17-150300.2.1
  * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64)
    * kernel-livepatch-5_3_18-150300_59_150-default-17-150300.2.1
  * openSUSE Leap 15.5 (ppc64le s390x x86_64)
    * kernel-livepatch-5_14_21-150500_55_59-default-13-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_12-debugsource-13-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_59-default-debuginfo-13-150500.2.1
  * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64)
    * kernel-livepatch-5_14_21-150500_55_59-default-13-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_12-debugsource-13-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_59-default-debuginfo-13-150500.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-35789.html
  * https://www.suse.com/security/cve/CVE-2024-36974.html
  * https://www.suse.com/security/cve/CVE-2024-40956.html
  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1227320
  * https://bugzilla.suse.com/show_bug.cgi?id=1227371
  * https://bugzilla.suse.com/show_bug.cgi?id=1228585
  * https://bugzilla.suse.com/show_bug.cgi?id=1236783

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250224/1d74df41/attachment.htm>

From null at suse.de  Mon Feb 24 08:30:25 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 24 Feb 2025 08:30:25 -0000
Subject: SUSE-SU-2025:0645-1: important: Security update for the Linux Kernel
 (Live Patch 56 for SLE 12 SP5)
Message-ID: <174038582561.8028.11585017816339900564@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 56 for SLE 12 SP5)

Announcement ID: SUSE-SU-2025:0645-1  
Release Date: 2025-02-22T05:33:42Z  
Rating: important  
References:

  * bsc#1227320
  * bsc#1227700
  * bsc#1236783

  
Cross-References:

  * CVE-2021-47511
  * CVE-2024-35789
  * CVE-2024-53104

  
CVSS scores:

  * CVE-2021-47511 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2021-47511 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-35789 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Live Patching 12-SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves three vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 4.12.14-122_216 fixes several issues.

The following security issues were fixed:

  * CVE-2024-35789: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN
    changes (bsc#1227320).
  * CVE-2021-47511: ALSA: pcm: oss: fix negative period/buffer sizes
    (bsc#1227700).
  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Live Patching 12-SP5  
    zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-645=1 SUSE-SLE-Live-
Patching-12-SP5-2025-651=1

## Package List:

  * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64)
    * kgraft-patch-4_12_14-122_201-default-13-2.1
    * kgraft-patch-4_12_14-122_216-default-11-2.1

## References:

  * https://www.suse.com/security/cve/CVE-2021-47511.html
  * https://www.suse.com/security/cve/CVE-2024-35789.html
  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1227320
  * https://bugzilla.suse.com/show_bug.cgi?id=1227700
  * https://bugzilla.suse.com/show_bug.cgi?id=1236783

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250224/c767575e/attachment.htm>

From null at suse.de  Mon Feb 24 08:30:30 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 24 Feb 2025 08:30:30 -0000
Subject: SUSE-SU-2025:0643-1: important: Security update for the Linux Kernel
 RT (Live Patch 0 for SLE 15 SP6)
Message-ID: <174038583085.8028.2522181492011719294@smelt2.prg2.suse.org>



# Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6)

Announcement ID: SUSE-SU-2025:0643-1  
Release Date: 2025-02-21T21:35:01Z  
Rating: important  
References:

  * bsc#1227320
  * bsc#1228585
  * bsc#1236783

  
Cross-References:

  * CVE-2024-35789
  * CVE-2024-40956
  * CVE-2024-53104

  
CVSS scores:

  * CVE-2024-35789 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-40956 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-40956 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Linux Enterprise Live Patching 15-SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves three vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 6.4.0-150600_8 fixes several issues.

The following security issues were fixed:

  * CVE-2024-35789: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN
    changes (bsc#1227320).
  * CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in
    irq_process_work_list (bsc#1228585).
  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Live Patching 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-643=1

## Package List:

  * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64)
    * kernel-livepatch-SLE15-SP6-RT_Update_0-debugsource-10-150600.3.1
    * kernel-livepatch-6_4_0-150600_8-rt-debuginfo-10-150600.3.1
    * kernel-livepatch-6_4_0-150600_8-rt-10-150600.3.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-35789.html
  * https://www.suse.com/security/cve/CVE-2024-40956.html
  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1227320
  * https://bugzilla.suse.com/show_bug.cgi?id=1228585
  * https://bugzilla.suse.com/show_bug.cgi?id=1236783

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250224/2e2da2e3/attachment.htm>

From null at suse.de  Mon Feb 24 08:30:33 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 24 Feb 2025 08:30:33 -0000
Subject: SUSE-SU-2025:0650-1: important: Security update for the Linux Kernel
 RT (Live Patch 5 for SLE 15 SP6)
Message-ID: <174038583353.8028.9161757301849758631@smelt2.prg2.suse.org>



# Security update for the Linux Kernel RT (Live Patch 5 for SLE 15 SP6)

Announcement ID: SUSE-SU-2025:0650-1  
Release Date: 2025-02-22T22:03:56Z  
Rating: important  
References:

  * bsc#1236783

  
Cross-References:

  * CVE-2024-53104

  
CVSS scores:

  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.3
  * openSUSE Leap 15.5
  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise Live Patching 12-SP5
  * SUSE Linux Enterprise Live Patching 15-SP3
  * SUSE Linux Enterprise Live Patching 15-SP5
  * SUSE Linux Enterprise Live Patching 15-SP6
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for the Linux Kernel 6.4.0-150600_10_17 fixes one issue.

The following security issue was fixed:

  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Live Patching 12-SP5  
    zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-650=1 SUSE-SLE-Live-
Patching-12-SP5-2025-649=1 SUSE-SLE-Live-Patching-12-SP5-2025-646=1 SUSE-SLE-
Live-Patching-12-SP5-2025-647=1 SUSE-SLE-Live-Patching-12-SP5-2025-648=1

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-653=1

  * SUSE Linux Enterprise Live Patching 15-SP3  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-653=1

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-658=1

  * SUSE Linux Enterprise Live Patching 15-SP5  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-658=1

  * SUSE Linux Enterprise Live Patching 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-640=1 SUSE-SLE-
Module-Live-Patching-15-SP6-2025-641=1 SUSE-SLE-Module-Live-
Patching-15-SP6-2025-642=1 SUSE-SLE-Module-Live-Patching-15-SP6-2025-644=1

## Package List:

  * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64)
    * kgraft-patch-4_12_14-122_219-default-8-2.1
    * kgraft-patch-4_12_14-122_222-default-6-2.1
    * kgraft-patch-4_12_14-122_231-default-4-2.1
    * kgraft-patch-4_12_14-122_225-default-5-2.1
    * kgraft-patch-4_12_14-122_228-default-4-2.1
  * openSUSE Leap 15.3 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP3_Update_49-debugsource-4-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_179-default-debuginfo-4-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_179-default-4-150300.2.1
  * openSUSE Leap 15.3 (x86_64)
    * kernel-livepatch-5_3_18-150300_59_179-preempt-debuginfo-4-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_179-preempt-4-150300.2.1
  * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP3_Update_49-debugsource-4-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_179-default-debuginfo-4-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_179-default-4-150300.2.1
  * openSUSE Leap 15.5 (ppc64le s390x x86_64)
    * kernel-livepatch-5_14_21-150500_55_73-default-debuginfo-5-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_73-default-5-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_17-debugsource-5-150500.2.1
  * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64)
    * kernel-livepatch-5_14_21-150500_55_73-default-debuginfo-5-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_73-default-5-150500.2.1
  * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le x86_64)
    * kernel-livepatch-SLE15-SP5_Update_17-debugsource-5-150500.2.1
  * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64)
    * kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource-9-150600.2.1
    * kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo-9-150600.2.1
    * kernel-livepatch-6_4_0-150600_10_17-rt-3-150600.2.1
    * kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource-5-150600.2.1
    * kernel-livepatch-6_4_0-150600_10_5-rt-9-150600.2.1
    * kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo-4-150600.2.1
    * kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource-3-150600.2.1
    * kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo-3-150600.2.1
    * kernel-livepatch-6_4_0-150600_10_14-rt-4-150600.2.1
    * kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo-5-150600.2.1
    * kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource-4-150600.2.1
    * kernel-livepatch-6_4_0-150600_10_8-rt-5-150600.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236783

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250224/4e01bd9e/attachment.htm>

From null at suse.de  Mon Feb 24 08:30:49 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 24 Feb 2025 08:30:49 -0000
Subject: SUSE-SU-2025:0659-1: moderate: Security update for openssh
Message-ID: <174038584931.8028.7966944772709546309@smelt2.prg2.suse.org>



# Security update for openssh

Announcement ID: SUSE-SU-2025:0659-1  
Release Date: 2025-02-23T12:03:56Z  
Rating: moderate  
References:

  * bsc#1220110
  * bsc#1225637
  * bsc#1237040

  
Cross-References:

  * CVE-2025-26465

  
CVSS scores:

  * CVE-2025-26465 ( SUSE ):  6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
  * CVE-2025-26465 ( NVD ):  6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability and has two security fixes can now be
installed.

## Description:

This update for openssh fixes the following issues:

  * CVE-2025-26465: Fixed a MitM attack against OpenSSH's VerifyHostKeyDNS-
    enabled client (bsc#1237040).

  * Add a s390 specific ioctl for ECC hardware support (bsc#1225637):

  * for migration to openssh 8.4: write active/enabled switch over files only if
    not yet present (bsc#1220110)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-659=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-659=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * openssh-fips-7.2p2-81.26.1
    * openssh-7.2p2-81.26.1
    * openssh-askpass-gnome-debuginfo-7.2p2-81.26.1
    * openssh-debugsource-7.2p2-81.26.1
    * openssh-debuginfo-7.2p2-81.26.1
    * openssh-helpers-debuginfo-7.2p2-81.26.1
    * openssh-helpers-7.2p2-81.26.1
    * openssh-askpass-gnome-7.2p2-81.26.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * openssh-fips-7.2p2-81.26.1
    * openssh-7.2p2-81.26.1
    * openssh-askpass-gnome-debuginfo-7.2p2-81.26.1
    * openssh-debugsource-7.2p2-81.26.1
    * openssh-debuginfo-7.2p2-81.26.1
    * openssh-helpers-debuginfo-7.2p2-81.26.1
    * openssh-helpers-7.2p2-81.26.1
    * openssh-askpass-gnome-7.2p2-81.26.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-26465.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1220110
  * https://bugzilla.suse.com/show_bug.cgi?id=1225637
  * https://bugzilla.suse.com/show_bug.cgi?id=1237040

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250224/ba8c74f7/attachment.htm>

From null at suse.de  Mon Feb 24 08:30:52 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 24 Feb 2025 08:30:52 -0000
Subject: SUSE-SU-2025:0655-1: important: Security update for postgresql17
Message-ID: <174038585203.8028.4564619758727398742@smelt2.prg2.suse.org>



# Security update for postgresql17

Announcement ID: SUSE-SU-2025:0655-1  
Release Date: 2025-02-22T19:33:32Z  
Rating: important  
References:

  * bsc#1237093

  
Cross-References:

  * CVE-2025-1094

  
CVSS scores:

  * CVE-2025-1094 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-1094 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1094 ( NVD ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for postgresql17 fixes the following issues:

Upgrade to 17.4:

  * CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-
    encoded input strings (bsc#1237093).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-655=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-655=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * libecpg6-debuginfo-17.4-3.10.1
    * libpq5-17.4-3.10.1
    * libecpg6-17.4-3.10.1
    * libpq5-debuginfo-17.4-3.10.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64)
    * libpq5-debuginfo-32bit-17.4-3.10.1
    * libecpg6-32bit-17.4-3.10.1
    * libecpg6-debuginfo-32bit-17.4-3.10.1
    * libpq5-32bit-17.4-3.10.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * libecpg6-debuginfo-32bit-17.4-3.10.1
    * libpq5-debuginfo-17.4-3.10.1
    * libpq5-debuginfo-32bit-17.4-3.10.1
    * libecpg6-17.4-3.10.1
    * libpq5-32bit-17.4-3.10.1
    * libpq5-17.4-3.10.1
    * libecpg6-debuginfo-17.4-3.10.1
    * libecpg6-32bit-17.4-3.10.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-1094.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237093

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250224/19bac3ab/attachment.htm>

From null at suse.de  Mon Feb 24 12:30:06 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 24 Feb 2025 12:30:06 -0000
Subject: SUSE-SU-2025:0669-1: important: Security update for the Linux Kernel
 (Live Patch 2 for SLE 15 SP6)
Message-ID: <174040020637.17653.8640674078117014630@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP6)

Announcement ID: SUSE-SU-2025:0669-1  
Release Date: 2025-02-24T09:03:58Z  
Rating: important  
References:

  * bsc#1227371
  * bsc#1236783

  
Cross-References:

  * CVE-2024-36974
  * CVE-2024-53104

  
CVSS scores:

  * CVE-2024-36974 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Live Patching 15-SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 6.4.0-150600_23_14 fixes several issues.

The following security issues were fixed:

  * CVE-2024-36974: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP
    (bsc#1227371).
  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-669=1

  * SUSE Linux Enterprise Live Patching 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-669=1

## Package List:

  * openSUSE Leap 15.6 (ppc64le s390x x86_64)
    * kernel-livepatch-6_4_0-150600_23_14-default-debuginfo-9-150600.2.1
    * kernel-livepatch-SLE15-SP6_Update_2-debugsource-9-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_14-default-9-150600.2.1
  * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64)
    * kernel-livepatch-6_4_0-150600_23_14-default-debuginfo-9-150600.2.1
    * kernel-livepatch-SLE15-SP6_Update_2-debugsource-9-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_14-default-9-150600.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-36974.html
  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1227371
  * https://bugzilla.suse.com/show_bug.cgi?id=1236783

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250224/2642bb5e/attachment.htm>

From null at suse.de  Mon Feb 24 12:30:10 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 24 Feb 2025 12:30:10 -0000
Subject: SUSE-SU-2025:0667-1: important: Security update for the Linux Kernel
 (Live Patch 53 for SLE 12 SP5)
Message-ID: <174040021039.17653.10890978014656999204@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 53 for SLE 12 SP5)

Announcement ID: SUSE-SU-2025:0667-1  
Release Date: 2025-02-24T08:33:25Z  
Rating: important  
References:

  * bsc#1227320
  * bsc#1227700
  * bsc#1236783

  
Cross-References:

  * CVE-2021-47511
  * CVE-2024-35789
  * CVE-2024-53104

  
CVSS scores:

  * CVE-2021-47511 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2021-47511 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-35789 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Live Patching 12-SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves three vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 4.12.14-122_194 fixes several issues.

The following security issues were fixed:

  * CVE-2024-35789: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN
    changes (bsc#1227320).
  * CVE-2021-47511: ALSA: pcm: oss: fix negative period/buffer sizes
    (bsc#1227700).
  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Live Patching 12-SP5  
    zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-667=1

## Package List:

  * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64)
    * kgraft-patch-4_12_14-122_194-default-14-2.1

## References:

  * https://www.suse.com/security/cve/CVE-2021-47511.html
  * https://www.suse.com/security/cve/CVE-2024-35789.html
  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1227320
  * https://bugzilla.suse.com/show_bug.cgi?id=1227700
  * https://bugzilla.suse.com/show_bug.cgi?id=1236783

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250224/e00747f8/attachment.htm>

From null at suse.de  Mon Feb 24 12:30:16 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 24 Feb 2025 12:30:16 -0000
Subject: SUSE-SU-2025:0681-1: important: Security update for the Linux Kernel
 (Live Patch 0 for SLE 15 SP6)
Message-ID: <174040021605.17653.12975628672043418316@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP6)

Announcement ID: SUSE-SU-2025:0681-1  
Release Date: 2025-02-24T11:04:10Z  
Rating: important  
References:

  * bsc#1227320
  * bsc#1227371
  * bsc#1228585
  * bsc#1236783

  
Cross-References:

  * CVE-2024-35789
  * CVE-2024-36974
  * CVE-2024-40956
  * CVE-2024-53104

  
CVSS scores:

  * CVE-2024-35789 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-36974 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-40956 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-40956 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.3
  * openSUSE Leap 15.4
  * openSUSE Leap 15.5
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise Live Patching 15-SP3
  * SUSE Linux Enterprise Live Patching 15-SP4
  * SUSE Linux Enterprise Live Patching 15-SP5
  * SUSE Linux Enterprise Live Patching 15-SP6
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP4
  * SUSE Linux Enterprise Real Time 15 SP5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves four vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 6.4.0-150600_21 fixes several issues.

The following security issues were fixed:

  * CVE-2024-35789: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN
    changes (bsc#1227320).
  * CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in
    irq_process_work_list (bsc#1228585).
  * CVE-2024-36974: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP
    (bsc#1227371).
  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-681=1 SUSE-2025-668=1

  * SUSE Linux Enterprise Live Patching 15-SP3  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-668=1 SUSE-SLE-
Module-Live-Patching-15-SP3-2025-681=1

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-670=1 SUSE-2025-682=1

  * SUSE Linux Enterprise Live Patching 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-670=1 SUSE-SLE-
Module-Live-Patching-15-SP4-2025-682=1

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-663=1 SUSE-2025-683=1

  * SUSE Linux Enterprise Live Patching 15-SP5  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-683=1 SUSE-SLE-
Module-Live-Patching-15-SP5-2025-663=1

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-665=1

  * SUSE Linux Enterprise Live Patching 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-665=1

## Package List:

  * openSUSE Leap 15.3 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP3_Update_43-debugsource-13-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_158-default-debuginfo-13-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_153-default-debuginfo-14-150300.2.1
    * kernel-livepatch-SLE15-SP3_Update_42-debugsource-14-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_153-default-14-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_158-default-13-150300.2.1
  * openSUSE Leap 15.3 (x86_64)
    * kernel-livepatch-5_3_18-150300_59_158-preempt-13-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_153-preempt-14-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_153-preempt-debuginfo-14-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo-13-150300.2.1
  * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64)
    * kernel-livepatch-5_3_18-150300_59_158-default-13-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_153-default-14-150300.2.1
  * openSUSE Leap 15.4 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP4_Update_27-debugsource-10-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_122-default-10-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_122-default-debuginfo-10-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_24-debugsource-13-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_111-default-debuginfo-13-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_111-default-13-150400.2.1
  * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP4_Update_27-debugsource-10-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_122-default-10-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_122-default-debuginfo-10-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_24-debugsource-13-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_111-default-debuginfo-13-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_111-default-13-150400.2.1
  * openSUSE Leap 15.5 (ppc64le s390x x86_64)
    * kernel-livepatch-5_14_21-150500_55_49-default-15-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_52-default-debuginfo-13-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_11-debugsource-13-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_52-default-13-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_10-debugsource-15-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_49-default-debuginfo-15-150500.2.1
  * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64)
    * kernel-livepatch-5_14_21-150500_55_49-default-15-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_52-default-debuginfo-13-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_11-debugsource-13-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_52-default-13-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_10-debugsource-15-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_49-default-debuginfo-15-150500.2.1
  * openSUSE Leap 15.6 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP6_Update_0-debugsource-11-150600.4.25.1
    * kernel-livepatch-6_4_0-150600_21-default-debuginfo-11-150600.4.25.1
    * kernel-livepatch-6_4_0-150600_21-default-11-150600.4.25.1
  * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP6_Update_0-debugsource-11-150600.4.25.1
    * kernel-livepatch-6_4_0-150600_21-default-debuginfo-11-150600.4.25.1
    * kernel-livepatch-6_4_0-150600_21-default-11-150600.4.25.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-35789.html
  * https://www.suse.com/security/cve/CVE-2024-36974.html
  * https://www.suse.com/security/cve/CVE-2024-40956.html
  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1227320
  * https://bugzilla.suse.com/show_bug.cgi?id=1227371
  * https://bugzilla.suse.com/show_bug.cgi?id=1228585
  * https://bugzilla.suse.com/show_bug.cgi?id=1236783

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250224/e308f286/attachment.htm>

From null at suse.de  Mon Feb 24 12:30:19 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 24 Feb 2025 12:30:19 -0000
Subject: SUSE-SU-2025:0662-1: important: Security update for the Linux Kernel
 (Live Patch 4 for SLE 15 SP6)
Message-ID: <174040021962.17653.4877408952072193606@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP6)

Announcement ID: SUSE-SU-2025:0662-1  
Release Date: 2025-02-24T11:33:43Z  
Rating: important  
References:

  * bsc#1236783

  
Cross-References:

  * CVE-2024-53104

  
CVSS scores:

  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * openSUSE Leap 15.5
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise Live Patching 12-SP5
  * SUSE Linux Enterprise Live Patching 15-SP4
  * SUSE Linux Enterprise Live Patching 15-SP5
  * SUSE Linux Enterprise Live Patching 15-SP6
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP4
  * SUSE Linux Enterprise Real Time 15 SP5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for the Linux Kernel 6.4.0-150600_23_22 fixes one issue.

The following security issue was fixed:

  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Live Patching 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-684=1 SUSE-SLE-
Module-Live-Patching-15-SP6-2025-666=1 SUSE-SLE-Module-Live-
Patching-15-SP6-2025-673=1

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-666=1 SUSE-2025-673=1

  * SUSE Linux Enterprise Live Patching 12-SP5  
    zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-662=1

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-686=1 SUSE-2025-671=1 SUSE-2025-685=1

  * SUSE Linux Enterprise Live Patching 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-686=1 SUSE-SLE-
Module-Live-Patching-15-SP4-2025-671=1 SUSE-SLE-Module-Live-
Patching-15-SP4-2025-685=1

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-664=1 SUSE-2025-672=1

  * SUSE Linux Enterprise Live Patching 15-SP5  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-664=1 SUSE-SLE-
Module-Live-Patching-15-SP5-2025-672=1

## Package List:

  * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64)
    * kernel-livepatch-6_4_0-150600_10_11-rt-debuginfo-5-150600.2.1
    * kernel-livepatch-6_4_0-150600_10_11-rt-5-150600.2.1
    * kernel-livepatch-SLE15-SP6-RT_Update_3-debugsource-5-150600.2.1
  * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP6_Update_4-debugsource-5-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_17-default-9-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_17-default-debuginfo-9-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_22-default-5-150600.2.1
    * kernel-livepatch-SLE15-SP6_Update_3-debugsource-9-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_22-default-debuginfo-5-150600.2.1
  * openSUSE Leap 15.6 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP6_Update_4-debugsource-5-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_17-default-9-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_17-default-debuginfo-9-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_22-default-5-150600.2.1
    * kernel-livepatch-SLE15-SP6_Update_3-debugsource-9-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_22-default-debuginfo-5-150600.2.1
  * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64)
    * kgraft-patch-4_12_14-122_234-default-4-2.1
  * openSUSE Leap 15.4 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP4_Update_29-debugsource-5-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_141-default-debuginfo-3-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_141-default-3-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_136-default-4-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_128-default-debuginfo-5-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_128-default-5-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_32-debugsource-4-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_136-default-debuginfo-4-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_33-debugsource-3-150400.2.1
  * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP4_Update_29-debugsource-5-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_141-default-debuginfo-3-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_141-default-3-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_136-default-4-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_128-default-debuginfo-5-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_128-default-5-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_32-debugsource-4-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_136-default-debuginfo-4-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_33-debugsource-3-150400.2.1
  * openSUSE Leap 15.5 (ppc64le s390x x86_64)
    * kernel-livepatch-5_14_21-150500_55_80-default-debuginfo-4-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_80-default-4-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_83-default-debuginfo-4-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_20-debugsource-4-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_19-debugsource-4-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_83-default-4-150500.2.1
  * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64)
    * kernel-livepatch-5_14_21-150500_55_80-default-debuginfo-4-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_80-default-4-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_83-default-debuginfo-4-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_20-debugsource-4-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_19-debugsource-4-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_83-default-4-150500.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236783

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250224/a278784c/attachment.htm>

From null at suse.de  Mon Feb 24 12:30:44 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 24 Feb 2025 12:30:44 -0000
Subject: SUSE-SU-2025:0675-1: moderate: Security update for java-1_8_0-ibm
Message-ID: <174040024469.17653.12230808995553025409@smelt2.prg2.suse.org>



# Security update for java-1_8_0-ibm

Announcement ID: SUSE-SU-2025:0675-1  
Release Date: 2025-02-24T10:46:08Z  
Rating: moderate  
References:

  * bsc#1233296
  * bsc#1236278
  * bsc#1236470

  
Cross-References:

  * CVE-2024-10917
  * CVE-2025-21502

  
CVSS scores:

  * CVE-2024-10917 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-10917 ( SUSE ):  3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
  * CVE-2024-10917 ( NVD ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
  * CVE-2024-10917 ( NVD ):  3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
  * CVE-2025-21502 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-21502 ( SUSE ):  4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
  * CVE-2025-21502 ( NVD ):  4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves two vulnerabilities and has one security fix can now be
installed.

## Description:

This update for java-1_8_0-ibm fixes the following issues:

Update to Java 8.0 Service Refresh 8 Fix Pack 40 (bsc#1236470):

  * CVE-2025-21502: unauthenticated attacker can obtain unauthorized read and
    write access to data through the Hotspot component API (bsc#1236278).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-675=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-675=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (nosrc x86_64)
    * java-1_8_0-ibm-1.8.0_sr8.40-30.132.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * java-1_8_0-ibm-alsa-1.8.0_sr8.40-30.132.1
    * java-1_8_0-ibm-devel-1.8.0_sr8.40-30.132.1
    * java-1_8_0-ibm-plugin-1.8.0_sr8.40-30.132.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (nosrc ppc64le s390x x86_64)
    * java-1_8_0-ibm-1.8.0_sr8.40-30.132.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (ppc64le s390x x86_64)
    * java-1_8_0-ibm-devel-1.8.0_sr8.40-30.132.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (x86_64)
    * java-1_8_0-ibm-alsa-1.8.0_sr8.40-30.132.1
    * java-1_8_0-ibm-plugin-1.8.0_sr8.40-30.132.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-10917.html
  * https://www.suse.com/security/cve/CVE-2025-21502.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1233296
  * https://bugzilla.suse.com/show_bug.cgi?id=1236278
  * https://bugzilla.suse.com/show_bug.cgi?id=1236470

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250224/5035610a/attachment.htm>

From null at suse.de  Mon Feb 24 12:30:48 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 24 Feb 2025 12:30:48 -0000
Subject: SUSE-SU-2025:0674-1: moderate: Security update for java-1_8_0-ibm
Message-ID: <174040024816.17653.10900223489372588373@smelt2.prg2.suse.org>



# Security update for java-1_8_0-ibm

Announcement ID: SUSE-SU-2025:0674-1  
Release Date: 2025-02-24T10:45:43Z  
Rating: moderate  
References:

  * bsc#1233296
  * bsc#1236278
  * bsc#1236470

  
Cross-References:

  * CVE-2024-10917
  * CVE-2025-21502

  
CVSS scores:

  * CVE-2024-10917 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-10917 ( SUSE ):  3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
  * CVE-2024-10917 ( NVD ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
  * CVE-2024-10917 ( NVD ):  3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
  * CVE-2025-21502 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-21502 ( SUSE ):  4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
  * CVE-2025-21502 ( NVD ):  4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

  
Affected Products:

  * Legacy Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves two vulnerabilities and has one security fix can now be
installed.

## Description:

This update for java-1_8_0-ibm fixes the following issues:

Update to Java 8.0 Service Refresh 8 Fix Pack 40 (bsc#1236470):

  * CVE-2025-21502: unauthenticated attacker can obtain unauthorized read and
    write access to data through the Hotspot component API (bsc#1236278).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-674=1

  * Legacy Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2025-674=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-674=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-674=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-674=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-674=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-674=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-674=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-674=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-674=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-674=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-674=1

## Package List:

  * openSUSE Leap 15.6 (nosrc ppc64le s390x x86_64)
    * java-1_8_0-ibm-1.8.0_sr8.40-150000.3.98.1
  * openSUSE Leap 15.6 (x86_64)
    * java-1_8_0-ibm-devel-32bit-1.8.0_sr8.40-150000.3.98.1
    * java-1_8_0-ibm-plugin-1.8.0_sr8.40-150000.3.98.1
    * java-1_8_0-ibm-32bit-1.8.0_sr8.40-150000.3.98.1
    * java-1_8_0-ibm-alsa-1.8.0_sr8.40-150000.3.98.1
  * openSUSE Leap 15.6 (ppc64le s390x x86_64)
    * java-1_8_0-ibm-src-1.8.0_sr8.40-150000.3.98.1
    * java-1_8_0-ibm-demo-1.8.0_sr8.40-150000.3.98.1
    * java-1_8_0-ibm-devel-1.8.0_sr8.40-150000.3.98.1
  * Legacy Module 15-SP6 (nosrc ppc64le s390x x86_64)
    * java-1_8_0-ibm-1.8.0_sr8.40-150000.3.98.1
  * Legacy Module 15-SP6 (ppc64le s390x x86_64)
    * java-1_8_0-ibm-devel-1.8.0_sr8.40-150000.3.98.1
  * Legacy Module 15-SP6 (x86_64)
    * java-1_8_0-ibm-plugin-1.8.0_sr8.40-150000.3.98.1
    * java-1_8_0-ibm-alsa-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (nosrc x86_64)
    * java-1_8_0-ibm-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64)
    * java-1_8_0-ibm-plugin-1.8.0_sr8.40-150000.3.98.1
    * java-1_8_0-ibm-alsa-1.8.0_sr8.40-150000.3.98.1
    * java-1_8_0-ibm-devel-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (nosrc x86_64)
    * java-1_8_0-ibm-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
    * java-1_8_0-ibm-plugin-1.8.0_sr8.40-150000.3.98.1
    * java-1_8_0-ibm-alsa-1.8.0_sr8.40-150000.3.98.1
    * java-1_8_0-ibm-devel-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (nosrc x86_64)
    * java-1_8_0-ibm-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
    * java-1_8_0-ibm-plugin-1.8.0_sr8.40-150000.3.98.1
    * java-1_8_0-ibm-alsa-1.8.0_sr8.40-150000.3.98.1
    * java-1_8_0-ibm-devel-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (nosrc ppc64le s390x x86_64)
    * java-1_8_0-ibm-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (ppc64le s390x x86_64)
    * java-1_8_0-ibm-devel-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (x86_64)
    * java-1_8_0-ibm-plugin-1.8.0_sr8.40-150000.3.98.1
    * java-1_8_0-ibm-alsa-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (nosrc ppc64le s390x x86_64)
    * java-1_8_0-ibm-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (ppc64le s390x x86_64)
    * java-1_8_0-ibm-devel-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64)
    * java-1_8_0-ibm-plugin-1.8.0_sr8.40-150000.3.98.1
    * java-1_8_0-ibm-alsa-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (nosrc ppc64le s390x x86_64)
    * java-1_8_0-ibm-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (ppc64le s390x x86_64)
    * java-1_8_0-ibm-devel-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64)
    * java-1_8_0-ibm-plugin-1.8.0_sr8.40-150000.3.98.1
    * java-1_8_0-ibm-alsa-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc ppc64le
    x86_64)
    * java-1_8_0-ibm-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * java-1_8_0-ibm-devel-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64)
    * java-1_8_0-ibm-plugin-1.8.0_sr8.40-150000.3.98.1
    * java-1_8_0-ibm-alsa-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (nosrc ppc64le
    x86_64)
    * java-1_8_0-ibm-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * java-1_8_0-ibm-devel-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
    * java-1_8_0-ibm-plugin-1.8.0_sr8.40-150000.3.98.1
    * java-1_8_0-ibm-alsa-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (nosrc ppc64le
    x86_64)
    * java-1_8_0-ibm-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * java-1_8_0-ibm-devel-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64)
    * java-1_8_0-ibm-plugin-1.8.0_sr8.40-150000.3.98.1
    * java-1_8_0-ibm-alsa-1.8.0_sr8.40-150000.3.98.1
  * SUSE Enterprise Storage 7.1 (nosrc x86_64)
    * java-1_8_0-ibm-1.8.0_sr8.40-150000.3.98.1
  * SUSE Enterprise Storage 7.1 (x86_64)
    * java-1_8_0-ibm-plugin-1.8.0_sr8.40-150000.3.98.1
    * java-1_8_0-ibm-alsa-1.8.0_sr8.40-150000.3.98.1
    * java-1_8_0-ibm-devel-1.8.0_sr8.40-150000.3.98.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-10917.html
  * https://www.suse.com/security/cve/CVE-2025-21502.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1233296
  * https://bugzilla.suse.com/show_bug.cgi?id=1236278
  * https://bugzilla.suse.com/show_bug.cgi?id=1236470

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250224/f0baa942/attachment.htm>

From null at suse.de  Mon Feb 24 16:30:08 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 24 Feb 2025 16:30:08 -0000
Subject: SUSE-SU-2025:0687-1: important: Security update for the Linux Kernel
 (Live Patch 1 for SLE 15 SP6)
Message-ID: <174041460856.32650.8468266164221483694@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP6)

Announcement ID: SUSE-SU-2025:0687-1  
Release Date: 2025-02-24T15:33:20Z  
Rating: important  
References:

  * bsc#1227371
  * bsc#1228585
  * bsc#1236783

  
Cross-References:

  * CVE-2024-36974
  * CVE-2024-40956
  * CVE-2024-53104

  
CVSS scores:

  * CVE-2024-36974 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-40956 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-40956 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise Live Patching 15-SP4
  * SUSE Linux Enterprise Live Patching 15-SP6
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Real Time 15 SP4
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves three vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 6.4.0-150600_23_7 fixes several issues.

The following security issues were fixed:

  * CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in
    irq_process_work_list (bsc#1228585).
  * CVE-2024-36974: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP
    (bsc#1227371).
  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-697=1

  * SUSE Linux Enterprise Live Patching 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-697=1

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-687=1

  * SUSE Linux Enterprise Live Patching 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-687=1

## Package List:

  * openSUSE Leap 15.6 (ppc64le s390x x86_64)
    * kernel-livepatch-6_4_0-150600_23_7-default-debuginfo-9-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_7-default-9-150600.2.1
    * kernel-livepatch-SLE15-SP6_Update_1-debugsource-9-150600.2.1
  * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64)
    * kernel-livepatch-6_4_0-150600_23_7-default-debuginfo-9-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_7-default-9-150600.2.1
    * kernel-livepatch-SLE15-SP6_Update_1-debugsource-9-150600.2.1
  * openSUSE Leap 15.4 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP4_Update_28-debugsource-7-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_125-default-debuginfo-7-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_125-default-7-150400.2.1
  * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP4_Update_28-debugsource-7-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_125-default-debuginfo-7-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_125-default-7-150400.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-36974.html
  * https://www.suse.com/security/cve/CVE-2024-40956.html
  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1227371
  * https://bugzilla.suse.com/show_bug.cgi?id=1228585
  * https://bugzilla.suse.com/show_bug.cgi?id=1236783

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250224/6e51b1f5/attachment.htm>

From null at suse.de  Mon Feb 24 16:30:24 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 24 Feb 2025 16:30:24 -0000
Subject: SUSE-SU-2025:0692-1: important: Security update for qemu
Message-ID: <174041462463.32650.5020343063791221998@smelt2.prg2.suse.org>



# Security update for qemu

Announcement ID: SUSE-SU-2025:0692-1  
Release Date: 2025-02-24T14:21:31Z  
Rating: important  
References:

  * bsc#1219722
  * bsc#1219733
  * bsc#1222845
  * bsc#1229007
  * bsc#1230915

  
Cross-References:

  * CVE-2024-3447
  * CVE-2024-7409
  * CVE-2024-8612

  
CVSS scores:

  * CVE-2024-3447 ( SUSE ):  6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
  * CVE-2024-3447 ( NVD ):  6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
  * CVE-2024-7409 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-7409 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-7409 ( NVD ):  7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-8612 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-8612 ( SUSE ):  3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
  * CVE-2024-8612 ( NVD ):  3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N

  
Affected Products:

  * openSUSE Leap 15.3
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.2
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3

  
  
An update that solves three vulnerabilities and has two security fixes can now
be installed.

## Description:

This update for qemu fixes the following issues:

  * CVE-2024-8612: Fixed information leak in virtio devices (bsc#1230915).
  * CVE-2024-7409: Fixed denial of service via improper synchronization in QEMU
    NBD Server during socket closure (bsc#1229007).
  * CVE-2024-3447: Fixed heap buffer overflow in sdhci_write_dataport()
    (bsc#1222845).

Other fixes:

  * Fix ipxe build with new binutils (bsc#1219733, bsc#1219722).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-692=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-692=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-692=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-692=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-692=1

  * SUSE Linux Enterprise Micro 5.1  
    zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-692=1

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-692=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-692=1

## Package List:

  * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
    * qemu-ui-curses-5.2.0-150300.135.1
    * qemu-audio-pa-debuginfo-5.2.0-150300.135.1
    * qemu-ivshmem-tools-debuginfo-5.2.0-150300.135.1
    * qemu-block-iscsi-debuginfo-5.2.0-150300.135.1
    * qemu-audio-alsa-debuginfo-5.2.0-150300.135.1
    * qemu-lang-5.2.0-150300.135.1
    * qemu-ui-opengl-debuginfo-5.2.0-150300.135.1
    * qemu-hw-usb-smartcard-debuginfo-5.2.0-150300.135.1
    * qemu-block-dmg-5.2.0-150300.135.1
    * qemu-extra-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-pci-debuginfo-5.2.0-150300.135.1
    * qemu-hw-display-virtio-vga-debuginfo-5.2.0-150300.135.1
    * qemu-block-gluster-5.2.0-150300.135.1
    * qemu-hw-usb-redirect-5.2.0-150300.135.1
    * qemu-arm-debuginfo-5.2.0-150300.135.1
    * qemu-block-dmg-debuginfo-5.2.0-150300.135.1
    * qemu-tools-debuginfo-5.2.0-150300.135.1
    * qemu-vhost-user-gpu-debuginfo-5.2.0-150300.135.1
    * qemu-x86-debuginfo-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-pci-5.2.0-150300.135.1
    * qemu-ui-opengl-5.2.0-150300.135.1
    * qemu-hw-display-qxl-5.2.0-150300.135.1
    * qemu-hw-display-virtio-vga-5.2.0-150300.135.1
    * qemu-chardev-spice-5.2.0-150300.135.1
    * qemu-ivshmem-tools-5.2.0-150300.135.1
    * qemu-ui-spice-core-debuginfo-5.2.0-150300.135.1
    * qemu-hw-display-qxl-debuginfo-5.2.0-150300.135.1
    * qemu-ppc-debuginfo-5.2.0-150300.135.1
    * qemu-linux-user-5.2.0-150300.135.1
    * qemu-audio-alsa-5.2.0-150300.135.1
    * qemu-debugsource-5.2.0-150300.135.1
    * qemu-extra-debuginfo-5.2.0-150300.135.1
    * qemu-hw-usb-smartcard-5.2.0-150300.135.1
    * qemu-chardev-baum-5.2.0-150300.135.1
    * qemu-audio-spice-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-debuginfo-5.2.0-150300.135.1
    * qemu-block-curl-debuginfo-5.2.0-150300.135.1
    * qemu-debuginfo-5.2.0-150300.135.1
    * qemu-guest-agent-debuginfo-5.2.0-150300.135.1
    * qemu-guest-agent-5.2.0-150300.135.1
    * qemu-hw-s390x-virtio-gpu-ccw-debuginfo-5.2.0-150300.135.1
    * qemu-block-ssh-debuginfo-5.2.0-150300.135.1
    * qemu-s390x-5.2.0-150300.135.1
    * qemu-vhost-user-gpu-5.2.0-150300.135.1
    * qemu-ui-gtk-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-5.2.0-150300.135.1
    * qemu-5.2.0-150300.135.1
    * qemu-s390x-debuginfo-5.2.0-150300.135.1
    * qemu-linux-user-debuginfo-5.2.0-150300.135.1
    * qemu-hw-s390x-virtio-gpu-ccw-5.2.0-150300.135.1
    * qemu-block-iscsi-5.2.0-150300.135.1
    * qemu-arm-5.2.0-150300.135.1
    * qemu-audio-spice-debuginfo-5.2.0-150300.135.1
    * qemu-block-curl-5.2.0-150300.135.1
    * qemu-tools-5.2.0-150300.135.1
    * qemu-ui-gtk-debuginfo-5.2.0-150300.135.1
    * qemu-ksm-5.2.0-150300.135.1
    * qemu-ui-spice-app-debuginfo-5.2.0-150300.135.1
    * qemu-hw-usb-redirect-debuginfo-5.2.0-150300.135.1
    * qemu-x86-5.2.0-150300.135.1
    * qemu-ui-curses-debuginfo-5.2.0-150300.135.1
    * qemu-ui-spice-app-5.2.0-150300.135.1
    * qemu-ui-spice-core-5.2.0-150300.135.1
    * qemu-block-gluster-debuginfo-5.2.0-150300.135.1
    * qemu-chardev-spice-debuginfo-5.2.0-150300.135.1
    * qemu-chardev-baum-debuginfo-5.2.0-150300.135.1
    * qemu-testsuite-5.2.0-150300.135.1
    * qemu-linux-user-debugsource-5.2.0-150300.135.1
    * qemu-block-nfs-debuginfo-5.2.0-150300.135.1
    * qemu-block-ssh-5.2.0-150300.135.1
    * qemu-ppc-5.2.0-150300.135.1
    * qemu-audio-pa-5.2.0-150300.135.1
    * qemu-block-nfs-5.2.0-150300.135.1
  * openSUSE Leap 15.3 (s390x x86_64 i586)
    * qemu-kvm-5.2.0-150300.135.1
  * openSUSE Leap 15.3 (noarch)
    * qemu-vgabios-1.14.0_0_g155821a-150300.135.1
    * qemu-seabios-1.14.0_0_g155821a-150300.135.1
    * qemu-ipxe-1.0.0+-150300.135.1
    * qemu-microvm-5.2.0-150300.135.1
    * qemu-sgabios-8-150300.135.1
    * qemu-skiboot-5.2.0-150300.135.1
    * qemu-SLOF-5.2.0-150300.135.1
  * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64)
    * qemu-block-rbd-5.2.0-150300.135.1
    * qemu-block-rbd-debuginfo-5.2.0-150300.135.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * qemu-ui-curses-5.2.0-150300.135.1
    * qemu-block-iscsi-debuginfo-5.2.0-150300.135.1
    * qemu-lang-5.2.0-150300.135.1
    * qemu-ui-opengl-debuginfo-5.2.0-150300.135.1
    * qemu-hw-display-virtio-vga-debuginfo-5.2.0-150300.135.1
    * qemu-hw-usb-redirect-5.2.0-150300.135.1
    * qemu-tools-debuginfo-5.2.0-150300.135.1
    * qemu-ui-opengl-5.2.0-150300.135.1
    * qemu-hw-display-qxl-5.2.0-150300.135.1
    * qemu-hw-display-virtio-vga-5.2.0-150300.135.1
    * qemu-chardev-spice-5.2.0-150300.135.1
    * qemu-ui-spice-core-debuginfo-5.2.0-150300.135.1
    * qemu-hw-display-qxl-debuginfo-5.2.0-150300.135.1
    * qemu-debugsource-5.2.0-150300.135.1
    * qemu-chardev-baum-5.2.0-150300.135.1
    * qemu-block-curl-debuginfo-5.2.0-150300.135.1
    * qemu-debuginfo-5.2.0-150300.135.1
    * qemu-guest-agent-debuginfo-5.2.0-150300.135.1
    * qemu-guest-agent-5.2.0-150300.135.1
    * qemu-block-rbd-5.2.0-150300.135.1
    * qemu-block-ssh-debuginfo-5.2.0-150300.135.1
    * qemu-ui-gtk-5.2.0-150300.135.1
    * qemu-5.2.0-150300.135.1
    * qemu-block-iscsi-5.2.0-150300.135.1
    * qemu-audio-spice-debuginfo-5.2.0-150300.135.1
    * qemu-block-curl-5.2.0-150300.135.1
    * qemu-tools-5.2.0-150300.135.1
    * qemu-ui-gtk-debuginfo-5.2.0-150300.135.1
    * qemu-ksm-5.2.0-150300.135.1
    * qemu-ui-spice-app-debuginfo-5.2.0-150300.135.1
    * qemu-hw-usb-redirect-debuginfo-5.2.0-150300.135.1
    * qemu-ui-curses-debuginfo-5.2.0-150300.135.1
    * qemu-ui-spice-app-5.2.0-150300.135.1
    * qemu-ui-spice-core-5.2.0-150300.135.1
    * qemu-chardev-spice-debuginfo-5.2.0-150300.135.1
    * qemu-chardev-baum-debuginfo-5.2.0-150300.135.1
    * qemu-block-rbd-debuginfo-5.2.0-150300.135.1
    * qemu-block-ssh-5.2.0-150300.135.1
    * qemu-audio-spice-5.2.0-150300.135.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64)
    * qemu-arm-5.2.0-150300.135.1
    * qemu-arm-debuginfo-5.2.0-150300.135.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * qemu-seabios-1.14.0_0_g155821a-150300.135.1
    * qemu-vgabios-1.14.0_0_g155821a-150300.135.1
    * qemu-ipxe-1.0.0+-150300.135.1
    * qemu-sgabios-8-150300.135.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64)
    * qemu-audio-pa-debuginfo-5.2.0-150300.135.1
    * qemu-audio-alsa-debuginfo-5.2.0-150300.135.1
    * qemu-audio-alsa-5.2.0-150300.135.1
    * qemu-kvm-5.2.0-150300.135.1
    * qemu-x86-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-debuginfo-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-pci-debuginfo-5.2.0-150300.135.1
    * qemu-x86-debuginfo-5.2.0-150300.135.1
    * qemu-audio-pa-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-pci-5.2.0-150300.135.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * qemu-ui-curses-5.2.0-150300.135.1
    * qemu-block-iscsi-debuginfo-5.2.0-150300.135.1
    * qemu-lang-5.2.0-150300.135.1
    * qemu-tools-debuginfo-5.2.0-150300.135.1
    * qemu-debugsource-5.2.0-150300.135.1
    * qemu-chardev-baum-5.2.0-150300.135.1
    * qemu-block-curl-debuginfo-5.2.0-150300.135.1
    * qemu-debuginfo-5.2.0-150300.135.1
    * qemu-guest-agent-debuginfo-5.2.0-150300.135.1
    * qemu-guest-agent-5.2.0-150300.135.1
    * qemu-block-rbd-5.2.0-150300.135.1
    * qemu-block-ssh-debuginfo-5.2.0-150300.135.1
    * qemu-5.2.0-150300.135.1
    * qemu-block-iscsi-5.2.0-150300.135.1
    * qemu-block-curl-5.2.0-150300.135.1
    * qemu-tools-5.2.0-150300.135.1
    * qemu-ksm-5.2.0-150300.135.1
    * qemu-ui-curses-debuginfo-5.2.0-150300.135.1
    * qemu-chardev-baum-debuginfo-5.2.0-150300.135.1
    * qemu-block-rbd-debuginfo-5.2.0-150300.135.1
    * qemu-block-ssh-5.2.0-150300.135.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64)
    * qemu-arm-5.2.0-150300.135.1
    * qemu-arm-debuginfo-5.2.0-150300.135.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le x86_64)
    * qemu-hw-display-qxl-5.2.0-150300.135.1
    * qemu-hw-display-virtio-vga-5.2.0-150300.135.1
    * qemu-chardev-spice-5.2.0-150300.135.1
    * qemu-ui-gtk-debuginfo-5.2.0-150300.135.1
    * qemu-ui-spice-core-debuginfo-5.2.0-150300.135.1
    * qemu-hw-display-qxl-debuginfo-5.2.0-150300.135.1
    * qemu-ui-spice-app-debuginfo-5.2.0-150300.135.1
    * qemu-hw-usb-redirect-debuginfo-5.2.0-150300.135.1
    * qemu-ui-opengl-debuginfo-5.2.0-150300.135.1
    * qemu-ui-spice-app-5.2.0-150300.135.1
    * qemu-ui-spice-core-5.2.0-150300.135.1
    * qemu-chardev-spice-debuginfo-5.2.0-150300.135.1
    * qemu-ui-gtk-5.2.0-150300.135.1
    * qemu-audio-spice-5.2.0-150300.135.1
    * qemu-hw-display-virtio-vga-debuginfo-5.2.0-150300.135.1
    * qemu-hw-usb-redirect-5.2.0-150300.135.1
    * qemu-audio-spice-debuginfo-5.2.0-150300.135.1
    * qemu-ui-opengl-5.2.0-150300.135.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * qemu-vgabios-1.14.0_0_g155821a-150300.135.1
    * qemu-seabios-1.14.0_0_g155821a-150300.135.1
    * qemu-ipxe-1.0.0+-150300.135.1
    * qemu-sgabios-8-150300.135.1
    * qemu-skiboot-5.2.0-150300.135.1
    * qemu-SLOF-5.2.0-150300.135.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (ppc64le)
    * qemu-ppc-5.2.0-150300.135.1
    * qemu-ppc-debuginfo-5.2.0-150300.135.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (s390x x86_64)
    * qemu-kvm-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-debuginfo-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-pci-debuginfo-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-pci-5.2.0-150300.135.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (s390x)
    * qemu-hw-s390x-virtio-gpu-ccw-5.2.0-150300.135.1
    * qemu-s390x-5.2.0-150300.135.1
    * qemu-hw-s390x-virtio-gpu-ccw-debuginfo-5.2.0-150300.135.1
    * qemu-s390x-debuginfo-5.2.0-150300.135.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (x86_64)
    * qemu-audio-pa-debuginfo-5.2.0-150300.135.1
    * qemu-audio-alsa-debuginfo-5.2.0-150300.135.1
    * qemu-audio-alsa-5.2.0-150300.135.1
    * qemu-x86-5.2.0-150300.135.1
    * qemu-x86-debuginfo-5.2.0-150300.135.1
    * qemu-audio-pa-5.2.0-150300.135.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * qemu-ui-curses-5.2.0-150300.135.1
    * qemu-block-iscsi-debuginfo-5.2.0-150300.135.1
    * qemu-lang-5.2.0-150300.135.1
    * qemu-ui-opengl-debuginfo-5.2.0-150300.135.1
    * qemu-hw-display-virtio-vga-debuginfo-5.2.0-150300.135.1
    * qemu-hw-usb-redirect-5.2.0-150300.135.1
    * qemu-tools-debuginfo-5.2.0-150300.135.1
    * qemu-ui-opengl-5.2.0-150300.135.1
    * qemu-hw-display-qxl-5.2.0-150300.135.1
    * qemu-hw-display-virtio-vga-5.2.0-150300.135.1
    * qemu-chardev-spice-5.2.0-150300.135.1
    * qemu-ui-spice-core-debuginfo-5.2.0-150300.135.1
    * qemu-hw-display-qxl-debuginfo-5.2.0-150300.135.1
    * qemu-debugsource-5.2.0-150300.135.1
    * qemu-chardev-baum-5.2.0-150300.135.1
    * qemu-block-curl-debuginfo-5.2.0-150300.135.1
    * qemu-debuginfo-5.2.0-150300.135.1
    * qemu-guest-agent-debuginfo-5.2.0-150300.135.1
    * qemu-guest-agent-5.2.0-150300.135.1
    * qemu-block-rbd-5.2.0-150300.135.1
    * qemu-block-ssh-debuginfo-5.2.0-150300.135.1
    * qemu-ui-gtk-5.2.0-150300.135.1
    * qemu-5.2.0-150300.135.1
    * qemu-block-iscsi-5.2.0-150300.135.1
    * qemu-audio-spice-debuginfo-5.2.0-150300.135.1
    * qemu-block-curl-5.2.0-150300.135.1
    * qemu-tools-5.2.0-150300.135.1
    * qemu-ui-gtk-debuginfo-5.2.0-150300.135.1
    * qemu-ksm-5.2.0-150300.135.1
    * qemu-ui-spice-app-debuginfo-5.2.0-150300.135.1
    * qemu-hw-usb-redirect-debuginfo-5.2.0-150300.135.1
    * qemu-ui-curses-debuginfo-5.2.0-150300.135.1
    * qemu-ui-spice-app-5.2.0-150300.135.1
    * qemu-ui-spice-core-5.2.0-150300.135.1
    * qemu-chardev-spice-debuginfo-5.2.0-150300.135.1
    * qemu-chardev-baum-debuginfo-5.2.0-150300.135.1
    * qemu-block-rbd-debuginfo-5.2.0-150300.135.1
    * qemu-block-ssh-5.2.0-150300.135.1
    * qemu-audio-spice-5.2.0-150300.135.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * qemu-vgabios-1.14.0_0_g155821a-150300.135.1
    * qemu-seabios-1.14.0_0_g155821a-150300.135.1
    * qemu-ipxe-1.0.0+-150300.135.1
    * qemu-sgabios-8-150300.135.1
    * qemu-skiboot-5.2.0-150300.135.1
    * qemu-SLOF-5.2.0-150300.135.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le)
    * qemu-ppc-5.2.0-150300.135.1
    * qemu-ppc-debuginfo-5.2.0-150300.135.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64)
    * qemu-audio-pa-debuginfo-5.2.0-150300.135.1
    * qemu-audio-alsa-debuginfo-5.2.0-150300.135.1
    * qemu-audio-alsa-5.2.0-150300.135.1
    * qemu-kvm-5.2.0-150300.135.1
    * qemu-x86-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-debuginfo-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-pci-debuginfo-5.2.0-150300.135.1
    * qemu-x86-debuginfo-5.2.0-150300.135.1
    * qemu-audio-pa-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-pci-5.2.0-150300.135.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * qemu-ui-curses-5.2.0-150300.135.1
    * qemu-block-iscsi-debuginfo-5.2.0-150300.135.1
    * qemu-lang-5.2.0-150300.135.1
    * qemu-ui-opengl-debuginfo-5.2.0-150300.135.1
    * qemu-hw-display-virtio-vga-debuginfo-5.2.0-150300.135.1
    * qemu-hw-usb-redirect-5.2.0-150300.135.1
    * qemu-tools-debuginfo-5.2.0-150300.135.1
    * qemu-ui-opengl-5.2.0-150300.135.1
    * qemu-hw-display-qxl-5.2.0-150300.135.1
    * qemu-hw-display-virtio-vga-5.2.0-150300.135.1
    * qemu-chardev-spice-5.2.0-150300.135.1
    * qemu-ui-spice-core-debuginfo-5.2.0-150300.135.1
    * qemu-hw-display-qxl-debuginfo-5.2.0-150300.135.1
    * qemu-debugsource-5.2.0-150300.135.1
    * qemu-chardev-baum-5.2.0-150300.135.1
    * qemu-block-curl-debuginfo-5.2.0-150300.135.1
    * qemu-debuginfo-5.2.0-150300.135.1
    * qemu-guest-agent-debuginfo-5.2.0-150300.135.1
    * qemu-guest-agent-5.2.0-150300.135.1
    * qemu-block-rbd-5.2.0-150300.135.1
    * qemu-block-ssh-debuginfo-5.2.0-150300.135.1
    * qemu-ui-gtk-5.2.0-150300.135.1
    * qemu-5.2.0-150300.135.1
    * qemu-block-iscsi-5.2.0-150300.135.1
    * qemu-audio-spice-debuginfo-5.2.0-150300.135.1
    * qemu-block-curl-5.2.0-150300.135.1
    * qemu-tools-5.2.0-150300.135.1
    * qemu-ui-gtk-debuginfo-5.2.0-150300.135.1
    * qemu-ksm-5.2.0-150300.135.1
    * qemu-ui-spice-app-debuginfo-5.2.0-150300.135.1
    * qemu-hw-usb-redirect-debuginfo-5.2.0-150300.135.1
    * qemu-ui-curses-debuginfo-5.2.0-150300.135.1
    * qemu-ui-spice-app-5.2.0-150300.135.1
    * qemu-ui-spice-core-5.2.0-150300.135.1
    * qemu-chardev-spice-debuginfo-5.2.0-150300.135.1
    * qemu-chardev-baum-debuginfo-5.2.0-150300.135.1
    * qemu-block-rbd-debuginfo-5.2.0-150300.135.1
    * qemu-block-ssh-5.2.0-150300.135.1
    * qemu-audio-spice-5.2.0-150300.135.1
  * SUSE Enterprise Storage 7.1 (aarch64)
    * qemu-arm-5.2.0-150300.135.1
    * qemu-arm-debuginfo-5.2.0-150300.135.1
  * SUSE Enterprise Storage 7.1 (noarch)
    * qemu-seabios-1.14.0_0_g155821a-150300.135.1
    * qemu-vgabios-1.14.0_0_g155821a-150300.135.1
    * qemu-ipxe-1.0.0+-150300.135.1
    * qemu-sgabios-8-150300.135.1
  * SUSE Enterprise Storage 7.1 (x86_64)
    * qemu-audio-pa-debuginfo-5.2.0-150300.135.1
    * qemu-audio-alsa-debuginfo-5.2.0-150300.135.1
    * qemu-audio-alsa-5.2.0-150300.135.1
    * qemu-kvm-5.2.0-150300.135.1
    * qemu-x86-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-debuginfo-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-pci-debuginfo-5.2.0-150300.135.1
    * qemu-x86-debuginfo-5.2.0-150300.135.1
    * qemu-audio-pa-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-pci-5.2.0-150300.135.1
  * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
    * qemu-tools-5.2.0-150300.135.1
    * qemu-debugsource-5.2.0-150300.135.1
    * qemu-5.2.0-150300.135.1
    * qemu-tools-debuginfo-5.2.0-150300.135.1
    * qemu-debuginfo-5.2.0-150300.135.1
  * SUSE Linux Enterprise Micro 5.1 (aarch64)
    * qemu-arm-5.2.0-150300.135.1
    * qemu-arm-debuginfo-5.2.0-150300.135.1
  * SUSE Linux Enterprise Micro 5.1 (noarch)
    * qemu-seabios-1.14.0_0_g155821a-150300.135.1
    * qemu-vgabios-1.14.0_0_g155821a-150300.135.1
    * qemu-ipxe-1.0.0+-150300.135.1
    * qemu-sgabios-8-150300.135.1
  * SUSE Linux Enterprise Micro 5.1 (s390x)
    * qemu-s390x-debuginfo-5.2.0-150300.135.1
    * qemu-s390x-5.2.0-150300.135.1
  * SUSE Linux Enterprise Micro 5.1 (x86_64)
    * qemu-x86-5.2.0-150300.135.1
    * qemu-x86-debuginfo-5.2.0-150300.135.1
  * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
    * qemu-ui-opengl-debuginfo-5.2.0-150300.135.1
    * qemu-hw-display-virtio-vga-debuginfo-5.2.0-150300.135.1
    * qemu-hw-usb-redirect-5.2.0-150300.135.1
    * qemu-tools-debuginfo-5.2.0-150300.135.1
    * qemu-ui-opengl-5.2.0-150300.135.1
    * qemu-hw-display-qxl-5.2.0-150300.135.1
    * qemu-hw-display-virtio-vga-5.2.0-150300.135.1
    * qemu-chardev-spice-5.2.0-150300.135.1
    * qemu-ui-spice-core-debuginfo-5.2.0-150300.135.1
    * qemu-hw-display-qxl-debuginfo-5.2.0-150300.135.1
    * qemu-debugsource-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-debuginfo-5.2.0-150300.135.1
    * qemu-debuginfo-5.2.0-150300.135.1
    * qemu-guest-agent-debuginfo-5.2.0-150300.135.1
    * qemu-guest-agent-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-5.2.0-150300.135.1
    * qemu-5.2.0-150300.135.1
    * qemu-audio-spice-debuginfo-5.2.0-150300.135.1
    * qemu-tools-5.2.0-150300.135.1
    * qemu-hw-usb-redirect-debuginfo-5.2.0-150300.135.1
    * qemu-ui-spice-core-5.2.0-150300.135.1
    * qemu-chardev-spice-debuginfo-5.2.0-150300.135.1
    * qemu-audio-spice-5.2.0-150300.135.1
  * SUSE Linux Enterprise Micro 5.2 (aarch64)
    * qemu-arm-5.2.0-150300.135.1
    * qemu-arm-debuginfo-5.2.0-150300.135.1
  * SUSE Linux Enterprise Micro 5.2 (noarch)
    * qemu-seabios-1.14.0_0_g155821a-150300.135.1
    * qemu-vgabios-1.14.0_0_g155821a-150300.135.1
    * qemu-ipxe-1.0.0+-150300.135.1
    * qemu-sgabios-8-150300.135.1
  * SUSE Linux Enterprise Micro 5.2 (s390x)
    * qemu-s390x-debuginfo-5.2.0-150300.135.1
    * qemu-s390x-5.2.0-150300.135.1
  * SUSE Linux Enterprise Micro 5.2 (x86_64)
    * qemu-x86-5.2.0-150300.135.1
    * qemu-x86-debuginfo-5.2.0-150300.135.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
    * qemu-ui-opengl-debuginfo-5.2.0-150300.135.1
    * qemu-hw-display-virtio-vga-debuginfo-5.2.0-150300.135.1
    * qemu-hw-usb-redirect-5.2.0-150300.135.1
    * qemu-tools-debuginfo-5.2.0-150300.135.1
    * qemu-ui-opengl-5.2.0-150300.135.1
    * qemu-hw-display-qxl-5.2.0-150300.135.1
    * qemu-hw-display-virtio-vga-5.2.0-150300.135.1
    * qemu-chardev-spice-5.2.0-150300.135.1
    * qemu-ui-spice-core-debuginfo-5.2.0-150300.135.1
    * qemu-hw-display-qxl-debuginfo-5.2.0-150300.135.1
    * qemu-debugsource-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-debuginfo-5.2.0-150300.135.1
    * qemu-debuginfo-5.2.0-150300.135.1
    * qemu-guest-agent-debuginfo-5.2.0-150300.135.1
    * qemu-guest-agent-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-5.2.0-150300.135.1
    * qemu-5.2.0-150300.135.1
    * qemu-audio-spice-debuginfo-5.2.0-150300.135.1
    * qemu-tools-5.2.0-150300.135.1
    * qemu-hw-usb-redirect-debuginfo-5.2.0-150300.135.1
    * qemu-ui-spice-core-5.2.0-150300.135.1
    * qemu-chardev-spice-debuginfo-5.2.0-150300.135.1
    * qemu-audio-spice-5.2.0-150300.135.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64)
    * qemu-arm-5.2.0-150300.135.1
    * qemu-arm-debuginfo-5.2.0-150300.135.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch)
    * qemu-seabios-1.14.0_0_g155821a-150300.135.1
    * qemu-vgabios-1.14.0_0_g155821a-150300.135.1
    * qemu-ipxe-1.0.0+-150300.135.1
    * qemu-sgabios-8-150300.135.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (s390x)
    * qemu-s390x-debuginfo-5.2.0-150300.135.1
    * qemu-s390x-5.2.0-150300.135.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64)
    * qemu-x86-5.2.0-150300.135.1
    * qemu-x86-debuginfo-5.2.0-150300.135.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-3447.html
  * https://www.suse.com/security/cve/CVE-2024-7409.html
  * https://www.suse.com/security/cve/CVE-2024-8612.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1219722
  * https://bugzilla.suse.com/show_bug.cgi?id=1219733
  * https://bugzilla.suse.com/show_bug.cgi?id=1222845
  * https://bugzilla.suse.com/show_bug.cgi?id=1229007
  * https://bugzilla.suse.com/show_bug.cgi?id=1230915

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250224/cf56c3f5/attachment.htm>

From null at suse.de  Mon Feb 24 16:30:28 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 24 Feb 2025 16:30:28 -0000
Subject: SUSE-SU-2025:0691-1: important: Security update for webkit2gtk3
Message-ID: <174041462855.32650.14142442889416749947@smelt2.prg2.suse.org>



# Security update for webkit2gtk3

Announcement ID: SUSE-SU-2025:0691-1  
Release Date: 2025-02-24T13:12:41Z  
Rating: important  
References:

  * bsc#1236946

  
Cross-References:

  * CVE-2024-27856
  * CVE-2024-54543
  * CVE-2024-54658
  * CVE-2025-24143
  * CVE-2025-24150
  * CVE-2025-24158
  * CVE-2025-24162

  
CVSS scores:

  * CVE-2024-27856 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-27856 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-27856 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-54543 ( SUSE ):  7.2
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-54543 ( SUSE ):  8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
  * CVE-2024-54543 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-54543 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-54658 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-54658 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2024-54658 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2025-24143 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-24143 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
  * CVE-2025-24143 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
  * CVE-2025-24143 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
  * CVE-2025-24150 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-24150 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-24150 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-24150 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-24158 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-24158 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2025-24158 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2025-24162 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-24162 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2025-24162 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * Desktop Applications Module 15-SP6
  * Development Tools Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves seven vulnerabilities can now be installed.

## Description:

This update for webkit2gtk3 fixes the following issues:

Update to version 2.46.6 (bsc#1236946):

  * CVE-2025-24143: A maliciously crafted webpage may be able to fingerprint the
    user.
  * CVE-2025-24150: Copying a URL from Web Inspector may lead to command
    injection.
  * CVE-2025-24158: Processing web content may lead to a denial-of-service.
  * CVE-2025-24162: Processing maliciously crafted web content may lead to an
    unexpected process crash.

Already fixed in previous releases:

  * CVE-2024-54543: Processing maliciously crafted web content may lead to
    memory corruption.
  * CVE-2024-27856: Processing a file may lead to unexpected app termination or
    arbitrary code execution.
  * CVE-2024-54658: Processing web content may lead to a denial-of-service.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-691=1 openSUSE-SLE-15.6-2025-691=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-691=1

  * Desktop Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-691=1

  * Development Tools Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-691=1

## Package List:

  * openSUSE Leap 15.6 (noarch)
    * WebKitGTK-6.0-lang-2.46.6-150600.12.27.1
    * WebKitGTK-4.0-lang-2.46.6-150600.12.27.1
    * WebKitGTK-4.1-lang-2.46.6-150600.12.27.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150600.12.27.1
    * webkit2gtk3-minibrowser-2.46.6-150600.12.27.1
    * libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150600.12.27.1
    * webkit2gtk3-debugsource-2.46.6-150600.12.27.1
    * libwebkit2gtk-4_1-0-debuginfo-2.46.6-150600.12.27.1
    * webkit-jsc-6.0-debuginfo-2.46.6-150600.12.27.1
    * webkitgtk-6_0-injected-bundles-debuginfo-2.46.6-150600.12.27.1
    * webkit2gtk3-minibrowser-debuginfo-2.46.6-150600.12.27.1
    * webkit-jsc-4.1-2.46.6-150600.12.27.1
    * libjavascriptcoregtk-4_0-18-2.46.6-150600.12.27.1
    * webkit2gtk-4_1-injected-bundles-2.46.6-150600.12.27.1
    * libwebkitgtk-6_0-4-2.46.6-150600.12.27.1
    * typelib-1_0-WebKit-6_0-2.46.6-150600.12.27.1
    * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150600.12.27.1
    * typelib-1_0-JavaScriptCore-4_0-2.46.6-150600.12.27.1
    * webkit2gtk-4_0-injected-bundles-2.46.6-150600.12.27.1
    * webkit-jsc-4.1-debuginfo-2.46.6-150600.12.27.1
    * libwebkit2gtk-4_0-37-2.46.6-150600.12.27.1
    * typelib-1_0-WebKit2-4_1-2.46.6-150600.12.27.1
    * libjavascriptcoregtk-6_0-1-2.46.6-150600.12.27.1
    * webkit2gtk4-minibrowser-debuginfo-2.46.6-150600.12.27.1
    * typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150600.12.27.1
    * webkit2gtk3-soup2-devel-2.46.6-150600.12.27.1
    * webkit-jsc-6.0-2.46.6-150600.12.27.1
    * webkit2gtk4-debugsource-2.46.6-150600.12.27.1
    * libwebkitgtk-6_0-4-debuginfo-2.46.6-150600.12.27.1
    * webkit-jsc-4-2.46.6-150600.12.27.1
    * webkit2gtk3-soup2-minibrowser-2.46.6-150600.12.27.1
    * webkit2gtk3-soup2-minibrowser-debuginfo-2.46.6-150600.12.27.1
    * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150600.12.27.1
    * webkit2gtk3-devel-2.46.6-150600.12.27.1
    * webkit2gtk4-minibrowser-2.46.6-150600.12.27.1
    * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150600.12.27.1
    * libjavascriptcoregtk-4_1-0-2.46.6-150600.12.27.1
    * libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150600.12.27.1
    * typelib-1_0-WebKitWebProcessExtension-6_0-2.46.6-150600.12.27.1
    * typelib-1_0-WebKit2-4_0-2.46.6-150600.12.27.1
    * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150600.12.27.1
    * webkit2gtk3-soup2-debugsource-2.46.6-150600.12.27.1
    * typelib-1_0-JavaScriptCore-6_0-2.46.6-150600.12.27.1
    * libwebkit2gtk-4_1-0-2.46.6-150600.12.27.1
    * webkitgtk-6_0-injected-bundles-2.46.6-150600.12.27.1
    * webkit-jsc-4-debuginfo-2.46.6-150600.12.27.1
    * typelib-1_0-JavaScriptCore-4_1-2.46.6-150600.12.27.1
    * webkit2gtk4-devel-2.46.6-150600.12.27.1
  * openSUSE Leap 15.6 (x86_64)
    * libwebkit2gtk-4_1-0-32bit-debuginfo-2.46.6-150600.12.27.1
    * libwebkit2gtk-4_0-37-32bit-debuginfo-2.46.6-150600.12.27.1
    * libwebkit2gtk-4_0-37-32bit-2.46.6-150600.12.27.1
    * libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.46.6-150600.12.27.1
    * libjavascriptcoregtk-4_1-0-32bit-2.46.6-150600.12.27.1
    * libjavascriptcoregtk-4_1-0-32bit-debuginfo-2.46.6-150600.12.27.1
    * libwebkit2gtk-4_1-0-32bit-2.46.6-150600.12.27.1
    * libjavascriptcoregtk-4_0-18-32bit-2.46.6-150600.12.27.1
  * openSUSE Leap 15.6 (aarch64_ilp32)
    * libjavascriptcoregtk-4_1-0-64bit-debuginfo-2.46.6-150600.12.27.1
    * libwebkit2gtk-4_0-37-64bit-2.46.6-150600.12.27.1
    * libjavascriptcoregtk-4_0-18-64bit-2.46.6-150600.12.27.1
    * libjavascriptcoregtk-4_0-18-64bit-debuginfo-2.46.6-150600.12.27.1
    * libwebkit2gtk-4_0-37-64bit-debuginfo-2.46.6-150600.12.27.1
    * libjavascriptcoregtk-4_1-0-64bit-2.46.6-150600.12.27.1
    * libwebkit2gtk-4_1-0-64bit-debuginfo-2.46.6-150600.12.27.1
    * libwebkit2gtk-4_1-0-64bit-2.46.6-150600.12.27.1
  * Basesystem Module 15-SP6 (noarch)
    * WebKitGTK-6.0-lang-2.46.6-150600.12.27.1
    * WebKitGTK-4.0-lang-2.46.6-150600.12.27.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * libjavascriptcoregtk-4_0-18-2.46.6-150600.12.27.1
    * libwebkitgtk-6_0-4-2.46.6-150600.12.27.1
    * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150600.12.27.1
    * libwebkitgtk-6_0-4-debuginfo-2.46.6-150600.12.27.1
    * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150600.12.27.1
    * libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150600.12.27.1
    * typelib-1_0-JavaScriptCore-4_0-2.46.6-150600.12.27.1
    * webkit2gtk-4_0-injected-bundles-2.46.6-150600.12.27.1
    * libwebkit2gtk-4_0-37-2.46.6-150600.12.27.1
    * typelib-1_0-WebKit2-4_0-2.46.6-150600.12.27.1
    * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150600.12.27.1
    * webkit2gtk3-soup2-debugsource-2.46.6-150600.12.27.1
    * webkitgtk-6_0-injected-bundles-2.46.6-150600.12.27.1
    * libjavascriptcoregtk-6_0-1-2.46.6-150600.12.27.1
    * webkitgtk-6_0-injected-bundles-debuginfo-2.46.6-150600.12.27.1
    * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150600.12.27.1
    * webkit2gtk3-soup2-devel-2.46.6-150600.12.27.1
    * webkit2gtk4-debugsource-2.46.6-150600.12.27.1
  * Desktop Applications Module 15-SP6 (noarch)
    * WebKitGTK-4.1-lang-2.46.6-150600.12.27.1
  * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150600.12.27.1
    * webkit2gtk-4_1-injected-bundles-2.46.6-150600.12.27.1
    * libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150600.12.27.1
    * libjavascriptcoregtk-4_1-0-2.46.6-150600.12.27.1
    * webkit2gtk3-debugsource-2.46.6-150600.12.27.1
    * libwebkit2gtk-4_1-0-debuginfo-2.46.6-150600.12.27.1
    * typelib-1_0-WebKit2-4_1-2.46.6-150600.12.27.1
    * libwebkit2gtk-4_1-0-2.46.6-150600.12.27.1
    * typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150600.12.27.1
    * webkit2gtk3-devel-2.46.6-150600.12.27.1
    * typelib-1_0-JavaScriptCore-4_1-2.46.6-150600.12.27.1
  * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * typelib-1_0-WebKit-6_0-2.46.6-150600.12.27.1
    * typelib-1_0-WebKitWebProcessExtension-6_0-2.46.6-150600.12.27.1
    * typelib-1_0-JavaScriptCore-6_0-2.46.6-150600.12.27.1
    * webkit2gtk4-devel-2.46.6-150600.12.27.1
    * webkit2gtk4-debugsource-2.46.6-150600.12.27.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-27856.html
  * https://www.suse.com/security/cve/CVE-2024-54543.html
  * https://www.suse.com/security/cve/CVE-2024-54658.html
  * https://www.suse.com/security/cve/CVE-2025-24143.html
  * https://www.suse.com/security/cve/CVE-2025-24150.html
  * https://www.suse.com/security/cve/CVE-2025-24158.html
  * https://www.suse.com/security/cve/CVE-2025-24162.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236946

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250224/166a9470/attachment.htm>

From null at suse.de  Mon Feb 24 16:30:32 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 24 Feb 2025 16:30:32 -0000
Subject: SUSE-SU-2025:0690-1: important: Security update for ovmf
Message-ID: <174041463220.32650.12905027952624812349@smelt2.prg2.suse.org>



# Security update for ovmf

Announcement ID: SUSE-SU-2025:0690-1  
Release Date: 2025-02-24T13:06:15Z  
Rating: important  
References:

  * bsc#1237084

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that has one security fix can now be installed.

## Description:

This update for ovmf fixes the following issues:

  * PXE boot is failing due to patches applied to fix CVE-2023-45236 and
    CVE-2023-45237 (bsc#1237084).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-690=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-690=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-690=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-690=1

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-690=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-690=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-690=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-690=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-690=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-690=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-690=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-690=1

## Package List:

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
    * ovmf-tools-202202-150400.5.18.1
    * ovmf-202202-150400.5.18.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * qemu-ovmf-x86_64-202202-150400.5.18.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * ovmf-tools-202202-150400.5.18.1
    * ovmf-202202-150400.5.18.1
  * SUSE Manager Proxy 4.3 (noarch)
    * qemu-ovmf-x86_64-202202-150400.5.18.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * ovmf-tools-202202-150400.5.18.1
    * ovmf-202202-150400.5.18.1
  * SUSE Manager Retail Branch Server 4.3 (noarch)
    * qemu-ovmf-x86_64-202202-150400.5.18.1
  * SUSE Manager Server 4.3 (x86_64)
    * ovmf-tools-202202-150400.5.18.1
    * ovmf-202202-150400.5.18.1
  * SUSE Manager Server 4.3 (noarch)
    * qemu-ovmf-x86_64-202202-150400.5.18.1
  * openSUSE Leap 15.4 (aarch64 x86_64)
    * ovmf-tools-202202-150400.5.18.1
    * ovmf-202202-150400.5.18.1
  * openSUSE Leap 15.4 (noarch)
    * qemu-ovmf-x86_64-202202-150400.5.18.1
    * qemu-ovmf-ia32-202202-150400.5.18.1
    * qemu-uefi-aarch32-202202-150400.5.18.1
    * qemu-uefi-aarch64-202202-150400.5.18.1
  * openSUSE Leap 15.4 (x86_64)
    * qemu-ovmf-x86_64-debug-202202-150400.5.18.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch)
    * qemu-uefi-aarch64-202202-150400.5.18.1
    * qemu-ovmf-x86_64-202202-150400.5.18.1
  * SUSE Linux Enterprise Micro 5.3 (noarch)
    * qemu-uefi-aarch64-202202-150400.5.18.1
    * qemu-ovmf-x86_64-202202-150400.5.18.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch)
    * qemu-uefi-aarch64-202202-150400.5.18.1
    * qemu-ovmf-x86_64-202202-150400.5.18.1
  * SUSE Linux Enterprise Micro 5.4 (noarch)
    * qemu-uefi-aarch64-202202-150400.5.18.1
    * qemu-ovmf-x86_64-202202-150400.5.18.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * ovmf-tools-202202-150400.5.18.1
    * ovmf-202202-150400.5.18.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * qemu-uefi-aarch64-202202-150400.5.18.1
    * qemu-ovmf-x86_64-202202-150400.5.18.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * ovmf-tools-202202-150400.5.18.1
    * ovmf-202202-150400.5.18.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * qemu-uefi-aarch64-202202-150400.5.18.1
    * qemu-ovmf-x86_64-202202-150400.5.18.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 x86_64)
    * ovmf-tools-202202-150400.5.18.1
    * ovmf-202202-150400.5.18.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * qemu-uefi-aarch64-202202-150400.5.18.1
    * qemu-ovmf-x86_64-202202-150400.5.18.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1237084

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250224/2d8e1545/attachment.htm>

From null at suse.de  Mon Feb 24 16:30:36 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 24 Feb 2025 16:30:36 -0000
Subject: SUSE-SU-2025:0689-1: moderate: Security update for pam_pkcs11
Message-ID: <174041463623.32650.10155980467192952320@smelt2.prg2.suse.org>



# Security update for pam_pkcs11

Announcement ID: SUSE-SU-2025:0689-1  
Release Date: 2025-02-24T12:57:20Z  
Rating: moderate  
References:

  * bsc#1237058
  * bsc#1237062

  
Cross-References:

  * CVE-2025-24031
  * CVE-2025-24032

  
CVSS scores:

  * CVE-2025-24031 ( SUSE ):  4.6
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-24031 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
  * CVE-2025-24031 ( NVD ):  5.1
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2025-24032 ( SUSE ):  7.5
    CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-24032 ( SUSE ):  6.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
  * CVE-2025-24032 ( NVD ):  9.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:L/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for pam_pkcs11 fixes the following issues:

  * CVE-2025-24032: default value for `cert_policy` (`none`) allows for
    authentication bypass (bsc#1237062).
  * CVE-2025-24031: uninitialized pointer dereference caused by user pressing
    ctrl-c/ctrl-d when asked for PIN leads to crash (bsc#1237058).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-689=1 SUSE-2025-689=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-689=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * pam_pkcs11-debuginfo-0.6.10-150600.16.3.1
    * pam_pkcs11-0.6.10-150600.16.3.1
    * pam_pkcs11-debugsource-0.6.10-150600.16.3.1
  * openSUSE Leap 15.6 (x86_64)
    * pam_pkcs11-32bit-debuginfo-0.6.10-150600.16.3.1
    * pam_pkcs11-32bit-0.6.10-150600.16.3.1
  * openSUSE Leap 15.6 (noarch)
    * pam_pkcs11-devel-doc-0.6.10-150600.16.3.1
  * openSUSE Leap 15.6 (aarch64_ilp32)
    * pam_pkcs11-64bit-0.6.10-150600.16.3.1
    * pam_pkcs11-64bit-debuginfo-0.6.10-150600.16.3.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * pam_pkcs11-debuginfo-0.6.10-150600.16.3.1
    * pam_pkcs11-0.6.10-150600.16.3.1
    * pam_pkcs11-debugsource-0.6.10-150600.16.3.1
  * Basesystem Module 15-SP6 (x86_64)
    * pam_pkcs11-32bit-debuginfo-0.6.10-150600.16.3.1
    * pam_pkcs11-32bit-0.6.10-150600.16.3.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-24031.html
  * https://www.suse.com/security/cve/CVE-2025-24032.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237058
  * https://bugzilla.suse.com/show_bug.cgi?id=1237062

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250224/45cc48bd/attachment.htm>

From null at suse.de  Mon Feb 24 16:30:40 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 24 Feb 2025 16:30:40 -0000
Subject: SUSE-SU-2025:0688-1: moderate: Security update for pam_pkcs11
Message-ID: <174041464077.32650.3639239005354422743@smelt2.prg2.suse.org>



# Security update for pam_pkcs11

Announcement ID: SUSE-SU-2025:0688-1  
Release Date: 2025-02-24T12:55:41Z  
Rating: moderate  
References:

  * bsc#1237058
  * bsc#1237062

  
Cross-References:

  * CVE-2025-24031
  * CVE-2025-24032

  
CVSS scores:

  * CVE-2025-24031 ( SUSE ):  4.6
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-24031 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
  * CVE-2025-24031 ( NVD ):  5.1
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2025-24032 ( SUSE ):  7.5
    CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-24032 ( SUSE ):  6.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
  * CVE-2025-24032 ( NVD ):  9.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:L/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

  
Affected Products:

  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for pam_pkcs11 fixes the following issues:

  * CVE-2025-24032: default value for `cert_policy` (`none`) allows for
    authentication bypass (bsc#1237062).
  * CVE-2025-24031: uninitialized pointer dereference caused by user pressing
    ctrl-c/ctrl-d when asked for PIN leads to crash (bsc#1237058).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-688=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * pam_pkcs11-debuginfo-32bit-0.6.8-7.8.1
    * pam_pkcs11-32bit-0.6.8-7.8.1
    * pam_pkcs11-0.6.8-7.8.1
    * pam_pkcs11-debugsource-0.6.8-7.8.1
    * pam_pkcs11-debuginfo-0.6.8-7.8.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-24031.html
  * https://www.suse.com/security/cve/CVE-2025-24032.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237058
  * https://bugzilla.suse.com/show_bug.cgi?id=1237062

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250224/485b2f2d/attachment.htm>

From null at suse.de  Mon Feb 24 20:30:07 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 24 Feb 2025 20:30:07 -0000
Subject: SUSE-SU-2025:0703-1: important: Security update for the Linux Kernel
 (Live Patch 13 for SLE 15 SP5)
Message-ID: <174042900724.17642.4836227347001674917@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP5)

Announcement ID: SUSE-SU-2025:0703-1  
Release Date: 2025-02-24T18:03:39Z  
Rating: important  
References:

  * bsc#1227371
  * bsc#1228585
  * bsc#1236783

  
Cross-References:

  * CVE-2024-36974
  * CVE-2024-40956
  * CVE-2024-53104

  
CVSS scores:

  * CVE-2024-36974 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-40956 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-40956 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.3
  * openSUSE Leap 15.5
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise Live Patching 15-SP3
  * SUSE Linux Enterprise Live Patching 15-SP5
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP5
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5

  
  
An update that solves three vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 5.14.21-150500_55_62 fixes several issues.

The following security issues were fixed:

  * CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in
    irq_process_work_list (bsc#1228585).
  * CVE-2024-36974: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP
    (bsc#1227371).
  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-705=1

  * SUSE Linux Enterprise Live Patching 15-SP5  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-705=1

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-703=1

  * SUSE Linux Enterprise Live Patching 15-SP3  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-703=1

## Package List:

  * openSUSE Leap 15.5 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP5_Update_13-debugsource-11-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_62-default-debuginfo-11-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_62-default-11-150500.2.1
  * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP5_Update_13-debugsource-11-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_62-default-debuginfo-11-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_62-default-11-150500.2.1
  * openSUSE Leap 15.3 (ppc64le s390x x86_64)
    * kernel-livepatch-5_3_18-150300_59_167-default-8-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_167-default-debuginfo-8-150300.2.1
    * kernel-livepatch-SLE15-SP3_Update_46-debugsource-8-150300.2.1
  * openSUSE Leap 15.3 (x86_64)
    * kernel-livepatch-5_3_18-150300_59_167-preempt-debuginfo-8-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_167-preempt-8-150300.2.1
  * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64)
    * kernel-livepatch-5_3_18-150300_59_167-default-8-150300.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-36974.html
  * https://www.suse.com/security/cve/CVE-2024-40956.html
  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1227371
  * https://bugzilla.suse.com/show_bug.cgi?id=1228585
  * https://bugzilla.suse.com/show_bug.cgi?id=1236783

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250224/7451cae5/attachment.htm>

From null at suse.de  Mon Feb 24 20:30:11 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 24 Feb 2025 20:30:11 -0000
Subject: SUSE-SU-2025:0704-1: important: Security update for the Linux Kernel
 (Live Patch 5 for SLE 15 SP6)
Message-ID: <174042901110.17642.17974703153249707864@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP6)

Announcement ID: SUSE-SU-2025:0704-1  
Release Date: 2025-02-24T17:33:33Z  
Rating: important  
References:

  * bsc#1236783

  
Cross-References:

  * CVE-2024-53104

  
CVSS scores:

  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.3
  * openSUSE Leap 15.4
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise Live Patching 15-SP3
  * SUSE Linux Enterprise Live Patching 15-SP4
  * SUSE Linux Enterprise Live Patching 15-SP6
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Real Time 15 SP4
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for the Linux Kernel 6.4.0-150600_23_25 fixes one issue.

The following security issue was fixed:

  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-701=1 SUSE-2025-704=1

  * SUSE Linux Enterprise Live Patching 15-SP3  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-701=1 SUSE-SLE-
Module-Live-Patching-15-SP3-2025-704=1

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-702=1

  * SUSE Linux Enterprise Live Patching 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-702=1

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-700=1

  * SUSE Linux Enterprise Live Patching 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-700=1

## Package List:

  * openSUSE Leap 15.3 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP3_Update_47-debugsource-6-150300.2.1
    * kernel-livepatch-SLE15-SP3_Update_50-debugsource-3-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_182-default-3-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_170-default-debuginfo-6-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_182-default-debuginfo-3-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_170-default-6-150300.2.1
  * openSUSE Leap 15.3 (x86_64)
    * kernel-livepatch-5_3_18-150300_59_182-preempt-3-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_170-preempt-6-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_182-preempt-debuginfo-3-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_170-preempt-debuginfo-6-150300.2.1
  * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP3_Update_47-debugsource-6-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_170-default-6-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_170-default-debuginfo-6-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_182-default-3-150300.2.1
  * openSUSE Leap 15.4 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP4_Update_31-debugsource-4-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_133-default-debuginfo-4-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_133-default-4-150400.2.1
  * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP4_Update_31-debugsource-4-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_133-default-debuginfo-4-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_133-default-4-150400.2.1
  * openSUSE Leap 15.6 (ppc64le s390x x86_64)
    * kernel-livepatch-6_4_0-150600_23_25-default-4-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_25-default-debuginfo-4-150600.2.1
    * kernel-livepatch-SLE15-SP6_Update_5-debugsource-4-150600.2.1
  * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64)
    * kernel-livepatch-6_4_0-150600_23_25-default-4-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_25-default-debuginfo-4-150600.2.1
    * kernel-livepatch-SLE15-SP6_Update_5-debugsource-4-150600.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236783

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250224/ee44ef34/attachment.htm>

From null at suse.de  Mon Feb 24 20:30:16 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Mon, 24 Feb 2025 20:30:16 -0000
Subject: SUSE-SU-2025:0698-1: important: Security update for the Linux Kernel
 (Live Patch 26 for SLE 15 SP4)
Message-ID: <174042901689.17642.11839940028936656585@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP4)

Announcement ID: SUSE-SU-2025:0698-1  
Release Date: 2025-02-24T16:36:00Z  
Rating: important  
References:

  * bsc#1227320
  * bsc#1227371
  * bsc#1228585
  * bsc#1236783

  
Cross-References:

  * CVE-2024-35789
  * CVE-2024-36974
  * CVE-2024-40956
  * CVE-2024-53104

  
CVSS scores:

  * CVE-2024-35789 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-36974 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-40956 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-40956 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise Live Patching 15-SP4
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Real Time 15 SP4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4

  
  
An update that solves four vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 5.14.21-150400_24_119 fixes several issues.

The following security issues were fixed:

  * CVE-2024-35789: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN
    changes (bsc#1227320).
  * CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in
    irq_process_work_list (bsc#1228585).
  * CVE-2024-36974: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP
    (bsc#1227371).
  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-698=1 SUSE-2025-699=1

  * SUSE Linux Enterprise Live Patching 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-698=1 SUSE-SLE-
Module-Live-Patching-15-SP4-2025-699=1

## Package List:

  * openSUSE Leap 15.4 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP4_Update_25-debugsource-13-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_26-debugsource-12-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_119-default-debuginfo-12-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_116-default-13-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_119-default-12-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_116-default-debuginfo-13-150400.2.1
  * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP4_Update_25-debugsource-13-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_26-debugsource-12-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_119-default-debuginfo-12-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_116-default-13-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_119-default-12-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_116-default-debuginfo-13-150400.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-35789.html
  * https://www.suse.com/security/cve/CVE-2024-36974.html
  * https://www.suse.com/security/cve/CVE-2024-40956.html
  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1227320
  * https://bugzilla.suse.com/show_bug.cgi?id=1227371
  * https://bugzilla.suse.com/show_bug.cgi?id=1228585
  * https://bugzilla.suse.com/show_bug.cgi?id=1236783

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250224/e1174aab/attachment.htm>

From null at suse.de  Tue Feb 25 08:30:07 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Tue, 25 Feb 2025 08:30:07 -0000
Subject: SUSE-SU-2025:0707-1: important: Security update for the Linux Kernel
 (Live Patch 48 for SLE 15 SP3)
Message-ID: <174047220784.25351.15338048871163295004@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP3)

Announcement ID: SUSE-SU-2025:0707-1  
Release Date: 2025-02-25T04:03:57Z  
Rating: important  
References:

  * bsc#1236783

  
Cross-References:

  * CVE-2024-53104

  
CVSS scores:

  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.3
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise Live Patching 15-SP3
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for the Linux Kernel 5.3.18-150300_59_174 fixes one issue.

The following security issue was fixed:

  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-707=1

  * SUSE Linux Enterprise Live Patching 15-SP3  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-707=1

## Package List:

  * openSUSE Leap 15.3 (ppc64le s390x x86_64)
    * kernel-livepatch-5_3_18-150300_59_174-default-debuginfo-5-150300.2.1
    * kernel-livepatch-SLE15-SP3_Update_48-debugsource-5-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_174-default-5-150300.2.1
  * openSUSE Leap 15.3 (x86_64)
    * kernel-livepatch-5_3_18-150300_59_174-preempt-5-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_174-preempt-debuginfo-5-150300.2.1
  * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64)
    * kernel-livepatch-5_3_18-150300_59_174-default-5-150300.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236783

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250225/21331863/attachment.htm>

From null at suse.de  Tue Feb 25 08:30:14 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Tue, 25 Feb 2025 08:30:14 -0000
Subject: SUSE-SU-2025:0708-1: important: Security update for the Linux Kernel
 (Live Patch 45 for SLE 15 SP3)
Message-ID: <174047221411.25351.184024183310927254@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 45 for SLE 15 SP3)

Announcement ID: SUSE-SU-2025:0708-1  
Release Date: 2025-02-25T04:33:32Z  
Rating: important  
References:

  * bsc#1227320
  * bsc#1227371
  * bsc#1228585
  * bsc#1236783

  
Cross-References:

  * CVE-2024-35789
  * CVE-2024-36974
  * CVE-2024-40956
  * CVE-2024-53104

  
CVSS scores:

  * CVE-2024-35789 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-36974 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-40956 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-40956 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.3
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise Live Patching 15-SP3
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3

  
  
An update that solves four vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 5.3.18-150300_59_164 fixes several issues.

The following security issues were fixed:

  * CVE-2024-35789: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN
    changes (bsc#1227320).
  * CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in
    irq_process_work_list (bsc#1228585).
  * CVE-2024-36974: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP
    (bsc#1227371).
  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-708=1 SUSE-2025-706=1

  * SUSE Linux Enterprise Live Patching 15-SP3  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-708=1 SUSE-SLE-
Module-Live-Patching-15-SP3-2025-706=1

## Package List:

  * openSUSE Leap 15.3 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP3_Update_44-debugsource-12-150300.2.1
    * kernel-livepatch-SLE15-SP3_Update_45-debugsource-9-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_164-default-9-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_161-default-debuginfo-12-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_164-default-debuginfo-9-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_161-default-12-150300.2.1
  * openSUSE Leap 15.3 (x86_64)
    * kernel-livepatch-5_3_18-150300_59_164-preempt-9-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo-12-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_161-preempt-12-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_164-preempt-debuginfo-9-150300.2.1
  * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64)
    * kernel-livepatch-5_3_18-150300_59_161-default-12-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_164-default-9-150300.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-35789.html
  * https://www.suse.com/security/cve/CVE-2024-36974.html
  * https://www.suse.com/security/cve/CVE-2024-40956.html
  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1227320
  * https://bugzilla.suse.com/show_bug.cgi?id=1227371
  * https://bugzilla.suse.com/show_bug.cgi?id=1228585
  * https://bugzilla.suse.com/show_bug.cgi?id=1236783

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250225/62967a79/attachment.htm>

From null at suse.de  Tue Feb 25 12:30:07 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Tue, 25 Feb 2025 12:30:07 -0000
Subject: SUSE-SU-2025:0709-1: important: Security update for the Linux Kernel
 (Live Patch 23 for SLE 15 SP4)
Message-ID: <174048660774.17651.3127194115931325588@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP4)

Announcement ID: SUSE-SU-2025:0709-1  
Release Date: 2025-02-25T08:03:43Z  
Rating: important  
References:

  * bsc#1227320
  * bsc#1227371
  * bsc#1228585
  * bsc#1236783

  
Cross-References:

  * CVE-2024-35789
  * CVE-2024-36974
  * CVE-2024-40956
  * CVE-2024-53104

  
CVSS scores:

  * CVE-2024-35789 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-36974 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-40956 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-40956 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise Live Patching 15-SP4
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Real Time 15 SP4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4

  
  
An update that solves four vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 5.14.21-150400_24_108 fixes several issues.

The following security issues were fixed:

  * CVE-2024-35789: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN
    changes (bsc#1227320).
  * CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in
    irq_process_work_list (bsc#1228585).
  * CVE-2024-36974: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP
    (bsc#1227371).
  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-709=1

  * SUSE Linux Enterprise Live Patching 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-709=1

## Package List:

  * openSUSE Leap 15.4 (ppc64le s390x x86_64)
    * kernel-livepatch-5_14_21-150400_24_108-default-debuginfo-15-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_108-default-15-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_23-debugsource-15-150400.2.1
  * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
    * kernel-livepatch-5_14_21-150400_24_108-default-debuginfo-15-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_108-default-15-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_23-debugsource-15-150400.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-35789.html
  * https://www.suse.com/security/cve/CVE-2024-36974.html
  * https://www.suse.com/security/cve/CVE-2024-40956.html
  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1227320
  * https://bugzilla.suse.com/show_bug.cgi?id=1227371
  * https://bugzilla.suse.com/show_bug.cgi?id=1228585
  * https://bugzilla.suse.com/show_bug.cgi?id=1236783

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250225/8fdbcc29/attachment.htm>

From null at suse.de  Tue Feb 25 12:30:12 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Tue, 25 Feb 2025 12:30:12 -0000
Subject: SUSE-SU-2025:0712-1: moderate: Security update for pam_pkcs11
Message-ID: <174048661231.17651.6487749077872582041@smelt2.prg2.suse.org>



# Security update for pam_pkcs11

Announcement ID: SUSE-SU-2025:0712-1  
Release Date: 2025-02-25T10:38:13Z  
Rating: moderate  
References:

  * bsc#1237058
  * bsc#1237062

  
Cross-References:

  * CVE-2025-24031
  * CVE-2025-24032

  
CVSS scores:

  * CVE-2025-24031 ( SUSE ):  4.6
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-24031 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
  * CVE-2025-24031 ( NVD ):  5.1
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2025-24032 ( SUSE ):  7.5
    CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-24032 ( SUSE ):  6.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
  * CVE-2025-24032 ( NVD ):  9.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:L/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

  
Affected Products:

  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Micro for Rancher 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for pam_pkcs11 fixes the following issues:

  * CVE-2025-24032: default value for `cert_policy` (`none`) allows for
    authentication bypass (bsc#1237062).
  * CVE-2025-24031: uninitialized pointer dereference caused by user pressing
    ctrl-c/ctrl-d when asked for PIN leads to crash (bsc#1237058).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-712=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-712=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-712=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-712=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-712=1

  * SUSE Linux Enterprise Micro 5.1  
    zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-712=1

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-712=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-712=1

## Package List:

  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * pam_pkcs11-debugsource-0.6.10-150100.3.6.1
    * pam_pkcs11-debuginfo-0.6.10-150100.3.6.1
    * pam_pkcs11-0.6.10-150100.3.6.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * pam_pkcs11-debugsource-0.6.10-150100.3.6.1
    * pam_pkcs11-debuginfo-0.6.10-150100.3.6.1
    * pam_pkcs11-0.6.10-150100.3.6.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * pam_pkcs11-debugsource-0.6.10-150100.3.6.1
    * pam_pkcs11-debuginfo-0.6.10-150100.3.6.1
    * pam_pkcs11-0.6.10-150100.3.6.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * pam_pkcs11-debugsource-0.6.10-150100.3.6.1
    * pam_pkcs11-debuginfo-0.6.10-150100.3.6.1
    * pam_pkcs11-0.6.10-150100.3.6.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * pam_pkcs11-debugsource-0.6.10-150100.3.6.1
    * pam_pkcs11-debuginfo-0.6.10-150100.3.6.1
    * pam_pkcs11-0.6.10-150100.3.6.1
  * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
    * pam_pkcs11-debugsource-0.6.10-150100.3.6.1
    * pam_pkcs11-debuginfo-0.6.10-150100.3.6.1
    * pam_pkcs11-0.6.10-150100.3.6.1
  * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
    * pam_pkcs11-debugsource-0.6.10-150100.3.6.1
    * pam_pkcs11-debuginfo-0.6.10-150100.3.6.1
    * pam_pkcs11-0.6.10-150100.3.6.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
    * pam_pkcs11-debugsource-0.6.10-150100.3.6.1
    * pam_pkcs11-debuginfo-0.6.10-150100.3.6.1
    * pam_pkcs11-0.6.10-150100.3.6.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-24031.html
  * https://www.suse.com/security/cve/CVE-2025-24032.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237058
  * https://bugzilla.suse.com/show_bug.cgi?id=1237062

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250225/4ac46b0d/attachment.htm>

From null at suse.de  Tue Feb 25 20:30:03 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Tue, 25 Feb 2025 20:30:03 -0000
Subject: SUSE-SU-2025:0713-1: important: Security update for the Linux Kernel
 (Live Patch 35 for SLE 15 SP4)
Message-ID: <174051540393.17461.13158670352983187455@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 35 for SLE 15 SP4)

Announcement ID: SUSE-SU-2025:0713-1  
Release Date: 2025-02-25T18:04:29Z  
Rating: important  
References:

  * bsc#1236783

  
Cross-References:

  * CVE-2024-53104

  
CVSS scores:

  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.3
  * openSUSE Leap 15.4
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise Live Patching 15-SP3
  * SUSE Linux Enterprise Live Patching 15-SP4
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Real Time 15 SP4
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for the Linux Kernel 5.14.21-150400_24_147 fixes one issue.

The following security issue was fixed:

  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Live Patching 15-SP3  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-713=1 SUSE-SLE-
Module-Live-Patching-15-SP3-2025-714=1

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-714=1 SUSE-2025-713=1

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-715=1 SUSE-2025-716=1

  * SUSE Linux Enterprise Live Patching 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-715=1 SUSE-SLE-
Module-Live-Patching-15-SP4-2025-716=1

## Package List:

  * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64)
    * kernel-livepatch-5_3_18-150300_59_188-default-2-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_185-default-2-150300.2.1
  * openSUSE Leap 15.3 (ppc64le s390x x86_64)
    * kernel-livepatch-5_3_18-150300_59_185-default-debuginfo-2-150300.2.1
    * kernel-livepatch-SLE15-SP3_Update_52-debugsource-2-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_188-default-2-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_185-default-2-150300.2.1
    * kernel-livepatch-SLE15-SP3_Update_51-debugsource-2-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_188-default-debuginfo-2-150300.2.1
  * openSUSE Leap 15.3 (x86_64)
    * kernel-livepatch-5_3_18-150300_59_188-preempt-2-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_185-preempt-2-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_188-preempt-debuginfo-2-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_185-preempt-debuginfo-2-150300.2.1
  * openSUSE Leap 15.4 (ppc64le s390x x86_64)
    * kernel-livepatch-5_14_21-150400_24_144-default-2-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_35-debugsource-2-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_144-default-debuginfo-2-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_34-debugsource-2-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_147-default-2-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_147-default-debuginfo-2-150400.2.1
  * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
    * kernel-livepatch-5_14_21-150400_24_144-default-2-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_35-debugsource-2-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_144-default-debuginfo-2-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_34-debugsource-2-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_147-default-2-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_147-default-debuginfo-2-150400.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236783

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250225/9953dfc3/attachment.htm>

From null at suse.de  Wed Feb 26 08:30:02 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Wed, 26 Feb 2025 08:30:02 -0000
Subject: SUSE-SU-2025:0719-1: moderate: Recommended update for Maven
Message-ID: <174055860225.17651.3124133418531754111@smelt2.prg2.suse.org>



# Recommended update for Maven

Announcement ID: SUSE-SU-2025:0719-1  
Release Date: 2025-02-26T07:26:09Z  
Rating: moderate  
References:

  
Cross-References:

  * CVE-2020-13936

  
CVSS scores:

  * CVE-2020-13936 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2020-13936 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * Development Tools Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for Maven fixes the following issues:

maven-dependency-analyzer was updated from version 1.13.2 to 1.15.1:

  * Key changes across versions:
  * Bug fixes and improved support of dynamic types
  * Dependency upgrades (ASM, Maven core, and notably the removal of commons-io)
  * Improved error handling by logging instead of failing
  * Improved dependency usage tracking

maven-dependency-plugin was updated from version 3.6.0 to 3.8.1:

  * Key changes across versions:
  * Dependency upgrades on maven-dependency-analyzer and Doxia
  * Deprecated dependency:sources in favor of dependency:resolve-sources
  * Documentation improvements
  * New dependency analysis goal to check for invalid exclusions
  * New JSON output option for dependency:tree
  * Performance improvements
  * Several bug fixes addressing:
    * The handling of silent parameters
    * The display of the optional flag in the tree
    * The clarity of some error messages

maven-doxia-sitetools was updated from version 1.11.1 to 2.0.0:

  * Key changes across versions:
  * New features:
    * Passing the input filename to the parser
    * Adding a timezone field to the site descriptor
    * Configuring parsers per markup
  * Improvements:
    * Clarifying site descriptor properties
    * Requiring a skin if a site descriptor (site.xml) has been provided
    * Optimization of resource handling
    * Overhauled locale support
    * Refinined menu item display
    * Use of Maven Resolver for artifact resolution
    * Enhanced Velocity context population
    * Automating anchor creation
  * Internal changes:
    * Migration from Plexus to Sisu
    * Upgraded to Java 8
    * Removal of deprecated components and features (such as Maven 1.x support, Google-related properties)
    * Simplified the site model
    * Improved the DocumentRenderer interface/DocumentRenderingContext class API
  * Several bug fixes addressing:
    * The Plexus to Sisu migration
    * Decoration model injection
    * Anchor creation
    * XML character escaping
    * Handling of 0-byte site descriptors

maven-doxia was updated from version 1.12.0 to 2.0.0:

  * Key changes across versions:
  * Improved HTML5 Support:
    * Obsolete attributes and elements were removed
    * CSS styles are now used for styling
    * XHTML5 is now the default HTML implementation, and XHTML(4) is deprecated
  * Improved Markdown Support:
    * A new Markdown sink allows converting content to Markdown. 
    * Support for various Markdown features like blockquotes, footnotes, and metadata has been added
  * General Improvements:
    * Dependencies were updated
    * Doxia was upgraded to Java 8
    * Logging and Doxia ID generation were streamlined
    * Migration from Plexus to Sisu
    * Removed deprecated modules and code
  * Several bug fixes addressing:
    * HTML5 incorrect output such as tables, styling and missing or improperly handled attributes
    * Markdown formatting issues
    * Issues with plexus migration
    * Incorrect generation of unique IDs
    * Incorrect anchor generation for document titles
    * Ignored element classes

maven-invoker-plugin was updated from version 3.2.2 to 3.8.1:

  * Key changes across versions:
  * Commons-lang3 was removed
  * Custom Maven executables, external POM files, and more CLI options are now
    supported
  * Deprecated code was cleaned up
  * Doxia was updated, improving HTML generation and adding Markdown support
  * Groovy was updated, adding support for JDK 19
  * Improved Reporting and Time Handling
  * Enhanced syntax support for invoker properties and Maven options
  * Java 8 is now the minimum supported version
  * Maven 3.6.3 is now the minimum supported version
  * Several dependencies were updated or removed
  * Snapshot update behavior can be controlled
  * Several bug fixes addressing issues with:
    * Dependency resolution
    * Environment variables
    * File handling
    * Report generation
    * Threading

maven-invoker was updated from version 3.1.0 to 3.3.0:

  * Key changes across versions:
  * Added several CLI options.
  * Added support to disable snapshot updates.
  * Added test for inherited environment
  * Custom Maven executables
  * Deprecated code was removed
  * External POM files
  * Fixed issues with builder IDs
  * Improved timeout handling
  * Java 8 is now a requirement
  * Tests were migrated to JUnit 5

maven-javadoc-plugin was updated from version 3.6.0 to 3.11.1:

  * Key changes across versions:
  * Addressed test cleanup and inconsistent default value
  * Automatic release detection for older JDKs
  * Clarified documentation
  * Dependency upgrades of org.codehaus.plexus:plexus-java and Doxia
  * Deprecated the "old" parameter
  * Improvements include handling of Java 12+ links, user settings with invoker,
    and default author value.
  * Simplified integration tests.
  * Upgraded maven-plugin parent
  * Various bug fixes related to:
    * Toolchains issues
    * Empty JAR creation
    * JDK 10 compatibility
    * Reactor build failures
    * Unit test issues
    * Null pointer exception
    * Issues with skipped reports
    * Stale file detection 
    * Log4j dependency dowload
    * Test repository creation

maven-parent was updated from version 40 to 43:

  * Key changes across versions:
  * Potentially breaking changes:
    * Removed dependency on `maven-plugin-annotations` to better support Maven 4 plugins
    * Removed `checkstyle.violation.ignore`
  * Improved Java 21 support
  * Empty Surefire and PMD reports are now skipped
  * Disabled annotation processing by compiler
  * Various code cleanup and project restructuring tasks

maven-plugin-tools was updated from version 3.13.0 to 3.15.1:

  * Key changes across versions:
  * Doxia and Velocity Engine upgrades
  * New report-no-fork goal 'report-no-fork' which will not invoke process-
    classes
  * Deprecation of o.a.m.plugins.annotations.Component
  * Improved Maven 3 and Maven 4 support

maven-reporting-api was updated from version 3.1.1 to 4.0.0:

  * Key changes across versions:
  * API: Allow MavenReportRenderer.render() and MavenReport.canGenerateReport()
    to throw exceptions
  * Require locales to be non-null
  * Improve the MavenReport interface and AbstractMavenReport class
  * Removed unused default-report.xml file

maven-reporting-implementation was updated from version 3.2.0 to 4.0.0:

  * Key changes across versions include:
  * Addressed issues with duplicate calls to canGenerateReport()
  * New features such markup output support, flexible section handling and
    verbatim source rendering
  * Numerous improvements to skinning, rendering, parameter handling, timestamp
    population and logging
  * Upgrade to Java 8

maven-surefire was updated from version 3.2.5 to 3.5.2:

  * Key changes across versions include:
  * Addressed issues with JUnit5 test reporting, serialization, classpath
    handling and compatibility with newer JDKs.
  * Refined handling of system properties, commons-io usage, parallel test
    execution and report generation.
  * Updated Doxia and commons-compress dependencies
  * Improved documentation, including FAQ fixes

plexus-velocity was updated to version 2.1.0:

  * Upgraded Velocity Engine to 2.3
  * Moved to JUnit5

velocity-engine:

  * New package velocity-engine-core implemented at version 2.4

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-719=1

  * Development Tools Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-719=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-719=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-719=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-719=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-719=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-719=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-719=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-719=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-719=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-719=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-719=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-719=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-719=1

## Package List:

  * openSUSE Leap 15.6 (noarch)
    * maven-doxia-module-apt-2.0.0-150200.4.18.11
    * maven-invoker-plugin-3.8.1-150200.3.6.2
    * maven-plugin-tools-ant-3.15.1-150200.3.15.12
    * maven-surefire-javadoc-3.5.2-150200.3.9.20.12
    * maven-plugin-annotations-3.15.1-150200.3.15.12
    * plexus-velocity-2.1.0-150200.3.10.3
    * maven-surefire-provider-junit5-3.5.2-150200.3.9.20.2
    * maven-parent-43-150200.3.8.2
    * maven-reporting-impl-4.0.0-150200.4.9.12
    * maven-failsafe-plugin-bootstrap-3.5.2-150200.3.9.20.12
    * maven-plugin-tools-generators-3.15.1-150200.3.15.12
    * maven-surefire-report-parser-3.5.2-150200.3.9.20.12
    * maven-plugin-tools-beanshell-3.15.1-150200.3.15.12
    * velocity-engine-core-javadoc-2.4-150200.5.3.3
    * maven-plugin-tools-model-3.15.1-150200.3.15.12
    * maven-invoker-plugin-javadoc-3.8.1-150200.3.6.2
    * maven-reporting-impl-javadoc-4.0.0-150200.4.9.12
    * velocity-engine-core-2.4-150200.5.3.3
    * maven-plugin-tools-annotations-3.15.1-150200.3.15.12
    * maven-surefire-provider-junit-3.5.2-150200.3.9.20.12
    * maven-javadoc-plugin-3.11.1-150200.4.21.2
    * maven-dependency-analyzer-javadoc-1.15.1-150200.3.10.3
    * maven-doxia-module-xdoc-2.0.0-150200.4.18.11
    * maven-plugin-plugin-bootstrap-3.15.1-150200.3.15.2
    * maven-doxia-javadoc-2.0.0-150200.4.18.11
    * maven-reporting-api-4.0.0-150200.3.10.12
    * plexus-velocity-javadoc-2.1.0-150200.3.10.3
    * maven-surefire-report-plugin-bootstrap-3.5.2-150200.3.9.20.12
    * maven-plugin-plugin-3.15.1-150200.3.15.2
    * maven-doxia-sitetools-2.0.0-150200.3.18.3
    * maven-doxia-core-2.0.0-150200.4.18.11
    * maven-doxia-test-docs-2.0.0-150200.4.18.11
    * maven-script-beanshell-3.15.1-150200.3.15.12
    * maven-surefire-plugin-bootstrap-3.5.2-150200.3.9.20.12
    * maven-surefire-provider-junit5-javadoc-3.5.2-150200.3.9.20.2
    * maven-dependency-plugin-3.8.1-150200.3.10.2
    * maven-surefire-3.5.2-150200.3.9.20.12
    * maven-invoker-javadoc-3.3.0-150200.3.7.5
    * maven-doxia-sink-api-2.0.0-150200.4.18.11
    * maven-doxia-module-fml-2.0.0-150200.4.18.11
    * maven-plugin-tools-java-3.15.1-150200.3.15.12
    * maven-dependency-analyzer-1.15.1-150200.3.10.3
    * maven-plugin-tools-api-3.15.1-150200.3.15.12
    * maven-plugin-plugin-javadoc-3.15.1-150200.3.15.2
    * maven-surefire-report-plugin-3.5.2-150200.3.9.20.2
    * maven-dependency-plugin-javadoc-3.8.1-150200.3.10.2
    * maven-javadoc-plugin-bootstrap-3.11.1-150200.4.21.2
    * maven-surefire-plugins-javadoc-3.5.2-150200.3.9.20.2
    * maven-doxia-sitetools-javadoc-2.0.0-150200.3.18.3
    * maven-plugin-tools-javadoc-3.15.1-150200.3.15.12
    * maven-failsafe-plugin-3.5.2-150200.3.9.20.2
    * maven-reporting-api-javadoc-4.0.0-150200.3.10.12
    * maven-script-ant-3.15.1-150200.3.15.12
    * maven-surefire-provider-testng-3.5.2-150200.3.9.20.12
    * maven-javadoc-plugin-javadoc-3.11.1-150200.4.21.2
    * maven-doxia-module-xhtml5-2.0.0-150200.4.18.11
    * maven-invoker-3.3.0-150200.3.7.5
    * maven-surefire-plugin-3.5.2-150200.3.9.20.2
  * Development Tools Module 15-SP6 (noarch)
    * maven-surefire-plugin-3.5.2-150200.3.9.20.2
    * maven-surefire-3.5.2-150200.3.9.20.12
    * maven-invoker-3.3.0-150200.3.7.5
    * maven-plugin-annotations-3.15.1-150200.3.15.12
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * maven-doxia-module-apt-2.0.0-150200.4.18.11
    * maven-surefire-provider-junit-3.5.2-150200.3.9.20.12
    * maven-javadoc-plugin-3.11.1-150200.4.21.2
    * maven-plugin-annotations-3.15.1-150200.3.15.12
    * plexus-velocity-2.1.0-150200.3.10.3
    * maven-doxia-module-xdoc-2.0.0-150200.4.18.11
    * maven-surefire-3.5.2-150200.3.9.20.12
    * maven-surefire-plugin-3.5.2-150200.3.9.20.2
    * maven-invoker-3.3.0-150200.3.7.5
    * maven-reporting-api-4.0.0-150200.3.10.12
    * maven-surefire-provider-testng-3.5.2-150200.3.9.20.12
    * velocity-engine-core-2.4-150200.5.3.3
    * maven-doxia-sitetools-2.0.0-150200.3.18.3
    * maven-doxia-module-xhtml5-2.0.0-150200.4.18.11
    * maven-doxia-sink-api-2.0.0-150200.4.18.11
    * maven-doxia-core-2.0.0-150200.4.18.11
    * maven-doxia-module-fml-2.0.0-150200.4.18.11
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * maven-doxia-module-apt-2.0.0-150200.4.18.11
    * maven-surefire-provider-junit-3.5.2-150200.3.9.20.12
    * maven-javadoc-plugin-3.11.1-150200.4.21.2
    * maven-plugin-annotations-3.15.1-150200.3.15.12
    * plexus-velocity-2.1.0-150200.3.10.3
    * maven-doxia-module-xdoc-2.0.0-150200.4.18.11
    * maven-surefire-3.5.2-150200.3.9.20.12
    * maven-surefire-plugin-3.5.2-150200.3.9.20.2
    * maven-invoker-3.3.0-150200.3.7.5
    * maven-reporting-api-4.0.0-150200.3.10.12
    * maven-surefire-provider-testng-3.5.2-150200.3.9.20.12
    * velocity-engine-core-2.4-150200.5.3.3
    * maven-doxia-sitetools-2.0.0-150200.3.18.3
    * maven-doxia-module-xhtml5-2.0.0-150200.4.18.11
    * maven-doxia-sink-api-2.0.0-150200.4.18.11
    * maven-doxia-core-2.0.0-150200.4.18.11
    * maven-doxia-module-fml-2.0.0-150200.4.18.11
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * maven-doxia-module-apt-2.0.0-150200.4.18.11
    * maven-surefire-provider-junit-3.5.2-150200.3.9.20.12
    * maven-javadoc-plugin-3.11.1-150200.4.21.2
    * maven-plugin-annotations-3.15.1-150200.3.15.12
    * plexus-velocity-2.1.0-150200.3.10.3
    * maven-doxia-module-xdoc-2.0.0-150200.4.18.11
    * maven-surefire-3.5.2-150200.3.9.20.12
    * maven-surefire-plugin-3.5.2-150200.3.9.20.2
    * maven-invoker-3.3.0-150200.3.7.5
    * maven-reporting-api-4.0.0-150200.3.10.12
    * maven-surefire-provider-testng-3.5.2-150200.3.9.20.12
    * velocity-engine-core-2.4-150200.5.3.3
    * maven-doxia-sitetools-2.0.0-150200.3.18.3
    * maven-doxia-module-xhtml5-2.0.0-150200.4.18.11
    * maven-doxia-sink-api-2.0.0-150200.4.18.11
    * maven-doxia-core-2.0.0-150200.4.18.11
    * maven-doxia-module-fml-2.0.0-150200.4.18.11
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * maven-doxia-module-apt-2.0.0-150200.4.18.11
    * maven-surefire-provider-junit-3.5.2-150200.3.9.20.12
    * maven-javadoc-plugin-3.11.1-150200.4.21.2
    * maven-plugin-annotations-3.15.1-150200.3.15.12
    * plexus-velocity-2.1.0-150200.3.10.3
    * maven-doxia-module-xdoc-2.0.0-150200.4.18.11
    * maven-surefire-3.5.2-150200.3.9.20.12
    * maven-surefire-plugin-3.5.2-150200.3.9.20.2
    * maven-invoker-3.3.0-150200.3.7.5
    * maven-reporting-api-4.0.0-150200.3.10.12
    * maven-surefire-provider-testng-3.5.2-150200.3.9.20.12
    * velocity-engine-core-2.4-150200.5.3.3
    * maven-doxia-sitetools-2.0.0-150200.3.18.3
    * maven-doxia-module-xhtml5-2.0.0-150200.4.18.11
    * maven-doxia-sink-api-2.0.0-150200.4.18.11
    * maven-doxia-core-2.0.0-150200.4.18.11
    * maven-doxia-module-fml-2.0.0-150200.4.18.11
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * maven-doxia-module-apt-2.0.0-150200.4.18.11
    * maven-surefire-provider-junit-3.5.2-150200.3.9.20.12
    * maven-javadoc-plugin-3.11.1-150200.4.21.2
    * maven-plugin-annotations-3.15.1-150200.3.15.12
    * plexus-velocity-2.1.0-150200.3.10.3
    * maven-doxia-module-xdoc-2.0.0-150200.4.18.11
    * maven-surefire-3.5.2-150200.3.9.20.12
    * maven-surefire-plugin-3.5.2-150200.3.9.20.2
    * maven-invoker-3.3.0-150200.3.7.5
    * maven-reporting-api-4.0.0-150200.3.10.12
    * maven-surefire-provider-testng-3.5.2-150200.3.9.20.12
    * velocity-engine-core-2.4-150200.5.3.3
    * maven-doxia-sitetools-2.0.0-150200.3.18.3
    * maven-doxia-module-xhtml5-2.0.0-150200.4.18.11
    * maven-doxia-sink-api-2.0.0-150200.4.18.11
    * maven-doxia-core-2.0.0-150200.4.18.11
    * maven-doxia-module-fml-2.0.0-150200.4.18.11
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * maven-doxia-module-apt-2.0.0-150200.4.18.11
    * maven-surefire-provider-junit-3.5.2-150200.3.9.20.12
    * maven-javadoc-plugin-3.11.1-150200.4.21.2
    * maven-plugin-annotations-3.15.1-150200.3.15.12
    * plexus-velocity-2.1.0-150200.3.10.3
    * maven-doxia-module-xdoc-2.0.0-150200.4.18.11
    * maven-surefire-3.5.2-150200.3.9.20.12
    * maven-surefire-plugin-3.5.2-150200.3.9.20.2
    * maven-invoker-3.3.0-150200.3.7.5
    * maven-reporting-api-4.0.0-150200.3.10.12
    * maven-surefire-provider-testng-3.5.2-150200.3.9.20.12
    * velocity-engine-core-2.4-150200.5.3.3
    * maven-doxia-sitetools-2.0.0-150200.3.18.3
    * maven-doxia-module-xhtml5-2.0.0-150200.4.18.11
    * maven-doxia-sink-api-2.0.0-150200.4.18.11
    * maven-doxia-core-2.0.0-150200.4.18.11
    * maven-doxia-module-fml-2.0.0-150200.4.18.11
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * maven-doxia-module-apt-2.0.0-150200.4.18.11
    * maven-surefire-provider-junit-3.5.2-150200.3.9.20.12
    * maven-javadoc-plugin-3.11.1-150200.4.21.2
    * maven-plugin-annotations-3.15.1-150200.3.15.12
    * plexus-velocity-2.1.0-150200.3.10.3
    * maven-doxia-module-xdoc-2.0.0-150200.4.18.11
    * maven-surefire-3.5.2-150200.3.9.20.12
    * maven-surefire-plugin-3.5.2-150200.3.9.20.2
    * maven-invoker-3.3.0-150200.3.7.5
    * maven-reporting-api-4.0.0-150200.3.10.12
    * maven-surefire-provider-testng-3.5.2-150200.3.9.20.12
    * velocity-engine-core-2.4-150200.5.3.3
    * maven-doxia-sitetools-2.0.0-150200.3.18.3
    * maven-doxia-module-xhtml5-2.0.0-150200.4.18.11
    * maven-doxia-sink-api-2.0.0-150200.4.18.11
    * maven-doxia-core-2.0.0-150200.4.18.11
    * maven-doxia-module-fml-2.0.0-150200.4.18.11
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * maven-doxia-module-apt-2.0.0-150200.4.18.11
    * maven-surefire-provider-junit-3.5.2-150200.3.9.20.12
    * maven-javadoc-plugin-3.11.1-150200.4.21.2
    * maven-plugin-annotations-3.15.1-150200.3.15.12
    * plexus-velocity-2.1.0-150200.3.10.3
    * maven-doxia-module-xdoc-2.0.0-150200.4.18.11
    * maven-surefire-3.5.2-150200.3.9.20.12
    * maven-surefire-plugin-3.5.2-150200.3.9.20.2
    * maven-invoker-3.3.0-150200.3.7.5
    * maven-reporting-api-4.0.0-150200.3.10.12
    * maven-surefire-provider-testng-3.5.2-150200.3.9.20.12
    * velocity-engine-core-2.4-150200.5.3.3
    * maven-doxia-sitetools-2.0.0-150200.3.18.3
    * maven-doxia-module-xhtml5-2.0.0-150200.4.18.11
    * maven-doxia-sink-api-2.0.0-150200.4.18.11
    * maven-doxia-core-2.0.0-150200.4.18.11
    * maven-doxia-module-fml-2.0.0-150200.4.18.11
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * maven-doxia-module-apt-2.0.0-150200.4.18.11
    * maven-surefire-provider-junit-3.5.2-150200.3.9.20.12
    * maven-javadoc-plugin-3.11.1-150200.4.21.2
    * maven-plugin-annotations-3.15.1-150200.3.15.12
    * plexus-velocity-2.1.0-150200.3.10.3
    * maven-doxia-module-xdoc-2.0.0-150200.4.18.11
    * maven-surefire-3.5.2-150200.3.9.20.12
    * maven-surefire-plugin-3.5.2-150200.3.9.20.2
    * maven-invoker-3.3.0-150200.3.7.5
    * maven-reporting-api-4.0.0-150200.3.10.12
    * maven-surefire-provider-testng-3.5.2-150200.3.9.20.12
    * velocity-engine-core-2.4-150200.5.3.3
    * maven-doxia-sitetools-2.0.0-150200.3.18.3
    * maven-doxia-module-xhtml5-2.0.0-150200.4.18.11
    * maven-doxia-sink-api-2.0.0-150200.4.18.11
    * maven-doxia-core-2.0.0-150200.4.18.11
    * maven-doxia-module-fml-2.0.0-150200.4.18.11
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * maven-doxia-module-apt-2.0.0-150200.4.18.11
    * maven-surefire-provider-junit-3.5.2-150200.3.9.20.12
    * maven-javadoc-plugin-3.11.1-150200.4.21.2
    * maven-plugin-annotations-3.15.1-150200.3.15.12
    * plexus-velocity-2.1.0-150200.3.10.3
    * maven-doxia-module-xdoc-2.0.0-150200.4.18.11
    * maven-surefire-3.5.2-150200.3.9.20.12
    * maven-surefire-plugin-3.5.2-150200.3.9.20.2
    * maven-invoker-3.3.0-150200.3.7.5
    * maven-reporting-api-4.0.0-150200.3.10.12
    * maven-surefire-provider-testng-3.5.2-150200.3.9.20.12
    * velocity-engine-core-2.4-150200.5.3.3
    * maven-doxia-sitetools-2.0.0-150200.3.18.3
    * maven-doxia-module-xhtml5-2.0.0-150200.4.18.11
    * maven-doxia-sink-api-2.0.0-150200.4.18.11
    * maven-doxia-core-2.0.0-150200.4.18.11
    * maven-doxia-module-fml-2.0.0-150200.4.18.11
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * maven-doxia-module-apt-2.0.0-150200.4.18.11
    * maven-surefire-provider-junit-3.5.2-150200.3.9.20.12
    * maven-javadoc-plugin-3.11.1-150200.4.21.2
    * maven-plugin-annotations-3.15.1-150200.3.15.12
    * plexus-velocity-2.1.0-150200.3.10.3
    * maven-doxia-module-xdoc-2.0.0-150200.4.18.11
    * maven-surefire-3.5.2-150200.3.9.20.12
    * maven-surefire-plugin-3.5.2-150200.3.9.20.2
    * maven-invoker-3.3.0-150200.3.7.5
    * maven-reporting-api-4.0.0-150200.3.10.12
    * maven-surefire-provider-testng-3.5.2-150200.3.9.20.12
    * velocity-engine-core-2.4-150200.5.3.3
    * maven-doxia-sitetools-2.0.0-150200.3.18.3
    * maven-doxia-module-xhtml5-2.0.0-150200.4.18.11
    * maven-doxia-sink-api-2.0.0-150200.4.18.11
    * maven-doxia-core-2.0.0-150200.4.18.11
    * maven-doxia-module-fml-2.0.0-150200.4.18.11
  * SUSE Enterprise Storage 7.1 (noarch)
    * maven-doxia-module-apt-2.0.0-150200.4.18.11
    * maven-surefire-provider-junit-3.5.2-150200.3.9.20.12
    * maven-javadoc-plugin-3.11.1-150200.4.21.2
    * maven-plugin-annotations-3.15.1-150200.3.15.12
    * plexus-velocity-2.1.0-150200.3.10.3
    * maven-doxia-module-xdoc-2.0.0-150200.4.18.11
    * maven-surefire-3.5.2-150200.3.9.20.12
    * maven-surefire-plugin-3.5.2-150200.3.9.20.2
    * maven-invoker-3.3.0-150200.3.7.5
    * maven-reporting-api-4.0.0-150200.3.10.12
    * maven-surefire-provider-testng-3.5.2-150200.3.9.20.12
    * velocity-engine-core-2.4-150200.5.3.3
    * maven-doxia-sitetools-2.0.0-150200.3.18.3
    * maven-doxia-module-xhtml5-2.0.0-150200.4.18.11
    * maven-doxia-sink-api-2.0.0-150200.4.18.11
    * maven-doxia-core-2.0.0-150200.4.18.11
    * maven-doxia-module-fml-2.0.0-150200.4.18.11

## References:

  * https://www.suse.com/security/cve/CVE-2020-13936.html

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250226/0658eb65/attachment.htm>

From null at suse.de  Wed Feb 26 16:30:14 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Wed, 26 Feb 2025 16:30:14 -0000
Subject: SUSE-SU-2025:0734-1: important: Security update for xorg-x11-server
Message-ID: <174058741403.17461.6611205647648543104@smelt2.prg2.suse.org>



# Security update for xorg-x11-server

Announcement ID: SUSE-SU-2025:0734-1  
Release Date: 2025-02-26T14:32:45Z  
Rating: important  
References:

  * bsc#1237427
  * bsc#1237429
  * bsc#1237430
  * bsc#1237431
  * bsc#1237432
  * bsc#1237433
  * bsc#1237434
  * bsc#1237435

  
Cross-References:

  * CVE-2025-26594
  * CVE-2025-26595
  * CVE-2025-26596
  * CVE-2025-26597
  * CVE-2025-26598
  * CVE-2025-26599
  * CVE-2025-26600
  * CVE-2025-26601

  
CVSS scores:

  * CVE-2025-26594 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L
  * CVE-2025-26594 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
  * CVE-2025-26594 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26595 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26595 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2025-26595 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26596 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26596 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2025-26596 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26597 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26597 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2025-26597 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26598 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-26598 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L
  * CVE-2025-26598 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26599 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-26599 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L
  * CVE-2025-26599 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26600 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-26600 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26601 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-26601 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves eight vulnerabilities can now be installed.

## Description:

This update for xorg-x11-server fixes the following issues:

  * CVE-2025-26594: Use-after-free of the root cursor (bsc#1237427).
  * CVE-2025-26595: Buffer overflow in XkbVModMaskText() (bsc#1237429).
  * CVE-2025-26596: Heap overflow in XkbWriteKeySyms() (bsc#1237430).
  * CVE-2025-26597: Buffer overflow in XkbChangeTypesOfKey() (bsc#1237431).
  * CVE-2025-26598: Out-of-bounds write in CreatePointerBarrierClient()
    (bsc#1237432).
  * CVE-2025-26599: Use of uninitialized pointer in compRedirectWindow()
    (bsc#1237433).
  * CVE-2025-26600: Use-after-free in PlayReleasedEvents() (bsc#1237434).
  * CVE-2025-26601: Use-after-free in SyncInitTrigger() (bsc#1237435).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-734=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-734=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * xorg-x11-server-debugsource-1.19.6-10.80.1
    * xorg-x11-server-extra-debuginfo-1.19.6-10.80.1
    * xorg-x11-server-1.19.6-10.80.1
    * xorg-x11-server-debuginfo-1.19.6-10.80.1
    * xorg-x11-server-extra-1.19.6-10.80.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * xorg-x11-server-debugsource-1.19.6-10.80.1
    * xorg-x11-server-extra-debuginfo-1.19.6-10.80.1
    * xorg-x11-server-1.19.6-10.80.1
    * xorg-x11-server-debuginfo-1.19.6-10.80.1
    * xorg-x11-server-extra-1.19.6-10.80.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-26594.html
  * https://www.suse.com/security/cve/CVE-2025-26595.html
  * https://www.suse.com/security/cve/CVE-2025-26596.html
  * https://www.suse.com/security/cve/CVE-2025-26597.html
  * https://www.suse.com/security/cve/CVE-2025-26598.html
  * https://www.suse.com/security/cve/CVE-2025-26599.html
  * https://www.suse.com/security/cve/CVE-2025-26600.html
  * https://www.suse.com/security/cve/CVE-2025-26601.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237427
  * https://bugzilla.suse.com/show_bug.cgi?id=1237429
  * https://bugzilla.suse.com/show_bug.cgi?id=1237430
  * https://bugzilla.suse.com/show_bug.cgi?id=1237431
  * https://bugzilla.suse.com/show_bug.cgi?id=1237432
  * https://bugzilla.suse.com/show_bug.cgi?id=1237433
  * https://bugzilla.suse.com/show_bug.cgi?id=1237434
  * https://bugzilla.suse.com/show_bug.cgi?id=1237435

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250226/3b92af14/attachment.htm>

From null at suse.de  Wed Feb 26 16:30:20 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Wed, 26 Feb 2025 16:30:20 -0000
Subject: SUSE-SU-2025:0733-1: important: Security update for xorg-x11-server
Message-ID: <174058742064.17461.17603723409218782920@smelt2.prg2.suse.org>



# Security update for xorg-x11-server

Announcement ID: SUSE-SU-2025:0733-1  
Release Date: 2025-02-26T14:32:07Z  
Rating: important  
References:

  * bsc#1237427
  * bsc#1237429
  * bsc#1237430
  * bsc#1237431
  * bsc#1237432
  * bsc#1237433
  * bsc#1237434
  * bsc#1237435

  
Cross-References:

  * CVE-2025-26594
  * CVE-2025-26595
  * CVE-2025-26596
  * CVE-2025-26597
  * CVE-2025-26598
  * CVE-2025-26599
  * CVE-2025-26600
  * CVE-2025-26601

  
CVSS scores:

  * CVE-2025-26594 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L
  * CVE-2025-26594 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
  * CVE-2025-26594 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26595 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26595 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2025-26595 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26596 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26596 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2025-26596 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26597 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26597 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2025-26597 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26598 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-26598 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L
  * CVE-2025-26598 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26599 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-26599 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L
  * CVE-2025-26599 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26600 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-26600 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26601 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-26601 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Linux Enterprise Workstation Extension 15 SP6

  
  
An update that solves eight vulnerabilities can now be installed.

## Description:

This update for xorg-x11-server fixes the following issues:

  * CVE-2025-26594: Use-after-free of the root cursor (bsc#1237427).
  * CVE-2025-26595: Buffer overflow in XkbVModMaskText() (bsc#1237429).
  * CVE-2025-26596: Heap overflow in XkbWriteKeySyms() (bsc#1237430).
  * CVE-2025-26597: Buffer overflow in XkbChangeTypesOfKey() (bsc#1237431).
  * CVE-2025-26598: Out-of-bounds write in CreatePointerBarrierClient()
    (bsc#1237432).
  * CVE-2025-26599: Use of uninitialized pointer in compRedirectWindow()
    (bsc#1237433).
  * CVE-2025-26600: Use-after-free in PlayReleasedEvents() (bsc#1237434).
  * CVE-2025-26601: Use-after-free in SyncInitTrigger() (bsc#1237435).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-733=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-733=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-733=1

  * SUSE Linux Enterprise Workstation Extension 15 SP6  
    zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2025-733=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-733=1

## Package List:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * xorg-x11-server-extra-1.20.3-150200.22.5.102.1
    * xorg-x11-server-debugsource-1.20.3-150200.22.5.102.1
    * xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.102.1
    * xorg-x11-server-debuginfo-1.20.3-150200.22.5.102.1
    * xorg-x11-server-sdk-1.20.3-150200.22.5.102.1
    * xorg-x11-server-1.20.3-150200.22.5.102.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * xorg-x11-server-extra-1.20.3-150200.22.5.102.1
    * xorg-x11-server-debugsource-1.20.3-150200.22.5.102.1
    * xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.102.1
    * xorg-x11-server-debuginfo-1.20.3-150200.22.5.102.1
    * xorg-x11-server-sdk-1.20.3-150200.22.5.102.1
    * xorg-x11-server-1.20.3-150200.22.5.102.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * xorg-x11-server-extra-1.20.3-150200.22.5.102.1
    * xorg-x11-server-debugsource-1.20.3-150200.22.5.102.1
    * xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.102.1
    * xorg-x11-server-debuginfo-1.20.3-150200.22.5.102.1
    * xorg-x11-server-sdk-1.20.3-150200.22.5.102.1
    * xorg-x11-server-1.20.3-150200.22.5.102.1
  * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64)
    * xorg-x11-server-wayland-debuginfo-1.20.3-150200.22.5.102.1
    * xorg-x11-server-debuginfo-1.20.3-150200.22.5.102.1
    * xorg-x11-server-wayland-1.20.3-150200.22.5.102.1
    * xorg-x11-server-debugsource-1.20.3-150200.22.5.102.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * xorg-x11-server-extra-1.20.3-150200.22.5.102.1
    * xorg-x11-server-debugsource-1.20.3-150200.22.5.102.1
    * xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.102.1
    * xorg-x11-server-debuginfo-1.20.3-150200.22.5.102.1
    * xorg-x11-server-sdk-1.20.3-150200.22.5.102.1
    * xorg-x11-server-1.20.3-150200.22.5.102.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-26594.html
  * https://www.suse.com/security/cve/CVE-2025-26595.html
  * https://www.suse.com/security/cve/CVE-2025-26596.html
  * https://www.suse.com/security/cve/CVE-2025-26597.html
  * https://www.suse.com/security/cve/CVE-2025-26598.html
  * https://www.suse.com/security/cve/CVE-2025-26599.html
  * https://www.suse.com/security/cve/CVE-2025-26600.html
  * https://www.suse.com/security/cve/CVE-2025-26601.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237427
  * https://bugzilla.suse.com/show_bug.cgi?id=1237429
  * https://bugzilla.suse.com/show_bug.cgi?id=1237430
  * https://bugzilla.suse.com/show_bug.cgi?id=1237431
  * https://bugzilla.suse.com/show_bug.cgi?id=1237432
  * https://bugzilla.suse.com/show_bug.cgi?id=1237433
  * https://bugzilla.suse.com/show_bug.cgi?id=1237434
  * https://bugzilla.suse.com/show_bug.cgi?id=1237435

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250226/3fe27bf4/attachment.htm>

From null at suse.de  Wed Feb 26 16:30:27 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Wed, 26 Feb 2025 16:30:27 -0000
Subject: SUSE-SU-2025:0732-1: important: Security update for xorg-x11-server
Message-ID: <174058742728.17461.16300810587577207396@smelt2.prg2.suse.org>



# Security update for xorg-x11-server

Announcement ID: SUSE-SU-2025:0732-1  
Release Date: 2025-02-26T14:31:33Z  
Rating: important  
References:

  * bsc#1237427
  * bsc#1237429
  * bsc#1237430
  * bsc#1237431
  * bsc#1237432
  * bsc#1237433
  * bsc#1237434
  * bsc#1237435

  
Cross-References:

  * CVE-2025-26594
  * CVE-2025-26595
  * CVE-2025-26596
  * CVE-2025-26597
  * CVE-2025-26598
  * CVE-2025-26599
  * CVE-2025-26600
  * CVE-2025-26601

  
CVSS scores:

  * CVE-2025-26594 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L
  * CVE-2025-26594 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
  * CVE-2025-26594 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26595 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26595 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2025-26595 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26596 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26596 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2025-26596 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26597 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26597 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2025-26597 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26598 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-26598 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L
  * CVE-2025-26598 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26599 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-26599 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L
  * CVE-2025-26599 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26600 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-26600 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26601 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-26601 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves eight vulnerabilities can now be installed.

## Description:

This update for xorg-x11-server fixes the following issues:

  * CVE-2025-26594: Use-after-free of the root cursor (bsc#1237427).
  * CVE-2025-26595: Buffer overflow in XkbVModMaskText() (bsc#1237429).
  * CVE-2025-26596: Heap overflow in XkbWriteKeySyms() (bsc#1237430).
  * CVE-2025-26597: Buffer overflow in XkbChangeTypesOfKey() (bsc#1237431).
  * CVE-2025-26598: Out-of-bounds write in CreatePointerBarrierClient()
    (bsc#1237432).
  * CVE-2025-26599: Use of uninitialized pointer in compRedirectWindow()
    (bsc#1237433).
  * CVE-2025-26600: Use-after-free in PlayReleasedEvents() (bsc#1237434).
  * CVE-2025-26601: Use-after-free in SyncInitTrigger() (bsc#1237435).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-732=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-732=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-732=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-732=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-732=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-732=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-732=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-732=1

## Package List:

  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * xorg-x11-server-extra-1.20.3-150400.38.54.1
    * xorg-x11-server-1.20.3-150400.38.54.1
    * xorg-x11-server-debuginfo-1.20.3-150400.38.54.1
    * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.54.1
    * xorg-x11-server-sdk-1.20.3-150400.38.54.1
    * xorg-x11-server-debugsource-1.20.3-150400.38.54.1
    * xorg-x11-server-source-1.20.3-150400.38.54.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * xorg-x11-server-extra-1.20.3-150400.38.54.1
    * xorg-x11-server-1.20.3-150400.38.54.1
    * xorg-x11-server-debuginfo-1.20.3-150400.38.54.1
    * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.54.1
    * xorg-x11-server-sdk-1.20.3-150400.38.54.1
    * xorg-x11-server-debugsource-1.20.3-150400.38.54.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * xorg-x11-server-extra-1.20.3-150400.38.54.1
    * xorg-x11-server-1.20.3-150400.38.54.1
    * xorg-x11-server-debuginfo-1.20.3-150400.38.54.1
    * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.54.1
    * xorg-x11-server-sdk-1.20.3-150400.38.54.1
    * xorg-x11-server-debugsource-1.20.3-150400.38.54.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * xorg-x11-server-extra-1.20.3-150400.38.54.1
    * xorg-x11-server-1.20.3-150400.38.54.1
    * xorg-x11-server-debuginfo-1.20.3-150400.38.54.1
    * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.54.1
    * xorg-x11-server-sdk-1.20.3-150400.38.54.1
    * xorg-x11-server-debugsource-1.20.3-150400.38.54.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * xorg-x11-server-extra-1.20.3-150400.38.54.1
    * xorg-x11-server-1.20.3-150400.38.54.1
    * xorg-x11-server-debuginfo-1.20.3-150400.38.54.1
    * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.54.1
    * xorg-x11-server-sdk-1.20.3-150400.38.54.1
    * xorg-x11-server-debugsource-1.20.3-150400.38.54.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * xorg-x11-server-extra-1.20.3-150400.38.54.1
    * xorg-x11-server-1.20.3-150400.38.54.1
    * xorg-x11-server-debuginfo-1.20.3-150400.38.54.1
    * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.54.1
    * xorg-x11-server-debugsource-1.20.3-150400.38.54.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * xorg-x11-server-extra-1.20.3-150400.38.54.1
    * xorg-x11-server-1.20.3-150400.38.54.1
    * xorg-x11-server-debuginfo-1.20.3-150400.38.54.1
    * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.54.1
    * xorg-x11-server-debugsource-1.20.3-150400.38.54.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * xorg-x11-server-extra-1.20.3-150400.38.54.1
    * xorg-x11-server-1.20.3-150400.38.54.1
    * xorg-x11-server-debuginfo-1.20.3-150400.38.54.1
    * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.54.1
    * xorg-x11-server-debugsource-1.20.3-150400.38.54.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-26594.html
  * https://www.suse.com/security/cve/CVE-2025-26595.html
  * https://www.suse.com/security/cve/CVE-2025-26596.html
  * https://www.suse.com/security/cve/CVE-2025-26597.html
  * https://www.suse.com/security/cve/CVE-2025-26598.html
  * https://www.suse.com/security/cve/CVE-2025-26599.html
  * https://www.suse.com/security/cve/CVE-2025-26600.html
  * https://www.suse.com/security/cve/CVE-2025-26601.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237427
  * https://bugzilla.suse.com/show_bug.cgi?id=1237429
  * https://bugzilla.suse.com/show_bug.cgi?id=1237430
  * https://bugzilla.suse.com/show_bug.cgi?id=1237431
  * https://bugzilla.suse.com/show_bug.cgi?id=1237432
  * https://bugzilla.suse.com/show_bug.cgi?id=1237433
  * https://bugzilla.suse.com/show_bug.cgi?id=1237434
  * https://bugzilla.suse.com/show_bug.cgi?id=1237435

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250226/443c9112/attachment.htm>

From null at suse.de  Wed Feb 26 16:30:34 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Wed, 26 Feb 2025 16:30:34 -0000
Subject: SUSE-SU-2025:0731-1: important: Security update for xorg-x11-server
Message-ID: <174058743460.17461.9965758859417987694@smelt2.prg2.suse.org>



# Security update for xorg-x11-server

Announcement ID: SUSE-SU-2025:0731-1  
Release Date: 2025-02-26T14:30:17Z  
Rating: important  
References:

  * bsc#1237427
  * bsc#1237429
  * bsc#1237430
  * bsc#1237431
  * bsc#1237432
  * bsc#1237433
  * bsc#1237434
  * bsc#1237435

  
Cross-References:

  * CVE-2025-26594
  * CVE-2025-26595
  * CVE-2025-26596
  * CVE-2025-26597
  * CVE-2025-26598
  * CVE-2025-26599
  * CVE-2025-26600
  * CVE-2025-26601

  
CVSS scores:

  * CVE-2025-26594 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L
  * CVE-2025-26594 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
  * CVE-2025-26594 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26595 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26595 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2025-26595 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26596 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26596 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2025-26596 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26597 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26597 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2025-26597 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26598 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-26598 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L
  * CVE-2025-26598 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26599 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-26599 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L
  * CVE-2025-26599 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26600 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-26600 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26601 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-26601 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.5
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5

  
  
An update that solves eight vulnerabilities can now be installed.

## Description:

This update for xorg-x11-server fixes the following issues:

  * CVE-2025-26594: Use-after-free of the root cursor (bsc#1237427).
  * CVE-2025-26595: Buffer overflow in XkbVModMaskText() (bsc#1237429).
  * CVE-2025-26596: Heap overflow in XkbWriteKeySyms() (bsc#1237430).
  * CVE-2025-26597: Buffer overflow in XkbChangeTypesOfKey() (bsc#1237431).
  * CVE-2025-26598: Out-of-bounds write in CreatePointerBarrierClient()
    (bsc#1237432).
  * CVE-2025-26599: Use of uninitialized pointer in compRedirectWindow()
    (bsc#1237433).
  * CVE-2025-26600: Use-after-free in PlayReleasedEvents() (bsc#1237434).
  * CVE-2025-26601: Use-after-free in SyncInitTrigger() (bsc#1237435).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-731=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-731=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-731=1

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-731=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-731=1

## Package List:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * xorg-x11-server-Xvfb-debuginfo-21.1.4-150500.7.32.1
    * xorg-x11-server-extra-21.1.4-150500.7.32.1
    * xorg-x11-server-21.1.4-150500.7.32.1
    * xorg-x11-server-debuginfo-21.1.4-150500.7.32.1
    * xorg-x11-server-sdk-21.1.4-150500.7.32.1
    * xorg-x11-server-debugsource-21.1.4-150500.7.32.1
    * xorg-x11-server-extra-debuginfo-21.1.4-150500.7.32.1
    * xorg-x11-server-Xvfb-21.1.4-150500.7.32.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * xorg-x11-server-Xvfb-debuginfo-21.1.4-150500.7.32.1
    * xorg-x11-server-extra-21.1.4-150500.7.32.1
    * xorg-x11-server-21.1.4-150500.7.32.1
    * xorg-x11-server-debuginfo-21.1.4-150500.7.32.1
    * xorg-x11-server-sdk-21.1.4-150500.7.32.1
    * xorg-x11-server-debugsource-21.1.4-150500.7.32.1
    * xorg-x11-server-extra-debuginfo-21.1.4-150500.7.32.1
    * xorg-x11-server-Xvfb-21.1.4-150500.7.32.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * xorg-x11-server-Xvfb-debuginfo-21.1.4-150500.7.32.1
    * xorg-x11-server-extra-21.1.4-150500.7.32.1
    * xorg-x11-server-21.1.4-150500.7.32.1
    * xorg-x11-server-debuginfo-21.1.4-150500.7.32.1
    * xorg-x11-server-sdk-21.1.4-150500.7.32.1
    * xorg-x11-server-debugsource-21.1.4-150500.7.32.1
    * xorg-x11-server-extra-debuginfo-21.1.4-150500.7.32.1
    * xorg-x11-server-Xvfb-21.1.4-150500.7.32.1
  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
    * xorg-x11-server-Xvfb-debuginfo-21.1.4-150500.7.32.1
    * xorg-x11-server-extra-21.1.4-150500.7.32.1
    * xorg-x11-server-source-21.1.4-150500.7.32.1
    * xorg-x11-server-21.1.4-150500.7.32.1
    * xorg-x11-server-debuginfo-21.1.4-150500.7.32.1
    * xorg-x11-server-sdk-21.1.4-150500.7.32.1
    * xorg-x11-server-debugsource-21.1.4-150500.7.32.1
    * xorg-x11-server-extra-debuginfo-21.1.4-150500.7.32.1
    * xorg-x11-server-Xvfb-21.1.4-150500.7.32.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * xorg-x11-server-Xvfb-debuginfo-21.1.4-150500.7.32.1
    * xorg-x11-server-extra-21.1.4-150500.7.32.1
    * xorg-x11-server-21.1.4-150500.7.32.1
    * xorg-x11-server-debuginfo-21.1.4-150500.7.32.1
    * xorg-x11-server-sdk-21.1.4-150500.7.32.1
    * xorg-x11-server-debugsource-21.1.4-150500.7.32.1
    * xorg-x11-server-extra-debuginfo-21.1.4-150500.7.32.1
    * xorg-x11-server-Xvfb-21.1.4-150500.7.32.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-26594.html
  * https://www.suse.com/security/cve/CVE-2025-26595.html
  * https://www.suse.com/security/cve/CVE-2025-26596.html
  * https://www.suse.com/security/cve/CVE-2025-26597.html
  * https://www.suse.com/security/cve/CVE-2025-26598.html
  * https://www.suse.com/security/cve/CVE-2025-26599.html
  * https://www.suse.com/security/cve/CVE-2025-26600.html
  * https://www.suse.com/security/cve/CVE-2025-26601.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237427
  * https://bugzilla.suse.com/show_bug.cgi?id=1237429
  * https://bugzilla.suse.com/show_bug.cgi?id=1237430
  * https://bugzilla.suse.com/show_bug.cgi?id=1237431
  * https://bugzilla.suse.com/show_bug.cgi?id=1237432
  * https://bugzilla.suse.com/show_bug.cgi?id=1237433
  * https://bugzilla.suse.com/show_bug.cgi?id=1237434
  * https://bugzilla.suse.com/show_bug.cgi?id=1237435

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250226/863bf822/attachment.htm>

From null at suse.de  Wed Feb 26 16:30:42 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Wed, 26 Feb 2025 16:30:42 -0000
Subject: SUSE-SU-2025:0730-1: important: Security update for xorg-x11-server
Message-ID: <174058744294.17461.3596479609861781163@smelt2.prg2.suse.org>



# Security update for xorg-x11-server

Announcement ID: SUSE-SU-2025:0730-1  
Release Date: 2025-02-26T14:29:29Z  
Rating: important  
References:

  * bsc#1237427
  * bsc#1237429
  * bsc#1237430
  * bsc#1237431
  * bsc#1237432
  * bsc#1237433
  * bsc#1237434
  * bsc#1237435

  
Cross-References:

  * CVE-2025-26594
  * CVE-2025-26595
  * CVE-2025-26596
  * CVE-2025-26597
  * CVE-2025-26598
  * CVE-2025-26599
  * CVE-2025-26600
  * CVE-2025-26601

  
CVSS scores:

  * CVE-2025-26594 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L
  * CVE-2025-26594 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
  * CVE-2025-26594 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26595 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26595 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2025-26595 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26596 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26596 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2025-26596 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26597 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26597 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2025-26597 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26598 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-26598 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L
  * CVE-2025-26598 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26599 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-26599 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L
  * CVE-2025-26599 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26600 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-26600 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26601 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-26601 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * Development Tools Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves eight vulnerabilities can now be installed.

## Description:

This update for xorg-x11-server fixes the following issues:

  * CVE-2025-26594: Use-after-free of the root cursor (bsc#1237427).
  * CVE-2025-26595: Buffer overflow in XkbVModMaskText() (bsc#1237429).
  * CVE-2025-26596: Heap overflow in XkbWriteKeySyms() (bsc#1237430).
  * CVE-2025-26597: Buffer overflow in XkbChangeTypesOfKey() (bsc#1237431).
  * CVE-2025-26598: Out-of-bounds write in CreatePointerBarrierClient()
    (bsc#1237432).
  * CVE-2025-26599: Use of uninitialized pointer in compRedirectWindow()
    (bsc#1237433).
  * CVE-2025-26600: Use-after-free in PlayReleasedEvents() (bsc#1237434).
  * CVE-2025-26601: Use-after-free in SyncInitTrigger() (bsc#1237435).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-730=1 openSUSE-SLE-15.6-2025-730=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-730=1

  * Development Tools Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-730=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * xorg-x11-server-extra-debuginfo-21.1.11-150600.5.6.1
    * xorg-x11-server-sdk-21.1.11-150600.5.6.1
    * xorg-x11-server-source-21.1.11-150600.5.6.1
    * xorg-x11-server-Xvfb-21.1.11-150600.5.6.1
    * xorg-x11-server-extra-21.1.11-150600.5.6.1
    * xorg-x11-server-debugsource-21.1.11-150600.5.6.1
    * xorg-x11-server-21.1.11-150600.5.6.1
    * xorg-x11-server-Xvfb-debuginfo-21.1.11-150600.5.6.1
    * xorg-x11-server-debuginfo-21.1.11-150600.5.6.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * xorg-x11-server-extra-debuginfo-21.1.11-150600.5.6.1
    * xorg-x11-server-Xvfb-21.1.11-150600.5.6.1
    * xorg-x11-server-extra-21.1.11-150600.5.6.1
    * xorg-x11-server-debugsource-21.1.11-150600.5.6.1
    * xorg-x11-server-21.1.11-150600.5.6.1
    * xorg-x11-server-Xvfb-debuginfo-21.1.11-150600.5.6.1
    * xorg-x11-server-debuginfo-21.1.11-150600.5.6.1
  * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * xorg-x11-server-debuginfo-21.1.11-150600.5.6.1
    * xorg-x11-server-debugsource-21.1.11-150600.5.6.1
    * xorg-x11-server-sdk-21.1.11-150600.5.6.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-26594.html
  * https://www.suse.com/security/cve/CVE-2025-26595.html
  * https://www.suse.com/security/cve/CVE-2025-26596.html
  * https://www.suse.com/security/cve/CVE-2025-26597.html
  * https://www.suse.com/security/cve/CVE-2025-26598.html
  * https://www.suse.com/security/cve/CVE-2025-26599.html
  * https://www.suse.com/security/cve/CVE-2025-26600.html
  * https://www.suse.com/security/cve/CVE-2025-26601.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237427
  * https://bugzilla.suse.com/show_bug.cgi?id=1237429
  * https://bugzilla.suse.com/show_bug.cgi?id=1237430
  * https://bugzilla.suse.com/show_bug.cgi?id=1237431
  * https://bugzilla.suse.com/show_bug.cgi?id=1237432
  * https://bugzilla.suse.com/show_bug.cgi?id=1237433
  * https://bugzilla.suse.com/show_bug.cgi?id=1237434
  * https://bugzilla.suse.com/show_bug.cgi?id=1237435

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250226/aca5a0a6/attachment.htm>

From null at suse.de  Wed Feb 26 16:30:49 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Wed, 26 Feb 2025 16:30:49 -0000
Subject: SUSE-SU-2025:0729-1: important: Security update for xwayland
Message-ID: <174058744954.17461.1497455888404902547@smelt2.prg2.suse.org>



# Security update for xwayland

Announcement ID: SUSE-SU-2025:0729-1  
Release Date: 2025-02-26T14:14:35Z  
Rating: important  
References:

  * bsc#1237427
  * bsc#1237429
  * bsc#1237430
  * bsc#1237431
  * bsc#1237432
  * bsc#1237433
  * bsc#1237434
  * bsc#1237435

  
Cross-References:

  * CVE-2025-26594
  * CVE-2025-26595
  * CVE-2025-26596
  * CVE-2025-26597
  * CVE-2025-26598
  * CVE-2025-26599
  * CVE-2025-26600
  * CVE-2025-26601

  
CVSS scores:

  * CVE-2025-26594 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L
  * CVE-2025-26594 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
  * CVE-2025-26594 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26595 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26595 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2025-26595 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26596 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26596 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2025-26596 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26597 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26597 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2025-26597 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26598 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-26598 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L
  * CVE-2025-26598 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26599 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-26599 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L
  * CVE-2025-26599 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26600 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-26600 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26601 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-26601 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Linux Enterprise Workstation Extension 15 SP6

  
  
An update that solves eight vulnerabilities can now be installed.

## Description:

This update for xwayland fixes the following issues:

  * CVE-2025-26594: Use-after-free of the root cursor (bsc#1237427).
  * CVE-2025-26595: Buffer overflow in XkbVModMaskText() (bsc#1237429).
  * CVE-2025-26596: Heap overflow in XkbWriteKeySyms() (bsc#1237430).
  * CVE-2025-26597: Buffer overflow in XkbChangeTypesOfKey() (bsc#1237431).
  * CVE-2025-26598: Out-of-bounds write in CreatePointerBarrierClient()
    (bsc#1237432).
  * CVE-2025-26599: Use of uninitialized pointer in compRedirectWindow()
    (bsc#1237433).
  * CVE-2025-26600: Use-after-free in PlayReleasedEvents() (bsc#1237434).
  * CVE-2025-26601: Use-after-free in SyncInitTrigger() (bsc#1237435).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-729=1 SUSE-2025-729=1

  * SUSE Linux Enterprise Workstation Extension 15 SP6  
    zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2025-729=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * xwayland-devel-24.1.1-150600.5.9.1
    * xwayland-24.1.1-150600.5.9.1
    * xwayland-debuginfo-24.1.1-150600.5.9.1
    * xwayland-debugsource-24.1.1-150600.5.9.1
  * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64)
    * xwayland-24.1.1-150600.5.9.1
    * xwayland-debuginfo-24.1.1-150600.5.9.1
    * xwayland-debugsource-24.1.1-150600.5.9.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-26594.html
  * https://www.suse.com/security/cve/CVE-2025-26595.html
  * https://www.suse.com/security/cve/CVE-2025-26596.html
  * https://www.suse.com/security/cve/CVE-2025-26597.html
  * https://www.suse.com/security/cve/CVE-2025-26598.html
  * https://www.suse.com/security/cve/CVE-2025-26599.html
  * https://www.suse.com/security/cve/CVE-2025-26600.html
  * https://www.suse.com/security/cve/CVE-2025-26601.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237427
  * https://bugzilla.suse.com/show_bug.cgi?id=1237429
  * https://bugzilla.suse.com/show_bug.cgi?id=1237430
  * https://bugzilla.suse.com/show_bug.cgi?id=1237431
  * https://bugzilla.suse.com/show_bug.cgi?id=1237432
  * https://bugzilla.suse.com/show_bug.cgi?id=1237433
  * https://bugzilla.suse.com/show_bug.cgi?id=1237434
  * https://bugzilla.suse.com/show_bug.cgi?id=1237435

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250226/1083fe9f/attachment.htm>

From null at suse.de  Wed Feb 26 16:30:51 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Wed, 26 Feb 2025 16:30:51 -0000
Subject: SUSE-SU-2025:0728-1: moderate: Security update for gnutls
Message-ID: <174058745195.17461.4914644324027978133@smelt2.prg2.suse.org>



# Security update for gnutls

Announcement ID: SUSE-SU-2025:0728-1  
Release Date: 2025-02-26T14:03:26Z  
Rating: moderate  
References:

  * bsc#1236974

  
Cross-References:

  * CVE-2024-12243

  
CVSS scores:

  * CVE-2024-12243 ( SUSE ):  5.3
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-12243 ( SUSE ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-12243 ( NVD ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

  
Affected Products:

  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for gnutls fixes the following issues:

  * CVE-2024-12243: quadratic complexity of DER input decoding in libtasn1 can
    lead to a DoS (bsc#1236974).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-728=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-728=1

## Package List:

  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * libgnutls30-debuginfo-3.7.3-150400.11.1
    * gnutls-debuginfo-3.7.3-150400.11.1
    * gnutls-3.7.3-150400.11.1
    * gnutls-debugsource-3.7.3-150400.11.1
    * libgnutls30-hmac-3.7.3-150400.11.1
    * libgnutls30-3.7.3-150400.11.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * libgnutls30-debuginfo-3.7.3-150400.11.1
    * gnutls-debuginfo-3.7.3-150400.11.1
    * gnutls-3.7.3-150400.11.1
    * gnutls-debugsource-3.7.3-150400.11.1
    * libgnutls30-hmac-3.7.3-150400.11.1
    * libgnutls30-3.7.3-150400.11.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-12243.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236974

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250226/7525fa03/attachment.htm>

From null at suse.de  Wed Feb 26 16:30:54 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Wed, 26 Feb 2025 16:30:54 -0000
Subject: SUSE-SU-2025:0727-1: moderate: Security update for gnutls
Message-ID: <174058745447.17461.2889204116676879604@smelt2.prg2.suse.org>



# Security update for gnutls

Announcement ID: SUSE-SU-2025:0727-1  
Release Date: 2025-02-26T14:03:18Z  
Rating: moderate  
References:

  * bsc#1236974

  
Cross-References:

  * CVE-2024-12243

  
CVSS scores:

  * CVE-2024-12243 ( SUSE ):  5.3
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-12243 ( SUSE ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-12243 ( NVD ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

  
Affected Products:

  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.2

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for gnutls fixes the following issues:

  * CVE-2024-12243: quadratic complexity of DER input decoding in libtasn1 can
    lead to a DoS (bsc#1236974).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro 5.1  
    zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-727=1

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-727=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-727=1

## Package List:

  * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
    * libgnutls30-debuginfo-3.6.7-150200.14.34.1
    * libgnutls30-3.6.7-150200.14.34.1
    * gnutls-debuginfo-3.6.7-150200.14.34.1
    * libgnutls30-hmac-3.6.7-150200.14.34.1
    * gnutls-debugsource-3.6.7-150200.14.34.1
  * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
    * libgnutls30-debuginfo-3.6.7-150200.14.34.1
    * libgnutls30-3.6.7-150200.14.34.1
    * gnutls-debuginfo-3.6.7-150200.14.34.1
    * libgnutls30-hmac-3.6.7-150200.14.34.1
    * gnutls-3.6.7-150200.14.34.1
    * gnutls-debugsource-3.6.7-150200.14.34.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
    * libgnutls30-debuginfo-3.6.7-150200.14.34.1
    * libgnutls30-3.6.7-150200.14.34.1
    * gnutls-debuginfo-3.6.7-150200.14.34.1
    * libgnutls30-hmac-3.6.7-150200.14.34.1
    * gnutls-3.6.7-150200.14.34.1
    * gnutls-debugsource-3.6.7-150200.14.34.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-12243.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236974

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250226/9257068f/attachment.htm>

From null at suse.de  Wed Feb 26 16:30:56 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Wed, 26 Feb 2025 16:30:56 -0000
Subject: SUSE-SU-2025:0726-1: moderate: Security update for socat
Message-ID: <174058745676.17461.12536060160331363641@smelt2.prg2.suse.org>



# Security update for socat

Announcement ID: SUSE-SU-2025:0726-1  
Release Date: 2025-02-26T13:37:01Z  
Rating: moderate  
References:

  * bsc#922903

  
Cross-References:

  * CVE-2015-1379

  
CVSS scores:

  * CVE-2015-1379 ( SUSE ):  4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

  
Affected Products:

  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for socat fixes the following issues:

  * CVE-2015-1379: lack of async-signal-safe signal handlers can lead to crashes
    or freezing of socat processes (bsc#922903).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-726=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * socat-debuginfo-1.7.2.4-4.6.1
    * socat-debugsource-1.7.2.4-4.6.1
    * socat-1.7.2.4-4.6.1

## References:

  * https://www.suse.com/security/cve/CVE-2015-1379.html
  * https://bugzilla.suse.com/show_bug.cgi?id=922903

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250226/7fd712e1/attachment.htm>

From null at suse.de  Wed Feb 26 16:30:59 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Wed, 26 Feb 2025 16:30:59 -0000
Subject: SUSE-SU-2025:0725-1: important: Security update for procps
Message-ID: <174058745984.17461.14401210215420631822@smelt2.prg2.suse.org>



# Security update for procps

Announcement ID: SUSE-SU-2025:0725-1  
Release Date: 2025-02-26T13:36:47Z  
Rating: important  
References:

  * bsc#1214290
  * bsc#1236842

  
Cross-References:

  * CVE-2023-4016

  
CVSS scores:

  * CVE-2023-4016 ( SUSE ):  2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2023-4016 ( NVD ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for procps fixes the following issues:

  * Integer overflow due to incomplete fix for CVE-2023-4016 can lead to
    segmentation fault in ps command when pid argument has a leading space
    (bsc#1236842, bsc#1214290).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-725=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-725=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * procps-devel-3.3.9-11.33.1
    * libprocps3-debuginfo-3.3.9-11.33.1
    * procps-3.3.9-11.33.1
    * procps-debugsource-3.3.9-11.33.1
    * libprocps3-3.3.9-11.33.1
    * procps-debuginfo-3.3.9-11.33.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * procps-devel-3.3.9-11.33.1
    * libprocps3-debuginfo-3.3.9-11.33.1
    * procps-3.3.9-11.33.1
    * procps-debugsource-3.3.9-11.33.1
    * libprocps3-3.3.9-11.33.1
    * procps-debuginfo-3.3.9-11.33.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-4016.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1214290
  * https://bugzilla.suse.com/show_bug.cgi?id=1236842

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250226/2aa43c6a/attachment.htm>

From null at suse.de  Wed Feb 26 16:31:05 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Wed, 26 Feb 2025 16:31:05 -0000
Subject: SUSE-SU-2025:0724-1: moderate: Security update for vim
Message-ID: <174058746507.17461.14246904498179521145@smelt2.prg2.suse.org>



# Security update for vim

Announcement ID: SUSE-SU-2025:0724-1  
Release Date: 2025-02-26T13:30:43Z  
Rating: moderate  
References:

  * bsc#1229685
  * bsc#1229822
  * bsc#1230078
  * bsc#1235695
  * bsc#1236151
  * bsc#1237137

  
Cross-References:

  * CVE-2024-43790
  * CVE-2024-43802
  * CVE-2024-45306
  * CVE-2025-1215
  * CVE-2025-22134
  * CVE-2025-24014

  
CVSS scores:

  * CVE-2024-43790 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L
  * CVE-2024-43790 ( SUSE ):  4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
  * CVE-2024-43802 ( SUSE ):  4.6
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-43802 ( SUSE ):  4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
  * CVE-2024-45306 ( SUSE ):  4.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-45306 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
  * CVE-2024-45306 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2024-45306 ( NVD ):  4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
  * CVE-2025-1215 ( SUSE ):  2.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-1215 ( SUSE ):  2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
  * CVE-2025-1215 ( NVD ):  2.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2025-1215 ( NVD ):  2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
  * CVE-2025-22134 ( SUSE ):  1.0
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-22134 ( SUSE ):  4.2 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L
  * CVE-2025-22134 ( NVD ):  4.2 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L
  * CVE-2025-24014 ( SUSE ):  1.0
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-24014 ( SUSE ):  4.2 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L
  * CVE-2025-24014 ( NVD ):  4.2 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L

  
Affected Products:

  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro for Rancher 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4

  
  
An update that solves six vulnerabilities can now be installed.

## Description:

This update for vim fixes the following issues:

Update to version 9.1.1101:

  * CVE-2024-43790: possible out-of-bounds read when performing a search command
    (bsc#1229685).
  * CVE-2024-43802: heap buffer overflow due to incorrect flushing of the
    typeahead buffer (bsc#1229822).
  * CVE-2024-45306: heap buffer overflow when cursor position is invalid
    (bsc#1230078).
  * CVE-2025-22134: heap buffer overflow when switching to other buffers using
    the :all command with active visual mode (bsc#1235695).
  * CVE-2025-24014: NULL pointer dereference may lead to segmentation fault when
    in silent Ex mode (bsc#1236151).
  * CVE-2025-1215: memory corruption when manipulating the --log argument
    (bsc#1237137).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-724=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-724=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-724=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-724=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-724=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-724=1

  * SUSE Linux Enterprise Micro 5.1  
    zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-724=1

## Package List:

  * SUSE Linux Enterprise Micro 5.2 (noarch)
    * vim-data-common-9.1.1101-150000.5.69.1
  * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
    * vim-debuginfo-9.1.1101-150000.5.69.1
    * vim-small-debuginfo-9.1.1101-150000.5.69.1
    * vim-small-9.1.1101-150000.5.69.1
    * vim-debugsource-9.1.1101-150000.5.69.1
    * xxd-9.1.1101-150000.5.69.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch)
    * vim-data-common-9.1.1101-150000.5.69.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
    * vim-debuginfo-9.1.1101-150000.5.69.1
    * vim-small-debuginfo-9.1.1101-150000.5.69.1
    * vim-small-9.1.1101-150000.5.69.1
    * vim-debugsource-9.1.1101-150000.5.69.1
    * xxd-9.1.1101-150000.5.69.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch)
    * vim-data-common-9.1.1101-150000.5.69.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * vim-debuginfo-9.1.1101-150000.5.69.1
    * vim-small-debuginfo-9.1.1101-150000.5.69.1
    * vim-small-9.1.1101-150000.5.69.1
    * vim-debugsource-9.1.1101-150000.5.69.1
    * xxd-9.1.1101-150000.5.69.1
  * SUSE Linux Enterprise Micro 5.3 (noarch)
    * vim-data-common-9.1.1101-150000.5.69.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * vim-debuginfo-9.1.1101-150000.5.69.1
    * vim-small-debuginfo-9.1.1101-150000.5.69.1
    * vim-small-9.1.1101-150000.5.69.1
    * vim-debugsource-9.1.1101-150000.5.69.1
    * xxd-9.1.1101-150000.5.69.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch)
    * vim-data-common-9.1.1101-150000.5.69.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * vim-debuginfo-9.1.1101-150000.5.69.1
    * vim-small-debuginfo-9.1.1101-150000.5.69.1
    * vim-small-9.1.1101-150000.5.69.1
    * vim-debugsource-9.1.1101-150000.5.69.1
    * xxd-9.1.1101-150000.5.69.1
  * SUSE Linux Enterprise Micro 5.4 (noarch)
    * vim-data-common-9.1.1101-150000.5.69.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * vim-debuginfo-9.1.1101-150000.5.69.1
    * vim-small-debuginfo-9.1.1101-150000.5.69.1
    * vim-small-9.1.1101-150000.5.69.1
    * vim-debugsource-9.1.1101-150000.5.69.1
    * xxd-9.1.1101-150000.5.69.1
  * SUSE Linux Enterprise Micro 5.1 (noarch)
    * vim-data-common-9.1.1101-150000.5.69.1
  * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
    * vim-debuginfo-9.1.1101-150000.5.69.1
    * vim-small-debuginfo-9.1.1101-150000.5.69.1
    * vim-small-9.1.1101-150000.5.69.1
    * vim-debugsource-9.1.1101-150000.5.69.1
    * xxd-9.1.1101-150000.5.69.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-43790.html
  * https://www.suse.com/security/cve/CVE-2024-43802.html
  * https://www.suse.com/security/cve/CVE-2024-45306.html
  * https://www.suse.com/security/cve/CVE-2025-1215.html
  * https://www.suse.com/security/cve/CVE-2025-22134.html
  * https://www.suse.com/security/cve/CVE-2025-24014.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1229685
  * https://bugzilla.suse.com/show_bug.cgi?id=1229822
  * https://bugzilla.suse.com/show_bug.cgi?id=1230078
  * https://bugzilla.suse.com/show_bug.cgi?id=1235695
  * https://bugzilla.suse.com/show_bug.cgi?id=1236151
  * https://bugzilla.suse.com/show_bug.cgi?id=1237137

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250226/64a8a470/attachment.htm>

From null at suse.de  Wed Feb 26 16:31:11 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Wed, 26 Feb 2025 16:31:11 -0000
Subject: SUSE-SU-2025:0723-1: moderate: Security update for vim
Message-ID: <174058747154.17461.10832074427062747318@smelt2.prg2.suse.org>



# Security update for vim

Announcement ID: SUSE-SU-2025:0723-1  
Release Date: 2025-02-26T13:29:54Z  
Rating: moderate  
References:

  * bsc#1229685
  * bsc#1229822
  * bsc#1230078
  * bsc#1235695
  * bsc#1236151
  * bsc#1237137

  
Cross-References:

  * CVE-2024-43790
  * CVE-2024-43802
  * CVE-2024-45306
  * CVE-2025-1215
  * CVE-2025-22134
  * CVE-2025-24014

  
CVSS scores:

  * CVE-2024-43790 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L
  * CVE-2024-43790 ( SUSE ):  4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
  * CVE-2024-43802 ( SUSE ):  4.6
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-43802 ( SUSE ):  4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
  * CVE-2024-45306 ( SUSE ):  4.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-45306 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
  * CVE-2024-45306 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2024-45306 ( NVD ):  4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
  * CVE-2025-1215 ( SUSE ):  2.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-1215 ( SUSE ):  2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
  * CVE-2025-1215 ( NVD ):  2.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2025-1215 ( NVD ):  2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
  * CVE-2025-22134 ( SUSE ):  1.0
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-22134 ( SUSE ):  4.2 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L
  * CVE-2025-22134 ( NVD ):  4.2 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L
  * CVE-2025-24014 ( SUSE ):  1.0
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-24014 ( SUSE ):  4.2 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L
  * CVE-2025-24014 ( NVD ):  4.2 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L

  
Affected Products:

  * Basesystem Module 15-SP6
  * Desktop Applications Module 15-SP6
  * openSUSE Leap 15.5
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves six vulnerabilities can now be installed.

## Description:

This update for vim fixes the following issues:

Update to version 9.1.1101:

  * CVE-2024-43790: possible out-of-bounds read when performing a search command
    (bsc#1229685).
  * CVE-2024-43802: heap buffer overflow due to incorrect flushing of the
    typeahead buffer (bsc#1229822).
  * CVE-2024-45306: heap buffer overflow when cursor position is invalid
    (bsc#1230078).
  * CVE-2025-22134: heap buffer overflow when switching to other buffers using
    the :all command with active visual mode (bsc#1235695).
  * CVE-2025-24014: NULL pointer dereference may lead to segmentation fault when
    in silent Ex mode (bsc#1236151).
  * CVE-2025-1215: memory corruption when manipulating the --log argument
    (bsc#1237137).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-723=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-723=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-723=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-723=1

  * Desktop Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-723=1

## Package List:

  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
    * vim-9.1.1101-150500.20.21.1
    * vim-small-debuginfo-9.1.1101-150500.20.21.1
    * vim-debuginfo-9.1.1101-150500.20.21.1
    * gvim-debuginfo-9.1.1101-150500.20.21.1
    * gvim-9.1.1101-150500.20.21.1
    * vim-small-9.1.1101-150500.20.21.1
    * vim-debugsource-9.1.1101-150500.20.21.1
  * openSUSE Leap 15.5 (noarch)
    * vim-data-common-9.1.1101-150500.20.21.1
    * vim-data-9.1.1101-150500.20.21.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * vim-9.1.1101-150500.20.21.1
    * vim-small-debuginfo-9.1.1101-150500.20.21.1
    * vim-debuginfo-9.1.1101-150500.20.21.1
    * gvim-debuginfo-9.1.1101-150500.20.21.1
    * gvim-9.1.1101-150500.20.21.1
    * vim-small-9.1.1101-150500.20.21.1
    * vim-debugsource-9.1.1101-150500.20.21.1
  * openSUSE Leap 15.6 (noarch)
    * vim-data-common-9.1.1101-150500.20.21.1
    * vim-data-9.1.1101-150500.20.21.1
  * SUSE Linux Enterprise Micro 5.5 (noarch)
    * vim-data-common-9.1.1101-150500.20.21.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * vim-small-debuginfo-9.1.1101-150500.20.21.1
    * vim-small-9.1.1101-150500.20.21.1
    * vim-debugsource-9.1.1101-150500.20.21.1
    * vim-debuginfo-9.1.1101-150500.20.21.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * vim-9.1.1101-150500.20.21.1
    * vim-small-debuginfo-9.1.1101-150500.20.21.1
    * vim-debuginfo-9.1.1101-150500.20.21.1
    * vim-small-9.1.1101-150500.20.21.1
    * vim-debugsource-9.1.1101-150500.20.21.1
  * Basesystem Module 15-SP6 (noarch)
    * vim-data-common-9.1.1101-150500.20.21.1
    * vim-data-9.1.1101-150500.20.21.1
  * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * vim-debuginfo-9.1.1101-150500.20.21.1
    * gvim-9.1.1101-150500.20.21.1
    * vim-debugsource-9.1.1101-150500.20.21.1
    * gvim-debuginfo-9.1.1101-150500.20.21.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-43790.html
  * https://www.suse.com/security/cve/CVE-2024-43802.html
  * https://www.suse.com/security/cve/CVE-2024-45306.html
  * https://www.suse.com/security/cve/CVE-2025-1215.html
  * https://www.suse.com/security/cve/CVE-2025-22134.html
  * https://www.suse.com/security/cve/CVE-2025-24014.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1229685
  * https://bugzilla.suse.com/show_bug.cgi?id=1229822
  * https://bugzilla.suse.com/show_bug.cgi?id=1230078
  * https://bugzilla.suse.com/show_bug.cgi?id=1235695
  * https://bugzilla.suse.com/show_bug.cgi?id=1236151
  * https://bugzilla.suse.com/show_bug.cgi?id=1237137

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250226/67fc7358/attachment.htm>

From null at suse.de  Wed Feb 26 16:31:20 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Wed, 26 Feb 2025 16:31:20 -0000
Subject: SUSE-SU-2025:0722-1: moderate: Security update for vim
Message-ID: <174058748058.17461.9150000147582322867@smelt2.prg2.suse.org>



# Security update for vim

Announcement ID: SUSE-SU-2025:0722-1  
Release Date: 2025-02-26T13:29:24Z  
Rating: moderate  
References:

  * bsc#1229685
  * bsc#1229822
  * bsc#1230078
  * bsc#1235695
  * bsc#1236151
  * bsc#1237137

  
Cross-References:

  * CVE-2024-43790
  * CVE-2024-43802
  * CVE-2024-45306
  * CVE-2025-1215
  * CVE-2025-22134
  * CVE-2025-24014

  
CVSS scores:

  * CVE-2024-43790 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L
  * CVE-2024-43790 ( SUSE ):  4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
  * CVE-2024-43802 ( SUSE ):  4.6
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-43802 ( SUSE ):  4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
  * CVE-2024-45306 ( SUSE ):  4.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-45306 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
  * CVE-2024-45306 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2024-45306 ( NVD ):  4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
  * CVE-2025-1215 ( SUSE ):  2.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-1215 ( SUSE ):  2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
  * CVE-2025-1215 ( NVD ):  2.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2025-1215 ( NVD ):  2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
  * CVE-2025-22134 ( SUSE ):  1.0
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-22134 ( SUSE ):  4.2 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L
  * CVE-2025-22134 ( NVD ):  4.2 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L
  * CVE-2025-24014 ( SUSE ):  1.0
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-24014 ( SUSE ):  4.2 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L
  * CVE-2025-24014 ( NVD ):  4.2 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L

  
Affected Products:

  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves six vulnerabilities can now be installed.

## Description:

This update for vim fixes the following issues:

Update to version 9.1.1101:

  * CVE-2024-43790: possible out-of-bounds read when performing a search command
    (bsc#1229685).
  * CVE-2024-43802: heap buffer overflow due to incorrect flushing of the
    typeahead buffer (bsc#1229822).
  * CVE-2024-45306: heap buffer overflow when cursor position is invalid
    (bsc#1230078).
  * CVE-2025-22134: heap buffer overflow when switching to other buffers using
    the :all command with active visual mode (bsc#1235695).
  * CVE-2025-24014: NULL pointer dereference may lead to segmentation fault when
    in silent Ex mode (bsc#1236151).
  * CVE-2025-1215: memory corruption when manipulating the --log argument
    (bsc#1237137).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-722=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * vim-debuginfo-9.1.1101-17.41.1
    * gvim-debuginfo-9.1.1101-17.41.1
    * vim-debugsource-9.1.1101-17.41.1
    * gvim-9.1.1101-17.41.1
    * vim-9.1.1101-17.41.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch)
    * vim-data-common-9.1.1101-17.41.1
    * vim-data-9.1.1101-17.41.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-43790.html
  * https://www.suse.com/security/cve/CVE-2024-43802.html
  * https://www.suse.com/security/cve/CVE-2024-45306.html
  * https://www.suse.com/security/cve/CVE-2025-1215.html
  * https://www.suse.com/security/cve/CVE-2025-22134.html
  * https://www.suse.com/security/cve/CVE-2025-24014.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1229685
  * https://bugzilla.suse.com/show_bug.cgi?id=1229822
  * https://bugzilla.suse.com/show_bug.cgi?id=1230078
  * https://bugzilla.suse.com/show_bug.cgi?id=1235695
  * https://bugzilla.suse.com/show_bug.cgi?id=1236151
  * https://bugzilla.suse.com/show_bug.cgi?id=1237137

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250226/2a34d5d3/attachment.htm>

From null at suse.de  Thu Feb 27 15:24:00 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Thu, 27 Feb 2025 15:24:00 -0000
Subject: SUSE-SU-2025:0736-1: important: Security update for ruby2.5
Message-ID: <174066984090.31394.14147356730918909251@smelt2.prg2.suse.org>



# Security update for ruby2.5

Announcement ID: SUSE-SU-2025:0736-1  
Release Date: 2025-02-26T18:38:59Z  
Rating: important  
References:

  * bsc#1230930
  * bsc#1232440

  
Cross-References:

  * CVE-2024-47220
  * CVE-2024-49761

  
CVSS scores:

  * CVE-2024-47220 ( SUSE ):  8.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-47220 ( SUSE ):  8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
  * CVE-2024-47220 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
  * CVE-2024-49761 ( SUSE ):  5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49761 ( NVD ):  6.6
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2024-49761 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for ruby2.5 fixes the following issues:

  * CVE-2024-47220: Fixed a HTTP request smuggling attack in WEBrick
    (bsc#1230930)
  * CVE-2024-49761: Fixed a ReDoS vulnerability in ruby rexml (bsc#1232440)

Other fixes:

  * [ruby/uri] Fix quadratic backtracking on invalid relative URI
  * [ruby/time] Make RFC2822 regexp linear
  * [ruby/time] Fix quadratic backtracking on invalid time
  * merge some parts of CGI 0.1.1

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-736=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-736=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-736=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-736=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-736=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-736=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-736=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-736=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-736=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-736=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-736=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-736=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-736=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-736=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-736=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-736=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-736=1

## Package List:

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * ruby2.5-devel-2.5.9-150000.4.36.1
    * libruby2_5-2_5-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-devel-extra-2.5.9-150000.4.36.1
    * ruby2.5-2.5.9-150000.4.36.1
    * ruby2.5-debugsource-2.5.9-150000.4.36.1
    * ruby2.5-debuginfo-2.5.9-150000.4.36.1
    * libruby2_5-2_5-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-2.5.9-150000.4.36.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * ruby2.5-devel-2.5.9-150000.4.36.1
    * libruby2_5-2_5-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-devel-extra-2.5.9-150000.4.36.1
    * ruby2.5-2.5.9-150000.4.36.1
    * ruby2.5-debugsource-2.5.9-150000.4.36.1
    * ruby2.5-debuginfo-2.5.9-150000.4.36.1
    * libruby2_5-2_5-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-2.5.9-150000.4.36.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * ruby2.5-devel-2.5.9-150000.4.36.1
    * libruby2_5-2_5-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-devel-extra-2.5.9-150000.4.36.1
    * ruby2.5-2.5.9-150000.4.36.1
    * ruby2.5-debugsource-2.5.9-150000.4.36.1
    * ruby2.5-debuginfo-2.5.9-150000.4.36.1
    * libruby2_5-2_5-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-2.5.9-150000.4.36.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * ruby2.5-devel-2.5.9-150000.4.36.1
    * libruby2_5-2_5-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-devel-extra-2.5.9-150000.4.36.1
    * ruby2.5-2.5.9-150000.4.36.1
    * ruby2.5-debugsource-2.5.9-150000.4.36.1
    * ruby2.5-debuginfo-2.5.9-150000.4.36.1
    * libruby2_5-2_5-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-2.5.9-150000.4.36.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * ruby2.5-devel-2.5.9-150000.4.36.1
    * libruby2_5-2_5-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-devel-extra-2.5.9-150000.4.36.1
    * ruby2.5-2.5.9-150000.4.36.1
    * ruby2.5-debugsource-2.5.9-150000.4.36.1
    * ruby2.5-debuginfo-2.5.9-150000.4.36.1
    * libruby2_5-2_5-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-2.5.9-150000.4.36.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * ruby2.5-devel-2.5.9-150000.4.36.1
    * libruby2_5-2_5-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-devel-extra-2.5.9-150000.4.36.1
    * ruby2.5-2.5.9-150000.4.36.1
    * ruby2.5-debugsource-2.5.9-150000.4.36.1
    * ruby2.5-debuginfo-2.5.9-150000.4.36.1
    * libruby2_5-2_5-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-2.5.9-150000.4.36.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * ruby2.5-devel-2.5.9-150000.4.36.1
    * libruby2_5-2_5-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-devel-extra-2.5.9-150000.4.36.1
    * ruby2.5-2.5.9-150000.4.36.1
    * ruby2.5-debugsource-2.5.9-150000.4.36.1
    * ruby2.5-debuginfo-2.5.9-150000.4.36.1
    * libruby2_5-2_5-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-2.5.9-150000.4.36.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * ruby2.5-devel-2.5.9-150000.4.36.1
    * ruby2.5-doc-2.5.9-150000.4.36.1
    * libruby2_5-2_5-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-devel-extra-2.5.9-150000.4.36.1
    * ruby2.5-2.5.9-150000.4.36.1
    * ruby2.5-debugsource-2.5.9-150000.4.36.1
    * ruby2.5-debuginfo-2.5.9-150000.4.36.1
    * libruby2_5-2_5-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-2.5.9-150000.4.36.1
  * openSUSE Leap 15.6 (noarch)
    * ruby2.5-doc-ri-2.5.9-150000.4.36.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * ruby2.5-devel-2.5.9-150000.4.36.1
    * libruby2_5-2_5-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-devel-extra-2.5.9-150000.4.36.1
    * ruby2.5-2.5.9-150000.4.36.1
    * ruby2.5-debugsource-2.5.9-150000.4.36.1
    * ruby2.5-debuginfo-2.5.9-150000.4.36.1
    * libruby2_5-2_5-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-2.5.9-150000.4.36.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * ruby2.5-devel-2.5.9-150000.4.36.1
    * libruby2_5-2_5-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-devel-extra-2.5.9-150000.4.36.1
    * ruby2.5-2.5.9-150000.4.36.1
    * ruby2.5-debugsource-2.5.9-150000.4.36.1
    * ruby2.5-debuginfo-2.5.9-150000.4.36.1
    * libruby2_5-2_5-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-2.5.9-150000.4.36.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * ruby2.5-devel-2.5.9-150000.4.36.1
    * libruby2_5-2_5-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-devel-extra-2.5.9-150000.4.36.1
    * ruby2.5-2.5.9-150000.4.36.1
    * ruby2.5-debugsource-2.5.9-150000.4.36.1
    * ruby2.5-debuginfo-2.5.9-150000.4.36.1
    * libruby2_5-2_5-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-2.5.9-150000.4.36.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * ruby2.5-devel-2.5.9-150000.4.36.1
    * libruby2_5-2_5-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-devel-extra-2.5.9-150000.4.36.1
    * ruby2.5-2.5.9-150000.4.36.1
    * ruby2.5-debugsource-2.5.9-150000.4.36.1
    * ruby2.5-debuginfo-2.5.9-150000.4.36.1
    * libruby2_5-2_5-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-2.5.9-150000.4.36.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * ruby2.5-devel-2.5.9-150000.4.36.1
    * libruby2_5-2_5-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-devel-extra-2.5.9-150000.4.36.1
    * ruby2.5-2.5.9-150000.4.36.1
    * ruby2.5-debugsource-2.5.9-150000.4.36.1
    * ruby2.5-debuginfo-2.5.9-150000.4.36.1
    * libruby2_5-2_5-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-2.5.9-150000.4.36.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * ruby2.5-devel-2.5.9-150000.4.36.1
    * libruby2_5-2_5-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-devel-extra-2.5.9-150000.4.36.1
    * ruby2.5-2.5.9-150000.4.36.1
    * ruby2.5-debugsource-2.5.9-150000.4.36.1
    * ruby2.5-debuginfo-2.5.9-150000.4.36.1
    * libruby2_5-2_5-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-2.5.9-150000.4.36.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * ruby2.5-devel-2.5.9-150000.4.36.1
    * libruby2_5-2_5-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-devel-extra-2.5.9-150000.4.36.1
    * ruby2.5-2.5.9-150000.4.36.1
    * ruby2.5-debugsource-2.5.9-150000.4.36.1
    * ruby2.5-debuginfo-2.5.9-150000.4.36.1
    * libruby2_5-2_5-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-2.5.9-150000.4.36.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * ruby2.5-devel-2.5.9-150000.4.36.1
    * libruby2_5-2_5-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-devel-extra-2.5.9-150000.4.36.1
    * ruby2.5-2.5.9-150000.4.36.1
    * ruby2.5-debugsource-2.5.9-150000.4.36.1
    * ruby2.5-debuginfo-2.5.9-150000.4.36.1
    * libruby2_5-2_5-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-2.5.9-150000.4.36.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * ruby2.5-devel-2.5.9-150000.4.36.1
    * libruby2_5-2_5-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-devel-extra-2.5.9-150000.4.36.1
    * ruby2.5-2.5.9-150000.4.36.1
    * ruby2.5-debugsource-2.5.9-150000.4.36.1
    * ruby2.5-debuginfo-2.5.9-150000.4.36.1
    * libruby2_5-2_5-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-2.5.9-150000.4.36.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-47220.html
  * https://www.suse.com/security/cve/CVE-2024-49761.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1230930
  * https://bugzilla.suse.com/show_bug.cgi?id=1232440

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250227/e1d5e406/attachment.htm>

From null at suse.de  Thu Feb 27 15:24:06 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Thu, 27 Feb 2025 15:24:06 -0000
Subject: SUSE-SU-2025:0735-1: important: Security update for webkit2gtk3
Message-ID: <174066984618.31394.8503449277965229075@smelt2.prg2.suse.org>



# Security update for webkit2gtk3

Announcement ID: SUSE-SU-2025:0735-1  
Release Date: 2025-02-26T18:35:02Z  
Rating: important  
References:

  * bsc#1234851
  * bsc#1236946

  
Cross-References:

  * CVE-2024-27856
  * CVE-2024-54479
  * CVE-2024-54502
  * CVE-2024-54505
  * CVE-2024-54508
  * CVE-2024-54534
  * CVE-2024-54543
  * CVE-2024-54658
  * CVE-2025-24143
  * CVE-2025-24150
  * CVE-2025-24158
  * CVE-2025-24162

  
CVSS scores:

  * CVE-2024-27856 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-27856 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-27856 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-54479 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-54479 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2024-54479 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54479 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54502 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-54502 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2024-54502 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2024-54502 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2024-54505 ( SUSE ):  5.9
    CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-54505 ( SUSE ):  7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H
  * CVE-2024-54505 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2024-54505 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-54508 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-54508 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2024-54508 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54508 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54534 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-54534 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-54534 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-54534 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-54543 ( SUSE ):  7.2
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-54543 ( SUSE ):  8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
  * CVE-2024-54543 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-54543 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-54658 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-54658 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2024-54658 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2025-24143 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-24143 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
  * CVE-2025-24143 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
  * CVE-2025-24143 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
  * CVE-2025-24150 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-24150 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-24150 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-24150 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-24158 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-24158 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2025-24158 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2025-24162 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-24162 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2025-24162 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3

  
  
An update that solves 12 vulnerabilities can now be installed.

## Description:

This update for webkit2gtk3 fixes the following issues:

Update to version 2.46.6 (bsc#1236946, bsc#1234851):

  * CVE-2025-24143: A maliciously crafted webpage may be able to fingerprint the
    user.
  * CVE-2025-24150: Copying a URL from Web Inspector may lead to command
    injection.
  * CVE-2025-24158: Processing web content may lead to a denial-of-service.
  * CVE-2025-24162: Processing maliciously crafted web content may lead to an
    unexpected process crash.
  * CVE-2024-54479: Processing maliciously crafted web content may lead to an
    unexpected process crash.
  * CVE-2024-54502: Processing maliciously crafted web content may lead to an
    unexpected process crash.
  * CVE-2024-54505: Processing maliciously crafted web content may lead to
    memory corruption.
  * CVE-2024-54508: Processing maliciously crafted web content may lead to an
    unexpected process crash.
  * CVE-2024-54543: Processing maliciously crafted web content may lead to
    memory corruption.

Already fixed in previous releases:

  * CVE-2024-27856: Processing a file may lead to unexpected app termination or
    arbitrary code execution.
  * CVE-2024-54534: Processing maliciously crafted web content may lead to
    memory corruption.
  * CVE-2024-54658: Processing web content may lead to a denial-of-service.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-735=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-735=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-735=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-735=1

## Package List:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * libwebkit2gtk-4_0-37-2.46.6-150200.133.1
    * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150200.133.1
    * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150200.133.1
    * webkit2gtk3-debugsource-2.46.6-150200.133.1
    * webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1
    * typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1
    * typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1
    * libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1
    * webkit2gtk3-devel-2.46.6-150200.133.1
    * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150200.133.1
    * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * libwebkit2gtk3-lang-2.46.6-150200.133.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * libwebkit2gtk-4_0-37-2.46.6-150200.133.1
    * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150200.133.1
    * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150200.133.1
    * webkit2gtk3-debugsource-2.46.6-150200.133.1
    * webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1
    * typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1
    * typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1
    * libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1
    * webkit2gtk3-devel-2.46.6-150200.133.1
    * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150200.133.1
    * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * libwebkit2gtk3-lang-2.46.6-150200.133.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * libwebkit2gtk-4_0-37-2.46.6-150200.133.1
    * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150200.133.1
    * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150200.133.1
    * webkit2gtk3-debugsource-2.46.6-150200.133.1
    * webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1
    * typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1
    * typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1
    * libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1
    * webkit2gtk3-devel-2.46.6-150200.133.1
    * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150200.133.1
    * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * libwebkit2gtk3-lang-2.46.6-150200.133.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * libwebkit2gtk-4_0-37-2.46.6-150200.133.1
    * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150200.133.1
    * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150200.133.1
    * webkit2gtk3-debugsource-2.46.6-150200.133.1
    * webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1
    * typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1
    * typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1
    * libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1
    * webkit2gtk3-devel-2.46.6-150200.133.1
    * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150200.133.1
    * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1
  * SUSE Enterprise Storage 7.1 (noarch)
    * libwebkit2gtk3-lang-2.46.6-150200.133.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-27856.html
  * https://www.suse.com/security/cve/CVE-2024-54479.html
  * https://www.suse.com/security/cve/CVE-2024-54502.html
  * https://www.suse.com/security/cve/CVE-2024-54505.html
  * https://www.suse.com/security/cve/CVE-2024-54508.html
  * https://www.suse.com/security/cve/CVE-2024-54534.html
  * https://www.suse.com/security/cve/CVE-2024-54543.html
  * https://www.suse.com/security/cve/CVE-2024-54658.html
  * https://www.suse.com/security/cve/CVE-2025-24143.html
  * https://www.suse.com/security/cve/CVE-2025-24150.html
  * https://www.suse.com/security/cve/CVE-2025-24158.html
  * https://www.suse.com/security/cve/CVE-2025-24162.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1234851
  * https://bugzilla.suse.com/show_bug.cgi?id=1236946

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250227/090317f1/attachment.htm>

From null at suse.de  Fri Feb 28 12:30:03 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 28 Feb 2025 12:30:03 -0000
Subject: SUSE-SU-2025:0742-1: important: Security update for openvswitch3
Message-ID: <174074580380.31417.3475733952852866849@smelt2.prg2.suse.org>



# Security update for openvswitch3

Announcement ID: SUSE-SU-2025:0742-1  
Release Date: 2025-02-28T10:17:43Z  
Rating: important  
References:

  * bsc#1236353

  
Cross-References:

  * CVE-2025-0650

  
CVSS scores:

  * CVE-2025-0650 ( SUSE ):  9.2
    CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-0650 ( SUSE ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0650 ( NVD ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.5
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for openvswitch3 fixes the following issues:

  * CVE-2025-0650: Fixed egress ACLs that may be bypassed via specially crafted
    UDP packet (bsc#1236353).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-742=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-742=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-742=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-742=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-742=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-742=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-742=1

## Package List:

  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
    * libopenvswitch-3_1-0-debuginfo-3.1.0-150500.3.22.1
    * openvswitch3-ipsec-3.1.0-150500.3.22.1
    * openvswitch3-test-3.1.0-150500.3.22.1
    * openvswitch3-pki-3.1.0-150500.3.22.1
    * libopenvswitch-3_1-0-3.1.0-150500.3.22.1
    * ovn3-debuginfo-23.03.0-150500.3.22.1
    * python3-ovs3-3.1.0-150500.3.22.1
    * ovn3-host-23.03.0-150500.3.22.1
    * ovn3-docker-23.03.0-150500.3.22.1
    * openvswitch3-debugsource-3.1.0-150500.3.22.1
    * ovn3-23.03.0-150500.3.22.1
    * openvswitch3-devel-3.1.0-150500.3.22.1
    * libovn-23_03-0-debuginfo-23.03.0-150500.3.22.1
    * ovn3-central-23.03.0-150500.3.22.1
    * ovn3-vtep-23.03.0-150500.3.22.1
    * openvswitch3-test-debuginfo-3.1.0-150500.3.22.1
    * ovn3-devel-23.03.0-150500.3.22.1
    * ovn3-vtep-debuginfo-23.03.0-150500.3.22.1
    * ovn3-host-debuginfo-23.03.0-150500.3.22.1
    * libovn-23_03-0-23.03.0-150500.3.22.1
    * ovn3-central-debuginfo-23.03.0-150500.3.22.1
    * openvswitch3-vtep-3.1.0-150500.3.22.1
    * openvswitch3-3.1.0-150500.3.22.1
    * openvswitch3-debuginfo-3.1.0-150500.3.22.1
    * openvswitch3-vtep-debuginfo-3.1.0-150500.3.22.1
  * openSUSE Leap 15.5 (noarch)
    * openvswitch3-doc-3.1.0-150500.3.22.1
    * ovn3-doc-23.03.0-150500.3.22.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * openvswitch3-ipsec-3.1.0-150500.3.22.1
    * openvswitch3-test-3.1.0-150500.3.22.1
    * openvswitch3-pki-3.1.0-150500.3.22.1
    * ovn3-debuginfo-23.03.0-150500.3.22.1
    * python3-ovs3-3.1.0-150500.3.22.1
    * ovn3-host-23.03.0-150500.3.22.1
    * ovn3-docker-23.03.0-150500.3.22.1
    * openvswitch3-debugsource-3.1.0-150500.3.22.1
    * ovn3-23.03.0-150500.3.22.1
    * openvswitch3-devel-3.1.0-150500.3.22.1
    * ovn3-central-23.03.0-150500.3.22.1
    * ovn3-vtep-23.03.0-150500.3.22.1
    * openvswitch3-test-debuginfo-3.1.0-150500.3.22.1
    * ovn3-devel-23.03.0-150500.3.22.1
    * ovn3-vtep-debuginfo-23.03.0-150500.3.22.1
    * ovn3-host-debuginfo-23.03.0-150500.3.22.1
    * ovn3-central-debuginfo-23.03.0-150500.3.22.1
    * openvswitch3-vtep-3.1.0-150500.3.22.1
    * openvswitch3-3.1.0-150500.3.22.1
    * openvswitch3-debuginfo-3.1.0-150500.3.22.1
    * openvswitch3-vtep-debuginfo-3.1.0-150500.3.22.1
  * openSUSE Leap 15.6 (noarch)
    * openvswitch3-doc-3.1.0-150500.3.22.1
    * ovn3-doc-23.03.0-150500.3.22.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * ovn3-debuginfo-23.03.0-150500.3.22.1
    * python3-ovs3-3.1.0-150500.3.22.1
    * ovn3-vtep-23.03.0-150500.3.22.1
    * openvswitch3-vtep-debuginfo-3.1.0-150500.3.22.1
    * ovn3-central-debuginfo-23.03.0-150500.3.22.1
    * openvswitch3-vtep-3.1.0-150500.3.22.1
    * ovn3-23.03.0-150500.3.22.1
    * ovn3-host-23.03.0-150500.3.22.1
    * libopenvswitch-3_1-0-debuginfo-3.1.0-150500.3.22.1
    * ovn3-docker-23.03.0-150500.3.22.1
    * openvswitch3-debugsource-3.1.0-150500.3.22.1
    * ovn3-vtep-debuginfo-23.03.0-150500.3.22.1
    * openvswitch3-3.1.0-150500.3.22.1
    * ovn3-host-debuginfo-23.03.0-150500.3.22.1
    * openvswitch3-debuginfo-3.1.0-150500.3.22.1
    * libovn-23_03-0-23.03.0-150500.3.22.1
    * libovn-23_03-0-debuginfo-23.03.0-150500.3.22.1
    * libopenvswitch-3_1-0-3.1.0-150500.3.22.1
    * ovn3-central-23.03.0-150500.3.22.1
    * openvswitch3-pki-3.1.0-150500.3.22.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * libopenvswitch-3_1-0-debuginfo-3.1.0-150500.3.22.1
    * openvswitch3-ipsec-3.1.0-150500.3.22.1
    * openvswitch3-test-3.1.0-150500.3.22.1
    * openvswitch3-pki-3.1.0-150500.3.22.1
    * libopenvswitch-3_1-0-3.1.0-150500.3.22.1
    * ovn3-debuginfo-23.03.0-150500.3.22.1
    * python3-ovs3-3.1.0-150500.3.22.1
    * ovn3-host-23.03.0-150500.3.22.1
    * ovn3-docker-23.03.0-150500.3.22.1
    * openvswitch3-debugsource-3.1.0-150500.3.22.1
    * ovn3-23.03.0-150500.3.22.1
    * openvswitch3-devel-3.1.0-150500.3.22.1
    * libovn-23_03-0-debuginfo-23.03.0-150500.3.22.1
    * ovn3-central-23.03.0-150500.3.22.1
    * ovn3-vtep-23.03.0-150500.3.22.1
    * openvswitch3-test-debuginfo-3.1.0-150500.3.22.1
    * ovn3-devel-23.03.0-150500.3.22.1
    * ovn3-vtep-debuginfo-23.03.0-150500.3.22.1
    * ovn3-host-debuginfo-23.03.0-150500.3.22.1
    * libovn-23_03-0-23.03.0-150500.3.22.1
    * ovn3-central-debuginfo-23.03.0-150500.3.22.1
    * openvswitch3-vtep-3.1.0-150500.3.22.1
    * openvswitch3-3.1.0-150500.3.22.1
    * openvswitch3-debuginfo-3.1.0-150500.3.22.1
    * openvswitch3-vtep-debuginfo-3.1.0-150500.3.22.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * libopenvswitch-3_1-0-debuginfo-3.1.0-150500.3.22.1
    * openvswitch3-ipsec-3.1.0-150500.3.22.1
    * openvswitch3-test-3.1.0-150500.3.22.1
    * openvswitch3-pki-3.1.0-150500.3.22.1
    * libopenvswitch-3_1-0-3.1.0-150500.3.22.1
    * ovn3-debuginfo-23.03.0-150500.3.22.1
    * python3-ovs3-3.1.0-150500.3.22.1
    * ovn3-host-23.03.0-150500.3.22.1
    * ovn3-docker-23.03.0-150500.3.22.1
    * openvswitch3-debugsource-3.1.0-150500.3.22.1
    * ovn3-23.03.0-150500.3.22.1
    * openvswitch3-devel-3.1.0-150500.3.22.1
    * libovn-23_03-0-debuginfo-23.03.0-150500.3.22.1
    * ovn3-central-23.03.0-150500.3.22.1
    * ovn3-vtep-23.03.0-150500.3.22.1
    * openvswitch3-test-debuginfo-3.1.0-150500.3.22.1
    * ovn3-devel-23.03.0-150500.3.22.1
    * ovn3-vtep-debuginfo-23.03.0-150500.3.22.1
    * ovn3-host-debuginfo-23.03.0-150500.3.22.1
    * libovn-23_03-0-23.03.0-150500.3.22.1
    * ovn3-central-debuginfo-23.03.0-150500.3.22.1
    * openvswitch3-vtep-3.1.0-150500.3.22.1
    * openvswitch3-3.1.0-150500.3.22.1
    * openvswitch3-debuginfo-3.1.0-150500.3.22.1
    * openvswitch3-vtep-debuginfo-3.1.0-150500.3.22.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * libopenvswitch-3_1-0-debuginfo-3.1.0-150500.3.22.1
    * openvswitch3-ipsec-3.1.0-150500.3.22.1
    * openvswitch3-test-3.1.0-150500.3.22.1
    * openvswitch3-pki-3.1.0-150500.3.22.1
    * libopenvswitch-3_1-0-3.1.0-150500.3.22.1
    * ovn3-debuginfo-23.03.0-150500.3.22.1
    * python3-ovs3-3.1.0-150500.3.22.1
    * ovn3-host-23.03.0-150500.3.22.1
    * ovn3-docker-23.03.0-150500.3.22.1
    * openvswitch3-debugsource-3.1.0-150500.3.22.1
    * ovn3-23.03.0-150500.3.22.1
    * openvswitch3-devel-3.1.0-150500.3.22.1
    * libovn-23_03-0-debuginfo-23.03.0-150500.3.22.1
    * ovn3-central-23.03.0-150500.3.22.1
    * ovn3-vtep-23.03.0-150500.3.22.1
    * openvswitch3-test-debuginfo-3.1.0-150500.3.22.1
    * ovn3-devel-23.03.0-150500.3.22.1
    * ovn3-vtep-debuginfo-23.03.0-150500.3.22.1
    * ovn3-host-debuginfo-23.03.0-150500.3.22.1
    * libovn-23_03-0-23.03.0-150500.3.22.1
    * ovn3-central-debuginfo-23.03.0-150500.3.22.1
    * openvswitch3-vtep-3.1.0-150500.3.22.1
    * openvswitch3-3.1.0-150500.3.22.1
    * openvswitch3-debuginfo-3.1.0-150500.3.22.1
    * openvswitch3-vtep-debuginfo-3.1.0-150500.3.22.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * libopenvswitch-3_1-0-debuginfo-3.1.0-150500.3.22.1
    * openvswitch3-ipsec-3.1.0-150500.3.22.1
    * openvswitch3-test-3.1.0-150500.3.22.1
    * openvswitch3-pki-3.1.0-150500.3.22.1
    * libopenvswitch-3_1-0-3.1.0-150500.3.22.1
    * ovn3-debuginfo-23.03.0-150500.3.22.1
    * python3-ovs3-3.1.0-150500.3.22.1
    * ovn3-host-23.03.0-150500.3.22.1
    * ovn3-docker-23.03.0-150500.3.22.1
    * openvswitch3-debugsource-3.1.0-150500.3.22.1
    * ovn3-23.03.0-150500.3.22.1
    * openvswitch3-devel-3.1.0-150500.3.22.1
    * libovn-23_03-0-debuginfo-23.03.0-150500.3.22.1
    * ovn3-central-23.03.0-150500.3.22.1
    * ovn3-vtep-23.03.0-150500.3.22.1
    * openvswitch3-test-debuginfo-3.1.0-150500.3.22.1
    * ovn3-devel-23.03.0-150500.3.22.1
    * ovn3-vtep-debuginfo-23.03.0-150500.3.22.1
    * ovn3-host-debuginfo-23.03.0-150500.3.22.1
    * libovn-23_03-0-23.03.0-150500.3.22.1
    * ovn3-central-debuginfo-23.03.0-150500.3.22.1
    * openvswitch3-vtep-3.1.0-150500.3.22.1
    * openvswitch3-3.1.0-150500.3.22.1
    * openvswitch3-debuginfo-3.1.0-150500.3.22.1
    * openvswitch3-vtep-debuginfo-3.1.0-150500.3.22.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-0650.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236353

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250228/d0d450d0/attachment.htm>

From null at suse.de  Fri Feb 28 12:30:08 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 28 Feb 2025 12:30:08 -0000
Subject: SUSE-SU-2025:0741-1: important: Security update for procps
Message-ID: <174074580890.31417.12742570551896971245@smelt2.prg2.suse.org>



# Security update for procps

Announcement ID: SUSE-SU-2025:0741-1  
Release Date: 2025-02-28T10:17:02Z  
Rating: important  
References:

  * bsc#1214290
  * bsc#1236842

  
Cross-References:

  * CVE-2023-4016

  
CVSS scores:

  * CVE-2023-4016 ( SUSE ):  2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2023-4016 ( NVD ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Micro for Rancher 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for procps fixes the following issues:

  * Integer overflow due to incomplete fix for CVE-2023-4016 can lead to
    segmentation fault in ps command when pid argument has a leading space
    (bsc#1236842, bsc#1214290).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-741=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-741=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-741=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-741=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-741=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-741=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-741=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-741=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-741=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-741=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-741=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-741=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-741=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-741=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-741=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-741=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-741=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-741=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-741=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-741=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-741=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-741=1

  * SUSE Linux Enterprise Micro 5.1  
    zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-741=1

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-741=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-741=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * procps-devel-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * openSUSE Leap 15.6 (noarch)
    * procps-lang-3.3.17-150000.7.42.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * procps-devel-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * procps-devel-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * procps-devel-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * procps-devel-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * procps-devel-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * procps-devel-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * procps-devel-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * procps-devel-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * procps-devel-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * procps-devel-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * procps-devel-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * procps-devel-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * procps-devel-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * procps-devel-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * procps-devel-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * procps-devel-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-4016.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1214290
  * https://bugzilla.suse.com/show_bug.cgi?id=1236842

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250228/5b41e394/attachment.htm>

From null at suse.de  Fri Feb 28 12:30:11 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 28 Feb 2025 12:30:11 -0000
Subject: SUSE-SU-2025:0740-1: moderate: Security update for libX11
Message-ID: <174074581173.31417.11191199167671132548@smelt2.prg2.suse.org>



# Security update for libX11

Announcement ID: SUSE-SU-2025:0740-1  
Release Date: 2025-02-28T10:10:32Z  
Rating: moderate  
References:

  * bsc#1237431

  
Cross-References:

  * CVE-2025-26597

  
CVSS scores:

  * CVE-2025-26597 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26597 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2025-26597 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for libX11 fixes the following issues:

  * CVE-2025-26597: improper resizing of key actions when nGroups is 0 can lead
    to buffer overflows in XkbChangeTypesOfKey() (bsc#1237431).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-740=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-740=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * libX11-xcb1-1.6.2-12.36.1
    * libX11-debugsource-1.6.2-12.36.1
    * libX11-6-debuginfo-1.6.2-12.36.1
    * libX11-devel-1.6.2-12.36.1
    * libX11-xcb1-debuginfo-1.6.2-12.36.1
    * libX11-6-1.6.2-12.36.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch)
    * libX11-data-1.6.2-12.36.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64)
    * libX11-xcb1-debuginfo-32bit-1.6.2-12.36.1
    * libX11-6-32bit-1.6.2-12.36.1
    * libX11-xcb1-32bit-1.6.2-12.36.1
    * libX11-6-debuginfo-32bit-1.6.2-12.36.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * libX11-xcb1-1.6.2-12.36.1
    * libX11-debugsource-1.6.2-12.36.1
    * libX11-6-debuginfo-1.6.2-12.36.1
    * libX11-6-32bit-1.6.2-12.36.1
    * libX11-xcb1-debuginfo-32bit-1.6.2-12.36.1
    * libX11-devel-1.6.2-12.36.1
    * libX11-xcb1-debuginfo-1.6.2-12.36.1
    * libX11-6-1.6.2-12.36.1
    * libX11-xcb1-32bit-1.6.2-12.36.1
    * libX11-6-debuginfo-32bit-1.6.2-12.36.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch)
    * libX11-data-1.6.2-12.36.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-26597.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237431

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250228/c029d6bd/attachment.htm>

From null at suse.de  Fri Feb 28 12:30:15 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 28 Feb 2025 12:30:15 -0000
Subject: SUSE-SU-2025:0739-1: moderate: Security update for libX11
Message-ID: <174074581513.31417.12418289035643906341@smelt2.prg2.suse.org>



# Security update for libX11

Announcement ID: SUSE-SU-2025:0739-1  
Release Date: 2025-02-28T10:09:50Z  
Rating: moderate  
References:

  * bsc#1237431

  
Cross-References:

  * CVE-2025-26597

  
CVSS scores:

  * CVE-2025-26597 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26597 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2025-26597 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for libX11 fixes the following issues:

  * CVE-2025-26597: improper resizing of key actions when nGroups is 0 can lead
    to buffer overflows in XkbChangeTypesOfKey() (bsc#1237431).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-739=1 openSUSE-SLE-15.6-2025-739=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-739=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * libX11-xcb1-1.8.7-150600.3.3.1
    * libX11-xcb1-debuginfo-1.8.7-150600.3.3.1
    * libX11-debugsource-1.8.7-150600.3.3.1
    * libX11-6-1.8.7-150600.3.3.1
    * libX11-devel-1.8.7-150600.3.3.1
    * libX11-6-debuginfo-1.8.7-150600.3.3.1
  * openSUSE Leap 15.6 (x86_64)
    * libX11-6-32bit-debuginfo-1.8.7-150600.3.3.1
    * libX11-xcb1-32bit-1.8.7-150600.3.3.1
    * libX11-devel-32bit-1.8.7-150600.3.3.1
    * libX11-6-32bit-1.8.7-150600.3.3.1
    * libX11-xcb1-32bit-debuginfo-1.8.7-150600.3.3.1
  * openSUSE Leap 15.6 (noarch)
    * libX11-data-1.8.7-150600.3.3.1
  * openSUSE Leap 15.6 (aarch64_ilp32)
    * libX11-6-64bit-1.8.7-150600.3.3.1
    * libX11-6-64bit-debuginfo-1.8.7-150600.3.3.1
    * libX11-devel-64bit-1.8.7-150600.3.3.1
    * libX11-xcb1-64bit-1.8.7-150600.3.3.1
    * libX11-xcb1-64bit-debuginfo-1.8.7-150600.3.3.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * libX11-xcb1-1.8.7-150600.3.3.1
    * libX11-xcb1-debuginfo-1.8.7-150600.3.3.1
    * libX11-debugsource-1.8.7-150600.3.3.1
    * libX11-6-1.8.7-150600.3.3.1
    * libX11-devel-1.8.7-150600.3.3.1
    * libX11-6-debuginfo-1.8.7-150600.3.3.1
  * Basesystem Module 15-SP6 (noarch)
    * libX11-data-1.8.7-150600.3.3.1
  * Basesystem Module 15-SP6 (x86_64)
    * libX11-6-32bit-1.8.7-150600.3.3.1
    * libX11-xcb1-32bit-1.8.7-150600.3.3.1
    * libX11-xcb1-32bit-debuginfo-1.8.7-150600.3.3.1
    * libX11-6-32bit-debuginfo-1.8.7-150600.3.3.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-26597.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237431

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250228/5bb12e49/attachment.htm>

From null at suse.de  Fri Feb 28 12:30:18 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 28 Feb 2025 12:30:18 -0000
Subject: SUSE-SU-2025:0737-1: important: Security update for postgresql13
Message-ID: <174074581831.31417.14765149110541821059@smelt2.prg2.suse.org>



# Security update for postgresql13

Announcement ID: SUSE-SU-2025:0737-1  
Release Date: 2025-02-28T09:56:56Z  
Rating: important  
References:

  * bsc#1237093

  
Cross-References:

  * CVE-2025-1094

  
CVSS scores:

  * CVE-2025-1094 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-1094 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1094 ( NVD ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for postgresql13 fixes the following issues:

Upgrade to 13.20:

  * CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-
    encoded input strings (bsc#1237093).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-737=1 SUSE-2025-737=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * postgresql13-plpython-13.20-150600.14.5.2
    * postgresql13-llvmjit-devel-13.20-150600.14.5.2
    * postgresql13-debugsource-13.20-150600.14.5.2
    * postgresql13-pltcl-13.20-150600.14.5.2
    * postgresql13-server-devel-debuginfo-13.20-150600.14.5.2
    * postgresql13-pltcl-debuginfo-13.20-150600.14.5.2
    * postgresql13-server-13.20-150600.14.5.2
    * postgresql13-test-13.20-150600.14.5.2
    * postgresql13-13.20-150600.14.5.2
    * postgresql13-devel-13.20-150600.14.5.2
    * postgresql13-contrib-debuginfo-13.20-150600.14.5.2
    * postgresql13-server-devel-13.20-150600.14.5.2
    * postgresql13-llvmjit-debuginfo-13.20-150600.14.5.2
    * postgresql13-server-debuginfo-13.20-150600.14.5.2
    * postgresql13-plperl-13.20-150600.14.5.2
    * postgresql13-contrib-13.20-150600.14.5.2
    * postgresql13-plperl-debuginfo-13.20-150600.14.5.2
    * postgresql13-llvmjit-13.20-150600.14.5.2
    * postgresql13-devel-debuginfo-13.20-150600.14.5.2
    * postgresql13-debuginfo-13.20-150600.14.5.2
    * postgresql13-plpython-debuginfo-13.20-150600.14.5.2
  * openSUSE Leap 15.6 (noarch)
    * postgresql13-docs-13.20-150600.14.5.2

## References:

  * https://www.suse.com/security/cve/CVE-2025-1094.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237093

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250228/8cf78f7d/attachment.htm>

From null at suse.de  Fri Feb 28 16:30:14 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 28 Feb 2025 16:30:14 -0000
Subject: SUSE-SU-2025:0744-1: moderate: Security update for openssh8.4
Message-ID: <174076021499.31718.10098572797356426368@smelt2.prg2.suse.org>



# Security update for openssh8.4

Announcement ID: SUSE-SU-2025:0744-1  
Release Date: 2025-02-28T14:39:39Z  
Rating: moderate  
References:

  * bsc#1186673
  * bsc#1213004
  * bsc#1213008
  * bsc#1214788
  * bsc#1216474
  * bsc#1218871
  * bsc#1221123
  * bsc#1222831
  * bsc#1237040

  
Cross-References:

  * CVE-2025-26465

  
CVSS scores:

  * CVE-2025-26465 ( SUSE ):  6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
  * CVE-2025-26465 ( NVD ):  6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability and has eight security fixes can now be
installed.

## Description:

This update for openssh8.4 fixes the following issues:

  * CVE-2025-26465: Fixed a MitM attack against OpenSSH's VerifyHostKeyDNS-
    enabled client (bsc#1237040).

Other bugfixes:

  * Fix usage of local accelerator cards via openssl-ibmca (bsc#1216474,
    bsc#1218871).
  * Add patches from upstream to change the default value of UpdateHostKeys to
    Yes (unless VerifyHostKeyDNS is enabled) (bsc#1222831).
  * Fix hostbased ssh login failing occasionally with "signature unverified:
    incorrect signature" by fixing a typo in patch (bsc#1221123).
  * For now we don't ship the ssh-keycat command, but we need the patch for the
    other SELinux infrastructure (bsc#1214788).
  * Attempts to mitigate instances of secrets lingering in memory after a
    session exits (bsc#1213004, bsc#1213008, bsc#1186673).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-744=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-744=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * openssh8.4-fips-8.4p1-8.16.1
    * openssh8.4-helpers-8.4p1-8.16.1
    * openssh8.4-server-8.4p1-8.16.1
    * openssh8.4-clients-debuginfo-8.4p1-8.16.1
    * openssh8.4-common-debuginfo-8.4p1-8.16.1
    * openssh8.4-helpers-debuginfo-8.4p1-8.16.1
    * openssh8.4-server-debuginfo-8.4p1-8.16.1
    * openssh8.4-8.4p1-8.16.1
    * openssh8.4-common-8.4p1-8.16.1
    * openssh8.4-clients-8.4p1-8.16.1
    * openssh8.4-debugsource-8.4p1-8.16.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * openssh8.4-fips-8.4p1-8.16.1
    * openssh8.4-helpers-8.4p1-8.16.1
    * openssh8.4-server-8.4p1-8.16.1
    * openssh8.4-clients-debuginfo-8.4p1-8.16.1
    * openssh8.4-common-debuginfo-8.4p1-8.16.1
    * openssh8.4-helpers-debuginfo-8.4p1-8.16.1
    * openssh8.4-server-debuginfo-8.4p1-8.16.1
    * openssh8.4-8.4p1-8.16.1
    * openssh8.4-common-8.4p1-8.16.1
    * openssh8.4-clients-8.4p1-8.16.1
    * openssh8.4-debugsource-8.4p1-8.16.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-26465.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1186673
  * https://bugzilla.suse.com/show_bug.cgi?id=1213004
  * https://bugzilla.suse.com/show_bug.cgi?id=1213008
  * https://bugzilla.suse.com/show_bug.cgi?id=1214788
  * https://bugzilla.suse.com/show_bug.cgi?id=1216474
  * https://bugzilla.suse.com/show_bug.cgi?id=1218871
  * https://bugzilla.suse.com/show_bug.cgi?id=1221123
  * https://bugzilla.suse.com/show_bug.cgi?id=1222831
  * https://bugzilla.suse.com/show_bug.cgi?id=1237040

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250228/f927b12e/attachment.htm>

From null at suse.de  Fri Feb 28 20:30:05 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 28 Feb 2025 20:30:05 -0000
Subject: SUSE-SU-2025:0758-1: moderate: Security update for libxkbfile
Message-ID: <174077460573.31458.4560323434576111189@smelt2.prg2.suse.org>



# Security update for libxkbfile

Announcement ID: SUSE-SU-2025:0758-1  
Release Date: 2025-02-28T18:23:41Z  
Rating: moderate  
References:

  * bsc#1237429

  
Cross-References:

  * CVE-2025-26595

  
CVSS scores:

  * CVE-2025-26595 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26595 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2025-26595 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for libxkbfile fixes the following issues:

  * CVE-2025-26595: Fixed buffer overflow in XkbVModMaskText() (bsc#1237429).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-758=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-758=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-758=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-758=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-758=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-758=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-758=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-758=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-758=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-758=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-758=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-758=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-758=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-758=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-758=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-758=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-758=1

## Package List:

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * libxkbfile-devel-1.0.9-150000.3.3.1
    * libxkbfile1-1.0.9-150000.3.3.1
    * libxkbfile1-debuginfo-1.0.9-150000.3.3.1
    * libxkbfile-debugsource-1.0.9-150000.3.3.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * libxkbfile-devel-1.0.9-150000.3.3.1
    * libxkbfile1-1.0.9-150000.3.3.1
    * libxkbfile1-debuginfo-1.0.9-150000.3.3.1
    * libxkbfile-debugsource-1.0.9-150000.3.3.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * libxkbfile-devel-1.0.9-150000.3.3.1
    * libxkbfile1-1.0.9-150000.3.3.1
    * libxkbfile1-debuginfo-1.0.9-150000.3.3.1
    * libxkbfile-debugsource-1.0.9-150000.3.3.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * libxkbfile-devel-1.0.9-150000.3.3.1
    * libxkbfile1-1.0.9-150000.3.3.1
    * libxkbfile1-debuginfo-1.0.9-150000.3.3.1
    * libxkbfile-debugsource-1.0.9-150000.3.3.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * libxkbfile-devel-1.0.9-150000.3.3.1
    * libxkbfile1-1.0.9-150000.3.3.1
    * libxkbfile1-debuginfo-1.0.9-150000.3.3.1
    * libxkbfile-debugsource-1.0.9-150000.3.3.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * libxkbfile-devel-1.0.9-150000.3.3.1
    * libxkbfile1-1.0.9-150000.3.3.1
    * libxkbfile1-debuginfo-1.0.9-150000.3.3.1
    * libxkbfile-debugsource-1.0.9-150000.3.3.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * libxkbfile-devel-1.0.9-150000.3.3.1
    * libxkbfile1-1.0.9-150000.3.3.1
    * libxkbfile1-debuginfo-1.0.9-150000.3.3.1
    * libxkbfile-debugsource-1.0.9-150000.3.3.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * libxkbfile-devel-1.0.9-150000.3.3.1
    * libxkbfile1-1.0.9-150000.3.3.1
    * libxkbfile1-debuginfo-1.0.9-150000.3.3.1
    * libxkbfile-debugsource-1.0.9-150000.3.3.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * libxkbfile-devel-1.0.9-150000.3.3.1
    * libxkbfile1-1.0.9-150000.3.3.1
    * libxkbfile1-debuginfo-1.0.9-150000.3.3.1
    * libxkbfile-debugsource-1.0.9-150000.3.3.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * libxkbfile-devel-1.0.9-150000.3.3.1
    * libxkbfile1-1.0.9-150000.3.3.1
    * libxkbfile1-debuginfo-1.0.9-150000.3.3.1
    * libxkbfile-debugsource-1.0.9-150000.3.3.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * libxkbfile-devel-1.0.9-150000.3.3.1
    * libxkbfile1-1.0.9-150000.3.3.1
    * libxkbfile1-debuginfo-1.0.9-150000.3.3.1
    * libxkbfile-debugsource-1.0.9-150000.3.3.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * libxkbfile-devel-1.0.9-150000.3.3.1
    * libxkbfile1-1.0.9-150000.3.3.1
    * libxkbfile1-debuginfo-1.0.9-150000.3.3.1
    * libxkbfile-debugsource-1.0.9-150000.3.3.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * libxkbfile-devel-1.0.9-150000.3.3.1
    * libxkbfile1-1.0.9-150000.3.3.1
    * libxkbfile1-debuginfo-1.0.9-150000.3.3.1
    * libxkbfile-debugsource-1.0.9-150000.3.3.1
  * openSUSE Leap 15.6 (x86_64)
    * libxkbfile1-32bit-debuginfo-1.0.9-150000.3.3.1
    * libxkbfile1-32bit-1.0.9-150000.3.3.1
    * libxkbfile-devel-32bit-1.0.9-150000.3.3.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * libxkbfile-devel-1.0.9-150000.3.3.1
    * libxkbfile1-1.0.9-150000.3.3.1
    * libxkbfile1-debuginfo-1.0.9-150000.3.3.1
    * libxkbfile-debugsource-1.0.9-150000.3.3.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * libxkbfile-devel-1.0.9-150000.3.3.1
    * libxkbfile1-1.0.9-150000.3.3.1
    * libxkbfile1-debuginfo-1.0.9-150000.3.3.1
    * libxkbfile-debugsource-1.0.9-150000.3.3.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * libxkbfile-devel-1.0.9-150000.3.3.1
    * libxkbfile1-1.0.9-150000.3.3.1
    * libxkbfile1-debuginfo-1.0.9-150000.3.3.1
    * libxkbfile-debugsource-1.0.9-150000.3.3.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * libxkbfile-devel-1.0.9-150000.3.3.1
    * libxkbfile1-1.0.9-150000.3.3.1
    * libxkbfile1-debuginfo-1.0.9-150000.3.3.1
    * libxkbfile-debugsource-1.0.9-150000.3.3.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-26595.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237429

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250228/453ab037/attachment.htm>

From null at suse.de  Fri Feb 28 20:30:09 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 28 Feb 2025 20:30:09 -0000
Subject: SUSE-SU-2025:0757-1: moderate: Security update for libX11
Message-ID: <174077460970.31458.14975951591896313343@smelt2.prg2.suse.org>



# Security update for libX11

Announcement ID: SUSE-SU-2025:0757-1  
Release Date: 2025-02-28T16:40:50Z  
Rating: moderate  
References:

  * bsc#1237431

  
Cross-References:

  * CVE-2025-26597

  
CVSS scores:

  * CVE-2025-26597 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26597 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2025-26597 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Micro for Rancher 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for libX11 fixes the following issues:

  * CVE-2025-26597: improper resizing of key actions when nGroups is 0 can lead
    to buffer overflows in XkbChangeTypesOfKey() (bsc#1237431).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-757=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-757=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-757=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-757=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-757=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-757=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-757=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-757=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-757=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-757=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-757=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-757=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-757=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-757=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-757=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-757=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-757=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-757=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-757=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-757=1

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-757=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-757=1

## Package List:

  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch)
    * libX11-data-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Micro 5.3 (noarch)
    * libX11-data-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch)
    * libX11-data-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Micro 5.4 (noarch)
    * libX11-data-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Micro 5.5 (noarch)
    * libX11-data-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-devel-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * libX11-data-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64)
    * libX11-6-32bit-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-1.6.5-150000.3.36.1
    * libX11-6-32bit-debuginfo-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-devel-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * libX11-data-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
    * libX11-6-32bit-1.6.5-150000.3.36.1
    * libX11-6-32bit-debuginfo-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-devel-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * libX11-data-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
    * libX11-6-32bit-1.6.5-150000.3.36.1
    * libX11-6-32bit-debuginfo-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-devel-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * libX11-data-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64)
    * libX11-xcb1-32bit-1.6.5-150000.3.36.1
    * libX11-6-32bit-debuginfo-1.6.5-150000.3.36.1
    * libX11-6-32bit-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-devel-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * libX11-data-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64)
    * libX11-xcb1-32bit-1.6.5-150000.3.36.1
    * libX11-6-32bit-debuginfo-1.6.5-150000.3.36.1
    * libX11-6-32bit-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-devel-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * libX11-data-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (x86_64)
    * libX11-6-32bit-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-1.6.5-150000.3.36.1
    * libX11-6-32bit-debuginfo-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-devel-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * libX11-data-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64)
    * libX11-6-32bit-1.6.5-150000.3.36.1
    * libX11-6-32bit-debuginfo-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-devel-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * libX11-data-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64)
    * libX11-xcb1-32bit-1.6.5-150000.3.36.1
    * libX11-6-32bit-debuginfo-1.6.5-150000.3.36.1
    * libX11-6-32bit-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-devel-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * libX11-data-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64)
    * libX11-6-32bit-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-1.6.5-150000.3.36.1
    * libX11-6-32bit-debuginfo-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-devel-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * libX11-data-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
    * libX11-6-32bit-1.6.5-150000.3.36.1
    * libX11-6-32bit-debuginfo-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-devel-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * libX11-data-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64)
    * libX11-xcb1-32bit-1.6.5-150000.3.36.1
    * libX11-6-32bit-debuginfo-1.6.5-150000.3.36.1
    * libX11-6-32bit-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-debuginfo-1.6.5-150000.3.36.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * libX11-6-32bit-debuginfo-1.6.5-150000.3.36.1
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-6-32bit-1.6.5-150000.3.36.1
    * libX11-devel-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-debuginfo-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Manager Proxy 4.3 (noarch)
    * libX11-data-1.6.5-150000.3.36.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * libX11-6-32bit-debuginfo-1.6.5-150000.3.36.1
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-6-32bit-1.6.5-150000.3.36.1
    * libX11-devel-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-debuginfo-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Manager Retail Branch Server 4.3 (noarch)
    * libX11-data-1.6.5-150000.3.36.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-devel-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Manager Server 4.3 (noarch)
    * libX11-data-1.6.5-150000.3.36.1
  * SUSE Manager Server 4.3 (x86_64)
    * libX11-6-32bit-1.6.5-150000.3.36.1
    * libX11-6-32bit-debuginfo-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-debuginfo-1.6.5-150000.3.36.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-devel-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Enterprise Storage 7.1 (noarch)
    * libX11-data-1.6.5-150000.3.36.1
  * SUSE Enterprise Storage 7.1 (x86_64)
    * libX11-6-32bit-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-1.6.5-150000.3.36.1
    * libX11-6-32bit-debuginfo-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Micro 5.2 (noarch)
    * libX11-data-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch)
    * libX11-data-1.6.5-150000.3.36.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-26597.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237431

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250228/1cfb29c1/attachment.htm>

From null at suse.de  Fri Feb 28 20:30:13 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 28 Feb 2025 20:30:13 -0000
Subject: SUSE-SU-2025:0756-1: moderate: Security update for python
Message-ID: <174077461393.31458.6375067149019051577@smelt2.prg2.suse.org>



# Security update for python

Announcement ID: SUSE-SU-2025:0756-1  
Release Date: 2025-02-28T16:38:14Z  
Rating: moderate  
References:

  * bsc#1223694
  * bsc#1236705

  
Cross-References:

  * CVE-2025-0938

  
CVSS scores:

  * CVE-2025-0938 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N
  * CVE-2025-0938 ( SUSE ):  4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
  * CVE-2025-0938 ( NVD ):  6.3
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

  
Affected Products:

  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Package Hub 15 15-SP6

  
  
An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for python fixes the following issues:

  * Reference to no longer used 'bracketed_host' variable in the fix for
    CVE-2025-0938 (bsc#1236705, bsc#1223694).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-756=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-756=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * python-curses-debuginfo-2.7.18-150000.74.1
    * python-tk-2.7.18-150000.74.1
    * python-base-2.7.18-150000.74.1
    * python-demo-2.7.18-150000.74.1
    * python-2.7.18-150000.74.1
    * python-idle-2.7.18-150000.74.1
    * libpython2_7-1_0-2.7.18-150000.74.1
    * python-gdbm-2.7.18-150000.74.1
    * python-xml-2.7.18-150000.74.1
    * python-base-debuginfo-2.7.18-150000.74.1
    * python-xml-debuginfo-2.7.18-150000.74.1
    * python-curses-2.7.18-150000.74.1
    * libpython2_7-1_0-debuginfo-2.7.18-150000.74.1
    * python-debuginfo-2.7.18-150000.74.1
    * python-devel-2.7.18-150000.74.1
    * python-tk-debuginfo-2.7.18-150000.74.1
    * python-gdbm-debuginfo-2.7.18-150000.74.1
    * python-base-debugsource-2.7.18-150000.74.1
    * python-debugsource-2.7.18-150000.74.1
  * openSUSE Leap 15.6 (x86_64)
    * python-32bit-2.7.18-150000.74.1
    * python-base-32bit-debuginfo-2.7.18-150000.74.1
    * python-32bit-debuginfo-2.7.18-150000.74.1
    * python-base-32bit-2.7.18-150000.74.1
    * libpython2_7-1_0-32bit-debuginfo-2.7.18-150000.74.1
    * libpython2_7-1_0-32bit-2.7.18-150000.74.1
  * openSUSE Leap 15.6 (noarch)
    * python-doc-2.7.18-150000.74.1
    * python-doc-pdf-2.7.18-150000.74.1
  * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64)
    * python-curses-debuginfo-2.7.18-150000.74.1
    * python-base-2.7.18-150000.74.1
    * python-2.7.18-150000.74.1
    * libpython2_7-1_0-2.7.18-150000.74.1
    * python-gdbm-2.7.18-150000.74.1
    * python-xml-2.7.18-150000.74.1
    * python-base-debuginfo-2.7.18-150000.74.1
    * python-xml-debuginfo-2.7.18-150000.74.1
    * python-curses-2.7.18-150000.74.1
    * libpython2_7-1_0-debuginfo-2.7.18-150000.74.1
    * python-debuginfo-2.7.18-150000.74.1
    * python-gdbm-debuginfo-2.7.18-150000.74.1
    * python-base-debugsource-2.7.18-150000.74.1
    * python-debugsource-2.7.18-150000.74.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-0938.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1223694
  * https://bugzilla.suse.com/show_bug.cgi?id=1236705

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250228/469cd377/attachment.htm>

From null at suse.de  Fri Feb 28 20:30:17 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 28 Feb 2025 20:30:17 -0000
Subject: SUSE-SU-2025:0755-1: moderate: Security update for u-boot
Message-ID: <174077461726.31458.15240333662638089175@smelt2.prg2.suse.org>



# Security update for u-boot

Announcement ID: SUSE-SU-2025:0755-1  
Release Date: 2025-02-28T16:37:12Z  
Rating: moderate  
References:

  * bsc#1237284
  * bsc#1237287

  
Cross-References:

  * CVE-2024-57256
  * CVE-2024-57258

  
CVSS scores:

  * CVE-2024-57256 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57256 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
  * CVE-2024-57256 ( NVD ):  7.1 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
  * CVE-2024-57258 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57258 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
  * CVE-2024-57258 ( NVD ):  7.1 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.6

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for u-boot fixes the following issues:

  * CVE-2024-57256: integer overflow in U-Boot's ext4 symlink resolution
    function (bsc#1237284).
  * CVE-2024-57258: multiple integer overflows in U-Boot's memory allocator
    (bsc#1237287).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-755=1

## Package List:

  * openSUSE Leap 15.6 (aarch64)
    * u-boot-xilinxzynqmpgeneric-2020.01-150200.10.18.1
    * u-boot-xilinxzynqmpgeneric-doc-2020.01-150200.10.18.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-57256.html
  * https://www.suse.com/security/cve/CVE-2024-57258.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237284
  * https://bugzilla.suse.com/show_bug.cgi?id=1237287

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250228/becc11ff/attachment.htm>

From null at suse.de  Fri Feb 28 20:30:20 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 28 Feb 2025 20:30:20 -0000
Subject: SUSE-SU-2025:0754-1: important: Security update for wireshark
Message-ID: <174077462056.31458.4232438539377625010@smelt2.prg2.suse.org>



# Security update for wireshark

Announcement ID: SUSE-SU-2025:0754-1  
Release Date: 2025-02-28T16:31:33Z  
Rating: important  
References:

  * bsc#1237414

  
Cross-References:

  * CVE-2025-1492

  
CVSS scores:

  * CVE-2025-1492 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-1492 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1492 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * Desktop Applications Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for wireshark fixes the following issues:

Update to version 4.2.11:

  * CVE-2025-1492: uncontrolled recursion leading to a stack buffer overflow can
    cause Bundle Protocol and CBOR dissector to crash (bsc#1237414).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-754=1 openSUSE-SLE-15.6-2025-754=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-754=1

  * Desktop Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-754=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * libwiretap14-debuginfo-4.2.11-150600.18.20.1
    * libwsutil15-4.2.11-150600.18.20.1
    * libwsutil15-debuginfo-4.2.11-150600.18.20.1
    * wireshark-ui-qt-4.2.11-150600.18.20.1
    * wireshark-ui-qt-debuginfo-4.2.11-150600.18.20.1
    * libwireshark17-4.2.11-150600.18.20.1
    * wireshark-4.2.11-150600.18.20.1
    * wireshark-debuginfo-4.2.11-150600.18.20.1
    * wireshark-debugsource-4.2.11-150600.18.20.1
    * wireshark-devel-4.2.11-150600.18.20.1
    * libwiretap14-4.2.11-150600.18.20.1
    * libwireshark17-debuginfo-4.2.11-150600.18.20.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * libwiretap14-debuginfo-4.2.11-150600.18.20.1
    * libwsutil15-4.2.11-150600.18.20.1
    * libwsutil15-debuginfo-4.2.11-150600.18.20.1
    * libwireshark17-4.2.11-150600.18.20.1
    * wireshark-4.2.11-150600.18.20.1
    * wireshark-debuginfo-4.2.11-150600.18.20.1
    * wireshark-debugsource-4.2.11-150600.18.20.1
    * libwiretap14-4.2.11-150600.18.20.1
    * libwireshark17-debuginfo-4.2.11-150600.18.20.1
  * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * wireshark-ui-qt-4.2.11-150600.18.20.1
    * wireshark-ui-qt-debuginfo-4.2.11-150600.18.20.1
    * wireshark-debugsource-4.2.11-150600.18.20.1
    * wireshark-debuginfo-4.2.11-150600.18.20.1
    * wireshark-devel-4.2.11-150600.18.20.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-1492.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237414

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250228/6659bccb/attachment.htm>

From null at suse.de  Fri Feb 28 20:30:25 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 28 Feb 2025 20:30:25 -0000
Subject: SUSE-SU-2025:0753-1: moderate: Security update for tiff
Message-ID: <174077462539.31458.8949340986636747437@smelt2.prg2.suse.org>



# Security update for tiff

Announcement ID: SUSE-SU-2025:0753-1  
Release Date: 2025-02-28T16:30:46Z  
Rating: moderate  
References:

  * bsc#1212607
  * bsc#1219213
  * bsc#1236834

  
Cross-References:

  * CVE-2023-25435
  * CVE-2023-52356

  
CVSS scores:

  * CVE-2023-25435 ( SUSE ):  6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L
  * CVE-2023-25435 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2023-25435 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2023-52356 ( SUSE ):  5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
  * CVE-2023-52356 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-52356 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Package Hub 15 15-SP6

  
  
An update that solves two vulnerabilities and has one security fix can now be
installed.

## Description:

This update for tiff fixes the following issues:

  * CVE-2023-25435: Heap-buffer-overflow in extractContigSamplesShifted8bits()
    in tiffcrop.c (bsc#1212607).
  * CVE-2023-52356: Segment fault in libtiff in TIFFReadRGBATileExt() leading to
    denial of service (bsc#1219213).

Other bugfixes:

  * Fixed tiff build issue on s390x as test 12 test_directory fails
    (bsc#1236834).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-753=1

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-753=1 openSUSE-SLE-15.6-2025-753=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-753=1

## Package List:

  * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64)
    * tiff-debugsource-4.7.0-150600.3.8.1
    * tiff-4.7.0-150600.3.8.1
    * tiff-debuginfo-4.7.0-150600.3.8.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * tiff-4.7.0-150600.3.8.1
    * tiff-debuginfo-4.7.0-150600.3.8.1
    * libtiff6-4.7.0-150600.3.8.1
    * libtiff6-debuginfo-4.7.0-150600.3.8.1
    * libtiff-devel-4.7.0-150600.3.8.1
    * tiff-debugsource-4.7.0-150600.3.8.1
  * openSUSE Leap 15.6 (noarch)
    * tiff-docs-4.7.0-150600.3.8.1
    * libtiff-devel-docs-4.7.0-150600.3.8.1
  * openSUSE Leap 15.6 (x86_64)
    * libtiff6-32bit-debuginfo-4.7.0-150600.3.8.1
    * libtiff-devel-32bit-4.7.0-150600.3.8.1
    * libtiff6-32bit-4.7.0-150600.3.8.1
  * openSUSE Leap 15.6 (aarch64_ilp32)
    * libtiff6-64bit-debuginfo-4.7.0-150600.3.8.1
    * libtiff6-64bit-4.7.0-150600.3.8.1
    * libtiff-devel-64bit-4.7.0-150600.3.8.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * tiff-debuginfo-4.7.0-150600.3.8.1
    * libtiff6-4.7.0-150600.3.8.1
    * libtiff6-debuginfo-4.7.0-150600.3.8.1
    * libtiff-devel-4.7.0-150600.3.8.1
    * tiff-debugsource-4.7.0-150600.3.8.1
  * Basesystem Module 15-SP6 (x86_64)
    * libtiff6-32bit-debuginfo-4.7.0-150600.3.8.1
    * libtiff6-32bit-4.7.0-150600.3.8.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-25435.html
  * https://www.suse.com/security/cve/CVE-2023-52356.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1212607
  * https://bugzilla.suse.com/show_bug.cgi?id=1219213
  * https://bugzilla.suse.com/show_bug.cgi?id=1236834

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250228/6114fd50/attachment.htm>

From null at suse.de  Fri Feb 28 20:30:32 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 28 Feb 2025 20:30:32 -0000
Subject: SUSE-SU-2025:0752-1: important: Security update for ovmf
Message-ID: <174077463248.31458.7640162576008773831@smelt2.prg2.suse.org>



# Security update for ovmf

Announcement ID: SUSE-SU-2025:0752-1  
Release Date: 2025-02-28T16:27:49Z  
Rating: important  
References:

  * bsc#1218879
  * bsc#1218880
  * bsc#1218881
  * bsc#1218882
  * bsc#1218883
  * bsc#1218884
  * bsc#1218885

  
Cross-References:

  * CVE-2023-45229
  * CVE-2023-45230
  * CVE-2023-45231
  * CVE-2023-45232
  * CVE-2023-45233
  * CVE-2023-45234
  * CVE-2023-45235

  
CVSS scores:

  * CVE-2023-45229 ( SUSE ):  6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-45229 ( NVD ):  6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-45230 ( SUSE ):  8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
  * CVE-2023-45230 ( NVD ):  8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-45230 ( NVD ):  8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
  * CVE-2023-45231 ( SUSE ):  6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-45231 ( NVD ):  6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-45232 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-45232 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-45232 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-45233 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-45233 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-45233 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-45234 ( SUSE ):  8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
  * CVE-2023-45234 ( NVD ):  8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-45234 ( NVD ):  8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
  * CVE-2023-45235 ( SUSE ):  8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
  * CVE-2023-45235 ( NVD ):  8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-45235 ( NVD ):  8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H

  
Affected Products:

  * openSUSE Leap 15.3
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.2
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3

  
  
An update that solves seven vulnerabilities can now be installed.

## Description:

This update for ovmf fixes the following issues:

  * CVE-2023-45229: out-of-bounds read in edk2 when processing IA_NA/IA_TA
    options in DHCPv6 Advertise messages. (bsc#1218879)
  * CVE-2023-45230: buffer overflow in the DHCPv6 client in edk2 via a long
    Server ID option. (bsc#1218880)
  * CVE-2023-45231: out-of-bounds read in edk2 when handling a ND Redirect
    message with truncated options. (bsc#1218881)
  * CVE-2023-45232: infinite loop in edk2 when parsing unknown options in the
    Destination Options header. (bsc#1218882)
  * CVE-2023-45233: infinite loop in edk2 when parsing PadN options in the
    Destination Options header. (bsc#1218883)
  * CVE-2023-45234: buffer overflow in edk2 when processing DNS Servers options
    in a DHCPv6 Advertise message. (bsc#1218884)
  * CVE-2023-45235: buffer overflow in edk2 when handling the Server ID option
    in a DHCPv6 proxy Advertise message. (bsc#1218885)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-752=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-752=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-752=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-752=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-752=1

  * SUSE Linux Enterprise Micro 5.1  
    zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-752=1

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-752=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-752=1

## Package List:

  * openSUSE Leap 15.3 (aarch64 x86_64)
    * ovmf-202008-150300.10.26.1
    * ovmf-tools-202008-150300.10.26.1
  * openSUSE Leap 15.3 (noarch)
    * qemu-uefi-aarch32-202008-150300.10.26.1
    * qemu-uefi-aarch64-202008-150300.10.26.1
    * qemu-ovmf-x86_64-202008-150300.10.26.1
    * qemu-ovmf-ia32-202008-150300.10.26.1
  * openSUSE Leap 15.3 (x86_64)
    * qemu-ovmf-x86_64-debug-202008-150300.10.26.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * ovmf-202008-150300.10.26.1
    * ovmf-tools-202008-150300.10.26.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * qemu-ovmf-x86_64-202008-150300.10.26.1
    * qemu-uefi-aarch64-202008-150300.10.26.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 x86_64)
    * ovmf-202008-150300.10.26.1
    * ovmf-tools-202008-150300.10.26.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * qemu-ovmf-x86_64-202008-150300.10.26.1
    * qemu-uefi-aarch64-202008-150300.10.26.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64)
    * ovmf-202008-150300.10.26.1
    * ovmf-tools-202008-150300.10.26.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * qemu-ovmf-x86_64-202008-150300.10.26.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * ovmf-202008-150300.10.26.1
    * ovmf-tools-202008-150300.10.26.1
  * SUSE Enterprise Storage 7.1 (noarch)
    * qemu-ovmf-x86_64-202008-150300.10.26.1
    * qemu-uefi-aarch64-202008-150300.10.26.1
  * SUSE Linux Enterprise Micro 5.1 (noarch)
    * qemu-ovmf-x86_64-202008-150300.10.26.1
    * qemu-uefi-aarch64-202008-150300.10.26.1
  * SUSE Linux Enterprise Micro 5.2 (noarch)
    * qemu-ovmf-x86_64-202008-150300.10.26.1
    * qemu-uefi-aarch64-202008-150300.10.26.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch)
    * qemu-ovmf-x86_64-202008-150300.10.26.1
    * qemu-uefi-aarch64-202008-150300.10.26.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-45229.html
  * https://www.suse.com/security/cve/CVE-2023-45230.html
  * https://www.suse.com/security/cve/CVE-2023-45231.html
  * https://www.suse.com/security/cve/CVE-2023-45232.html
  * https://www.suse.com/security/cve/CVE-2023-45233.html
  * https://www.suse.com/security/cve/CVE-2023-45234.html
  * https://www.suse.com/security/cve/CVE-2023-45235.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1218879
  * https://bugzilla.suse.com/show_bug.cgi?id=1218880
  * https://bugzilla.suse.com/show_bug.cgi?id=1218881
  * https://bugzilla.suse.com/show_bug.cgi?id=1218882
  * https://bugzilla.suse.com/show_bug.cgi?id=1218883
  * https://bugzilla.suse.com/show_bug.cgi?id=1218884
  * https://bugzilla.suse.com/show_bug.cgi?id=1218885

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250228/d19e848a/attachment.htm>

From null at suse.de  Fri Feb 28 20:30:35 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 28 Feb 2025 20:30:35 -0000
Subject: SUSE-SU-2025:0751-1: important: Security update for azure-cli
Message-ID: <174077463515.31458.17754930312431775043@smelt2.prg2.suse.org>



# Security update for azure-cli

Announcement ID: SUSE-SU-2025:0751-1  
Release Date: 2025-02-28T16:26:27Z  
Rating: important  
References:

  * bsc#1231971

  
Cross-References:

  * CVE-2024-43591

  
CVSS scores:

  * CVE-2024-43591 ( SUSE ):  8.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H
  * CVE-2024-43591 ( NVD ):  8.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H
  * CVE-2024-43591 ( NVD ):  9.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * openSUSE Leap 15.6
  * Public Cloud Module 15-SP4
  * Public Cloud Module 15-SP5
  * Public Cloud Module 15-SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for azure-cli fixes the following issues:

  * CVE-2024-43591: improper neutralization of special elements could allow
    users to run Azure CLI commands that result in certain service management
    operations being performed with System level permissions in Azure Defender
    for Cloud (bsc#1231971).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-751=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-751=1

  * Public Cloud Module 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-751=1

  * Public Cloud Module 15-SP5  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2025-751=1

  * Public Cloud Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-751=1

## Package List:

  * openSUSE Leap 15.4 (noarch)
    * azure-cli-2.58.0-150400.14.12.1
  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * azure-cli-test-2.58.0-150400.14.12.1
  * openSUSE Leap 15.6 (noarch)
    * azure-cli-2.58.0-150400.14.12.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * azure-cli-test-2.58.0-150400.14.12.1
  * Public Cloud Module 15-SP4 (noarch)
    * azure-cli-2.58.0-150400.14.12.1
  * Public Cloud Module 15-SP5 (noarch)
    * azure-cli-2.58.0-150400.14.12.1
  * Public Cloud Module 15-SP6 (noarch)
    * azure-cli-2.58.0-150400.14.12.1
  * Public Cloud Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * azure-cli-test-2.58.0-150400.14.12.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-43591.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1231971

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250228/083b7f14/attachment.htm>

From null at suse.de  Fri Feb 28 20:30:37 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 28 Feb 2025 20:30:37 -0000
Subject: SUSE-SU-2025:0750-1: moderate: Security update for
 python-azure-identity
Message-ID: <174077463795.31458.5420287436276909773@smelt2.prg2.suse.org>



# Security update for python-azure-identity

Announcement ID: SUSE-SU-2025:0750-1  
Release Date: 2025-02-28T16:25:48Z  
Rating: moderate  
References:

  * bsc#1230100

  
Cross-References:

  * CVE-2024-35255

  
CVSS scores:

  * CVE-2024-35255 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-35255 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

  
Affected Products:

  * openSUSE Leap 15.6
  * Public Cloud Module 15-SP3
  * Public Cloud Module 15-SP4
  * Public Cloud Module 15-SP5
  * Public Cloud Module 15-SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Manager Proxy 4.2
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.2
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.2
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for python-azure-identity fixes the following issues:

  * CVE-2024-35255: race condition leading to privilege escalation and
    unauthorized access to sensitive information in Azure Identity libraries
    (bsc#1230100).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-750=1

  * Public Cloud Module 15-SP3  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2025-750=1

  * Public Cloud Module 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-750=1

  * Public Cloud Module 15-SP5  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2025-750=1

  * Public Cloud Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-750=1

## Package List:

  * openSUSE Leap 15.6 (noarch)
    * python3-azure-identity-1.10.0.0-150200.6.7.1
  * Public Cloud Module 15-SP3 (noarch)
    * python3-azure-identity-1.10.0.0-150200.6.7.1
  * Public Cloud Module 15-SP4 (noarch)
    * python3-azure-identity-1.10.0.0-150200.6.7.1
  * Public Cloud Module 15-SP5 (noarch)
    * python3-azure-identity-1.10.0.0-150200.6.7.1
  * Public Cloud Module 15-SP6 (noarch)
    * python3-azure-identity-1.10.0.0-150200.6.7.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-35255.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1230100

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250228/b9326144/attachment.htm>

From null at suse.de  Fri Feb 28 20:30:46 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 28 Feb 2025 20:30:46 -0000
Subject: SUSE-SU-2025:0748-1: important: Security update for libxml2
Message-ID: <174077464640.31458.14267364373373389873@smelt2.prg2.suse.org>



# Security update for libxml2

Announcement ID: SUSE-SU-2025:0748-1  
Release Date: 2025-02-28T16:14:28Z  
Rating: important  
References:

  * bsc#1237363
  * bsc#1237370
  * bsc#1237418

  
Cross-References:

  * CVE-2024-56171
  * CVE-2025-24928
  * CVE-2025-27113

  
CVSS scores:

  * CVE-2024-56171 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56171 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-56171 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
  * CVE-2025-24928 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-24928 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L
  * CVE-2025-24928 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
  * CVE-2025-27113 ( SUSE ):  5.1
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-27113 ( SUSE ):  4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2025-27113 ( NVD ):  2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2025-27113 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves three vulnerabilities can now be installed.

## Description:

This update for libxml2 fixes the following issues:

  * CVE-2024-56171: use-after-free in xmlSchemaIDCFillNodeTables and
    xmlSchemaBubbleIDCNodeTables in xmlschemas.c (bsc#1237363).
  * CVE-2025-24928: stack-based buffer overflow in xmlSnprintfElements in
    valid.c (bsc#1237370).
  * CVE-2025-27113: NULL pointer dereference in xmlPatMatch in pattern.c
    (bsc#1237418).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-748=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-748=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-748=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-748=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-748=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-748=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-748=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-748=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-748=1

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-748=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-748=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-748=1

## Package List:

  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * libxml2-2-2.9.14-150400.5.38.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-2.9.14-150400.5.38.1
    * libxml2-python-debugsource-2.9.14-150400.5.38.1
    * libxml2-debugsource-2.9.14-150400.5.38.1
    * libxml2-tools-2.9.14-150400.5.38.1
    * libxml2-2-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.38.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * libxml2-2-2.9.14-150400.5.38.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-2.9.14-150400.5.38.1
    * libxml2-python-debugsource-2.9.14-150400.5.38.1
    * libxml2-debugsource-2.9.14-150400.5.38.1
    * libxml2-tools-2.9.14-150400.5.38.1
    * libxml2-2-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.38.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * libxml2-2-2.9.14-150400.5.38.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-2.9.14-150400.5.38.1
    * python311-libxml2-2.9.14-150400.5.38.1
    * libxml2-devel-2.9.14-150400.5.38.1
    * python311-libxml2-debuginfo-2.9.14-150400.5.38.1
    * libxml2-debugsource-2.9.14-150400.5.38.1
    * libxml2-tools-2.9.14-150400.5.38.1
    * libxml2-2-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.38.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
    * libxml2-2-32bit-debuginfo-2.9.14-150400.5.38.1
    * libxml2-2-32bit-2.9.14-150400.5.38.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * libxml2-2-2.9.14-150400.5.38.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-2.9.14-150400.5.38.1
    * python311-libxml2-2.9.14-150400.5.38.1
    * libxml2-devel-2.9.14-150400.5.38.1
    * python311-libxml2-debuginfo-2.9.14-150400.5.38.1
    * libxml2-debugsource-2.9.14-150400.5.38.1
    * libxml2-tools-2.9.14-150400.5.38.1
    * libxml2-2-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.38.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
    * libxml2-2-32bit-debuginfo-2.9.14-150400.5.38.1
    * libxml2-2-32bit-2.9.14-150400.5.38.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * libxml2-2-2.9.14-150400.5.38.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-2.9.14-150400.5.38.1
    * python311-libxml2-2.9.14-150400.5.38.1
    * libxml2-devel-2.9.14-150400.5.38.1
    * python311-libxml2-debuginfo-2.9.14-150400.5.38.1
    * libxml2-debugsource-2.9.14-150400.5.38.1
    * libxml2-tools-2.9.14-150400.5.38.1
    * libxml2-2-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.38.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64)
    * libxml2-2-32bit-debuginfo-2.9.14-150400.5.38.1
    * libxml2-2-32bit-2.9.14-150400.5.38.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * libxml2-2-2.9.14-150400.5.38.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-2.9.14-150400.5.38.1
    * python311-libxml2-2.9.14-150400.5.38.1
    * libxml2-devel-2.9.14-150400.5.38.1
    * python311-libxml2-debuginfo-2.9.14-150400.5.38.1
    * libxml2-debugsource-2.9.14-150400.5.38.1
    * libxml2-tools-2.9.14-150400.5.38.1
    * libxml2-2-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.38.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
    * libxml2-2-32bit-debuginfo-2.9.14-150400.5.38.1
    * libxml2-2-32bit-2.9.14-150400.5.38.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * libxml2-2-32bit-debuginfo-2.9.14-150400.5.38.1
    * libxml2-2-2.9.14-150400.5.38.1
    * libxml2-2-32bit-2.9.14-150400.5.38.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-2.9.14-150400.5.38.1
    * libxml2-devel-2.9.14-150400.5.38.1
    * libxml2-debugsource-2.9.14-150400.5.38.1
    * libxml2-tools-2.9.14-150400.5.38.1
    * libxml2-2-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.38.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * libxml2-2-32bit-debuginfo-2.9.14-150400.5.38.1
    * libxml2-2-2.9.14-150400.5.38.1
    * libxml2-2-32bit-2.9.14-150400.5.38.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-2.9.14-150400.5.38.1
    * libxml2-devel-2.9.14-150400.5.38.1
    * libxml2-debugsource-2.9.14-150400.5.38.1
    * libxml2-tools-2.9.14-150400.5.38.1
    * libxml2-2-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.38.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * libxml2-2-2.9.14-150400.5.38.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-2.9.14-150400.5.38.1
    * libxml2-devel-2.9.14-150400.5.38.1
    * libxml2-debugsource-2.9.14-150400.5.38.1
    * libxml2-tools-2.9.14-150400.5.38.1
    * libxml2-2-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.38.1
  * SUSE Manager Server 4.3 (x86_64)
    * libxml2-2-32bit-debuginfo-2.9.14-150400.5.38.1
    * libxml2-2-32bit-2.9.14-150400.5.38.1
  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * libxml2-2-2.9.14-150400.5.38.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-2.9.14-150400.5.38.1
    * python311-libxml2-2.9.14-150400.5.38.1
    * libxml2-devel-2.9.14-150400.5.38.1
    * libxml2-python-debugsource-2.9.14-150400.5.38.1
    * python311-libxml2-debuginfo-2.9.14-150400.5.38.1
    * libxml2-debugsource-2.9.14-150400.5.38.1
    * libxml2-tools-2.9.14-150400.5.38.1
    * libxml2-2-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.38.1
  * openSUSE Leap 15.4 (x86_64)
    * libxml2-2-32bit-debuginfo-2.9.14-150400.5.38.1
    * libxml2-devel-32bit-2.9.14-150400.5.38.1
    * libxml2-2-32bit-2.9.14-150400.5.38.1
  * openSUSE Leap 15.4 (noarch)
    * libxml2-doc-2.9.14-150400.5.38.1
  * openSUSE Leap 15.4 (aarch64_ilp32)
    * libxml2-2-64bit-debuginfo-2.9.14-150400.5.38.1
    * libxml2-devel-64bit-2.9.14-150400.5.38.1
    * libxml2-2-64bit-2.9.14-150400.5.38.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * libxml2-2-2.9.14-150400.5.38.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-2.9.14-150400.5.38.1
    * libxml2-python-debugsource-2.9.14-150400.5.38.1
    * libxml2-debugsource-2.9.14-150400.5.38.1
    * libxml2-tools-2.9.14-150400.5.38.1
    * libxml2-2-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.38.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * libxml2-2-2.9.14-150400.5.38.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-2.9.14-150400.5.38.1
    * libxml2-python-debugsource-2.9.14-150400.5.38.1
    * libxml2-debugsource-2.9.14-150400.5.38.1
    * libxml2-tools-2.9.14-150400.5.38.1
    * libxml2-2-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.38.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-56171.html
  * https://www.suse.com/security/cve/CVE-2025-24928.html
  * https://www.suse.com/security/cve/CVE-2025-27113.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237363
  * https://bugzilla.suse.com/show_bug.cgi?id=1237370
  * https://bugzilla.suse.com/show_bug.cgi?id=1237418

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250228/327342c0/attachment.htm>

From null at suse.de  Fri Feb 28 20:30:50 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 28 Feb 2025 20:30:50 -0000
Subject: SUSE-SU-2025:0747-1: important: Security update for libxml2
Message-ID: <174077465030.31458.4808275096928691524@smelt2.prg2.suse.org>



# Security update for libxml2

Announcement ID: SUSE-SU-2025:0747-1  
Release Date: 2025-02-28T16:11:50Z  
Rating: important  
References:

  * bsc#1237363
  * bsc#1237370
  * bsc#1237418

  
Cross-References:

  * CVE-2024-56171
  * CVE-2025-24928
  * CVE-2025-27113

  
CVSS scores:

  * CVE-2024-56171 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56171 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-56171 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
  * CVE-2025-24928 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-24928 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L
  * CVE-2025-24928 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
  * CVE-2025-27113 ( SUSE ):  5.1
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-27113 ( SUSE ):  4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2025-27113 ( NVD ):  2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2025-27113 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves three vulnerabilities can now be installed.

## Description:

This update for libxml2 fixes the following issues:

  * CVE-2024-56171: use-after-free in xmlSchemaIDCFillNodeTables and
    xmlSchemaBubbleIDCNodeTables in xmlschemas.c (bsc#1237363).
  * CVE-2025-24928: stack-based buffer overflow in xmlSnprintfElements in
    valid.c (bsc#1237370).
  * CVE-2025-27113: NULL pointer dereference in xmlPatMatch in pattern.c
    (bsc#1237418).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-747=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-747=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * libxml2-tools-debuginfo-2.9.4-46.81.1
    * libxml2-2-2.9.4-46.81.1
    * libxml2-2-debuginfo-2.9.4-46.81.1
    * python-libxml2-2.9.4-46.81.1
    * python-libxml2-debuginfo-2.9.4-46.81.1
    * python-libxml2-debugsource-2.9.4-46.81.1
    * libxml2-tools-2.9.4-46.81.1
    * libxml2-devel-2.9.4-46.81.1
    * libxml2-debugsource-2.9.4-46.81.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch)
    * libxml2-doc-2.9.4-46.81.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64)
    * libxml2-2-32bit-2.9.4-46.81.1
    * libxml2-2-debuginfo-32bit-2.9.4-46.81.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * libxml2-tools-debuginfo-2.9.4-46.81.1
    * libxml2-2-2.9.4-46.81.1
    * libxml2-2-debuginfo-2.9.4-46.81.1
    * python-libxml2-2.9.4-46.81.1
    * python-libxml2-debuginfo-2.9.4-46.81.1
    * python-libxml2-debugsource-2.9.4-46.81.1
    * libxml2-tools-2.9.4-46.81.1
    * libxml2-devel-2.9.4-46.81.1
    * libxml2-2-32bit-2.9.4-46.81.1
    * libxml2-2-debuginfo-32bit-2.9.4-46.81.1
    * libxml2-debugsource-2.9.4-46.81.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch)
    * libxml2-doc-2.9.4-46.81.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-56171.html
  * https://www.suse.com/security/cve/CVE-2025-24928.html
  * https://www.suse.com/security/cve/CVE-2025-27113.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237363
  * https://bugzilla.suse.com/show_bug.cgi?id=1237370
  * https://bugzilla.suse.com/show_bug.cgi?id=1237418

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250228/980943b5/attachment.htm>

From null at suse.de  Fri Feb 28 20:30:54 2025
From: null at suse.de (SLE-SECURITY-UPDATES)
Date: Fri, 28 Feb 2025 20:30:54 -0000
Subject: SUSE-SU-2025:0746-1: important: Security update for libxml2
Message-ID: <174077465450.31458.3677616618738071184@smelt2.prg2.suse.org>



# Security update for libxml2

Announcement ID: SUSE-SU-2025:0746-1  
Release Date: 2025-02-28T16:10:45Z  
Rating: important  
References:

  * bsc#1237363
  * bsc#1237370
  * bsc#1237418

  
Cross-References:

  * CVE-2024-56171
  * CVE-2025-24928
  * CVE-2025-27113

  
CVSS scores:

  * CVE-2024-56171 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56171 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-56171 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
  * CVE-2025-24928 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-24928 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L
  * CVE-2025-24928 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
  * CVE-2025-27113 ( SUSE ):  5.1
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-27113 ( SUSE ):  4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2025-27113 ( NVD ):  2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2025-27113 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.5
  * openSUSE Leap 15.6
  * Python 3 Module 15-SP6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves three vulnerabilities can now be installed.

## Description:

This update for libxml2 fixes the following issues:

  * CVE-2024-56171: use-after-free in xmlSchemaIDCFillNodeTables and
    xmlSchemaBubbleIDCNodeTables in xmlschemas.c (bsc#1237363).
  * CVE-2025-24928: stack-based buffer overflow in xmlSnprintfElements in
    valid.c (bsc#1237370).
  * CVE-2025-27113: NULL pointer dereference in xmlPatMatch in pattern.c
    (bsc#1237418).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-746=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-746=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-746=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-746=1

  * Python 3 Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2025-746=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-746=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-746=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-746=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-746=1

## Package List:

  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
    * libxml2-tools-2.10.3-150500.5.23.1
    * libxml2-tools-debuginfo-2.10.3-150500.5.23.1
    * libxml2-2-debuginfo-2.10.3-150500.5.23.1
    * libxml2-debugsource-2.10.3-150500.5.23.1
    * libxml2-2-2.10.3-150500.5.23.1
    * python3-libxml2-debuginfo-2.10.3-150500.5.23.1
    * libxml2-python-debugsource-2.10.3-150500.5.23.1
    * python3-libxml2-2.10.3-150500.5.23.1
    * libxml2-devel-2.10.3-150500.5.23.1
    * python311-libxml2-debuginfo-2.10.3-150500.5.23.1
    * python311-libxml2-2.10.3-150500.5.23.1
  * openSUSE Leap 15.5 (x86_64)
    * libxml2-devel-32bit-2.10.3-150500.5.23.1
    * libxml2-2-32bit-2.10.3-150500.5.23.1
    * libxml2-2-32bit-debuginfo-2.10.3-150500.5.23.1
  * openSUSE Leap 15.5 (noarch)
    * libxml2-doc-2.10.3-150500.5.23.1
  * openSUSE Leap 15.5 (aarch64_ilp32)
    * libxml2-2-64bit-debuginfo-2.10.3-150500.5.23.1
    * libxml2-2-64bit-2.10.3-150500.5.23.1
    * libxml2-devel-64bit-2.10.3-150500.5.23.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * libxml2-tools-2.10.3-150500.5.23.1
    * libxml2-tools-debuginfo-2.10.3-150500.5.23.1
    * libxml2-2-debuginfo-2.10.3-150500.5.23.1
    * libxml2-debugsource-2.10.3-150500.5.23.1
    * libxml2-2-2.10.3-150500.5.23.1
    * python3-libxml2-debuginfo-2.10.3-150500.5.23.1
    * libxml2-python-debugsource-2.10.3-150500.5.23.1
    * python3-libxml2-2.10.3-150500.5.23.1
    * libxml2-devel-2.10.3-150500.5.23.1
    * python311-libxml2-debuginfo-2.10.3-150500.5.23.1
    * python311-libxml2-2.10.3-150500.5.23.1
  * openSUSE Leap 15.6 (x86_64)
    * libxml2-devel-32bit-2.10.3-150500.5.23.1
    * libxml2-2-32bit-2.10.3-150500.5.23.1
    * libxml2-2-32bit-debuginfo-2.10.3-150500.5.23.1
  * openSUSE Leap 15.6 (noarch)
    * libxml2-doc-2.10.3-150500.5.23.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * libxml2-tools-2.10.3-150500.5.23.1
    * libxml2-tools-debuginfo-2.10.3-150500.5.23.1
    * libxml2-2-debuginfo-2.10.3-150500.5.23.1
    * libxml2-debugsource-2.10.3-150500.5.23.1
    * libxml2-2-2.10.3-150500.5.23.1
    * python3-libxml2-debuginfo-2.10.3-150500.5.23.1
    * libxml2-python-debugsource-2.10.3-150500.5.23.1
    * python3-libxml2-2.10.3-150500.5.23.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * libxml2-tools-2.10.3-150500.5.23.1
    * libxml2-tools-debuginfo-2.10.3-150500.5.23.1
    * libxml2-2-debuginfo-2.10.3-150500.5.23.1
    * libxml2-debugsource-2.10.3-150500.5.23.1
    * libxml2-2-2.10.3-150500.5.23.1
    * python3-libxml2-debuginfo-2.10.3-150500.5.23.1
    * libxml2-python-debugsource-2.10.3-150500.5.23.1
    * python3-libxml2-2.10.3-150500.5.23.1
    * libxml2-devel-2.10.3-150500.5.23.1
  * Basesystem Module 15-SP6 (x86_64)
    * libxml2-2-32bit-2.10.3-150500.5.23.1
    * libxml2-2-32bit-debuginfo-2.10.3-150500.5.23.1
  * Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * libxml2-python-debugsource-2.10.3-150500.5.23.1
    * python311-libxml2-debuginfo-2.10.3-150500.5.23.1
    * python311-libxml2-2.10.3-150500.5.23.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * libxml2-tools-2.10.3-150500.5.23.1
    * libxml2-tools-debuginfo-2.10.3-150500.5.23.1
    * libxml2-2-debuginfo-2.10.3-150500.5.23.1
    * libxml2-debugsource-2.10.3-150500.5.23.1
    * libxml2-2-2.10.3-150500.5.23.1
    * python3-libxml2-debuginfo-2.10.3-150500.5.23.1
    * libxml2-python-debugsource-2.10.3-150500.5.23.1
    * python3-libxml2-2.10.3-150500.5.23.1
    * libxml2-devel-2.10.3-150500.5.23.1
    * python311-libxml2-debuginfo-2.10.3-150500.5.23.1
    * python311-libxml2-2.10.3-150500.5.23.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64)
    * libxml2-2-32bit-2.10.3-150500.5.23.1
    * libxml2-2-32bit-debuginfo-2.10.3-150500.5.23.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * libxml2-tools-2.10.3-150500.5.23.1
    * libxml2-tools-debuginfo-2.10.3-150500.5.23.1
    * libxml2-2-debuginfo-2.10.3-150500.5.23.1
    * libxml2-debugsource-2.10.3-150500.5.23.1
    * libxml2-2-2.10.3-150500.5.23.1
    * python3-libxml2-debuginfo-2.10.3-150500.5.23.1
    * libxml2-python-debugsource-2.10.3-150500.5.23.1
    * python3-libxml2-2.10.3-150500.5.23.1
    * libxml2-devel-2.10.3-150500.5.23.1
    * python311-libxml2-debuginfo-2.10.3-150500.5.23.1
    * python311-libxml2-2.10.3-150500.5.23.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64)
    * libxml2-2-32bit-2.10.3-150500.5.23.1
    * libxml2-2-32bit-debuginfo-2.10.3-150500.5.23.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * libxml2-tools-2.10.3-150500.5.23.1
    * libxml2-tools-debuginfo-2.10.3-150500.5.23.1
    * libxml2-2-debuginfo-2.10.3-150500.5.23.1
    * libxml2-debugsource-2.10.3-150500.5.23.1
    * libxml2-2-2.10.3-150500.5.23.1
    * python3-libxml2-debuginfo-2.10.3-150500.5.23.1
    * libxml2-python-debugsource-2.10.3-150500.5.23.1
    * python3-libxml2-2.10.3-150500.5.23.1
    * libxml2-devel-2.10.3-150500.5.23.1
    * python311-libxml2-debuginfo-2.10.3-150500.5.23.1
    * python311-libxml2-2.10.3-150500.5.23.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64)
    * libxml2-2-32bit-2.10.3-150500.5.23.1
    * libxml2-2-32bit-debuginfo-2.10.3-150500.5.23.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * libxml2-tools-2.10.3-150500.5.23.1
    * libxml2-tools-debuginfo-2.10.3-150500.5.23.1
    * libxml2-2-debuginfo-2.10.3-150500.5.23.1
    * libxml2-debugsource-2.10.3-150500.5.23.1
    * libxml2-2-2.10.3-150500.5.23.1
    * python3-libxml2-debuginfo-2.10.3-150500.5.23.1
    * libxml2-python-debugsource-2.10.3-150500.5.23.1
    * python3-libxml2-2.10.3-150500.5.23.1
    * libxml2-devel-2.10.3-150500.5.23.1
    * python311-libxml2-debuginfo-2.10.3-150500.5.23.1
    * python311-libxml2-2.10.3-150500.5.23.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64)
    * libxml2-2-32bit-2.10.3-150500.5.23.1
    * libxml2-2-32bit-debuginfo-2.10.3-150500.5.23.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-56171.html
  * https://www.suse.com/security/cve/CVE-2025-24928.html
  * https://www.suse.com/security/cve/CVE-2025-27113.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237363
  * https://bugzilla.suse.com/show_bug.cgi?id=1237370
  * https://bugzilla.suse.com/show_bug.cgi?id=1237418

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20250228/f0b1dafd/attachment.htm>