From null at suse.de  Mon Feb  3 08:30:08 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 03 Feb 2025 08:30:08 -0000
Subject: SUSE-RU-2025:0322-1: moderate: Recommended update for
 python-instance-billing-flavor-check
Message-ID: <173857140823.22572.10936426260171598591@smelt2.prg2.suse.org>



# Recommended update for python-instance-billing-flavor-check

Announcement ID: SUSE-RU-2025:0322-1  
Release Date: 2025-02-03T07:39:10Z  
Rating: moderate  
References:

  * bsc#1235991
  * bsc#1235992

  
Affected Products:

  * Public Cloud Module 12
  * SUSE Linux Enterprise High Performance Computing 12 SP2
  * SUSE Linux Enterprise High Performance Computing 12 SP3
  * SUSE Linux Enterprise High Performance Computing 12 SP4
  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12
  * SUSE Linux Enterprise Server 12 SP1
  * SUSE Linux Enterprise Server 12 SP2
  * SUSE Linux Enterprise Server 12 SP3
  * SUSE Linux Enterprise Server 12 SP4
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server for SAP Applications 12
  * SUSE Linux Enterprise Server for SAP Applications 12 SP1
  * SUSE Linux Enterprise Server for SAP Applications 12 SP2
  * SUSE Linux Enterprise Server for SAP Applications 12 SP3
  * SUSE Linux Enterprise Server for SAP Applications 12 SP4
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that has two fixes can now be installed.

## Description:

This update for python-instance-billing-flavor-check fixes the following issues:

  * Add time stamp to log (bsc#1235991, bsc#1235992)
  * Doc improvements clarifying exit status codes

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * Public Cloud Module 12  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2025-322=1

## Package List:

  * Public Cloud Module 12 (aarch64 ppc64le s390x x86_64)
    * python-instance-billing-flavor-check-0.1.1-1.14.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1235991
  * https://bugzilla.suse.com/show_bug.cgi?id=1235992

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250203/641334c1/attachment.htm>

From null at suse.de  Mon Feb  3 08:30:13 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 03 Feb 2025 08:30:13 -0000
Subject: SUSE-RU-2025:0321-1: moderate: Recommended update for
 python-instance-billing-flavor-check
Message-ID: <173857141301.22572.3172613524919443718@smelt2.prg2.suse.org>



# Recommended update for python-instance-billing-flavor-check

Announcement ID: SUSE-RU-2025:0321-1  
Release Date: 2025-02-03T07:38:23Z  
Rating: moderate  
References:

  * bsc#1235991
  * bsc#1235992

  
Affected Products:

  * openSUSE Leap 15.6
  * Public Cloud Module 15-SP3
  * Public Cloud Module 15-SP4
  * Public Cloud Module 15-SP5
  * Public Cloud Module 15-SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Manager Proxy 4.2
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.2
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.2
  * SUSE Manager Server 4.3

  
  
An update that has two fixes can now be installed.

## Description:

This update for python-instance-billing-flavor-check fixes the following issues:

  * Add time stamp to log (bsc#1235991, bsc#1235992)
  * Doc improvements clarifying exit status codes

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-321=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-321=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-321=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-321=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-321=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-321=1

  * Public Cloud Module 15-SP3  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2025-321=1

  * Public Cloud Module 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-321=1

  * Public Cloud Module 15-SP5  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2025-321=1

  * Public Cloud Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-321=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * python-instance-billing-flavor-check-0.1.1-150000.1.14.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * python-instance-billing-flavor-check-0.1.1-150000.1.14.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * python-instance-billing-flavor-check-0.1.1-150000.1.14.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * python-instance-billing-flavor-check-0.1.1-150000.1.14.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * python-instance-billing-flavor-check-0.1.1-150000.1.14.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * python-instance-billing-flavor-check-0.1.1-150000.1.14.1
  * Public Cloud Module 15-SP3 (aarch64 ppc64le s390x x86_64)
    * python-instance-billing-flavor-check-0.1.1-150000.1.14.1
  * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64)
    * python-instance-billing-flavor-check-0.1.1-150000.1.14.1
  * Public Cloud Module 15-SP5 (aarch64 ppc64le s390x x86_64)
    * python-instance-billing-flavor-check-0.1.1-150000.1.14.1
  * Public Cloud Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * python-instance-billing-flavor-check-0.1.1-150000.1.14.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1235991
  * https://bugzilla.suse.com/show_bug.cgi?id=1235992

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250203/4b83ce4d/attachment.htm>

From null at suse.de  Mon Feb  3 08:30:16 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 03 Feb 2025 08:30:16 -0000
Subject: SUSE-SU-2025:0320-1: important: Security update for buildah
Message-ID: <173857141603.22572.10493141044083213110@smelt2.prg2.suse.org>



# Security update for buildah

Announcement ID: SUSE-SU-2025:0320-1  
Release Date: 2025-02-01T09:53:57Z  
Rating: important  
References:

  * bsc#1236272

  
Cross-References:

  * CVE-2024-11218
  * CVE-2024-9407

  
CVSS scores:

  * CVE-2024-11218 ( SUSE ):  8.7
    CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2024-11218 ( SUSE ):  7.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
  * CVE-2024-11218 ( NVD ):  8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
  * CVE-2024-9407 ( SUSE ):  5.6
    CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-9407 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N
  * CVE-2024-9407 ( NVD ):  4.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:N

  
Affected Products:

  * openSUSE Leap 15.3
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for buildah fixes the following issues:

  * Update to version 1.35.5
  * CVE-2024-11218: Fix TOCTOU error when bind and cache mounts use "src"
    values. (bsc#1236272)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-320=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-320=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-320=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-320=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-320=1

## Package List:

  * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
    * buildah-1.35.5-150300.8.31.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * buildah-1.35.5-150300.8.31.2
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * buildah-1.35.5-150300.8.31.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * buildah-1.35.5-150300.8.31.2
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * buildah-1.35.5-150300.8.31.2

## References:

  * https://www.suse.com/security/cve/CVE-2024-11218.html
  * https://www.suse.com/security/cve/CVE-2024-9407.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236272

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250203/16e8e4a8/attachment.htm>

From null at suse.de  Mon Feb  3 08:30:19 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 03 Feb 2025 08:30:19 -0000
Subject: SUSE-SU-2025:0319-1: important: Security update for buildah
Message-ID: <173857141984.22572.7403814249643994498@smelt2.prg2.suse.org>



# Security update for buildah

Announcement ID: SUSE-SU-2025:0319-1  
Release Date: 2025-02-01T09:53:09Z  
Rating: important  
References:

  * bsc#1236272

  
Cross-References:

  * CVE-2024-11218
  * CVE-2024-9407

  
CVSS scores:

  * CVE-2024-11218 ( SUSE ):  8.7
    CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2024-11218 ( SUSE ):  7.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
  * CVE-2024-11218 ( NVD ):  8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
  * CVE-2024-9407 ( SUSE ):  5.6
    CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-9407 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N
  * CVE-2024-9407 ( NVD ):  4.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:N

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for buildah fixes the following issues:

  * Update to version 1.35.5
  * CVE-2024-11218: Fix TOCTOU error when bind and cache mounts use "src"
    values. (bsc#1236272)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-319=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-319=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-319=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-319=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-319=1

## Package List:

  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * buildah-1.35.5-150400.3.36.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * buildah-1.35.5-150400.3.36.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * buildah-1.35.5-150400.3.36.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * buildah-1.35.5-150400.3.36.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * buildah-1.35.5-150400.3.36.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-11218.html
  * https://www.suse.com/security/cve/CVE-2024-9407.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236272

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250203/f5b5361a/attachment.htm>

From null at suse.de  Mon Feb  3 08:30:23 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 03 Feb 2025 08:30:23 -0000
Subject: SUSE-SU-2025:0318-1: moderate: Security update for ignition
Message-ID: <173857142332.22572.4360161504004481768@smelt2.prg2.suse.org>



# Security update for ignition

Announcement ID: SUSE-SU-2025:0318-1  
Release Date: 2025-02-01T03:34:07Z  
Rating: moderate  
References:

  * bsc#1236518

  
Cross-References:

  * CVE-2023-45288

  
CVSS scores:

  * CVE-2023-45288 ( SUSE ):  6.9
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2023-45288 ( SUSE ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

  
Affected Products:

  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro for Rancher 5.4

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for ignition fixes the following issues:

CVE-2023-45288: Fixed unclosed connections when receiving too many headers in
golang.org/x/net/http2 (bsc#1236518)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-318=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-318=1

## Package List:

  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * ignition-dracut-grub2-2.15.0-150400.4.5.1
    * ignition-debuginfo-2.15.0-150400.4.5.1
    * ignition-2.15.0-150400.4.5.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * ignition-dracut-grub2-2.15.0-150400.4.5.1
    * ignition-debuginfo-2.15.0-150400.4.5.1
    * ignition-2.15.0-150400.4.5.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-45288.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236518

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250203/afd7459f/attachment.htm>

From null at suse.de  Mon Feb  3 12:30:14 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 03 Feb 2025 12:30:14 -0000
Subject: SUSE-RU-2025:0331-1: moderate: Recommended update for
 yast2-iscsi-client
Message-ID: <173858581457.22572.6013662343345664951@smelt2.prg2.suse.org>



# Recommended update for yast2-iscsi-client

Announcement ID: SUSE-RU-2025:0331-1  
Release Date: 2025-02-03T11:40:31Z  
Rating: moderate  
References:

  * bsc#1233802

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that has one fix can now be installed.

## Description:

This update for yast2-iscsi-client fixes the following issues:

  * Version update 4.6.6
  * Try to load the iscsi_ibft module in ARM arch as it should be available for
    getting the iBFT configuration (bsc#1233802).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-331=1 openSUSE-SLE-15.6-2025-331=1

  * SUSE Linux Enterprise High Performance Computing 15 SP6  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP6-2025-331=1

  * SUSE Linux Enterprise Server 15 SP6  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP6-2025-331=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP6  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP6-2025-331=1

  * SUSE Linux Enterprise Desktop 15 SP6  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP6-2025-331=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-331=1

## Package List:

  * openSUSE Leap 15.6 (noarch)
    * yast2-iscsi-client-4.6.6-150600.3.14.2
  * SUSE Linux Enterprise High Performance Computing 15 SP6 (noarch)
    * yast2-iscsi-client-4.6.6-150600.3.14.2
  * SUSE Linux Enterprise Server 15 SP6 (noarch)
    * yast2-iscsi-client-4.6.6-150600.3.14.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch)
    * yast2-iscsi-client-4.6.6-150600.3.14.2
  * SUSE Linux Enterprise Desktop 15 SP6 (noarch)
    * yast2-iscsi-client-4.6.6-150600.3.14.2
  * Basesystem Module 15-SP6 (noarch)
    * yast2-iscsi-client-4.6.6-150600.3.14.2

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1233802

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250203/e036b8be/attachment.htm>

From null at suse.de  Mon Feb  3 12:30:42 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 03 Feb 2025 12:30:42 -0000
Subject: SUSE-RU-2025:0330-1: moderate: Recommended update for apache2
Message-ID: <173858584246.22572.4335113943261539913@smelt2.prg2.suse.org>



# Recommended update for apache2

Announcement ID: SUSE-RU-2025:0330-1  
Release Date: 2025-02-03T10:50:23Z  
Rating: moderate  
References:

  * bsc#1233433

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * Server Applications Module 15-SP6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Package Hub 15 15-SP6

  
  
An update that has one fix can now be installed.

## Description:

This update for apache2 fixes the following issue:

  * update-alternatives script not called during httpd update, never triggered
    from 'zypper dup' (bsc#1233433).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-330=1 openSUSE-SLE-15.6-2025-330=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-330=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-330=1

  * Server Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-330=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * apache2-utils-2.4.58-150600.5.32.2
    * apache2-worker-2.4.58-150600.5.32.2
    * apache2-event-2.4.58-150600.5.32.2
    * apache2-debuginfo-2.4.58-150600.5.32.2
    * apache2-prefork-debugsource-2.4.58-150600.5.32.2
    * apache2-utils-debuginfo-2.4.58-150600.5.32.2
    * apache2-2.4.58-150600.5.32.2
    * apache2-event-debuginfo-2.4.58-150600.5.32.2
    * apache2-event-debugsource-2.4.58-150600.5.32.2
    * apache2-devel-2.4.58-150600.5.32.2
    * apache2-debugsource-2.4.58-150600.5.32.2
    * apache2-prefork-debuginfo-2.4.58-150600.5.32.2
    * apache2-utils-debugsource-2.4.58-150600.5.32.2
    * apache2-worker-debuginfo-2.4.58-150600.5.32.2
    * apache2-prefork-2.4.58-150600.5.32.2
    * apache2-worker-debugsource-2.4.58-150600.5.32.2
  * openSUSE Leap 15.6 (noarch)
    * apache2-manual-2.4.58-150600.5.32.2
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * apache2-debuginfo-2.4.58-150600.5.32.2
    * apache2-prefork-debugsource-2.4.58-150600.5.32.2
    * apache2-2.4.58-150600.5.32.2
    * apache2-debugsource-2.4.58-150600.5.32.2
    * apache2-prefork-debuginfo-2.4.58-150600.5.32.2
    * apache2-prefork-2.4.58-150600.5.32.2
  * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64)
    * apache2-event-2.4.58-150600.5.32.2
    * apache2-debuginfo-2.4.58-150600.5.32.2
    * apache2-event-debuginfo-2.4.58-150600.5.32.2
    * apache2-event-debugsource-2.4.58-150600.5.32.2
    * apache2-debugsource-2.4.58-150600.5.32.2
  * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * apache2-utils-2.4.58-150600.5.32.2
    * apache2-worker-2.4.58-150600.5.32.2
    * apache2-utils-debuginfo-2.4.58-150600.5.32.2
    * apache2-devel-2.4.58-150600.5.32.2
    * apache2-utils-debugsource-2.4.58-150600.5.32.2
    * apache2-worker-debuginfo-2.4.58-150600.5.32.2
    * apache2-worker-debugsource-2.4.58-150600.5.32.2

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1233433

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250203/3dcfe670/attachment.htm>

From null at suse.de  Mon Feb  3 12:31:18 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 03 Feb 2025 12:31:18 -0000
Subject: SUSE-SU-2025:0328-1: important: Security update for clamav
Message-ID: <173858587827.22572.561228162699156288@smelt2.prg2.suse.org>



# Security update for clamav

Announcement ID: SUSE-SU-2025:0328-1  
Release Date: 2025-02-03T09:39:55Z  
Rating: important  
References:

  * bsc#1102840
  * bsc#1103032
  * bsc#1180296
  * bsc#1202986
  * bsc#1211594
  * bsc#1214342
  * bsc#1232242
  * bsc#1236307
  * jsc#PED-4596

  
Cross-References:

  * CVE-2018-14679
  * CVE-2023-20197
  * CVE-2024-20380
  * CVE-2024-20505
  * CVE-2024-20506
  * CVE-2025-20128

  
CVSS scores:

  * CVE-2018-14679 ( SUSE ):  4.4 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
  * CVE-2018-14679 ( NVD ):  6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2023-20197 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-20197 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-20380 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-20505 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-20505 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-20505 ( NVD ):  4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-20505 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-20506 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-20506 ( SUSE ):  6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N
  * CVE-2024-20506 ( NVD ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-20506 ( NVD ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2025-20128 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-20128 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2025-20128 ( NVD ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2025-20128 ( NVD ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves six vulnerabilities, contains one feature and has two
security fixes can now be installed.

## Description:

This update for clamav fixes the following issues:

New version 1.4.2:

  * CVE-2025-20128, bsc#1236307: Fixed a possible buffer overflow read bug in
    the OLE2 file parser that could cause a denial-of-service (DoS) condition.

  * Start clamonacc with --fdpass to avoid errors due to clamd not being able to
    access user files. (bsc#1232242)

  * New version 1.4.1:

  * https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html

  * New version 1.4.0:

  * Added support for extracting ALZ archives.

  * Added support for extracting LHA/LZH archives.
  * Added the ability to disable image fuzzy hashing, if needed. For context,
    image fuzzy hashing is a detection mechanism useful for identifying malware
    by matching images included with the malware or phishing email/document.
  * https://blog.clamav.net/2024/08/clamav-140-feature-release-and-clamav.html

  * New version 1.3.2:

  * CVE-2024-20506: Changed the logging module to disable following symlinks on
    Linux and Unix systems so as to prevent an attacker with existing access to
    the 'clamd' or 'freshclam' services from using a symlink to corrupt system
    files.

  * CVE-2024-20505: Fixed a possible out-of-bounds read bug in the PDF file
    parser that could cause a denial-of-service condition.
  * Removed unused Python modules from freshclam tests including deprecated
    'cgi' module that is expected to cause test failures in Python 3.13.
  * Fix unit test caused by expiring signing certificate.
  * Fixed a build issue on Windows with newer versions of Rust. Also upgraded
    GitHub Actions imports to fix CI failures.
  * Fixed an unaligned pointer dereference issue on select architectures.
  * Fixes to Jenkins CI pipeline.

  * New Version: 1.3.1:

  * CVE-2024-20380: Fixed a possible crash in the HTML file parser that could
    cause a denial-of-service (DoS) condition.

  * Updated select Rust dependencies to the latest versions.
  * Fixed a bug causing some text to be truncated when converting from UTF-16.
  * Fixed assorted complaints identified by Coverity static analysis.
  * Fixed a bug causing CVDs downloaded by the DatabaseCustomURL
  * Added the new 'valhalla' database name to the list of optional databases in
    preparation for future work.

  * New version: 1.3.0:

  * Added support for extracting and scanning attachments found in Microsoft
    OneNote section files. OneNote parsing will be enabled by default, but may
    be optionally disabled.

  * Added file type recognition for compiled Python ('.pyc') files.
  * Improved support for decrypting PDFs with empty passwords.
  * Fixed a warning when scanning some HTML files.
  * ClamOnAcc: Fixed an infinite loop when a watched directory does not exist.
  * ClamOnAcc: Fixed an infinite loop when a file has been deleted before a
    scan.

  * New version: 1.2.0:

  * Added support for extracting Universal Disk Format (UDF) partitions.

  * Added an option to customize the size of ClamAV's clean file cache.
  * Raised the MaxScanSize limit so the total amount of data scanned when
    scanning a file or archive may exceed 4 gigabytes.
  * Added ability for Freshclam to use a client certificate PEM file and a
    private key PEM file for authentication to a private mirror.
  * Fix an issue extracting files from ISO9660 partitions where the files are
    listed in the plain ISO tree and there also exists an empty Joliet tree.
  * PID and socket are now located under /run/clamav/clamd.pid and
    /run/clamav/clamd.sock .
  * bsc#1211594: Fixed an issue where ClamAV does not abort the signature load
    process after partially loading an invalid signature.

  * New version 1.1.0:

  * https://blog.clamav.net/2023/05/clamav-110-released.html

  * Added the ability to extract images embedded in HTML CSS <style> blocks.
  * Updated to Sigtool so that the '\--vba' option will extract VBA code from
    Microsoft Office documents the same way that libclamav extracts VBA.
  * Added a new option --fail-if-cvd-older-than=days to clamscan and clamd, and
    FailIfCvdOlderThan to clamd.conf
  * Added a new function 'cl_cvdgetage()' to the libclamav API.
  * Added a new function 'cl_engine_set_clcb_vba()' to the libclamav API.
  * bsc#1180296: Integrate clamonacc as a service.
  * New version 1.0.1 LTS (including changes in 0.104 and 0.105):
  * As of ClamAV 0.104, CMake is required to build ClamAV.
  * As of ClamAV 0.105, Rust is now required to compile ClamAV.
  * Increased the default limits for file and scan size:
    * MaxScanSize: 100M to 400M
    * MaxFileSize: 25M to 100M
    * StreamMaxLength: 25M to 100M
    * PCREMaxFileSize: 25M to 100M
    * MaxEmbeddedPE: 10M to 40M
    * MaxHTMLNormalize: 10M to 40M
    * MaxScriptNormalize: 5M to 20M
    * MaxHTMLNoTags: 2M to 8M
  * Added image fuzzy hash subsignatures for logical signatures.
  * Support for decrypting read-only OLE2-based XLS files that are encrypted
    with the default password.
  * Overhauled the implementation of the all-match feature.
  * Added a new callback to the public API for inspecting file content during a
    scan at each layer of archive extraction.
  * Added a new function to the public API for unpacking CVD signature archives.
  * The option to build with an external TomsFastMath library has been removed.
    ClamAV requires non-default build options for TomsFastMath to support bigger
    floating point numbers.
  * For a full list of changes see the release announcements:
    * https://blog.clamav.net/2022/11/clamav-100-lts-released.html
    * https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html
    * https://blog.clamav.net/2021/09/clamav-01040-released.html
  * Build clamd with systemd support.

  * CVE-2023-20197: Fixed a possible denial of service vulnerability in the HFS+
    file parser. (bsc#1214342)

  * CVE-2018-14679: Fixed that an issue was discovered in mspack/chmd.c in
    libmspack before 0.7alpha. There isan off-by-one error in the CHM PMGI/PMGL
    chunk number validity checks, which could lead to denial of service
    (uninitialized da (bsc#1103032)

  * Package huge .html documentation in a separate subpackage.

  * Update to 0.103.7 (bsc#1202986)

  * Zip parser: tolerate 2-byte overlap in file entries

  * Fix bug with logical signature Intermediates feature
  * Update to UnRAR v6.1.7
  * Patch UnRAR: allow skipping files in solid archives
  * Patch UnRAR: limit dict winsize to 1GB

  * Use a split-provides for clamav-milter instead of recommending it.

  * Package clamav-milter in a subpackage
  * Remove virus signatures upon uninstall
  * Check for database existence before starting clamd
  * Restart clamd when it exits
  * Don't daemonize freshclam, but use a systemd timer instead to trigger
    updates

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-328=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-328=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * libclammspack0-1.4.2-3.36.1
    * clamav-1.4.2-3.36.1
    * clamav-milter-debuginfo-1.4.2-3.36.1
    * libfreshclam3-1.4.2-3.36.1
    * libclamav12-1.4.2-3.36.1
    * clamav-debugsource-1.4.2-3.36.1
    * libclammspack0-debuginfo-1.4.2-3.36.1
    * clamav-milter-1.4.2-3.36.1
    * clamav-devel-1.4.2-3.36.1
    * libfreshclam3-debuginfo-1.4.2-3.36.1
    * libclamav12-debuginfo-1.4.2-3.36.1
    * clamav-debuginfo-1.4.2-3.36.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch)
    * clamav-docs-html-1.4.2-3.36.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * libclammspack0-1.4.2-3.36.1
    * clamav-1.4.2-3.36.1
    * clamav-milter-debuginfo-1.4.2-3.36.1
    * libfreshclam3-1.4.2-3.36.1
    * libclamav12-1.4.2-3.36.1
    * clamav-debugsource-1.4.2-3.36.1
    * libclammspack0-debuginfo-1.4.2-3.36.1
    * clamav-milter-1.4.2-3.36.1
    * clamav-devel-1.4.2-3.36.1
    * libfreshclam3-debuginfo-1.4.2-3.36.1
    * libclamav12-debuginfo-1.4.2-3.36.1
    * clamav-debuginfo-1.4.2-3.36.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch)
    * clamav-docs-html-1.4.2-3.36.1

## References:

  * https://www.suse.com/security/cve/CVE-2018-14679.html
  * https://www.suse.com/security/cve/CVE-2023-20197.html
  * https://www.suse.com/security/cve/CVE-2024-20380.html
  * https://www.suse.com/security/cve/CVE-2024-20505.html
  * https://www.suse.com/security/cve/CVE-2024-20506.html
  * https://www.suse.com/security/cve/CVE-2025-20128.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1102840
  * https://bugzilla.suse.com/show_bug.cgi?id=1103032
  * https://bugzilla.suse.com/show_bug.cgi?id=1180296
  * https://bugzilla.suse.com/show_bug.cgi?id=1202986
  * https://bugzilla.suse.com/show_bug.cgi?id=1211594
  * https://bugzilla.suse.com/show_bug.cgi?id=1214342
  * https://bugzilla.suse.com/show_bug.cgi?id=1232242
  * https://bugzilla.suse.com/show_bug.cgi?id=1236307
  * https://jira.suse.com/browse/PED-4596

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250203/9e7d674f/attachment.htm>

From null at suse.de  Mon Feb  3 12:31:58 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 03 Feb 2025 12:31:58 -0000
Subject: SUSE-SU-2025:0327-1: important: Security update for clamav
Message-ID: <173858591882.22572.5371487155015033894@smelt2.prg2.suse.org>



# Security update for clamav

Announcement ID: SUSE-SU-2025:0327-1  
Release Date: 2025-02-03T09:39:44Z  
Rating: important  
References:

  * bsc#1102840
  * bsc#1103032
  * bsc#1180296
  * bsc#1202986
  * bsc#1211594
  * bsc#1214342
  * bsc#1232242
  * bsc#1236307
  * jsc#PED-4596

  
Cross-References:

  * CVE-2018-14679
  * CVE-2023-20197
  * CVE-2024-20380
  * CVE-2024-20505
  * CVE-2024-20506
  * CVE-2025-20128

  
CVSS scores:

  * CVE-2018-14679 ( SUSE ):  4.4 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
  * CVE-2018-14679 ( NVD ):  6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2023-20197 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-20197 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-20380 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-20505 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-20505 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-20505 ( NVD ):  4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-20505 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-20506 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-20506 ( SUSE ):  6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N
  * CVE-2024-20506 ( NVD ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-20506 ( NVD ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2025-20128 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-20128 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2025-20128 ( NVD ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2025-20128 ( NVD ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves six vulnerabilities, contains one feature and has two
security fixes can now be installed.

## Description:

This update for clamav fixes the following issues:

New version 1.4.2:

  * CVE-2025-20128, bsc#1236307: Fixed a possible buffer overflow read bug in
    the OLE2 file parser that could cause a denial-of-service (DoS) condition.

  * Start clamonacc with --fdpass to avoid errors due to clamd not being able to
    access user files. (bsc#1232242)

  * New version 1.4.1:

  * https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html

  * New version 1.4.0:

  * Added support for extracting ALZ archives.

  * Added support for extracting LHA/LZH archives.
  * Added the ability to disable image fuzzy hashing, if needed. For context,
    image fuzzy hashing is a detection mechanism useful for identifying malware
    by matching images included with the malware or phishing email/document.
  * https://blog.clamav.net/2024/08/clamav-140-feature-release-and-clamav.html

  * New version 1.3.2:

  * CVE-2024-20506: Changed the logging module to disable following symlinks on
    Linux and Unix systems so as to prevent an attacker with existing access to
    the 'clamd' or 'freshclam' services from using a symlink to corrupt system
    files.

  * CVE-2024-20505: Fixed a possible out-of-bounds read bug in the PDF file
    parser that could cause a denial-of-service condition.
  * Removed unused Python modules from freshclam tests including deprecated
    'cgi' module that is expected to cause test failures in Python 3.13.
  * Fix unit test caused by expiring signing certificate.
  * Fixed a build issue on Windows with newer versions of Rust. Also upgraded
    GitHub Actions imports to fix CI failures.
  * Fixed an unaligned pointer dereference issue on select architectures.
  * Fixes to Jenkins CI pipeline.

  * New Version: 1.3.1:

  * CVE-2024-20380: Fixed a possible crash in the HTML file parser that could
    cause a denial-of-service (DoS) condition.

  * Updated select Rust dependencies to the latest versions.
  * Fixed a bug causing some text to be truncated when converting from UTF-16.
  * Fixed assorted complaints identified by Coverity static analysis.
  * Fixed a bug causing CVDs downloaded by the DatabaseCustomURL
  * Added the new 'valhalla' database name to the list of optional databases in
    preparation for future work.

  * New version: 1.3.0:

  * Added support for extracting and scanning attachments found in Microsoft
    OneNote section files. OneNote parsing will be enabled by default, but may
    be optionally disabled.

  * Added file type recognition for compiled Python ('.pyc') files.
  * Improved support for decrypting PDFs with empty passwords.
  * Fixed a warning when scanning some HTML files.
  * ClamOnAcc: Fixed an infinite loop when a watched directory does not exist.
  * ClamOnAcc: Fixed an infinite loop when a file has been deleted before a
    scan.

  * New version: 1.2.0:

  * Added support for extracting Universal Disk Format (UDF) partitions.

  * Added an option to customize the size of ClamAV's clean file cache.
  * Raised the MaxScanSize limit so the total amount of data scanned when
    scanning a file or archive may exceed 4 gigabytes.
  * Added ability for Freshclam to use a client certificate PEM file and a
    private key PEM file for authentication to a private mirror.
  * Fix an issue extracting files from ISO9660 partitions where the files are
    listed in the plain ISO tree and there also exists an empty Joliet tree.
  * PID and socket are now located under /run/clamav/clamd.pid and
    /run/clamav/clamd.sock .
  * bsc#1211594: Fixed an issue where ClamAV does not abort the signature load
    process after partially loading an invalid signature.

  * New version 1.1.0:

  * https://blog.clamav.net/2023/05/clamav-110-released.html

  * Added the ability to extract images embedded in HTML CSS <style> blocks.
  * Updated to Sigtool so that the '\--vba' option will extract VBA code from
    Microsoft Office documents the same way that libclamav extracts VBA.
  * Added a new option --fail-if-cvd-older-than=days to clamscan and clamd, and
    FailIfCvdOlderThan to clamd.conf
  * Added a new function 'cl_cvdgetage()' to the libclamav API.
  * Added a new function 'cl_engine_set_clcb_vba()' to the libclamav API.
  * bsc#1180296: Integrate clamonacc as a service.
  * New version 1.0.1 LTS (including changes in 0.104 and 0.105):
  * As of ClamAV 0.104, CMake is required to build ClamAV.
  * As of ClamAV 0.105, Rust is now required to compile ClamAV.
  * Increased the default limits for file and scan size:
    * MaxScanSize: 100M to 400M
    * MaxFileSize: 25M to 100M
    * StreamMaxLength: 25M to 100M
    * PCREMaxFileSize: 25M to 100M
    * MaxEmbeddedPE: 10M to 40M
    * MaxHTMLNormalize: 10M to 40M
    * MaxScriptNormalize: 5M to 20M
    * MaxHTMLNoTags: 2M to 8M
  * Added image fuzzy hash subsignatures for logical signatures.
  * Support for decrypting read-only OLE2-based XLS files that are encrypted
    with the default password.
  * Overhauled the implementation of the all-match feature.
  * Added a new callback to the public API for inspecting file content during a
    scan at each layer of archive extraction.
  * Added a new function to the public API for unpacking CVD signature archives.
  * The option to build with an external TomsFastMath library has been removed.
    ClamAV requires non-default build options for TomsFastMath to support bigger
    floating point numbers.
  * For a full list of changes see the release announcements:
    * https://blog.clamav.net/2022/11/clamav-100-lts-released.html
    * https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html
    * https://blog.clamav.net/2021/09/clamav-01040-released.html
  * Build clamd with systemd support.

  * CVE-2023-20197: Fixed a possible denial of service vulnerability in the HFS+
    file parser. (bsc#1214342)

  * CVE-2018-14679: Fixed that an issue was discovered in mspack/chmd.c in
    libmspack before 0.7alpha. There isan off-by-one error in the CHM PMGI/PMGL
    chunk number validity checks, which could lead to denial of service
    (uninitialized da (bsc#1103032)

  * Package huge .html documentation in a separate subpackage.

  * Update to 0.103.7 (bsc#1202986)

  * Zip parser: tolerate 2-byte overlap in file entries

  * Fix bug with logical signature Intermediates feature
  * Update to UnRAR v6.1.7
  * Patch UnRAR: allow skipping files in solid archives
  * Patch UnRAR: limit dict winsize to 1GB

  * Use a split-provides for clamav-milter instead of recommending it.

  * Package clamav-milter in a subpackage
  * Remove virus signatures upon uninstall
  * Check for database existence before starting clamd
  * Restart clamd when it exits
  * Don't daemonize freshclam, but use a systemd timer instead to trigger
    updates

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-327=1 openSUSE-SLE-15.6-2025-327=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-327=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * clamav-1.4.2-150600.18.6.1
    * libfreshclam3-debuginfo-1.4.2-150600.18.6.1
    * libclamav12-1.4.2-150600.18.6.1
    * clamav-devel-1.4.2-150600.18.6.1
    * libclammspack0-debuginfo-1.4.2-150600.18.6.1
    * clamav-debuginfo-1.4.2-150600.18.6.1
    * libfreshclam3-1.4.2-150600.18.6.1
    * libclamav12-debuginfo-1.4.2-150600.18.6.1
    * clamav-debugsource-1.4.2-150600.18.6.1
    * libclammspack0-1.4.2-150600.18.6.1
    * clamav-milter-debuginfo-1.4.2-150600.18.6.1
    * clamav-milter-1.4.2-150600.18.6.1
  * openSUSE Leap 15.6 (noarch)
    * clamav-docs-html-1.4.2-150600.18.6.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * clamav-1.4.2-150600.18.6.1
    * libfreshclam3-debuginfo-1.4.2-150600.18.6.1
    * libclamav12-1.4.2-150600.18.6.1
    * clamav-devel-1.4.2-150600.18.6.1
    * libclammspack0-debuginfo-1.4.2-150600.18.6.1
    * clamav-debuginfo-1.4.2-150600.18.6.1
    * libfreshclam3-1.4.2-150600.18.6.1
    * libclamav12-debuginfo-1.4.2-150600.18.6.1
    * clamav-debugsource-1.4.2-150600.18.6.1
    * libclammspack0-1.4.2-150600.18.6.1
    * clamav-milter-debuginfo-1.4.2-150600.18.6.1
    * clamav-milter-1.4.2-150600.18.6.1
  * Basesystem Module 15-SP6 (noarch)
    * clamav-docs-html-1.4.2-150600.18.6.1

## References:

  * https://www.suse.com/security/cve/CVE-2018-14679.html
  * https://www.suse.com/security/cve/CVE-2023-20197.html
  * https://www.suse.com/security/cve/CVE-2024-20380.html
  * https://www.suse.com/security/cve/CVE-2024-20505.html
  * https://www.suse.com/security/cve/CVE-2024-20506.html
  * https://www.suse.com/security/cve/CVE-2025-20128.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1102840
  * https://bugzilla.suse.com/show_bug.cgi?id=1103032
  * https://bugzilla.suse.com/show_bug.cgi?id=1180296
  * https://bugzilla.suse.com/show_bug.cgi?id=1202986
  * https://bugzilla.suse.com/show_bug.cgi?id=1211594
  * https://bugzilla.suse.com/show_bug.cgi?id=1214342
  * https://bugzilla.suse.com/show_bug.cgi?id=1232242
  * https://bugzilla.suse.com/show_bug.cgi?id=1236307
  * https://jira.suse.com/browse/PED-4596

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250203/1ef8ccb9/attachment.htm>

From null at suse.de  Mon Feb  3 12:32:58 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 03 Feb 2025 12:32:58 -0000
Subject: SUSE-SU-2025:0325-1: important: Security update for clamav
Message-ID: <173858597829.22572.15679858355011719567@smelt2.prg2.suse.org>



# Security update for clamav

Announcement ID: SUSE-SU-2025:0325-1  
Release Date: 2025-02-03T09:39:26Z  
Rating: important  
References:

  * bsc#1102840
  * bsc#1103032
  * bsc#1180296
  * bsc#1202986
  * bsc#1211594
  * bsc#1214342
  * bsc#1232242
  * bsc#1236307
  * jsc#PED-4596
  * jsc#SMO-494
  * jsc#SMO-495

  
Cross-References:

  * CVE-2018-14679
  * CVE-2023-20197
  * CVE-2024-20380
  * CVE-2024-20505
  * CVE-2024-20506
  * CVE-2025-20128

  
CVSS scores:

  * CVE-2018-14679 ( SUSE ):  4.4 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
  * CVE-2018-14679 ( NVD ):  6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2023-20197 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-20197 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-20380 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-20505 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-20505 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-20505 ( NVD ):  4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-20505 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-20506 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-20506 ( SUSE ):  6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N
  * CVE-2024-20506 ( NVD ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-20506 ( NVD ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2025-20128 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-20128 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2025-20128 ( NVD ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2025-20128 ( NVD ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

  
Affected Products:

  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves six vulnerabilities, contains three features and has two
security fixes can now be installed.

## Description:

This update for clamav fixes the following issues:

New version 1.4.2:

  * CVE-2025-20128, bsc#1236307: Fixed a possible buffer overflow read bug in
    the OLE2 file parser that could cause a denial-of-service (DoS) condition.

  * Start clamonacc with --fdpass to avoid errors due to clamd not being able to
    access user files. (bsc#1232242)

  * New version 1.4.1:

  * https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html

  * New version 1.4.0:

  * Added support for extracting ALZ archives.

  * Added support for extracting LHA/LZH archives.
  * Added the ability to disable image fuzzy hashing, if needed. For context,
    image fuzzy hashing is a detection mechanism useful for identifying malware
    by matching images included with the malware or phishing email/document.
  * https://blog.clamav.net/2024/08/clamav-140-feature-release-and-clamav.html

  * New version 1.3.2:

  * CVE-2024-20506: Changed the logging module to disable following symlinks on
    Linux and Unix systems so as to prevent an attacker with existing access to
    the 'clamd' or 'freshclam' services from using a symlink to corrupt system
    files.

  * CVE-2024-20505: Fixed a possible out-of-bounds read bug in the PDF file
    parser that could cause a denial-of-service condition.
  * Removed unused Python modules from freshclam tests including deprecated
    'cgi' module that is expected to cause test failures in Python 3.13.
  * Fix unit test caused by expiring signing certificate.
  * Fixed a build issue on Windows with newer versions of Rust. Also upgraded
    GitHub Actions imports to fix CI failures.
  * Fixed an unaligned pointer dereference issue on select architectures.
  * Fixes to Jenkins CI pipeline.

  * New Version: 1.3.1:

  * CVE-2024-20380: Fixed a possible crash in the HTML file parser that could
    cause a denial-of-service (DoS) condition.

  * Updated select Rust dependencies to the latest versions.
  * Fixed a bug causing some text to be truncated when converting from UTF-16.
  * Fixed assorted complaints identified by Coverity static analysis.
  * Fixed a bug causing CVDs downloaded by the DatabaseCustomURL
  * Added the new 'valhalla' database name to the list of optional databases in
    preparation for future work.

  * New version: 1.3.0:

  * Added support for extracting and scanning attachments found in Microsoft
    OneNote section files. OneNote parsing will be enabled by default, but may
    be optionally disabled.

  * Added file type recognition for compiled Python ('.pyc') files.
  * Improved support for decrypting PDFs with empty passwords.
  * Fixed a warning when scanning some HTML files.
  * ClamOnAcc: Fixed an infinite loop when a watched directory does not exist.
  * ClamOnAcc: Fixed an infinite loop when a file has been deleted before a
    scan.

  * New version: 1.2.0:

  * Added support for extracting Universal Disk Format (UDF) partitions.

  * Added an option to customize the size of ClamAV's clean file cache.
  * Raised the MaxScanSize limit so the total amount of data scanned when
    scanning a file or archive may exceed 4 gigabytes.
  * Added ability for Freshclam to use a client certificate PEM file and a
    private key PEM file for authentication to a private mirror.
  * Fix an issue extracting files from ISO9660 partitions where the files are
    listed in the plain ISO tree and there also exists an empty Joliet tree.
  * PID and socket are now located under /run/clamav/clamd.pid and
    /run/clamav/clamd.sock .
  * bsc#1211594: Fixed an issue where ClamAV does not abort the signature load
    process after partially loading an invalid signature.

  * New version 1.1.0:

  * https://blog.clamav.net/2023/05/clamav-110-released.html

  * Added the ability to extract images embedded in HTML CSS <style> blocks.
  * Updated to Sigtool so that the '\--vba' option will extract VBA code from
    Microsoft Office documents the same way that libclamav extracts VBA.
  * Added a new option --fail-if-cvd-older-than=days to clamscan and clamd, and
    FailIfCvdOlderThan to clamd.conf
  * Added a new function 'cl_cvdgetage()' to the libclamav API.
  * Added a new function 'cl_engine_set_clcb_vba()' to the libclamav API.
  * bsc#1180296: Integrate clamonacc as a service.
  * New version 1.0.1 LTS (including changes in 0.104 and 0.105):
  * As of ClamAV 0.104, CMake is required to build ClamAV.
  * As of ClamAV 0.105, Rust is now required to compile ClamAV.
  * Increased the default limits for file and scan size:
    * MaxScanSize: 100M to 400M
    * MaxFileSize: 25M to 100M
    * StreamMaxLength: 25M to 100M
    * PCREMaxFileSize: 25M to 100M
    * MaxEmbeddedPE: 10M to 40M
    * MaxHTMLNormalize: 10M to 40M
    * MaxScriptNormalize: 5M to 20M
    * MaxHTMLNoTags: 2M to 8M
  * Added image fuzzy hash subsignatures for logical signatures.
  * Support for decrypting read-only OLE2-based XLS files that are encrypted
    with the default password.
  * Overhauled the implementation of the all-match feature.
  * Added a new callback to the public API for inspecting file content during a
    scan at each layer of archive extraction.
  * Added a new function to the public API for unpacking CVD signature archives.
  * The option to build with an external TomsFastMath library has been removed.
    ClamAV requires non-default build options for TomsFastMath to support bigger
    floating point numbers.
  * For a full list of changes see the release announcements:
    * https://blog.clamav.net/2022/11/clamav-100-lts-released.html
    * https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html
    * https://blog.clamav.net/2021/09/clamav-01040-released.html
  * Build clamd with systemd support.

  * CVE-2023-20197: Fixed a possible denial of service vulnerability in the HFS+
    file parser. (bsc#1214342)

  * CVE-2018-14679: Fixed that an issue was discovered in mspack/chmd.c in
    libmspack before 0.7alpha. There isan off-by-one error in the CHM PMGI/PMGL
    chunk number validity checks, which could lead to denial of service
    (uninitialized da (bsc#1103032)

  * Package huge .html documentation in a separate subpackage.

  * Update to 0.103.7 (bsc#1202986)

  * Zip parser: tolerate 2-byte overlap in file entries

  * Fix bug with logical signature Intermediates feature
  * Update to UnRAR v6.1.7
  * Patch UnRAR: allow skipping files in solid archives
  * Patch UnRAR: limit dict winsize to 1GB

  * Use a split-provides for clamav-milter instead of recommending it.

  * Package clamav-milter in a subpackage
  * Remove virus signatures upon uninstall
  * Check for database existence before starting clamd
  * Restart clamd when it exits
  * Don't daemonize freshclam, but use a systemd timer instead to trigger
    updates

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-325=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-325=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-325=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-325=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-325=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-325=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-325=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-325=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-325=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-325=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-325=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-325=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-325=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-325=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-325=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-325=1

## Package List:

  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * libclammspack0-1.4.2-150200.8.3.1
    * clamav-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-1.4.2-150200.8.3.1
    * libclamav12-debuginfo-1.4.2-150200.8.3.1
    * clamav-debugsource-1.4.2-150200.8.3.1
    * libclammspack0-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-debuginfo-1.4.2-150200.8.3.1
    * clamav-1.4.2-150200.8.3.1
    * libclamav12-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * libclammspack0-1.4.2-150200.8.3.1
    * clamav-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-1.4.2-150200.8.3.1
    * clamav-milter-1.4.2-150200.8.3.1
    * libclamav12-debuginfo-1.4.2-150200.8.3.1
    * clamav-devel-1.4.2-150200.8.3.1
    * clamav-debugsource-1.4.2-150200.8.3.1
    * libclammspack0-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-debuginfo-1.4.2-150200.8.3.1
    * clamav-1.4.2-150200.8.3.1
    * clamav-milter-debuginfo-1.4.2-150200.8.3.1
    * libclamav12-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * clamav-docs-html-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * libclammspack0-1.4.2-150200.8.3.1
    * clamav-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-1.4.2-150200.8.3.1
    * clamav-milter-1.4.2-150200.8.3.1
    * libclamav12-debuginfo-1.4.2-150200.8.3.1
    * clamav-devel-1.4.2-150200.8.3.1
    * clamav-debugsource-1.4.2-150200.8.3.1
    * libclammspack0-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-debuginfo-1.4.2-150200.8.3.1
    * clamav-1.4.2-150200.8.3.1
    * clamav-milter-debuginfo-1.4.2-150200.8.3.1
    * libclamav12-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * clamav-docs-html-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * libclammspack0-1.4.2-150200.8.3.1
    * clamav-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-1.4.2-150200.8.3.1
    * clamav-milter-1.4.2-150200.8.3.1
    * libclamav12-debuginfo-1.4.2-150200.8.3.1
    * clamav-devel-1.4.2-150200.8.3.1
    * clamav-debugsource-1.4.2-150200.8.3.1
    * libclammspack0-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-debuginfo-1.4.2-150200.8.3.1
    * clamav-1.4.2-150200.8.3.1
    * clamav-milter-debuginfo-1.4.2-150200.8.3.1
    * libclamav12-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * clamav-docs-html-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * libclammspack0-1.4.2-150200.8.3.1
    * clamav-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-1.4.2-150200.8.3.1
    * clamav-milter-1.4.2-150200.8.3.1
    * libclamav12-debuginfo-1.4.2-150200.8.3.1
    * clamav-devel-1.4.2-150200.8.3.1
    * clamav-debugsource-1.4.2-150200.8.3.1
    * libclammspack0-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-debuginfo-1.4.2-150200.8.3.1
    * clamav-1.4.2-150200.8.3.1
    * clamav-milter-debuginfo-1.4.2-150200.8.3.1
    * libclamav12-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * clamav-docs-html-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * libclammspack0-1.4.2-150200.8.3.1
    * clamav-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-1.4.2-150200.8.3.1
    * clamav-milter-1.4.2-150200.8.3.1
    * libclamav12-debuginfo-1.4.2-150200.8.3.1
    * clamav-devel-1.4.2-150200.8.3.1
    * clamav-debugsource-1.4.2-150200.8.3.1
    * libclammspack0-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-debuginfo-1.4.2-150200.8.3.1
    * clamav-1.4.2-150200.8.3.1
    * clamav-milter-debuginfo-1.4.2-150200.8.3.1
    * libclamav12-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * clamav-docs-html-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * libclammspack0-1.4.2-150200.8.3.1
    * clamav-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-1.4.2-150200.8.3.1
    * clamav-milter-1.4.2-150200.8.3.1
    * libclamav12-debuginfo-1.4.2-150200.8.3.1
    * clamav-devel-1.4.2-150200.8.3.1
    * clamav-debugsource-1.4.2-150200.8.3.1
    * libclammspack0-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-debuginfo-1.4.2-150200.8.3.1
    * clamav-1.4.2-150200.8.3.1
    * clamav-milter-debuginfo-1.4.2-150200.8.3.1
    * libclamav12-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * clamav-docs-html-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * libclammspack0-1.4.2-150200.8.3.1
    * clamav-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-1.4.2-150200.8.3.1
    * clamav-milter-1.4.2-150200.8.3.1
    * libclamav12-debuginfo-1.4.2-150200.8.3.1
    * clamav-devel-1.4.2-150200.8.3.1
    * clamav-debugsource-1.4.2-150200.8.3.1
    * libclammspack0-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-debuginfo-1.4.2-150200.8.3.1
    * clamav-1.4.2-150200.8.3.1
    * clamav-milter-debuginfo-1.4.2-150200.8.3.1
    * libclamav12-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * clamav-docs-html-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * libclammspack0-1.4.2-150200.8.3.1
    * clamav-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-1.4.2-150200.8.3.1
    * clamav-milter-1.4.2-150200.8.3.1
    * libclamav12-debuginfo-1.4.2-150200.8.3.1
    * clamav-devel-1.4.2-150200.8.3.1
    * clamav-debugsource-1.4.2-150200.8.3.1
    * libclammspack0-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-debuginfo-1.4.2-150200.8.3.1
    * clamav-1.4.2-150200.8.3.1
    * clamav-milter-debuginfo-1.4.2-150200.8.3.1
    * libclamav12-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * clamav-docs-html-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * libclammspack0-1.4.2-150200.8.3.1
    * clamav-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-1.4.2-150200.8.3.1
    * clamav-milter-1.4.2-150200.8.3.1
    * libclamav12-debuginfo-1.4.2-150200.8.3.1
    * clamav-devel-1.4.2-150200.8.3.1
    * clamav-debugsource-1.4.2-150200.8.3.1
    * libclammspack0-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-debuginfo-1.4.2-150200.8.3.1
    * clamav-1.4.2-150200.8.3.1
    * clamav-milter-debuginfo-1.4.2-150200.8.3.1
    * libclamav12-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * clamav-docs-html-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * libclammspack0-1.4.2-150200.8.3.1
    * clamav-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-1.4.2-150200.8.3.1
    * clamav-milter-1.4.2-150200.8.3.1
    * libclamav12-debuginfo-1.4.2-150200.8.3.1
    * clamav-devel-1.4.2-150200.8.3.1
    * clamav-debugsource-1.4.2-150200.8.3.1
    * libclammspack0-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-debuginfo-1.4.2-150200.8.3.1
    * clamav-1.4.2-150200.8.3.1
    * clamav-milter-debuginfo-1.4.2-150200.8.3.1
    * libclamav12-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * clamav-docs-html-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * libclammspack0-1.4.2-150200.8.3.1
    * clamav-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-1.4.2-150200.8.3.1
    * clamav-milter-1.4.2-150200.8.3.1
    * libclamav12-debuginfo-1.4.2-150200.8.3.1
    * clamav-devel-1.4.2-150200.8.3.1
    * clamav-debugsource-1.4.2-150200.8.3.1
    * libclammspack0-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-debuginfo-1.4.2-150200.8.3.1
    * clamav-1.4.2-150200.8.3.1
    * clamav-milter-debuginfo-1.4.2-150200.8.3.1
    * libclamav12-1.4.2-150200.8.3.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * clamav-docs-html-1.4.2-150200.8.3.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * libclammspack0-1.4.2-150200.8.3.1
    * clamav-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-1.4.2-150200.8.3.1
    * clamav-milter-1.4.2-150200.8.3.1
    * libclamav12-debuginfo-1.4.2-150200.8.3.1
    * clamav-devel-1.4.2-150200.8.3.1
    * clamav-debugsource-1.4.2-150200.8.3.1
    * libclammspack0-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-debuginfo-1.4.2-150200.8.3.1
    * clamav-1.4.2-150200.8.3.1
    * clamav-milter-debuginfo-1.4.2-150200.8.3.1
    * libclamav12-1.4.2-150200.8.3.1
  * SUSE Manager Proxy 4.3 (noarch)
    * clamav-docs-html-1.4.2-150200.8.3.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * libclammspack0-1.4.2-150200.8.3.1
    * clamav-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-1.4.2-150200.8.3.1
    * clamav-milter-1.4.2-150200.8.3.1
    * libclamav12-debuginfo-1.4.2-150200.8.3.1
    * clamav-devel-1.4.2-150200.8.3.1
    * clamav-debugsource-1.4.2-150200.8.3.1
    * libclammspack0-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-debuginfo-1.4.2-150200.8.3.1
    * clamav-1.4.2-150200.8.3.1
    * clamav-milter-debuginfo-1.4.2-150200.8.3.1
    * libclamav12-1.4.2-150200.8.3.1
  * SUSE Manager Retail Branch Server 4.3 (noarch)
    * clamav-docs-html-1.4.2-150200.8.3.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * libclammspack0-1.4.2-150200.8.3.1
    * clamav-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-1.4.2-150200.8.3.1
    * clamav-milter-1.4.2-150200.8.3.1
    * libclamav12-debuginfo-1.4.2-150200.8.3.1
    * clamav-devel-1.4.2-150200.8.3.1
    * clamav-debugsource-1.4.2-150200.8.3.1
    * libclammspack0-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-debuginfo-1.4.2-150200.8.3.1
    * clamav-1.4.2-150200.8.3.1
    * clamav-milter-debuginfo-1.4.2-150200.8.3.1
    * libclamav12-1.4.2-150200.8.3.1
  * SUSE Manager Server 4.3 (noarch)
    * clamav-docs-html-1.4.2-150200.8.3.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * libclammspack0-1.4.2-150200.8.3.1
    * clamav-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-1.4.2-150200.8.3.1
    * clamav-milter-1.4.2-150200.8.3.1
    * libclamav12-debuginfo-1.4.2-150200.8.3.1
    * clamav-devel-1.4.2-150200.8.3.1
    * clamav-debugsource-1.4.2-150200.8.3.1
    * libclammspack0-debuginfo-1.4.2-150200.8.3.1
    * libfreshclam3-debuginfo-1.4.2-150200.8.3.1
    * clamav-1.4.2-150200.8.3.1
    * clamav-milter-debuginfo-1.4.2-150200.8.3.1
    * libclamav12-1.4.2-150200.8.3.1
  * SUSE Enterprise Storage 7.1 (noarch)
    * clamav-docs-html-1.4.2-150200.8.3.1

## References:

  * https://www.suse.com/security/cve/CVE-2018-14679.html
  * https://www.suse.com/security/cve/CVE-2023-20197.html
  * https://www.suse.com/security/cve/CVE-2024-20380.html
  * https://www.suse.com/security/cve/CVE-2024-20505.html
  * https://www.suse.com/security/cve/CVE-2024-20506.html
  * https://www.suse.com/security/cve/CVE-2025-20128.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1102840
  * https://bugzilla.suse.com/show_bug.cgi?id=1103032
  * https://bugzilla.suse.com/show_bug.cgi?id=1180296
  * https://bugzilla.suse.com/show_bug.cgi?id=1202986
  * https://bugzilla.suse.com/show_bug.cgi?id=1211594
  * https://bugzilla.suse.com/show_bug.cgi?id=1214342
  * https://bugzilla.suse.com/show_bug.cgi?id=1232242
  * https://bugzilla.suse.com/show_bug.cgi?id=1236307
  * https://jira.suse.com/browse/PED-4596
  * https://jira.suse.com/browse/SMO-494
  * https://jira.suse.com/browse/SMO-495

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250203/b3feb9c1/attachment.htm>

From null at suse.de  Mon Feb  3 12:33:43 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 03 Feb 2025 12:33:43 -0000
Subject: SUSE-FU-2025:0324-1: moderate: Feature update for spack
Message-ID: <173858602332.22572.12291974550940795851@smelt2.prg2.suse.org>



# Feature update for spack

Announcement ID: SUSE-FU-2025:0324-1  
Release Date: 2025-02-03T08:13:45Z  
Rating: moderate  
References:

  * bsc#1235144

  
Affected Products:

  * openSUSE Leap 15.3
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3

  
  
An update that has one fix can now be installed.

## Description:

This update for spack fixes the following issues:

spack was updated from version 0.21.3 to 0.23.0:

  * Improved documentation generation (bsc#1235144)
  * Version v0.23.0:
  * New features:
    * Spec splicing
    * Broader variant propagation
    * Ability to query specs by namespace
    * `spack spec` now respects environment settings and `unify:true`
    * Improved and polished `spack spec` and `spack find -c` output
    * The command `spack -C &lt;env&gt;` allows to use an environment's configuration without activation
  * New commands, options, and directives:
    * The new `spack env track` command takes a non-managed Spack environment and adds a symlink to Spack's `$environments_root` directory.
    * Added `-t` short option for `spack --backtrace` to output backtrace errors
    * `gc` now allows to garbage-collect specific packages through the command line
    * `oci buildcaches` now supports the option `--only=package`
  * Highlighted bugfixes:
    * Externals no longer override the preferred provider
    * Composable `cflags`
    * Fixed concretizer Unification for included environments
  * Deprecations, removals, and syntax changes:

    * The old concretizer has been removed from Spack, along with the `config:concretizer` config option
    * Best-effort expansion of spec matrices has been removed
    * The old Cray `platform` (based on Cray PE modules) has been removed, and `platform=cray` is no longer supported
    * The `config:install_missing_compilers` config option has beendeprecated
    * Config options that deprecated in `v0.21` have been removed
    * Spack's old test interface has been removed
    * The `spack versions --safe-only` option, deprecated since `v0.21.0`, has been removed
    * The `--dependencies` and `--optimize` arguments to `spack ci` have been deprecated
  * Version 0.22.2:

  * Bugs fixed:

    * Bumped vendored `archspec` for better aarch64 support
    * Fixed regression in `{variants.X}` and `{variants.X.value}` format strings
    * Ensure shell escaping of environment variable values in load and activate commands
    * Fixed an issue where `spec[pkg]` considers specs outside the current DAG
    * Do not halt concretization on unknown variants in externals
    * Improved validation of `develop` config section/
    * Explicitly disable `ccache` if turned off in config, to avoid cache pollution
    * Improved backwards compatibility in `include_concrete`
    * Fixed issue where package tags were sometimes repeated
    * Make `setup-env.sh` "sourced only" by dropping execution bits
    * Make certain source/binary fetch errors recoverable instead of a hard error
    * Do not initialize previous store state in `use_store`
  * Update to 0.22.1.

  * Bugs fixed:
    * Fix reuse of externals on Linux
    * Ensure parent gcc-runtime version >= child
    * Ensure the latest gcc-runtime is rpath'ed when multiple exist among link deps
    * Improve version detection of glibc
    * Improve heuristics for solver
    * Make strong preferences override reuse
    * Reduce verbosity when C compiler is missing
    * Make missing ccache executable an error when required
    * Make every environment view containing `python` a `venv`
    * Fix external detection for compilers with os but no target.
    * Fix version optimization for roots.
    * Handle common implementations of pagination of tags in OCI build caches.
    * Apply fetched patches to develop specs
    * Avoid Windows wrappers for filesystem utilities on non-Windows
    * Fix formatting issue in `spack audit`
  * Other changes:

    * Give 'site' scope a lower precedence than 'system' scope
  * Version 0.22.0:

  * New features:
    * Compiler dependencies are moving from `compilers.yaml` to `packages.yaml`
    * Improved spack find UI for Environments
    * Improved command-line string quoting
    * Revert default spack install behavior to `--reuse`
    * The `install` command now offers three options
    * More control over reused specs
    * New `conflict:` and `prefer:` syntax for package preferences
    * `include_concrete` in environments
    * `python-venv` isolation
    * Packages can now specify whether they may be distributed in source or binary form
  * Removals, deprecations, and syntax changes:
    * Removed `dpcpp` compiler and package
    * `spack load`: removed `--only` argument
  * Bugs fixed:
    * repo.py: drop deleted packages from provider cache
    * Allow `+` in module file names
    * `cmd/python`: use runpy to allow multiprocessing in scripts
    * Show extension commands with `spack -h`
    * Support environment variable expansion inside module projections
    * Alert user to failed concretizations
    * `shell`: fix `zsh` color formatting for PS1 in environments
    * `spack mirror create --all`: include patches

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-324=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-324=1

## Package List:

  * openSUSE Leap 15.3 (noarch)
    * spack-build-dependencies-0.23.0-150300.21.1
    * spack-info-0.23.0-150300.21.1
    * spack-man-0.23.0-150300.21.1
    * spack-recipes-0.23.0-150300.21.1
    * spack-0.23.0-150300.21.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * spack-recipes-0.23.0-150300.21.1
    * spack-info-0.23.0-150300.21.1
    * spack-0.23.0-150300.21.1
    * spack-man-0.23.0-150300.21.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1235144

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250203/4005950c/attachment.htm>

From null at suse.de  Mon Feb  3 12:34:12 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 03 Feb 2025 12:34:12 -0000
Subject: SUSE-FU-2025:0323-1: moderate: Feature update for spack
Message-ID: <173858605221.22572.10399871233593895981@smelt2.prg2.suse.org>



# Feature update for spack

Announcement ID: SUSE-FU-2025:0323-1  
Release Date: 2025-02-03T08:12:24Z  
Rating: moderate  
References:

  * bsc#1235144

  
Affected Products:

  * HPC Module 15-SP6
  * openSUSE Leap 15.4
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Server 15 SP6

  
  
An update that has one fix can now be installed.

## Description:

This update for spack fixes the following issues:

spack was updated from version 0.21.3 to 0.23.0:

  * Improved documentation generation (bsc#1235144)
  * Version v0.23.0:
  * New features:
    * Spec splicing
    * Broader variant propagation
    * Ability to query specs by namespace
    * `spack spec` now respects environment settings and `unify:true`
    * Improved and polished `spack spec` and `spack find -c` output
    * The command `spack -C &lt;env&gt;` allows to use an environment's configuration without activation
  * New commands, options, and directives:
    * The new `spack env track` command takes a non-managed Spack environment and adds a symlink to Spack's `$environments_root` directory.
    * Added `-t` short option for `spack --backtrace` to output backtrace errors
    * `gc` now allows to garbage-collect specific packages through the command line
    * `oci buildcaches` now supports the option `--only=package`
  * Highlighted bugfixes:
    * Externals no longer override the preferred provider
    * Composable `cflags`
    * Fixed concretizer Unification for included environments
  * Deprecations, removals, and syntax changes:

    * The old concretizer has been removed from Spack, along with the `config:concretizer` config option
    * Best-effort expansion of spec matrices has been removed
    * The old Cray `platform` (based on Cray PE modules) has been removed, and `platform=cray` is no longer supported
    * The `config:install_missing_compilers` config option has beendeprecated
    * Config options that deprecated in `v0.21` have been removed
    * Spack's old test interface has been removed
    * The `spack versions --safe-only` option, deprecated since `v0.21.0`, has been removed
    * The `--dependencies` and `--optimize` arguments to `spack ci` have been deprecated
  * Version 0.22.2:

  * Bugs fixed:

    * Bumped vendored `archspec` for better aarch64 support
    * Fixed regression in `{variants.X}` and `{variants.X.value}` format strings
    * Ensure shell escaping of environment variable values in load and activate commands
    * Fixed an issue where `spec[pkg]` considers specs outside the current DAG
    * Do not halt concretization on unknown variants in externals
    * Improved validation of `develop` config section/
    * Explicitly disable `ccache` if turned off in config, to avoid cache pollution
    * Improved backwards compatibility in `include_concrete`
    * Fixed issue where package tags were sometimes repeated
    * Make `setup-env.sh` "sourced only" by dropping execution bits
    * Make certain source/binary fetch errors recoverable instead of a hard error
    * Do not initialize previous store state in `use_store`
  * Update to 0.22.1.

  * Bugs fixed:
    * Fix reuse of externals on Linux
    * Ensure parent gcc-runtime version >= child
    * Ensure the latest gcc-runtime is rpath'ed when multiple exist among link deps
    * Improve version detection of glibc
    * Improve heuristics for solver
    * Make strong preferences override reuse
    * Reduce verbosity when C compiler is missing
    * Make missing ccache executable an error when required
    * Make every environment view containing `python` a `venv`
    * Fix external detection for compilers with os but no target.
    * Fix version optimization for roots.
    * Handle common implementations of pagination of tags in OCI build caches.
    * Apply fetched patches to develop specs
    * Avoid Windows wrappers for filesystem utilities on non-Windows
    * Fix formatting issue in `spack audit`
  * Other changes:

    * Give 'site' scope a lower precedence than 'system' scope
  * Version 0.22.0:

  * New features:
    * Compiler dependencies are moving from `compilers.yaml` to `packages.yaml`
    * Improved spack find UI for Environments
    * Improved command-line string quoting
    * Revert default spack install behavior to `--reuse`
    * The `install` command now offers three options
    * More control over reused specs
    * New `conflict:` and `prefer:` syntax for package preferences
    * `include_concrete` in environments
    * `python-venv` isolation
    * Packages can now specify whether they may be distributed in source or binary form
  * Removals, deprecations, and syntax changes:
    * Removed `dpcpp` compiler and package
    * `spack load`: removed `--only` argument
  * Bugs fixed:
    * repo.py: drop deleted packages from provider cache
    * Allow `+` in module file names
    * `cmd/python`: use runpy to allow multiprocessing in scripts
    * Show extension commands with `spack -h`
    * Support environment variable expansion inside module projections
    * Alert user to failed concretizations
    * `shell`: fix `zsh` color formatting for PS1 in environments
    * `spack mirror create --all`: include patches

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-323=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-323=1

  * HPC Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-HPC-15-SP6-2025-323=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-323=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-323=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-323=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-323=1

## Package List:

  * openSUSE Leap 15.4 (noarch)
    * spack-man-0.23.0-150400.21.1
    * spack-0.23.0-150400.21.1
    * spack-build-dependencies-0.23.0-150400.21.1
    * spack-info-0.23.0-150400.21.1
    * spack-recipes-0.23.0-150400.21.1
  * openSUSE Leap 15.6 (noarch)
    * spack-man-0.23.0-150400.21.1
    * spack-recipes-0.23.0-150400.21.1
    * spack-0.23.0-150400.21.1
    * spack-info-0.23.0-150400.21.1
  * HPC Module 15-SP6 (noarch)
    * spack-man-0.23.0-150400.21.1
    * spack-recipes-0.23.0-150400.21.1
    * spack-0.23.0-150400.21.1
    * spack-info-0.23.0-150400.21.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * spack-man-0.23.0-150400.21.1
    * spack-recipes-0.23.0-150400.21.1
    * spack-0.23.0-150400.21.1
    * spack-info-0.23.0-150400.21.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * spack-man-0.23.0-150400.21.1
    * spack-recipes-0.23.0-150400.21.1
    * spack-0.23.0-150400.21.1
    * spack-info-0.23.0-150400.21.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * spack-man-0.23.0-150400.21.1
    * spack-recipes-0.23.0-150400.21.1
    * spack-0.23.0-150400.21.1
    * spack-info-0.23.0-150400.21.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * spack-man-0.23.0-150400.21.1
    * spack-recipes-0.23.0-150400.21.1
    * spack-0.23.0-150400.21.1
    * spack-info-0.23.0-150400.21.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1235144

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250203/9acfe35a/attachment.htm>

From null at suse.de  Mon Feb  3 16:30:05 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 03 Feb 2025 16:30:05 -0000
Subject: SUSE-SU-2025:0339-1: moderate: Security update for java-17-openjdk
Message-ID: <173860020501.22572.67441516820565748@smelt2.prg2.suse.org>



# Security update for java-17-openjdk

Announcement ID: SUSE-SU-2025:0339-1  
Release Date: 2025-02-03T15:14:56Z  
Rating: moderate  
References:

  * bsc#1236278

  
Cross-References:

  * CVE-2025-21502

  
CVSS scores:

  * CVE-2025-21502 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-21502 ( SUSE ):  4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
  * CVE-2025-21502 ( NVD ):  4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

  
Affected Products:

  * Basesystem Module 15-SP6
  * Legacy Module 15-SP6
  * openSUSE Leap 15.4
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for java-17-openjdk fixes the following issues:

Update to upstream tag jdk-17.0.14+7 (January 2025 CPU):

Security fixes:

  * CVE-2025-21502: Enhance array handling (JDK-8330045, bsc#1236278)

Other changes:

  * JDK-7093691: Nimbus LAF: disabled JComboBox using renderer has bad font
    color
  * JDK-8028127: Regtest java/security/Security/SynchronizedAccess.java is
    incorrect
  * JDK-8071693: Introspector ignores default interface methods
  * JDK-8195675: Call to insertText with single character from custom Input
    Method ignored
  * JDK-8202926: Test
    java/awt/Focus/WindowUpdateFocusabilityTest/WindowUpdateFocusabilityTest.html
    fails
  * JDK-8207908: JMXStatusTest.java fails assertion intermittently
  * JDK-8225220: When the Tab Policy is checked,the scroll button direction
    displayed incorrectly.
  * JDK-8240343: JDI stopListening/stoplis001 "FAILED: listening is successfully
    stopped without starting listening"
  * JDK-8254759: [TEST_BUG] [macosx]
    javax/swing/JInternalFrame/4202966/IntFrameCoord.html fails
  * JDK-8258734: jdk/jfr/event/oldobject/TestClassLoaderLeak.java failed with
    "RuntimeException: Could not find class leak"
  * JDK-8268364: jmethod clearing should be done during unloading
  * JDK-8269770: nsk tests should start IOPipe channel before launch debuggee -
    Debugee.prepareDebugee
  * JDK-8271003: hs_err improvement: handle CLASSPATH env setting longer than
    O_BUFLEN
  * JDK-8271456: Avoid looking up standard charsets in "java.desktop" module
  * JDK-8271821: mark hotspot runtime/MinimalVM tests which ignore external VM
    flags
  * JDK-8271825: mark hotspot runtime/LoadClass tests which ignore external VM
    flags
  * JDK-8271836: runtime/ErrorHandling/ClassPathEnvVar.java fails with release
    VMs
  * JDK-8272746: ZipFile can't open big file (NegativeArraySizeException)
  * JDK-8273914: Indy string concat changes order of operations
  * JDK-8274170: Add hooks for custom makefiles to augment jtreg test execution
  * JDK-8274505: Too weak variable type leads to unnecessary cast in
    java.desktop
  * JDK-8276763: java/nio/channels/SocketChannel/AdaptorStreams.java fails with
    "SocketTimeoutException: Read timed out"
  * JDK-8278527: java/util/concurrent/tck/JSR166TestCase.java fails nanoTime
    test
  * JDK-8280131: jcmd reports "Module jdk.jfr not found." when
    "jdk.management.jfr" is missing
  * JDK-8281379: Assign package declarations to all jtreg test cases under gc
  * JDK-8282578: AIOOBE in javax.sound.sampled.Clip
  * JDK-8283214: [macos] Screen magnifier does not show the magnified text for
    JComboBox
  * JDK-8283222: improve diagnosability of runtime/8176717/TestInheritFD.java
    timeouts
  * JDK-8284291: sun/security/krb5/auto/Renew.java fails intermittently on
    Windows 11
  * JDK-8284874: Add comment to ProcessHandle/OnExitTest to describe zombie
    problem
  * JDK-8286160: (fs) Files.exists returns unexpected results with
    C:\pagefile.sys because it's not readable
  * JDK-8287003: InputStreamReader::read() can return zero despite writing a
    char in the buffer
  * JDK-8288976: classfile parser 'wrong name' error message has the names the
    wrong way around
  * JDK-8289184: runtime/ClassUnload/DictionaryDependsTest.java failed with
    "Test failed: should be unloaded"
  * JDK-8290023: Remove use of IgnoreUnrecognizedVMOptions in gc tests
  * JDK-8290269: gc/shenandoah/TestVerifyJCStress.java fails due to invalid tag:
    required after JDK-8290023
  * JDK-8292309: Fix
    "java/awt/PrintJob/ConstrainedPrintingTest/ConstrainedPrintingTest.java"
    test
  * JDK-8293061: Combine CDSOptions and AppCDSOptions test utility classes
  * JDK-8293877: Rewrite MineField test
  * JDK-8294193: Files.createDirectories throws FileAlreadyExistsException for a
    symbolic link whose target is an existing directory
  * JDK-8294726: Update URLs in minefield tests
  * JDK-8295239: Refactor java/util/Formatter/Basic script into a Java native
    test launcher
  * JDK-8295344: Harden runtime/StackGuardPages/TestStackGuardPages.java
  * JDK-8295859: Update Manual Test Groups
  * JDK-8296709: WARNING: JNI call made without checking exceptions
  * JDK-8296718: Refactor bootstrap Test Common Functionalities to
    test/lib/Utils
  * JDK-8296787: Unify debug printing format of X.509 cert serial numbers
  * JDK-8296972: [macos13]
    java/awt/Frame/MaximizedToIconified/MaximizedToIconified.java:
    getExtendedState() != 6 as expected.
  * JDK-8298513:
    vmTestbase/nsk/jdi/EventSet/suspendPolicy/suspendpolicy009/TestDescription.java
    fails with usage tracker
  * JDK-8300416: java.security.MessageDigestSpi clone can result in thread-
    unsafe clones
  * JDK-8301379: Verify TLS_ECDH_* cipher suites cannot be negotiated
  * JDK-8302225: SunJCE Provider doesn't validate key sizes when using
    'constrained' transforms for AES/KW and AES/KWP
  * JDK-8303697: ProcessTools doesn't print last line of process output
  * JDK-8303705: Field sleeper.started should be volatile JdbLockTestTarg.java
  * JDK-8303742: CompletableFuture.orTimeout leaks if the future completes
    exceptionally
  * JDK-8304020: Speed up test/jdk/java/util/zip/ZipFile/TestTooManyEntries.java
    and clarify its purpose
  * JDK-8304557:
    java/util/concurrent/CompletableFuture/CompletableFutureOrTimeoutExceptionallyTest.java
    times out
  * JDK-8306015: Update sun.security.ssl TLS tests to use SSLContextTemplate or
    SSLEngineTemplate
  * JDK-8307297: Move some DnD tests to open
  * JDK-8307408: Some jdk/sun/tools/jhsdb tests don't pass test JVM args to the
    debuggee JVM
  * JDK-8309109: AArch64: [TESTBUG]
    compiler/intrinsics/sha/cli/TestUseSHA3IntrinsicsOptionOnSupportedCPU.java
    fails on Neoverse N2 and V1
  * JDK-8309303: jdk/internal/misc/VM/RuntimeArguments test ignores
    jdk/internal/vm/options
  * JDK-8309532: java/lang/Class/getDeclaredField/FieldSetAccessibleTest should
    filter modules that depend on JVMCI
  * JDK-8310072: JComboBox/DisabledComboBoxFontTestAuto: Enabled and disabled
    ComboBox does not match in these LAFs: GTK-
  * JDK-8310731: Configure a javax.net.ssl.SNIMatcher for the HTTP/1.1 test
    servers in java/net/httpclient tests
  * JDK-8312111:
    open/test/jdk/java/awt/Robot/ModifierRobotKey/ModifierRobotKeyTest.java
    fails on ubuntu 23.04
  * JDK-8313374: --enable-ccache's CCACHE_BASEDIR breaks builds
  * JDK-8313638: Add test for dump of resolved references
  * JDK-8313854: Some tests in serviceability area fail on localized Windows
    platform
  * JDK-8313878: Exclude two compiler/rtm/locking tests on ppc64le
  * JDK-8314333: Update com/sun/jdi/ProcessAttachTest.java to use
    ProcessTools.createTestJvm(..)
  * JDK-8314824: Fix serviceability/jvmti/8036666/GetObjectLockCount.java to use
    vm flags
  * JDK-8314829: serviceability/sa/jmap-hprof/JMapHProfLargeHeapTest.java
    ignores vm flags
  * JDK-8314831: NMT tests ignore vm flags
  * JDK-8315097: Rename createJavaProcessBuilder
  * JDK-8315406: [REDO] serviceability/jdwp/AllModulesCommandTest.java ignores
    VM flags
  * JDK-8315988: Parallel: Make TestAggressiveHeap use createTestJvm
  * JDK-8316410: GC: Make TestCompressedClassFlags use createTestJvm
  * JDK-8316446: 4 sun/management/jdp tests ignore VM flags
  * JDK-8316447: 8 sun/management/jmxremote tests ignore VM flags
  * JDK-8316464: 3 sun/tools tests ignore VM flags
  * JDK-8316562: serviceability/sa/jmap-hprof/JMapHProfLargeHeapTest.java times
    out after JDK-8314829
  * JDK-8316581: Improve performance of Symbol::print_value_on()
  * JDK-8317042: G1: Make TestG1ConcMarkStepDurationMillis use createTestJvm
  * JDK-8317116: Provide layouts for multiple test UI in PassFailJFrame
  * JDK-8317188: G1: Make TestG1ConcRefinementThreads use createTestJvm
  * JDK-8317218: G1: Make TestG1HeapRegionSize use createTestJvm
  * JDK-8317347: Parallel: Make TestInitialTenuringThreshold use createTestJvm
  * JDK-8317738: CodeCacheFullCountTest failed with "VirtualMachineError: Out of
    space in CodeCache for method handle intrinsic"
  * JDK-8318964: Fix build failures caused by 8315097
  * JDK-8319574: Exec/process tests should be marked as flagless
  * JDK-8319640: ClassicFormat::parseObject (from DateTimeFormatter) does not
    conform to the javadoc and may leak DateTimeException
  * JDK-8319651: Several network tests ignore vm flags when start java process
  * JDK-8319817: Charset constructor should make defensive copy of aliases
  * JDK-8320586: update manual test/jdk/TEST.groups
  * JDK-8320665: update jdk_core at open/test/jdk/TEST.groups
  * JDK-8320673: PageFormat/CustomPaper.java has no Pass/Fail buttons; multiple
    instructions
  * JDK-8320675: PrinterJob/SecurityDialogTest.java hangs
  * JDK-8321163: [test] OutputAnalyzer.getExitValue() unnecessarily logs even
    when process has already completed
  * JDK-8321299: runtime/logging/ClassLoadUnloadTest.java doesn't reliably
    trigger class unloading
  * JDK-8321470: ThreadLocal.nextHashCode can be static final
  * JDK-8321543: Update NSS to version 3.96
  * JDK-8321616: Retire binary test vectors in test/jdk/java/util/zip/ZipFile
  * JDK-8322754: click JComboBox when dialog about to close causes
    IllegalComponentStateException
  * JDK-8322766: Micro bench SSLHandshake should use default algorithms
  * JDK-8322809: SystemModulesMap::classNames and moduleNames arrays do not
    match the order
  * JDK-8322830: Add test case for ZipFile opening a ZIP with no entries
  * JDK-8323562: SaslInputStream.read() may return wrong value
  * JDK-8323688: C2: Fix UB of jlong overflow in
    PhaseIdealLoop::is_counted_loop()
  * JDK-8324808: Manual printer tests have no Pass/Fail buttons, instructions
    close set 3
  * JDK-8324841: PKCS11 tests still skip execution
  * JDK-8325038: runtime/cds/appcds/ProhibitedPackage.java can fail with
    UseLargePages
  * JDK-8325525: Create jtreg test case for JDK-8325203
  * JDK-8325587: Shenandoah: ShenandoahLock should allow blocking in VM
  * JDK-8325610: CTW: Add StressIncrementalInlining to stress options
  * JDK-8325616: JFR ZGC Allocation Stall events should record stack traces
  * JDK-8325762: Use PassFailJFrame.Builder.splitUI() in PrintLatinCJKTest.java
  * JDK-8325851: Hide PassFailJFrame.Builder constructor
  * JDK-8326100: DeflaterDictionaryTests should use Deflater.getBytesWritten
    instead of Deflater.getTotalOut
  * JDK-8326121:
    vmTestbase/gc/g1/unloading/tests/unloading_keepRef_rootClass_inMemoryCompilation_keep_cl
    failed with Full gc happened. Test was useless.
  * JDK-8326611: Clean up vmTestbase/nsk/stress/stack tests
  * JDK-8326898: NSK tests should listen on loopback addresses only
  * JDK-8326948: Force English locale for timeout formatting
  * JDK-8327401: Some jtreg tests fail on Wayland without any tracking bug
  * JDK-8327474: Review use of java.io.tmpdir in jdk tests
  * JDK-8327924: Simplify TrayIconScalingTest.java
  * JDK-8328021: Convert applet test java/awt/List/SetFontTest/SetFontTest.html
    to main program
  * JDK-8328242: Add a log area to the PassFailJFrame
  * JDK-8328303: 3 JDI tests timed out with UT enabled
  * JDK-8328379: Convert URLDragTest.html applet test to main
  * JDK-8328402: Implement pausing functionality for the PassFailJFrame
  * JDK-8328619:
    sun/management/jmxremote/bootstrap/SSLConfigFilePermissionTest.java failed
    with BindException: Address already in use
  * JDK-8328697: SubMenuShowTest and SwallowKeyEvents tests stabilization
  * JDK-8328723: IP Address error when client enables HTTPS endpoint check on
    server socket
  * JDK-8328957: Update PKCS11Test.java to not use hardcoded path
  * JDK-8330278: Have SSLSocketTemplate.doClientSide use loopback address
  * JDK-8330464: hserr generic events - add entry for the before_exit calls
  * JDK-8330621: Make 5 compiler tests use ProcessTools.executeProcess
  * JDK-8330814: Cleanups for KeepAliveCache tests
  * JDK-8331142: Add test for number of loader threads in BasicDirectoryModel
  * JDK-8331391: Enhance the keytool code by invoking the buildTrustedCerts
    method for essential options
  * JDK-8331405: Shenandoah: Optimize ShenandoahLock with TTAS
  * JDK-8331411: Shenandoah: Reconsider spinning duration in ShenandoahLock
  * JDK-8331495: Limit BasicDirectoryModel/LoaderThreadCount.java to Windows
    only
  * JDK-8331626: unsafe.cpp:162:38: runtime error in
    index_oop_from_field_offset_long - applying non-zero offset 4563897424 to
    null pointer
  * JDK-8331789: ubsan: deoptimization.cpp:403:29: runtime error: load of value
    208, which is not a valid value for type 'bool'
  * JDK-8331863: DUIterator_Fast used before it is constructed
  * JDK-8331864: Update Public Suffix List to 1cbd6e7
  * JDK-8331999: BasicDirectoryModel/LoaderThreadCount.java frequently fails on
    Windows in CI
  * JDK-8332340: Add JavacBench as a test case for CDS
  * JDK-8332473: ubsan: growableArray.hpp:290:10: runtime error: null pointer
    passed as argument 1, which is declared to never be null
  * JDK-8332589: ubsan: unix/native/libjava/ProcessImpl_md.c:562:5: runtime
    error: null pointer passed as argument 2, which is declared to never be null
  * JDK-8332720: ubsan: instanceKlass.cpp:3550:76: runtime error: member call on
    null pointer of type 'struct Array'
  * JDK-8332724: x86 MacroAssembler may over-align code
  * JDK-8332777: Update JCStress test suite
  * JDK-8332825: ubsan: guardedMemory.cpp:35:11: runtime error: null pointer
    passed as argument 2, which is declared to never be null
  * JDK-8332866: Crash in ImageIO JPEG decoding when MEM_STATS in enabled
  * JDK-8332901: Select{Current,New}ItemTest.java for Choice don't open popup on
    macOS
  * JDK-8332903: ubsan: opto/output.cpp:1002:18: runtime error: load of value
    171, which is not a valid value for type 'bool'
  * JDK-8332904: ubsan ppc64le: c1_LIRGenerator_ppc.cpp:581:21: runtime error:
    signed integer overflow: 9223372036854775807 - 1 cannot be represented in
    type 'long int'
  * JDK-8332935: Crash: assert(*lastPtr != 0) failed: Mismatched
    JNINativeInterface tables, check for new entries
  * JDK-8333317: Test sun/security/pkcs11/sslecc/ClientJSSEServerJSSE.java
    failed with: Invalid ECDH ServerKeyExchange signature
  * JDK-8333824: Unused ClassValue in VarHandles
  * JDK-8334057: JLinkReproducibleTest.java support receive test.tool.vm.opts
  * JDK-8334405: java/nio/channels/Selector/SelectWithConsumer.java#id0 failed
    in testWakeupDuringSelect
  * JDK-8334562: Automate
    com/sun/security/auth/callback/TextCallbackHandler/Default.java test
  * JDK-8334567: [test] runtime/os/TestTracePageSizes move ppc handling
  * JDK-8335142: compiler/c1/TestTraceLinearScanLevel.java occasionally times
    out with -Xcomp
  * JDK-8335267: [XWayland] move screencast tokens from .awt to .java folder
  * JDK-8335344: test/jdk/sun/security/tools/keytool/NssTest.java fails to
    compile
  * JDK-8335428: Enhanced Building of Processes
  * JDK-8335449: runtime/cds/DeterministicDump.java fails with File content
    different at byte ...
  * JDK-8335493: check_gc_overhead_limit should reset
    SoftRefPolicy::_should_clear_all_soft_refs
  * JDK-8335530: Java file extension missing in AuthenticatorTest
  * JDK-8335709: C2: assert(!loop->is_member(get_loop(useblock))) failed: must
    be outside loop
  * JDK-8335904: Fix invalid comment in ShenandoahLock
  * JDK-8335912, JDK-8337499: Add an operation mode to the jar command when
    extracting to not overwriting existing files
  * JDK-8336240: Test com/sun/crypto/provider/Cipher/DES/PerformanceTest.java
    fails with java.lang.ArithmeticException
  * JDK-8336257: Additional tests in jmxremote/startstop to match on PID not app
    name
  * JDK-8336315: tools/jpackage/windows/WinChildProcessTest.java Failed: Check
    is calculator process is alive
  * JDK-8336342: Fix known X11 library locations in sysroot
  * JDK-8336343: Add more known sysroot library locations for ALSA
  * JDK-8336413: gtk headers : Fix typedef redeclaration of GMainContext and
    GdkPixbuf
  * JDK-8336564: Enhance mask blit functionality redux
  * JDK-8336854: CAInterop.java#actalisauthenticationrootca conflicted with
    /manual and /timeout
  * JDK-8337066: Repeated call of StringBuffer.reverse with double byte string
    returns wrong result
  * JDK-8337320: Update ProblemList.txt with tests known to fail on XWayland
  * JDK-8337410: The makefiles should set problemlist and adjust timeout basing
    on the given VM flags
  * JDK-8337780: RISC-V: C2: Change C calling convention for sp to NS
  * JDK-8337810: ProblemList BasicDirectoryModel/LoaderThreadCount.java on
    Windows
  * JDK-8337851: Some tests have name which confuse jtreg
  * JDK-8337966: (fs) Files.readAttributes fails with Operation not permitted on
    older docker releases
  * JDK-8338058: map_or_reserve_memory_aligned Windows enhance remap assertion
  * JDK-8338101: remove old remap assertion in map_or_reserve_memory_aligned
    after JDK-8338058
  * JDK-8338109: java/awt/Mouse/EnterExitEvents/ResizingFrameTest.java duplicate
    in ProblemList
  * JDK-8338286: GHA: Demote x86_32 to hotspot build only
  * JDK-8338380: Update TLSCommon/interop/AbstractServer to specify an interface
    to listen for connections
  * JDK-8338402: GHA: some of bundles may not get removed
  * JDK-8338748: [17u,21u] Test Disconnect.java compile error: cannot find
    symbol after JDK-8299813
  * JDK-8338751: ConfigureNotify behavior has changed in KWin 6.2
  * JDK-8338759: Add extra diagnostic to java/net/InetAddress/ptr/Lookup.java
  * JDK-8339081: Bump update version for OpenJDK: jdk-17.0.14
  * JDK-8339180: Enhanced Building of Processes: Follow-on Issue
  * JDK-8339248: RISC-V: Remove li64 macro assembler routine and related code
  * JDK-8339384: Unintentional IOException in jdk.jdi module when JDWP end of
    stream occurs
  * JDK-8339470: [17u] More defensive fix for 8163921
  * JDK-8339487: ProcessHandleImpl os_getChildren sysctl call - retry in case of
    ENOMEM and enhance exception message
  * JDK-8339548: GHA: RISC-V: Use Debian snapshot archive for bootstrap
  * JDK-8339560: Unaddressed comments during code review of JDK-8337664
  * JDK-8339591: Mark jdk/jshell/ExceptionMessageTest.java intermittent
  * JDK-8339637: (tz) Update Timezone Data to 2024b
  * JDK-8339644: Improve parsing of Day/Month in tzdata rules
  * JDK-8339731: java.desktop/share/classes/javax/swing/text/html/default.css
    typo in margin settings
  * JDK-8339741: RISC-V: C ABI breakage for integer on stack
  * JDK-8339787: Add some additional diagnostic output to
    java/net/ipv6tests/UdpTest.java
  * JDK-8339803: Acknowledge case insensitive unambiguous keywords in tzdata
    files
  * JDK-8339892: Several security shell tests don't set TESTJAVAOPTS
  * JDK-8339931: Update problem list for WindowUpdateFocusabilityTest.java
  * JDK-8340007: Refactor KeyEvent/FunctionKeyTest.java
  * JDK-8340008: KeyEvent/KeyTyped/Numpad1KeyTyped.java has 15 seconds timeout
  * JDK-8340210: Add positionTestUI() to PassFailJFrame.Builder
  * JDK-8340230: Tests crash: assert(is_in_encoding_range || k->is_interface()
    || k->is_abstract()) failed: sanity
  * JDK-8340306: Add border around instructions in PassFailJFrame
  * JDK-8340308: PassFailJFrame: Make rows default to number of lines in
    instructions
  * JDK-8340365: Position the first window of a window list
  * JDK-8340387: Update OS detection code to recognize Windows Server 2025
  * JDK-8340418: GHA: MacOS AArch64 bundles can be removed prematurely
  * JDK-8340461: Amend description for logArea
  * JDK-8340466: Add description for PassFailJFrame constructors
  * JDK-8340552: Harden TzdbZoneRulesCompiler against missing zone names
  * JDK-8340632: ProblemList java/nio/channels/DatagramChannel/ for Macos
  * JDK-8340657: [PPC64] SA determines wrong unextendedSP
  * JDK-8340684: Reading from an input stream backed by a closed ZipFile has no
    test coverage
  * JDK-8340785: Update description of PassFailJFrame and samples
  * JDK-8340799: Add border inside instruction frame in PassFailJFrame
  * JDK-8340812: LambdaForm customization via MethodHandle::updateForm is not
    thread safe
  * JDK-8340815: Add SECURITY.md file
  * JDK-8340899: Remove wildcard bound in PositionWindows.positionTestWindows
  * JDK-8341146: RISC-V: Unnecessary fences used for load-acquire in template
    interpreter
  * JDK-8341235: Improve default instruction frame title in PassFailJFrame
  * JDK-8341562: RISC-V: Generate comments in -XX:-PrintInterpreter to link to
    source code
  * JDK-8341635: [17u] runtime/ErrorHandling/ClassPathEnvVar test ignores
    external VM flags
  * JDK-8341688: Aarch64: Generate comments in -XX:-PrintInterpreter to link to
    source code
  * JDK-8341806: Gcc version detection failure on Alinux3
  * JDK-8341927: Replace hardcoded security providers with new
    test.provider.name system property
  * JDK-8341997: Tests create files in src tree instead of scratch dir
  * JDK-8342181: Update tests to use stronger Key and Salt size
  * JDK-8342183: Update tests to use stronger algorithms and keys
  * JDK-8342188: Update tests to use stronger key parameters and certificates
  * JDK-8342496: C2/Shenandoah: SEGV in compiled code when running jcstress
  * JDK-8342578: GHA: RISC-V: Bootstrap using Debian snapshot is still failing
  * JDK-8342669: [21u] Fix TestArrayAllocatorMallocLimit after backport of
    JDK-8315097
  * JDK-8342681: TestLoadBypassesNullCheck.java fails improperly specified VM
    option
  * JDK-8342701: [PPC64] TestOSRLotsOfLocals.java crashes
  * JDK-8342962: [s390x] TestOSRLotsOfLocals.java crashes
  * JDK-8343285: java.lang.Process is unresponsive and CPU usage spikes to 100%
  * JDK-8343474: [updates] Customize README.md to specifics of update project
  * JDK-8343687: [17u] TestAntiDependencyForPinnedLoads requires UTF-8
  * JDK-8343848: Fix typo of property name in TestOAEPPadding after 8341927
  * JDK-8343877: Test AsyncClose.java intermittent fails -
    Socket.getInputStream().read() wasn't preempted
  * JDK-8343923: GHA: Switch to Xcode 15 on MacOS AArch64 runners
  * JDK-8347011: [17u] Remove designator DEFAULT_PROMOTED_VERSION_PRE=ea for
    release 17.0.14

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-339=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-339=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-339=1

  * Legacy Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2025-339=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-339=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-339=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-339=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-339=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-339=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-339=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-339=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-339=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-339=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-339=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-339=1

## Package List:

  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * java-17-openjdk-devel-17.0.14.0-150400.3.51.1
    * java-17-openjdk-jmods-17.0.14.0-150400.3.51.1
    * java-17-openjdk-devel-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-17.0.14.0-150400.3.51.1
    * java-17-openjdk-src-17.0.14.0-150400.3.51.1
    * java-17-openjdk-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-demo-17.0.14.0-150400.3.51.1
  * openSUSE Leap 15.4 (noarch)
    * java-17-openjdk-javadoc-17.0.14.0-150400.3.51.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * java-17-openjdk-devel-17.0.14.0-150400.3.51.1
    * java-17-openjdk-jmods-17.0.14.0-150400.3.51.1
    * java-17-openjdk-devel-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-17.0.14.0-150400.3.51.1
    * java-17-openjdk-src-17.0.14.0-150400.3.51.1
    * java-17-openjdk-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-demo-17.0.14.0-150400.3.51.1
  * openSUSE Leap 15.6 (noarch)
    * java-17-openjdk-javadoc-17.0.14.0-150400.3.51.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * java-17-openjdk-devel-17.0.14.0-150400.3.51.1
    * java-17-openjdk-devel-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-17.0.14.0-150400.3.51.1
    * java-17-openjdk-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1
  * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * java-17-openjdk-demo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * java-17-openjdk-devel-17.0.14.0-150400.3.51.1
    * java-17-openjdk-devel-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-17.0.14.0-150400.3.51.1
    * java-17-openjdk-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-demo-17.0.14.0-150400.3.51.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * java-17-openjdk-devel-17.0.14.0-150400.3.51.1
    * java-17-openjdk-devel-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-17.0.14.0-150400.3.51.1
    * java-17-openjdk-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-demo-17.0.14.0-150400.3.51.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * java-17-openjdk-devel-17.0.14.0-150400.3.51.1
    * java-17-openjdk-devel-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-17.0.14.0-150400.3.51.1
    * java-17-openjdk-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-demo-17.0.14.0-150400.3.51.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * java-17-openjdk-devel-17.0.14.0-150400.3.51.1
    * java-17-openjdk-devel-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-17.0.14.0-150400.3.51.1
    * java-17-openjdk-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-demo-17.0.14.0-150400.3.51.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * java-17-openjdk-devel-17.0.14.0-150400.3.51.1
    * java-17-openjdk-devel-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-17.0.14.0-150400.3.51.1
    * java-17-openjdk-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-demo-17.0.14.0-150400.3.51.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * java-17-openjdk-devel-17.0.14.0-150400.3.51.1
    * java-17-openjdk-devel-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-17.0.14.0-150400.3.51.1
    * java-17-openjdk-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-demo-17.0.14.0-150400.3.51.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * java-17-openjdk-devel-17.0.14.0-150400.3.51.1
    * java-17-openjdk-devel-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-17.0.14.0-150400.3.51.1
    * java-17-openjdk-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-demo-17.0.14.0-150400.3.51.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * java-17-openjdk-devel-17.0.14.0-150400.3.51.1
    * java-17-openjdk-devel-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-17.0.14.0-150400.3.51.1
    * java-17-openjdk-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-demo-17.0.14.0-150400.3.51.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * java-17-openjdk-devel-17.0.14.0-150400.3.51.1
    * java-17-openjdk-devel-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-17.0.14.0-150400.3.51.1
    * java-17-openjdk-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-demo-17.0.14.0-150400.3.51.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * java-17-openjdk-devel-17.0.14.0-150400.3.51.1
    * java-17-openjdk-devel-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-17.0.14.0-150400.3.51.1
    * java-17-openjdk-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-demo-17.0.14.0-150400.3.51.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * java-17-openjdk-devel-17.0.14.0-150400.3.51.1
    * java-17-openjdk-devel-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-17.0.14.0-150400.3.51.1
    * java-17-openjdk-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debugsource-17.0.14.0-150400.3.51.1
    * java-17-openjdk-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-headless-debuginfo-17.0.14.0-150400.3.51.1
    * java-17-openjdk-demo-17.0.14.0-150400.3.51.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-21502.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236278

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250203/56546aa2/attachment.htm>

From null at suse.de  Mon Feb  3 16:30:09 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 03 Feb 2025 16:30:09 -0000
Subject: SUSE-SU-2025:0338-1: moderate: Security update for java-11-openjdk
Message-ID: <173860020903.22572.213042175672904683@smelt2.prg2.suse.org>



# Security update for java-11-openjdk

Announcement ID: SUSE-SU-2025:0338-1  
Release Date: 2025-02-03T15:13:42Z  
Rating: moderate  
References:

  * bsc#1236278

  
Cross-References:

  * CVE-2025-21502

  
CVSS scores:

  * CVE-2025-21502 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-21502 ( SUSE ):  4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
  * CVE-2025-21502 ( NVD ):  4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

  
Affected Products:

  * Legacy Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3
  * SUSE Package Hub 15 15-SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for java-11-openjdk fixes the following issues:

Upgrade to upstream tag jdk-11.0.26+4 (January 2025 CPU)

Security fixes:

  * CVE-2025-21502: Enhance array handling (JDK-8330045, bsc#1236278)

Other changes:

  * JDK-8224624: Inefficiencies in CodeStrings::add_comment cause - timeouts
  * JDK-8225045: javax/swing/JInternalFrame/8146321//JInternalFrameIconTest.java
    fails on linux-x64
  * JDK-8232367: Update Reactive Streams to 1.0.3 -- tests only
  * JDK-8247706: Unintentional use of new Date(year...) with absolute year
  * JDK-8299254: Support dealing with standard assert macro
  * JDK-8303920: Avoid calling out to python in DataDescriptorSignatureMissing
    test
  * JDK-8315936: Parallelize gc/stress/TestStressG1Humongous.java test
  * JDK-8316193: jdk/jfr/event/oldobject/TestListenerLeak.java
    java.lang.Exception: Could not find leak
  * JDK-8328300: Convert PrintDialogsTest.java from Applet to main program
  * JDK-8328642: Convert applet test MouseDraggedOutCauseScrollingTest.html to
    main
  * JDK-8334332: TestIOException.java fails if run by root
  * JDK-8335428: Enhanced Building of Processes
  * JDK-8335801: [11u] Backport of 8210988 to 11u removes gcc warnings
  * JDK-8335912, JDK-8337499: Add an operation mode to the jar command when
    extracting to not overwriting existing files
  * JDK-8336564: Enhance mask blit functionality redux
  * JDK-8338402: GHA: some of bundles may not get removed
  * JDK-8339082: Bump update version for OpenJDK: jdk-11.0.26
  * JDK-8339180: Enhanced Building of Processes: Follow-on Issue
  * JDK-8339470: [17u] More defensive fix for 8163921
  * JDK-8339637: (tz) Update Timezone Data to 2024b
  * JDK-8339644: Improve parsing of Day/Month in tzdata rules
  * JDK-8339803: Acknowledge case insensitive unambiguous keywords in tzdata
    files
  * JDK-8340552: Harden TzdbZoneRulesCompiler against missing zone names
  * JDK-8340671: GHA: Bump macOS and Xcode versions to macos-12 and XCode 13.4.1
  * JDK-8340815: Add SECURITY.md file
  * JDK-8342426: [11u] javax/naming/module/RunBasic.java javac compile fails
  * JDK-8342629: [11u] Properly message out that shenandoah is disabled
  * JDK-8347483: [11u] Remove designator DEFAULT_PROMOTED_VERSION_PRE=ea for
    release 11.0.26

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-338=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-338=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-338=1

  * Legacy Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2025-338=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-338=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-338=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-338=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-338=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-338=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-338=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-338=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-338=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-338=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-338=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-338=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-338=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-338=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-338=1

## Package List:

  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * java-11-openjdk-debugsource-11.0.26.0-150000.3.122.1
    * java-11-openjdk-devel-11.0.26.0-150000.3.122.1
    * java-11-openjdk-headless-11.0.26.0-150000.3.122.1
    * java-11-openjdk-demo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-11.0.26.0-150000.3.122.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * java-11-openjdk-debugsource-11.0.26.0-150000.3.122.1
    * java-11-openjdk-devel-11.0.26.0-150000.3.122.1
    * java-11-openjdk-debuginfo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-headless-11.0.26.0-150000.3.122.1
    * java-11-openjdk-demo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-11.0.26.0-150000.3.122.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * java-11-openjdk-src-11.0.26.0-150000.3.122.1
    * java-11-openjdk-debugsource-11.0.26.0-150000.3.122.1
    * java-11-openjdk-jmods-11.0.26.0-150000.3.122.1
    * java-11-openjdk-devel-11.0.26.0-150000.3.122.1
    * java-11-openjdk-debuginfo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-headless-11.0.26.0-150000.3.122.1
    * java-11-openjdk-devel-debuginfo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-demo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-11.0.26.0-150000.3.122.1
    * java-11-openjdk-headless-debuginfo-11.0.26.0-150000.3.122.1
  * openSUSE Leap 15.6 (noarch)
    * java-11-openjdk-javadoc-11.0.26.0-150000.3.122.1
  * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * java-11-openjdk-debugsource-11.0.26.0-150000.3.122.1
    * java-11-openjdk-devel-11.0.26.0-150000.3.122.1
    * java-11-openjdk-debuginfo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-headless-11.0.26.0-150000.3.122.1
    * java-11-openjdk-devel-debuginfo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-demo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-11.0.26.0-150000.3.122.1
    * java-11-openjdk-headless-debuginfo-11.0.26.0-150000.3.122.1
  * SUSE Package Hub 15 15-SP6 (noarch)
    * java-11-openjdk-javadoc-11.0.26.0-150000.3.122.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * java-11-openjdk-debugsource-11.0.26.0-150000.3.122.1
    * java-11-openjdk-devel-11.0.26.0-150000.3.122.1
    * java-11-openjdk-debuginfo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-headless-11.0.26.0-150000.3.122.1
    * java-11-openjdk-demo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-11.0.26.0-150000.3.122.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * java-11-openjdk-debugsource-11.0.26.0-150000.3.122.1
    * java-11-openjdk-devel-11.0.26.0-150000.3.122.1
    * java-11-openjdk-headless-11.0.26.0-150000.3.122.1
    * java-11-openjdk-demo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-11.0.26.0-150000.3.122.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * java-11-openjdk-debugsource-11.0.26.0-150000.3.122.1
    * java-11-openjdk-devel-11.0.26.0-150000.3.122.1
    * java-11-openjdk-headless-11.0.26.0-150000.3.122.1
    * java-11-openjdk-demo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-11.0.26.0-150000.3.122.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * java-11-openjdk-devel-11.0.26.0-150000.3.122.1
    * java-11-openjdk-demo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-11.0.26.0-150000.3.122.1
    * java-11-openjdk-headless-11.0.26.0-150000.3.122.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * java-11-openjdk-devel-11.0.26.0-150000.3.122.1
    * java-11-openjdk-demo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-11.0.26.0-150000.3.122.1
    * java-11-openjdk-headless-11.0.26.0-150000.3.122.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * java-11-openjdk-debugsource-11.0.26.0-150000.3.122.1
    * java-11-openjdk-devel-11.0.26.0-150000.3.122.1
    * java-11-openjdk-debuginfo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-headless-11.0.26.0-150000.3.122.1
    * java-11-openjdk-demo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-11.0.26.0-150000.3.122.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * java-11-openjdk-debugsource-11.0.26.0-150000.3.122.1
    * java-11-openjdk-devel-11.0.26.0-150000.3.122.1
    * java-11-openjdk-headless-11.0.26.0-150000.3.122.1
    * java-11-openjdk-demo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-11.0.26.0-150000.3.122.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * java-11-openjdk-devel-11.0.26.0-150000.3.122.1
    * java-11-openjdk-demo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-11.0.26.0-150000.3.122.1
    * java-11-openjdk-headless-11.0.26.0-150000.3.122.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * java-11-openjdk-debugsource-11.0.26.0-150000.3.122.1
    * java-11-openjdk-devel-11.0.26.0-150000.3.122.1
    * java-11-openjdk-debuginfo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-headless-11.0.26.0-150000.3.122.1
    * java-11-openjdk-demo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-11.0.26.0-150000.3.122.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * java-11-openjdk-debugsource-11.0.26.0-150000.3.122.1
    * java-11-openjdk-devel-11.0.26.0-150000.3.122.1
    * java-11-openjdk-headless-11.0.26.0-150000.3.122.1
    * java-11-openjdk-demo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-11.0.26.0-150000.3.122.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * java-11-openjdk-devel-11.0.26.0-150000.3.122.1
    * java-11-openjdk-demo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-11.0.26.0-150000.3.122.1
    * java-11-openjdk-headless-11.0.26.0-150000.3.122.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * java-11-openjdk-debugsource-11.0.26.0-150000.3.122.1
    * java-11-openjdk-devel-11.0.26.0-150000.3.122.1
    * java-11-openjdk-headless-11.0.26.0-150000.3.122.1
    * java-11-openjdk-demo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-11.0.26.0-150000.3.122.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * java-11-openjdk-debugsource-11.0.26.0-150000.3.122.1
    * java-11-openjdk-devel-11.0.26.0-150000.3.122.1
    * java-11-openjdk-headless-11.0.26.0-150000.3.122.1
    * java-11-openjdk-demo-11.0.26.0-150000.3.122.1
    * java-11-openjdk-11.0.26.0-150000.3.122.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-21502.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236278

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250203/3ba3e0fe/attachment-0001.htm>

From null at suse.de  Mon Feb  3 16:30:13 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 03 Feb 2025 16:30:13 -0000
Subject: SUSE-SU-2025:0337-1: important: Security update for bind
Message-ID: <173860021349.22572.14527746326840787851@smelt2.prg2.suse.org>



# Security update for bind

Announcement ID: SUSE-SU-2025:0337-1  
Release Date: 2025-02-03T15:10:35Z  
Rating: important  
References:

  * bsc#1236596

  
Cross-References:

  * CVE-2024-11187

  
CVSS scores:

  * CVE-2024-11187 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-11187 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-11187 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * SUSE Linux Enterprise Micro 5.0
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Manager Client Tools for SLE Micro 5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for bind fixes the following issues:

  * CVE-2024-11187: Fixes CPU exhaustion caused by many records in the
    additional section (bsc#1236596)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Manager Client Tools for SLE Micro 5  
    zypper in -t patch SUSE-SLE-Manager-Tools-For-Micro-5-2025-337=1

## Package List:

  * SUSE Manager Client Tools for SLE Micro 5 (aarch64 s390x x86_64)
    * libirs1601-9.16.6-150000.12.80.1
    * libbind9-1600-9.16.6-150000.12.80.1
    * libisccc1600-9.16.6-150000.12.80.1
    * libisc1606-9.16.6-150000.12.80.1
    * bind-utils-9.16.6-150000.12.80.1
    * libns1604-debuginfo-9.16.6-150000.12.80.1
    * libns1604-9.16.6-150000.12.80.1
    * libdns1605-9.16.6-150000.12.80.1
    * libisccfg1600-9.16.6-150000.12.80.1
  * SUSE Manager Client Tools for SLE Micro 5 (aarch64_ilp32)
    * libisccc1600-64bit-9.16.6-150000.12.80.1
    * libisccfg1600-64bit-9.16.6-150000.12.80.1
    * libbind9-1600-64bit-9.16.6-150000.12.80.1
    * libisc1606-64bit-9.16.6-150000.12.80.1
    * libdns1605-64bit-9.16.6-150000.12.80.1
    * libirs1601-64bit-9.16.6-150000.12.80.1
  * SUSE Manager Client Tools for SLE Micro 5 (noarch)
    * python3-bind-9.16.6-150000.12.80.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-11187.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236596

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250203/a3b7e79b/attachment.htm>

From null at suse.de  Mon Feb  3 16:30:15 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 03 Feb 2025 16:30:15 -0000
Subject: SUSE-SU-2025:0336-1: important: Security update for xrdp
Message-ID: <173860021598.22572.394029366252814148@smelt2.prg2.suse.org>



# Security update for xrdp

Announcement ID: SUSE-SU-2025:0336-1  
Release Date: 2025-02-03T14:47:32Z  
Rating: important  
References:

  * bsc#1227769

  
Cross-References:

  * CVE-2024-39917

  
CVSS scores:

  * CVE-2024-39917 ( SUSE ):  7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
  * CVE-2024-39917 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for xrdp fixes the following issues:

  * CVE-2024-39917: Enforce no login screen if require_credentials is set
    (bsc#1227769)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-336=1 openSUSE-SLE-15.6-2025-336=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-336=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * xrdp-devel-0.9.13.1-150600.15.3.1
    * xrdp-debugsource-0.9.13.1-150600.15.3.1
    * xrdp-debuginfo-0.9.13.1-150600.15.3.1
    * librfxencode0-0.9.13.1-150600.15.3.1
    * libpainter0-0.9.13.1-150600.15.3.1
    * xrdp-0.9.13.1-150600.15.3.1
    * libpainter0-debuginfo-0.9.13.1-150600.15.3.1
    * librfxencode0-debuginfo-0.9.13.1-150600.15.3.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * xrdp-devel-0.9.13.1-150600.15.3.1
    * xrdp-debugsource-0.9.13.1-150600.15.3.1
    * xrdp-debuginfo-0.9.13.1-150600.15.3.1
    * librfxencode0-0.9.13.1-150600.15.3.1
    * libpainter0-0.9.13.1-150600.15.3.1
    * xrdp-0.9.13.1-150600.15.3.1
    * libpainter0-debuginfo-0.9.13.1-150600.15.3.1
    * librfxencode0-debuginfo-0.9.13.1-150600.15.3.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-39917.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1227769

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250203/6d7f5ede/attachment.htm>

From null at suse.de  Mon Feb  3 16:30:19 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 03 Feb 2025 16:30:19 -0000
Subject: SUSE-SU-2025:0335-1: important: Security update for xrdp
Message-ID: <173860021947.22572.9712851004001385047@smelt2.prg2.suse.org>



# Security update for xrdp

Announcement ID: SUSE-SU-2025:0335-1  
Release Date: 2025-02-03T14:44:16Z  
Rating: important  
References:

  * bsc#1227769

  
Cross-References:

  * CVE-2024-39917

  
CVSS scores:

  * CVE-2024-39917 ( SUSE ):  7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
  * CVE-2024-39917 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for xrdp fixes the following issues:

  * CVE-2024-39917: Enforce no login screen if require_credentials is set
    (bsc#1227769)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-335=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-335=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * xrdp-debuginfo-0.9.10-3.19.1
    * xrdp-debugsource-0.9.10-3.19.1
    * xrdp-0.9.10-3.19.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * xrdp-debuginfo-0.9.10-3.19.1
    * xrdp-debugsource-0.9.10-3.19.1
    * xrdp-0.9.10-3.19.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-39917.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1227769

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250203/d261fcf8/attachment.htm>

From null at suse.de  Mon Feb  3 16:30:20 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 03 Feb 2025 16:30:20 -0000
Subject: SUSE-RU-2025:0334-1: important: Recommended update for azure-vm-utils
Message-ID: <173860022080.22572.7267541676256592178@smelt2.prg2.suse.org>



# Recommended update for azure-vm-utils

Announcement ID: SUSE-RU-2025:0334-1  
Release Date: 2025-02-03T14:17:13Z  
Rating: important  
References:

  * jsc#PED-11608

  
Affected Products:

  * openSUSE Leap 15.5
  * Public Cloud Module 15-SP5
  * Public Cloud Module 15-SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that contains one feature can now be installed.

## Description:

This update for azure-vm-utils includes the following fixes:

  * Include in SLE-15 and SLFO (jsc#PED-11608)

  * Add sed invocation to adjust path to bash interpretor on SLE-12

  * Initial packaging (0.4.0).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * Public Cloud Module 15-SP5  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2025-334=1

  * Public Cloud Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-334=1

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-334=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-334=1

## Package List:

  * Public Cloud Module 15-SP5 (aarch64 ppc64le s390x x86_64)
    * azure-vm-utils-0.4.0-150500.11.3.2
  * Public Cloud Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * azure-vm-utils-0.4.0-150500.11.3.2
  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
    * azure-vm-utils-debugsource-0.4.0-150500.11.3.2
    * azure-vm-utils-debuginfo-0.4.0-150500.11.3.2
    * azure-vm-utils-0.4.0-150500.11.3.2
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * azure-vm-utils-0.4.0-150500.11.3.2

## References:

  * https://jira.suse.com/browse/PED-11608

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250203/cab03b76/attachment.htm>

From null at suse.de  Mon Feb  3 16:30:22 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 03 Feb 2025 16:30:22 -0000
Subject: SUSE-RU-2025:0333-1: moderate: Recommended update for accountsservice
Message-ID: <173860022277.22572.4498184497989241510@smelt2.prg2.suse.org>



# Recommended update for accountsservice

Announcement ID: SUSE-RU-2025:0333-1  
Release Date: 2025-02-03T12:02:01Z  
Rating: moderate  
References:

  * bsc#1234249

  
Affected Products:

  * Desktop Applications Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that has one fix can now be installed.

## Description:

This update for accountsservice fixes the following issue:

  * Avoid the warning "assertion 'G_IS_DBUS_INTERFACE_SKELETON (interface_)'
    failed" (bsc#1234249).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-333=1 openSUSE-SLE-15.6-2025-333=1

  * Desktop Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-333=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * typelib-1_0-AccountsService-1_0-23.13.9-150600.3.3.2
    * libaccountsservice0-debuginfo-23.13.9-150600.3.3.2
    * accountsservice-devel-23.13.9-150600.3.3.2
    * accountsservice-vala-23.13.9-150600.3.3.2
    * accountsservice-debuginfo-23.13.9-150600.3.3.2
    * libaccountsservice0-23.13.9-150600.3.3.2
    * accountsservice-debugsource-23.13.9-150600.3.3.2
    * accountsservice-23.13.9-150600.3.3.2
  * openSUSE Leap 15.6 (noarch)
    * accountsservice-lang-23.13.9-150600.3.3.2
  * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * typelib-1_0-AccountsService-1_0-23.13.9-150600.3.3.2
    * libaccountsservice0-debuginfo-23.13.9-150600.3.3.2
    * accountsservice-devel-23.13.9-150600.3.3.2
    * accountsservice-debuginfo-23.13.9-150600.3.3.2
    * libaccountsservice0-23.13.9-150600.3.3.2
    * accountsservice-debugsource-23.13.9-150600.3.3.2
    * accountsservice-23.13.9-150600.3.3.2
  * Desktop Applications Module 15-SP6 (noarch)
    * accountsservice-lang-23.13.9-150600.3.3.2

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1234249

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250203/a48c04db/attachment.htm>

From null at suse.de  Mon Feb  3 16:30:25 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 03 Feb 2025 16:30:25 -0000
Subject: SUSE-RU-2025:0332-1: moderate: Recommended update for
 supportutils-plugin-ha-sap
Message-ID: <173860022549.22572.6923722694623029022@smelt2.prg2.suse.org>



# Recommended update for supportutils-plugin-ha-sap

Announcement ID: SUSE-RU-2025:0332-1  
Release Date: 2025-02-03T11:59:13Z  
Rating: moderate  
References:

  * bsc#1230319
  * bsc#1235145
  * jsc#PED-11747
  * jsc#PED-11748
  * jsc#PED-12000
  * jsc#PED-12001

  
Affected Products:

  * openSUSE Leap 15.6
  * SAP Applications Module 15-SP3
  * SAP Applications Module 15-SP4
  * SAP Applications Module 15-SP5
  * SAP Applications Module 15-SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that contains four features and has two fixes can now be installed.

## Description:

This update for supportutils-plugin-ha-sap fixes the following issues:

  * Version update 0.0.7+git.1737125956.a7079fc
  * saphana-check.sh script detection in different path (jsc#PED-11748,
    jsc#PED-11747).
    * /usr/lib/saphana-checks (SUSE package)
    * /opt/sap/saphana-checks (SAP package)
  * Collecting additional information to support trento checks (jsc#PED-12000,
    jsc#PED-12001).
  * collect Netweaver version, operation mode and various settings
  * change requirements to add 'Requires: supportutils' (bsc#1235145).
  * supportutils-plugin-ha-sap does not know about recent SAPHana-angi. This was
    partialy solved by last commit (bsc#1230319).
  * Switch from deprecated scplugin.rc to supportconfig.rc and adapt all
    function calls. Triggered by SLE16 package submission, because of missing
    package requirements.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SAP Applications Module 15-SP4  
    zypper in -t patch SUSE-SLE-Module-SAP-Applications-15-SP4-2025-332=1

  * SAP Applications Module 15-SP5  
    zypper in -t patch SUSE-SLE-Module-SAP-Applications-15-SP5-2025-332=1

  * SAP Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-SAP-Applications-15-SP6-2025-332=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-332=1

  * SAP Applications Module 15-SP3  
    zypper in -t patch SUSE-SLE-Module-SAP-Applications-15-SP3-2025-332=1

## Package List:

  * SAP Applications Module 15-SP4 (noarch)
    * supportutils-plugin-ha-sap-0.0.7+git.1737125956.a7079fc-150000.1.21.2
  * SAP Applications Module 15-SP5 (noarch)
    * supportutils-plugin-ha-sap-0.0.7+git.1737125956.a7079fc-150000.1.21.2
  * SAP Applications Module 15-SP6 (noarch)
    * supportutils-plugin-ha-sap-0.0.7+git.1737125956.a7079fc-150000.1.21.2
  * openSUSE Leap 15.6 (noarch)
    * supportutils-plugin-ha-sap-0.0.7+git.1737125956.a7079fc-150000.1.21.2
  * SAP Applications Module 15-SP3 (noarch)
    * supportutils-plugin-ha-sap-0.0.7+git.1737125956.a7079fc-150000.1.21.2

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1230319
  * https://bugzilla.suse.com/show_bug.cgi?id=1235145
  * https://jira.suse.com/browse/PED-11747
  * https://jira.suse.com/browse/PED-11748
  * https://jira.suse.com/browse/PED-12000
  * https://jira.suse.com/browse/PED-12001

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250203/f6f6bc00/attachment.htm>

From null at suse.de  Mon Feb  3 20:30:06 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 03 Feb 2025 20:30:06 -0000
Subject: SUSE-SU-2025:0344-1: important: Security update for orc
Message-ID: <173861460682.22227.17246063117923061524@smelt2.prg2.suse.org>



# Security update for orc

Announcement ID: SUSE-SU-2025:0344-1  
Release Date: 2025-02-03T17:06:05Z  
Rating: important  
References:

  * bsc#1228184

  
Cross-References:

  * CVE-2024-40897

  
CVSS scores:

  * CVE-2024-40897 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-40897 ( NVD ):  6.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Micro for Rancher 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3
  * SUSE Package Hub 15 15-SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for orc fixes the following issues:

  * CVE-2024-40897: Fixed stack-based buffer overflow in the Orc compiler when
    formatting error messages for certain input files (bsc#1228184)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-344=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-344=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-344=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-344=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-344=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-344=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-344=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-344=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-344=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-344=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-344=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-344=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-344=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-344=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-344=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-344=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-344=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-344=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-344=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-344=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-344=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-344=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-344=1

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-344=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-344=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * orc-doc-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
  * openSUSE Leap 15.6 (x86_64)
    * liborc-0_4-0-32bit-0.4.28-150000.3.9.1
    * liborc-0_4-0-32bit-debuginfo-0.4.28-150000.3.9.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
  * SUSE Package Hub 15 15-SP6 (x86_64)
    * liborc-0_4-0-32bit-0.4.28-150000.3.9.1
    * liborc-0_4-0-32bit-debuginfo-0.4.28-150000.3.9.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
  * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
    * liborc-0_4-0-debuginfo-0.4.28-150000.3.9.1
    * orc-debugsource-0.4.28-150000.3.9.1
    * orc-debuginfo-0.4.28-150000.3.9.1
    * liborc-0_4-0-0.4.28-150000.3.9.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-40897.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1228184

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250203/6b3be224/attachment.htm>

From null at suse.de  Mon Feb  3 20:30:10 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 03 Feb 2025 20:30:10 -0000
Subject: SUSE-SU-2025:0343-1: moderate: Security update for krb5
Message-ID: <173861461072.22227.5080982124219366879@smelt2.prg2.suse.org>



# Security update for krb5

Announcement ID: SUSE-SU-2025:0343-1  
Release Date: 2025-02-03T17:03:59Z  
Rating: moderate  
References:

  * bsc#1236619

  
Cross-References:

  * CVE-2025-24528

  
CVSS scores:

  * CVE-2025-24528 ( SUSE ):  6.0
    CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-24528 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for krb5 fixes the following issues:

  * CVE-2025-24528: Fixed out-of-bounds write caused by overflow when
    calculating ulog block size can lead to process crash (bsc#1236619).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-343=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-343=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-343=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-343=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-343=1

## Package List:

  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * krb5-client-1.19.2-150400.3.15.1
    * krb5-debugsource-1.19.2-150400.3.15.1
    * krb5-debuginfo-1.19.2-150400.3.15.1
    * krb5-server-debuginfo-1.19.2-150400.3.15.1
    * krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.15.1
    * krb5-1.19.2-150400.3.15.1
    * krb5-server-1.19.2-150400.3.15.1
    * krb5-mini-debugsource-1.19.2-150400.3.15.1
    * krb5-plugin-kdb-ldap-1.19.2-150400.3.15.1
    * krb5-plugin-preauth-pkinit-1.19.2-150400.3.15.1
    * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.15.1
    * krb5-plugin-preauth-otp-1.19.2-150400.3.15.1
    * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.15.1
    * krb5-plugin-preauth-spake-debuginfo-1.19.2-150400.3.15.1
    * krb5-mini-devel-1.19.2-150400.3.15.1
    * krb5-client-debuginfo-1.19.2-150400.3.15.1
    * krb5-mini-1.19.2-150400.3.15.1
    * krb5-mini-debuginfo-1.19.2-150400.3.15.1
    * krb5-devel-1.19.2-150400.3.15.1
    * krb5-plugin-preauth-spake-1.19.2-150400.3.15.1
  * openSUSE Leap 15.4 (x86_64)
    * krb5-32bit-1.19.2-150400.3.15.1
    * krb5-32bit-debuginfo-1.19.2-150400.3.15.1
    * krb5-devel-32bit-1.19.2-150400.3.15.1
  * openSUSE Leap 15.4 (aarch64_ilp32)
    * krb5-64bit-debuginfo-1.19.2-150400.3.15.1
    * krb5-devel-64bit-1.19.2-150400.3.15.1
    * krb5-64bit-1.19.2-150400.3.15.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * krb5-1.19.2-150400.3.15.1
    * krb5-debugsource-1.19.2-150400.3.15.1
    * krb5-debuginfo-1.19.2-150400.3.15.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * krb5-1.19.2-150400.3.15.1
    * krb5-debugsource-1.19.2-150400.3.15.1
    * krb5-debuginfo-1.19.2-150400.3.15.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * krb5-1.19.2-150400.3.15.1
    * krb5-debugsource-1.19.2-150400.3.15.1
    * krb5-debuginfo-1.19.2-150400.3.15.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * krb5-1.19.2-150400.3.15.1
    * krb5-debugsource-1.19.2-150400.3.15.1
    * krb5-debuginfo-1.19.2-150400.3.15.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-24528.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236619

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250203/ee34095f/attachment.htm>

From null at suse.de  Mon Feb  3 20:30:16 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 03 Feb 2025 20:30:16 -0000
Subject: SUSE-SU-2025:0342-1: moderate: Security update for ignition
Message-ID: <173861461610.22227.15132112073163812623@smelt2.prg2.suse.org>



# Security update for ignition

Announcement ID: SUSE-SU-2025:0342-1  
Release Date: 2025-02-03T17:03:44Z  
Rating: moderate  
References:

  * bsc#1236518

  
Cross-References:

  * CVE-2023-45288

  
CVSS scores:

  * CVE-2023-45288 ( SUSE ):  6.9
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2023-45288 ( SUSE ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

  
Affected Products:

  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for ignition fixes the following issues:

CVE-2023-45288: Fixed unclosed connections when receiving too many headers in
golang.org/x/net/http2 (bsc#1236518)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-342=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-342=1

## Package List:

  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * ignition-dracut-grub2-2.14.0-150400.4.3.1
    * ignition-2.14.0-150400.4.3.1
    * ignition-debuginfo-2.14.0-150400.4.3.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * ignition-dracut-grub2-2.14.0-150400.4.3.1
    * ignition-2.14.0-150400.4.3.1
    * ignition-debuginfo-2.14.0-150400.4.3.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-45288.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236518

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250203/00dc39ac/attachment.htm>

From null at suse.de  Mon Feb  3 20:30:20 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 03 Feb 2025 20:30:20 -0000
Subject: SUSE-SU-2025:0341-1: important: Security update for libxml2
Message-ID: <173861462004.22227.897816257396982106@smelt2.prg2.suse.org>



# Security update for libxml2

Announcement ID: SUSE-SU-2025:0341-1  
Release Date: 2025-02-03T16:33:21Z  
Rating: important  
References:

  * bsc#1236460

  
Cross-References:

  * CVE-2022-49043

  
CVSS scores:

  * CVE-2022-49043 ( SUSE ):  7.5
    CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2022-49043 ( SUSE ):  7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-49043 ( NVD ):  8.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for libxml2 fixes the following issues:

  * CVE-2022-49043: Fixed a use-after-free in xmlXIncludeAddNode. (bsc#1236460)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-341=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-341=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-341=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-341=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-341=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-341=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-341=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-341=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-341=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-341=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-341=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-341=1

## Package List:

  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * libxml2-debugsource-2.9.14-150400.5.35.1
    * libxml2-tools-2.9.14-150400.5.35.1
    * python311-libxml2-2.9.14-150400.5.35.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.35.1
    * libxml2-2-2.9.14-150400.5.35.1
    * libxml2-python-debugsource-2.9.14-150400.5.35.1
    * libxml2-2-debuginfo-2.9.14-150400.5.35.1
    * libxml2-devel-2.9.14-150400.5.35.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.35.1
    * python3-libxml2-2.9.14-150400.5.35.1
    * python311-libxml2-debuginfo-2.9.14-150400.5.35.1
  * openSUSE Leap 15.4 (x86_64)
    * libxml2-2-32bit-debuginfo-2.9.14-150400.5.35.1
    * libxml2-2-32bit-2.9.14-150400.5.35.1
    * libxml2-devel-32bit-2.9.14-150400.5.35.1
  * openSUSE Leap 15.4 (noarch)
    * libxml2-doc-2.9.14-150400.5.35.1
  * openSUSE Leap 15.4 (aarch64_ilp32)
    * libxml2-2-64bit-debuginfo-2.9.14-150400.5.35.1
    * libxml2-2-64bit-2.9.14-150400.5.35.1
    * libxml2-devel-64bit-2.9.14-150400.5.35.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * libxml2-debugsource-2.9.14-150400.5.35.1
    * libxml2-tools-2.9.14-150400.5.35.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.35.1
    * libxml2-2-2.9.14-150400.5.35.1
    * libxml2-python-debugsource-2.9.14-150400.5.35.1
    * libxml2-2-debuginfo-2.9.14-150400.5.35.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.35.1
    * python3-libxml2-2.9.14-150400.5.35.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * libxml2-debugsource-2.9.14-150400.5.35.1
    * libxml2-tools-2.9.14-150400.5.35.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.35.1
    * libxml2-2-2.9.14-150400.5.35.1
    * libxml2-python-debugsource-2.9.14-150400.5.35.1
    * libxml2-2-debuginfo-2.9.14-150400.5.35.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.35.1
    * python3-libxml2-2.9.14-150400.5.35.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * libxml2-debugsource-2.9.14-150400.5.35.1
    * libxml2-tools-2.9.14-150400.5.35.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.35.1
    * libxml2-2-2.9.14-150400.5.35.1
    * libxml2-python-debugsource-2.9.14-150400.5.35.1
    * libxml2-2-debuginfo-2.9.14-150400.5.35.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.35.1
    * python3-libxml2-2.9.14-150400.5.35.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * libxml2-debugsource-2.9.14-150400.5.35.1
    * libxml2-tools-2.9.14-150400.5.35.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.35.1
    * libxml2-2-2.9.14-150400.5.35.1
    * libxml2-python-debugsource-2.9.14-150400.5.35.1
    * libxml2-2-debuginfo-2.9.14-150400.5.35.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.35.1
    * python3-libxml2-2.9.14-150400.5.35.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * libxml2-debugsource-2.9.14-150400.5.35.1
    * libxml2-tools-2.9.14-150400.5.35.1
    * python311-libxml2-2.9.14-150400.5.35.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.35.1
    * libxml2-2-2.9.14-150400.5.35.1
    * libxml2-2-debuginfo-2.9.14-150400.5.35.1
    * libxml2-devel-2.9.14-150400.5.35.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.35.1
    * python3-libxml2-2.9.14-150400.5.35.1
    * python311-libxml2-debuginfo-2.9.14-150400.5.35.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
    * libxml2-2-32bit-debuginfo-2.9.14-150400.5.35.1
    * libxml2-2-32bit-2.9.14-150400.5.35.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * libxml2-debugsource-2.9.14-150400.5.35.1
    * libxml2-tools-2.9.14-150400.5.35.1
    * python311-libxml2-2.9.14-150400.5.35.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.35.1
    * libxml2-2-2.9.14-150400.5.35.1
    * libxml2-2-debuginfo-2.9.14-150400.5.35.1
    * libxml2-devel-2.9.14-150400.5.35.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.35.1
    * python3-libxml2-2.9.14-150400.5.35.1
    * python311-libxml2-debuginfo-2.9.14-150400.5.35.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
    * libxml2-2-32bit-debuginfo-2.9.14-150400.5.35.1
    * libxml2-2-32bit-2.9.14-150400.5.35.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * libxml2-debugsource-2.9.14-150400.5.35.1
    * libxml2-tools-2.9.14-150400.5.35.1
    * python311-libxml2-2.9.14-150400.5.35.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.35.1
    * libxml2-2-2.9.14-150400.5.35.1
    * libxml2-2-debuginfo-2.9.14-150400.5.35.1
    * libxml2-devel-2.9.14-150400.5.35.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.35.1
    * python3-libxml2-2.9.14-150400.5.35.1
    * python311-libxml2-debuginfo-2.9.14-150400.5.35.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64)
    * libxml2-2-32bit-debuginfo-2.9.14-150400.5.35.1
    * libxml2-2-32bit-2.9.14-150400.5.35.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * libxml2-debugsource-2.9.14-150400.5.35.1
    * libxml2-tools-2.9.14-150400.5.35.1
    * python311-libxml2-2.9.14-150400.5.35.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.35.1
    * libxml2-2-2.9.14-150400.5.35.1
    * libxml2-2-debuginfo-2.9.14-150400.5.35.1
    * libxml2-devel-2.9.14-150400.5.35.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.35.1
    * python3-libxml2-2.9.14-150400.5.35.1
    * python311-libxml2-debuginfo-2.9.14-150400.5.35.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
    * libxml2-2-32bit-debuginfo-2.9.14-150400.5.35.1
    * libxml2-2-32bit-2.9.14-150400.5.35.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * libxml2-2-32bit-debuginfo-2.9.14-150400.5.35.1
    * libxml2-debugsource-2.9.14-150400.5.35.1
    * libxml2-tools-2.9.14-150400.5.35.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.35.1
    * libxml2-2-32bit-2.9.14-150400.5.35.1
    * libxml2-2-2.9.14-150400.5.35.1
    * libxml2-2-debuginfo-2.9.14-150400.5.35.1
    * libxml2-devel-2.9.14-150400.5.35.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.35.1
    * python3-libxml2-2.9.14-150400.5.35.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * libxml2-2-32bit-debuginfo-2.9.14-150400.5.35.1
    * libxml2-debugsource-2.9.14-150400.5.35.1
    * libxml2-tools-2.9.14-150400.5.35.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.35.1
    * libxml2-2-32bit-2.9.14-150400.5.35.1
    * libxml2-2-2.9.14-150400.5.35.1
    * libxml2-2-debuginfo-2.9.14-150400.5.35.1
    * libxml2-devel-2.9.14-150400.5.35.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.35.1
    * python3-libxml2-2.9.14-150400.5.35.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * libxml2-debugsource-2.9.14-150400.5.35.1
    * libxml2-tools-2.9.14-150400.5.35.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.35.1
    * libxml2-2-2.9.14-150400.5.35.1
    * libxml2-2-debuginfo-2.9.14-150400.5.35.1
    * libxml2-devel-2.9.14-150400.5.35.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.35.1
    * python3-libxml2-2.9.14-150400.5.35.1
  * SUSE Manager Server 4.3 (x86_64)
    * libxml2-2-32bit-debuginfo-2.9.14-150400.5.35.1
    * libxml2-2-32bit-2.9.14-150400.5.35.1

## References:

  * https://www.suse.com/security/cve/CVE-2022-49043.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236460

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250203/406ec299/attachment.htm>

From null at suse.de  Mon Feb  3 20:30:23 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 03 Feb 2025 20:30:23 -0000
Subject: SUSE-SU-2025:0340-1: moderate: Security update for rsync
Message-ID: <173861462391.22227.17806363103258151226@smelt2.prg2.suse.org>



# Security update for rsync

Announcement ID: SUSE-SU-2025:0340-1  
Release Date: 2025-02-03T16:32:43Z  
Rating: moderate  
References:

  * bsc#1233760

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that has one security fix can now be installed.

## Description:

This update for rsync fixes the following issues:

  * Bump rsync protocol version to 32 to show server is patched against recent
    vulnerabilities.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-340=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-340=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-340=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-340=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-340=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-340=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-340=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-340=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-340=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-340=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-340=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-340=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-340=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-340=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-340=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-340=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-340=1

## Package List:

  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * rsync-debuginfo-3.2.3-150400.3.20.1
    * rsync-debugsource-3.2.3-150400.3.20.1
    * rsync-3.2.3-150400.3.20.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * rsync-debuginfo-3.2.3-150400.3.20.1
    * rsync-debugsource-3.2.3-150400.3.20.1
    * rsync-3.2.3-150400.3.20.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * rsync-debuginfo-3.2.3-150400.3.20.1
    * rsync-debugsource-3.2.3-150400.3.20.1
    * rsync-3.2.3-150400.3.20.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * rsync-debuginfo-3.2.3-150400.3.20.1
    * rsync-debugsource-3.2.3-150400.3.20.1
    * rsync-3.2.3-150400.3.20.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * rsync-debuginfo-3.2.3-150400.3.20.1
    * rsync-debugsource-3.2.3-150400.3.20.1
    * rsync-3.2.3-150400.3.20.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * rsync-debuginfo-3.2.3-150400.3.20.1
    * rsync-debugsource-3.2.3-150400.3.20.1
    * rsync-3.2.3-150400.3.20.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * rsync-debuginfo-3.2.3-150400.3.20.1
    * rsync-debugsource-3.2.3-150400.3.20.1
    * rsync-3.2.3-150400.3.20.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * rsync-debuginfo-3.2.3-150400.3.20.1
    * rsync-debugsource-3.2.3-150400.3.20.1
    * rsync-3.2.3-150400.3.20.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * rsync-debuginfo-3.2.3-150400.3.20.1
    * rsync-debugsource-3.2.3-150400.3.20.1
    * rsync-3.2.3-150400.3.20.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * rsync-debuginfo-3.2.3-150400.3.20.1
    * rsync-debugsource-3.2.3-150400.3.20.1
    * rsync-3.2.3-150400.3.20.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * rsync-debuginfo-3.2.3-150400.3.20.1
    * rsync-debugsource-3.2.3-150400.3.20.1
    * rsync-3.2.3-150400.3.20.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * rsync-debuginfo-3.2.3-150400.3.20.1
    * rsync-debugsource-3.2.3-150400.3.20.1
    * rsync-3.2.3-150400.3.20.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * rsync-debuginfo-3.2.3-150400.3.20.1
    * rsync-debugsource-3.2.3-150400.3.20.1
    * rsync-3.2.3-150400.3.20.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * rsync-debuginfo-3.2.3-150400.3.20.1
    * rsync-debugsource-3.2.3-150400.3.20.1
    * rsync-3.2.3-150400.3.20.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * rsync-debuginfo-3.2.3-150400.3.20.1
    * rsync-debugsource-3.2.3-150400.3.20.1
    * rsync-3.2.3-150400.3.20.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * rsync-debuginfo-3.2.3-150400.3.20.1
    * rsync-debugsource-3.2.3-150400.3.20.1
    * rsync-3.2.3-150400.3.20.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * rsync-debuginfo-3.2.3-150400.3.20.1
    * rsync-debugsource-3.2.3-150400.3.20.1
    * rsync-3.2.3-150400.3.20.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1233760

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250203/0cd932af/attachment.htm>

From null at suse.de  Tue Feb  4 08:30:04 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 04 Feb 2025 08:30:04 -0000
Subject: SUSE-SU-2025:0348-1: important: Security update for libxml2
Message-ID: <173865780486.22227.16453023297717781828@smelt2.prg2.suse.org>



# Security update for libxml2

Announcement ID: SUSE-SU-2025:0348-1  
Release Date: 2025-02-04T07:10:50Z  
Rating: important  
References:

  * bsc#1236460

  
Cross-References:

  * CVE-2022-49043

  
CVSS scores:

  * CVE-2022-49043 ( SUSE ):  7.5
    CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2022-49043 ( SUSE ):  7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-49043 ( NVD ):  8.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.5
  * openSUSE Leap 15.6
  * Python 3 Module 15-SP6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for libxml2 fixes the following issues:

  * CVE-2022-49043: Fixed a use-after-free in xmlXIncludeAddNode. (bsc#1236460)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-348=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-348=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-348=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-348=1

  * Python 3 Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2025-348=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-348=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-348=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-348=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-348=1

## Package List:

  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
    * libxml2-devel-2.10.3-150500.5.20.1
    * libxml2-tools-2.10.3-150500.5.20.1
    * python3-libxml2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-tools-debuginfo-2.10.3-150500.5.20.1
    * python311-libxml2-2.10.3-150500.5.20.1
    * libxml2-2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-debugsource-2.10.3-150500.5.20.1
    * python3-libxml2-2.10.3-150500.5.20.1
    * libxml2-2-2.10.3-150500.5.20.1
    * python311-libxml2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-python-debugsource-2.10.3-150500.5.20.1
  * openSUSE Leap 15.5 (x86_64)
    * libxml2-devel-32bit-2.10.3-150500.5.20.1
    * libxml2-2-32bit-debuginfo-2.10.3-150500.5.20.1
    * libxml2-2-32bit-2.10.3-150500.5.20.1
  * openSUSE Leap 15.5 (noarch)
    * libxml2-doc-2.10.3-150500.5.20.1
  * openSUSE Leap 15.5 (aarch64_ilp32)
    * libxml2-2-64bit-2.10.3-150500.5.20.1
    * libxml2-devel-64bit-2.10.3-150500.5.20.1
    * libxml2-2-64bit-debuginfo-2.10.3-150500.5.20.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * libxml2-devel-2.10.3-150500.5.20.1
    * libxml2-tools-2.10.3-150500.5.20.1
    * python3-libxml2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-tools-debuginfo-2.10.3-150500.5.20.1
    * python311-libxml2-2.10.3-150500.5.20.1
    * libxml2-2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-debugsource-2.10.3-150500.5.20.1
    * python3-libxml2-2.10.3-150500.5.20.1
    * libxml2-2-2.10.3-150500.5.20.1
    * python311-libxml2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-python-debugsource-2.10.3-150500.5.20.1
  * openSUSE Leap 15.6 (x86_64)
    * libxml2-devel-32bit-2.10.3-150500.5.20.1
    * libxml2-2-32bit-debuginfo-2.10.3-150500.5.20.1
    * libxml2-2-32bit-2.10.3-150500.5.20.1
  * openSUSE Leap 15.6 (noarch)
    * libxml2-doc-2.10.3-150500.5.20.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * libxml2-tools-2.10.3-150500.5.20.1
    * python3-libxml2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-tools-debuginfo-2.10.3-150500.5.20.1
    * libxml2-2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-debugsource-2.10.3-150500.5.20.1
    * python3-libxml2-2.10.3-150500.5.20.1
    * libxml2-2-2.10.3-150500.5.20.1
    * libxml2-python-debugsource-2.10.3-150500.5.20.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * libxml2-devel-2.10.3-150500.5.20.1
    * libxml2-tools-2.10.3-150500.5.20.1
    * python3-libxml2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-tools-debuginfo-2.10.3-150500.5.20.1
    * libxml2-2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-debugsource-2.10.3-150500.5.20.1
    * python3-libxml2-2.10.3-150500.5.20.1
    * libxml2-2-2.10.3-150500.5.20.1
    * libxml2-python-debugsource-2.10.3-150500.5.20.1
  * Basesystem Module 15-SP6 (x86_64)
    * libxml2-2-32bit-debuginfo-2.10.3-150500.5.20.1
    * libxml2-2-32bit-2.10.3-150500.5.20.1
  * Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * python311-libxml2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-python-debugsource-2.10.3-150500.5.20.1
    * python311-libxml2-2.10.3-150500.5.20.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * libxml2-devel-2.10.3-150500.5.20.1
    * libxml2-tools-2.10.3-150500.5.20.1
    * python3-libxml2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-tools-debuginfo-2.10.3-150500.5.20.1
    * python311-libxml2-2.10.3-150500.5.20.1
    * libxml2-2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-debugsource-2.10.3-150500.5.20.1
    * python3-libxml2-2.10.3-150500.5.20.1
    * libxml2-2-2.10.3-150500.5.20.1
    * python311-libxml2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-python-debugsource-2.10.3-150500.5.20.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64)
    * libxml2-2-32bit-debuginfo-2.10.3-150500.5.20.1
    * libxml2-2-32bit-2.10.3-150500.5.20.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * libxml2-devel-2.10.3-150500.5.20.1
    * libxml2-tools-2.10.3-150500.5.20.1
    * python3-libxml2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-tools-debuginfo-2.10.3-150500.5.20.1
    * python311-libxml2-2.10.3-150500.5.20.1
    * libxml2-2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-debugsource-2.10.3-150500.5.20.1
    * python3-libxml2-2.10.3-150500.5.20.1
    * libxml2-2-2.10.3-150500.5.20.1
    * python311-libxml2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-python-debugsource-2.10.3-150500.5.20.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64)
    * libxml2-2-32bit-debuginfo-2.10.3-150500.5.20.1
    * libxml2-2-32bit-2.10.3-150500.5.20.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * libxml2-devel-2.10.3-150500.5.20.1
    * libxml2-tools-2.10.3-150500.5.20.1
    * python3-libxml2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-tools-debuginfo-2.10.3-150500.5.20.1
    * python311-libxml2-2.10.3-150500.5.20.1
    * libxml2-2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-debugsource-2.10.3-150500.5.20.1
    * python3-libxml2-2.10.3-150500.5.20.1
    * libxml2-2-2.10.3-150500.5.20.1
    * python311-libxml2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-python-debugsource-2.10.3-150500.5.20.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64)
    * libxml2-2-32bit-debuginfo-2.10.3-150500.5.20.1
    * libxml2-2-32bit-2.10.3-150500.5.20.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * libxml2-devel-2.10.3-150500.5.20.1
    * libxml2-tools-2.10.3-150500.5.20.1
    * python3-libxml2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-tools-debuginfo-2.10.3-150500.5.20.1
    * python311-libxml2-2.10.3-150500.5.20.1
    * libxml2-2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-debugsource-2.10.3-150500.5.20.1
    * python3-libxml2-2.10.3-150500.5.20.1
    * libxml2-2-2.10.3-150500.5.20.1
    * python311-libxml2-debuginfo-2.10.3-150500.5.20.1
    * libxml2-python-debugsource-2.10.3-150500.5.20.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64)
    * libxml2-2-32bit-debuginfo-2.10.3-150500.5.20.1
    * libxml2-2-32bit-2.10.3-150500.5.20.1

## References:

  * https://www.suse.com/security/cve/CVE-2022-49043.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236460

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250204/7b13dac0/attachment.htm>

From null at suse.de  Tue Feb  4 08:30:07 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 04 Feb 2025 08:30:07 -0000
Subject: SUSE-RU-2025:0347-1: moderate: Recommended update for libreoffice
Message-ID: <173865780700.22227.13102871402279137171@smelt2.prg2.suse.org>



# Recommended update for libreoffice

Announcement ID: SUSE-RU-2025:0347-1  
Release Date: 2025-02-04T06:48:03Z  
Rating: moderate  
References:

  * jsc#PED-10362

  
Affected Products:

  * openSUSE Leap 15.5
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Linux Enterprise Workstation Extension 15 SP6
  * SUSE Package Hub 15 15-SP6

  
  
An update that contains one feature can now be installed.

## Description:

This update for libreoffice fixes the following issues:

Libreoffice was updated from version 24.8.1.2 to 24.8.4.2 (jsc#PED-10362):

  * Highlighted changes and bugs fixed:

  * Performance and Stability: Addressing crashes related to various actions
    like editing tables of contents, copying text, working with images, using
    specific keyboard shortcuts, and opening certain file types. Performance
    improvements target slow UI refresh rates and long save times for particular
    spreadsheets. Data race conditions and other concurrency issues are also
    tackled.

  * File Format Compatibility: Focus on improving interoperability with
    Microsoft Office formats (DOCX, XLSX, PPTX), including fixes for issues with
    formatting, equations, images, and round-tripping. Issues with other formats
    like ODG, RTF, and SVG are also addressed, along with improved handling of
    Zip64 files and files created by third-party libraries.
  * User Interface and Functionality: Refinements to features like
    spellchecking, scrolling, text handling, hyperlinks, keyboard navigation,
    and the handling of fields and forms. Improvements to the user interface
    include addressing issues with the sidebar, dialog boxes, and theming,
    particularly for dark mode and high-resolution displays. Accessibility
    enhancements for assistive technologies like Orca are also included.
  * Localization and Internationalization: Updates to locale data, improved
    handling of specific language characters (e.g., Tibetan, Chinese), and fixes
    for localized UI elements.
  * Scripting and Macros: Addressing crashes and functional problems

  * Detailed Release Notes:

  * Version 24.8.4 final:
    https://wiki.documentfoundation.org/Releases/24.8.4/RC2
    https://wiki.documentfoundation.org/Releases/24.8.4/RC1
  * Version 24.8.3 final:
    https://wiki.documentfoundation.org/Releases/24.8.3/RC1
    https://wiki.documentfoundation.org/Releases/24.8.3/RC2
  * Version 24.8.2 final:
    https://wiki.documentfoundation.org/Releases/24.8.2/RC1

  * Updated bundled dependencies:

  * curl version update from 8.9.1 to 8.11.1

  * gpgme version update from 1.23.2 to 1.24.0
  * libgpg-error version update from 1.50 to 1.51
  * tiff version update from 4.6.0 to 4.7.0

  * Other changes:

  * Disabled system abseil-cpp.

  * Disabled LTO on PPC/PPC64

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-347=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-347=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-347=1

  * SUSE Linux Enterprise Workstation Extension 15 SP6  
    zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2025-347=1

## Package List:

  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
    * libreoffice-impress-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-math-24.8.4.2-150500.20.15.1
    * libreofficekit-devel-24.8.4.2-150500.20.15.1
    * libreoffice-sdk-24.8.4.2-150500.20.15.1
    * libreoffice-base-drivers-postgresql-24.8.4.2-150500.20.15.1
    * libreoffice-sdk-doc-24.8.4.2-150500.20.15.1
    * libreoffice-gtk3-24.8.4.2-150500.20.15.1
    * libreoffice-pyuno-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-writer-24.8.4.2-150500.20.15.1
    * libreoffice-sdk-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-writer-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-calc-24.8.4.2-150500.20.15.1
    * libreoffice-base-drivers-postgresql-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-qt5-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-mailmerge-24.8.4.2-150500.20.15.1
    * libreoffice-gnome-24.8.4.2-150500.20.15.1
    * libreoffice-qt5-24.8.4.2-150500.20.15.1
    * libreoffice-base-drivers-firebird-24.8.4.2-150500.20.15.1
    * libreoffice-base-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-writer-extensions-24.8.4.2-150500.20.15.1
    * libreofficekit-24.8.4.2-150500.20.15.1
    * libreoffice-pyuno-24.8.4.2-150500.20.15.1
    * libreoffice-draw-24.8.4.2-150500.20.15.1
    * libreoffice-gnome-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-officebean-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-base-24.8.4.2-150500.20.15.1
    * libreoffice-filters-optional-24.8.4.2-150500.20.15.1
    * libreoffice-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-librelogo-24.8.4.2-150500.20.15.1
    * libreoffice-base-drivers-firebird-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-debugsource-24.8.4.2-150500.20.15.1
    * libreoffice-calc-extensions-24.8.4.2-150500.20.15.1
    * libreoffice-math-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-officebean-24.8.4.2-150500.20.15.1
    * libreoffice-calc-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-impress-24.8.4.2-150500.20.15.1
    * libreoffice-draw-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-gtk3-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-24.8.4.2-150500.20.15.1
  * openSUSE Leap 15.5 (noarch)
    * libreoffice-l10n-pa-24.8.4.2-150500.20.15.1
    * libreoffice-kdeintegration-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-kab-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-gu-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-nso-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ca_valencia-24.8.4.2-150500.20.15.1
    * libreoffice-branding-upstream-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-sw_TZ-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-cy-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-tl-24.8.4.2-150500.20.15.1
    * libreoffice-glade-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-mk-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ss-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-lb-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-uk-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-dgo-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-eo-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-mai-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-sd-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-kmr_Latn-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ml-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-af-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-or-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ga-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-hy-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-si-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-vi-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-da-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ts-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-lo-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-pt_BR-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-km-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ckb-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ar-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-st-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-oc-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-be-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-zh_CN-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-om-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-br-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ja-24.8.4.2-150500.20.15.1
    * libreoffice-gdb-pretty-printers-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-nn-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-tr-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-sv-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-mn-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-zu-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-bs-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-en-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-bn-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-id-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-es-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-sat-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ko-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-gl-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-sa_IN-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-my-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ka-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-nr-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-as-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-pl-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-fi-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-brx-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ne-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-lt-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-szl-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-tg-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-tt-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-th-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-xh-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-am-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-de-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-sl-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-fr-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-bn_IN-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ks-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ve-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-pt_PT-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-hr-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-he-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-dsb-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-sk-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-hi-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-cs-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-is-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-zh_TW-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-el-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-rw-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-lv-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-kok-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ca-24.8.4.2-150500.20.15.1
    * libreoffice-icon-themes-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ru-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-hu-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-mr-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ro-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-it-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-eu-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-en_GB-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-sid-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-fy-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-en_ZA-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ast-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-gd-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-et-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-fa-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-kk-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ta-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-bg-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-dz-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-te-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-vec-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-kn-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-nb-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-sr-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-mni-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-hsb-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-gug-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-fur-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-sq-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-tn-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-uz-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-nl-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-bo-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ug-24.8.4.2-150500.20.15.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * libreoffice-impress-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-math-24.8.4.2-150500.20.15.1
    * libreofficekit-devel-24.8.4.2-150500.20.15.1
    * libreoffice-sdk-24.8.4.2-150500.20.15.1
    * libreoffice-base-drivers-postgresql-24.8.4.2-150500.20.15.1
    * libreoffice-sdk-doc-24.8.4.2-150500.20.15.1
    * libreoffice-gtk3-24.8.4.2-150500.20.15.1
    * libreoffice-pyuno-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-writer-24.8.4.2-150500.20.15.1
    * libreoffice-sdk-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-writer-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-calc-24.8.4.2-150500.20.15.1
    * libreoffice-base-drivers-postgresql-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-qt5-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-mailmerge-24.8.4.2-150500.20.15.1
    * libreoffice-gnome-24.8.4.2-150500.20.15.1
    * libreoffice-qt5-24.8.4.2-150500.20.15.1
    * libreoffice-base-drivers-firebird-24.8.4.2-150500.20.15.1
    * libreoffice-base-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-writer-extensions-24.8.4.2-150500.20.15.1
    * libreofficekit-24.8.4.2-150500.20.15.1
    * libreoffice-pyuno-24.8.4.2-150500.20.15.1
    * libreoffice-draw-24.8.4.2-150500.20.15.1
    * libreoffice-gnome-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-officebean-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-base-24.8.4.2-150500.20.15.1
    * libreoffice-filters-optional-24.8.4.2-150500.20.15.1
    * libreoffice-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-librelogo-24.8.4.2-150500.20.15.1
    * libreoffice-base-drivers-firebird-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-debugsource-24.8.4.2-150500.20.15.1
    * libreoffice-calc-extensions-24.8.4.2-150500.20.15.1
    * libreoffice-math-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-officebean-24.8.4.2-150500.20.15.1
    * libreoffice-calc-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-impress-24.8.4.2-150500.20.15.1
    * libreoffice-draw-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-gtk3-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-24.8.4.2-150500.20.15.1
  * openSUSE Leap 15.6 (noarch)
    * libreoffice-l10n-pa-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-kab-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-gu-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-nso-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ca_valencia-24.8.4.2-150500.20.15.1
    * libreoffice-branding-upstream-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-sw_TZ-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-cy-24.8.4.2-150500.20.15.1
    * libreoffice-glade-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-mk-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ss-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-lb-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-uk-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-dgo-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-eo-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-mai-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-sd-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-kmr_Latn-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ml-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-af-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-or-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ga-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-hy-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-si-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-vi-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-da-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ts-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-lo-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-pt_BR-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-km-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ckb-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ar-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-st-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-oc-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-be-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-zh_CN-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-om-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-br-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ja-24.8.4.2-150500.20.15.1
    * libreoffice-gdb-pretty-printers-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-nn-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-tr-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-sv-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-mn-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-zu-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-bs-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-en-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-bn-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-id-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-es-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-sat-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ko-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-gl-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-sa_IN-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-my-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ka-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-nr-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-as-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-pl-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-fi-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-brx-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ne-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-lt-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-szl-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-tg-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-tt-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-th-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-xh-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-am-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-de-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-sl-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-fr-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-bn_IN-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ks-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ve-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-pt_PT-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-hr-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-he-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-dsb-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-sk-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-hi-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-cs-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-is-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-zh_TW-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-el-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-rw-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-lv-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-kok-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ca-24.8.4.2-150500.20.15.1
    * libreoffice-icon-themes-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ru-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-hu-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-mr-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ro-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-it-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-eu-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-en_GB-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-sid-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-fy-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-en_ZA-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ast-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-gd-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-et-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-fa-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-kk-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ta-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-bg-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-dz-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-te-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-vec-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-kn-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-nb-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-sr-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-mni-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-hsb-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-gug-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-fur-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-sq-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-tn-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-uz-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-nl-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-bo-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ug-24.8.4.2-150500.20.15.1
  * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le)
    * libreoffice-impress-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-math-24.8.4.2-150500.20.15.1
    * libreofficekit-devel-24.8.4.2-150500.20.15.1
    * libreoffice-sdk-24.8.4.2-150500.20.15.1
    * libreoffice-base-drivers-postgresql-24.8.4.2-150500.20.15.1
    * libreoffice-sdk-doc-24.8.4.2-150500.20.15.1
    * libreoffice-gtk3-24.8.4.2-150500.20.15.1
    * libreoffice-pyuno-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-writer-24.8.4.2-150500.20.15.1
    * libreoffice-sdk-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-writer-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-calc-24.8.4.2-150500.20.15.1
    * libreoffice-base-drivers-postgresql-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-qt5-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-mailmerge-24.8.4.2-150500.20.15.1
    * libreoffice-gnome-24.8.4.2-150500.20.15.1
    * libreoffice-qt5-24.8.4.2-150500.20.15.1
    * libreoffice-base-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-writer-extensions-24.8.4.2-150500.20.15.1
    * libreofficekit-24.8.4.2-150500.20.15.1
    * libreoffice-pyuno-24.8.4.2-150500.20.15.1
    * libreoffice-draw-24.8.4.2-150500.20.15.1
    * libreoffice-gnome-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-officebean-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-base-24.8.4.2-150500.20.15.1
    * libreoffice-filters-optional-24.8.4.2-150500.20.15.1
    * libreoffice-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-librelogo-24.8.4.2-150500.20.15.1
    * libreoffice-debugsource-24.8.4.2-150500.20.15.1
    * libreoffice-calc-extensions-24.8.4.2-150500.20.15.1
    * libreoffice-math-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-officebean-24.8.4.2-150500.20.15.1
    * libreoffice-calc-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-impress-24.8.4.2-150500.20.15.1
    * libreoffice-draw-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-gtk3-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-24.8.4.2-150500.20.15.1
  * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le x86_64)
    * libreoffice-base-drivers-firebird-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-base-drivers-firebird-24.8.4.2-150500.20.15.1
  * SUSE Package Hub 15 15-SP6 (noarch)
    * libreoffice-l10n-pa-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-kab-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-gu-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-nso-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ca_valencia-24.8.4.2-150500.20.15.1
    * libreoffice-branding-upstream-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-sw_TZ-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-cy-24.8.4.2-150500.20.15.1
    * libreoffice-glade-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-mk-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ss-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-lb-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-uk-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-dgo-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-eo-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-mai-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-sd-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-kmr_Latn-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ml-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-af-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-or-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ga-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-si-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-vi-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-da-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ts-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-lo-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-pt_BR-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-km-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ckb-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ar-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-st-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-oc-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-be-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-zh_CN-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-om-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-br-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ja-24.8.4.2-150500.20.15.1
    * libreoffice-gdb-pretty-printers-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-nn-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-tr-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-sv-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-mn-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-zu-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-bs-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-en-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-bn-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-id-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-es-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-sat-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ko-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-gl-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-sa_IN-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-my-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ka-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-nr-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-pl-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-as-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-fi-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-brx-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ne-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-lt-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-szl-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-tg-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-tt-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-th-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-xh-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-am-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-de-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-sl-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-fr-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-bn_IN-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ks-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ve-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-pt_PT-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-hr-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-he-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-dsb-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-sk-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-hi-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-cs-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-is-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-zh_TW-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-el-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-rw-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-lv-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-kok-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ca-24.8.4.2-150500.20.15.1
    * libreoffice-icon-themes-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ru-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-hu-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-mr-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ro-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-it-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-eu-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-en_GB-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-sid-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-fy-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-en_ZA-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ast-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-gd-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-et-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-fa-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-kk-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ta-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-bg-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-dz-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-te-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-vec-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-kn-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-nb-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-sr-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-mni-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-hsb-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-gug-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-fur-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-sq-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-tn-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-uz-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-nl-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-bo-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ug-24.8.4.2-150500.20.15.1
  * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64)
    * libreoffice-impress-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-math-24.8.4.2-150500.20.15.1
    * libreoffice-base-drivers-postgresql-24.8.4.2-150500.20.15.1
    * libreoffice-gtk3-24.8.4.2-150500.20.15.1
    * libreoffice-pyuno-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-writer-24.8.4.2-150500.20.15.1
    * libreoffice-writer-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-calc-24.8.4.2-150500.20.15.1
    * libreoffice-base-drivers-postgresql-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-mailmerge-24.8.4.2-150500.20.15.1
    * libreoffice-gnome-24.8.4.2-150500.20.15.1
    * libreoffice-base-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-writer-extensions-24.8.4.2-150500.20.15.1
    * libreofficekit-24.8.4.2-150500.20.15.1
    * libreoffice-pyuno-24.8.4.2-150500.20.15.1
    * libreoffice-draw-24.8.4.2-150500.20.15.1
    * libreoffice-gnome-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-officebean-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-base-24.8.4.2-150500.20.15.1
    * libreoffice-filters-optional-24.8.4.2-150500.20.15.1
    * libreoffice-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-debugsource-24.8.4.2-150500.20.15.1
    * libreoffice-calc-extensions-24.8.4.2-150500.20.15.1
    * libreoffice-math-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-officebean-24.8.4.2-150500.20.15.1
    * libreoffice-calc-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-impress-24.8.4.2-150500.20.15.1
    * libreoffice-draw-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-gtk3-debuginfo-24.8.4.2-150500.20.15.1
    * libreoffice-24.8.4.2-150500.20.15.1
  * SUSE Linux Enterprise Workstation Extension 15 SP6 (noarch)
    * libreoffice-icon-themes-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ru-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-hu-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-pa-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-fi-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-pt_BR-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-mr-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ro-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-gu-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-nso-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ckb-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-lt-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-it-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ar-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-st-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-eu-24.8.4.2-150500.20.15.1
    * libreoffice-branding-upstream-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-th-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ve-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-xh-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-zh_CN-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-br-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-cy-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-de-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ss-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-et-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-fa-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ja-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-nn-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-tr-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-sv-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-uk-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-kk-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-lv-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-dz-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-bg-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ta-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-te-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-kn-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-eo-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-mai-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-sl-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-fr-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-zu-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ml-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-af-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-en-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-nb-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-or-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-pt_PT-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-hr-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-bn-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-sr-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-es-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-he-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ga-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-sk-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-hi-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-nr-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-cs-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ko-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-hy-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-gl-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-fur-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-si-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-zh_TW-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-tn-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-el-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-pl-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-da-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-nl-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-as-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ca-24.8.4.2-150500.20.15.1
    * libreoffice-l10n-ts-24.8.4.2-150500.20.15.1

## References:

  * https://jira.suse.com/browse/PED-10362

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250204/ee710ed6/attachment.htm>

From null at suse.de  Tue Feb  4 08:30:10 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 04 Feb 2025 08:30:10 -0000
Subject: SUSE-SU-2025:0346-1: moderate: Security update for ignition
Message-ID: <173865781056.22227.14798240497600117838@smelt2.prg2.suse.org>



# Security update for ignition

Announcement ID: SUSE-SU-2025:0346-1  
Release Date: 2025-02-03T20:54:57Z  
Rating: moderate  
References:

  * bsc#1236518

  
Cross-References:

  * CVE-2023-45288

  
CVSS scores:

  * CVE-2023-45288 ( SUSE ):  6.9
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2023-45288 ( SUSE ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

  
Affected Products:

  * SUSE Linux Enterprise Micro 5.1

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for ignition fixes the following issues:

CVE-2023-45288: Fixed unclosed connections when receiving too many headers in
golang.org/x/net/http2 (bsc#1236518)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro 5.1  
    zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-346=1

## Package List:

  * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
    * ignition-debuginfo-2.14.0-150300.4.10.1
    * ignition-2.14.0-150300.4.10.1
    * ignition-dracut-grub2-2.14.0-150300.4.10.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-45288.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236518

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250204/4f7bdb46/attachment.htm>

From null at suse.de  Tue Feb  4 08:30:12 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 04 Feb 2025 08:30:12 -0000
Subject: SUSE-SU-2025:0345-1: moderate: Security update for openssl-1_1
Message-ID: <173865781278.22227.6457731313849025100@smelt2.prg2.suse.org>



# Security update for openssl-1_1

Announcement ID: SUSE-SU-2025:0345-1  
Release Date: 2025-02-03T20:04:08Z  
Rating: moderate  
References:

  * bsc#1236136

  
Cross-References:

  * CVE-2024-13176

  
CVSS scores:

  * CVE-2024-13176 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-13176 ( SUSE ):  5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-13176 ( NVD ):  4.1 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

  
Affected Products:

  * openSUSE Leap 15.5
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for openssl-1_1 fixes the following issues:

  * CVE-2024-13176: Fixed timing side-channel in the ECDSA signature computation
    (bsc#1236136)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-345=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-345=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-345=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-345=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-345=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-345=1

## Package List:

  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
    * libopenssl1_1-1.1.1l-150500.17.40.1
    * libopenssl1_1-hmac-1.1.1l-150500.17.40.1
    * openssl-1_1-debuginfo-1.1.1l-150500.17.40.1
    * openssl-1_1-debugsource-1.1.1l-150500.17.40.1
    * libopenssl-1_1-devel-1.1.1l-150500.17.40.1
    * libopenssl1_1-debuginfo-1.1.1l-150500.17.40.1
    * openssl-1_1-1.1.1l-150500.17.40.1
  * openSUSE Leap 15.5 (x86_64)
    * libopenssl1_1-32bit-1.1.1l-150500.17.40.1
    * libopenssl1_1-hmac-32bit-1.1.1l-150500.17.40.1
    * libopenssl1_1-32bit-debuginfo-1.1.1l-150500.17.40.1
    * libopenssl-1_1-devel-32bit-1.1.1l-150500.17.40.1
  * openSUSE Leap 15.5 (noarch)
    * openssl-1_1-doc-1.1.1l-150500.17.40.1
  * openSUSE Leap 15.5 (aarch64_ilp32)
    * libopenssl1_1-hmac-64bit-1.1.1l-150500.17.40.1
    * libopenssl1_1-64bit-1.1.1l-150500.17.40.1
    * libopenssl-1_1-devel-64bit-1.1.1l-150500.17.40.1
    * libopenssl1_1-64bit-debuginfo-1.1.1l-150500.17.40.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * libopenssl1_1-1.1.1l-150500.17.40.1
    * libopenssl1_1-hmac-1.1.1l-150500.17.40.1
    * openssl-1_1-debuginfo-1.1.1l-150500.17.40.1
    * openssl-1_1-debugsource-1.1.1l-150500.17.40.1
    * libopenssl-1_1-devel-1.1.1l-150500.17.40.1
    * libopenssl1_1-debuginfo-1.1.1l-150500.17.40.1
    * openssl-1_1-1.1.1l-150500.17.40.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * libopenssl1_1-1.1.1l-150500.17.40.1
    * libopenssl1_1-hmac-1.1.1l-150500.17.40.1
    * openssl-1_1-debuginfo-1.1.1l-150500.17.40.1
    * openssl-1_1-debugsource-1.1.1l-150500.17.40.1
    * libopenssl-1_1-devel-1.1.1l-150500.17.40.1
    * libopenssl1_1-debuginfo-1.1.1l-150500.17.40.1
    * openssl-1_1-1.1.1l-150500.17.40.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64)
    * libopenssl1_1-hmac-32bit-1.1.1l-150500.17.40.1
    * libopenssl1_1-32bit-debuginfo-1.1.1l-150500.17.40.1
    * libopenssl1_1-32bit-1.1.1l-150500.17.40.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * libopenssl1_1-1.1.1l-150500.17.40.1
    * libopenssl1_1-hmac-1.1.1l-150500.17.40.1
    * openssl-1_1-debuginfo-1.1.1l-150500.17.40.1
    * openssl-1_1-debugsource-1.1.1l-150500.17.40.1
    * libopenssl-1_1-devel-1.1.1l-150500.17.40.1
    * libopenssl1_1-debuginfo-1.1.1l-150500.17.40.1
    * openssl-1_1-1.1.1l-150500.17.40.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64)
    * libopenssl1_1-hmac-32bit-1.1.1l-150500.17.40.1
    * libopenssl1_1-32bit-debuginfo-1.1.1l-150500.17.40.1
    * libopenssl1_1-32bit-1.1.1l-150500.17.40.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * libopenssl1_1-1.1.1l-150500.17.40.1
    * libopenssl1_1-hmac-1.1.1l-150500.17.40.1
    * openssl-1_1-debuginfo-1.1.1l-150500.17.40.1
    * openssl-1_1-debugsource-1.1.1l-150500.17.40.1
    * libopenssl-1_1-devel-1.1.1l-150500.17.40.1
    * libopenssl1_1-debuginfo-1.1.1l-150500.17.40.1
    * openssl-1_1-1.1.1l-150500.17.40.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64)
    * libopenssl1_1-hmac-32bit-1.1.1l-150500.17.40.1
    * libopenssl1_1-32bit-debuginfo-1.1.1l-150500.17.40.1
    * libopenssl1_1-32bit-1.1.1l-150500.17.40.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * libopenssl1_1-1.1.1l-150500.17.40.1
    * libopenssl1_1-hmac-1.1.1l-150500.17.40.1
    * openssl-1_1-debuginfo-1.1.1l-150500.17.40.1
    * openssl-1_1-debugsource-1.1.1l-150500.17.40.1
    * libopenssl-1_1-devel-1.1.1l-150500.17.40.1
    * libopenssl1_1-debuginfo-1.1.1l-150500.17.40.1
    * openssl-1_1-1.1.1l-150500.17.40.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64)
    * libopenssl1_1-hmac-32bit-1.1.1l-150500.17.40.1
    * libopenssl1_1-32bit-debuginfo-1.1.1l-150500.17.40.1
    * libopenssl1_1-32bit-1.1.1l-150500.17.40.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-13176.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236136

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250204/0c3db9e2/attachment.htm>

From null at suse.de  Tue Feb  4 12:30:01 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 04 Feb 2025 12:30:01 -0000
Subject: SUSE-RU-2025:0353-1: moderate: Recommended update for
 regionServiceClientConfigAzure
Message-ID: <173867220147.22572.6822840877317360692@smelt2.prg2.suse.org>



# Recommended update for regionServiceClientConfigAzure

Announcement ID: SUSE-RU-2025:0353-1  
Release Date: 2025-02-04T10:12:26Z  
Rating: moderate  
References:

  
Affected Products:

  * Public Cloud Module 12
  * SUSE Linux Enterprise High Performance Computing 12 SP2
  * SUSE Linux Enterprise High Performance Computing 12 SP3
  * SUSE Linux Enterprise High Performance Computing 12 SP4
  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12
  * SUSE Linux Enterprise Server 12 SP1
  * SUSE Linux Enterprise Server 12 SP2
  * SUSE Linux Enterprise Server 12 SP3
  * SUSE Linux Enterprise Server 12 SP4
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server for SAP Applications 12
  * SUSE Linux Enterprise Server for SAP Applications 12 SP1
  * SUSE Linux Enterprise Server for SAP Applications 12 SP2
  * SUSE Linux Enterprise Server for SAP Applications 12 SP3
  * SUSE Linux Enterprise Server for SAP Applications 12 SP4
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that can now be installed.

## Description:

This update for regionServiceClientConfigAzure fixes the following issues:

  * Replacing certificate for rgnsrv-azure-southeastasia to get rid of weird
    chain cert
  * New 4096 certificate for rgnsrv-azure-southeastasia

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * Public Cloud Module 12  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2025-353=1

## Package List:

  * Public Cloud Module 12 (noarch)
    * regionServiceClientConfigAzure-2.2.2-3.27.1

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250204/49f523dd/attachment.htm>

From null at suse.de  Tue Feb  4 12:30:02 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 04 Feb 2025 12:30:02 -0000
Subject: SUSE-RU-2025:0352-1: moderate: Recommended update for
 regionServiceClientConfigAzure
Message-ID: <173867220257.22572.11194087919229636157@smelt2.prg2.suse.org>



# Recommended update for regionServiceClientConfigAzure

Announcement ID: SUSE-RU-2025:0352-1  
Release Date: 2025-02-04T10:12:12Z  
Rating: moderate  
References:

  
Affected Products:

  * openSUSE Leap 15.6
  * openSUSE Leap Micro 5.5
  * Public Cloud Module 15-SP3
  * Public Cloud Module 15-SP4
  * Public Cloud Module 15-SP5
  * Public Cloud Module 15-SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Manager Proxy 4.2
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.2
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.2
  * SUSE Manager Server 4.3

  
  
An update that can now be installed.

## Description:

This update for regionServiceClientConfigAzure fixes the following issues:

  * Replacing certificate for rgnsrv-azure-southeastasia to get rid of weird
    chain cert
  * New 4096 certificate for rgnsrv-azure-southeastasia

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap Micro 5.5  
    zypper in -t patch openSUSE-Leap-Micro-5.5-2025-352=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-352=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-352=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-352=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-352=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-352=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-352=1

  * Public Cloud Module 15-SP3  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2025-352=1

  * Public Cloud Module 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-352=1

  * Public Cloud Module 15-SP5  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2025-352=1

  * Public Cloud Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-352=1

## Package List:

  * openSUSE Leap Micro 5.5 (noarch)
    * regionServiceClientConfigAzure-2.2.2-150000.3.25.1
  * openSUSE Leap 15.6 (noarch)
    * regionServiceClientConfigAzure-2.2.2-150000.3.25.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch)
    * regionServiceClientConfigAzure-2.2.2-150000.3.25.1
  * SUSE Linux Enterprise Micro 5.3 (noarch)
    * regionServiceClientConfigAzure-2.2.2-150000.3.25.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch)
    * regionServiceClientConfigAzure-2.2.2-150000.3.25.1
  * SUSE Linux Enterprise Micro 5.4 (noarch)
    * regionServiceClientConfigAzure-2.2.2-150000.3.25.1
  * SUSE Linux Enterprise Micro 5.5 (noarch)
    * regionServiceClientConfigAzure-2.2.2-150000.3.25.1
  * Public Cloud Module 15-SP3 (noarch)
    * regionServiceClientConfigAzure-2.2.2-150000.3.25.1
  * Public Cloud Module 15-SP4 (noarch)
    * regionServiceClientConfigAzure-2.2.2-150000.3.25.1
  * Public Cloud Module 15-SP5 (noarch)
    * regionServiceClientConfigAzure-2.2.2-150000.3.25.1
  * Public Cloud Module 15-SP6 (noarch)
    * regionServiceClientConfigAzure-2.2.2-150000.3.25.1

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250204/c46ad065/attachment.htm>

From null at suse.de  Thu Feb  6 16:30:10 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 06 Feb 2025 16:30:10 -0000
Subject: SUSE-SU-2025:0380-1: moderate: Security update for wget
Message-ID: <173885941087.21757.7308136970175200124@smelt2.prg2.suse.org>



# Security update for wget

Announcement ID: SUSE-SU-2025:0380-1  
Release Date: 2025-02-06T14:44:25Z  
Rating: moderate  
References:

  * bsc#1185551
  * bsc#1230795

  
Cross-References:

  * CVE-2021-31879

  
CVSS scores:

  * CVE-2021-31879 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
  * CVE-2021-31879 ( NVD ):  6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

  
Affected Products:

  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for wget fixes the following issues:

  * CVE-2021-31879: Authorization header disclosed upon redirects to different
    origins. (bsc#1185551)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-380=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * wget-debuginfo-1.14-21.22.1
    * wget-1.14-21.22.1
    * wget-debugsource-1.14-21.22.1

## References:

  * https://www.suse.com/security/cve/CVE-2021-31879.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1185551
  * https://bugzilla.suse.com/show_bug.cgi?id=1230795

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250206/880f87d6/attachment.htm>

From null at suse.de  Thu Feb  6 16:30:12 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 06 Feb 2025 16:30:12 -0000
Subject: SUSE-OU-2025:0378-1: low: Optional update for cronie
Message-ID: <173885941254.21757.11476062968975946892@smelt2.prg2.suse.org>



# Optional update for cronie

Announcement ID: SUSE-OU-2025:0378-1  
Release Date: 2025-02-06T09:32:18Z  
Rating: low  
References:

  * jsc#PED-11444

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * Public Cloud Module 15-SP4
  * Public Cloud Module 15-SP5
  * Public Cloud Module 15-SP6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Linux Enterprise Workstation Extension 15 SP6
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3
  * SUSE Package Hub 15 15-SP6

  
  
An update that contains one feature can now be installed.

## Description:

This update for libOpenCL1 fixes the following issue:

  * Ship existing libOpenCL1 to more products.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-378=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-378=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-378=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-378=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-378=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-378=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-378=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-378=1

  * Public Cloud Module 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-378=1

  * Public Cloud Module 15-SP5  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2025-378=1

  * Public Cloud Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-378=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-378=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-378=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-378=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-378=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-378=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-378=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-378=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-378=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-378=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-378=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-378=1

  * SUSE Linux Enterprise Workstation Extension 15 SP6  
    zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2025-378=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * libOpenCL1-2.3.1-150100.8.17.1
    * libOpenCL1-debuginfo-2.3.1-150100.8.17.1
    * ocl-icd-devel-2.3.1-150100.8.17.1
    * ocl-icd-debugsource-2.3.1-150100.8.17.1
  * openSUSE Leap 15.6 (x86_64)
    * ocl-icd-devel-32bit-2.3.1-150100.8.17.1
    * libOpenCL1-32bit-debuginfo-2.3.1-150100.8.17.1
    * libOpenCL1-32bit-2.3.1-150100.8.17.1
  * openSUSE Leap 15.6 (noarch)
    * opencl-headers-2.2+git.20211214-150000.3.5.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * libOpenCL1-2.3.1-150100.8.17.1
    * libOpenCL1-debuginfo-2.3.1-150100.8.17.1
    * ocl-icd-debugsource-2.3.1-150100.8.17.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * libOpenCL1-2.3.1-150100.8.17.1
    * libOpenCL1-debuginfo-2.3.1-150100.8.17.1
    * ocl-icd-debugsource-2.3.1-150100.8.17.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * libOpenCL1-2.3.1-150100.8.17.1
    * libOpenCL1-debuginfo-2.3.1-150100.8.17.1
    * ocl-icd-debugsource-2.3.1-150100.8.17.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * libOpenCL1-2.3.1-150100.8.17.1
    * libOpenCL1-debuginfo-2.3.1-150100.8.17.1
    * ocl-icd-debugsource-2.3.1-150100.8.17.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * libOpenCL1-2.3.1-150100.8.17.1
    * libOpenCL1-debuginfo-2.3.1-150100.8.17.1
    * ocl-icd-debugsource-2.3.1-150100.8.17.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * libOpenCL1-2.3.1-150100.8.17.1
    * libOpenCL1-debuginfo-2.3.1-150100.8.17.1
    * ocl-icd-devel-2.3.1-150100.8.17.1
    * ocl-icd-debugsource-2.3.1-150100.8.17.1
  * Basesystem Module 15-SP6 (noarch)
    * opencl-headers-2.2+git.20211214-150000.3.5.1
  * Basesystem Module 15-SP6 (x86_64)
    * ocl-icd-devel-32bit-2.3.1-150100.8.17.1
    * libOpenCL1-32bit-debuginfo-2.3.1-150100.8.17.1
    * libOpenCL1-32bit-2.3.1-150100.8.17.1
  * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x)
    * libOpenCL1-2.3.1-150100.8.17.1
    * libOpenCL1-debuginfo-2.3.1-150100.8.17.1
    * ocl-icd-devel-2.3.1-150100.8.17.1
    * ocl-icd-debugsource-2.3.1-150100.8.17.1
  * SUSE Package Hub 15 15-SP6 (noarch)
    * opencl-headers-2.2+git.20211214-150000.3.5.1
  * SUSE Package Hub 15 15-SP6 (x86_64)
    * libOpenCL1-32bit-debuginfo-2.3.1-150100.8.17.1
    * libOpenCL1-32bit-2.3.1-150100.8.17.1
  * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64)
    * libOpenCL1-2.3.1-150100.8.17.1
    * libOpenCL1-debuginfo-2.3.1-150100.8.17.1
    * ocl-icd-debugsource-2.3.1-150100.8.17.1
  * Public Cloud Module 15-SP5 (aarch64 ppc64le s390x x86_64)
    * libOpenCL1-2.3.1-150100.8.17.1
    * libOpenCL1-debuginfo-2.3.1-150100.8.17.1
    * ocl-icd-debugsource-2.3.1-150100.8.17.1
  * Public Cloud Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * libOpenCL1-2.3.1-150100.8.17.1
    * libOpenCL1-debuginfo-2.3.1-150100.8.17.1
    * ocl-icd-debugsource-2.3.1-150100.8.17.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * libOpenCL1-2.3.1-150100.8.17.1
    * libOpenCL1-debuginfo-2.3.1-150100.8.17.1
    * ocl-icd-devel-2.3.1-150100.8.17.1
    * ocl-icd-debugsource-2.3.1-150100.8.17.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * opencl-headers-2.2+git.20211214-150000.3.5.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
    * ocl-icd-devel-32bit-2.3.1-150100.8.17.1
    * libOpenCL1-32bit-debuginfo-2.3.1-150100.8.17.1
    * libOpenCL1-32bit-2.3.1-150100.8.17.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * libOpenCL1-2.3.1-150100.8.17.1
    * libOpenCL1-debuginfo-2.3.1-150100.8.17.1
    * ocl-icd-devel-2.3.1-150100.8.17.1
    * ocl-icd-debugsource-2.3.1-150100.8.17.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * opencl-headers-2.2+git.20211214-150000.3.5.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
    * ocl-icd-devel-32bit-2.3.1-150100.8.17.1
    * libOpenCL1-32bit-debuginfo-2.3.1-150100.8.17.1
    * libOpenCL1-32bit-2.3.1-150100.8.17.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * libOpenCL1-2.3.1-150100.8.17.1
    * libOpenCL1-debuginfo-2.3.1-150100.8.17.1
    * ocl-icd-devel-2.3.1-150100.8.17.1
    * ocl-icd-debugsource-2.3.1-150100.8.17.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * opencl-headers-2.2+git.20211214-150000.3.5.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64)
    * ocl-icd-devel-32bit-2.3.1-150100.8.17.1
    * libOpenCL1-32bit-debuginfo-2.3.1-150100.8.17.1
    * libOpenCL1-32bit-2.3.1-150100.8.17.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * libOpenCL1-2.3.1-150100.8.17.1
    * libOpenCL1-debuginfo-2.3.1-150100.8.17.1
    * ocl-icd-devel-2.3.1-150100.8.17.1
    * ocl-icd-debugsource-2.3.1-150100.8.17.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * opencl-headers-2.2+git.20211214-150000.3.5.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64)
    * ocl-icd-devel-32bit-2.3.1-150100.8.17.1
    * libOpenCL1-32bit-debuginfo-2.3.1-150100.8.17.1
    * libOpenCL1-32bit-2.3.1-150100.8.17.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * libOpenCL1-2.3.1-150100.8.17.1
    * libOpenCL1-debuginfo-2.3.1-150100.8.17.1
    * ocl-icd-devel-2.3.1-150100.8.17.1
    * ocl-icd-debugsource-2.3.1-150100.8.17.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * opencl-headers-2.2+git.20211214-150000.3.5.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64)
    * ocl-icd-devel-32bit-2.3.1-150100.8.17.1
    * libOpenCL1-32bit-debuginfo-2.3.1-150100.8.17.1
    * libOpenCL1-32bit-2.3.1-150100.8.17.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * libOpenCL1-2.3.1-150100.8.17.1
    * libOpenCL1-debuginfo-2.3.1-150100.8.17.1
    * ocl-icd-devel-2.3.1-150100.8.17.1
    * ocl-icd-debugsource-2.3.1-150100.8.17.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * opencl-headers-2.2+git.20211214-150000.3.5.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64)
    * ocl-icd-devel-32bit-2.3.1-150100.8.17.1
    * libOpenCL1-32bit-debuginfo-2.3.1-150100.8.17.1
    * libOpenCL1-32bit-2.3.1-150100.8.17.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * libOpenCL1-2.3.1-150100.8.17.1
    * libOpenCL1-debuginfo-2.3.1-150100.8.17.1
    * ocl-icd-devel-2.3.1-150100.8.17.1
    * ocl-icd-debugsource-2.3.1-150100.8.17.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * opencl-headers-2.2+git.20211214-150000.3.5.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
    * ocl-icd-devel-32bit-2.3.1-150100.8.17.1
    * libOpenCL1-32bit-debuginfo-2.3.1-150100.8.17.1
    * libOpenCL1-32bit-2.3.1-150100.8.17.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * libOpenCL1-2.3.1-150100.8.17.1
    * libOpenCL1-debuginfo-2.3.1-150100.8.17.1
    * ocl-icd-devel-2.3.1-150100.8.17.1
    * ocl-icd-debugsource-2.3.1-150100.8.17.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * opencl-headers-2.2+git.20211214-150000.3.5.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64)
    * ocl-icd-devel-32bit-2.3.1-150100.8.17.1
    * libOpenCL1-32bit-debuginfo-2.3.1-150100.8.17.1
    * libOpenCL1-32bit-2.3.1-150100.8.17.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * libOpenCL1-2.3.1-150100.8.17.1
    * libOpenCL1-debuginfo-2.3.1-150100.8.17.1
    * ocl-icd-debugsource-2.3.1-150100.8.17.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * libOpenCL1-2.3.1-150100.8.17.1
    * libOpenCL1-debuginfo-2.3.1-150100.8.17.1
    * ocl-icd-debugsource-2.3.1-150100.8.17.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * libOpenCL1-2.3.1-150100.8.17.1
    * libOpenCL1-debuginfo-2.3.1-150100.8.17.1
    * ocl-icd-debugsource-2.3.1-150100.8.17.1
  * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64)
    * libOpenCL1-32bit-2.3.1-150100.8.17.1
    * ocl-icd-debugsource-2.3.1-150100.8.17.1
    * ocl-icd-devel-2.3.1-150100.8.17.1
    * libOpenCL1-32bit-debuginfo-2.3.1-150100.8.17.1
    * libOpenCL1-2.3.1-150100.8.17.1
    * ocl-icd-devel-32bit-2.3.1-150100.8.17.1
    * libOpenCL1-debuginfo-2.3.1-150100.8.17.1
  * SUSE Linux Enterprise Workstation Extension 15 SP6 (noarch)
    * opencl-headers-2.2+git.20211214-150000.3.5.1

## References:

  * https://jira.suse.com/browse/PED-11444

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250206/ede0b446/attachment.htm>

From null at suse.de  Thu Feb  6 16:30:17 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 06 Feb 2025 16:30:17 -0000
Subject: SUSE-SU-2025:0377-1: moderate: Security update for
 google-osconfig-agent
Message-ID: <173885941759.21757.12050937276221452774@smelt2.prg2.suse.org>



# Security update for google-osconfig-agent

Announcement ID: SUSE-SU-2025:0377-1  
Release Date: 2025-02-05T19:31:14Z  
Rating: moderate  
References:

  * bsc#1225974
  * bsc#1236406
  * bsc#1236407

  
Cross-References:

  * CVE-2024-24790

  
CVSS scores:

  * CVE-2024-24790 ( SUSE ):  6.2 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L
  * CVE-2024-24790 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * Public Cloud Module 12
  * SUSE Linux Enterprise High Performance Computing 12 SP2
  * SUSE Linux Enterprise High Performance Computing 12 SP3
  * SUSE Linux Enterprise High Performance Computing 12 SP4
  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12
  * SUSE Linux Enterprise Server 12 SP1
  * SUSE Linux Enterprise Server 12 SP2
  * SUSE Linux Enterprise Server 12 SP3
  * SUSE Linux Enterprise Server 12 SP4
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server for SAP Applications 12
  * SUSE Linux Enterprise Server for SAP Applications 12 SP1
  * SUSE Linux Enterprise Server for SAP Applications 12 SP2
  * SUSE Linux Enterprise Server for SAP Applications 12 SP3
  * SUSE Linux Enterprise Server for SAP Applications 12 SP4
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability and has two security fixes can now be
installed.

## Description:

This update for google-osconfig-agent fixes the following issues:

  * Update to version 20250115.01 (bsc#1236406, bsc#1236407)
  * CVE-2024-24790: Bump the golang compiler version to 1.22.4 (bsc#1225974)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * Public Cloud Module 12  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2025-377=1

## Package List:

  * Public Cloud Module 12 (aarch64 ppc64le s390x x86_64)
    * google-osconfig-agent-20250115.01-1.32.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-24790.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1225974
  * https://bugzilla.suse.com/show_bug.cgi?id=1236406
  * https://bugzilla.suse.com/show_bug.cgi?id=1236407

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250206/318685cf/attachment.htm>

From null at suse.de  Thu Feb  6 16:30:26 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 06 Feb 2025 16:30:26 -0000
Subject: SUSE-RU-2025:0376-1: moderate: Recommended update for
 suse-migration-rpm
Message-ID: <173885942605.21757.5425762019442148692@smelt2.prg2.suse.org>



# Recommended update for suse-migration-rpm

Announcement ID: SUSE-RU-2025:0376-1  
Release Date: 2025-02-05T16:33:35Z  
Rating: moderate  
References:

  * bsc#1133919
  * bsc#1155192
  * bsc#1156068
  * bsc#1173532
  * bsc#1173654
  * bsc#1182520
  * bsc#1184278
  * bsc#1206194
  * bsc#1206701
  * bsc#1234803

  
Affected Products:

  * openSUSE Leap 15.6

  
  
An update that has 10 fixes can now be installed.

## Description:

This update for suse-migration-rpm fixes the following issues:

  * Install migration live image to /migration-image This change helps to run
    migrations on systems which stores /usr/share in a special way, e.g. as LVM
    volume or other type that cannot be read via the loopback grub or kexec
    method.
  * Bugzilla reference commit to PR #294 for
    SUSE/fix_prepare_service_variable_access (bsc#1234803).
  * Use bind mount when needed, to ensure the resolv.conf in the root_path
    contains proper settings (bsc#1206194). Fix kernel check when there is no
    entry for multiversion (bsc#1206701).
  * Updated spec file (bsc#1206701).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-376=1

## Package List:

  * openSUSE Leap 15.6 (noarch)
    * suse-migration-services-2.1.5-150000.1.75.2
    * suse-migration-pre-checks-2.1.5-150000.1.75.2
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * suse-migration-rpm-1.0.1-150000.1.17.3

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1133919
  * https://bugzilla.suse.com/show_bug.cgi?id=1155192
  * https://bugzilla.suse.com/show_bug.cgi?id=1156068
  * https://bugzilla.suse.com/show_bug.cgi?id=1173532
  * https://bugzilla.suse.com/show_bug.cgi?id=1173654
  * https://bugzilla.suse.com/show_bug.cgi?id=1182520
  * https://bugzilla.suse.com/show_bug.cgi?id=1184278
  * https://bugzilla.suse.com/show_bug.cgi?id=1206194
  * https://bugzilla.suse.com/show_bug.cgi?id=1206701
  * https://bugzilla.suse.com/show_bug.cgi?id=1234803

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250206/c697ed91/attachment.htm>

From null at suse.de  Thu Feb  6 16:30:29 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 06 Feb 2025 16:30:29 -0000
Subject: SUSE-RU-2025:0375-1: moderate: Recommended update for rmt-server
Message-ID: <173885942982.21757.15228804631040827801@smelt2.prg2.suse.org>



# Recommended update for rmt-server

Announcement ID: SUSE-RU-2025:0375-1  
Release Date: 2025-02-05T16:00:43Z  
Rating: moderate  
References:

  * bsc#1230157
  * bsc#1230419
  * bsc#1232808
  * bsc#1234844

  
Affected Products:

  * openSUSE Leap 15.4
  * Public Cloud Module 15-SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that has four fixes can now be installed.

## Description:

This update for rmt-server fixes the following issues:

  * Allow users to configure the SUMA product tree base URL to download
    'product_tree.json' from host other than 'scc.suse.com' (bsc#1234844)
  * Update Micro check due to Micro 6.0 and 6.1 identifier (bsc#1230419)
  * Remove obsolete repositories and associations from rmt during SCC sync
    (bsc#1232808)
  * Do not re-download repomd metadata if already exists and be the latest
    version
  * rmt-server-pubcloud:
    * Update Zypper path allowing check to handle paid extensions (i.e. LTSS) (bsc#1230157)
    * Add data export engine

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * Public Cloud Module 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-375=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-375=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-375=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-375=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-375=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-375=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-375=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-375=1

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-375=1

## Package List:

  * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64)
    * rmt-server-debugsource-2.21-150400.3.37.1
    * rmt-server-debuginfo-2.21-150400.3.37.1
    * rmt-server-pubcloud-2.21-150400.3.37.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * rmt-server-2.21-150400.3.37.1
    * rmt-server-debuginfo-2.21-150400.3.37.1
    * rmt-server-config-2.21-150400.3.37.1
    * rmt-server-debugsource-2.21-150400.3.37.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * rmt-server-2.21-150400.3.37.1
    * rmt-server-debuginfo-2.21-150400.3.37.1
    * rmt-server-config-2.21-150400.3.37.1
    * rmt-server-debugsource-2.21-150400.3.37.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * rmt-server-2.21-150400.3.37.1
    * rmt-server-debuginfo-2.21-150400.3.37.1
    * rmt-server-config-2.21-150400.3.37.1
    * rmt-server-debugsource-2.21-150400.3.37.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * rmt-server-2.21-150400.3.37.1
    * rmt-server-debuginfo-2.21-150400.3.37.1
    * rmt-server-config-2.21-150400.3.37.1
    * rmt-server-debugsource-2.21-150400.3.37.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * rmt-server-2.21-150400.3.37.1
    * rmt-server-debuginfo-2.21-150400.3.37.1
    * rmt-server-config-2.21-150400.3.37.1
    * rmt-server-debugsource-2.21-150400.3.37.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * rmt-server-2.21-150400.3.37.1
    * rmt-server-debuginfo-2.21-150400.3.37.1
    * rmt-server-config-2.21-150400.3.37.1
    * rmt-server-debugsource-2.21-150400.3.37.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * rmt-server-2.21-150400.3.37.1
    * rmt-server-debuginfo-2.21-150400.3.37.1
    * rmt-server-config-2.21-150400.3.37.1
    * rmt-server-debugsource-2.21-150400.3.37.1
  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
    * rmt-server-2.21-150400.3.37.1
    * rmt-server-pubcloud-2.21-150400.3.37.1
    * rmt-server-debuginfo-2.21-150400.3.37.1
    * rmt-server-config-2.21-150400.3.37.1
    * rmt-server-debugsource-2.21-150400.3.37.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1230157
  * https://bugzilla.suse.com/show_bug.cgi?id=1230419
  * https://bugzilla.suse.com/show_bug.cgi?id=1232808
  * https://bugzilla.suse.com/show_bug.cgi?id=1234844

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250206/ee593480/attachment.htm>

From null at suse.de  Thu Feb  6 16:30:32 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 06 Feb 2025 16:30:32 -0000
Subject: SUSE-SU-2025:0374-1: important: Security update for MozillaFirefox
Message-ID: <173885943200.21757.2890758873202708315@smelt2.prg2.suse.org>



# Security update for MozillaFirefox

Announcement ID: SUSE-SU-2025:0374-1  
Release Date: 2025-02-05T15:39:02Z  
Rating: important  
References:

  * bsc#1236539

  
Cross-References:

  * CVE-2024-11704
  * CVE-2025-1009
  * CVE-2025-1010
  * CVE-2025-1011
  * CVE-2025-1012
  * CVE-2025-1013
  * CVE-2025-1014
  * CVE-2025-1016
  * CVE-2025-1017

  
CVSS scores:

  * CVE-2024-11704 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1009 ( SUSE ):  7.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
  * CVE-2025-1009 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1010 ( SUSE ):  7.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
  * CVE-2025-1010 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1011 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1011 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1012 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1012 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1013 ( SUSE ):  3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
  * CVE-2025-1013 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
  * CVE-2025-1014 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  * CVE-2025-1016 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1017 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

  
Affected Products:

  * Desktop Applications Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves nine vulnerabilities can now be installed.

## Description:

This update for MozillaFirefox to 128.7esr fixes the following issues:

  * MFSA 2025-09
  * CVE-2025-1009 (bmo#1936613) Use-after-free in XSLT
  * CVE-2025-1010 (bmo#1936982) Use-after-free in Custom Highlight
  * CVE-2025-1011 (bmo#1936454) A bug in WebAssembly code generation could
    result in a crash
  * CVE-2025-1012 (bmo#1939710) Use-after-free during concurrent delazification
  * CVE-2024-11704 (bmo#1899402) Potential double-free vulnerability in PKCS#7
    decryption handling
  * CVE-2025-1013 (bmo#1932555) Potential opening of private browsing tabs in
    normal browsing windows
  * CVE-2025-1014 (bmo#1940804) Certificate length was not properly checked
  * CVE-2025-1016 (bmo#1936601, bmo#1936844, bmo#1937694, bmo#1938469,
    bmo#1939583, bmo#1940994) Memory safety bugs fixed in Firefox 135,
    Thunderbird 135, Firefox ESR 115.20, Firefox ESR 128.7, Thunderbird 115.20,
    and Thunderbird 128.7
  * CVE-2025-1017 (bmo#1926256, bmo#1935471, bmo#1935984) Memory safety bugs
    fixed in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird
    128.7

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-374=1

  * Desktop Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-374=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-374=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-374=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-374=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-374=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-374=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-374=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-374=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-374=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-374=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-374=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-374=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-374=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * MozillaFirefox-debugsource-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-common-128.7.0-150200.152.170.1
    * MozillaFirefox-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-other-128.7.0-150200.152.170.1
    * MozillaFirefox-debuginfo-128.7.0-150200.152.170.1
    * MozillaFirefox-branding-upstream-128.7.0-150200.152.170.1
  * openSUSE Leap 15.6 (noarch)
    * MozillaFirefox-devel-128.7.0-150200.152.170.1
  * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * MozillaFirefox-debugsource-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-common-128.7.0-150200.152.170.1
    * MozillaFirefox-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-other-128.7.0-150200.152.170.1
    * MozillaFirefox-debuginfo-128.7.0-150200.152.170.1
  * Desktop Applications Module 15-SP6 (noarch)
    * MozillaFirefox-devel-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * MozillaFirefox-debugsource-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-common-128.7.0-150200.152.170.1
    * MozillaFirefox-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-other-128.7.0-150200.152.170.1
    * MozillaFirefox-debuginfo-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * MozillaFirefox-devel-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * MozillaFirefox-debugsource-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-common-128.7.0-150200.152.170.1
    * MozillaFirefox-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-other-128.7.0-150200.152.170.1
    * MozillaFirefox-debuginfo-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * MozillaFirefox-devel-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * MozillaFirefox-debugsource-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-common-128.7.0-150200.152.170.1
    * MozillaFirefox-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-other-128.7.0-150200.152.170.1
    * MozillaFirefox-debuginfo-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * MozillaFirefox-devel-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * MozillaFirefox-debugsource-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-common-128.7.0-150200.152.170.1
    * MozillaFirefox-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-other-128.7.0-150200.152.170.1
    * MozillaFirefox-debuginfo-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * MozillaFirefox-devel-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * MozillaFirefox-debugsource-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-common-128.7.0-150200.152.170.1
    * MozillaFirefox-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-other-128.7.0-150200.152.170.1
    * MozillaFirefox-debuginfo-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * MozillaFirefox-devel-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * MozillaFirefox-debugsource-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-common-128.7.0-150200.152.170.1
    * MozillaFirefox-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-other-128.7.0-150200.152.170.1
    * MozillaFirefox-debuginfo-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * MozillaFirefox-devel-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * MozillaFirefox-debugsource-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-common-128.7.0-150200.152.170.1
    * MozillaFirefox-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-other-128.7.0-150200.152.170.1
    * MozillaFirefox-debuginfo-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * MozillaFirefox-devel-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * MozillaFirefox-debugsource-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-common-128.7.0-150200.152.170.1
    * MozillaFirefox-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-other-128.7.0-150200.152.170.1
    * MozillaFirefox-debuginfo-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * MozillaFirefox-devel-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * MozillaFirefox-debugsource-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-common-128.7.0-150200.152.170.1
    * MozillaFirefox-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-other-128.7.0-150200.152.170.1
    * MozillaFirefox-debuginfo-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * MozillaFirefox-devel-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * MozillaFirefox-debugsource-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-common-128.7.0-150200.152.170.1
    * MozillaFirefox-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-other-128.7.0-150200.152.170.1
    * MozillaFirefox-debuginfo-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * MozillaFirefox-devel-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * MozillaFirefox-debugsource-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-common-128.7.0-150200.152.170.1
    * MozillaFirefox-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-other-128.7.0-150200.152.170.1
    * MozillaFirefox-debuginfo-128.7.0-150200.152.170.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * MozillaFirefox-devel-128.7.0-150200.152.170.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * MozillaFirefox-debugsource-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-common-128.7.0-150200.152.170.1
    * MozillaFirefox-128.7.0-150200.152.170.1
    * MozillaFirefox-translations-other-128.7.0-150200.152.170.1
    * MozillaFirefox-debuginfo-128.7.0-150200.152.170.1
  * SUSE Enterprise Storage 7.1 (noarch)
    * MozillaFirefox-devel-128.7.0-150200.152.170.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-11704.html
  * https://www.suse.com/security/cve/CVE-2025-1009.html
  * https://www.suse.com/security/cve/CVE-2025-1010.html
  * https://www.suse.com/security/cve/CVE-2025-1011.html
  * https://www.suse.com/security/cve/CVE-2025-1012.html
  * https://www.suse.com/security/cve/CVE-2025-1013.html
  * https://www.suse.com/security/cve/CVE-2025-1014.html
  * https://www.suse.com/security/cve/CVE-2025-1016.html
  * https://www.suse.com/security/cve/CVE-2025-1017.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236539

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250206/4f64f363/attachment.htm>

From null at suse.de  Thu Feb  6 16:30:35 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 06 Feb 2025 16:30:35 -0000
Subject: SUSE-SU-2025:0372-1: moderate: Security update for curl
Message-ID: <173885943534.21757.9789512014277956885@smelt2.prg2.suse.org>



# Security update for curl

Announcement ID: SUSE-SU-2025:0372-1  
Release Date: 2025-02-05T15:36:19Z  
Rating: moderate  
References:

  * bsc#1236588
  * bsc#1236590

  
Cross-References:

  * CVE-2025-0167
  * CVE-2025-0725

  
CVSS scores:

  * CVE-2025-0167 ( SUSE ):  5.9
    CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-0167 ( SUSE ):  5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
  * CVE-2025-0725 ( SUSE ):  5.3
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-0725 ( SUSE ):  4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2025-0725 ( NVD ):  7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

  
Affected Products:

  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.2
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for curl fixes the following issues:

  * CVE-2025-0725: Fixed gzip integer overflow (bsc#1236590)
  * CVE-2025-0167: Fixed netrc and default credential leak (bsc#1236588)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-372=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-372=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-372=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-372=1

  * SUSE Linux Enterprise Micro 5.1  
    zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-372=1

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-372=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-372=1

## Package List:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * libcurl4-debuginfo-7.66.0-150200.4.84.1
    * curl-debuginfo-7.66.0-150200.4.84.1
    * libcurl4-7.66.0-150200.4.84.1
    * curl-debugsource-7.66.0-150200.4.84.1
    * curl-7.66.0-150200.4.84.1
    * libcurl-devel-7.66.0-150200.4.84.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64)
    * libcurl4-32bit-debuginfo-7.66.0-150200.4.84.1
    * libcurl4-32bit-7.66.0-150200.4.84.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * libcurl4-debuginfo-7.66.0-150200.4.84.1
    * curl-debuginfo-7.66.0-150200.4.84.1
    * libcurl4-7.66.0-150200.4.84.1
    * curl-debugsource-7.66.0-150200.4.84.1
    * curl-7.66.0-150200.4.84.1
    * libcurl-devel-7.66.0-150200.4.84.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (x86_64)
    * libcurl4-32bit-debuginfo-7.66.0-150200.4.84.1
    * libcurl4-32bit-7.66.0-150200.4.84.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * libcurl4-debuginfo-7.66.0-150200.4.84.1
    * curl-debuginfo-7.66.0-150200.4.84.1
    * libcurl4-7.66.0-150200.4.84.1
    * curl-debugsource-7.66.0-150200.4.84.1
    * curl-7.66.0-150200.4.84.1
    * libcurl-devel-7.66.0-150200.4.84.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64)
    * libcurl4-32bit-debuginfo-7.66.0-150200.4.84.1
    * libcurl4-32bit-7.66.0-150200.4.84.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * libcurl4-debuginfo-7.66.0-150200.4.84.1
    * curl-debuginfo-7.66.0-150200.4.84.1
    * libcurl4-7.66.0-150200.4.84.1
    * curl-debugsource-7.66.0-150200.4.84.1
    * curl-7.66.0-150200.4.84.1
    * libcurl-devel-7.66.0-150200.4.84.1
  * SUSE Enterprise Storage 7.1 (x86_64)
    * libcurl4-32bit-debuginfo-7.66.0-150200.4.84.1
    * libcurl4-32bit-7.66.0-150200.4.84.1
  * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
    * libcurl4-debuginfo-7.66.0-150200.4.84.1
    * curl-debuginfo-7.66.0-150200.4.84.1
    * libcurl4-7.66.0-150200.4.84.1
    * curl-debugsource-7.66.0-150200.4.84.1
    * curl-7.66.0-150200.4.84.1
  * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
    * libcurl4-debuginfo-7.66.0-150200.4.84.1
    * curl-debuginfo-7.66.0-150200.4.84.1
    * libcurl4-7.66.0-150200.4.84.1
    * curl-debugsource-7.66.0-150200.4.84.1
    * curl-7.66.0-150200.4.84.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
    * libcurl4-debuginfo-7.66.0-150200.4.84.1
    * curl-debuginfo-7.66.0-150200.4.84.1
    * libcurl4-7.66.0-150200.4.84.1
    * curl-debugsource-7.66.0-150200.4.84.1
    * curl-7.66.0-150200.4.84.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-0167.html
  * https://www.suse.com/security/cve/CVE-2025-0725.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236588
  * https://bugzilla.suse.com/show_bug.cgi?id=1236590

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250206/02482e08/attachment.htm>

From null at suse.de  Thu Feb  6 16:30:48 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 06 Feb 2025 16:30:48 -0000
Subject: SUSE-RU-2025:0367-1: moderate: Recommended update for gcc7
Message-ID: <173885944805.21757.15021556487237116497@smelt2.prg2.suse.org>



# Recommended update for gcc7

Announcement ID: SUSE-RU-2025:0367-1  
Release Date: 2025-02-05T13:26:11Z  
Rating: moderate  
References:

  * bsc#1236267

  
Affected Products:

  * Basesystem Module 15-SP6
  * Development Tools Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that has one fix can now be installed.

## Description:

This update for gcc7 fixes the following issues:

  * Fix vec_madd and vec_msub vector intrinsics on s390x. [bsc#1236267]

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-367=1

  * Development Tools Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-367=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-367=1

## Package List:

  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * libubsan0-debuginfo-7.5.0+r278197-150000.4.44.1
    * gcc7-fortran-7.5.0+r278197-150000.4.44.1
    * libstdc++6-devel-gcc7-7.5.0+r278197-150000.4.44.1
    * cpp7-7.5.0+r278197-150000.4.44.1
    * gcc7-7.5.0+r278197-150000.4.44.1
    * gcc7-debuginfo-7.5.0+r278197-150000.4.44.1
    * gcc7-c++-debuginfo-7.5.0+r278197-150000.4.44.1
    * cpp7-debuginfo-7.5.0+r278197-150000.4.44.1
    * libubsan0-7.5.0+r278197-150000.4.44.1
    * gcc7-fortran-debuginfo-7.5.0+r278197-150000.4.44.1
    * libgfortran4-7.5.0+r278197-150000.4.44.1
    * libasan4-debuginfo-7.5.0+r278197-150000.4.44.1
    * gcc7-c++-7.5.0+r278197-150000.4.44.1
    * libasan4-7.5.0+r278197-150000.4.44.1
    * gcc7-debugsource-7.5.0+r278197-150000.4.44.1
    * libgfortran4-debuginfo-7.5.0+r278197-150000.4.44.1
  * Basesystem Module 15-SP6 (x86_64)
    * libgfortran4-32bit-7.5.0+r278197-150000.4.44.1
    * libcilkrts5-debuginfo-7.5.0+r278197-150000.4.44.1
    * libcilkrts5-7.5.0+r278197-150000.4.44.1
    * libgfortran4-32bit-debuginfo-7.5.0+r278197-150000.4.44.1
  * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * gcc7-ada-7.5.0+r278197-150000.4.44.1
    * gcc7-debuginfo-7.5.0+r278197-150000.4.44.1
    * gcc7-objc-debuginfo-7.5.0+r278197-150000.4.44.1
    * gcc7-ada-debuginfo-7.5.0+r278197-150000.4.44.1
    * gcc7-objc-7.5.0+r278197-150000.4.44.1
    * gcc7-locale-7.5.0+r278197-150000.4.44.1
    * libada7-7.5.0+r278197-150000.4.44.1
    * gcc7-debugsource-7.5.0+r278197-150000.4.44.1
    * libada7-debuginfo-7.5.0+r278197-150000.4.44.1
  * Development Tools Module 15-SP6 (noarch)
    * gcc7-info-7.5.0+r278197-150000.4.44.1
  * Development Tools Module 15-SP6 (x86_64)
    * libasan4-32bit-7.5.0+r278197-150000.4.44.1
    * gcc7-fortran-32bit-7.5.0+r278197-150000.4.44.1
    * libstdc++6-devel-gcc7-32bit-7.5.0+r278197-150000.4.44.1
    * cross-nvptx-newlib7-devel-7.5.0+r278197-150000.4.44.1
    * libcilkrts5-32bit-debuginfo-7.5.0+r278197-150000.4.44.1
    * libubsan0-32bit-7.5.0+r278197-150000.4.44.1
    * gcc7-c++-32bit-7.5.0+r278197-150000.4.44.1
    * libcilkrts5-32bit-7.5.0+r278197-150000.4.44.1
    * gcc7-32bit-7.5.0+r278197-150000.4.44.1
    * cross-nvptx-gcc7-7.5.0+r278197-150000.4.44.1
    * libubsan0-32bit-debuginfo-7.5.0+r278197-150000.4.44.1
    * libasan4-32bit-debuginfo-7.5.0+r278197-150000.4.44.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * cross-avr-gcc7-bootstrap-debuginfo-7.5.0+r278197-150000.4.44.1
    * cross-ppc64-gcc7-debuginfo-7.5.0+r278197-150000.4.44.1
    * cross-arm-none-gcc7-bootstrap-debuginfo-7.5.0+r278197-150000.4.44.1
    * libgomp1-gcc7-7.5.0+r278197-150000.4.44.1
    * cross-i386-gcc7-debugsource-7.5.0+r278197-150000.4.44.1
    * libubsan0-7.5.0+r278197-150000.4.44.1
    * cross-mips-gcc7-icecream-backend-7.5.0+r278197-150000.4.44.1
    * cross-sparc64-gcc7-icecream-backend-7.5.0+r278197-150000.4.44.1
    * libgfortran4-7.5.0+r278197-150000.4.44.1
    * cross-m68k-gcc7-7.5.0+r278197-150000.4.44.1
    * gcc7-obj-c++-debuginfo-7.5.0+r278197-150000.4.44.1
    * libgo11-7.5.0+r278197-150000.4.44.1
    * libstdc++6-gcc7-debuginfo-7.5.0+r278197-150000.4.44.1
    * cross-i386-gcc7-debuginfo-7.5.0+r278197-150000.4.44.1
    * cross-sparc-gcc7-debugsource-7.5.0+r278197-150000.4.44.1
    * libada7-debuginfo-7.5.0+r278197-150000.4.44.1
    * libatomic1-gcc7-7.5.0+r278197-150000.4.44.1
    * cross-hppa-gcc7-debugsource-7.5.0+r278197-150000.4.44.1
    * cross-i386-gcc7-icecream-backend-7.5.0+r278197-150000.4.44.1
    * cross-mips-gcc7-debugsource-7.5.0+r278197-150000.4.44.1
    * gcc7-debugsource-7.5.0+r278197-150000.4.44.1
    * gcc7-fortran-7.5.0+r278197-150000.4.44.1
    * cross-avr-gcc7-bootstrap-debugsource-7.5.0+r278197-150000.4.44.1
    * libgfortran4-debuginfo-7.5.0+r278197-150000.4.44.1
    * cross-sparc64-gcc7-debugsource-7.5.0+r278197-150000.4.44.1
    * libgo11-debuginfo-7.5.0+r278197-150000.4.44.1
    * gcc7-go-7.5.0+r278197-150000.4.44.1
    * cross-sparc-gcc7-debuginfo-7.5.0+r278197-150000.4.44.1
    * gcc7-objc-debuginfo-7.5.0+r278197-150000.4.44.1
    * cpp7-debuginfo-7.5.0+r278197-150000.4.44.1
    * libstdc++6-gcc7-locale-7.5.0+r278197-150000.4.44.1
    * cross-avr-gcc7-bootstrap-7.5.0+r278197-150000.4.44.1
    * cross-ppc64-gcc7-7.5.0+r278197-150000.4.44.1
    * cross-arm-gcc7-debugsource-7.5.0+r278197-150000.4.44.1
    * gcc7-ada-debuginfo-7.5.0+r278197-150000.4.44.1
    * libobjc4-gcc7-7.5.0+r278197-150000.4.44.1
    * cross-rx-gcc7-bootstrap-7.5.0+r278197-150000.4.44.1
    * libgcc_s1-gcc7-7.5.0+r278197-150000.4.44.1
    * libstdc++6-gcc7-7.5.0+r278197-150000.4.44.1
    * gcc7-c++-7.5.0+r278197-150000.4.44.1
    * cross-rx-gcc7-bootstrap-debugsource-7.5.0+r278197-150000.4.44.1
    * libubsan0-debuginfo-7.5.0+r278197-150000.4.44.1
    * cross-rx-gcc7-bootstrap-debuginfo-7.5.0+r278197-150000.4.44.1
    * gcc7-obj-c++-7.5.0+r278197-150000.4.44.1
    * cross-hppa-gcc7-icecream-backend-7.5.0+r278197-150000.4.44.1
    * libstdc++6-devel-gcc7-7.5.0+r278197-150000.4.44.1
    * gcc7-debuginfo-7.5.0+r278197-150000.4.44.1
    * libitm1-gcc7-debuginfo-7.5.0+r278197-150000.4.44.1
    * cross-m68k-gcc7-debuginfo-7.5.0+r278197-150000.4.44.1
    * gcc7-c++-debuginfo-7.5.0+r278197-150000.4.44.1
    * cross-sparc-gcc7-7.5.0+r278197-150000.4.44.1
    * gcc7-fortran-debuginfo-7.5.0+r278197-150000.4.44.1
    * libobjc4-gcc7-debuginfo-7.5.0+r278197-150000.4.44.1
    * cross-arm-none-gcc7-bootstrap-debugsource-7.5.0+r278197-150000.4.44.1
    * cross-m68k-gcc7-icecream-backend-7.5.0+r278197-150000.4.44.1
    * cross-ppc64-gcc7-icecream-backend-7.5.0+r278197-150000.4.44.1
    * libasan4-debuginfo-7.5.0+r278197-150000.4.44.1
    * cross-arm-gcc7-7.5.0+r278197-150000.4.44.1
    * cross-i386-gcc7-7.5.0+r278197-150000.4.44.1
    * cross-hppa-gcc7-7.5.0+r278197-150000.4.44.1
    * cross-ppc64-gcc7-debugsource-7.5.0+r278197-150000.4.44.1
    * cpp7-7.5.0+r278197-150000.4.44.1
    * cross-sparc64-gcc7-7.5.0+r278197-150000.4.44.1
    * cross-mips-gcc7-debuginfo-7.5.0+r278197-150000.4.44.1
    * cross-sparcv9-gcc7-icecream-backend-7.5.0+r278197-150000.4.44.1
    * gcc7-7.5.0+r278197-150000.4.44.1
    * gcc7-go-debuginfo-7.5.0+r278197-150000.4.44.1
    * libatomic1-gcc7-debuginfo-7.5.0+r278197-150000.4.44.1
    * cross-sparc64-gcc7-debuginfo-7.5.0+r278197-150000.4.44.1
    * cross-arm-gcc7-debuginfo-7.5.0+r278197-150000.4.44.1
    * libgcc_s1-gcc7-debuginfo-7.5.0+r278197-150000.4.44.1
    * cross-m68k-gcc7-debugsource-7.5.0+r278197-150000.4.44.1
    * libgomp1-gcc7-debuginfo-7.5.0+r278197-150000.4.44.1
    * cross-arm-none-gcc7-bootstrap-7.5.0+r278197-150000.4.44.1
    * gcc7-objc-7.5.0+r278197-150000.4.44.1
    * gcc7-locale-7.5.0+r278197-150000.4.44.1
    * gcc7-testresults-7.5.0+r278197-150000.4.44.1
    * cross-mips-gcc7-7.5.0+r278197-150000.4.44.1
    * libada7-7.5.0+r278197-150000.4.44.1
    * libasan4-7.5.0+r278197-150000.4.44.1
    * cross-hppa-gcc7-debuginfo-7.5.0+r278197-150000.4.44.1
    * gcc7-ada-7.5.0+r278197-150000.4.44.1
    * libitm1-gcc7-7.5.0+r278197-150000.4.44.1
  * openSUSE Leap 15.6 (ppc64le s390x x86_64)
    * cross-aarch64-gcc7-debugsource-7.5.0+r278197-150000.4.44.1
    * cross-aarch64-gcc7-debuginfo-7.5.0+r278197-150000.4.44.1
    * cross-aarch64-gcc7-7.5.0+r278197-150000.4.44.1
    * cross-aarch64-gcc7-icecream-backend-7.5.0+r278197-150000.4.44.1
  * openSUSE Leap 15.6 (x86_64)
    * libmpx2-gcc7-debuginfo-7.5.0+r278197-150000.4.44.1
    * libcilkrts5-debuginfo-7.5.0+r278197-150000.4.44.1
    * libcilkrts5-32bit-debuginfo-7.5.0+r278197-150000.4.44.1
    * cross-nvptx-newlib7-devel-7.5.0+r278197-150000.4.44.1
    * libmpxwrappers2-gcc7-7.5.0+r278197-150000.4.44.1
    * libquadmath0-gcc7-32bit-7.5.0+r278197-150000.4.44.1
    * libquadmath0-gcc7-debuginfo-7.5.0+r278197-150000.4.44.1
    * libquadmath0-gcc7-32bit-debuginfo-7.5.0+r278197-150000.4.44.1
    * libmpxwrappers2-gcc7-debuginfo-7.5.0+r278197-150000.4.44.1
    * libcilkrts5-32bit-7.5.0+r278197-150000.4.44.1
    * libmpx2-gcc7-32bit-7.5.0+r278197-150000.4.44.1
    * libmpx2-gcc7-32bit-debuginfo-7.5.0+r278197-150000.4.44.1
    * libmpx2-gcc7-7.5.0+r278197-150000.4.44.1
    * libmpxwrappers2-gcc7-32bit-7.5.0+r278197-150000.4.44.1
    * libcilkrts5-7.5.0+r278197-150000.4.44.1
    * libmpxwrappers2-gcc7-32bit-debuginfo-7.5.0+r278197-150000.4.44.1
    * cross-nvptx-gcc7-7.5.0+r278197-150000.4.44.1
    * libquadmath0-gcc7-7.5.0+r278197-150000.4.44.1
  * openSUSE Leap 15.6 (aarch64 s390x x86_64)
    * cross-ppc64le-gcc7-debugsource-7.5.0+r278197-150000.4.44.1
    * cross-ppc64le-gcc7-icecream-backend-7.5.0+r278197-150000.4.44.1
    * cross-ppc64le-gcc7-debuginfo-7.5.0+r278197-150000.4.44.1
    * cross-ppc64le-gcc7-7.5.0+r278197-150000.4.44.1
  * openSUSE Leap 15.6 (aarch64 ppc64le x86_64)
    * cross-s390x-gcc7-7.5.0+r278197-150000.4.44.1
    * libtsan0-gcc7-7.5.0+r278197-150000.4.44.1
    * cross-s390x-gcc7-debuginfo-7.5.0+r278197-150000.4.44.1
    * cross-s390x-gcc7-icecream-backend-7.5.0+r278197-150000.4.44.1
    * libtsan0-gcc7-debuginfo-7.5.0+r278197-150000.4.44.1
    * liblsan0-gcc7-debuginfo-7.5.0+r278197-150000.4.44.1
    * cross-s390x-gcc7-debugsource-7.5.0+r278197-150000.4.44.1
    * liblsan0-gcc7-7.5.0+r278197-150000.4.44.1
  * openSUSE Leap 15.6 (s390x x86_64)
    * gcc7-fortran-32bit-7.5.0+r278197-150000.4.44.1
    * gcc7-c++-32bit-7.5.0+r278197-150000.4.44.1
    * libgomp1-gcc7-32bit-7.5.0+r278197-150000.4.44.1
    * libgfortran4-32bit-debuginfo-7.5.0+r278197-150000.4.44.1
    * gcc7-ada-32bit-7.5.0+r278197-150000.4.44.1
    * gcc7-go-32bit-7.5.0+r278197-150000.4.44.1
    * libstdc++6-gcc7-32bit-7.5.0+r278197-150000.4.44.1
    * libitm1-gcc7-32bit-debuginfo-7.5.0+r278197-150000.4.44.1
    * gcc7-objc-32bit-7.5.0+r278197-150000.4.44.1
    * libgo11-32bit-debuginfo-7.5.0+r278197-150000.4.44.1
    * libubsan0-32bit-7.5.0+r278197-150000.4.44.1
    * libatomic1-gcc7-32bit-7.5.0+r278197-150000.4.44.1
    * libobjc4-gcc7-32bit-7.5.0+r278197-150000.4.44.1
    * libgomp1-gcc7-32bit-debuginfo-7.5.0+r278197-150000.4.44.1
    * libitm1-gcc7-32bit-7.5.0+r278197-150000.4.44.1
    * libobjc4-gcc7-32bit-debuginfo-7.5.0+r278197-150000.4.44.1
    * libasan4-32bit-debuginfo-7.5.0+r278197-150000.4.44.1
    * libatomic1-gcc7-32bit-debuginfo-7.5.0+r278197-150000.4.44.1
    * gcc7-32bit-7.5.0+r278197-150000.4.44.1
    * libgcc_s1-gcc7-32bit-debuginfo-7.5.0+r278197-150000.4.44.1
    * libubsan0-32bit-debuginfo-7.5.0+r278197-150000.4.44.1
    * libgo11-32bit-7.5.0+r278197-150000.4.44.1
    * libasan4-32bit-7.5.0+r278197-150000.4.44.1
    * libstdc++6-devel-gcc7-32bit-7.5.0+r278197-150000.4.44.1
    * gcc7-obj-c++-32bit-7.5.0+r278197-150000.4.44.1
    * libada7-32bit-7.5.0+r278197-150000.4.44.1
    * libada7-32bit-debuginfo-7.5.0+r278197-150000.4.44.1
    * libstdc++6-gcc7-32bit-debuginfo-7.5.0+r278197-150000.4.44.1
    * libgcc_s1-gcc7-32bit-7.5.0+r278197-150000.4.44.1
    * libgfortran4-32bit-7.5.0+r278197-150000.4.44.1
  * openSUSE Leap 15.6 (noarch)
    * gcc7-info-7.5.0+r278197-150000.4.44.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x)
    * cross-x86_64-gcc7-icecream-backend-7.5.0+r278197-150000.4.44.1
    * cross-x86_64-gcc7-debuginfo-7.5.0+r278197-150000.4.44.1
    * cross-x86_64-gcc7-debugsource-7.5.0+r278197-150000.4.44.1
    * cross-x86_64-gcc7-7.5.0+r278197-150000.4.44.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1236267

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250206/57b8ae2d/attachment.htm>

From null at suse.de  Thu Feb  6 16:30:38 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 06 Feb 2025 16:30:38 -0000
Subject: SUSE-SU-2025:0371-1: moderate: Security update for curl
Message-ID: <173885943815.21757.13886651643017129829@smelt2.prg2.suse.org>



# Security update for curl

Announcement ID: SUSE-SU-2025:0371-1  
Release Date: 2025-02-05T15:35:00Z  
Rating: moderate  
References:

  * bsc#1236588
  * bsc#1236590

  
Cross-References:

  * CVE-2025-0167
  * CVE-2025-0725

  
CVSS scores:

  * CVE-2025-0167 ( SUSE ):  5.9
    CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-0167 ( SUSE ):  5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
  * CVE-2025-0725 ( SUSE ):  5.3
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-0725 ( SUSE ):  4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2025-0725 ( NVD ):  7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for curl fixes the following issues:

  * CVE-2025-0725: Fixed gzip integer overflow (bsc#1236590)
  * CVE-2025-0167: Fixed netrc and default credential leak (bsc#1236588)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-371=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-371=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * libcurl4-8.0.1-11.105.1
    * curl-debugsource-8.0.1-11.105.1
    * libcurl-devel-8.0.1-11.105.1
    * curl-8.0.1-11.105.1
    * libcurl4-debuginfo-8.0.1-11.105.1
    * curl-debuginfo-8.0.1-11.105.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64)
    * libcurl4-32bit-8.0.1-11.105.1
    * libcurl4-debuginfo-32bit-8.0.1-11.105.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * libcurl4-8.0.1-11.105.1
    * curl-debugsource-8.0.1-11.105.1
    * libcurl-devel-8.0.1-11.105.1
    * libcurl4-debuginfo-32bit-8.0.1-11.105.1
    * curl-8.0.1-11.105.1
    * libcurl4-debuginfo-8.0.1-11.105.1
    * libcurl4-32bit-8.0.1-11.105.1
    * curl-debuginfo-8.0.1-11.105.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-0167.html
  * https://www.suse.com/security/cve/CVE-2025-0725.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236588
  * https://bugzilla.suse.com/show_bug.cgi?id=1236590

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250206/41f7a88c/attachment.htm>

From null at suse.de  Thu Feb  6 16:30:40 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 06 Feb 2025 16:30:40 -0000
Subject: SUSE-SU-2025:0370-1: moderate: Security update for curl
Message-ID: <173885944098.21757.4099815259126048460@smelt2.prg2.suse.org>



# Security update for curl

Announcement ID: SUSE-SU-2025:0370-1  
Release Date: 2025-02-05T15:34:46Z  
Rating: moderate  
References:

  * bsc#1236588
  * bsc#1236590

  
Cross-References:

  * CVE-2025-0167
  * CVE-2025-0725

  
CVSS scores:

  * CVE-2025-0167 ( SUSE ):  5.9
    CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-0167 ( SUSE ):  5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
  * CVE-2025-0725 ( SUSE ):  5.3
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-0725 ( SUSE ):  4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2025-0725 ( NVD ):  7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise Desktop 15 SP4
  * SUSE Linux Enterprise Desktop 15 SP5
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for curl fixes the following issues:

  * CVE-2025-0725: Fixed gzip integer overflow (bsc#1236590)
  * CVE-2025-0167: Fixed netrc and default credential leak (bsc#1236588)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-370=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-370=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-370=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-370=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2025-370=1 SUSE-SLE-Product-
SLES_SAP-15-SP4-2025-370=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2025-370=1 SUSE-SLE-Product-
SLES_SAP-15-SP5-2025-370=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2025-370=1 SUSE-SLE-Product-SUSE-
Manager-Proxy-4.3-2025-370=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2025-370=1 SUSE-SLE-Product-SUSE-
Manager-Retail-Branch-Server-4.3-2025-370=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-370=1 SUSE-
SLE-INSTALLER-15-SP4-2025-370=1

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-370=1

  * SUSE Linux Enterprise High Performance Computing 15 SP4  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2025-370=1

  * SUSE Linux Enterprise Server 15 SP4  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2025-370=1

  * SUSE Linux Enterprise Desktop 15 SP4  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2025-370=1

  * SUSE Linux Enterprise High Performance Computing 15 SP5  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2025-370=1

  * SUSE Linux Enterprise Server 15 SP5  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2025-370=1

  * SUSE Linux Enterprise Desktop 15 SP5  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2025-370=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-370=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-370=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-370=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-370=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-370=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-370=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-370=1

## Package List:

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * curl-debuginfo-8.0.1-150400.5.62.1
    * curl-debugsource-8.0.1-150400.5.62.1
    * libcurl4-8.0.1-150400.5.62.1
    * libcurl-devel-8.0.1-150400.5.62.1
    * libcurl4-debuginfo-8.0.1-150400.5.62.1
    * curl-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64)
    * libcurl4-32bit-debuginfo-8.0.1-150400.5.62.1
    * libcurl4-32bit-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * curl-debuginfo-8.0.1-150400.5.62.1
    * curl-debugsource-8.0.1-150400.5.62.1
    * libcurl4-8.0.1-150400.5.62.1
    * libcurl-devel-8.0.1-150400.5.62.1
    * libcurl4-debuginfo-8.0.1-150400.5.62.1
    * curl-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64)
    * libcurl4-32bit-debuginfo-8.0.1-150400.5.62.1
    * libcurl4-32bit-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * curl-debuginfo-8.0.1-150400.5.62.1
    * curl-debugsource-8.0.1-150400.5.62.1
    * libcurl4-8.0.1-150400.5.62.1
    * libcurl-devel-8.0.1-150400.5.62.1
    * libcurl4-debuginfo-8.0.1-150400.5.62.1
    * curl-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64)
    * libcurl4-32bit-debuginfo-8.0.1-150400.5.62.1
    * libcurl4-32bit-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * curl-debuginfo-8.0.1-150400.5.62.1
    * curl-debugsource-8.0.1-150400.5.62.1
    * libcurl4-8.0.1-150400.5.62.1
    * libcurl-devel-8.0.1-150400.5.62.1
    * libcurl4-debuginfo-8.0.1-150400.5.62.1
    * curl-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64)
    * libcurl4-32bit-debuginfo-8.0.1-150400.5.62.1
    * libcurl4-32bit-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * curl-debuginfo-8.0.1-150400.5.62.1
    * curl-debugsource-8.0.1-150400.5.62.1
    * libcurl4-8.0.1-150400.5.62.1
    * libcurl-devel-8.0.1-150400.5.62.1
    * libcurl4-debuginfo-8.0.1-150400.5.62.1
    * curl-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
    * libcurl4-32bit-debuginfo-8.0.1-150400.5.62.1
    * libcurl4-32bit-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * curl-debuginfo-8.0.1-150400.5.62.1
    * curl-debugsource-8.0.1-150400.5.62.1
    * libcurl4-8.0.1-150400.5.62.1
    * libcurl-devel-8.0.1-150400.5.62.1
    * libcurl4-debuginfo-8.0.1-150400.5.62.1
    * curl-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64)
    * libcurl4-32bit-debuginfo-8.0.1-150400.5.62.1
    * libcurl4-32bit-8.0.1-150400.5.62.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * curl-debuginfo-8.0.1-150400.5.62.1
    * curl-debugsource-8.0.1-150400.5.62.1
    * libcurl4-8.0.1-150400.5.62.1
    * libcurl-devel-8.0.1-150400.5.62.1
    * libcurl4-debuginfo-8.0.1-150400.5.62.1
    * curl-8.0.1-150400.5.62.1
    * libcurl4-32bit-debuginfo-8.0.1-150400.5.62.1
    * libcurl4-32bit-8.0.1-150400.5.62.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * curl-debuginfo-8.0.1-150400.5.62.1
    * curl-debugsource-8.0.1-150400.5.62.1
    * libcurl4-8.0.1-150400.5.62.1
    * libcurl-devel-8.0.1-150400.5.62.1
    * libcurl4-debuginfo-8.0.1-150400.5.62.1
    * curl-8.0.1-150400.5.62.1
    * libcurl4-32bit-debuginfo-8.0.1-150400.5.62.1
    * libcurl4-32bit-8.0.1-150400.5.62.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * curl-debuginfo-8.0.1-150400.5.62.1
    * curl-debugsource-8.0.1-150400.5.62.1
    * libcurl4-8.0.1-150400.5.62.1
    * libcurl-devel-8.0.1-150400.5.62.1
    * libcurl4-debuginfo-8.0.1-150400.5.62.1
    * curl-8.0.1-150400.5.62.1
  * SUSE Manager Server 4.3 (x86_64)
    * libcurl4-32bit-debuginfo-8.0.1-150400.5.62.1
    * libcurl4-32bit-8.0.1-150400.5.62.1
  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * curl-debuginfo-8.0.1-150400.5.62.1
    * curl-debugsource-8.0.1-150400.5.62.1
    * libcurl4-8.0.1-150400.5.62.1
    * libcurl-devel-8.0.1-150400.5.62.1
    * libcurl4-debuginfo-8.0.1-150400.5.62.1
    * curl-8.0.1-150400.5.62.1
  * openSUSE Leap 15.4 (x86_64)
    * libcurl4-32bit-debuginfo-8.0.1-150400.5.62.1
    * libcurl-devel-32bit-8.0.1-150400.5.62.1
    * libcurl4-32bit-8.0.1-150400.5.62.1
  * openSUSE Leap 15.4 (aarch64_ilp32)
    * libcurl4-64bit-debuginfo-8.0.1-150400.5.62.1
    * libcurl-devel-64bit-8.0.1-150400.5.62.1
    * libcurl4-64bit-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise High Performance Computing 15 SP4 (aarch64 x86_64)
    * libcurl4-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise Server 15 SP4 (aarch64 ppc64le s390x x86_64)
    * libcurl4-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise Desktop 15 SP4 (x86_64)
    * libcurl4-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise High Performance Computing 15 SP5 (aarch64 x86_64)
    * libcurl4-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise Server 15 SP5 (aarch64 ppc64le s390x x86_64)
    * libcurl4-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise Desktop 15 SP5 (x86_64)
    * libcurl4-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * curl-debuginfo-8.0.1-150400.5.62.1
    * curl-debugsource-8.0.1-150400.5.62.1
    * libcurl4-8.0.1-150400.5.62.1
    * libcurl4-debuginfo-8.0.1-150400.5.62.1
    * curl-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * curl-debuginfo-8.0.1-150400.5.62.1
    * curl-debugsource-8.0.1-150400.5.62.1
    * libcurl4-8.0.1-150400.5.62.1
    * libcurl4-debuginfo-8.0.1-150400.5.62.1
    * curl-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * curl-debuginfo-8.0.1-150400.5.62.1
    * curl-debugsource-8.0.1-150400.5.62.1
    * libcurl4-8.0.1-150400.5.62.1
    * libcurl4-debuginfo-8.0.1-150400.5.62.1
    * curl-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * curl-debuginfo-8.0.1-150400.5.62.1
    * curl-debugsource-8.0.1-150400.5.62.1
    * libcurl4-8.0.1-150400.5.62.1
    * libcurl4-debuginfo-8.0.1-150400.5.62.1
    * curl-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * curl-debuginfo-8.0.1-150400.5.62.1
    * curl-debugsource-8.0.1-150400.5.62.1
    * libcurl4-8.0.1-150400.5.62.1
    * libcurl4-debuginfo-8.0.1-150400.5.62.1
    * curl-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * curl-debuginfo-8.0.1-150400.5.62.1
    * curl-debugsource-8.0.1-150400.5.62.1
    * libcurl4-8.0.1-150400.5.62.1
    * libcurl-devel-8.0.1-150400.5.62.1
    * libcurl4-debuginfo-8.0.1-150400.5.62.1
    * curl-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
    * libcurl4-32bit-debuginfo-8.0.1-150400.5.62.1
    * libcurl4-32bit-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * curl-debuginfo-8.0.1-150400.5.62.1
    * curl-debugsource-8.0.1-150400.5.62.1
    * libcurl4-8.0.1-150400.5.62.1
    * libcurl-devel-8.0.1-150400.5.62.1
    * libcurl4-debuginfo-8.0.1-150400.5.62.1
    * curl-8.0.1-150400.5.62.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
    * libcurl4-32bit-debuginfo-8.0.1-150400.5.62.1
    * libcurl4-32bit-8.0.1-150400.5.62.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-0167.html
  * https://www.suse.com/security/cve/CVE-2025-0725.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236588
  * https://bugzilla.suse.com/show_bug.cgi?id=1236590

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250206/67f4b7da/attachment.htm>

From null at suse.de  Thu Feb  6 16:30:44 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 06 Feb 2025 16:30:44 -0000
Subject: SUSE-SU-2025:0369-1: moderate: Security update for curl
Message-ID: <173885944422.21757.2096154789590555934@smelt2.prg2.suse.org>



# Security update for curl

Announcement ID: SUSE-SU-2025:0369-1  
Release Date: 2025-02-05T15:32:42Z  
Rating: moderate  
References:

  * bsc#1236588
  * bsc#1236590

  
Cross-References:

  * CVE-2025-0167
  * CVE-2025-0725

  
CVSS scores:

  * CVE-2025-0167 ( SUSE ):  5.9
    CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-0167 ( SUSE ):  5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
  * CVE-2025-0725 ( SUSE ):  5.3
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-0725 ( SUSE ):  4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2025-0725 ( NVD ):  7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for curl fixes the following issues:

  * CVE-2025-0725: Fixed gzip integer overflow (bsc#1236590)
  * CVE-2025-0167: Fixed netrc and default credential leak (bsc#1236588)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-369=1 openSUSE-SLE-15.6-2025-369=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-369=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * curl-debugsource-8.6.0-150600.4.21.1
    * libcurl4-8.6.0-150600.4.21.1
    * curl-debuginfo-8.6.0-150600.4.21.1
    * libcurl-devel-8.6.0-150600.4.21.1
    * curl-8.6.0-150600.4.21.1
    * libcurl4-debuginfo-8.6.0-150600.4.21.1
  * openSUSE Leap 15.6 (x86_64)
    * libcurl-devel-32bit-8.6.0-150600.4.21.1
    * libcurl4-32bit-8.6.0-150600.4.21.1
    * libcurl4-32bit-debuginfo-8.6.0-150600.4.21.1
  * openSUSE Leap 15.6 (aarch64_ilp32)
    * libcurl4-64bit-8.6.0-150600.4.21.1
    * libcurl4-64bit-debuginfo-8.6.0-150600.4.21.1
    * libcurl-devel-64bit-8.6.0-150600.4.21.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * curl-debugsource-8.6.0-150600.4.21.1
    * libcurl4-8.6.0-150600.4.21.1
    * curl-debuginfo-8.6.0-150600.4.21.1
    * libcurl-devel-8.6.0-150600.4.21.1
    * curl-8.6.0-150600.4.21.1
    * libcurl4-debuginfo-8.6.0-150600.4.21.1
  * Basesystem Module 15-SP6 (x86_64)
    * libcurl4-32bit-8.6.0-150600.4.21.1
    * libcurl4-32bit-debuginfo-8.6.0-150600.4.21.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-0167.html
  * https://www.suse.com/security/cve/CVE-2025-0725.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236588
  * https://bugzilla.suse.com/show_bug.cgi?id=1236590

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250206/c9df0878/attachment.htm>

From null at suse.de  Thu Feb  6 16:30:50 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 06 Feb 2025 16:30:50 -0000
Subject: SUSE-SU-2025:0366-1: moderate: Security update for wget
Message-ID: <173885945067.21757.9494673981265689195@smelt2.prg2.suse.org>



# Security update for wget

Announcement ID: SUSE-SU-2025:0366-1  
Release Date: 2025-02-05T10:57:47Z  
Rating: moderate  
References:

  * bsc#1185551
  * bsc#1230795

  
Cross-References:

  * CVE-2021-31879

  
CVSS scores:

  * CVE-2021-31879 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
  * CVE-2021-31879 ( NVD ):  6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

  
Affected Products:

  * SUSE Linux Enterprise Micro 5.5

  
  
An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for wget fixes the following issues:

  * CVE-2021-31879: Authorization header disclosed upon redirects to different
    origins. (bsc#1185551)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-366=1

## Package List:

  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * wget-1.20.3-150000.3.29.1
    * wget-debuginfo-1.20.3-150000.3.29.1
    * wget-debugsource-1.20.3-150000.3.29.1

## References:

  * https://www.suse.com/security/cve/CVE-2021-31879.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1185551
  * https://bugzilla.suse.com/show_bug.cgi?id=1230795

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250206/45c8f0e4/attachment.htm>

From null at suse.de  Thu Feb  6 16:30:45 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 06 Feb 2025 16:30:45 -0000
Subject: SUSE-OU-2025:0368-1: moderate: Optional update for valkey
Message-ID: <173885944589.21757.8816436787802975716@smelt2.prg2.suse.org>



# Optional update for valkey

Announcement ID: SUSE-OU-2025:0368-1  
Release Date: 2025-02-05T15:15:51Z  
Rating: moderate  
References:

  * jsc#PED-11825

  
Affected Products:

  * openSUSE Leap 15.6
  * Server Applications Module 15-SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that contains one feature can now be installed.

## Description:

This update for valkey fixes the following issues:

This update ships valkey in version 8.0.2.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-368=1 openSUSE-SLE-15.6-2025-368=1

  * Server Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-368=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * valkey-debugsource-8.0.2-150600.13.3.1
    * valkey-8.0.2-150600.13.3.1
    * valkey-debuginfo-8.0.2-150600.13.3.1
    * valkey-devel-8.0.2-150600.13.3.1
  * openSUSE Leap 15.6 (noarch)
    * valkey-compat-redis-8.0.2-150600.13.3.1
  * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * valkey-debugsource-8.0.2-150600.13.3.1
    * valkey-8.0.2-150600.13.3.1
    * valkey-debuginfo-8.0.2-150600.13.3.1
    * valkey-devel-8.0.2-150600.13.3.1
  * Server Applications Module 15-SP6 (noarch)
    * valkey-compat-redis-8.0.2-150600.13.3.1

## References:

  * https://jira.suse.com/browse/PED-11825

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250206/a52f2549/attachment.htm>

From null at suse.de  Thu Feb  6 16:30:51 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 06 Feb 2025 16:30:51 -0000
Subject: SUSE-RU-2025:0365-1: moderate: Recommended update for saphana-checks
Message-ID: <173885945192.21757.18233753918899499647@smelt2.prg2.suse.org>



# Recommended update for saphana-checks

Announcement ID: SUSE-RU-2025:0365-1  
Release Date: 2025-02-05T10:34:51Z  
Rating: moderate  
References:

  * jsc#PED-11767

  
Affected Products:

  * openSUSE Leap 15.6
  * SAP Applications Module 15-SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that contains one feature can now be installed.

## Description:

This update for saphana-checks fixes the following issues:

  * Version update 2501+1.g53705f6:
  * new function LIB_FUNC_NORMALIZE_RPMn (supported since bash 4.3)
  * CHECKS
    * shellcheck - run optional tests - fix bracing, case default
    * new CHECK - Azure azcopy version
    * new CHECK - sssd version - BUG socket leaks
    * new CHECK - hana_revision_infra_issues
    * new CHECK - SAPHanaSR-angi
    * new check - for correct hostname setting
    * SLES15.1 - remove from checks
  * OS kernel/Hyperscaler
    * SLES - new 1y old kernel versions, new systemd minimal versions
    * saptune - new version 3.1.4
    * Amazon, IBM - new instances 32TiB, 3.9-6-7.6TiB
    * Amazon - 2 new instances u7i-*
    * IBM Cloud - SLES15.6
    * os_hana_support_intel - Azure, Amazon,GCP - SLES15.6
    * SLES kernels - new minimal versions (<1y)
    * SLES - 1year old kernels
    * SLES - clock_gettime @ IBM Power - hanging HANA callstacks - fix last digit
    * SLES - clock_gettime @ IBM Power - hanging HANA callstacks
    * IBM Power @ IBM Cloud - add information from "2947579 - SAP HANA on IBM Power Virtual Servers"
  * Agents
    * SAP Host Agent 7.22 PL66
    * GCP backint agent deprecated and running out of support soon. - throw an Error and don't check version any longer
    * Amazon backint agent - new version
    * SAPHanaRA-angi - new version
    * SAP Host Agent 7.22 PL65
    * IP port hostagent - product_list - check for valid entries from list
    * GCP Agent - new version
    * AWS backint agent - new version
    * sapconf - new version 15.4+ , simplify versions
    * GPFS - new recommended version (long term support)
  * HANA
    * HANA detection - look also into /usr/sap/sapservices/sapservices
    * HANA client - new version 2.23.26
    * SAP HANA SPS8 released - SLES 15.5/15.6 (#257)
    * HANA matrix - remove out of support OSses (#242)
    * HANA client - new version
  * UNIT TESTS
    * shunit2 - work around teardown erroneously executed twice
    * Unittest for new CHECK hana_revision_infra_issues

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-365=1

  * SAP Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-SAP-Applications-15-SP6-2025-365=1

## Package List:

  * openSUSE Leap 15.6 (noarch)
    * saphana-checks-2501+1.g53705f6-150600.13.6.4
  * SAP Applications Module 15-SP6 (noarch)
    * saphana-checks-2501+1.g53705f6-150600.13.6.4

## References:

  * https://jira.suse.com/browse/PED-11767

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250206/9962614f/attachment.htm>

From null at suse.de  Thu Feb  6 16:30:55 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 06 Feb 2025 16:30:55 -0000
Subject: SUSE-RU-2025:0364-1: moderate: Recommended update for rmt-server
Message-ID: <173885945548.21757.2892517221186152634@smelt2.prg2.suse.org>



# Recommended update for rmt-server

Announcement ID: SUSE-RU-2025:0364-1  
Release Date: 2025-02-05T10:03:06Z  
Rating: moderate  
References:

  * bsc#1230157
  * bsc#1230419
  * bsc#1232808
  * bsc#1234844

  
Affected Products:

  * openSUSE Leap 15.3
  * Public Cloud Module 15-SP3
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Manager Proxy 4.2
  * SUSE Manager Retail Branch Server 4.2
  * SUSE Manager Server 4.2

  
  
An update that has four fixes can now be installed.

## Description:

This update for rmt-server fixes the following issues:

  * Allow users to configure the SUMA product tree base URL to download
    'product_tree.json' from host other than 'scc.suse.com' (bsc#1234844)
  * Update Micro check due to Micro 6.0 and 6.1 identifier (bsc#1230419)
  * Remove obsolete repositories and associations from rmt during SCC sync
    (bsc#1232808)
  * Do not re-download repomd metadata if already exists and be the latest
    version
  * rmt-server-pubcloud:
    * Update Zypper path allowing check to handle paid extensions (i.e. LTSS) (bsc#1230157)
    * Add data export engine

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-364=1

  * Public Cloud Module 15-SP3  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2025-364=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-364=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-364=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-364=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-364=1

## Package List:

  * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64)
    * rmt-server-debuginfo-2.21-150300.3.49.1
    * rmt-server-pubcloud-2.21-150300.3.49.1
    * rmt-server-2.21-150300.3.49.1
    * rmt-server-config-2.21-150300.3.49.1
    * rmt-server-debugsource-2.21-150300.3.49.1
  * Public Cloud Module 15-SP3 (aarch64 ppc64le s390x x86_64)
    * rmt-server-debugsource-2.21-150300.3.49.1
    * rmt-server-debuginfo-2.21-150300.3.49.1
    * rmt-server-pubcloud-2.21-150300.3.49.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * rmt-server-config-2.21-150300.3.49.1
    * rmt-server-debuginfo-2.21-150300.3.49.1
    * rmt-server-2.21-150300.3.49.1
    * rmt-server-debugsource-2.21-150300.3.49.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * rmt-server-config-2.21-150300.3.49.1
    * rmt-server-debuginfo-2.21-150300.3.49.1
    * rmt-server-2.21-150300.3.49.1
    * rmt-server-debugsource-2.21-150300.3.49.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * rmt-server-config-2.21-150300.3.49.1
    * rmt-server-debuginfo-2.21-150300.3.49.1
    * rmt-server-2.21-150300.3.49.1
    * rmt-server-debugsource-2.21-150300.3.49.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * rmt-server-config-2.21-150300.3.49.1
    * rmt-server-debuginfo-2.21-150300.3.49.1
    * rmt-server-2.21-150300.3.49.1
    * rmt-server-debugsource-2.21-150300.3.49.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1230157
  * https://bugzilla.suse.com/show_bug.cgi?id=1230419
  * https://bugzilla.suse.com/show_bug.cgi?id=1232808
  * https://bugzilla.suse.com/show_bug.cgi?id=1234844

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250206/b0fc53b6/attachment.htm>

From null at suse.de  Thu Feb  6 16:31:00 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 06 Feb 2025 16:31:00 -0000
Subject: SUSE-RU-2025:0363-1: moderate: Recommended update for libzypp, zypper
Message-ID: <173885946006.21757.14227154746331865892@smelt2.prg2.suse.org>



# Recommended update for libzypp, zypper

Announcement ID: SUSE-RU-2025:0363-1  
Release Date: 2025-02-05T10:01:56Z  
Rating: moderate  
References:

  * bsc#1216091
  * bsc#1229106
  * bsc#1232458
  * bsc#1234752
  * bsc#1235636

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that has five fixes can now be installed.

## Description:

This update for libzypp, zypper fixes the following issues:

  * Create '.keep_packages' in the package cache dir to enforce keeping
    downloaded packages of all repos cached there (bsc#1232458)
  * Fix missing UID checks in repomanager workflow
  * Move cmake config files to LIB_INSTALL_DIR/cmake/Zypp
  * Fix 'zypper ps' when running in incus container. Should apply to lxc and lxd
    containers as well. (bsc#1229106)
  * Re-enable 'rpm --runposttrans' usage for chrooted systems (bsc#1216091)
  * lr: show the repositories keep-packages flag (bsc#1232458) It is shown in
    the details view or by using -k,--keep-packages. In addition libyzpp
    supports to enforce keeping downloaded packages of all repos within a
    package cache by creating a '.keep_packages' file there.
  * Try to refresh update repos first to have updated GPG keys on the fly
    (bsc#1234752) An update repo may contain a prolonged GPG key for the GA
    repo. Refreshing the update repo first updates a trusted key on the fly and
    avoids a 'key has expired' warning being issued when refreshing the GA repo.
  * Refresh: Restore legacy behavior and suppress Exception reporting as non-
    root (bsc#1235636)

## Special Instructions and Notes:

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-363=1 openSUSE-SLE-15.6-2025-363=1

  * SUSE Linux Enterprise High Performance Computing 15 SP6  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP6-2025-363=1

  * SUSE Linux Enterprise Server 15 SP6  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP6-2025-363=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP6  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP6-2025-363=1

  * SUSE Linux Enterprise Desktop 15 SP6  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP6-2025-363=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-363=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * libzypp-debugsource-17.35.19-150600.3.44.1
    * zypper-1.14.81-150600.10.22.1
    * libzypp-debuginfo-17.35.19-150600.3.44.1
    * libzypp-17.35.19-150600.3.44.1
    * libzypp-devel-17.35.19-150600.3.44.1
    * zypper-debugsource-1.14.81-150600.10.22.1
    * libzypp-devel-doc-17.35.19-150600.3.44.1
    * zypper-debuginfo-1.14.81-150600.10.22.1
  * openSUSE Leap 15.6 (noarch)
    * zypper-needs-restarting-1.14.81-150600.10.22.1
    * zypper-aptitude-1.14.81-150600.10.22.1
    * zypper-log-1.14.81-150600.10.22.1
  * SUSE Linux Enterprise High Performance Computing 15 SP6 (aarch64 x86_64)
    * libzypp-17.35.19-150600.3.44.1
  * SUSE Linux Enterprise Server 15 SP6 (aarch64 ppc64le s390x x86_64)
    * libzypp-17.35.19-150600.3.44.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64)
    * libzypp-17.35.19-150600.3.44.1
  * SUSE Linux Enterprise Desktop 15 SP6 (x86_64)
    * libzypp-17.35.19-150600.3.44.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * libzypp-debugsource-17.35.19-150600.3.44.1
    * zypper-1.14.81-150600.10.22.1
    * libzypp-debuginfo-17.35.19-150600.3.44.1
    * libzypp-17.35.19-150600.3.44.1
    * libzypp-devel-17.35.19-150600.3.44.1
    * zypper-debugsource-1.14.81-150600.10.22.1
    * zypper-debuginfo-1.14.81-150600.10.22.1
  * Basesystem Module 15-SP6 (noarch)
    * zypper-needs-restarting-1.14.81-150600.10.22.1
    * zypper-log-1.14.81-150600.10.22.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1216091
  * https://bugzilla.suse.com/show_bug.cgi?id=1229106
  * https://bugzilla.suse.com/show_bug.cgi?id=1232458
  * https://bugzilla.suse.com/show_bug.cgi?id=1234752
  * https://bugzilla.suse.com/show_bug.cgi?id=1235636

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250206/8c73ba2d/attachment.htm>

From null at suse.de  Thu Feb  6 16:31:04 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 06 Feb 2025 16:31:04 -0000
Subject: SUSE-RU-2025:0362-1: moderate: Recommended update for libzypp, zypper
Message-ID: <173885946425.21757.8954501239319856757@smelt2.prg2.suse.org>



# Recommended update for libzypp, zypper

Announcement ID: SUSE-RU-2025:0362-1  
Release Date: 2025-02-05T10:01:33Z  
Rating: moderate  
References:

  * bsc#1216091
  * bsc#1229106
  * bsc#1232458
  * bsc#1234752
  * bsc#1235636

  
Affected Products:

  * openSUSE Leap 15.5
  * SUSE Linux Enterprise Desktop 15 SP5
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5

  
  
An update that has five fixes can now be installed.

## Description:

This update for libzypp, zypper fixes the following issues:

  * Create '.keep_packages' in the package cache dir to enforce keeping
    downloaded packages of all repos cached there (bsc#1232458)
  * Fix missing UID checks in repomanager workflow
  * Move cmake config files to LIB_INSTALL_DIR/cmake/Zypp
  * Fix 'zypper ps' when running in incus container. Should apply to lxc and lxd
    containers as well. (bsc#1229106)
  * Re-enable 'rpm --runposttrans' usage for chrooted systems (bsc#1216091)
  * lr: show the repositories keep-packages flag (bsc#1232458) It is shown in
    the details view or by using -k,--keep-packages. In addition libyzpp
    supports to enforce keeping downloaded packages of all repos within a
    package cache by creating a '.keep_packages' file there.
  * Try to refresh update repos first to have updated GPG keys on the fly
    (bsc#1234752) An update repo may contain a prolonged GPG key for the GA
    repo. Refreshing the update repo first updates a trusted key on the fly and
    avoids a 'key has expired' warning being issued when refreshing the GA repo.
  * Refresh: Restore legacy behavior and suppress Exception reporting as non-
    root (bsc#1235636)

## Special Instructions and Notes:

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-362=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-362=1 SUSE-SLE-
INSTALLER-15-SP5-2025-362=1

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-362=1

  * SUSE Linux Enterprise High Performance Computing 15 SP5  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2025-362=1

  * SUSE Linux Enterprise Server 15 SP5  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2025-362=1

  * SUSE Linux Enterprise Desktop 15 SP5  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2025-362=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-362=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-362=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-362=1

## Package List:

  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * zypper-debuginfo-1.14.81-150500.6.20.1
    * zypper-1.14.81-150500.6.20.1
    * zypper-debugsource-1.14.81-150500.6.20.1
    * libzypp-debuginfo-17.35.19-150500.6.36.1
    * libzypp-devel-17.35.19-150500.6.36.1
    * libzypp-debugsource-17.35.19-150500.6.36.1
    * libzypp-17.35.19-150500.6.36.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * zypper-log-1.14.81-150500.6.20.1
    * zypper-needs-restarting-1.14.81-150500.6.20.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * zypper-debuginfo-1.14.81-150500.6.20.1
    * zypper-1.14.81-150500.6.20.1
    * zypper-debugsource-1.14.81-150500.6.20.1
    * libzypp-debuginfo-17.35.19-150500.6.36.1
    * libzypp-devel-17.35.19-150500.6.36.1
    * libzypp-debugsource-17.35.19-150500.6.36.1
    * libzypp-17.35.19-150500.6.36.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * zypper-log-1.14.81-150500.6.20.1
    * zypper-needs-restarting-1.14.81-150500.6.20.1
  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
    * zypper-debuginfo-1.14.81-150500.6.20.1
    * zypper-1.14.81-150500.6.20.1
    * zypper-debugsource-1.14.81-150500.6.20.1
    * libzypp-devel-doc-17.35.19-150500.6.36.1
    * libzypp-debuginfo-17.35.19-150500.6.36.1
    * libzypp-devel-17.35.19-150500.6.36.1
    * libzypp-debugsource-17.35.19-150500.6.36.1
    * libzypp-17.35.19-150500.6.36.1
  * openSUSE Leap 15.5 (noarch)
    * zypper-log-1.14.81-150500.6.20.1
    * zypper-needs-restarting-1.14.81-150500.6.20.1
    * zypper-aptitude-1.14.81-150500.6.20.1
  * SUSE Linux Enterprise High Performance Computing 15 SP5 (aarch64 x86_64)
    * libzypp-17.35.19-150500.6.36.1
  * SUSE Linux Enterprise Server 15 SP5 (aarch64 ppc64le s390x x86_64)
    * libzypp-17.35.19-150500.6.36.1
  * SUSE Linux Enterprise Desktop 15 SP5 (x86_64)
    * libzypp-17.35.19-150500.6.36.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * zypper-debuginfo-1.14.81-150500.6.20.1
    * zypper-1.14.81-150500.6.20.1
    * zypper-debugsource-1.14.81-150500.6.20.1
    * libzypp-debuginfo-17.35.19-150500.6.36.1
    * libzypp-debugsource-17.35.19-150500.6.36.1
    * libzypp-17.35.19-150500.6.36.1
  * SUSE Linux Enterprise Micro 5.5 (noarch)
    * zypper-needs-restarting-1.14.81-150500.6.20.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * zypper-debuginfo-1.14.81-150500.6.20.1
    * zypper-1.14.81-150500.6.20.1
    * zypper-debugsource-1.14.81-150500.6.20.1
    * libzypp-debuginfo-17.35.19-150500.6.36.1
    * libzypp-devel-17.35.19-150500.6.36.1
    * libzypp-debugsource-17.35.19-150500.6.36.1
    * libzypp-17.35.19-150500.6.36.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * zypper-log-1.14.81-150500.6.20.1
    * zypper-needs-restarting-1.14.81-150500.6.20.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * zypper-debuginfo-1.14.81-150500.6.20.1
    * zypper-1.14.81-150500.6.20.1
    * zypper-debugsource-1.14.81-150500.6.20.1
    * libzypp-debuginfo-17.35.19-150500.6.36.1
    * libzypp-devel-17.35.19-150500.6.36.1
    * libzypp-debugsource-17.35.19-150500.6.36.1
    * libzypp-17.35.19-150500.6.36.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * zypper-log-1.14.81-150500.6.20.1
    * zypper-needs-restarting-1.14.81-150500.6.20.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1216091
  * https://bugzilla.suse.com/show_bug.cgi?id=1229106
  * https://bugzilla.suse.com/show_bug.cgi?id=1232458
  * https://bugzilla.suse.com/show_bug.cgi?id=1234752
  * https://bugzilla.suse.com/show_bug.cgi?id=1235636

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250206/7d4cb860/attachment.htm>

From null at suse.de  Thu Feb  6 16:31:09 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 06 Feb 2025 16:31:09 -0000
Subject: SUSE-RU-2025:0361-1: moderate: Recommended update for libzypp, zypper
Message-ID: <173885946923.21757.14175388445450821308@smelt2.prg2.suse.org>



# Recommended update for libzypp, zypper

Announcement ID: SUSE-RU-2025:0361-1  
Release Date: 2025-02-05T10:01:01Z  
Rating: moderate  
References:

  * bsc#1216091
  * bsc#1229106
  * bsc#1232458
  * bsc#1234752
  * bsc#1235636

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise Desktop 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that has five fixes can now be installed.

## Description:

This update for libzypp, zypper fixes the following issues:

  * Create '.keep_packages' in the package cache dir to enforce keeping
    downloaded packages of all repos cached there (bsc#1232458)
  * Fix missing UID checks in repomanager workflow
  * Move cmake config files to LIB_INSTALL_DIR/cmake/Zypp
  * Fix 'zypper ps' when running in incus container (bsc#1229106) Should apply
    to lxc and lxd containers as well
  * Re-enable 'rpm --runposttrans' usage for chrooted systems (bsc#1216091)
  * lr: Show the repositories keep-packages flag (bsc#1232458) It is shown in
    the details view or by using -k,--keep-packages. In addition libyzpp
    supports to enforce keeping downloaded packages of all repos within a
    package cache by creating a '.keep_packages' file there
  * Try to refresh update repos first to have updated GPG keys on the fly
    (bsc#1234752) An update repo may contain a prolonged GPG key for the GA
    repo. Refreshing the update repo first updates a trusted key on the fly and
    avoids a 'key has expired' warning being issued when refreshing the GA repo
  * Refresh: restore legacy behavior and suppress Exception reporting as non-
    root (bsc#1235636)

## Special Instructions and Notes:

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-361=1

  * SUSE Linux Enterprise High Performance Computing 15 SP4  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2025-361=1

  * SUSE Linux Enterprise Server 15 SP4  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2025-361=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2025-361=1 SUSE-SLE-Product-SUSE-
Manager-Server-4.3-2025-361=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2025-361=1 SUSE-SLE-Product-
SLES_SAP-15-SP4-2025-361=1

  * SUSE Linux Enterprise Desktop 15 SP4  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2025-361=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2025-361=1 SUSE-SLE-Product-SUSE-
Manager-Retail-Branch-Server-4.3-2025-361=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-361=1 SUSE-SLE-
INSTALLER-15-SP4-2025-361=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-361=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-361=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-361=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-361=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-361=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-361=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-361=1

## Package List:

  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * libzypp-devel-17.35.19-150400.3.110.1
    * zypper-1.14.81-150400.3.73.1
    * zypper-debugsource-1.14.81-150400.3.73.1
    * libzypp-17.35.19-150400.3.110.1
    * zypper-debuginfo-1.14.81-150400.3.73.1
    * libzypp-debuginfo-17.35.19-150400.3.110.1
    * libzypp-devel-doc-17.35.19-150400.3.110.1
    * libzypp-debugsource-17.35.19-150400.3.110.1
  * openSUSE Leap 15.4 (noarch)
    * zypper-needs-restarting-1.14.81-150400.3.73.1
    * zypper-log-1.14.81-150400.3.73.1
    * zypper-aptitude-1.14.81-150400.3.73.1
  * SUSE Linux Enterprise High Performance Computing 15 SP4 (aarch64 x86_64)
    * libzypp-17.35.19-150400.3.110.1
  * SUSE Linux Enterprise Server 15 SP4 (aarch64 ppc64le s390x x86_64)
    * libzypp-17.35.19-150400.3.110.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * libzypp-devel-17.35.19-150400.3.110.1
    * zypper-1.14.81-150400.3.73.1
    * zypper-debugsource-1.14.81-150400.3.73.1
    * libzypp-17.35.19-150400.3.110.1
    * zypper-debuginfo-1.14.81-150400.3.73.1
    * libzypp-debuginfo-17.35.19-150400.3.110.1
    * libzypp-debugsource-17.35.19-150400.3.110.1
  * SUSE Manager Server 4.3 (noarch)
    * zypper-needs-restarting-1.14.81-150400.3.73.1
    * zypper-log-1.14.81-150400.3.73.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * libzypp-devel-17.35.19-150400.3.110.1
    * zypper-1.14.81-150400.3.73.1
    * zypper-debugsource-1.14.81-150400.3.73.1
    * libzypp-17.35.19-150400.3.110.1
    * zypper-debuginfo-1.14.81-150400.3.73.1
    * libzypp-debuginfo-17.35.19-150400.3.110.1
    * libzypp-debugsource-17.35.19-150400.3.110.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * zypper-needs-restarting-1.14.81-150400.3.73.1
    * zypper-log-1.14.81-150400.3.73.1
  * SUSE Linux Enterprise Desktop 15 SP4 (x86_64)
    * libzypp-17.35.19-150400.3.110.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * libzypp-devel-17.35.19-150400.3.110.1
    * zypper-1.14.81-150400.3.73.1
    * zypper-debugsource-1.14.81-150400.3.73.1
    * libzypp-17.35.19-150400.3.110.1
    * zypper-debuginfo-1.14.81-150400.3.73.1
    * libzypp-debuginfo-17.35.19-150400.3.110.1
    * libzypp-debugsource-17.35.19-150400.3.110.1
  * SUSE Manager Retail Branch Server 4.3 (noarch)
    * zypper-needs-restarting-1.14.81-150400.3.73.1
    * zypper-log-1.14.81-150400.3.73.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * libzypp-devel-17.35.19-150400.3.110.1
    * zypper-1.14.81-150400.3.73.1
    * zypper-debugsource-1.14.81-150400.3.73.1
    * libzypp-17.35.19-150400.3.110.1
    * zypper-debuginfo-1.14.81-150400.3.73.1
    * libzypp-debuginfo-17.35.19-150400.3.110.1
    * libzypp-debugsource-17.35.19-150400.3.110.1
  * SUSE Manager Proxy 4.3 (noarch)
    * zypper-needs-restarting-1.14.81-150400.3.73.1
    * zypper-log-1.14.81-150400.3.73.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * zypper-1.14.81-150400.3.73.1
    * zypper-debugsource-1.14.81-150400.3.73.1
    * libzypp-17.35.19-150400.3.110.1
    * zypper-debuginfo-1.14.81-150400.3.73.1
    * libzypp-debuginfo-17.35.19-150400.3.110.1
    * libzypp-debugsource-17.35.19-150400.3.110.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch)
    * zypper-needs-restarting-1.14.81-150400.3.73.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * zypper-1.14.81-150400.3.73.1
    * zypper-debugsource-1.14.81-150400.3.73.1
    * libzypp-17.35.19-150400.3.110.1
    * zypper-debuginfo-1.14.81-150400.3.73.1
    * libzypp-debuginfo-17.35.19-150400.3.110.1
    * libzypp-debugsource-17.35.19-150400.3.110.1
  * SUSE Linux Enterprise Micro 5.3 (noarch)
    * zypper-needs-restarting-1.14.81-150400.3.73.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * zypper-1.14.81-150400.3.73.1
    * zypper-debugsource-1.14.81-150400.3.73.1
    * libzypp-17.35.19-150400.3.110.1
    * zypper-debuginfo-1.14.81-150400.3.73.1
    * libzypp-debuginfo-17.35.19-150400.3.110.1
    * libzypp-debugsource-17.35.19-150400.3.110.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch)
    * zypper-needs-restarting-1.14.81-150400.3.73.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * zypper-1.14.81-150400.3.73.1
    * zypper-debugsource-1.14.81-150400.3.73.1
    * libzypp-17.35.19-150400.3.110.1
    * zypper-debuginfo-1.14.81-150400.3.73.1
    * libzypp-debuginfo-17.35.19-150400.3.110.1
    * libzypp-debugsource-17.35.19-150400.3.110.1
  * SUSE Linux Enterprise Micro 5.4 (noarch)
    * zypper-needs-restarting-1.14.81-150400.3.73.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * libzypp-devel-17.35.19-150400.3.110.1
    * zypper-1.14.81-150400.3.73.1
    * zypper-debugsource-1.14.81-150400.3.73.1
    * libzypp-17.35.19-150400.3.110.1
    * zypper-debuginfo-1.14.81-150400.3.73.1
    * libzypp-debuginfo-17.35.19-150400.3.110.1
    * libzypp-debugsource-17.35.19-150400.3.110.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * zypper-needs-restarting-1.14.81-150400.3.73.1
    * zypper-log-1.14.81-150400.3.73.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * libzypp-devel-17.35.19-150400.3.110.1
    * zypper-1.14.81-150400.3.73.1
    * zypper-debugsource-1.14.81-150400.3.73.1
    * libzypp-17.35.19-150400.3.110.1
    * zypper-debuginfo-1.14.81-150400.3.73.1
    * libzypp-debuginfo-17.35.19-150400.3.110.1
    * libzypp-debugsource-17.35.19-150400.3.110.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * zypper-needs-restarting-1.14.81-150400.3.73.1
    * zypper-log-1.14.81-150400.3.73.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * libzypp-devel-17.35.19-150400.3.110.1
    * zypper-1.14.81-150400.3.73.1
    * zypper-debugsource-1.14.81-150400.3.73.1
    * libzypp-17.35.19-150400.3.110.1
    * zypper-debuginfo-1.14.81-150400.3.73.1
    * libzypp-debuginfo-17.35.19-150400.3.110.1
    * libzypp-debugsource-17.35.19-150400.3.110.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * zypper-needs-restarting-1.14.81-150400.3.73.1
    * zypper-log-1.14.81-150400.3.73.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1216091
  * https://bugzilla.suse.com/show_bug.cgi?id=1229106
  * https://bugzilla.suse.com/show_bug.cgi?id=1232458
  * https://bugzilla.suse.com/show_bug.cgi?id=1234752
  * https://bugzilla.suse.com/show_bug.cgi?id=1235636

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250206/dcab0f70/attachment.htm>

From null at suse.de  Thu Feb  6 16:31:11 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 06 Feb 2025 16:31:11 -0000
Subject: SUSE-SU-2025:0359-1: important: Security update for bind
Message-ID: <173885947123.21757.17503187058065334491@smelt2.prg2.suse.org>



# Security update for bind

Announcement ID: SUSE-SU-2025:0359-1  
Release Date: 2025-02-05T09:09:07Z  
Rating: important  
References:

  * bsc#1236596

  
Cross-References:

  * CVE-2024-11187

  
CVSS scores:

  * CVE-2024-11187 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-11187 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-11187 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * openSUSE Leap 15.5
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for bind fixes the following issues:

  * CVE-2024-11187: Fixes CPU exhaustion caused by many records in the
    additional section (bsc#1236596)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-359=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-359=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-359=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-359=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-359=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-359=1

## Package List:

  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
    * bind-9.16.50-150500.8.24.1
    * bind-utils-debuginfo-9.16.50-150500.8.24.1
    * bind-debugsource-9.16.50-150500.8.24.1
    * bind-utils-9.16.50-150500.8.24.1
    * bind-debuginfo-9.16.50-150500.8.24.1
  * openSUSE Leap 15.5 (noarch)
    * python3-bind-9.16.50-150500.8.24.1
    * bind-doc-9.16.50-150500.8.24.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * bind-utils-debuginfo-9.16.50-150500.8.24.1
    * bind-utils-9.16.50-150500.8.24.1
  * SUSE Linux Enterprise Micro 5.5 (noarch)
    * python3-bind-9.16.50-150500.8.24.1
  * SUSE Linux Enterprise Micro 5.5 (x86_64)
    * bind-debuginfo-9.16.50-150500.8.24.1
    * bind-debugsource-9.16.50-150500.8.24.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * bind-9.16.50-150500.8.24.1
    * bind-utils-debuginfo-9.16.50-150500.8.24.1
    * bind-debugsource-9.16.50-150500.8.24.1
    * bind-utils-9.16.50-150500.8.24.1
    * bind-debuginfo-9.16.50-150500.8.24.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * python3-bind-9.16.50-150500.8.24.1
    * bind-doc-9.16.50-150500.8.24.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * bind-9.16.50-150500.8.24.1
    * bind-utils-debuginfo-9.16.50-150500.8.24.1
    * bind-debugsource-9.16.50-150500.8.24.1
    * bind-utils-9.16.50-150500.8.24.1
    * bind-debuginfo-9.16.50-150500.8.24.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * python3-bind-9.16.50-150500.8.24.1
    * bind-doc-9.16.50-150500.8.24.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * bind-9.16.50-150500.8.24.1
    * bind-utils-debuginfo-9.16.50-150500.8.24.1
    * bind-debugsource-9.16.50-150500.8.24.1
    * bind-utils-9.16.50-150500.8.24.1
    * bind-debuginfo-9.16.50-150500.8.24.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * python3-bind-9.16.50-150500.8.24.1
    * bind-doc-9.16.50-150500.8.24.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * bind-9.16.50-150500.8.24.1
    * bind-utils-debuginfo-9.16.50-150500.8.24.1
    * bind-debugsource-9.16.50-150500.8.24.1
    * bind-utils-9.16.50-150500.8.24.1
    * bind-debuginfo-9.16.50-150500.8.24.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * python3-bind-9.16.50-150500.8.24.1
    * bind-doc-9.16.50-150500.8.24.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-11187.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236596

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250206/2c7bad53/attachment.htm>

From null at suse.de  Thu Feb  6 16:31:13 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 06 Feb 2025 16:31:13 -0000
Subject: SUSE-RU-2025:0358-1: moderate: Recommended update for permissions
Message-ID: <173885947360.21757.12255011588152932643@smelt2.prg2.suse.org>



# Recommended update for permissions

Announcement ID: SUSE-RU-2025:0358-1  
Release Date: 2025-02-05T09:06:26Z  
Rating: moderate  
References:

  * bsc#1235873

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that has one fix can now be installed.

## Description:

This update for permissions fixes the following issues:

  * Version update 20240826:
  * permissions: remove legacy and nonsensical entries.
  * permissions: remove traceroute entry.
  * permissions: remove outdated sudo directories.
  * permissions: remove legacy RPM directory entries.
  * permissions: remove some static /var/spool/* dirs.
  * permissions: remove unnecessary static dirs and devices (bsc#1235873).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-358=1 SUSE-2025-358=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-358=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * permissions-20240826-150600.10.15.2
    * permissions-debugsource-20240826-150600.10.15.2
    * permissions-debuginfo-20240826-150600.10.15.2
  * openSUSE Leap 15.6 (noarch)
    * permissions-zypp-plugin-20240826-150600.10.15.2
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * permissions-20240826-150600.10.15.2
    * permissions-debugsource-20240826-150600.10.15.2
    * permissions-debuginfo-20240826-150600.10.15.2
  * Basesystem Module 15-SP6 (noarch)
    * permissions-zypp-plugin-20240826-150600.10.15.2

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1235873

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250206/30d6f756/attachment.htm>

From null at suse.de  Thu Feb  6 16:31:16 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 06 Feb 2025 16:31:16 -0000
Subject: SUSE-SU-2025:0357-1: moderate: Security update for etcd
Message-ID: <173885947602.21757.775037613306263717@smelt2.prg2.suse.org>



# Security update for etcd

Announcement ID: SUSE-SU-2025:0357-1  
Release Date: 2025-02-04T14:22:02Z  
Rating: moderate  
References:

  * bsc#1095184
  * bsc#1183703

  
Affected Products:

  * openSUSE Leap 15.6

  
  
An update that has two security fixes can now be installed.

## Description:

This update for etcd fixes the following issues: Security Update to version
3.5.18:

  * Ensure all goroutines created by StartEtcd to exit before closing the errc
  * mvcc: restore tombstone index if it's first revision
  * Bump go toolchain to 1.22.11
  * Avoid deadlock in etcd.Close when stopping during bootstrapping
  * etcdutl/etcdutl: use datadir package to build wal/snapdir
  * Remove duplicated <-s.ReadyNotify()
  * Do not wait for ready notify if the server is stopping
  * Fix mixVersion test case: ensure a snapshot to be sent out
  * *: support custom content check offline in v2store
  * Print warning message for deprecated flags if set
  * fix runtime error: comparing uncomparable type
  * add tls min/max version to grpc proxy

  * Fixing a configuration data loss bug: Fillup really really wants that the
    template and the target file actually follow the sysconfig format. The
    current config and the current template do not fulfill this requirement.
    Move the current /etc/sysconfig/etcd to /etc/default/etcd and install a new
    sysconfig file which only adds the ETCD_OPTIONS option, which is actually
    used by the unit file. This also makes it a bit cleaner to move etcd to use
    \--config-file in the long run.

  * Update etcd configuration file based on https://github.com/etcd-
    io/etcd/blob/v3.5.17/etcd.conf.yml.sample

Update to version 3.5.17:

  * fix(defrag): close temp file in case of error
  * Bump go toolchain to 1.22.9
  * fix(defrag): handle defragdb failure
  * fix(defrag): handle no space left error
  * [3.5] Fix risk of a partial write txn being applied
  * [serverWatchStream] terminate recvLoop on sws.close()

Update to version 3.5.16:

  * Bump go toolchain to 1.22.7
  * Introduce compaction sleep interval flag
  * Fix passing default grpc call options in Kubernetes client
  * Skip leadership check if the etcd instance is active processing heartbeats
  * Introduce Kubernetes KV interface to etcd client

Update to version 3.5.15:

  * Differentiate the warning message for rejected client and peer
  * connections
  * Suppress noisy basic auth token deletion log
  * Support multiple values for allowed client and peer TLS identities(#18015)
  * print error log when validation on conf change failed

Update to version 3.5.14:

  * etcdutl: Fix snapshot restore memory alloc issue
  * server: Implement WithMmapSize option for backend config
  * gRPC health server sets serving status to NOT_SERVING on defrag
  * server/mvcc: introduce compactBeforeSetFinishedCompact failpoint
  * Update the compaction log when bootstrap and update compact's signature
  * add experimental-snapshot-catchup-entries flag.
  * Fix retry requests when receiving ErrGPRCNotSupportedForLearner

Update to version 3.5.13:

  * Fix progress notification for watch that doesn't get any events
  * pkg/types: Support Unix sockets in NewURLS
  * added arguments to the grpc-proxy: dial-keepalive-time, dial-keepalive-
    timeout, permit-without-stream
  * server: fix comment to match function name
  * Make CGO_ENABLED configurable for etcd 3.5
  * etcdserver: drain leaky goroutines before test completed

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-357=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * etcdctl-3.5.18-150000.7.9.1
    * etcd-3.5.18-150000.7.9.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1095184
  * https://bugzilla.suse.com/show_bug.cgi?id=1183703

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250206/0e5c1cdb/attachment.htm>

From null at suse.de  Thu Feb  6 16:31:18 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 06 Feb 2025 16:31:18 -0000
Subject: SUSE-SU-2025:0356-1: moderate: Security update for openssl-1_1
Message-ID: <173885947897.21757.13300311936659510919@smelt2.prg2.suse.org>



# Security update for openssl-1_1

Announcement ID: SUSE-SU-2025:0356-1  
Release Date: 2025-02-04T13:33:49Z  
Rating: moderate  
References:

  * bsc#1226463
  * bsc#1236136

  
Cross-References:

  * CVE-2024-13176

  
CVSS scores:

  * CVE-2024-13176 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-13176 ( SUSE ):  5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-13176 ( NVD ):  4.1 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

  
Affected Products:

  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.2
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3

  
  
An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for openssl-1_1 fixes the following issues:

  * CVE-2024-13176: Fixed timing side-channel in the ECDSA signature computation
    (bsc#1236136)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-356=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-356=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-356=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-356=1

  * SUSE Linux Enterprise Micro 5.1  
    zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-356=1

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-356=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-356=1

## Package List:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * libopenssl1_1-debuginfo-1.1.1d-150200.11.100.1
    * libopenssl-1_1-devel-1.1.1d-150200.11.100.1
    * libopenssl1_1-1.1.1d-150200.11.100.1
    * openssl-1_1-1.1.1d-150200.11.100.1
    * libopenssl1_1-hmac-1.1.1d-150200.11.100.1
    * openssl-1_1-debugsource-1.1.1d-150200.11.100.1
    * openssl-1_1-debuginfo-1.1.1d-150200.11.100.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * openssl-1_1-doc-1.1.1d-150200.11.100.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64)
    * libopenssl1_1-32bit-1.1.1d-150200.11.100.1
    * libopenssl-1_1-devel-32bit-1.1.1d-150200.11.100.1
    * libopenssl1_1-32bit-debuginfo-1.1.1d-150200.11.100.1
    * libopenssl1_1-hmac-32bit-1.1.1d-150200.11.100.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * libopenssl1_1-debuginfo-1.1.1d-150200.11.100.1
    * libopenssl-1_1-devel-1.1.1d-150200.11.100.1
    * libopenssl1_1-1.1.1d-150200.11.100.1
    * openssl-1_1-1.1.1d-150200.11.100.1
    * libopenssl1_1-hmac-1.1.1d-150200.11.100.1
    * openssl-1_1-debugsource-1.1.1d-150200.11.100.1
    * openssl-1_1-debuginfo-1.1.1d-150200.11.100.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * openssl-1_1-doc-1.1.1d-150200.11.100.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (x86_64)
    * libopenssl1_1-32bit-1.1.1d-150200.11.100.1
    * libopenssl-1_1-devel-32bit-1.1.1d-150200.11.100.1
    * libopenssl1_1-32bit-debuginfo-1.1.1d-150200.11.100.1
    * libopenssl1_1-hmac-32bit-1.1.1d-150200.11.100.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * libopenssl1_1-debuginfo-1.1.1d-150200.11.100.1
    * libopenssl-1_1-devel-1.1.1d-150200.11.100.1
    * libopenssl1_1-1.1.1d-150200.11.100.1
    * openssl-1_1-1.1.1d-150200.11.100.1
    * libopenssl1_1-hmac-1.1.1d-150200.11.100.1
    * openssl-1_1-debugsource-1.1.1d-150200.11.100.1
    * openssl-1_1-debuginfo-1.1.1d-150200.11.100.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * openssl-1_1-doc-1.1.1d-150200.11.100.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64)
    * libopenssl1_1-32bit-1.1.1d-150200.11.100.1
    * libopenssl-1_1-devel-32bit-1.1.1d-150200.11.100.1
    * libopenssl1_1-32bit-debuginfo-1.1.1d-150200.11.100.1
    * libopenssl1_1-hmac-32bit-1.1.1d-150200.11.100.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * libopenssl1_1-debuginfo-1.1.1d-150200.11.100.1
    * libopenssl-1_1-devel-1.1.1d-150200.11.100.1
    * libopenssl1_1-1.1.1d-150200.11.100.1
    * openssl-1_1-1.1.1d-150200.11.100.1
    * libopenssl1_1-hmac-1.1.1d-150200.11.100.1
    * openssl-1_1-debugsource-1.1.1d-150200.11.100.1
    * openssl-1_1-debuginfo-1.1.1d-150200.11.100.1
  * SUSE Enterprise Storage 7.1 (noarch)
    * openssl-1_1-doc-1.1.1d-150200.11.100.1
  * SUSE Enterprise Storage 7.1 (x86_64)
    * libopenssl1_1-32bit-1.1.1d-150200.11.100.1
    * libopenssl-1_1-devel-32bit-1.1.1d-150200.11.100.1
    * libopenssl1_1-32bit-debuginfo-1.1.1d-150200.11.100.1
    * libopenssl1_1-hmac-32bit-1.1.1d-150200.11.100.1
  * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
    * libopenssl1_1-debuginfo-1.1.1d-150200.11.100.1
    * libopenssl-1_1-devel-1.1.1d-150200.11.100.1
    * libopenssl1_1-1.1.1d-150200.11.100.1
    * openssl-1_1-1.1.1d-150200.11.100.1
    * libopenssl1_1-hmac-1.1.1d-150200.11.100.1
    * openssl-1_1-debugsource-1.1.1d-150200.11.100.1
    * openssl-1_1-debuginfo-1.1.1d-150200.11.100.1
  * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
    * libopenssl1_1-debuginfo-1.1.1d-150200.11.100.1
    * libopenssl-1_1-devel-1.1.1d-150200.11.100.1
    * libopenssl1_1-1.1.1d-150200.11.100.1
    * openssl-1_1-1.1.1d-150200.11.100.1
    * libopenssl1_1-hmac-1.1.1d-150200.11.100.1
    * openssl-1_1-debugsource-1.1.1d-150200.11.100.1
    * openssl-1_1-debuginfo-1.1.1d-150200.11.100.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
    * libopenssl1_1-debuginfo-1.1.1d-150200.11.100.1
    * libopenssl-1_1-devel-1.1.1d-150200.11.100.1
    * libopenssl1_1-1.1.1d-150200.11.100.1
    * openssl-1_1-1.1.1d-150200.11.100.1
    * libopenssl1_1-hmac-1.1.1d-150200.11.100.1
    * openssl-1_1-debugsource-1.1.1d-150200.11.100.1
    * openssl-1_1-debuginfo-1.1.1d-150200.11.100.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-13176.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1226463
  * https://bugzilla.suse.com/show_bug.cgi?id=1236136

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250206/1fc193bc/attachment.htm>

From null at suse.de  Thu Feb  6 16:31:21 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 06 Feb 2025 16:31:21 -0000
Subject: SUSE-SU-2025:0355-1: important: Security update for bind
Message-ID: <173885948176.21757.14074038848145950109@smelt2.prg2.suse.org>



# Security update for bind

Announcement ID: SUSE-SU-2025:0355-1  
Release Date: 2025-02-04T12:59:34Z  
Rating: important  
References:

  * bsc#1236596
  * bsc#1236597

  
Cross-References:

  * CVE-2024-11187
  * CVE-2024-12705

  
CVSS scores:

  * CVE-2024-11187 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-11187 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-11187 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-12705 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-12705 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-12705 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * Server Applications Module 15-SP6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for bind fixes the following issues:

Update to release 9.18.33

Security Fixes:

  * CVE-2024-11187: Fixes CPU exhaustion caused by many records in the
    additional section (bsc#1236596)
  * CVE-2024-12705: Fixes multiple issues in DNS-over-HTTPS implementation when
    under heavy query load (bsc#1236597)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-355=1 openSUSE-SLE-15.6-2025-355=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-355=1

  * Server Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-355=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * bind-9.18.33-150600.3.6.1
    * bind-debuginfo-9.18.33-150600.3.6.1
    * bind-utils-9.18.33-150600.3.6.1
    * bind-debugsource-9.18.33-150600.3.6.1
    * bind-utils-debuginfo-9.18.33-150600.3.6.1
  * openSUSE Leap 15.6 (noarch)
    * bind-doc-9.18.33-150600.3.6.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * bind-debugsource-9.18.33-150600.3.6.1
    * bind-debuginfo-9.18.33-150600.3.6.1
    * bind-utils-debuginfo-9.18.33-150600.3.6.1
    * bind-utils-9.18.33-150600.3.6.1
  * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * bind-9.18.33-150600.3.6.1
    * bind-debugsource-9.18.33-150600.3.6.1
    * bind-debuginfo-9.18.33-150600.3.6.1
  * Server Applications Module 15-SP6 (noarch)
    * bind-doc-9.18.33-150600.3.6.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-11187.html
  * https://www.suse.com/security/cve/CVE-2024-12705.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236596
  * https://bugzilla.suse.com/show_bug.cgi?id=1236597

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250206/9f32f337/attachment.htm>

From null at suse.de  Thu Feb  6 16:31:23 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 06 Feb 2025 16:31:23 -0000
Subject: SUSE-SU-2025:0351-1: moderate: Security update for krb5
Message-ID: <173885948398.21757.576399278315539695@smelt2.prg2.suse.org>



# Security update for krb5

Announcement ID: SUSE-SU-2025:0351-1  
Release Date: 2025-02-04T09:28:22Z  
Rating: moderate  
References:

  * bsc#1236619

  
Cross-References:

  * CVE-2025-24528

  
CVSS scores:

  * CVE-2025-24528 ( SUSE ):  6.0
    CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-24528 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for krb5 fixes the following issues:

  * CVE-2025-24528: Fixed out-of-bounds write caused by overflow when
    calculating ulog block size can lead to process crash (bsc#1236619).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-351=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * krb5-32bit-1.16.3-46.18.1
    * krb5-doc-1.16.3-46.18.1
    * krb5-plugin-preauth-pkinit-1.16.3-46.18.1
    * krb5-debuginfo-32bit-1.16.3-46.18.1
    * krb5-debuginfo-1.16.3-46.18.1
    * krb5-plugin-preauth-otp-1.16.3-46.18.1
    * krb5-debugsource-1.16.3-46.18.1
    * krb5-server-debuginfo-1.16.3-46.18.1
    * krb5-devel-1.16.3-46.18.1
    * krb5-client-debuginfo-1.16.3-46.18.1
    * krb5-1.16.3-46.18.1
    * krb5-plugin-preauth-pkinit-debuginfo-1.16.3-46.18.1
    * krb5-client-1.16.3-46.18.1
    * krb5-plugin-preauth-otp-debuginfo-1.16.3-46.18.1
    * krb5-server-1.16.3-46.18.1
    * krb5-plugin-kdb-ldap-1.16.3-46.18.1
    * krb5-plugin-kdb-ldap-debuginfo-1.16.3-46.18.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-24528.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236619

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250206/bdf00635/attachment.htm>

From null at suse.de  Thu Feb  6 16:31:26 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 06 Feb 2025 16:31:26 -0000
Subject: SUSE-SU-2025:0350-1: important: Security update for xrdp
Message-ID: <173885948670.21757.13463394703693471381@smelt2.prg2.suse.org>



# Security update for xrdp

Announcement ID: SUSE-SU-2025:0350-1  
Release Date: 2025-02-04T09:15:31Z  
Rating: important  
References:

  * bsc#1227769

  
Cross-References:

  * CVE-2024-39917

  
CVSS scores:

  * CVE-2024-39917 ( SUSE ):  7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
  * CVE-2024-39917 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for xrdp fixes the following issues:

  * CVE-2024-39917: Enforce no login screen if require_credentials is set
    (bsc#1227769)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-350=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-350=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-350=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-350=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-350=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-350=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-350=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-350=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-350=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-350=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-350=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-350=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-350=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-350=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-350=1

## Package List:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * libpainter0-0.9.13.1-150200.4.33.1
    * xrdp-0.9.13.1-150200.4.33.1
    * librfxencode0-debuginfo-0.9.13.1-150200.4.33.1
    * xrdp-debugsource-0.9.13.1-150200.4.33.1
    * librfxencode0-0.9.13.1-150200.4.33.1
    * xrdp-devel-0.9.13.1-150200.4.33.1
    * xrdp-debuginfo-0.9.13.1-150200.4.33.1
    * libpainter0-debuginfo-0.9.13.1-150200.4.33.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * libpainter0-0.9.13.1-150200.4.33.1
    * xrdp-0.9.13.1-150200.4.33.1
    * librfxencode0-debuginfo-0.9.13.1-150200.4.33.1
    * xrdp-debugsource-0.9.13.1-150200.4.33.1
    * librfxencode0-0.9.13.1-150200.4.33.1
    * xrdp-devel-0.9.13.1-150200.4.33.1
    * xrdp-debuginfo-0.9.13.1-150200.4.33.1
    * libpainter0-debuginfo-0.9.13.1-150200.4.33.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * libpainter0-0.9.13.1-150200.4.33.1
    * xrdp-0.9.13.1-150200.4.33.1
    * librfxencode0-debuginfo-0.9.13.1-150200.4.33.1
    * xrdp-debugsource-0.9.13.1-150200.4.33.1
    * librfxencode0-0.9.13.1-150200.4.33.1
    * xrdp-devel-0.9.13.1-150200.4.33.1
    * xrdp-debuginfo-0.9.13.1-150200.4.33.1
    * libpainter0-debuginfo-0.9.13.1-150200.4.33.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * libpainter0-0.9.13.1-150200.4.33.1
    * xrdp-0.9.13.1-150200.4.33.1
    * librfxencode0-debuginfo-0.9.13.1-150200.4.33.1
    * xrdp-debugsource-0.9.13.1-150200.4.33.1
    * librfxencode0-0.9.13.1-150200.4.33.1
    * xrdp-devel-0.9.13.1-150200.4.33.1
    * xrdp-debuginfo-0.9.13.1-150200.4.33.1
    * libpainter0-debuginfo-0.9.13.1-150200.4.33.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * libpainter0-0.9.13.1-150200.4.33.1
    * xrdp-0.9.13.1-150200.4.33.1
    * librfxencode0-debuginfo-0.9.13.1-150200.4.33.1
    * xrdp-debugsource-0.9.13.1-150200.4.33.1
    * librfxencode0-0.9.13.1-150200.4.33.1
    * xrdp-devel-0.9.13.1-150200.4.33.1
    * xrdp-debuginfo-0.9.13.1-150200.4.33.1
    * libpainter0-debuginfo-0.9.13.1-150200.4.33.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * libpainter0-0.9.13.1-150200.4.33.1
    * xrdp-0.9.13.1-150200.4.33.1
    * librfxencode0-debuginfo-0.9.13.1-150200.4.33.1
    * xrdp-debugsource-0.9.13.1-150200.4.33.1
    * librfxencode0-0.9.13.1-150200.4.33.1
    * xrdp-devel-0.9.13.1-150200.4.33.1
    * xrdp-debuginfo-0.9.13.1-150200.4.33.1
    * libpainter0-debuginfo-0.9.13.1-150200.4.33.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * libpainter0-0.9.13.1-150200.4.33.1
    * xrdp-0.9.13.1-150200.4.33.1
    * librfxencode0-debuginfo-0.9.13.1-150200.4.33.1
    * xrdp-debugsource-0.9.13.1-150200.4.33.1
    * librfxencode0-0.9.13.1-150200.4.33.1
    * xrdp-devel-0.9.13.1-150200.4.33.1
    * xrdp-debuginfo-0.9.13.1-150200.4.33.1
    * libpainter0-debuginfo-0.9.13.1-150200.4.33.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * libpainter0-0.9.13.1-150200.4.33.1
    * xrdp-0.9.13.1-150200.4.33.1
    * librfxencode0-debuginfo-0.9.13.1-150200.4.33.1
    * xrdp-debugsource-0.9.13.1-150200.4.33.1
    * librfxencode0-0.9.13.1-150200.4.33.1
    * xrdp-devel-0.9.13.1-150200.4.33.1
    * xrdp-debuginfo-0.9.13.1-150200.4.33.1
    * libpainter0-debuginfo-0.9.13.1-150200.4.33.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * libpainter0-0.9.13.1-150200.4.33.1
    * xrdp-0.9.13.1-150200.4.33.1
    * librfxencode0-debuginfo-0.9.13.1-150200.4.33.1
    * xrdp-debugsource-0.9.13.1-150200.4.33.1
    * librfxencode0-0.9.13.1-150200.4.33.1
    * xrdp-devel-0.9.13.1-150200.4.33.1
    * xrdp-debuginfo-0.9.13.1-150200.4.33.1
    * libpainter0-debuginfo-0.9.13.1-150200.4.33.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * libpainter0-0.9.13.1-150200.4.33.1
    * xrdp-0.9.13.1-150200.4.33.1
    * librfxencode0-debuginfo-0.9.13.1-150200.4.33.1
    * xrdp-debugsource-0.9.13.1-150200.4.33.1
    * librfxencode0-0.9.13.1-150200.4.33.1
    * xrdp-devel-0.9.13.1-150200.4.33.1
    * xrdp-debuginfo-0.9.13.1-150200.4.33.1
    * libpainter0-debuginfo-0.9.13.1-150200.4.33.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * libpainter0-0.9.13.1-150200.4.33.1
    * xrdp-0.9.13.1-150200.4.33.1
    * librfxencode0-debuginfo-0.9.13.1-150200.4.33.1
    * xrdp-debugsource-0.9.13.1-150200.4.33.1
    * librfxencode0-0.9.13.1-150200.4.33.1
    * xrdp-devel-0.9.13.1-150200.4.33.1
    * xrdp-debuginfo-0.9.13.1-150200.4.33.1
    * libpainter0-debuginfo-0.9.13.1-150200.4.33.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * libpainter0-0.9.13.1-150200.4.33.1
    * xrdp-0.9.13.1-150200.4.33.1
    * librfxencode0-debuginfo-0.9.13.1-150200.4.33.1
    * xrdp-debugsource-0.9.13.1-150200.4.33.1
    * librfxencode0-0.9.13.1-150200.4.33.1
    * xrdp-devel-0.9.13.1-150200.4.33.1
    * xrdp-debuginfo-0.9.13.1-150200.4.33.1
    * libpainter0-debuginfo-0.9.13.1-150200.4.33.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * libpainter0-0.9.13.1-150200.4.33.1
    * xrdp-0.9.13.1-150200.4.33.1
    * librfxencode0-debuginfo-0.9.13.1-150200.4.33.1
    * xrdp-debugsource-0.9.13.1-150200.4.33.1
    * librfxencode0-0.9.13.1-150200.4.33.1
    * xrdp-devel-0.9.13.1-150200.4.33.1
    * xrdp-debuginfo-0.9.13.1-150200.4.33.1
    * libpainter0-debuginfo-0.9.13.1-150200.4.33.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * libpainter0-0.9.13.1-150200.4.33.1
    * xrdp-0.9.13.1-150200.4.33.1
    * librfxencode0-debuginfo-0.9.13.1-150200.4.33.1
    * xrdp-debugsource-0.9.13.1-150200.4.33.1
    * librfxencode0-0.9.13.1-150200.4.33.1
    * xrdp-devel-0.9.13.1-150200.4.33.1
    * xrdp-debuginfo-0.9.13.1-150200.4.33.1
    * libpainter0-debuginfo-0.9.13.1-150200.4.33.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * libpainter0-0.9.13.1-150200.4.33.1
    * xrdp-0.9.13.1-150200.4.33.1
    * librfxencode0-debuginfo-0.9.13.1-150200.4.33.1
    * xrdp-debugsource-0.9.13.1-150200.4.33.1
    * librfxencode0-0.9.13.1-150200.4.33.1
    * xrdp-devel-0.9.13.1-150200.4.33.1
    * xrdp-debuginfo-0.9.13.1-150200.4.33.1
    * libpainter0-debuginfo-0.9.13.1-150200.4.33.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-39917.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1227769

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250206/57e16195/attachment.htm>

From null at suse.de  Thu Feb  6 16:31:28 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 06 Feb 2025 16:31:28 -0000
Subject: SUSE-SU-2025:0349-1: moderate: Security update for openssl-1_1
Message-ID: <173885948898.21757.14033126393763529802@smelt2.prg2.suse.org>



# Security update for openssl-1_1

Announcement ID: SUSE-SU-2025:0349-1  
Release Date: 2025-02-04T08:34:49Z  
Rating: moderate  
References:

  * bsc#1236136

  
Cross-References:

  * CVE-2024-13176

  
CVSS scores:

  * CVE-2024-13176 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-13176 ( SUSE ):  5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-13176 ( NVD ):  4.1 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for openssl-1_1 fixes the following issues:

  * CVE-2024-13176: Fixed timing side-channel in the ECDSA signature computation
    (bsc#1236136)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-349=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-349=1

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-349=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-349=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-349=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-349=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-349=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-349=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-349=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-349=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-349=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-349=1

## Package List:

  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * libopenssl1_1-hmac-1.1.1l-150400.7.78.1
    * libopenssl1_1-1.1.1l-150400.7.78.1
    * libopenssl-1_1-devel-1.1.1l-150400.7.78.1
    * libopenssl1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-debuginfo-1.1.1l-150400.7.78.1
    * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.78.1
    * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.78.1
    * libopenssl1_1-32bit-1.1.1l-150400.7.78.1
    * openssl-1_1-1.1.1l-150400.7.78.1
    * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.78.1
    * openssl-1_1-debugsource-1.1.1l-150400.7.78.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * libopenssl1_1-hmac-1.1.1l-150400.7.78.1
    * libopenssl1_1-1.1.1l-150400.7.78.1
    * libopenssl-1_1-devel-1.1.1l-150400.7.78.1
    * libopenssl1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-1.1.1l-150400.7.78.1
    * openssl-1_1-debugsource-1.1.1l-150400.7.78.1
  * SUSE Manager Server 4.3 (x86_64)
    * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.78.1
    * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.78.1
    * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.78.1
    * libopenssl1_1-32bit-1.1.1l-150400.7.78.1
  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * libopenssl1_1-hmac-1.1.1l-150400.7.78.1
    * libopenssl1_1-1.1.1l-150400.7.78.1
    * libopenssl-1_1-devel-1.1.1l-150400.7.78.1
    * libopenssl1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-1.1.1l-150400.7.78.1
    * openssl-1_1-debugsource-1.1.1l-150400.7.78.1
  * openSUSE Leap 15.4 (x86_64)
    * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.78.1
    * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.78.1
    * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.78.1
    * libopenssl1_1-32bit-1.1.1l-150400.7.78.1
  * openSUSE Leap 15.4 (noarch)
    * openssl-1_1-doc-1.1.1l-150400.7.78.1
  * openSUSE Leap 15.4 (aarch64_ilp32)
    * libopenssl1_1-64bit-1.1.1l-150400.7.78.1
    * libopenssl1_1-64bit-debuginfo-1.1.1l-150400.7.78.1
    * libopenssl-1_1-devel-64bit-1.1.1l-150400.7.78.1
    * libopenssl1_1-hmac-64bit-1.1.1l-150400.7.78.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * libopenssl1_1-hmac-1.1.1l-150400.7.78.1
    * libopenssl1_1-1.1.1l-150400.7.78.1
    * libopenssl-1_1-devel-1.1.1l-150400.7.78.1
    * libopenssl1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-1.1.1l-150400.7.78.1
    * openssl-1_1-debugsource-1.1.1l-150400.7.78.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * libopenssl1_1-hmac-1.1.1l-150400.7.78.1
    * libopenssl1_1-1.1.1l-150400.7.78.1
    * libopenssl-1_1-devel-1.1.1l-150400.7.78.1
    * libopenssl1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-1.1.1l-150400.7.78.1
    * openssl-1_1-debugsource-1.1.1l-150400.7.78.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * libopenssl1_1-hmac-1.1.1l-150400.7.78.1
    * libopenssl1_1-1.1.1l-150400.7.78.1
    * libopenssl-1_1-devel-1.1.1l-150400.7.78.1
    * libopenssl1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-1.1.1l-150400.7.78.1
    * openssl-1_1-debugsource-1.1.1l-150400.7.78.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * libopenssl1_1-hmac-1.1.1l-150400.7.78.1
    * libopenssl1_1-1.1.1l-150400.7.78.1
    * libopenssl-1_1-devel-1.1.1l-150400.7.78.1
    * libopenssl1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-1.1.1l-150400.7.78.1
    * openssl-1_1-debugsource-1.1.1l-150400.7.78.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * libopenssl1_1-hmac-1.1.1l-150400.7.78.1
    * libopenssl1_1-1.1.1l-150400.7.78.1
    * libopenssl-1_1-devel-1.1.1l-150400.7.78.1
    * libopenssl1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-1.1.1l-150400.7.78.1
    * openssl-1_1-debugsource-1.1.1l-150400.7.78.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
    * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.78.1
    * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.78.1
    * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.78.1
    * libopenssl1_1-32bit-1.1.1l-150400.7.78.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * libopenssl1_1-hmac-1.1.1l-150400.7.78.1
    * libopenssl1_1-1.1.1l-150400.7.78.1
    * libopenssl-1_1-devel-1.1.1l-150400.7.78.1
    * libopenssl1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-1.1.1l-150400.7.78.1
    * openssl-1_1-debugsource-1.1.1l-150400.7.78.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
    * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.78.1
    * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.78.1
    * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.78.1
    * libopenssl1_1-32bit-1.1.1l-150400.7.78.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * libopenssl1_1-hmac-1.1.1l-150400.7.78.1
    * libopenssl1_1-1.1.1l-150400.7.78.1
    * libopenssl-1_1-devel-1.1.1l-150400.7.78.1
    * libopenssl1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-1.1.1l-150400.7.78.1
    * openssl-1_1-debugsource-1.1.1l-150400.7.78.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64)
    * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.78.1
    * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.78.1
    * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.78.1
    * libopenssl1_1-32bit-1.1.1l-150400.7.78.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * libopenssl1_1-hmac-1.1.1l-150400.7.78.1
    * libopenssl1_1-1.1.1l-150400.7.78.1
    * libopenssl-1_1-devel-1.1.1l-150400.7.78.1
    * libopenssl1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-1.1.1l-150400.7.78.1
    * openssl-1_1-debugsource-1.1.1l-150400.7.78.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
    * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.78.1
    * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.78.1
    * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.78.1
    * libopenssl1_1-32bit-1.1.1l-150400.7.78.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * libopenssl1_1-hmac-1.1.1l-150400.7.78.1
    * libopenssl1_1-1.1.1l-150400.7.78.1
    * libopenssl-1_1-devel-1.1.1l-150400.7.78.1
    * libopenssl1_1-debuginfo-1.1.1l-150400.7.78.1
    * openssl-1_1-debuginfo-1.1.1l-150400.7.78.1
    * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.78.1
    * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.78.1
    * libopenssl1_1-32bit-1.1.1l-150400.7.78.1
    * openssl-1_1-1.1.1l-150400.7.78.1
    * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.78.1
    * openssl-1_1-debugsource-1.1.1l-150400.7.78.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-13176.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236136

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250206/e78d6e6f/attachment.htm>

From null at suse.de  Fri Feb  7 12:30:09 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 07 Feb 2025 12:30:09 -0000
Subject: SUSE-SU-2025:0382-1: important: Security update for podman
Message-ID: <173893140987.21560.6959237744919072429@smelt2.prg2.suse.org>



# Security update for podman

Announcement ID: SUSE-SU-2025:0382-1  
Release Date: 2025-02-07T08:44:14Z  
Rating: important  
References:

  * bsc#1236270

  
Cross-References:

  * CVE-2024-11218

  
CVSS scores:

  * CVE-2024-11218 ( SUSE ):  8.7
    CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2024-11218 ( SUSE ):  7.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
  * CVE-2024-11218 ( NVD ):  8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

  
Affected Products:

  * Containers Module 15-SP6
  * openSUSE Leap 15.5
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for podman fixes the following issues:

  * CVE-2024-11218: Fixed a container breakout by using --jobs=2 and a race
    condition when building a malicious Containerfile. (bsc#1236270)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-382=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-382=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-382=1

  * Containers Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-382=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-382=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-382=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-382=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-382=1

## Package List:

  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
    * podmansh-4.9.5-150500.3.31.1
    * podman-debuginfo-4.9.5-150500.3.31.1
    * podman-4.9.5-150500.3.31.1
    * podman-remote-debuginfo-4.9.5-150500.3.31.1
    * podman-remote-4.9.5-150500.3.31.1
  * openSUSE Leap 15.5 (noarch)
    * podman-docker-4.9.5-150500.3.31.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * podmansh-4.9.5-150500.3.31.1
    * podman-debuginfo-4.9.5-150500.3.31.1
    * podman-4.9.5-150500.3.31.1
    * podman-remote-debuginfo-4.9.5-150500.3.31.1
    * podman-remote-4.9.5-150500.3.31.1
  * openSUSE Leap 15.6 (noarch)
    * podman-docker-4.9.5-150500.3.31.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * podmansh-4.9.5-150500.3.31.1
    * podman-debuginfo-4.9.5-150500.3.31.1
    * podman-4.9.5-150500.3.31.1
    * podman-remote-debuginfo-4.9.5-150500.3.31.1
    * podman-remote-4.9.5-150500.3.31.1
  * SUSE Linux Enterprise Micro 5.5 (noarch)
    * podman-docker-4.9.5-150500.3.31.1
  * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * podmansh-4.9.5-150500.3.31.1
    * podman-debuginfo-4.9.5-150500.3.31.1
    * podman-4.9.5-150500.3.31.1
    * podman-remote-debuginfo-4.9.5-150500.3.31.1
    * podman-remote-4.9.5-150500.3.31.1
  * Containers Module 15-SP6 (noarch)
    * podman-docker-4.9.5-150500.3.31.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * podmansh-4.9.5-150500.3.31.1
    * podman-debuginfo-4.9.5-150500.3.31.1
    * podman-4.9.5-150500.3.31.1
    * podman-remote-debuginfo-4.9.5-150500.3.31.1
    * podman-remote-4.9.5-150500.3.31.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * podman-docker-4.9.5-150500.3.31.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * podmansh-4.9.5-150500.3.31.1
    * podman-debuginfo-4.9.5-150500.3.31.1
    * podman-4.9.5-150500.3.31.1
    * podman-remote-debuginfo-4.9.5-150500.3.31.1
    * podman-remote-4.9.5-150500.3.31.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * podman-docker-4.9.5-150500.3.31.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * podmansh-4.9.5-150500.3.31.1
    * podman-debuginfo-4.9.5-150500.3.31.1
    * podman-4.9.5-150500.3.31.1
    * podman-remote-debuginfo-4.9.5-150500.3.31.1
    * podman-remote-4.9.5-150500.3.31.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * podman-docker-4.9.5-150500.3.31.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * podmansh-4.9.5-150500.3.31.1
    * podman-debuginfo-4.9.5-150500.3.31.1
    * podman-4.9.5-150500.3.31.1
    * podman-remote-debuginfo-4.9.5-150500.3.31.1
    * podman-remote-4.9.5-150500.3.31.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * podman-docker-4.9.5-150500.3.31.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-11218.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236270

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250207/36e444f0/attachment.htm>

From null at suse.de  Fri Feb  7 16:30:05 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 07 Feb 2025 16:30:05 -0000
Subject: SUSE-SU-2025:0384-1: important: Security update for bind
Message-ID: <173894580581.21757.16700523099715962646@smelt2.prg2.suse.org>



# Security update for bind

Announcement ID: SUSE-SU-2025:0384-1  
Release Date: 2025-02-07T13:00:41Z  
Rating: important  
References:

  * bsc#1236596

  
Cross-References:

  * CVE-2024-11187

  
CVSS scores:

  * CVE-2024-11187 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-11187 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-11187 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for bind fixes the following issues:

  * CVE-2024-11187: Fixes CPU exhaustion caused by many records in the
    additional section (bsc#1236596)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-384=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-384=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-384=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-384=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-384=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-384=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-384=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-384=1

## Package List:

  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * bind-debuginfo-9.16.50-150400.5.46.1
    * bind-utils-debuginfo-9.16.50-150400.5.46.1
    * bind-debugsource-9.16.50-150400.5.46.1
    * bind-utils-9.16.50-150400.5.46.1
    * bind-9.16.50-150400.5.46.1
  * openSUSE Leap 15.4 (noarch)
    * python3-bind-9.16.50-150400.5.46.1
    * bind-doc-9.16.50-150400.5.46.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * bind-debuginfo-9.16.50-150400.5.46.1
    * bind-utils-debuginfo-9.16.50-150400.5.46.1
    * bind-debugsource-9.16.50-150400.5.46.1
    * bind-utils-9.16.50-150400.5.46.1
    * bind-9.16.50-150400.5.46.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * python3-bind-9.16.50-150400.5.46.1
    * bind-doc-9.16.50-150400.5.46.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * bind-debuginfo-9.16.50-150400.5.46.1
    * bind-utils-debuginfo-9.16.50-150400.5.46.1
    * bind-debugsource-9.16.50-150400.5.46.1
    * bind-utils-9.16.50-150400.5.46.1
    * bind-9.16.50-150400.5.46.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * python3-bind-9.16.50-150400.5.46.1
    * bind-doc-9.16.50-150400.5.46.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * bind-debuginfo-9.16.50-150400.5.46.1
    * bind-utils-debuginfo-9.16.50-150400.5.46.1
    * bind-debugsource-9.16.50-150400.5.46.1
    * bind-utils-9.16.50-150400.5.46.1
    * bind-9.16.50-150400.5.46.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * python3-bind-9.16.50-150400.5.46.1
    * bind-doc-9.16.50-150400.5.46.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * bind-debuginfo-9.16.50-150400.5.46.1
    * bind-utils-debuginfo-9.16.50-150400.5.46.1
    * bind-debugsource-9.16.50-150400.5.46.1
    * bind-utils-9.16.50-150400.5.46.1
    * bind-9.16.50-150400.5.46.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * python3-bind-9.16.50-150400.5.46.1
    * bind-doc-9.16.50-150400.5.46.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * bind-debuginfo-9.16.50-150400.5.46.1
    * bind-utils-debuginfo-9.16.50-150400.5.46.1
    * bind-debugsource-9.16.50-150400.5.46.1
    * bind-utils-9.16.50-150400.5.46.1
    * bind-9.16.50-150400.5.46.1
  * SUSE Manager Proxy 4.3 (noarch)
    * python3-bind-9.16.50-150400.5.46.1
    * bind-doc-9.16.50-150400.5.46.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * bind-debuginfo-9.16.50-150400.5.46.1
    * bind-utils-debuginfo-9.16.50-150400.5.46.1
    * bind-debugsource-9.16.50-150400.5.46.1
    * bind-utils-9.16.50-150400.5.46.1
    * bind-9.16.50-150400.5.46.1
  * SUSE Manager Retail Branch Server 4.3 (noarch)
    * python3-bind-9.16.50-150400.5.46.1
    * bind-doc-9.16.50-150400.5.46.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * bind-debuginfo-9.16.50-150400.5.46.1
    * bind-utils-debuginfo-9.16.50-150400.5.46.1
    * bind-debugsource-9.16.50-150400.5.46.1
    * bind-utils-9.16.50-150400.5.46.1
    * bind-9.16.50-150400.5.46.1
  * SUSE Manager Server 4.3 (noarch)
    * python3-bind-9.16.50-150400.5.46.1
    * bind-doc-9.16.50-150400.5.46.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-11187.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236596

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250207/237e7db2/attachment.htm>

From null at suse.de  Fri Feb  7 16:30:10 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 07 Feb 2025 16:30:10 -0000
Subject: SUSE-RU-2025:0383-1: moderate: Recommended update for libica
Message-ID: <173894581016.21757.10647525131662691910@smelt2.prg2.suse.org>



# Recommended update for libica

Announcement ID: SUSE-RU-2025:0383-1  
Release Date: 2025-02-07T12:59:49Z  
Rating: moderate  
References:

  * bsc#1231302

  
Affected Products:

  * openSUSE Leap 15.6
  * Server Applications Module 15-SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that has one fix can now be installed.

## Description:

This update for libica fixes the following issues:

  * (FIPS) Use AES-GCM external IV mode encryption (bsc#1231302).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-383=1 openSUSE-SLE-15.6-2025-383=1

  * Server Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-383=1

## Package List:

  * openSUSE Leap 15.6 (s390x)
    * libica-tools-debuginfo-4.3.1-150600.4.19.2
    * libica-openssl1_1-devel-4.3.1-150600.4.19.2
    * libica4-openssl1_1-debuginfo-4.3.1-150600.4.19.2
    * libica-openssl1_1-debugsource-4.3.1-150600.4.19.2
    * libica4-4.3.1-150600.4.19.2
    * libica-tools-4.3.1-150600.4.19.2
    * libica-debugsource-4.3.1-150600.4.19.2
    * libica-openssl1_1-tools-4.3.1-150600.4.19.2
    * libica-openssl1_1-tools-debuginfo-4.3.1-150600.4.19.2
    * libica-openssl1_1-debuginfo-4.3.1-150600.4.19.2
    * libica-debuginfo-4.3.1-150600.4.19.2
    * libica-openssl1_1-devel-static-4.3.1-150600.4.19.2
    * libica-devel-4.3.1-150600.4.19.2
    * libica-devel-static-4.3.1-150600.4.19.2
    * libica4-openssl1_1-4.3.1-150600.4.19.2
    * libica4-debuginfo-4.3.1-150600.4.19.2
  * Server Applications Module 15-SP6 (s390x)
    * libica-tools-debuginfo-4.3.1-150600.4.19.2
    * libica4-openssl1_1-debuginfo-4.3.1-150600.4.19.2
    * libica-openssl1_1-debugsource-4.3.1-150600.4.19.2
    * libica-openssl1_1-tools-4.3.1-150600.4.19.2
    * libica-debugsource-4.3.1-150600.4.19.2
    * libica-tools-4.3.1-150600.4.19.2
    * libica4-4.3.1-150600.4.19.2
    * libica-openssl1_1-debuginfo-4.3.1-150600.4.19.2
    * libica-debuginfo-4.3.1-150600.4.19.2
    * libica-devel-4.3.1-150600.4.19.2
    * libica-devel-static-4.3.1-150600.4.19.2
    * libica4-openssl1_1-4.3.1-150600.4.19.2
    * libica4-debuginfo-4.3.1-150600.4.19.2

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1231302

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250207/2e1aef78/attachment.htm>

From null at suse.de  Fri Feb  7 20:30:04 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 07 Feb 2025 20:30:04 -0000
Subject: SUSE-SU-2025:0388-1: moderate: Security update for openssl-3
Message-ID: <173896020430.18428.15601524627022612550@smelt2.prg2.suse.org>



# Security update for openssl-3

Announcement ID: SUSE-SU-2025:0388-1  
Release Date: 2025-02-07T17:18:45Z  
Rating: moderate  
References:

  * bsc#1236136

  
Cross-References:

  * CVE-2024-13176

  
CVSS scores:

  * CVE-2024-13176 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-13176 ( SUSE ):  5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-13176 ( NVD ):  4.1 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for openssl-3 fixes the following issues:

  * CVE-2024-13176: Fixed timing side-channel in ECDSA signature computation
    (bsc#1236136).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-388=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-388=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-388=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-388=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-388=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-388=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-388=1

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-388=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-388=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-388=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-388=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-388=1

## Package List:

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * libopenssl3-3.0.8-150400.4.72.1
    * openssl-3-3.0.8-150400.4.72.1
    * openssl-3-debuginfo-3.0.8-150400.4.72.1
    * openssl-3-debugsource-3.0.8-150400.4.72.1
    * libopenssl3-debuginfo-3.0.8-150400.4.72.1
    * libopenssl-3-devel-3.0.8-150400.4.72.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * libopenssl3-3.0.8-150400.4.72.1
    * openssl-3-3.0.8-150400.4.72.1
    * openssl-3-debuginfo-3.0.8-150400.4.72.1
    * openssl-3-debugsource-3.0.8-150400.4.72.1
    * libopenssl3-debuginfo-3.0.8-150400.4.72.1
    * libopenssl-3-devel-3.0.8-150400.4.72.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * libopenssl3-3.0.8-150400.4.72.1
    * openssl-3-3.0.8-150400.4.72.1
    * openssl-3-debuginfo-3.0.8-150400.4.72.1
    * openssl-3-debugsource-3.0.8-150400.4.72.1
    * libopenssl3-debuginfo-3.0.8-150400.4.72.1
    * libopenssl-3-devel-3.0.8-150400.4.72.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * libopenssl3-3.0.8-150400.4.72.1
    * openssl-3-3.0.8-150400.4.72.1
    * openssl-3-debuginfo-3.0.8-150400.4.72.1
    * openssl-3-debugsource-3.0.8-150400.4.72.1
    * libopenssl3-debuginfo-3.0.8-150400.4.72.1
    * libopenssl-3-devel-3.0.8-150400.4.72.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * libopenssl3-3.0.8-150400.4.72.1
    * openssl-3-3.0.8-150400.4.72.1
    * openssl-3-debuginfo-3.0.8-150400.4.72.1
    * openssl-3-debugsource-3.0.8-150400.4.72.1
    * libopenssl3-debuginfo-3.0.8-150400.4.72.1
    * libopenssl-3-devel-3.0.8-150400.4.72.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * libopenssl3-3.0.8-150400.4.72.1
    * openssl-3-3.0.8-150400.4.72.1
    * openssl-3-debuginfo-3.0.8-150400.4.72.1
    * openssl-3-debugsource-3.0.8-150400.4.72.1
    * libopenssl3-debuginfo-3.0.8-150400.4.72.1
    * libopenssl-3-devel-3.0.8-150400.4.72.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * libopenssl3-3.0.8-150400.4.72.1
    * openssl-3-3.0.8-150400.4.72.1
    * openssl-3-debuginfo-3.0.8-150400.4.72.1
    * openssl-3-debugsource-3.0.8-150400.4.72.1
    * libopenssl3-debuginfo-3.0.8-150400.4.72.1
    * libopenssl-3-devel-3.0.8-150400.4.72.1
  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * libopenssl3-3.0.8-150400.4.72.1
    * openssl-3-3.0.8-150400.4.72.1
    * openssl-3-debuginfo-3.0.8-150400.4.72.1
    * openssl-3-debugsource-3.0.8-150400.4.72.1
    * libopenssl3-debuginfo-3.0.8-150400.4.72.1
    * libopenssl-3-devel-3.0.8-150400.4.72.1
  * openSUSE Leap 15.4 (x86_64)
    * libopenssl3-32bit-debuginfo-3.0.8-150400.4.72.1
    * libopenssl-3-devel-32bit-3.0.8-150400.4.72.1
    * libopenssl3-32bit-3.0.8-150400.4.72.1
  * openSUSE Leap 15.4 (noarch)
    * openssl-3-doc-3.0.8-150400.4.72.1
  * openSUSE Leap 15.4 (aarch64_ilp32)
    * libopenssl3-64bit-3.0.8-150400.4.72.1
    * libopenssl-3-devel-64bit-3.0.8-150400.4.72.1
    * libopenssl3-64bit-debuginfo-3.0.8-150400.4.72.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * libopenssl3-3.0.8-150400.4.72.1
    * libopenssl3-debuginfo-3.0.8-150400.4.72.1
    * openssl-3-debugsource-3.0.8-150400.4.72.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * libopenssl3-3.0.8-150400.4.72.1
    * libopenssl3-debuginfo-3.0.8-150400.4.72.1
    * openssl-3-debugsource-3.0.8-150400.4.72.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * libopenssl3-3.0.8-150400.4.72.1
    * libopenssl3-debuginfo-3.0.8-150400.4.72.1
    * openssl-3-debugsource-3.0.8-150400.4.72.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * libopenssl3-3.0.8-150400.4.72.1
    * libopenssl3-debuginfo-3.0.8-150400.4.72.1
    * openssl-3-debugsource-3.0.8-150400.4.72.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-13176.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236136

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250207/f2be7f92/attachment.htm>

From null at suse.de  Fri Feb  7 20:30:07 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 07 Feb 2025 20:30:07 -0000
Subject: SUSE-SU-2025:0387-1: moderate: Security update for openssl-3
Message-ID: <173896020733.18428.5306202892335892601@smelt2.prg2.suse.org>



# Security update for openssl-3

Announcement ID: SUSE-SU-2025:0387-1  
Release Date: 2025-02-07T17:16:21Z  
Rating: moderate  
References:

  * bsc#1236136

  
Cross-References:

  * CVE-2024-13176

  
CVSS scores:

  * CVE-2024-13176 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-13176 ( SUSE ):  5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-13176 ( NVD ):  4.1 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

  
Affected Products:

  * openSUSE Leap 15.5
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for openssl-3 fixes the following issues:

  * CVE-2024-13176: Fixed timing side-channel in ECDSA signature computation
    (bsc#1236136).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-387=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-387=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-387=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-387=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-387=1

## Package List:

  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
    * openssl-3-3.0.8-150500.5.51.1
    * openssl-3-debugsource-3.0.8-150500.5.51.1
    * libopenssl-3-devel-3.0.8-150500.5.51.1
    * openssl-3-debuginfo-3.0.8-150500.5.51.1
    * libopenssl3-3.0.8-150500.5.51.1
    * libopenssl3-debuginfo-3.0.8-150500.5.51.1
  * openSUSE Leap 15.5 (x86_64)
    * libopenssl-3-devel-32bit-3.0.8-150500.5.51.1
    * libopenssl3-32bit-3.0.8-150500.5.51.1
    * libopenssl3-32bit-debuginfo-3.0.8-150500.5.51.1
  * openSUSE Leap 15.5 (noarch)
    * openssl-3-doc-3.0.8-150500.5.51.1
  * openSUSE Leap 15.5 (aarch64_ilp32)
    * libopenssl3-64bit-debuginfo-3.0.8-150500.5.51.1
    * libopenssl3-64bit-3.0.8-150500.5.51.1
    * libopenssl-3-devel-64bit-3.0.8-150500.5.51.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * openssl-3-3.0.8-150500.5.51.1
    * openssl-3-debugsource-3.0.8-150500.5.51.1
    * libopenssl-3-devel-3.0.8-150500.5.51.1
    * openssl-3-debuginfo-3.0.8-150500.5.51.1
    * libopenssl3-3.0.8-150500.5.51.1
    * libopenssl3-debuginfo-3.0.8-150500.5.51.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * openssl-3-3.0.8-150500.5.51.1
    * openssl-3-debugsource-3.0.8-150500.5.51.1
    * libopenssl-3-devel-3.0.8-150500.5.51.1
    * openssl-3-debuginfo-3.0.8-150500.5.51.1
    * libopenssl3-3.0.8-150500.5.51.1
    * libopenssl3-debuginfo-3.0.8-150500.5.51.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * openssl-3-3.0.8-150500.5.51.1
    * openssl-3-debugsource-3.0.8-150500.5.51.1
    * libopenssl-3-devel-3.0.8-150500.5.51.1
    * openssl-3-debuginfo-3.0.8-150500.5.51.1
    * libopenssl3-3.0.8-150500.5.51.1
    * libopenssl3-debuginfo-3.0.8-150500.5.51.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * openssl-3-3.0.8-150500.5.51.1
    * openssl-3-debugsource-3.0.8-150500.5.51.1
    * libopenssl-3-devel-3.0.8-150500.5.51.1
    * openssl-3-debuginfo-3.0.8-150500.5.51.1
    * libopenssl3-3.0.8-150500.5.51.1
    * libopenssl3-debuginfo-3.0.8-150500.5.51.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-13176.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236136

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250207/533c949d/attachment.htm>

From null at suse.de  Fri Feb  7 20:30:11 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 07 Feb 2025 20:30:11 -0000
Subject: SUSE-SU-2025:0386-1: moderate: Security update for python39
Message-ID: <173896021187.18428.7459412655558429583@smelt2.prg2.suse.org>



# Security update for python39

Announcement ID: SUSE-SU-2025:0386-1  
Release Date: 2025-02-07T17:13:36Z  
Rating: moderate  
References:

  * bsc#1236705

  
Cross-References:

  * CVE-2025-0938

  
CVSS scores:

  * CVE-2025-0938 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N
  * CVE-2025-0938 ( SUSE ):  4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
  * CVE-2025-0938 ( NVD ):  6.3
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

  
Affected Products:

  * openSUSE Leap 15.3
  * openSUSE Leap 15.6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for python39 fixes the following issues:

  * CVE-2025-0938: domain names containing square brackets are not identified as
    incorrect by urlparse. (bsc#1236705)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-386=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-386=1

## Package List:

  * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
    * python39-base-3.9.21-150300.4.64.1
    * python39-testsuite-3.9.21-150300.4.64.1
    * libpython3_9-1_0-3.9.21-150300.4.64.1
    * python39-dbm-3.9.21-150300.4.64.1
    * python39-debuginfo-3.9.21-150300.4.64.1
    * python39-testsuite-debuginfo-3.9.21-150300.4.64.1
    * python39-tk-debuginfo-3.9.21-150300.4.64.1
    * python39-dbm-debuginfo-3.9.21-150300.4.64.1
    * libpython3_9-1_0-debuginfo-3.9.21-150300.4.64.1
    * python39-idle-3.9.21-150300.4.64.1
    * python39-core-debugsource-3.9.21-150300.4.64.1
    * python39-tools-3.9.21-150300.4.64.1
    * python39-curses-debuginfo-3.9.21-150300.4.64.1
    * python39-debugsource-3.9.21-150300.4.64.1
    * python39-doc-devhelp-3.9.21-150300.4.64.1
    * python39-devel-3.9.21-150300.4.64.1
    * python39-curses-3.9.21-150300.4.64.1
    * python39-doc-3.9.21-150300.4.64.1
    * python39-3.9.21-150300.4.64.1
    * python39-base-debuginfo-3.9.21-150300.4.64.1
    * python39-tk-3.9.21-150300.4.64.1
  * openSUSE Leap 15.3 (x86_64)
    * libpython3_9-1_0-32bit-debuginfo-3.9.21-150300.4.64.1
    * python39-32bit-3.9.21-150300.4.64.1
    * python39-base-32bit-3.9.21-150300.4.64.1
    * libpython3_9-1_0-32bit-3.9.21-150300.4.64.1
    * python39-base-32bit-debuginfo-3.9.21-150300.4.64.1
    * python39-32bit-debuginfo-3.9.21-150300.4.64.1
  * openSUSE Leap 15.3 (aarch64_ilp32)
    * python39-64bit-debuginfo-3.9.21-150300.4.64.1
    * libpython3_9-1_0-64bit-3.9.21-150300.4.64.1
    * python39-base-64bit-debuginfo-3.9.21-150300.4.64.1
    * libpython3_9-1_0-64bit-debuginfo-3.9.21-150300.4.64.1
    * python39-64bit-3.9.21-150300.4.64.1
    * python39-base-64bit-3.9.21-150300.4.64.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * python39-base-3.9.21-150300.4.64.1
    * python39-testsuite-3.9.21-150300.4.64.1
    * libpython3_9-1_0-3.9.21-150300.4.64.1
    * python39-dbm-3.9.21-150300.4.64.1
    * python39-debuginfo-3.9.21-150300.4.64.1
    * python39-testsuite-debuginfo-3.9.21-150300.4.64.1
    * python39-tk-debuginfo-3.9.21-150300.4.64.1
    * python39-dbm-debuginfo-3.9.21-150300.4.64.1
    * libpython3_9-1_0-debuginfo-3.9.21-150300.4.64.1
    * python39-idle-3.9.21-150300.4.64.1
    * python39-core-debugsource-3.9.21-150300.4.64.1
    * python39-tools-3.9.21-150300.4.64.1
    * python39-curses-debuginfo-3.9.21-150300.4.64.1
    * python39-debugsource-3.9.21-150300.4.64.1
    * python39-doc-devhelp-3.9.21-150300.4.64.1
    * python39-devel-3.9.21-150300.4.64.1
    * python39-curses-3.9.21-150300.4.64.1
    * python39-doc-3.9.21-150300.4.64.1
    * python39-3.9.21-150300.4.64.1
    * python39-base-debuginfo-3.9.21-150300.4.64.1
    * python39-tk-3.9.21-150300.4.64.1
  * openSUSE Leap 15.6 (x86_64)
    * libpython3_9-1_0-32bit-debuginfo-3.9.21-150300.4.64.1
    * python39-32bit-3.9.21-150300.4.64.1
    * python39-base-32bit-3.9.21-150300.4.64.1
    * libpython3_9-1_0-32bit-3.9.21-150300.4.64.1
    * python39-base-32bit-debuginfo-3.9.21-150300.4.64.1
    * python39-32bit-debuginfo-3.9.21-150300.4.64.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-0938.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236705

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250207/7b993116/attachment.htm>

From null at suse.de  Fri Feb  7 20:30:15 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 07 Feb 2025 20:30:15 -0000
Subject: SUSE-RU-2025:0385-1: moderate: Recommended update for
 release-notes-sles
Message-ID: <173896021542.18428.13595295949785563194@smelt2.prg2.suse.org>



# Recommended update for release-notes-sles

Announcement ID: SUSE-RU-2025:0385-1  
Release Date: 2025-02-07T16:07:21Z  
Rating: moderate  
References:

  * bsc#1236534
  * bsc#933411

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that has two fixes can now be installed.

## Description:

This update for release-notes-sles fixes the following issue:

  * Version update v12.5.20250129 (bsc#933411). Fixed lifecycle information with
    proper version (bsc#1236534).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-385=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-385=1

  * SUSE Linux Enterprise High Performance Computing 12 SP5  
    zypper in -t patch SUSE-SLE-SERVER-INSTALLER-12-SP5-2025-385=1

  * SUSE Linux Enterprise Server 12 SP5  
    zypper in -t patch SUSE-SLE-SERVER-INSTALLER-12-SP5-2025-385=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch)
    * release-notes-sles-12.5.20250129-3.46.2
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch)
    * release-notes-sles-12.5.20250129-3.46.2
  * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch)
    * release-notes-sles-12.5.20250129-3.46.2
  * SUSE Linux Enterprise Server 12 SP5 (noarch)
    * release-notes-sles-12.5.20250129-3.46.2

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1236534
  * https://bugzilla.suse.com/show_bug.cgi?id=933411

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250207/da5549ce/attachment.htm>

From null at suse.de  Mon Feb 10 08:30:08 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 10 Feb 2025 08:30:08 -0000
Subject: SUSE-SU-2025:0394-1: important: Security update for tomcat
Message-ID: <173917620874.16775.7619733453701091974@smelt2.prg2.suse.org>



# Security update for tomcat

Announcement ID: SUSE-SU-2025:0394-1  
Release Date: 2025-02-10T07:34:45Z  
Rating: important  
References:

  * bsc#1234663
  * bsc#1234664

  
Cross-References:

  * CVE-2024-50379
  * CVE-2024-54677

  
CVSS scores:

  * CVE-2024-50379 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-50379 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50379 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-54677 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-54677 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54677 ( NVD ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for tomcat fixes the following issues:

  * CVE-2024-50379: Fixed remote code execution (RCE) due to TOCTOU issue in JSP
    compilation (bsc#1234663).
  * CVE-2024-54677: Fixed denial-of-service (DoS) attack in examples web
    application (bsc#1234664).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-394=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-394=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch)
    * tomcat-javadoc-9.0.36-3.136.1
    * tomcat-servlet-4_0-api-9.0.36-3.136.1
    * tomcat-jsp-2_3-api-9.0.36-3.136.1
    * tomcat-el-3_0-api-9.0.36-3.136.1
    * tomcat-docs-webapp-9.0.36-3.136.1
    * tomcat-admin-webapps-9.0.36-3.136.1
    * tomcat-lib-9.0.36-3.136.1
    * tomcat-webapps-9.0.36-3.136.1
    * tomcat-9.0.36-3.136.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch)
    * tomcat-javadoc-9.0.36-3.136.1
    * tomcat-servlet-4_0-api-9.0.36-3.136.1
    * tomcat-jsp-2_3-api-9.0.36-3.136.1
    * tomcat-el-3_0-api-9.0.36-3.136.1
    * tomcat-docs-webapp-9.0.36-3.136.1
    * tomcat-admin-webapps-9.0.36-3.136.1
    * tomcat-lib-9.0.36-3.136.1
    * tomcat-webapps-9.0.36-3.136.1
    * tomcat-9.0.36-3.136.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-50379.html
  * https://www.suse.com/security/cve/CVE-2024-54677.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1234663
  * https://bugzilla.suse.com/show_bug.cgi?id=1234664

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250210/203a8401/attachment.htm>

From null at suse.de  Mon Feb 10 08:30:12 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 10 Feb 2025 08:30:12 -0000
Subject: SUSE-SU-2025:0393-1: moderate: Security update for go1.23
Message-ID: <173917621218.16775.449522289476949163@smelt2.prg2.suse.org>



# Security update for go1.23

Announcement ID: SUSE-SU-2025:0393-1  
Release Date: 2025-02-10T07:34:35Z  
Rating: moderate  
References:

  * bsc#1229122
  * bsc#1236801

  
Cross-References:

  * CVE-2025-22866

  
CVSS scores:

  * CVE-2025-22866 ( SUSE ):  6.0
    CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-22866 ( SUSE ):  5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

  
Affected Products:

  * Development Tools Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for go1.23 fixes the following issues:

  * CVE-2025-22866: Fixed timing sidechannel for P-256 on ppc64le (bsc#1236801).

Bug fixes:

  * go1.23 release tracking (bsc#1229122)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * Development Tools Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-393=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-393=1

## Package List:

  * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * go1.23-doc-1.23.6-150000.1.21.1
    * go1.23-1.23.6-150000.1.21.1
    * go1.23-race-1.23.6-150000.1.21.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * go1.23-doc-1.23.6-150000.1.21.1
    * go1.23-1.23.6-150000.1.21.1
    * go1.23-race-1.23.6-150000.1.21.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-22866.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1229122
  * https://bugzilla.suse.com/show_bug.cgi?id=1236801

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250210/ff0b7883/attachment.htm>

From null at suse.de  Mon Feb 10 08:30:17 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 10 Feb 2025 08:30:17 -0000
Subject: SUSE-SU-2025:0392-1: moderate: Security update for go1.22
Message-ID: <173917621710.16775.17840058693995734434@smelt2.prg2.suse.org>



# Security update for go1.22

Announcement ID: SUSE-SU-2025:0392-1  
Release Date: 2025-02-10T07:34:22Z  
Rating: moderate  
References:

  * bsc#1218424
  * bsc#1236801

  
Cross-References:

  * CVE-2025-22866

  
CVSS scores:

  * CVE-2025-22866 ( SUSE ):  6.0
    CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-22866 ( SUSE ):  5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

  
Affected Products:

  * Development Tools Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for go1.22 fixes the following issues:

  * CVE-2025-22866: Fixed timing sidechannel for P-256 on ppc64le (bsc#1236801).

Bug fixes:

  * go1.22 release tracking (bsc#1218424)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-392=1

  * Development Tools Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-392=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * go1.22-1.22.12-150000.1.42.1
    * go1.22-race-1.22.12-150000.1.42.1
    * go1.22-doc-1.22.12-150000.1.42.1
  * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * go1.22-1.22.12-150000.1.42.1
    * go1.22-race-1.22.12-150000.1.42.1
    * go1.22-doc-1.22.12-150000.1.42.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-22866.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1218424
  * https://bugzilla.suse.com/show_bug.cgi?id=1236801

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250210/8d9ab8fb/attachment.htm>

From null at suse.de  Mon Feb 10 08:30:21 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 10 Feb 2025 08:30:21 -0000
Subject: SUSE-SU-2025:0391-1: important: Security update for MozillaFirefox
Message-ID: <173917622115.16775.2454465336572856130@smelt2.prg2.suse.org>



# Security update for MozillaFirefox

Announcement ID: SUSE-SU-2025:0391-1  
Release Date: 2025-02-10T07:34:07Z  
Rating: important  
References:

  * bsc#1236539

  
Cross-References:

  * CVE-2024-11704
  * CVE-2025-1009
  * CVE-2025-1010
  * CVE-2025-1011
  * CVE-2025-1012
  * CVE-2025-1013
  * CVE-2025-1014
  * CVE-2025-1016
  * CVE-2025-1017

  
CVSS scores:

  * CVE-2024-11704 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1009 ( SUSE ):  7.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
  * CVE-2025-1009 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1009 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1010 ( SUSE ):  7.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
  * CVE-2025-1010 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1010 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1011 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1011 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1011 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1012 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1012 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1012 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1013 ( SUSE ):  3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
  * CVE-2025-1013 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
  * CVE-2025-1014 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  * CVE-2025-1014 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1014 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1016 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1016 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1016 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1017 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1017 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1017 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves nine vulnerabilities can now be installed.

## Description:

This update for MozillaFirefox to 128.7esr fixes the following issues:

  * MFSA 2025-09
  * CVE-2025-1009 (bmo#1936613) Use-after-free in XSLT
  * CVE-2025-1010 (bmo#1936982) Use-after-free in Custom Highlight
  * CVE-2025-1011 (bmo#1936454) A bug in WebAssembly code generation could
    result in a crash
  * CVE-2025-1012 (bmo#1939710) Use-after-free during concurrent delazification
  * CVE-2024-11704 (bmo#1899402) Potential double-free vulnerability in PKCS#7
    decryption handling
  * CVE-2025-1013 (bmo#1932555) Potential opening of private browsing tabs in
    normal browsing windows
  * CVE-2025-1014 (bmo#1940804) Certificate length was not properly checked
  * CVE-2025-1016 (bmo#1936601, bmo#1936844, bmo#1937694, bmo#1938469,
    bmo#1939583, bmo#1940994) Memory safety bugs fixed in Firefox 135,
    Thunderbird 135, Firefox ESR 115.20, Firefox ESR 128.7, Thunderbird 115.20,
    and Thunderbird 128.7
  * CVE-2025-1017 (bmo#1926256, bmo#1935471, bmo#1935984) Memory safety bugs
    fixed in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird
    128.7

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-391=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-391=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * MozillaFirefox-translations-common-128.7.0-112.246.1
    * MozillaFirefox-128.7.0-112.246.1
    * MozillaFirefox-debugsource-128.7.0-112.246.1
    * MozillaFirefox-debuginfo-128.7.0-112.246.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch)
    * MozillaFirefox-devel-128.7.0-112.246.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * MozillaFirefox-translations-common-128.7.0-112.246.1
    * MozillaFirefox-128.7.0-112.246.1
    * MozillaFirefox-debugsource-128.7.0-112.246.1
    * MozillaFirefox-debuginfo-128.7.0-112.246.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch)
    * MozillaFirefox-devel-128.7.0-112.246.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-11704.html
  * https://www.suse.com/security/cve/CVE-2025-1009.html
  * https://www.suse.com/security/cve/CVE-2025-1010.html
  * https://www.suse.com/security/cve/CVE-2025-1011.html
  * https://www.suse.com/security/cve/CVE-2025-1012.html
  * https://www.suse.com/security/cve/CVE-2025-1013.html
  * https://www.suse.com/security/cve/CVE-2025-1014.html
  * https://www.suse.com/security/cve/CVE-2025-1016.html
  * https://www.suse.com/security/cve/CVE-2025-1017.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236539

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250210/96e582fd/attachment.htm>

From null at suse.de  Mon Feb 10 08:30:23 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 10 Feb 2025 08:30:23 -0000
Subject: SUSE-SU-2025:0390-1: moderate: Security update for openssl-1_1
Message-ID: <173917622379.16775.9410188106537894472@smelt2.prg2.suse.org>



# Security update for openssl-1_1

Announcement ID: SUSE-SU-2025:0390-1  
Release Date: 2025-02-10T07:33:51Z  
Rating: moderate  
References:

  * bsc#1236136

  
Cross-References:

  * CVE-2024-13176

  
CVSS scores:

  * CVE-2024-13176 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-13176 ( SUSE ):  5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-13176 ( NVD ):  4.1 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for openssl-1_1 fixes the following issues:

  * CVE-2024-13176: Fixed timing side-channel in the ECDSA signature computation
    (bsc#1236136)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-390=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-390=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * libopenssl-1_1-devel-1.1.1d-2.116.1
    * libopenssl1_1-hmac-1.1.1d-2.116.1
    * openssl-1_1-debugsource-1.1.1d-2.116.1
    * openssl-1_1-1.1.1d-2.116.1
    * libopenssl1_1-1.1.1d-2.116.1
    * libopenssl1_1-debuginfo-1.1.1d-2.116.1
    * openssl-1_1-debuginfo-1.1.1d-2.116.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64)
    * libopenssl1_1-debuginfo-32bit-1.1.1d-2.116.1
    * libopenssl1_1-32bit-1.1.1d-2.116.1
    * libopenssl-1_1-devel-32bit-1.1.1d-2.116.1
    * libopenssl1_1-hmac-32bit-1.1.1d-2.116.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * libopenssl1_1-32bit-1.1.1d-2.116.1
    * libopenssl1_1-hmac-32bit-1.1.1d-2.116.1
    * libopenssl-1_1-devel-1.1.1d-2.116.1
    * libopenssl1_1-debuginfo-32bit-1.1.1d-2.116.1
    * libopenssl1_1-hmac-1.1.1d-2.116.1
    * openssl-1_1-debugsource-1.1.1d-2.116.1
    * openssl-1_1-1.1.1d-2.116.1
    * libopenssl-1_1-devel-32bit-1.1.1d-2.116.1
    * libopenssl1_1-1.1.1d-2.116.1
    * libopenssl1_1-debuginfo-1.1.1d-2.116.1
    * openssl-1_1-debuginfo-1.1.1d-2.116.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-13176.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236136

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250210/8159e291/attachment.htm>

From null at suse.de  Mon Feb 10 08:30:27 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 10 Feb 2025 08:30:27 -0000
Subject: SUSE-SU-2025:0389-1: important: Security update for bind
Message-ID: <173917622741.16775.17977144319485629491@smelt2.prg2.suse.org>



# Security update for bind

Announcement ID: SUSE-SU-2025:0389-1  
Release Date: 2025-02-10T07:33:42Z  
Rating: important  
References:

  * bsc#1236596

  
Cross-References:

  * CVE-2024-11187

  
CVSS scores:

  * CVE-2024-11187 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-11187 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-11187 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for bind fixes the following issues:

  * CVE-2024-11187: Fixes CPU exhaustion caused by many records in the
    additional section (bsc#1236596)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-389=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-389=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * libisc1107-debuginfo-9.11.22-3.60.2
    * libisccc161-9.11.22-3.60.2
    * libisccc161-debuginfo-9.11.22-3.60.2
    * libisc1107-9.11.22-3.60.2
    * bind-utils-9.11.22-3.60.2
    * bind-9.11.22-3.60.2
    * libisccfg163-9.11.22-3.60.2
    * bind-chrootenv-9.11.22-3.60.2
    * libdns1110-9.11.22-3.60.2
    * libirs161-9.11.22-3.60.2
    * bind-utils-debuginfo-9.11.22-3.60.2
    * liblwres161-debuginfo-9.11.22-3.60.2
    * libirs161-debuginfo-9.11.22-3.60.2
    * bind-debugsource-9.11.22-3.60.2
    * libisc1107-32bit-9.11.22-3.60.2
    * libisc1107-debuginfo-32bit-9.11.22-3.60.2
    * bind-debuginfo-9.11.22-3.60.2
    * libisccfg163-debuginfo-9.11.22-3.60.2
    * libbind9-161-9.11.22-3.60.2
    * bind-devel-9.11.22-3.60.2
    * liblwres161-9.11.22-3.60.2
    * libdns1110-debuginfo-9.11.22-3.60.2
    * libbind9-161-debuginfo-9.11.22-3.60.2
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch)
    * python-bind-9.11.22-3.60.2
    * bind-doc-9.11.22-3.60.2
  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * libisc1107-debuginfo-9.11.22-3.60.2
    * libisccc161-9.11.22-3.60.2
    * libisccc161-debuginfo-9.11.22-3.60.2
    * libisc1107-9.11.22-3.60.2
    * bind-utils-9.11.22-3.60.2
    * bind-9.11.22-3.60.2
    * libisccfg163-9.11.22-3.60.2
    * bind-chrootenv-9.11.22-3.60.2
    * libdns1110-9.11.22-3.60.2
    * libirs161-9.11.22-3.60.2
    * bind-utils-debuginfo-9.11.22-3.60.2
    * liblwres161-debuginfo-9.11.22-3.60.2
    * libirs161-debuginfo-9.11.22-3.60.2
    * bind-debugsource-9.11.22-3.60.2
    * bind-debuginfo-9.11.22-3.60.2
    * libisccfg163-debuginfo-9.11.22-3.60.2
    * libbind9-161-9.11.22-3.60.2
    * bind-devel-9.11.22-3.60.2
    * liblwres161-9.11.22-3.60.2
    * libdns1110-debuginfo-9.11.22-3.60.2
    * libbind9-161-debuginfo-9.11.22-3.60.2
  * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch)
    * python-bind-9.11.22-3.60.2
    * bind-doc-9.11.22-3.60.2
  * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64)
    * libisc1107-debuginfo-32bit-9.11.22-3.60.2
    * libisc1107-32bit-9.11.22-3.60.2

## References:

  * https://www.suse.com/security/cve/CVE-2024-11187.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236596

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250210/c3225e7c/attachment.htm>

From null at suse.de  Mon Feb 10 12:30:06 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 10 Feb 2025 12:30:06 -0000
Subject: SUSE-SU-2025:0404-1: moderate: Security update for rsync
Message-ID: <173919060654.21560.11456292922129489389@smelt2.prg2.suse.org>



# Security update for rsync

Announcement ID: SUSE-SU-2025:0404-1  
Release Date: 2025-02-10T11:49:54Z  
Rating: moderate  
References:

  * bsc#1233760

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that has one security fix can now be installed.

## Description:

This update for rsync fixes the following issues:

  * Bump rsync protocol version to 32 to show server is patched against recent
    vulnerabilities.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-404=1 openSUSE-SLE-15.6-2025-404=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-404=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * rsync-debuginfo-3.2.7-150600.3.11.1
    * rsync-3.2.7-150600.3.11.1
    * rsync-debugsource-3.2.7-150600.3.11.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * rsync-debuginfo-3.2.7-150600.3.11.1
    * rsync-3.2.7-150600.3.11.1
    * rsync-debugsource-3.2.7-150600.3.11.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1233760

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250210/70c40b85/attachment.htm>

From null at suse.de  Mon Feb 10 12:30:12 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 10 Feb 2025 12:30:12 -0000
Subject: SUSE-SU-2025:0401-1: moderate: Security update for crypto-policies,
 krb5
Message-ID: <173919061287.21560.3832334942120727695@smelt2.prg2.suse.org>



# Security update for crypto-policies, krb5

Announcement ID: SUSE-SU-2025:0401-1  
Release Date: 2025-02-10T09:38:40Z  
Rating: moderate  
References:

  * bsc#1236619
  * jsc#PED-12018

  
Cross-References:

  * CVE-2025-24528

  
CVSS scores:

  * CVE-2025-24528 ( SUSE ):  6.0
    CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-24528 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * Server Applications Module 15-SP6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves one vulnerability and contains one feature can now be
installed.

## Description:

This update for crypto-policies and krb5 fixes the following issues:

Security issue fixed:

  * CVE-2025-24528: Fixed out-of-bounds write caused by overflow when
    calculating ulog block size can lead to process crash (bsc#1236619).

Feature addition:

  * Add crypto-policies support; (jsc#PED-12018)

  * The default krb5.conf has been updated to include config snippets in the
    krb5.conf.d directory, where crypto-policies drops its.

  * Allow to use KRB5KDF in FIPS mode; (jsc#PED-12018);

  * This key derivation function is used by AES256-CTS-HMAC-SHA1-96 and
    AES128-CTS-HMAC-SHA1-96 encryption types, used by Active directory. If these
    encryption types are allowed or not in FIPS mode is enforced now by the
    FIPS:AD-SUPPORT subpolicy.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-401=1 openSUSE-SLE-15.6-2025-401=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-401=1

  * Server Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-401=1

## Package List:

  * openSUSE Leap 15.6 (noarch)
    * crypto-policies-20230920.570ea89-150600.3.3.1
    * crypto-policies-scripts-20230920.570ea89-150600.3.3.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * krb5-debugsource-1.20.1-150600.11.8.1
    * krb5-plugin-preauth-pkinit-1.20.1-150600.11.8.1
    * krb5-plugin-preauth-spake-1.20.1-150600.11.8.1
    * krb5-server-debuginfo-1.20.1-150600.11.8.1
    * krb5-mini-debuginfo-1.20.1-150600.11.8.1
    * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150600.11.8.1
    * krb5-mini-1.20.1-150600.11.8.1
    * krb5-mini-devel-1.20.1-150600.11.8.1
    * krb5-devel-1.20.1-150600.11.8.1
    * krb5-client-debuginfo-1.20.1-150600.11.8.1
    * krb5-debuginfo-1.20.1-150600.11.8.1
    * krb5-plugin-kdb-ldap-1.20.1-150600.11.8.1
    * krb5-plugin-preauth-otp-1.20.1-150600.11.8.1
    * krb5-client-1.20.1-150600.11.8.1
    * krb5-plugin-preauth-spake-debuginfo-1.20.1-150600.11.8.1
    * krb5-mini-debugsource-1.20.1-150600.11.8.1
    * krb5-plugin-preauth-otp-debuginfo-1.20.1-150600.11.8.1
    * krb5-1.20.1-150600.11.8.1
    * krb5-server-1.20.1-150600.11.8.1
    * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150600.11.8.1
  * openSUSE Leap 15.6 (x86_64)
    * krb5-32bit-1.20.1-150600.11.8.1
    * krb5-devel-32bit-1.20.1-150600.11.8.1
    * krb5-32bit-debuginfo-1.20.1-150600.11.8.1
  * openSUSE Leap 15.6 (aarch64_ilp32)
    * krb5-devel-64bit-1.20.1-150600.11.8.1
    * krb5-64bit-1.20.1-150600.11.8.1
    * krb5-64bit-debuginfo-1.20.1-150600.11.8.1
  * Basesystem Module 15-SP6 (noarch)
    * crypto-policies-20230920.570ea89-150600.3.3.1
    * crypto-policies-scripts-20230920.570ea89-150600.3.3.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * krb5-debugsource-1.20.1-150600.11.8.1
    * krb5-plugin-preauth-pkinit-1.20.1-150600.11.8.1
    * krb5-devel-1.20.1-150600.11.8.1
    * krb5-plugin-preauth-otp-1.20.1-150600.11.8.1
    * krb5-debuginfo-1.20.1-150600.11.8.1
    * krb5-client-debuginfo-1.20.1-150600.11.8.1
    * krb5-client-1.20.1-150600.11.8.1
    * krb5-plugin-preauth-otp-debuginfo-1.20.1-150600.11.8.1
    * krb5-1.20.1-150600.11.8.1
    * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150600.11.8.1
  * Basesystem Module 15-SP6 (x86_64)
    * krb5-32bit-1.20.1-150600.11.8.1
    * krb5-32bit-debuginfo-1.20.1-150600.11.8.1
  * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * krb5-debugsource-1.20.1-150600.11.8.1
    * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150600.11.8.1
    * krb5-plugin-kdb-ldap-1.20.1-150600.11.8.1
    * krb5-debuginfo-1.20.1-150600.11.8.1
    * krb5-server-1.20.1-150600.11.8.1
    * krb5-server-debuginfo-1.20.1-150600.11.8.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-24528.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236619
  * https://jira.suse.com/browse/PED-12018

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250210/add01225/attachment.htm>

From null at suse.de  Mon Feb 10 12:30:15 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 10 Feb 2025 12:30:15 -0000
Subject: SUSE-RU-2025:0400-1: moderate: Recommended update for
 container-suseconnect
Message-ID: <173919061565.21560.466319559806741028@smelt2.prg2.suse.org>



# Recommended update for container-suseconnect

Announcement ID: SUSE-RU-2025:0400-1  
Release Date: 2025-02-10T09:38:18Z  
Rating: moderate  
References:

  
Affected Products:

  * Containers Module 15-SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that can now be installed.

## Description:

This update rebuilds container-suseconnect against go1.23-openssl.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * Containers Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-400=1

## Package List:

  * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * container-suseconnect-2.5.0-150000.4.58.1

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250210/08c7443b/attachment.htm>

From null at suse.de  Mon Feb 10 12:30:18 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 10 Feb 2025 12:30:18 -0000
Subject: SUSE-RU-2025:0399-1: moderate: Recommended update for
 java-1_8_0-openjdk
Message-ID: <173919061822.21560.2968424615218951278@smelt2.prg2.suse.org>



# Recommended update for java-1_8_0-openjdk

Announcement ID: SUSE-RU-2025:0399-1  
Release Date: 2025-02-10T09:15:23Z  
Rating: moderate  
References:

  
Affected Products:

  * Legacy Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that can now be installed.

## Description:

This update for java-1_8_0-openjdk fixes the following issues:

  * Update to version jdk8u442 (icedtea-3.34.0)
  * Security fixes
    * No CVE from the January 2025 CPU affects jdk8u432, nonetheless this release contains defense-in-depth fixes
  * Import of OpenJDK 8 u442 build 06
    * Zero name_index item of MethodParameters attribute cause MalformedParameterException
    * (fs) java/nio/file/Files/probeContentType/ParallelProbes.java should use othervm mode
    * Swing: Invalid position of candidate pop-up of InputMethod in Hi-DPI on Windows
    * Upgrade to LittleCMS 2.12
    * Open source several Swing Text related tests
    * Enhanced Building of Processes
    * Add an operation mode to the jar command when extracting to not overwriting existing files
    * Enhance mask blit functionality redux
    * GHA: some of bundles may not get removed
    * [8u] Profiler crashes at guarantee(is_result_safe || is_in_asgct()): unsafe access to zombie method
    * Replace ThreadLocalStorage::thread with Thread::current_or_null in jdk8

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-399=1

  * Legacy Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2025-399=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-399=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-399=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-399=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-399=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-399=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-399=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-399=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-399=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-399=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-399=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * java-1_8_0-openjdk-src-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-demo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-debugsource-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-devel-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-devel-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-headless-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-demo-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-headless-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-accessibility-1.8.0.442-150000.3.103.2
  * openSUSE Leap 15.6 (noarch)
    * java-1_8_0-openjdk-javadoc-1.8.0.442-150000.3.103.2
  * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * java-1_8_0-openjdk-demo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-debugsource-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-devel-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-devel-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-headless-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-demo-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-headless-1.8.0.442-150000.3.103.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * java-1_8_0-openjdk-demo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-debugsource-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-devel-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-devel-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-headless-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-demo-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-headless-1.8.0.442-150000.3.103.2
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * java-1_8_0-openjdk-demo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-debugsource-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-devel-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-devel-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-headless-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-demo-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-headless-1.8.0.442-150000.3.103.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * java-1_8_0-openjdk-demo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-debugsource-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-devel-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-devel-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-headless-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-demo-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-headless-1.8.0.442-150000.3.103.2
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * java-1_8_0-openjdk-demo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-debugsource-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-devel-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-devel-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-headless-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-demo-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-headless-1.8.0.442-150000.3.103.2
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * java-1_8_0-openjdk-demo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-debugsource-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-devel-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-devel-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-headless-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-demo-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-headless-1.8.0.442-150000.3.103.2
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * java-1_8_0-openjdk-demo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-debugsource-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-devel-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-devel-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-headless-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-demo-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-headless-1.8.0.442-150000.3.103.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * java-1_8_0-openjdk-demo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-debugsource-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-devel-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-devel-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-headless-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-demo-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-headless-1.8.0.442-150000.3.103.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * java-1_8_0-openjdk-demo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-debugsource-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-devel-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-devel-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-headless-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-demo-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-headless-1.8.0.442-150000.3.103.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * java-1_8_0-openjdk-demo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-debugsource-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-devel-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-devel-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-headless-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-demo-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-headless-1.8.0.442-150000.3.103.2
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * java-1_8_0-openjdk-demo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-debugsource-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-devel-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-devel-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-headless-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-demo-debuginfo-1.8.0.442-150000.3.103.2
    * java-1_8_0-openjdk-headless-1.8.0.442-150000.3.103.2

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250210/caf690b3/attachment.htm>

From null at suse.de  Mon Feb 10 12:30:20 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 10 Feb 2025 12:30:20 -0000
Subject: SUSE-RU-2025:0398-1: moderate: Recommended update for
 java-1_8_0-openjdk
Message-ID: <173919062019.21560.8128210648884618595@smelt2.prg2.suse.org>



# Recommended update for java-1_8_0-openjdk

Announcement ID: SUSE-RU-2025:0398-1  
Release Date: 2025-02-10T09:14:08Z  
Rating: moderate  
References:

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that can now be installed.

## Description:

This update for java-1_8_0-openjdk fixes the following issues:

  * Update to version jdk8u442 (icedtea-3.34.0)
  * Security fixes
    * No CVE from the January 2025 CPU affects jdk8u432, nonetheless this release contains defense-in-depth fixes
  * Import of OpenJDK 8 u442 build 06
    * Zero name_index item of MethodParameters attribute cause MalformedParameterException
    * (fs) java/nio/file/Files/probeContentType/ParallelProbes.java should use othervm mode
    * Swing: Invalid position of candidate pop-up of InputMethod in Hi-DPI on Windows
    * Upgrade to LittleCMS 2.12
    * Open source several Swing Text related tests
    * Enhanced Building of Processes
    * Add an operation mode to the jar command when extracting to not overwriting existing files
    * Enhance mask blit functionality redux
    * GHA: some of bundles may not get removed
    * [8u] Profiler crashes at guarantee(is_result_safe || is_in_asgct()): unsafe access to zombie method
    * Replace ThreadLocalStorage::thread with Thread::current_or_null in jdk8

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-398=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-398=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * java-1_8_0-openjdk-demo-1.8.0.442-27.111.1
    * java-1_8_0-openjdk-demo-debuginfo-1.8.0.442-27.111.1
    * java-1_8_0-openjdk-devel-debuginfo-1.8.0.442-27.111.1
    * java-1_8_0-openjdk-headless-1.8.0.442-27.111.1
    * java-1_8_0-openjdk-debugsource-1.8.0.442-27.111.1
    * java-1_8_0-openjdk-debuginfo-1.8.0.442-27.111.1
    * java-1_8_0-openjdk-1.8.0.442-27.111.1
    * java-1_8_0-openjdk-devel-1.8.0.442-27.111.1
    * java-1_8_0-openjdk-headless-debuginfo-1.8.0.442-27.111.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * java-1_8_0-openjdk-demo-1.8.0.442-27.111.1
    * java-1_8_0-openjdk-demo-debuginfo-1.8.0.442-27.111.1
    * java-1_8_0-openjdk-devel-debuginfo-1.8.0.442-27.111.1
    * java-1_8_0-openjdk-headless-1.8.0.442-27.111.1
    * java-1_8_0-openjdk-debugsource-1.8.0.442-27.111.1
    * java-1_8_0-openjdk-debuginfo-1.8.0.442-27.111.1
    * java-1_8_0-openjdk-1.8.0.442-27.111.1
    * java-1_8_0-openjdk-devel-1.8.0.442-27.111.1
    * java-1_8_0-openjdk-headless-debuginfo-1.8.0.442-27.111.1

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250210/08df26d5/attachment.htm>

From null at suse.de  Mon Feb 10 12:30:25 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 10 Feb 2025 12:30:25 -0000
Subject: SUSE-RU-2025:0397-1: moderate: Recommended update for rmt-server
Message-ID: <173919062559.21560.4010769384447621953@smelt2.prg2.suse.org>



# Recommended update for rmt-server

Announcement ID: SUSE-RU-2025:0397-1  
Release Date: 2025-02-10T09:04:35Z  
Rating: moderate  
References:

  * bsc#1230157
  * bsc#1230419
  * bsc#1232808
  * bsc#1234844

  
Affected Products:

  * openSUSE Leap 15.5
  * openSUSE Leap 15.6
  * Public Cloud Module 15-SP5
  * Public Cloud Module 15-SP6
  * Server Applications Module 15-SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that has four fixes can now be installed.

## Description:

This update for rmt-server fixes the following issues:

  * Allow users to configure the SUMA product tree base URL to download
    'product_tree.json' from host other than 'scc.suse.com' (bsc#1234844)
  * Update Micro check due to Micro 6.0 and 6.1 identifier (bsc#1230419)
  * Remove obsolete repositories and associations from rmt during SCC sync
    (bsc#1232808)
  * Do not re-download repomd metadata if already exists and be the latest
    version
  * rmt-server-pubcloud:
    * Update Zypper path allowing check to handle paid extensions (i.e. LTSS) (bsc#1230157)
    * Add data export engine

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-397=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-397=1

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-397=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-397=1

  * Public Cloud Module 15-SP5  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2025-397=1

  * Public Cloud Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-397=1

  * Server Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-397=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-397=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-397=1

## Package List:

  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * rmt-server-config-2.21-150500.3.28.1
    * rmt-server-debugsource-2.21-150500.3.28.1
    * rmt-server-debuginfo-2.21-150500.3.28.1
    * rmt-server-2.21-150500.3.28.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * rmt-server-config-2.21-150500.3.28.1
    * rmt-server-debugsource-2.21-150500.3.28.1
    * rmt-server-debuginfo-2.21-150500.3.28.1
    * rmt-server-2.21-150500.3.28.1
  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
    * rmt-server-pubcloud-2.21-150500.3.28.1
    * rmt-server-debugsource-2.21-150500.3.28.1
    * rmt-server-debuginfo-2.21-150500.3.28.1
    * rmt-server-2.21-150500.3.28.1
    * rmt-server-config-2.21-150500.3.28.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * rmt-server-pubcloud-2.21-150500.3.28.1
    * rmt-server-debugsource-2.21-150500.3.28.1
    * rmt-server-debuginfo-2.21-150500.3.28.1
    * rmt-server-2.21-150500.3.28.1
    * rmt-server-config-2.21-150500.3.28.1
  * Public Cloud Module 15-SP5 (aarch64 ppc64le s390x x86_64)
    * rmt-server-pubcloud-2.21-150500.3.28.1
    * rmt-server-debugsource-2.21-150500.3.28.1
    * rmt-server-debuginfo-2.21-150500.3.28.1
  * Public Cloud Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * rmt-server-pubcloud-2.21-150500.3.28.1
    * rmt-server-debugsource-2.21-150500.3.28.1
    * rmt-server-debuginfo-2.21-150500.3.28.1
  * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * rmt-server-config-2.21-150500.3.28.1
    * rmt-server-debugsource-2.21-150500.3.28.1
    * rmt-server-debuginfo-2.21-150500.3.28.1
    * rmt-server-2.21-150500.3.28.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * rmt-server-config-2.21-150500.3.28.1
    * rmt-server-debugsource-2.21-150500.3.28.1
    * rmt-server-debuginfo-2.21-150500.3.28.1
    * rmt-server-2.21-150500.3.28.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * rmt-server-config-2.21-150500.3.28.1
    * rmt-server-debugsource-2.21-150500.3.28.1
    * rmt-server-debuginfo-2.21-150500.3.28.1
    * rmt-server-2.21-150500.3.28.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1230157
  * https://bugzilla.suse.com/show_bug.cgi?id=1230419
  * https://bugzilla.suse.com/show_bug.cgi?id=1232808
  * https://bugzilla.suse.com/show_bug.cgi?id=1234844

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250210/39db2a66/attachment.htm>

From null at suse.de  Mon Feb 10 12:30:30 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 10 Feb 2025 12:30:30 -0000
Subject: SUSE-RU-2025:0396-1: important: Recommended update for nfsidmap
Message-ID: <173919063051.21560.7148274782972629831@smelt2.prg2.suse.org>



# Recommended update for nfsidmap

Announcement ID: SUSE-RU-2025:0396-1  
Release Date: 2025-02-10T08:43:26Z  
Rating: important  
References:

  * bsc#1236077

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that has one fix can now be installed.

## Description:

This update for nfsidmap fixes the following issues:

  * nss: use strrchr() instead of strchr() to get the last occurrence of "@"
    (bsc#1236077)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-396=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-396=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * nfsidmap-0.25-7.6.1
    * nfsidmap-debugsource-0.25-7.6.1
    * nfsidmap-debuginfo-0.25-7.6.1
    * nfsidmap-devel-0.25-7.6.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * nfsidmap-0.25-7.6.1
    * nfsidmap-debugsource-0.25-7.6.1
    * nfsidmap-debuginfo-0.25-7.6.1
    * nfsidmap-devel-0.25-7.6.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1236077

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250210/078e676e/attachment.htm>

From null at suse.de  Mon Feb 10 12:30:35 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 10 Feb 2025 12:30:35 -0000
Subject: SUSE-FU-2025:0395-1: low: Feature update for opencv,
 python-matplotlib, python-pendulum
Message-ID: <173919063517.21560.9519797380617375083@smelt2.prg2.suse.org>



# Feature update for opencv, python-matplotlib, python-pendulum

Announcement ID: SUSE-FU-2025:0395-1  
Release Date: 2025-02-10T08:43:13Z  
Rating: low  
References:

  * bsc#1232802
  * bsc#1232804
  * bsc#1232805

  
Affected Products:

  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Linux Enterprise Workstation Extension 15 SP6
  * SUSE Package Hub 15 15-SP6

  
  
An update that has three fixes can now be installed.

## Description:

This update for opencv, python-matplotlib, python-pendulum fixes the following
issues:

  * Add python311-opencv, python311-pendulum, python311-matplotlib to PackageHub
    15-SP6 (bsc#1232804, bsc#1232805, bsc#1232802)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-395=1 openSUSE-SLE-15.6-2025-395=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-395=1

  * SUSE Linux Enterprise Workstation Extension 15 SP6  
    zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2025-395=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * libopencv_highgui409-4.9.0-150600.3.2.1
    * libopencv_ximgproc409-4.9.0-150600.3.2.1
    * python311-opencv-debuginfo-4.9.0-150600.3.2.1
    * python311-matplotlib-cairo-3.8.3-150600.3.2.1
    * libopencv_face409-4.9.0-150600.3.2.1
    * libopencv_gapi409-4.9.0-150600.3.2.1
    * libopencv_superres409-4.9.0-150600.3.2.1
    * opencv-debugsource-4.9.0-150600.3.2.1
    * python311-opencv-4.9.0-150600.3.2.1
    * python311-matplotlib-gtk3-3.8.3-150600.3.2.1
    * python311-matplotlib-qt-3.8.3-150600.3.2.1
    * python3-opencv-4.9.0-150600.3.2.1
    * python311-pendulum-2.1.2-150600.3.2.1
    * python311-matplotlib-tk-3.8.3-150600.3.2.1
    * python-pendulum-debugsource-2.1.2-150600.3.2.1
    * libopencv_imgcodecs409-4.9.0-150600.3.2.1
    * libopencv_objdetect409-debuginfo-4.9.0-150600.3.2.1
    * libopencv_gapi409-debuginfo-4.9.0-150600.3.2.1
    * libopencv_ximgproc409-debuginfo-4.9.0-150600.3.2.1
    * opencv-debuginfo-4.9.0-150600.3.2.1
    * libopencv_aruco409-debuginfo-4.9.0-150600.3.2.1
    * libopencv_videostab409-debuginfo-4.9.0-150600.3.2.1
    * libopencv_aruco409-4.9.0-150600.3.2.1
    * python311-matplotlib-web-3.8.3-150600.3.2.1
    * python311-matplotlib-debuginfo-3.8.3-150600.3.2.1
    * libopencv_highgui409-debuginfo-4.9.0-150600.3.2.1
    * libopencv_superres409-debuginfo-4.9.0-150600.3.2.1
    * python311-matplotlib-gtk-common-3.8.3-150600.3.2.1
    * libopencv_objdetect409-4.9.0-150600.3.2.1
    * python3-opencv-debuginfo-4.9.0-150600.3.2.1
    * python311-matplotlib-testdata-3.8.3-150600.3.2.1
    * libopencv_face409-debuginfo-4.9.0-150600.3.2.1
    * libopencv_optflow409-debuginfo-4.9.0-150600.3.2.1
    * opencv-4.9.0-150600.3.2.1
    * python311-matplotlib-3.8.3-150600.3.2.1
    * libopencv_imgcodecs409-debuginfo-4.9.0-150600.3.2.1
    * libopencv409-debuginfo-4.9.0-150600.3.2.1
    * libopencv_videostab409-4.9.0-150600.3.2.1
    * libopencv_videoio409-4.9.0-150600.3.2.1
    * libopencv409-4.9.0-150600.3.2.1
    * python311-matplotlib-gtk4-3.8.3-150600.3.2.1
    * python311-pendulum-debuginfo-2.1.2-150600.3.2.1
    * libopencv_optflow409-4.9.0-150600.3.2.1
    * opencv-devel-4.9.0-150600.3.2.1
    * libopencv_videoio409-debuginfo-4.9.0-150600.3.2.1
  * openSUSE Leap 15.6 (noarch)
    * opencv4-cascades-data-4.9.0-150600.3.2.1
    * opencv-doc-4.9.0-150600.3.2.1
    * python311-matplotlib-latex-3.8.3-150600.3.2.1
  * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64)
    * python3-opencv-debuginfo-4.9.0-150600.3.2.1
    * opencv-debugsource-4.9.0-150600.3.2.1
    * python311-opencv-4.9.0-150600.3.2.1
    * opencv-debuginfo-4.9.0-150600.3.2.1
    * python311-pendulum-2.1.2-150600.3.2.1
    * python3-opencv-4.9.0-150600.3.2.1
    * python311-matplotlib-3.8.3-150600.3.2.1
  * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64)
    * libopencv_highgui409-4.9.0-150600.3.2.1
    * libopencv_ximgproc409-4.9.0-150600.3.2.1
    * libopencv_face409-4.9.0-150600.3.2.1
    * libopencv_gapi409-4.9.0-150600.3.2.1
    * libopencv_superres409-4.9.0-150600.3.2.1
    * opencv-debugsource-4.9.0-150600.3.2.1
    * libopencv_imgcodecs409-4.9.0-150600.3.2.1
    * libopencv_objdetect409-debuginfo-4.9.0-150600.3.2.1
    * libopencv_gapi409-debuginfo-4.9.0-150600.3.2.1
    * libopencv_ximgproc409-debuginfo-4.9.0-150600.3.2.1
    * opencv-debuginfo-4.9.0-150600.3.2.1
    * libopencv_aruco409-debuginfo-4.9.0-150600.3.2.1
    * libopencv_videostab409-debuginfo-4.9.0-150600.3.2.1
    * libopencv_aruco409-4.9.0-150600.3.2.1
    * libopencv_highgui409-debuginfo-4.9.0-150600.3.2.1
    * libopencv_superres409-debuginfo-4.9.0-150600.3.2.1
    * libopencv_objdetect409-4.9.0-150600.3.2.1
    * libopencv_face409-debuginfo-4.9.0-150600.3.2.1
    * libopencv_optflow409-debuginfo-4.9.0-150600.3.2.1
    * opencv-4.9.0-150600.3.2.1
    * libopencv_imgcodecs409-debuginfo-4.9.0-150600.3.2.1
    * libopencv409-debuginfo-4.9.0-150600.3.2.1
    * libopencv_videostab409-4.9.0-150600.3.2.1
    * libopencv_videoio409-4.9.0-150600.3.2.1
    * libopencv409-4.9.0-150600.3.2.1
    * libopencv_optflow409-4.9.0-150600.3.2.1
    * opencv-devel-4.9.0-150600.3.2.1
    * libopencv_videoio409-debuginfo-4.9.0-150600.3.2.1
  * SUSE Linux Enterprise Workstation Extension 15 SP6 (noarch)
    * opencv4-cascades-data-4.9.0-150600.3.2.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1232802
  * https://bugzilla.suse.com/show_bug.cgi?id=1232804
  * https://bugzilla.suse.com/show_bug.cgi?id=1232805

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250210/b9286e88/attachment.htm>

From null at suse.de  Mon Feb 10 16:30:14 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 10 Feb 2025 16:30:14 -0000
Subject: SUSE-SU-2025:0407-1: important: Security update for ovmf
Message-ID: <173920501429.21560.11955020705197330292@smelt2.prg2.suse.org>



# Security update for ovmf

Announcement ID: SUSE-SU-2025:0407-1  
Release Date: 2025-02-10T13:56:35Z  
Rating: important  
References:

  * bsc#1218879
  * bsc#1218880
  * bsc#1218881
  * bsc#1218882
  * bsc#1218883
  * bsc#1218884
  * bsc#1218885
  * bsc#1218886
  * bsc#1218887

  
Cross-References:

  * CVE-2023-45229
  * CVE-2023-45230
  * CVE-2023-45231
  * CVE-2023-45232
  * CVE-2023-45233
  * CVE-2023-45234
  * CVE-2023-45235
  * CVE-2023-45236
  * CVE-2023-45237

  
CVSS scores:

  * CVE-2023-45229 ( SUSE ):  6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-45229 ( NVD ):  6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-45230 ( SUSE ):  8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
  * CVE-2023-45230 ( NVD ):  8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-45230 ( NVD ):  8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
  * CVE-2023-45231 ( SUSE ):  6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-45231 ( NVD ):  6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-45232 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-45232 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-45233 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-45233 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-45234 ( SUSE ):  8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
  * CVE-2023-45234 ( NVD ):  8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-45235 ( SUSE ):  8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
  * CVE-2023-45235 ( NVD ):  8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-45236 ( SUSE ):  5.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
  * CVE-2023-45236 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-45237 ( SUSE ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
  * CVE-2023-45237 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

  
Affected Products:

  * openSUSE Leap 15.5
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5

  
  
An update that solves nine vulnerabilities can now be installed.

## Description:

This update for ovmf fixes the following issues:

  * CVE-2023-45229: out-of-bounds read in edk2 when processing IA_NA/IA_TA
    options in DHCPv6 Advertise messages. (bsc#1218879)
  * CVE-2023-45230: buffer overflow in the DHCPv6 client in edk2 via a long
    Server ID option. (bsc#1218880)
  * CVE-2023-45231: out-of-bounds read in edk2 when handling a ND Redirect
    message with truncated options. (bsc#1218881)
  * CVE-2023-45232: infinite loop in edk2 when parsing unknown options in the
    Destination Options header. (bsc#1218882)
  * CVE-2023-45233: infinite loop in edk2 when parsing PadN options in the
    Destination Options header. (bsc#1218883)
  * CVE-2023-45234: buffer overflow in edk2 when processing DNS Servers options
    in a DHCPv6 Advertise message. (bsc#1218884)
  * CVE-2023-45235: buffer overflow in edk2 when handling the Server ID option
    in a DHCPv6 proxy Advertise message. (bsc#1218885)
  * CVE-2023-45236: predictable TCP Initial Sequence Numbers in edk2 network
    packages. (bsc#1218886)
  * CVE-2023-45237: use of a weak pseudorandom number generator in edk2.
    (bsc#1218887)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-407=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-407=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-407=1

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-407=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-407=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-407=1

## Package List:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * ovmf-202208-150500.6.6.1
    * ovmf-tools-202208-150500.6.6.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * qemu-ovmf-x86_64-202208-150500.6.6.1
    * qemu-uefi-aarch64-202208-150500.6.6.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 x86_64)
    * ovmf-202208-150500.6.6.1
    * ovmf-tools-202208-150500.6.6.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * qemu-ovmf-x86_64-202208-150500.6.6.1
    * qemu-uefi-aarch64-202208-150500.6.6.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64)
    * ovmf-202208-150500.6.6.1
    * ovmf-tools-202208-150500.6.6.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * qemu-ovmf-x86_64-202208-150500.6.6.1
  * openSUSE Leap 15.5 (aarch64 x86_64)
    * ovmf-202208-150500.6.6.1
    * ovmf-tools-202208-150500.6.6.1
  * openSUSE Leap 15.5 (noarch)
    * qemu-ovmf-ia32-202208-150500.6.6.1
    * qemu-ovmf-x86_64-202208-150500.6.6.1
    * qemu-uefi-aarch64-202208-150500.6.6.1
    * qemu-uefi-aarch32-202208-150500.6.6.1
  * openSUSE Leap 15.5 (x86_64)
    * qemu-ovmf-x86_64-debug-202208-150500.6.6.1
  * SUSE Linux Enterprise Micro 5.5 (noarch)
    * qemu-ovmf-x86_64-202208-150500.6.6.1
    * qemu-uefi-aarch64-202208-150500.6.6.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * ovmf-202208-150500.6.6.1
    * ovmf-tools-202208-150500.6.6.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * qemu-ovmf-x86_64-202208-150500.6.6.1
    * qemu-uefi-aarch64-202208-150500.6.6.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-45229.html
  * https://www.suse.com/security/cve/CVE-2023-45230.html
  * https://www.suse.com/security/cve/CVE-2023-45231.html
  * https://www.suse.com/security/cve/CVE-2023-45232.html
  * https://www.suse.com/security/cve/CVE-2023-45233.html
  * https://www.suse.com/security/cve/CVE-2023-45234.html
  * https://www.suse.com/security/cve/CVE-2023-45235.html
  * https://www.suse.com/security/cve/CVE-2023-45236.html
  * https://www.suse.com/security/cve/CVE-2023-45237.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1218879
  * https://bugzilla.suse.com/show_bug.cgi?id=1218880
  * https://bugzilla.suse.com/show_bug.cgi?id=1218881
  * https://bugzilla.suse.com/show_bug.cgi?id=1218882
  * https://bugzilla.suse.com/show_bug.cgi?id=1218883
  * https://bugzilla.suse.com/show_bug.cgi?id=1218884
  * https://bugzilla.suse.com/show_bug.cgi?id=1218885
  * https://bugzilla.suse.com/show_bug.cgi?id=1218886
  * https://bugzilla.suse.com/show_bug.cgi?id=1218887

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250210/d1abbb5d/attachment.htm>

From null at suse.de  Mon Feb 10 16:30:17 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 10 Feb 2025 16:30:17 -0000
Subject: SUSE-SU-2025:0406-1: moderate: Security update for python310
Message-ID: <173920501721.21560.275276495638214310@smelt2.prg2.suse.org>



# Security update for python310

Announcement ID: SUSE-SU-2025:0406-1  
Release Date: 2025-02-10T13:55:52Z  
Rating: moderate  
References:

  * bsc#1236705

  
Cross-References:

  * CVE-2025-0938

  
CVSS scores:

  * CVE-2025-0938 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N
  * CVE-2025-0938 ( SUSE ):  4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
  * CVE-2025-0938 ( NVD ):  6.3
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

  
Affected Products:

  * openSUSE Leap 15.4
  * openSUSE Leap 15.6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for python310 fixes the following issues:

  * CVE-2025-0938: domain names containing square brackets are not identified as
    incorrect by urlparse. (bsc#1236705)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-406=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-406=1

## Package List:

  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * python310-tk-debuginfo-3.10.16-150400.4.69.1
    * python310-devel-3.10.16-150400.4.69.1
    * libpython3_10-1_0-3.10.16-150400.4.69.1
    * python310-core-debugsource-3.10.16-150400.4.69.1
    * python310-doc-3.10.16-150400.4.69.1
    * python310-debuginfo-3.10.16-150400.4.69.1
    * python310-base-debuginfo-3.10.16-150400.4.69.1
    * python310-dbm-3.10.16-150400.4.69.1
    * python310-doc-devhelp-3.10.16-150400.4.69.1
    * python310-testsuite-debuginfo-3.10.16-150400.4.69.1
    * python310-base-3.10.16-150400.4.69.1
    * python310-debugsource-3.10.16-150400.4.69.1
    * python310-tk-3.10.16-150400.4.69.1
    * python310-dbm-debuginfo-3.10.16-150400.4.69.1
    * python310-3.10.16-150400.4.69.1
    * python310-curses-debuginfo-3.10.16-150400.4.69.1
    * python310-curses-3.10.16-150400.4.69.1
    * python310-idle-3.10.16-150400.4.69.1
    * python310-tools-3.10.16-150400.4.69.1
    * python310-testsuite-3.10.16-150400.4.69.1
    * libpython3_10-1_0-debuginfo-3.10.16-150400.4.69.1
  * openSUSE Leap 15.4 (x86_64)
    * python310-base-32bit-debuginfo-3.10.16-150400.4.69.1
    * libpython3_10-1_0-32bit-3.10.16-150400.4.69.1
    * libpython3_10-1_0-32bit-debuginfo-3.10.16-150400.4.69.1
    * python310-base-32bit-3.10.16-150400.4.69.1
    * python310-32bit-3.10.16-150400.4.69.1
    * python310-32bit-debuginfo-3.10.16-150400.4.69.1
  * openSUSE Leap 15.4 (aarch64_ilp32)
    * python310-64bit-debuginfo-3.10.16-150400.4.69.1
    * libpython3_10-1_0-64bit-debuginfo-3.10.16-150400.4.69.1
    * libpython3_10-1_0-64bit-3.10.16-150400.4.69.1
    * python310-64bit-3.10.16-150400.4.69.1
    * python310-base-64bit-debuginfo-3.10.16-150400.4.69.1
    * python310-base-64bit-3.10.16-150400.4.69.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * python310-tk-debuginfo-3.10.16-150400.4.69.1
    * python310-devel-3.10.16-150400.4.69.1
    * libpython3_10-1_0-3.10.16-150400.4.69.1
    * python310-core-debugsource-3.10.16-150400.4.69.1
    * python310-doc-3.10.16-150400.4.69.1
    * python310-debuginfo-3.10.16-150400.4.69.1
    * python310-base-debuginfo-3.10.16-150400.4.69.1
    * python310-dbm-3.10.16-150400.4.69.1
    * python310-doc-devhelp-3.10.16-150400.4.69.1
    * python310-testsuite-debuginfo-3.10.16-150400.4.69.1
    * python310-base-3.10.16-150400.4.69.1
    * python310-debugsource-3.10.16-150400.4.69.1
    * python310-tk-3.10.16-150400.4.69.1
    * python310-dbm-debuginfo-3.10.16-150400.4.69.1
    * python310-3.10.16-150400.4.69.1
    * python310-curses-3.10.16-150400.4.69.1
    * python310-curses-debuginfo-3.10.16-150400.4.69.1
    * python310-idle-3.10.16-150400.4.69.1
    * python310-tools-3.10.16-150400.4.69.1
    * python310-testsuite-3.10.16-150400.4.69.1
    * libpython3_10-1_0-debuginfo-3.10.16-150400.4.69.1
  * openSUSE Leap 15.6 (x86_64)
    * python310-base-32bit-debuginfo-3.10.16-150400.4.69.1
    * libpython3_10-1_0-32bit-3.10.16-150400.4.69.1
    * libpython3_10-1_0-32bit-debuginfo-3.10.16-150400.4.69.1
    * python310-base-32bit-3.10.16-150400.4.69.1
    * python310-32bit-3.10.16-150400.4.69.1
    * python310-32bit-debuginfo-3.10.16-150400.4.69.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-0938.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236705

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250210/6831c142/attachment.htm>

From null at suse.de  Mon Feb 10 16:30:22 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 10 Feb 2025 16:30:22 -0000
Subject: SUSE-SU-2025:0405-1: important: Security update for MozillaThunderbird
Message-ID: <173920502267.21560.2234045947300790336@smelt2.prg2.suse.org>



# Security update for MozillaThunderbird

Announcement ID: SUSE-SU-2025:0405-1  
Release Date: 2025-02-10T13:54:56Z  
Rating: important  
References:

  * bsc#1236411
  * bsc#1236539

  
Cross-References:

  * CVE-2024-11704
  * CVE-2025-0510
  * CVE-2025-1009
  * CVE-2025-1010
  * CVE-2025-1011
  * CVE-2025-1012
  * CVE-2025-1013
  * CVE-2025-1014
  * CVE-2025-1015
  * CVE-2025-1016
  * CVE-2025-1017

  
CVSS scores:

  * CVE-2024-11704 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0510 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
  * CVE-2025-0510 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
  * CVE-2025-0510 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
  * CVE-2025-1009 ( SUSE ):  7.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
  * CVE-2025-1009 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1009 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1010 ( SUSE ):  7.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
  * CVE-2025-1010 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1010 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1011 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1011 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1011 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1012 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1012 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1012 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1013 ( SUSE ):  3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
  * CVE-2025-1013 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
  * CVE-2025-1014 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  * CVE-2025-1014 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1014 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1015 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1015 ( NVD ):  5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
  * CVE-2025-1015 ( NVD ):  5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
  * CVE-2025-1016 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1016 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1016 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1017 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1017 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1017 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Linux Enterprise Workstation Extension 15 SP6
  * SUSE Package Hub 15 15-SP6

  
  
An update that solves 11 vulnerabilities can now be installed.

## Description:

This update for MozillaThunderbird fixes the following issues:

Update to Mozilla Thunderbird 128.7 (MFSA 2025-10, bsc#1236539).

Security fixes:

  * CVE-2025-1009: use-after-free in XSLT.
  * CVE-2025-1010: use-after-free in Custom Highlight.
  * CVE-2025-1011: a bug in WebAssembly code generation could result in a crash.
  * CVE-2025-1012: use-after-free during concurrent delazification.
  * CVE-2024-11704: potential double-free vulnerability in PKCS#7 decryption
    handling.
  * CVE-2025-1013: potential opening of private browsing tabs in normal browsing
    windows.
  * CVE-2025-1014: certificate length was not properly checked.
  * CVE-2025-1015: unsanitized address book fields.
  * CVE-2025-0510: address of e-mail sender can be spoofed by malicious email.
  * CVE-2025-1016: memory safety bugs.
  * CVE-2025-1017: memory safety bugs.

Other fixes:

  * fixed: images inside links could zoom when clicked instead of opening the
    link.
  * fixed: compacting an empty folder failed with write error.
  * fixed: compacting of IMAP folder with corrupted local storage failed with
    write error.
  * fixed: after restart, all restored tabs with opened PDFs showed the same
    attachment.
  * fixed: exceptions during CalDAV item processing would halt subsequent item
    handling.
  * fixed: context menu was unable to move email address to a different field.
  * fixed: link at about:rights pointed to Firefox privacy policy instead of
    Thunderbird's.
  * fixed: POP3 'fetch headers only' and 'get selected messages' could delete
    messages.
  * fixed: 'Search Online' checkbox in saved search properties was incorrectly
    disabled.
  * fixed: POP3 status message showed incorrect download count when messages
    were deleted.
  * fixed: space bar did not always advance to the next unread message.
  * fixed: folder creation or renaming failed due to incorrect preference
    settings.
  * fixed: forwarding/editing S/MIME drafts/templates unusable due to regression
    (bsc#1236411).
  * fixed: sort order in 'Search Messages' panel reset after search or on first
    launch.
  * fixed: reply window added an unnecessary third blank line at the top.
  * fixed: Thunderbird spell check box did not allow ENTER to accept suggested
    changes.
  * fixed: long email subject lines could overlap window control buttons on
    macOS.
  * fixed: flathub manifest link was not correct.
  * fixed: 'Prefer client-side email scheduling' needed to be selected twice.
  * fixed: duplicate invitations were sent if CALDAV calendar email case did not
    match.
  * fixed: visual and UX improvements.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-405=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-405=1

  * SUSE Linux Enterprise Workstation Extension 15 SP6  
    zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2025-405=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * MozillaThunderbird-128.7.0-150200.8.200.1
    * MozillaThunderbird-debuginfo-128.7.0-150200.8.200.1
    * MozillaThunderbird-translations-common-128.7.0-150200.8.200.1
    * MozillaThunderbird-debugsource-128.7.0-150200.8.200.1
    * MozillaThunderbird-translations-other-128.7.0-150200.8.200.1
  * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x)
    * MozillaThunderbird-128.7.0-150200.8.200.1
    * MozillaThunderbird-debuginfo-128.7.0-150200.8.200.1
    * MozillaThunderbird-translations-common-128.7.0-150200.8.200.1
    * MozillaThunderbird-debugsource-128.7.0-150200.8.200.1
    * MozillaThunderbird-translations-other-128.7.0-150200.8.200.1
  * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64)
    * MozillaThunderbird-128.7.0-150200.8.200.1
    * MozillaThunderbird-debuginfo-128.7.0-150200.8.200.1
    * MozillaThunderbird-translations-common-128.7.0-150200.8.200.1
    * MozillaThunderbird-debugsource-128.7.0-150200.8.200.1
    * MozillaThunderbird-translations-other-128.7.0-150200.8.200.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-11704.html
  * https://www.suse.com/security/cve/CVE-2025-0510.html
  * https://www.suse.com/security/cve/CVE-2025-1009.html
  * https://www.suse.com/security/cve/CVE-2025-1010.html
  * https://www.suse.com/security/cve/CVE-2025-1011.html
  * https://www.suse.com/security/cve/CVE-2025-1012.html
  * https://www.suse.com/security/cve/CVE-2025-1013.html
  * https://www.suse.com/security/cve/CVE-2025-1014.html
  * https://www.suse.com/security/cve/CVE-2025-1015.html
  * https://www.suse.com/security/cve/CVE-2025-1016.html
  * https://www.suse.com/security/cve/CVE-2025-1017.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236411
  * https://bugzilla.suse.com/show_bug.cgi?id=1236539

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250210/3fc65e6d/attachment.htm>

From null at suse.de  Tue Feb 11 08:30:13 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 11 Feb 2025 08:30:13 -0000
Subject: SUSE-SU-2025:0410-1: important: Security update for the Linux Kernel
 RT (Live Patch 4 for SLE 15 SP6)
Message-ID: <173926261323.21560.3516840661377225989@smelt2.prg2.suse.org>



# Security update for the Linux Kernel RT (Live Patch 4 for SLE 15 SP6)

Announcement ID: SUSE-SU-2025:0410-1  
Release Date: 2025-02-10T21:02:59Z  
Rating: important  
References:

  * bsc#1230998
  * bsc#1231993

  
Cross-References:

  * CVE-2024-45016
  * CVE-2024-47684

  
CVSS scores:

  * CVE-2024-45016 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45016 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47684 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * SUSE Linux Enterprise Live Patching 15-SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 6.4.0-150600_10_14 fixes several issues.

The following security issues were fixed:

  * CVE-2024-45016: netem: fix return value if duplicate enqueue fails
    (bsc#1230998).
  * CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us()
    (bsc#1231993).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Live Patching 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-410=1 SUSE-SLE-
Module-Live-Patching-15-SP6-2025-411=1 SUSE-SLE-Module-Live-
Patching-15-SP6-2025-412=1 SUSE-SLE-Module-Live-Patching-15-SP6-2025-413=1

## Package List:

  * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64)
    * kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo-3-150600.2.1
    * kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource-3-150600.2.1
    * kernel-livepatch-6_4_0-150600_10_14-rt-3-150600.2.1
    * kernel-livepatch-SLE15-SP6-RT_Update_3-debugsource-4-150600.2.1
    * kernel-livepatch-6_4_0-150600_8-rt-debuginfo-9-150600.3.1
    * kernel-livepatch-6_4_0-150600_10_5-rt-8-150600.2.1
    * kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource-8-150600.2.1
    * kernel-livepatch-6_4_0-150600_10_11-rt-4-150600.2.1
    * kernel-livepatch-6_4_0-150600_8-rt-9-150600.3.1
    * kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo-8-150600.2.1
    * kernel-livepatch-SLE15-SP6-RT_Update_0-debugsource-9-150600.3.1
    * kernel-livepatch-6_4_0-150600_10_11-rt-debuginfo-4-150600.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-45016.html
  * https://www.suse.com/security/cve/CVE-2024-47684.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1230998
  * https://bugzilla.suse.com/show_bug.cgi?id=1231993

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250211/def8134c/attachment.htm>

From null at suse.de  Tue Feb 11 12:34:22 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 11 Feb 2025 12:34:22 -0000
Subject: SUSE-SU-2025:0420-1: moderate: Security update for skopeo
Message-ID: <173927726281.21757.5039812595989561496@smelt2.prg2.suse.org>



# Security update for skopeo

Announcement ID: SUSE-SU-2025:0420-1  
Release Date: 2025-02-11T10:27:29Z  
Rating: moderate  
References:

  * bsc#1227056
  * bsc#1236483

  
Cross-References:

  * CVE-2023-45288
  * CVE-2024-6104

  
CVSS scores:

  * CVE-2023-45288 ( SUSE ):  6.9
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2023-45288 ( SUSE ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-6104 ( SUSE ):  6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
  * CVE-2024-6104 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.3
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for skopeo fixes the following issues:

  * CVE-2024-6104: possible sensitive data exposure due to hashicorp/go-
    retryablehttp not sanitizing URLs when writing them to log files.
    (bsc#1227056)
  * CVE-2023-45288: possible excessive CPU consumption due to no limit being set
    on the number of CONTINUATION frames read for an HTTP/2 request in
    golang.org/x/net/http2. (bsc#1236483)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-420=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-420=1

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-420=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-420=1

## Package List:

  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * skopeo-debuginfo-1.14.4-150300.11.16.1
    * skopeo-1.14.4-150300.11.16.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * skopeo-debuginfo-1.14.4-150300.11.16.1
    * skopeo-1.14.4-150300.11.16.1
  * Basesystem Module 15-SP6 (noarch)
    * skopeo-zsh-completion-1.14.4-150300.11.16.1
    * skopeo-bash-completion-1.14.4-150300.11.16.1
  * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
    * skopeo-debuginfo-1.14.4-150300.11.16.1
    * skopeo-1.14.4-150300.11.16.1
  * openSUSE Leap 15.3 (noarch)
    * skopeo-zsh-completion-1.14.4-150300.11.16.1
    * skopeo-fish-completion-1.14.4-150300.11.16.1
    * skopeo-bash-completion-1.14.4-150300.11.16.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * skopeo-debuginfo-1.14.4-150300.11.16.1
    * skopeo-1.14.4-150300.11.16.1
  * openSUSE Leap 15.6 (noarch)
    * skopeo-zsh-completion-1.14.4-150300.11.16.1
    * skopeo-fish-completion-1.14.4-150300.11.16.1
    * skopeo-bash-completion-1.14.4-150300.11.16.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-45288.html
  * https://www.suse.com/security/cve/CVE-2024-6104.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1227056
  * https://bugzilla.suse.com/show_bug.cgi?id=1236483

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250211/0f6c65d5/attachment.htm>

From null at suse.de  Tue Feb 11 12:33:54 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 11 Feb 2025 12:33:54 -0000
Subject: SUSE-SU-2025:0427-1: important: Security update for bind
Message-ID: <173927723429.21757.4075082513624693992@smelt2.prg2.suse.org>



# Security update for bind

Announcement ID: SUSE-SU-2025:0427-1  
Release Date: 2025-02-11T10:35:53Z  
Rating: important  
References:

  * bsc#1236596

  
Cross-References:

  * CVE-2024-11187

  
CVSS scores:

  * CVE-2024-11187 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-11187 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-11187 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.3
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for bind fixes the following issues:

  * CVE-2024-11187: Fixes CPU exhaustion caused by many records in the
    additional section (bsc#1236596)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-427=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-427=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-427=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-427=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-427=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-427=1

## Package List:

  * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
    * libirs-devel-9.16.6-150300.22.50.1
    * libisc1606-9.16.6-150300.22.50.1
    * libirs1601-9.16.6-150300.22.50.1
    * libbind9-1600-9.16.6-150300.22.50.1
    * libns1604-9.16.6-150300.22.50.1
    * bind-devel-9.16.6-150300.22.50.1
    * libisccc1600-9.16.6-150300.22.50.1
    * libirs1601-debuginfo-9.16.6-150300.22.50.1
    * libisccc1600-debuginfo-9.16.6-150300.22.50.1
    * bind-debuginfo-9.16.6-150300.22.50.1
    * libbind9-1600-debuginfo-9.16.6-150300.22.50.1
    * bind-9.16.6-150300.22.50.1
    * libisc1606-debuginfo-9.16.6-150300.22.50.1
    * libisccfg1600-debuginfo-9.16.6-150300.22.50.1
    * libdns1605-9.16.6-150300.22.50.1
    * bind-utils-9.16.6-150300.22.50.1
    * bind-utils-debuginfo-9.16.6-150300.22.50.1
    * libns1604-debuginfo-9.16.6-150300.22.50.1
    * libdns1605-debuginfo-9.16.6-150300.22.50.1
    * bind-chrootenv-9.16.6-150300.22.50.1
    * libisccfg1600-9.16.6-150300.22.50.1
    * bind-debugsource-9.16.6-150300.22.50.1
  * openSUSE Leap 15.3 (noarch)
    * python3-bind-9.16.6-150300.22.50.1
    * bind-doc-9.16.6-150300.22.50.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * libirs-devel-9.16.6-150300.22.50.1
    * libisccfg1600-debuginfo-9.16.6-150300.22.50.1
    * libdns1605-9.16.6-150300.22.50.1
    * libisc1606-9.16.6-150300.22.50.1
    * libdns1605-debuginfo-9.16.6-150300.22.50.1
    * libirs1601-9.16.6-150300.22.50.1
    * libisccfg1600-9.16.6-150300.22.50.1
    * libirs1601-debuginfo-9.16.6-150300.22.50.1
    * libisc1606-debuginfo-9.16.6-150300.22.50.1
    * bind-debugsource-9.16.6-150300.22.50.1
    * bind-debuginfo-9.16.6-150300.22.50.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * libirs-devel-9.16.6-150300.22.50.1
    * libisc1606-9.16.6-150300.22.50.1
    * libirs1601-9.16.6-150300.22.50.1
    * libbind9-1600-9.16.6-150300.22.50.1
    * libns1604-9.16.6-150300.22.50.1
    * bind-devel-9.16.6-150300.22.50.1
    * libisccc1600-9.16.6-150300.22.50.1
    * libirs1601-debuginfo-9.16.6-150300.22.50.1
    * libisccc1600-debuginfo-9.16.6-150300.22.50.1
    * bind-debuginfo-9.16.6-150300.22.50.1
    * libbind9-1600-debuginfo-9.16.6-150300.22.50.1
    * bind-9.16.6-150300.22.50.1
    * libisc1606-debuginfo-9.16.6-150300.22.50.1
    * libisccfg1600-debuginfo-9.16.6-150300.22.50.1
    * libdns1605-9.16.6-150300.22.50.1
    * bind-utils-9.16.6-150300.22.50.1
    * bind-utils-debuginfo-9.16.6-150300.22.50.1
    * libns1604-debuginfo-9.16.6-150300.22.50.1
    * libdns1605-debuginfo-9.16.6-150300.22.50.1
    * bind-chrootenv-9.16.6-150300.22.50.1
    * libisccfg1600-9.16.6-150300.22.50.1
    * bind-debugsource-9.16.6-150300.22.50.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * python3-bind-9.16.6-150300.22.50.1
    * bind-doc-9.16.6-150300.22.50.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * libirs-devel-9.16.6-150300.22.50.1
    * libisc1606-9.16.6-150300.22.50.1
    * libirs1601-9.16.6-150300.22.50.1
    * libbind9-1600-9.16.6-150300.22.50.1
    * libns1604-9.16.6-150300.22.50.1
    * bind-devel-9.16.6-150300.22.50.1
    * libisccc1600-9.16.6-150300.22.50.1
    * libirs1601-debuginfo-9.16.6-150300.22.50.1
    * libisccc1600-debuginfo-9.16.6-150300.22.50.1
    * bind-debuginfo-9.16.6-150300.22.50.1
    * libbind9-1600-debuginfo-9.16.6-150300.22.50.1
    * bind-9.16.6-150300.22.50.1
    * libisc1606-debuginfo-9.16.6-150300.22.50.1
    * libisccfg1600-debuginfo-9.16.6-150300.22.50.1
    * libdns1605-9.16.6-150300.22.50.1
    * bind-utils-9.16.6-150300.22.50.1
    * bind-utils-debuginfo-9.16.6-150300.22.50.1
    * libns1604-debuginfo-9.16.6-150300.22.50.1
    * libdns1605-debuginfo-9.16.6-150300.22.50.1
    * bind-chrootenv-9.16.6-150300.22.50.1
    * libisccfg1600-9.16.6-150300.22.50.1
    * bind-debugsource-9.16.6-150300.22.50.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * python3-bind-9.16.6-150300.22.50.1
    * bind-doc-9.16.6-150300.22.50.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * libirs-devel-9.16.6-150300.22.50.1
    * libisc1606-9.16.6-150300.22.50.1
    * libirs1601-9.16.6-150300.22.50.1
    * libbind9-1600-9.16.6-150300.22.50.1
    * libns1604-9.16.6-150300.22.50.1
    * bind-devel-9.16.6-150300.22.50.1
    * libisccc1600-9.16.6-150300.22.50.1
    * libirs1601-debuginfo-9.16.6-150300.22.50.1
    * libisccc1600-debuginfo-9.16.6-150300.22.50.1
    * bind-debuginfo-9.16.6-150300.22.50.1
    * libbind9-1600-debuginfo-9.16.6-150300.22.50.1
    * bind-9.16.6-150300.22.50.1
    * libisc1606-debuginfo-9.16.6-150300.22.50.1
    * libisccfg1600-debuginfo-9.16.6-150300.22.50.1
    * libdns1605-9.16.6-150300.22.50.1
    * bind-utils-9.16.6-150300.22.50.1
    * bind-utils-debuginfo-9.16.6-150300.22.50.1
    * libns1604-debuginfo-9.16.6-150300.22.50.1
    * libdns1605-debuginfo-9.16.6-150300.22.50.1
    * bind-chrootenv-9.16.6-150300.22.50.1
    * libisccfg1600-9.16.6-150300.22.50.1
    * bind-debugsource-9.16.6-150300.22.50.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * python3-bind-9.16.6-150300.22.50.1
    * bind-doc-9.16.6-150300.22.50.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * libirs-devel-9.16.6-150300.22.50.1
    * libisc1606-9.16.6-150300.22.50.1
    * libirs1601-9.16.6-150300.22.50.1
    * libbind9-1600-9.16.6-150300.22.50.1
    * libns1604-9.16.6-150300.22.50.1
    * bind-devel-9.16.6-150300.22.50.1
    * libisccc1600-9.16.6-150300.22.50.1
    * libirs1601-debuginfo-9.16.6-150300.22.50.1
    * libisccc1600-debuginfo-9.16.6-150300.22.50.1
    * bind-debuginfo-9.16.6-150300.22.50.1
    * libbind9-1600-debuginfo-9.16.6-150300.22.50.1
    * bind-9.16.6-150300.22.50.1
    * libisc1606-debuginfo-9.16.6-150300.22.50.1
    * libisccfg1600-debuginfo-9.16.6-150300.22.50.1
    * libdns1605-9.16.6-150300.22.50.1
    * bind-utils-9.16.6-150300.22.50.1
    * bind-utils-debuginfo-9.16.6-150300.22.50.1
    * libns1604-debuginfo-9.16.6-150300.22.50.1
    * libdns1605-debuginfo-9.16.6-150300.22.50.1
    * bind-chrootenv-9.16.6-150300.22.50.1
    * libisccfg1600-9.16.6-150300.22.50.1
    * bind-debugsource-9.16.6-150300.22.50.1
  * SUSE Enterprise Storage 7.1 (noarch)
    * python3-bind-9.16.6-150300.22.50.1
    * bind-doc-9.16.6-150300.22.50.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-11187.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236596

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250211/7b7fd7c8/attachment.htm>

From null at suse.de  Tue Feb 11 08:30:08 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 11 Feb 2025 08:30:08 -0000
Subject: SUSE-SU-2025:0414-1: important: Security update for the Linux Kernel
 (Live Patch 62 for SLE 12 SP5)
Message-ID: <173926260804.21560.13152915635401556704@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 62 for SLE 12 SP5)

Announcement ID: SUSE-SU-2025:0414-1  
Release Date: 2025-02-11T03:33:33Z  
Rating: important  
References:

  * bsc#1230998

  
Cross-References:

  * CVE-2024-45016

  
CVSS scores:

  * CVE-2024-45016 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45016 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Live Patching 12-SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for the Linux Kernel 4.12.14-122_234 fixes one issue.

The following security issue was fixed:

  * CVE-2024-45016: netem: fix return value if duplicate enqueue fails
    (bsc#1230998).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Live Patching 12-SP5  
    zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-414=1

## Package List:

  * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64)
    * kgraft-patch-4_12_14-122_234-default-3-2.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-45016.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1230998

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250211/02fd241a/attachment.htm>

From null at suse.de  Tue Feb 11 12:34:34 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 11 Feb 2025 12:34:34 -0000
Subject: SUSE-RU-2025:0418-1: moderate: Recommended update for
 csp-billing-adapter-microsoft
Message-ID: <173927727490.21757.491367811049384953@smelt2.prg2.suse.org>



# Recommended update for csp-billing-adapter-microsoft

Announcement ID: SUSE-RU-2025:0418-1  
Release Date: 2025-02-11T09:30:47Z  
Rating: moderate  
References:

  
Affected Products:

  * openSUSE Leap 15.4
  * Public Cloud Module 15-SP4
  * Public Cloud Module 15-SP5
  * Public Cloud Module 15-SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that can now be installed.

## Description:

This update for csp-billing-adapter-microsoft fixes the following issue:

  * Version update v1.1.0
  * Add plugin file with plugin name for verification

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-418=1

  * Public Cloud Module 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-418=1

  * Public Cloud Module 15-SP5  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2025-418=1

  * Public Cloud Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-418=1

## Package List:

  * openSUSE Leap 15.4 (noarch)
    * python311-csp-billing-adapter-microsoft-1.1.0-150400.9.13.6
  * Public Cloud Module 15-SP4 (noarch)
    * python311-csp-billing-adapter-microsoft-1.1.0-150400.9.13.6
  * Public Cloud Module 15-SP5 (noarch)
    * python311-csp-billing-adapter-microsoft-1.1.0-150400.9.13.6
  * Public Cloud Module 15-SP6 (noarch)
    * python311-csp-billing-adapter-microsoft-1.1.0-150400.9.13.6

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250211/35b6ae7c/attachment.htm>

From null at suse.de  Tue Feb 11 12:30:09 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 11 Feb 2025 12:30:09 -0000
Subject: SUSE-SU-2025:0426-1: important: Security update for the Linux Kernel
 RT (Live Patch 2 for SLE 15 SP6)
Message-ID: <173927700952.21757.6266344575483170601@smelt2.prg2.suse.org>



# Security update for the Linux Kernel RT (Live Patch 2 for SLE 15 SP6)

Announcement ID: SUSE-SU-2025:0426-1  
Release Date: 2025-02-11T10:33:30Z  
Rating: important  
References:

  * bsc#1230998
  * bsc#1231993

  
Cross-References:

  * CVE-2024-45016
  * CVE-2024-47684

  
CVSS scores:

  * CVE-2024-45016 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45016 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47684 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * SUSE Linux Enterprise Live Patching 15-SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 6.4.0-150600_10_8 fixes several issues.

The following security issues were fixed:

  * CVE-2024-45016: netem: fix return value if duplicate enqueue fails
    (bsc#1230998).
  * CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us()
    (bsc#1231993).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Live Patching 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-426=1

## Package List:

  * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64)
    * kernel-livepatch-6_4_0-150600_10_8-rt-4-150600.2.1
    * kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource-4-150600.2.1
    * kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo-4-150600.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-45016.html
  * https://www.suse.com/security/cve/CVE-2024-47684.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1230998
  * https://bugzilla.suse.com/show_bug.cgi?id=1231993

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250211/3ea250cb/attachment.htm>

From null at suse.de  Tue Feb 11 12:34:12 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 11 Feb 2025 12:34:12 -0000
Subject: SUSE-RU-2025:0422-1: moderate: Recommended update for
 nvidia-open-driver-G06-signed
Message-ID: <173927725201.21757.3573945227054024754@smelt2.prg2.suse.org>



# Recommended update for nvidia-open-driver-G06-signed

Announcement ID: SUSE-RU-2025:0422-1  
Release Date: 2025-02-11T10:29:27Z  
Rating: moderate  
References:

  * bsc#1236191
  * bsc#1236658
  * bsc#1236746

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * Public Cloud Module 15-SP6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that has three fixes can now be installed.

## Description:

This update for nvidia-open-driver-G06-signed fixes the following issues:

  * update non-CUDA variant to 570.86.16 (bsc#1236658)

Update to 565.77:

  * non-CUDA variant:
  * get rid of modprobe.d and dracut.cd files and udev magic; instead require
    nvidia-common-G06
  * Supplements: switch to really supported devices; not only the initially
    supported ones without graphical output
  * update non-CUDA and CUDA variant to 570.86.15

  * preamble: let -cuda KMP conflict with no-cuda variants < 550.135
    (bsc#1236191)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-422=1

  * Public Cloud Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-422=1

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-422=1 openSUSE-SLE-15.6-2025-422=1

## Package List:

  * Basesystem Module 15-SP6 (aarch64 x86_64)
    * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-570.86.15_k6.4.0_150600.23.33-150600.3.34.1
    * nvidia-open-driver-G06-signed-kmp-default-570.86.16_k6.4.0_150600.23.33-150600.3.34.1
    * nvidia-open-driver-G06-signed-default-devel-570.86.16-150600.3.34.1
    * nv-prefer-signed-open-driver-570.86.15-150600.3.34.1
    * kernel-firmware-nvidia-gspx-G06-cuda-570.86.15-150600.3.34.1
    * nvidia-open-driver-G06-signed-cuda-kmp-default-570.86.15_k6.4.0_150600.23.33-150600.3.34.1
    * nvidia-open-driver-G06-signed-cuda-debugsource-570.86.15-150600.3.34.1
    * nvidia-open-driver-G06-signed-kmp-default-debuginfo-570.86.16_k6.4.0_150600.23.33-150600.3.34.1
    * nvidia-open-driver-G06-signed-cuda-default-devel-570.86.15-150600.3.34.1
    * nvidia-open-driver-G06-signed-debugsource-570.86.16-150600.3.34.1
  * Basesystem Module 15-SP6 (aarch64)
    * nvidia-open-driver-G06-signed-64kb-devel-570.86.16-150600.3.34.1
    * nvidia-open-driver-G06-signed-kmp-64kb-570.86.16_k6.4.0_150600.23.33-150600.3.34.1
    * nvidia-open-driver-G06-signed-cuda-64kb-devel-570.86.15-150600.3.34.1
    * nvidia-open-driver-G06-signed-cuda-kmp-64kb-debuginfo-570.86.15_k6.4.0_150600.23.33-150600.3.34.1
    * nvidia-open-driver-G06-signed-cuda-kmp-64kb-570.86.15_k6.4.0_150600.23.33-150600.3.34.1
    * nvidia-open-driver-G06-signed-kmp-64kb-debuginfo-570.86.16_k6.4.0_150600.23.33-150600.3.34.1
  * Public Cloud Module 15-SP6 (x86_64)
    * nvidia-open-driver-G06-signed-cuda-azure-devel-570.86.15-150600.3.34.1
    * nvidia-open-driver-G06-signed-cuda-kmp-azure-debuginfo-570.86.15_k6.4.0_150600.8.23-150600.3.34.1
    * nvidia-open-driver-G06-signed-kmp-azure-570.86.16_k6.4.0_150600.8.23-150600.3.34.1
    * nvidia-open-driver-G06-signed-kmp-azure-debuginfo-570.86.16_k6.4.0_150600.8.23-150600.3.34.1
    * nvidia-open-driver-G06-signed-cuda-kmp-azure-570.86.15_k6.4.0_150600.8.23-150600.3.34.1
    * nvidia-open-driver-G06-signed-azure-devel-570.86.16-150600.3.34.1
  * openSUSE Leap 15.6 (x86_64)
    * nvidia-open-driver-G06-signed-cuda-azure-devel-570.86.15-150600.3.34.1
    * nvidia-open-driver-G06-signed-cuda-kmp-azure-debuginfo-570.86.15_k6.4.0_150600.8.23-150600.3.34.1
    * nvidia-open-driver-G06-signed-kmp-azure-570.86.16_k6.4.0_150600.8.23-150600.3.34.1
    * nvidia-open-driver-G06-signed-kmp-azure-debuginfo-570.86.16_k6.4.0_150600.8.23-150600.3.34.1
    * nvidia-open-driver-G06-signed-cuda-kmp-azure-570.86.15_k6.4.0_150600.8.23-150600.3.34.1
    * nvidia-open-driver-G06-signed-azure-devel-570.86.16-150600.3.34.1
  * openSUSE Leap 15.6 (aarch64 x86_64)
    * nvidia-open-driver-G06-signed-cuda-default-devel-570.86.15-150600.3.34.1
    * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-570.86.15_k6.4.0_150600.23.33-150600.3.34.1
    * nvidia-open-driver-G06-signed-kmp-default-570.86.16_k6.4.0_150600.23.33-150600.3.34.1
    * nvidia-open-driver-G06-signed-default-devel-570.86.16-150600.3.34.1
    * kernel-firmware-nvidia-gspx-G06-cuda-570.86.15-150600.3.34.1
    * nv-prefer-signed-open-driver-570.86.15-150600.3.34.1
    * nvidia-open-driver-G06-signed-cuda-kmp-default-570.86.15_k6.4.0_150600.23.33-150600.3.34.1
    * nvidia-open-driver-G06-signed-kmp-default-debuginfo-570.86.16_k6.4.0_150600.23.33-150600.3.34.1
    * nvidia-open-driver-G06-signed-cuda-debugsource-570.86.15-150600.3.34.1
    * nvidia-open-driver-G06-signed-debugsource-570.86.16-150600.3.34.1
  * openSUSE Leap 15.6 (aarch64)
    * nvidia-open-driver-G06-signed-64kb-devel-570.86.16-150600.3.34.1
    * nvidia-open-driver-G06-signed-kmp-64kb-570.86.16_k6.4.0_150600.23.33-150600.3.34.1
    * nvidia-open-driver-G06-signed-cuda-64kb-devel-570.86.15-150600.3.34.1
    * nvidia-open-driver-G06-signed-cuda-kmp-64kb-debuginfo-570.86.15_k6.4.0_150600.23.33-150600.3.34.1
    * nvidia-open-driver-G06-signed-cuda-kmp-64kb-570.86.15_k6.4.0_150600.23.33-150600.3.34.1
    * nvidia-open-driver-G06-signed-kmp-64kb-debuginfo-570.86.16_k6.4.0_150600.23.33-150600.3.34.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1236191
  * https://bugzilla.suse.com/show_bug.cgi?id=1236658
  * https://bugzilla.suse.com/show_bug.cgi?id=1236746

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250211/5b9ce496/attachment.htm>

From null at suse.de  Tue Feb 11 12:34:08 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 11 Feb 2025 12:34:08 -0000
Subject: SUSE-RU-2025:0423-1: moderate: Recommended update for pgvector
Message-ID: <173927724854.21757.2447209482888676694@smelt2.prg2.suse.org>



# Recommended update for pgvector

Announcement ID: SUSE-RU-2025:0423-1  
Release Date: 2025-02-11T10:29:40Z  
Rating: moderate  
References:

  * bsc#1100677
  * bsc#1236351
  * jsc#MSC-966
  * jsc#PED-10508

  
Affected Products:

  * openSUSE Leap 15.6
  * Server Applications Module 15-SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that contains two features and has two fixes can now be installed.

## Description:

This update for pgvector fixes the following issues:

This update adds pgvector, a postgresql extension. (jsc#PED-10508)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-423=1 openSUSE-SLE-15.6-2025-423=1

  * Server Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-423=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * postgresql17-pgvector-debugsource-0.8.0-150600.13.3.1
    * postgresql15-pgvector-0.8.0-150600.13.3.1
    * postgresql16-pgvector-0.8.0-150600.13.3.1
    * postgresql14-pgvector-0.8.0-150600.13.3.1
    * postgresql14-pgvector-debugsource-0.8.0-150600.13.3.1
    * postgresql15-pgvector-debuginfo-0.8.0-150600.13.3.1
    * postgresql15-pgvector-debugsource-0.8.0-150600.13.3.1
    * postgresql16-pgvector-debugsource-0.8.0-150600.13.3.1
    * postgresql17-pgvector-0.8.0-150600.13.3.1
    * postgresql16-pgvector-debuginfo-0.8.0-150600.13.3.1
    * postgresql17-pgvector-debuginfo-0.8.0-150600.13.3.1
    * postgresql13-pgvector-0.8.0-150600.13.3.1
    * postgresql13-pgvector-debugsource-0.8.0-150600.13.3.1
    * pgvector-devel-0.8.0-150600.13.3.1
    * postgresql13-pgvector-debuginfo-0.8.0-150600.13.3.1
    * postgresql14-pgvector-debuginfo-0.8.0-150600.13.3.1
  * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * postgresql17-pgvector-debugsource-0.8.0-150600.13.3.1
    * postgresql17-pgvector-0.8.0-150600.13.3.1
    * postgresql16-pgvector-debugsource-0.8.0-150600.13.3.1
    * postgresql16-pgvector-debuginfo-0.8.0-150600.13.3.1
    * postgresql17-pgvector-debuginfo-0.8.0-150600.13.3.1
    * pgvector-devel-0.8.0-150600.13.3.1
    * postgresql16-pgvector-0.8.0-150600.13.3.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1100677
  * https://bugzilla.suse.com/show_bug.cgi?id=1236351
  * https://jira.suse.com/browse/MSC-966
  * https://jira.suse.com/browse/PED-10508

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250211/65f8c83f/attachment.htm>

From null at suse.de  Tue Feb 11 12:34:29 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 11 Feb 2025 12:34:29 -0000
Subject: SUSE-SU-2025:0419-1: moderate: Security update for python311
Message-ID: <173927726910.21757.10862418784988643505@smelt2.prg2.suse.org>



# Security update for python311

Announcement ID: SUSE-SU-2025:0419-1  
Release Date: 2025-02-11T10:25:48Z  
Rating: moderate  
References:

  * bsc#1228165
  * bsc#1236705

  
Cross-References:

  * CVE-2025-0938

  
CVSS scores:

  * CVE-2025-0938 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N
  * CVE-2025-0938 ( SUSE ):  4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
  * CVE-2025-0938 ( NVD ):  6.3
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

  
Affected Products:

  * openSUSE Leap 15.4
  * Public Cloud Module 15-SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for python311 fixes the following issues:

  * CVE-2025-0938: domain names containing square brackets are not identified as
    incorrect by urlparse. (bsc#1236705)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-419=1

  * Public Cloud Module 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-419=1

## Package List:

  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * libpython3_11-1_0-3.11.11-150400.9.44.1
    * python311-debugsource-3.11.11-150400.9.44.1
    * python311-tk-debuginfo-3.11.11-150400.9.44.1
    * python311-devel-3.11.11-150400.9.44.1
    * python311-tk-3.11.11-150400.9.44.1
    * python311-testsuite-3.11.11-150400.9.44.1
    * python311-debuginfo-3.11.11-150400.9.44.1
    * python311-tools-3.11.11-150400.9.44.1
    * python311-doc-devhelp-3.11.11-150400.9.44.1
    * python311-dbm-3.11.11-150400.9.44.1
    * python311-doc-3.11.11-150400.9.44.1
    * python311-curses-debuginfo-3.11.11-150400.9.44.1
    * libpython3_11-1_0-debuginfo-3.11.11-150400.9.44.1
    * python311-base-3.11.11-150400.9.44.1
    * python311-dbm-debuginfo-3.11.11-150400.9.44.1
    * python311-core-debugsource-3.11.11-150400.9.44.1
    * python311-curses-3.11.11-150400.9.44.1
    * python311-3.11.11-150400.9.44.1
    * python311-idle-3.11.11-150400.9.44.1
    * python311-testsuite-debuginfo-3.11.11-150400.9.44.1
    * python311-base-debuginfo-3.11.11-150400.9.44.1
  * openSUSE Leap 15.4 (x86_64)
    * python311-32bit-3.11.11-150400.9.44.1
    * libpython3_11-1_0-32bit-3.11.11-150400.9.44.1
    * python311-base-32bit-debuginfo-3.11.11-150400.9.44.1
    * libpython3_11-1_0-32bit-debuginfo-3.11.11-150400.9.44.1
    * python311-base-32bit-3.11.11-150400.9.44.1
    * python311-32bit-debuginfo-3.11.11-150400.9.44.1
  * openSUSE Leap 15.4 (aarch64_ilp32)
    * python311-base-64bit-debuginfo-3.11.11-150400.9.44.1
    * python311-64bit-3.11.11-150400.9.44.1
    * libpython3_11-1_0-64bit-debuginfo-3.11.11-150400.9.44.1
    * python311-base-64bit-3.11.11-150400.9.44.1
    * python311-64bit-debuginfo-3.11.11-150400.9.44.1
    * libpython3_11-1_0-64bit-3.11.11-150400.9.44.1
  * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64)
    * python311-3.11.11-150400.9.44.1
    * libpython3_11-1_0-3.11.11-150400.9.44.1
    * python311-base-3.11.11-150400.9.44.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-0938.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1228165
  * https://bugzilla.suse.com/show_bug.cgi?id=1236705

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250211/279d2db8/attachment.htm>

From null at suse.de  Tue Feb 11 12:34:37 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 11 Feb 2025 12:34:37 -0000
Subject: SUSE-RU-2025:0417-1: moderate: Recommended update for
 csp-billing-adapter
Message-ID: <173927727711.21757.8217239827031594560@smelt2.prg2.suse.org>



# Recommended update for csp-billing-adapter

Announcement ID: SUSE-RU-2025:0417-1  
Release Date: 2025-02-11T09:27:59Z  
Rating: moderate  
References:

  
Affected Products:

  * openSUSE Leap 15.4
  * openSUSE Leap 15.6
  * Public Cloud Module 15-SP4
  * Public Cloud Module 15-SP5
  * Public Cloud Module 15-SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that can now be installed.

## Description:

This update for csp-billing-adapter fixes the following issue:

  * Fix update-alternatives to ensure there is a symlink for csp-billing-adapter
    binary

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-417=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-417=1

  * Public Cloud Module 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-417=1

  * Public Cloud Module 15-SP5  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2025-417=1

  * Public Cloud Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-417=1

## Package List:

  * openSUSE Leap 15.4 (noarch)
    * csp-billing-adapter-service-1.1.0-150400.9.25.2
    * python311-csp-billing-adapter-1.1.0-150400.9.25.2
  * openSUSE Leap 15.6 (noarch)
    * csp-billing-adapter-service-1.1.0-150400.9.25.2
  * Public Cloud Module 15-SP4 (noarch)
    * csp-billing-adapter-service-1.1.0-150400.9.25.2
    * python311-csp-billing-adapter-1.1.0-150400.9.25.2
  * Public Cloud Module 15-SP5 (noarch)
    * csp-billing-adapter-service-1.1.0-150400.9.25.2
    * python311-csp-billing-adapter-1.1.0-150400.9.25.2
  * Public Cloud Module 15-SP6 (noarch)
    * csp-billing-adapter-service-1.1.0-150400.9.25.2
    * python311-csp-billing-adapter-1.1.0-150400.9.25.2

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250211/c4127568/attachment.htm>

From null at suse.de  Tue Feb 11 12:33:59 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 11 Feb 2025 12:33:59 -0000
Subject: SUSE-SU-2025:0425-1: moderate: Security update for wget
Message-ID: <173927723936.21757.12052897371125458826@smelt2.prg2.suse.org>



# Security update for wget

Announcement ID: SUSE-SU-2025:0425-1  
Release Date: 2025-02-11T10:33:22Z  
Rating: moderate  
References:

  * bsc#1185551
  * bsc#1230795

  
Cross-References:

  * CVE-2021-31879

  
CVSS scores:

  * CVE-2021-31879 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
  * CVE-2021-31879 ( NVD ):  6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for wget fixes the following issues:

  * CVE-2021-31879: Authorization header disclosed upon redirects to different
    origins. (bsc#1185551)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-425=1 openSUSE-SLE-15.6-2025-425=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-425=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * wget-debuginfo-1.20.3-150600.19.12.1
    * wget-1.20.3-150600.19.12.1
    * wget-debugsource-1.20.3-150600.19.12.1
  * openSUSE Leap 15.6 (noarch)
    * wget-lang-1.20.3-150600.19.12.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * wget-debuginfo-1.20.3-150600.19.12.1
    * wget-1.20.3-150600.19.12.1
    * wget-debugsource-1.20.3-150600.19.12.1

## References:

  * https://www.suse.com/security/cve/CVE-2021-31879.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1185551
  * https://bugzilla.suse.com/show_bug.cgi?id=1230795

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250211/1231b9df/attachment.htm>

From null at suse.de  Tue Feb 11 12:34:02 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 11 Feb 2025 12:34:02 -0000
Subject: SUSE-SU-2025:0424-1: moderate: Security update for python3-numpy
Message-ID: <173927724239.21757.13082398303815842846@smelt2.prg2.suse.org>



# Security update for python3-numpy

Announcement ID: SUSE-SU-2025:0424-1  
Release Date: 2025-02-11T10:31:20Z  
Rating: moderate  
References:

  * bsc#1193911
  * bsc#1236787

  
Cross-References:

  * CVE-2021-41495

  
CVSS scores:

  * CVE-2021-41495 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2021-41495 ( NVD ):  5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * HPC Module 15-SP6
  * openSUSE Leap 15.4
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Package Hub 15 15-SP6

  
  
An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for python3-numpy fixes the following issues:

  * CVE-2021-41495: missing return value validation can lead to null pointer
    dereference. (bsc#1193911)

Other bug fixes:

  * Correction of advance in PCG with emulated int128.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-424=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-424=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-424=1

  * HPC Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-HPC-15-SP6-2025-424=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-424=1

## Package List:

  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * python3-numpy-debuginfo-1.17.3-150400.31.1
    * python3-numpy-debugsource-1.17.3-150400.31.1
    * python3-numpy-devel-1.17.3-150400.31.1
    * python3-numpy-1.17.3-150400.31.1
    * python3-numpy-gnu-hpc-1.17.3-150400.31.1
    * python-numpy_1_17_3-gnu-hpc-debugsource-1.17.3-150400.31.1
    * python3-numpy_1_17_3-gnu-hpc-devel-1.17.3-150400.31.1
    * python3-numpy_1_17_3-gnu-hpc-1.17.3-150400.31.1
    * python3-numpy-gnu-hpc-devel-1.17.3-150400.31.1
    * python3-numpy_1_17_3-gnu-hpc-debuginfo-1.17.3-150400.31.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * python3-numpy-debuginfo-1.17.3-150400.31.1
    * python3-numpy-devel-1.17.3-150400.31.1
    * python3-numpy-debugsource-1.17.3-150400.31.1
    * python3-numpy-1.17.3-150400.31.1
    * python3-numpy-gnu-hpc-1.17.3-150400.31.1
    * python-numpy_1_17_3-gnu-hpc-debugsource-1.17.3-150400.31.1
    * python3-numpy_1_17_3-gnu-hpc-devel-1.17.3-150400.31.1
    * python3-numpy_1_17_3-gnu-hpc-1.17.3-150400.31.1
    * python3-numpy-gnu-hpc-devel-1.17.3-150400.31.1
    * python3-numpy_1_17_3-gnu-hpc-debuginfo-1.17.3-150400.31.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * python3-numpy-debugsource-1.17.3-150400.31.1
    * python3-numpy-devel-1.17.3-150400.31.1
    * python3-numpy-1.17.3-150400.31.1
    * python3-numpy-debuginfo-1.17.3-150400.31.1
  * HPC Module 15-SP6 (aarch64 x86_64)
    * python3-numpy-gnu-hpc-1.17.3-150400.31.1
    * python-numpy_1_17_3-gnu-hpc-debugsource-1.17.3-150400.31.1
    * python3-numpy_1_17_3-gnu-hpc-devel-1.17.3-150400.31.1
    * python3-numpy_1_17_3-gnu-hpc-1.17.3-150400.31.1
    * python3-numpy-gnu-hpc-devel-1.17.3-150400.31.1
    * python3-numpy_1_17_3-gnu-hpc-debuginfo-1.17.3-150400.31.1
  * SUSE Package Hub 15 15-SP6 (ppc64le s390x)
    * python3-numpy-gnu-hpc-1.17.3-150400.31.1
    * python-numpy_1_17_3-gnu-hpc-debugsource-1.17.3-150400.31.1
    * python3-numpy_1_17_3-gnu-hpc-devel-1.17.3-150400.31.1
    * python3-numpy_1_17_3-gnu-hpc-1.17.3-150400.31.1
    * python3-numpy-gnu-hpc-devel-1.17.3-150400.31.1
    * python3-numpy_1_17_3-gnu-hpc-debuginfo-1.17.3-150400.31.1

## References:

  * https://www.suse.com/security/cve/CVE-2021-41495.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1193911
  * https://bugzilla.suse.com/show_bug.cgi?id=1236787

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250211/acd2cd98/attachment.htm>

From null at suse.de  Tue Feb 11 12:34:19 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 11 Feb 2025 12:34:19 -0000
Subject: SUSE-SU-2025:0421-1: important: Security update for ovmf
Message-ID: <173927725970.21757.13568964277301390675@smelt2.prg2.suse.org>



# Security update for ovmf

Announcement ID: SUSE-SU-2025:0421-1  
Release Date: 2025-02-11T10:28:30Z  
Rating: important  
References:

  * bsc#1218879
  * bsc#1218880
  * bsc#1218881
  * bsc#1218882
  * bsc#1218883
  * bsc#1218884
  * bsc#1218885
  * bsc#1218886
  * bsc#1218887

  
Cross-References:

  * CVE-2023-45229
  * CVE-2023-45230
  * CVE-2023-45231
  * CVE-2023-45232
  * CVE-2023-45233
  * CVE-2023-45234
  * CVE-2023-45235
  * CVE-2023-45236
  * CVE-2023-45237

  
CVSS scores:

  * CVE-2023-45229 ( SUSE ):  6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-45229 ( NVD ):  6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-45230 ( SUSE ):  8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
  * CVE-2023-45230 ( NVD ):  8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-45230 ( NVD ):  8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
  * CVE-2023-45231 ( SUSE ):  6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-45231 ( NVD ):  6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-45232 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-45232 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-45233 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-45233 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-45234 ( SUSE ):  8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
  * CVE-2023-45234 ( NVD ):  8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-45235 ( SUSE ):  8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
  * CVE-2023-45235 ( NVD ):  8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-45236 ( SUSE ):  5.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
  * CVE-2023-45236 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-45237 ( SUSE ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
  * CVE-2023-45237 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

  
Affected Products:

  * openSUSE Leap 15.6
  * Server Applications Module 15-SP6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Package Hub 15 15-SP6

  
  
An update that solves nine vulnerabilities can now be installed.

## Description:

This update for ovmf fixes the following issues:

  * CVE-2023-45229: out-of-bounds read in edk2 when processing IA_NA/IA_TA
    options in DHCPv6 Advertise messages. (bsc#1218879)
  * CVE-2023-45230: buffer overflow in the DHCPv6 client in edk2 via a long
    Server ID option. (bsc#1218880)
  * CVE-2023-45231: out-of-bounds read in edk2 when handling a ND Redirect
    message with truncated options. (bsc#1218881)
  * CVE-2023-45232: infinite loop in edk2 when parsing unknown options in the
    Destination Options header. (bsc#1218882)
  * CVE-2023-45233: infinite loop in edk2 when parsing PadN options in the
    Destination Options header. (bsc#1218883)
  * CVE-2023-45234: buffer overflow in edk2 when processing DNS Servers options
    in a DHCPv6 Advertise message. (bsc#1218884)
  * CVE-2023-45235: buffer overflow in edk2 when handling the Server ID option
    in a DHCPv6 proxy Advertise message. (bsc#1218885)
  * CVE-2023-45236: predictable TCP Initial Sequence Numbers in edk2 network
    packages. (bsc#1218886)
  * CVE-2023-45237: use of a weak pseudorandom number generator in edk2.
    (bsc#1218887)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-421=1 openSUSE-SLE-15.6-2025-421=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-421=1

  * Server Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-421=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 x86_64)
    * ovmf-202308-150600.5.9.1
    * ovmf-tools-202308-150600.5.9.1
  * openSUSE Leap 15.6 (noarch)
    * qemu-ovmf-x86_64-202308-150600.5.9.1
    * qemu-uefi-aarch32-202308-150600.5.9.1
    * qemu-ovmf-ia32-202308-150600.5.9.1
    * qemu-uefi-aarch64-202308-150600.5.9.1
  * openSUSE Leap 15.6 (x86_64)
    * qemu-ovmf-x86_64-debug-202308-150600.5.9.1
  * SUSE Package Hub 15 15-SP6 (noarch)
    * qemu-ovmf-x86_64-202308-150600.5.9.1
    * qemu-uefi-aarch32-202308-150600.5.9.1
    * qemu-uefi-aarch64-202308-150600.5.9.1
  * SUSE Package Hub 15 15-SP6 (x86_64)
    * qemu-ovmf-x86_64-debug-202308-150600.5.9.1
  * Server Applications Module 15-SP6 (aarch64 x86_64)
    * ovmf-202308-150600.5.9.1
    * ovmf-tools-202308-150600.5.9.1
  * Server Applications Module 15-SP6 (noarch)
    * qemu-ovmf-x86_64-202308-150600.5.9.1
    * qemu-uefi-aarch64-202308-150600.5.9.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-45229.html
  * https://www.suse.com/security/cve/CVE-2023-45230.html
  * https://www.suse.com/security/cve/CVE-2023-45231.html
  * https://www.suse.com/security/cve/CVE-2023-45232.html
  * https://www.suse.com/security/cve/CVE-2023-45233.html
  * https://www.suse.com/security/cve/CVE-2023-45234.html
  * https://www.suse.com/security/cve/CVE-2023-45235.html
  * https://www.suse.com/security/cve/CVE-2023-45236.html
  * https://www.suse.com/security/cve/CVE-2023-45237.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1218879
  * https://bugzilla.suse.com/show_bug.cgi?id=1218880
  * https://bugzilla.suse.com/show_bug.cgi?id=1218881
  * https://bugzilla.suse.com/show_bug.cgi?id=1218882
  * https://bugzilla.suse.com/show_bug.cgi?id=1218883
  * https://bugzilla.suse.com/show_bug.cgi?id=1218884
  * https://bugzilla.suse.com/show_bug.cgi?id=1218885
  * https://bugzilla.suse.com/show_bug.cgi?id=1218886
  * https://bugzilla.suse.com/show_bug.cgi?id=1218887

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250211/028be07c/attachment.htm>

From null at suse.de  Tue Feb 11 12:34:41 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 11 Feb 2025 12:34:41 -0000
Subject: SUSE-RU-2025:0416-1: moderate: Recommended update for xca
Message-ID: <173927728114.21757.2569240014806484926@smelt2.prg2.suse.org>



# Recommended update for xca

Announcement ID: SUSE-RU-2025:0416-1  
Release Date: 2025-02-11T09:03:50Z  
Rating: moderate  
References:

  * bsc#1234636

  
Affected Products:

  * openSUSE Leap 15.6
  * Server Applications Module 15-SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that has one fix can now be installed.

## Description:

This update for xca fixes the following issues:

  * Enable OpenSSL 3 legacy provider and simplify key checking algorithm
    [bsc#1234636]

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-416=1 openSUSE-SLE-15.6-2025-416=1

  * Server Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-416=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * xca-2.3.0-150600.12.3.1
  * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * xca-2.3.0-150600.12.3.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1234636

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250211/f8ff84cb/attachment.htm>

From null at suse.de  Tue Feb 11 12:33:46 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 11 Feb 2025 12:33:46 -0000
Subject: SUSE-SU-2025:0428-1: important: Security update for the Linux Kernel
Message-ID: <173927722625.21757.8905732116513389025@smelt2.prg2.suse.org>



# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2025:0428-1  
Release Date: 2025-02-11T10:40:12Z  
Rating: important  
References:

  * bsc#1012628
  * bsc#1194869
  * bsc#1215199
  * bsc#1216813
  * bsc#1218470
  * bsc#1220711
  * bsc#1221326
  * bsc#1222803
  * bsc#1224049
  * bsc#1225897
  * bsc#1226980
  * bsc#1228592
  * bsc#1229833
  * bsc#1231016
  * bsc#1232087
  * bsc#1232101
  * bsc#1232158
  * bsc#1232161
  * bsc#1232421
  * bsc#1232882
  * bsc#1233055
  * bsc#1233112
  * bsc#1233221
  * bsc#1233248
  * bsc#1233259
  * bsc#1233260
  * bsc#1233488
  * bsc#1233522
  * bsc#1233638
  * bsc#1233642
  * bsc#1233778
  * bsc#1234195
  * bsc#1234619
  * bsc#1234635
  * bsc#1234683
  * bsc#1234693
  * bsc#1234726
  * bsc#1234825
  * bsc#1234863
  * bsc#1234887
  * bsc#1234888
  * bsc#1234893
  * bsc#1234898
  * bsc#1234901
  * bsc#1234906
  * bsc#1234923
  * bsc#1234931
  * bsc#1234934
  * bsc#1234947
  * bsc#1234957
  * bsc#1235000
  * bsc#1235001
  * bsc#1235011
  * bsc#1235031
  * bsc#1235032
  * bsc#1235035
  * bsc#1235037
  * bsc#1235038
  * bsc#1235039
  * bsc#1235040
  * bsc#1235042
  * bsc#1235043
  * bsc#1235046
  * bsc#1235050
  * bsc#1235051
  * bsc#1235053
  * bsc#1235054
  * bsc#1235057
  * bsc#1235059
  * bsc#1235061
  * bsc#1235065
  * bsc#1235070
  * bsc#1235073
  * bsc#1235100
  * bsc#1235112
  * bsc#1235115
  * bsc#1235117
  * bsc#1235122
  * bsc#1235123
  * bsc#1235125
  * bsc#1235132
  * bsc#1235133
  * bsc#1235155
  * bsc#1235160
  * bsc#1235217
  * bsc#1235219
  * bsc#1235220
  * bsc#1235222
  * bsc#1235223
  * bsc#1235224
  * bsc#1235227
  * bsc#1235230
  * bsc#1235241
  * bsc#1235249
  * bsc#1235251
  * bsc#1235252
  * bsc#1235389
  * bsc#1235390
  * bsc#1235391
  * bsc#1235406
  * bsc#1235410
  * bsc#1235412
  * bsc#1235413
  * bsc#1235415
  * bsc#1235416
  * bsc#1235417
  * bsc#1235418
  * bsc#1235423
  * bsc#1235424
  * bsc#1235425
  * bsc#1235426
  * bsc#1235427
  * bsc#1235428
  * bsc#1235429
  * bsc#1235430
  * bsc#1235433
  * bsc#1235437
  * bsc#1235439
  * bsc#1235444
  * bsc#1235445
  * bsc#1235449
  * bsc#1235451
  * bsc#1235454
  * bsc#1235458
  * bsc#1235459
  * bsc#1235464
  * bsc#1235466
  * bsc#1235473
  * bsc#1235479
  * bsc#1235480
  * bsc#1235483
  * bsc#1235486
  * bsc#1235487
  * bsc#1235488
  * bsc#1235489
  * bsc#1235491
  * bsc#1235494
  * bsc#1235495
  * bsc#1235496
  * bsc#1235497
  * bsc#1235498
  * bsc#1235500
  * bsc#1235502
  * bsc#1235503
  * bsc#1235519
  * bsc#1235520
  * bsc#1235521
  * bsc#1235523
  * bsc#1235526
  * bsc#1235528
  * bsc#1235532
  * bsc#1235533
  * bsc#1235534
  * bsc#1235537
  * bsc#1235538
  * bsc#1235545
  * bsc#1235552
  * bsc#1235555
  * bsc#1235557
  * bsc#1235563
  * bsc#1235564
  * bsc#1235565
  * bsc#1235568
  * bsc#1235570
  * bsc#1235571
  * bsc#1235577
  * bsc#1235578
  * bsc#1235582
  * bsc#1235583
  * bsc#1235584
  * bsc#1235587
  * bsc#1235611
  * bsc#1235612
  * bsc#1235616
  * bsc#1235622
  * bsc#1235627
  * bsc#1235632
  * bsc#1235635
  * bsc#1235638
  * bsc#1235641
  * bsc#1235643
  * bsc#1235645
  * bsc#1235646
  * bsc#1235647
  * bsc#1235650
  * bsc#1235653
  * bsc#1235656
  * bsc#1235657
  * bsc#1235663
  * bsc#1235686
  * bsc#1235700
  * bsc#1235705
  * bsc#1235707
  * bsc#1235708
  * bsc#1235710
  * bsc#1235714
  * bsc#1235716
  * bsc#1235720
  * bsc#1235723
  * bsc#1235727
  * bsc#1235730
  * bsc#1235737
  * bsc#1235739
  * bsc#1235745
  * bsc#1235747
  * bsc#1235750
  * bsc#1235753
  * bsc#1235759
  * bsc#1235764
  * bsc#1235768
  * bsc#1235776
  * bsc#1235777
  * bsc#1235778
  * bsc#1235779
  * bsc#1235793
  * bsc#1235798
  * bsc#1235806
  * bsc#1235808
  * bsc#1235812
  * bsc#1235814
  * bsc#1235818
  * bsc#1235842
  * bsc#1235865
  * bsc#1235874
  * bsc#1235894
  * bsc#1235902
  * bsc#1235903
  * bsc#1235906
  * bsc#1235918
  * bsc#1235919
  * bsc#1235920
  * bsc#1235924
  * bsc#1235940
  * bsc#1235941
  * bsc#1235946
  * bsc#1235948
  * bsc#1235952
  * bsc#1235964
  * bsc#1235965
  * bsc#1235967
  * bsc#1235969
  * bsc#1235976
  * bsc#1235977
  * bsc#1236078
  * bsc#1236080
  * bsc#1236082
  * bsc#1236088
  * bsc#1236090
  * bsc#1236091
  * bsc#1236096
  * bsc#1236097
  * bsc#1236098
  * bsc#1236101
  * bsc#1236102
  * bsc#1236104
  * bsc#1236106
  * bsc#1236120
  * bsc#1236125
  * bsc#1236127
  * bsc#1236131
  * bsc#1236138
  * bsc#1236143
  * bsc#1236144
  * bsc#1236145
  * bsc#1236160
  * bsc#1236161
  * bsc#1236163
  * bsc#1236168
  * bsc#1236178
  * bsc#1236180
  * bsc#1236181
  * bsc#1236182
  * bsc#1236190
  * bsc#1236192
  * bsc#1236198
  * bsc#1236227
  * bsc#1236245
  * bsc#1236247
  * bsc#1236248
  * bsc#1236260
  * bsc#1236262
  * bsc#1236628
  * bsc#1236688
  * bsc#1236696
  * bsc#1236698
  * bsc#1236703
  * bsc#1236732
  * bsc#1236733
  * bsc#1236757
  * bsc#1236758
  * bsc#1236760

  
Cross-References:

  * CVE-2023-52489
  * CVE-2023-52923
  * CVE-2024-36476
  * CVE-2024-39282
  * CVE-2024-43913
  * CVE-2024-45828
  * CVE-2024-46896
  * CVE-2024-47141
  * CVE-2024-47143
  * CVE-2024-47809
  * CVE-2024-48873
  * CVE-2024-48881
  * CVE-2024-49569
  * CVE-2024-49948
  * CVE-2024-49951
  * CVE-2024-49978
  * CVE-2024-49998
  * CVE-2024-50051
  * CVE-2024-50106
  * CVE-2024-50151
  * CVE-2024-50199
  * CVE-2024-50251
  * CVE-2024-50258
  * CVE-2024-50299
  * CVE-2024-50304
  * CVE-2024-52332
  * CVE-2024-53091
  * CVE-2024-53095
  * CVE-2024-53164
  * CVE-2024-53168
  * CVE-2024-53170
  * CVE-2024-53172
  * CVE-2024-53175
  * CVE-2024-53185
  * CVE-2024-53187
  * CVE-2024-53194
  * CVE-2024-53195
  * CVE-2024-53196
  * CVE-2024-53197
  * CVE-2024-53198
  * CVE-2024-53203
  * CVE-2024-53227
  * CVE-2024-53230
  * CVE-2024-53231
  * CVE-2024-53232
  * CVE-2024-53233
  * CVE-2024-53236
  * CVE-2024-53239
  * CVE-2024-53685
  * CVE-2024-53690
  * CVE-2024-54680
  * CVE-2024-55639
  * CVE-2024-55881
  * CVE-2024-55916
  * CVE-2024-56369
  * CVE-2024-56372
  * CVE-2024-56531
  * CVE-2024-56532
  * CVE-2024-56533
  * CVE-2024-56538
  * CVE-2024-56543
  * CVE-2024-56546
  * CVE-2024-56548
  * CVE-2024-56557
  * CVE-2024-56558
  * CVE-2024-56568
  * CVE-2024-56569
  * CVE-2024-56570
  * CVE-2024-56571
  * CVE-2024-56572
  * CVE-2024-56573
  * CVE-2024-56574
  * CVE-2024-56575
  * CVE-2024-56577
  * CVE-2024-56578
  * CVE-2024-56584
  * CVE-2024-56587
  * CVE-2024-56588
  * CVE-2024-56589
  * CVE-2024-56590
  * CVE-2024-56593
  * CVE-2024-56594
  * CVE-2024-56595
  * CVE-2024-56596
  * CVE-2024-56597
  * CVE-2024-56598
  * CVE-2024-56600
  * CVE-2024-56601
  * CVE-2024-56602
  * CVE-2024-56603
  * CVE-2024-56606
  * CVE-2024-56607
  * CVE-2024-56608
  * CVE-2024-56609
  * CVE-2024-56610
  * CVE-2024-56611
  * CVE-2024-56614
  * CVE-2024-56615
  * CVE-2024-56616
  * CVE-2024-56617
  * CVE-2024-56619
  * CVE-2024-56620
  * CVE-2024-56622
  * CVE-2024-56623
  * CVE-2024-56625
  * CVE-2024-56629
  * CVE-2024-56630
  * CVE-2024-56631
  * CVE-2024-56632
  * CVE-2024-56634
  * CVE-2024-56635
  * CVE-2024-56636
  * CVE-2024-56637
  * CVE-2024-56641
  * CVE-2024-56642
  * CVE-2024-56643
  * CVE-2024-56644
  * CVE-2024-56648
  * CVE-2024-56649
  * CVE-2024-56650
  * CVE-2024-56651
  * CVE-2024-56654
  * CVE-2024-56656
  * CVE-2024-56659
  * CVE-2024-56660
  * CVE-2024-56661
  * CVE-2024-56662
  * CVE-2024-56663
  * CVE-2024-56664
  * CVE-2024-56665
  * CVE-2024-56670
  * CVE-2024-56672
  * CVE-2024-56675
  * CVE-2024-56677
  * CVE-2024-56678
  * CVE-2024-56679
  * CVE-2024-56681
  * CVE-2024-56683
  * CVE-2024-56687
  * CVE-2024-56688
  * CVE-2024-56690
  * CVE-2024-56691
  * CVE-2024-56693
  * CVE-2024-56694
  * CVE-2024-56698
  * CVE-2024-56700
  * CVE-2024-56701
  * CVE-2024-56704
  * CVE-2024-56705
  * CVE-2024-56707
  * CVE-2024-56708
  * CVE-2024-56709
  * CVE-2024-56712
  * CVE-2024-56715
  * CVE-2024-56716
  * CVE-2024-56722
  * CVE-2024-56723
  * CVE-2024-56724
  * CVE-2024-56725
  * CVE-2024-56726
  * CVE-2024-56727
  * CVE-2024-56728
  * CVE-2024-56729
  * CVE-2024-56739
  * CVE-2024-56741
  * CVE-2024-56745
  * CVE-2024-56746
  * CVE-2024-56747
  * CVE-2024-56748
  * CVE-2024-56759
  * CVE-2024-56760
  * CVE-2024-56763
  * CVE-2024-56765
  * CVE-2024-56766
  * CVE-2024-56767
  * CVE-2024-56769
  * CVE-2024-56774
  * CVE-2024-56775
  * CVE-2024-56776
  * CVE-2024-56777
  * CVE-2024-56778
  * CVE-2024-56779
  * CVE-2024-56780
  * CVE-2024-56787
  * CVE-2024-57791
  * CVE-2024-57792
  * CVE-2024-57793
  * CVE-2024-57795
  * CVE-2024-57798
  * CVE-2024-57801
  * CVE-2024-57802
  * CVE-2024-57804
  * CVE-2024-57809
  * CVE-2024-57838
  * CVE-2024-57849
  * CVE-2024-57850
  * CVE-2024-57857
  * CVE-2024-57874
  * CVE-2024-57876
  * CVE-2024-57884
  * CVE-2024-57887
  * CVE-2024-57888
  * CVE-2024-57890
  * CVE-2024-57892
  * CVE-2024-57893
  * CVE-2024-57896
  * CVE-2024-57897
  * CVE-2024-57899
  * CVE-2024-57903
  * CVE-2024-57904
  * CVE-2024-57906
  * CVE-2024-57907
  * CVE-2024-57908
  * CVE-2024-57910
  * CVE-2024-57911
  * CVE-2024-57912
  * CVE-2024-57913
  * CVE-2024-57915
  * CVE-2024-57916
  * CVE-2024-57917
  * CVE-2024-57922
  * CVE-2024-57926
  * CVE-2024-57929
  * CVE-2024-57931
  * CVE-2024-57932
  * CVE-2024-57933
  * CVE-2024-57935
  * CVE-2024-57936
  * CVE-2024-57938
  * CVE-2024-57940
  * CVE-2024-57946
  * CVE-2025-21632
  * CVE-2025-21645
  * CVE-2025-21646
  * CVE-2025-21649
  * CVE-2025-21650
  * CVE-2025-21651
  * CVE-2025-21652
  * CVE-2025-21653
  * CVE-2025-21655
  * CVE-2025-21656
  * CVE-2025-21662
  * CVE-2025-21663
  * CVE-2025-21664
  * CVE-2025-21674
  * CVE-2025-21676
  * CVE-2025-21678
  * CVE-2025-21682

  
CVSS scores:

  * CVE-2023-52489 ( SUSE ):  5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-52923 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2023-52923 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-36476 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-36476 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-36476 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-39282 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-39282 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-43913 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-43913 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
  * CVE-2024-43913 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-45828 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-45828 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-45828 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-46896 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-46896 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47141 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47141 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47141 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47143 ( SUSE ):  5.6
    CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47143 ( SUSE ):  4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47143 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47809 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47809 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47809 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-48873 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-48873 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-48873 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-48881 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-48881 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-48881 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49569 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-49569 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49948 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49948 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49951 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49951 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49978 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49978 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49998 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49998 ( NVD ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50051 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-50051 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50051 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50051 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50106 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50106 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50106 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50151 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-50151 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2024-50151 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50199 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50251 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-50251 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50251 ( NVD ):  6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50258 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-50258 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50258 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50299 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50299 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50304 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50304 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-52332 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-52332 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53091 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53091 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53095 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53095 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53164 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53164 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53168 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53168 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53168 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53168 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53170 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53170 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53170 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53170 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53172 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53172 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53175 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-53175 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-53175 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53185 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53185 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53185 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53185 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53187 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-53187 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
  * CVE-2024-53187 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53194 ( SUSE ):  5.4
    CVSS:4.0/AV:P/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53194 ( SUSE ):  6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53195 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-53195 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-53196 ( SUSE ):  0.0
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-53196 ( SUSE ):  0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N
  * CVE-2024-53197 ( SUSE ):  5.6
    CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-53197 ( SUSE ):  4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-53198 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-53198 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-53203 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53203 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
  * CVE-2024-53203 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53227 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53227 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53227 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53230 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53230 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53230 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53231 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53231 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53231 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53232 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53232 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53232 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53232 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53233 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53233 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53236 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53236 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53239 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53239 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53239 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53239 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53685 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53685 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53690 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53690 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54680 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-54680 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54680 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54680 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-55639 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-55639 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-55881 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-55881 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-55916 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-55916 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-55916 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56369 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56369 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56369 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56372 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56372 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56531 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56531 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56532 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56532 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56533 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56533 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56538 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56538 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56538 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56543 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56543 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56546 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56546 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56548 ( SUSE ):  8.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56548 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56557 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56557 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56558 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56558 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56568 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56568 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56568 ( NVD ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56569 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56569 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56569 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56570 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56570 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56571 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56571 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56572 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56572 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56572 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56573 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56573 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56574 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56574 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56574 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56575 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56575 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56575 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56577 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56577 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56577 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56578 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56578 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56578 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56584 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56584 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56587 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56587 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56587 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56588 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56588 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56588 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56589 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56589 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56590 ( SUSE ):  6.9
    CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56590 ( SUSE ):  5.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56593 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56593 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56593 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56594 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56594 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56595 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56595 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56595 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56596 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56596 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56596 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56597 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56597 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-56598 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56598 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56598 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56600 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56601 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56602 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56602 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56602 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56603 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56603 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56603 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56606 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56606 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56606 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56607 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56607 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56608 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56608 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56608 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56609 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56609 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56610 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56610 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56611 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56611 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56611 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56614 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56614 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56614 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56615 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56615 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56615 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56616 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56616 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56617 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56617 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56617 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56619 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56619 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56620 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56620 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56620 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56622 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56622 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56622 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56623 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56623 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56623 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56625 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56625 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56629 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56629 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56629 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56630 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56630 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56631 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56631 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56631 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56632 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56632 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56632 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56634 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56634 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56634 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56635 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56635 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56635 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56635 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56636 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56636 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  * CVE-2024-56637 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56637 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56641 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56641 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56642 ( SUSE ):  7.5
    CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56642 ( SUSE ):  7.1 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56642 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56643 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56643 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56643 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56644 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56644 ( SUSE ):  2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56648 ( SUSE ):  8.6
    CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56648 ( SUSE ):  8.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56648 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56649 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56649 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56649 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56650 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56650 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56650 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-56651 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56651 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56651 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56654 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56654 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56654 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56656 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56656 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56656 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56659 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56659 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56659 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56660 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56660 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56660 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56661 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56661 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56661 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56662 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56662 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
  * CVE-2024-56662 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-56663 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56663 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
  * CVE-2024-56663 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-56664 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56664 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56664 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56665 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56665 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56665 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56670 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56670 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56670 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56672 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56672 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56672 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56672 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56675 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56675 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56675 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56675 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56677 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56677 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56678 ( SUSE ):  8.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56678 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56679 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56679 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56681 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56681 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  * CVE-2024-56683 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56683 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56687 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56687 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56687 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56688 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56688 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56688 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56690 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56690 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56691 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56691 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56693 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56693 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56693 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56694 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56694 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56694 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56698 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56698 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56698 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56700 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56700 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56701 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56701 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56704 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56704 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56704 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56705 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56705 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56707 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56707 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56708 ( SUSE ):  8.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56708 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56708 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56709 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56709 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56712 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56712 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56712 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56715 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56715 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56715 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56716 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56716 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56716 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56722 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56722 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56722 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56723 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56723 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56723 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56724 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56724 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56724 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56725 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56725 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56725 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56726 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56726 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56726 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56727 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56727 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56727 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56728 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56728 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56728 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56729 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56729 ( SUSE ):  2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56729 ( NVD ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56739 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56739 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56739 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56741 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56741 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56741 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56745 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56745 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56745 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56746 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56746 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56746 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56747 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56747 ( SUSE ):  2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56747 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56748 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56748 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56748 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56759 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56759 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56760 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56760 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56760 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56763 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56763 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56763 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56765 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56765 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56765 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56766 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56766 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56766 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56767 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56767 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56767 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56769 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56769 ( SUSE ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-56769 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56774 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56774 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56774 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56775 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56775 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56775 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56776 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56776 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56776 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56777 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56777 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56777 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56778 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56778 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56778 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56779 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56779 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56779 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56780 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56780 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56780 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56787 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56787 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56787 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57791 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57791 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57792 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57792 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57793 ( SUSE ):  6.2
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H
  * CVE-2024-57793 ( SUSE ):  8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:H
  * CVE-2024-57795 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57795 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57798 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57798 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57798 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57801 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57801 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57801 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57802 ( SUSE ):  2.1
    CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-57802 ( SUSE ):  4.6 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
  * CVE-2024-57802 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57804 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57804 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2024-57809 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57809 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57838 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57838 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57849 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57849 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57850 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57850 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57857 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57857 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57874 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57874 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57874 ( NVD ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
  * CVE-2024-57876 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57876 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57884 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57884 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57887 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57887 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57887 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57888 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57888 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57890 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57890 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
  * CVE-2024-57890 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57892 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57892 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57892 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57893 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57893 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57896 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57896 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57896 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57897 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57897 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57899 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57899 ( SUSE ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-57903 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57903 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57904 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57904 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57906 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57906 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57907 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57907 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57908 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57908 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57908 ( SUSE ):  3.3 AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57910 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57910 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57910 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-57911 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57911 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-57912 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57912 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57913 ( SUSE ):  0.0
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57913 ( SUSE ):  0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N
  * CVE-2024-57915 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57915 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57915 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57916 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57916 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57917 ( SUSE ):  5.6
    CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57917 ( SUSE ):  4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57922 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57922 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57926 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57926 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57926 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57929 ( SUSE ):  8.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57929 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57931 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57931 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57932 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57932 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57933 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57933 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57933 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57935 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57935 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57936 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57936 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57938 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57938 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57938 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57940 ( SUSE ):  5.6
    CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57940 ( SUSE ):  4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57940 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57946 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57946 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21632 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21632 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21645 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21645 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21646 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21646 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21649 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21649 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21649 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21650 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21650 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21651 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21651 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21652 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21652 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-21652 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-21652 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-21653 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-21653 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  * CVE-2025-21655 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21655 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21656 ( SUSE ):  1.0
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-21656 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:L
  * CVE-2025-21662 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21662 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21663 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21663 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21664 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21664 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21674 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21674 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21674 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21676 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21676 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21676 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21678 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21678 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21682 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21682 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21682 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * openSUSE Leap 15.6
  * Public Cloud Module 15-SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves 248 vulnerabilities and has 43 security fixes can now be
installed.

## Description:

The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various
security bugfixes.

The following security bugs were fixed:

  * CVE-2023-52489: mm/sparsemem: fix race in accessing memory_section->usage
    (bsc#1221326).
  * CVE-2024-45828: i3c: mipi-i3c-hci: Mask ring interrupts before ring stop
    request (bsc#1235705).
  * CVE-2024-48881: bcache: revert replacing IS_ERR_OR_NULL with IS_ERR again
    (bsc#1235727).
  * CVE-2024-49948: net: add more sanity checks to qdisc_pkt_len_init()
    (bsc#1232161).
  * CVE-2024-49951: Bluetooth: MGMT: Fix possible crash on mgmt_index_removed
    (bsc#1232158).
  * CVE-2024-49978: gso: fix udp gso fraglist segmentation after pull from
    frag_list (bsc#1232101).
  * CVE-2024-49998: net: dsa: improve shutdown sequence (bsc#1232087).
  * CVE-2024-50151: smb: client: fix OOBs when building SMB2_IOCTL request
    (bsc#1233055).
  * CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unuse_vma (bsc#1233112).
  * CVE-2024-50251: netfilter: nft_payload: sanitize offset and length before
    calling skb_checksum() (bsc#1233248).
  * CVE-2024-50258: net: fix crash when config small
    gso_max_size/gso_ipv4_max_size (bsc#1233221).
  * CVE-2024-50299: sctp: properly validate chunk size in sctp_sf_ootb()
    (bsc#1233488).
  * CVE-2024-50304: ipv4: ip_tunnel: Fix suspicious RCU usage warning in
    ip_tunnel_find() (bsc#1233522).
  * CVE-2024-53091: bpf: Add sk_is_inet and IS_ICSK check in
    tls_sw_has_ctx_tx/rx (bsc#1233638).
  * CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1234863).
  * CVE-2024-53170: block: fix uaf for flush rq while iterating tags
    (bsc#1234888).
  * CVE-2024-53172: ubi: fastmap: Fix duplicate slab cache names while attaching
    (bsc#1234898).
  * CVE-2024-53175: ipc: fix memleak if msg_init_ns failed in create_ipc_ns
    (bsc#1234893).
  * CVE-2024-53185: smb: client: fix NULL ptr deref in crypto_aead_setkey()
    (bsc#1234901).
  * CVE-2024-53187: io_uring: check for overflows in io_pin_pages (bsc#1234947).
  * CVE-2024-53195: KVM: arm64: Get rid of userspace_irqchip_in_use
    (bsc#1234957).
  * CVE-2024-53196: KVM: arm64: Do not retire aborted MMIO instruction
    (bsc#1234906).
  * CVE-2024-53198: xen: Fix the issue of resource not being properly released
    in xenbus_dev_probe() (bsc#1234923).
  * CVE-2024-53203: usb: typec: fix potential array underflow in
    ucsi_ccg_sync_control() (bsc#1235001).
  * CVE-2024-53227: scsi: bfa: Fix use-after-free in bfad_im_module_exit()
    (bsc#1235011).
  * CVE-2024-53232: iommu/s390: Implement blocking domain (bsc#1235050).
  * CVE-2024-53236: xsk: Free skb when TX metadata options are invalid
    (bsc#1235000).
  * CVE-2024-53685: ceph: give up on paths longer than PATH_MAX (bsc#1235720).
  * CVE-2024-55639: net: renesas: rswitch: avoid use-after-put for a device tree
    node (bsc#1235737).
  * CVE-2024-55881: KVM: x86: Play nice with protected guests in
    complete_hypercall_exit() (bsc#1235745).
  * CVE-2024-56372: net: tun: fix tun_napi_alloc_frags() (bsc#1235753).
  * CVE-2024-56568: iommu/arm-smmu: Defer probe of clients after smmu device
    bound (bsc#1235032).
  * CVE-2024-56569: ftrace: Fix regression with module command in
    stack_trace_filter (bsc#1235031).
  * CVE-2024-56570: ovl: Filter invalid inodes with missing lookup function
    (bsc#1235035).
  * CVE-2024-56588: scsi: hisi_sas: Create all dump files during debugfs
    initialization (bsc#1235123).
  * CVE-2024-56589: scsi: hisi_sas: Add cond_resched() for no forced preemption
    model (bsc#1235241).
  * CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in
    inet6_create() (bsc#1235217).
  * CVE-2024-56601: net: inet: do not leave a dangling sk pointer in
    inet_create() (bsc#1235230).
  * CVE-2024-56602: net: ieee802154: do not leave a dangling sk pointer in
    ieee802154_create() (bsc#1235521).
  * CVE-2024-56603: net: af_can: do not leave a dangling sk pointer in
    can_create() (bsc#1235415).
  * CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error
    in l2cap_sock_create() (bsc#1235061).
  * CVE-2024-56608: drm/amd/display: Fix out-of-bounds access in
    'dcn21_link_encoder_create' (bsc#1235487).
  * CVE-2024-56610: kcsan: Turn report_filterlist_lock into a raw_spinlock
    (bsc#1235390).
  * CVE-2024-56611: mm/mempolicy: fix migrate_to_node() assuming there is at
    least one VMA in a MM (bsc#1235391).
  * CVE-2024-56614: xsk: fix OOB map writes when deleting elements
    (bsc#1235424).
  * CVE-2024-56615: bpf: fix OOB devmap writes when deleting elements
    (bsc#1235426).
  * CVE-2024-56617: cacheinfo: Allocate memory during CPU hotplug if not done
    from the primary CPU (bsc#1235429).
  * CVE-2024-56620: scsi: ufs: qcom: Only free platform MSIs when ESI is enabled
    (bsc#1235227).
  * CVE-2024-56622: scsi: ufs: core: sysfs: Prevent div by zero (bsc#1235251).
  * CVE-2024-56631: scsi: sg: Fix slab-use-after-free read in sg_release()
    (bsc#1235480).
  * CVE-2024-56635: net: avoid potential UAF in default_operstate()
    (bsc#1235519).
  * CVE-2024-56636: geneve: do not assume mac header is set in geneve_xmit_skb()
    (bsc#1235520).
  * CVE-2024-56637: netfilter: ipset: Hold module reference while requesting a
    module (bsc#1235523).
  * CVE-2024-56641: net/smc: initialize close_work early to avoid warning
    (bsc#1235526).
  * CVE-2024-56643: dccp: Fix memory leak in dccp_feat_change_recv
    (bsc#1235132).
  * CVE-2024-56648: net: hsr: avoid potential out-of-bound access in
    fill_frame_info() (bsc#1235451).
  * CVE-2024-56649: net: enetc: Do not configure preemptible TCs if SIs do not
    support (bsc#1235449).
  * CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check()
    (bsc#1235430).
  * CVE-2024-56656: bnxt_en: Fix aggregation ID mask to prevent oops on 5760X
    chips (bsc#1235444).
  * CVE-2024-56659: net: lapb: increase LAPB_HEADER_LEN (bsc#1235439).
  * CVE-2024-56660: net/mlx5: DR, prevent potential error pointer dereference
    (bsc#1235437).
  * CVE-2024-56664: bpf, sockmap: Fix race between element replace and close()
    (bsc#1235249).
  * CVE-2024-56665: bpf,perf: Fix invalid prog_array access in
    perf_event_detach_bpf_prog (bsc#1235489).
  * CVE-2024-56675: bpf: Fix UAF via mismatching bpf_prog/attachment RCU flavors
    (bsc#1235555).
  * CVE-2024-56679: octeontx2-pf: handle otx2_mbox_get_rsp errors in
    otx2_common.c (bsc#1235498).
  * CVE-2024-56693: brd: defer automatic disk creation until module
    initialization succeeds (bsc#1235418).
  * CVE-2024-56694: bpf: fix recursive lock when verdict program return SK_PASS
    (bsc#1235412).
  * CVE-2024-56704: 9p/xen: fix release of IRQ (bsc#1235584).
  * CVE-2024-56707: octeontx2-pf: handle otx2_mbox_get_rsp errors in
    otx2_dmac_flt.c (bsc#1235545).
  * CVE-2024-56708: EDAC/igen6: Avoid segmentation fault on module unload
    (bsc#1235564).
  * CVE-2024-56712: udmabuf: fix memory leak on last export_udmabuf() error path
    (bsc#1235565).
  * CVE-2024-56715: ionic: Fix netdev notifier unregister on failure
    (bsc#1235612).
  * CVE-2024-56716: netdevsim: prevent bad user input in
    nsim_dev_health_break_write() (bsc#1235587).
  * CVE-2024-56725: octeontx2-pf: handle otx2_mbox_get_rsp errors in
    otx2_dcbnl.c (bsc#1235578).
  * CVE-2024-56726: octeontx2-pf: handle otx2_mbox_get_rsp errors in cn10k.c
    (bsc#1235582).
  * CVE-2024-56727: octeontx2-pf: handle otx2_mbox_get_rsp errors in
    otx2_flows.c (bsc#1235583).
  * CVE-2024-56728: octeontx2-pf: handle otx2_mbox_get_rsp errors in
    otx2_ethtool.c (bsc#1235656).
  * CVE-2024-56729: smb: Initialize cfid->tcon before performing network ops
    (bsc#1235503).
  * CVE-2024-56747: scsi: qedi: Fix a possible memory leak in
    qedi_alloc_and_init_sb() (bsc#1234934).
  * CVE-2024-56748: scsi: qedf: Fix a possible memory leak in
    qedf_alloc_and_init_sb() (bsc#1235627).
  * CVE-2024-56759: btrfs: fix use-after-free when COWing tree bock and tracing
    is enabled (bsc#1235645).
  * CVE-2024-56763: tracing: Prevent bad count for tracing_cpumask_write
    (bsc#1235638).
  * CVE-2024-56774: btrfs: add a sanity check for btrfs root in
    btrfs_search_slot() (bsc#1235653).
  * CVE-2024-56775: drm/amd/display: Fix handling of plane refcount
    (bsc#1235657).
  * CVE-2024-57791: net/smc: check return value of sock_recvmsg when draining
    clc data (bsc#1235759).
  * CVE-2024-57793: virt: tdx-guest: Just leak decrypted memory on unrecoverable
    errors (bsc#1235768).
  * CVE-2024-57795: RDMA/rxe: Remove the direct link to net_device
    (bsc#1235906).
  * CVE-2024-57801: net/mlx5e: Skip restore TC rules for vport rep without
    loaded flag (bsc#1235940).
  * CVE-2024-57802: netrom: check buffer length before accessing it
    (bsc#1235941).
  * CVE-2024-57804: scsi: mpi3mr: Fix corrupt config pages PHY state is switched
    in sysfs (bsc#1235779).
  * CVE-2024-57809: PCI: imx6: Fix suspend/resume support on i.MX6QDL
    (bsc#1235793).
  * CVE-2024-57838: s390/entry: Mark IRQ entries to fix stack depot warnings
    (bsc#1235798).
  * CVE-2024-57857: RDMA/siw: Remove direct link to net_device (bsc#1235946).
  * CVE-2024-57884: mm: vmscan: account for free pages to prevent infinite Loop
    in throttle_direct_reclaim() (bsc#1235948).
  * CVE-2024-57892: ocfs2: fix slab-use-after-free due to dangling pointer
    dqi_priv (bsc#1235964).
  * CVE-2024-57896: btrfs: flush delalloc workers queue before stopping cleaner
    kthread during unmount (bsc#1235965).
  * CVE-2024-57903: net: restrict SO_REUSEPORT to inet sockets (bsc#1235967).
  * CVE-2024-57917: topology: Keep the cpumask unchanged when printing cpumap
    (bsc#1236127).
  * CVE-2024-57929: dm array: fix releasing a faulty array block twice in
    dm_array_cursor_end (bsc#1236096).
  * CVE-2024-57931: selinux: ignore unknown extended permissions (bsc#1236192).
  * CVE-2024-57932: gve: guard XDP xmit NDO on existence of xdp queues
    (bsc#1236190).
  * CVE-2024-57933: gve: guard XSK operations on the existence of queues
    (bsc#1236178).
  * CVE-2024-57938: net/sctp: Prevent autoclose integer overflow in
    sctp_association_init() (bsc#1236182).
  * CVE-2024-57946: virtio-blk: do not keep queue frozen during system suspend
    (bsc#1236247).
  * CVE-2025-21632: x86/fpu: Ensure shadow stack is active before "getting"
    registers (bsc#1236106).
  * CVE-2025-21649: net: hns3: fix kernel crash when 1588 is sent on HIP08
    devices (bsc#1236143).
  * CVE-2025-21650: net: hns3: fixed hclge_fetch_pf_reg accesses bar space out
    of bounds issue (bsc#1236144).
  * CVE-2025-21651: net: hns3: do not auto enable misc vector (bsc#1236145).
  * CVE-2025-21652: ipvlan: Fix use-after-free in ipvlan_get_iflink()
    (bsc#1236160).
  * CVE-2025-21653: net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute
    (bsc#1236161).
  * CVE-2025-21655: io_uring/eventfd: ensure io_eventfd_signal() defers another
    RCU period (bsc#1236163).
  * CVE-2025-21662: net/mlx5: Fix variable not being completed when function
    returns (bsc#1236198).
  * CVE-2025-21663: net: stmmac: dwmac-tegra: Read iommu stream id from device
    tree (bsc#1236260).
  * CVE-2025-21664: dm thin: make get_first_thin use rcu-safe list first
    function (bsc#1236262).
  * CVE-2025-21674: net/mlx5e: Fix inversion dependency warning while enabling
    IPsec tunnel (bsc#1236688).
  * CVE-2025-21676: net: fec: handle page_pool_dev_alloc_pages error
    (bsc#1236696).
  * CVE-2025-21678: gtp: Destroy device along with udp socket's netns dismantle
    (bsc#1236698).
  * CVE-2025-21682: eth: bnxt: always recalculate features after XDP clearing,
    fix null-deref (bsc#1236703).

The following non-security bugs were fixed:

  * ACPI/IORT: Add PMCG platform information for HiSilicon HIP09A (stable-
    fixes).
  * ACPI/IORT: Add PMCG platform information for HiSilicon HIP10/11 (stable-
    fixes).
  * ACPI: PCC: Add PCC shared memory region command and status bitfields
    (stable-fixes).
  * ACPI: fan: cleanup resources in the error path of .probe() (git-fixes).
  * ACPI: resource: Add Asus Vivobook X1504VAP to irq1_level_low_skip_override[]
    (stable-fixes).
  * ACPI: resource: Add TongFang GM5HG0A to irq1_edge_low_force_override[]
    (stable-fixes).
  * ACPI: resource: acpi_dev_irq_override(): Check DMI match last (stable-
    fixes).
  * ALSA: hda/realtek - Add support for ASUS Zen AIO 27 Z272SD_A272SD audio
    (stable-fixes).
  * ALSA: hda/realtek - Fixed headphone distorted sound on Acer Aspire A115-31
    laptop (git-fixes).
  * ALSA: hda/realtek: Add new alc2xx-fixup-headset-mic model (stable-fixes).
  * ALSA: hda/realtek: Add support for Ayaneo System using CS35L41 HDA (stable-
    fixes).
  * ALSA: hda/realtek: Add support for Galaxy Book2 Pro (NP950XEE) (stable-
    fixes).
  * ALSA: hda/realtek: Enable Mute LED on HP Laptop 14s-fq1xxx (stable-fixes).
  * ALSA: hda/realtek: Enable headset mic on Positivo C6400 (stable-fixes).
  * ALSA: hda/realtek: Workaround for resume on Dell Venue 11 Pro 7130
    (bsc#1235686).
  * ALSA: hda: Fix headset detection failure due to unstable sort (git-fixes).
  * ALSA: ump: Use guard() for locking (stable-fixes).
  * ALSA: usb-audio: Add delay quirk for USB Audio Device (stable-fixes).
  * ALSA: usb-audio: Add delay quirk for iBasso DC07 Pro (stable-fixes).
  * ASoC: Intel: avs: Fix theoretical infinite loop (git-fixes).
  * ASoC: acp: Support microphone from Lenovo Go S (stable-fixes).
  * ASoC: mediatek: disable buffer pre-allocation (stable-fixes).
  * ASoC: rockchip: i2s_tdm: Re-add the set_sysclk callback (git-fixes).
  * ASoC: rt722: add delay time to wait for the calibration procedure (stable-
    fixes).
  * ASoC: samsung: Add missing depends on I2C (git-fixes).
  * ASoC: samsung: Add missing selects for MFD_WM8994 (stable-fixes).
  * ASoC: sun4i-spdif: Add clock multiplier settings (git-fixes).
  * ASoC: wm8994: Add depends on MFD core (stable-fixes).
  * Bluetooth: Add support ITTIM PE50-M75C (stable-fixes).
  * Bluetooth: L2CAP: accept zero as a special value for MTU auto-selection
    (git-fixes).
  * Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc (git-fixes).
  * Bluetooth: MGMT: Fix Add Device to responding before completing (git-fixes).
  * Bluetooth: btnxpuart: Fix driver sending truncated data (git-fixes).
  * Bluetooth: btnxpuart: Fix glitches seen in dual A2DP streaming (git-fixes).
  * Bluetooth: btusb: Add USB HW IDs for MT7921/MT7922/MT7925 (stable-fixes).
  * Bluetooth: btusb: Add new VID/PID 0489/e111 for MT7925 (stable-fixes).
  * Bluetooth: btusb: Add new VID/PID 13d3/3602 for MT7925 (stable-fixes).
  * Bluetooth: btusb: add callback function in btusb suspend/resume (stable-
    fixes).
  * Bluetooth: btusb: mediatek: add callback function in btusb_disconnect
    (stable-fixes).
  * Bluetooth: hci_sync: Fix not setting Random Address when required (git-
    fixes).
  * EDAC/{i10nm,skx,skx_common}: Support UV systems (bsc#1234693).
  * HID: core: Fix assumption that Resolution Multipliers must be in Logical
    Collections (git-fixes).
  * HID: fix generic desktop D-Pad controls (git-fixes).
  * HID: hid-sensor-hub: do not use stale platform-data on remove (git-fixes).
  * HID: hid-thrustmaster: Fix warning in thrustmaster_probe by adding endpoint
    check (git-fixes).
  * HID: multitouch: fix support for Goodix PID 0x01e9 (git-fixes).
  * Input: atkbd - map F23 key to support default copilot shortcut (stable-
    fixes).
  * Input: bbnsm_pwrkey - add remove hook (git-fixes).
  * Input: bbnsm_pwrkey - fix missed key press after suspend (git-fixes).
  * Input: davinci-keyscan - remove leftover header (git-fixes).
  * Input: xpad - add QH Electronics VID/PID (stable-fixes).
  * Input: xpad - add support for Nacon Evol-X Xbox One Controller (stable-
    fixes).
  * Input: xpad - add support for Nacon Pro Compact (stable-fixes).
  * Input: xpad - add support for wooting two he (arm) (stable-fixes).
  * Input: xpad - add unofficial Xbox 360 wireless receiver clone (stable-
    fixes).
  * Input: xpad - improve name of 8BitDo controller 2dc8:3106 (stable-fixes).
  * KVM: SVM: Allow guest writes to set MSR_AMD64_DE_CFG bits (bsc#1234635).
  * KVM: s390: Reject KVM_SET_GSI_ROUTING on ucontrol VMs (git-fixes
    bsc#1235776).
  * KVM: s390: Reject setting flic pfault attributes on ucontrol VMs (git-fixes
    bsc#1235777).
  * KVM: s390: vsie: fix virtual/physical address in unpin_scb() (git-fixes
    bsc#1235778).
  * NFC: nci: Add bounds checking in nci_hci_create_pipe() (git-fixes).
  * NFSv4.2: fix COPY_NOTIFY xdr buf size calculation (git-fixes).
  * NFSv4.2: mark OFFLOAD_CANCEL MOVEABLE (git-fixes).
  * PCI: Avoid putting some root ports into D3 on TUXEDO Sirius Gen1 (git-
    fixes).
  * PCI: dwc: Always stop link in the dw_pcie_suspend_noirq (git-fixes).
  * PCI: dwc: ep: Prevent changing BAR size/flags in pci_epc_set_bar() (git-
    fixes).
  * PCI: dwc: ep: Write BAR_MASK before iATU registers in pci_epc_set_bar()
    (git-fixes).
  * PCI: endpoint: Destroy the EPC device in devm_pci_epc_destroy() (git-fixes).
  * PCI: endpoint: Finish virtual EP removal in pci_epf_remove_vepf() (git-
    fixes).
  * PCI: endpoint: pci-epf-test: Fix check for DMA MEMCPY test (git-fixes).
  * PCI: endpoint: pci-epf-test: Set dma_chan_rx pointer to NULL on error (git-
    fixes).
  * PCI: imx6: Deassert apps_reset in imx_pcie_deassert_core_reset() (git-
    fixes).
  * PCI: imx6: Skip controller_id generation logic for i.MX7D (git-fixes).
  * PCI: microchip: Set inbound address translation for coherent or non-coherent
    mode (git-fixes).
  * PCI: rcar-ep: Fix incorrect variable used when calling
    devm_request_mem_region() (git-fixes).
  * PM: hibernate: Add error handling for syscore_suspend() (git-fixes).
  * RDMA/bnxt_re: Add send queue size check for variable wqe (git-fixes)
  * RDMA/bnxt_re: Fix MSN table size for variable wqe mode (git-fixes)
  * RDMA/bnxt_re: Fix max SGEs for the Work Request (git-fixes)
  * RDMA/bnxt_re: Fix the max WQE size for static WQE support (git-fixes)
  * RDMA/bnxt_re: Fix the max WQEs used in Static WQE mode (git-fixes)
  * RDMA/bnxt_re: Fix to drop reference to the mmap entry in case of error (git-
    fixes)
  * RDMA/bnxt_re: Fix to export port num to ib_query_qp (git-fixes)
  * RDMA/mlx4: Avoid false error about access to uninitialized gids array (git-
    fixes)
  * RDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error (git-
    fixes)
  * RDMA/mlx5: Fix implicit ODP use after free (git-fixes)
  * RDMA/mlx5: Fix indirect mkey ODP page count (git-fixes)
  * RDMA/rxe: Fix mismatched max_msg_sz (git-fixes)
  * RDMA/rxe: Fix the warning "__rxe_cleanup+0x12c/0x170 [rdma_rxe]" (git-fixes)
  * RDMA/srp: Fix error handling in srp_add_port (git-fixes)
  * Disable "ocfs2: fix UBSAN warning in ocfs2_verify_volume()" (bsc#1236138).
  * Remove "idpf: fix memory leaks and crashes while performing a soft reset"
    fix (bsc#1236628).
  * Remove "media: uvcvideo: Require entities to have a non-zero unique ID" fix
    (bsc#1235894).
  * Revert "HID: multitouch: Add support for lenovo Y9000P Touchpad" (stable-
    fixes).
  * Revert "drm/i915/dpt: Make DPT object unshrinkable" (stable-fixes).
  * Revert "mtd: spi-nor: core: replace dummy buswidth from addr to data" (git-
    fixes).
  * Revert "usb: gadget: u_serial: Disable ep before setting port to null to fix
    the crash caused by port being null" (stable-fixes).
  * USB: core: Disable LPM only for non-suspended ports (git-fixes).
  * USB: serial: cp210x: add Phoenix Contact UPS Device (stable-fixes).
  * USB: serial: option: add MeiG Smart SRM815 (stable-fixes).
  * USB: serial: option: add Neoway N723-EA support (stable-fixes).
  * USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() (git-
    fixes).
  * USB: usblp: return error when setting unsupported protocol (git-fixes).
  * VFS: use system_unbound_wq for delayed_mntput (bsc#1234683).
  * VMCI: fix reference to ioctl-number.rst (git-fixes).
  * afs: Fix EEXIST error returned from afs_rmdir() to be ENOTEMPTY (git-fixes).
  * afs: Fix cleanup of immediately failed async calls (git-fixes).
  * afs: Fix directory format encoding struct (git-fixes).
  * afs: Fix the fallback handling for the YFS.RemoveFile2 RPC call (git-fixes).
  * afs: Fix the maximum cell name length (git-fixes).
  * arm64/sme: Move storage of reg_smidr to __cpuinfo_store_cpu() (git-fixes)
  * arm64: Filter out SVE hwcaps when FEAT_SVE isn't implemented (git-fixes)
  * arm64: Kconfig: Make SME depend on BROKEN for now (git-fixes bsc#1236245).
  * arm64: dts: rockchip: Add sdmmc/sdio/emmc reset controls for RK3328 (git-
    fixes)
  * arm64: dts: rockchip: add hevc power domain clock to rk3328 (git-fixes).
  * arm64: dts: rockchip: increase gmac rx_delay on rk3399-puma (git-fixes)
  * arm64: ptrace: fix partial SETREGSET for NT_ARM_TAGGED_ADDR_CTRL (git-
    fixes).
  * arm64: tegra: Disable Tegra234 sce-fabric node (git-fixes)
  * arm64: tegra: Fix Tegra234 PCIe interrupt-map (git-fixes)
  * arm64: tegra: Fix typo in Tegra234 dce-fabric compatible (git-fixes)
  * ata: libata-core: Set ATA_QCFLAG_RTF_FILLED in fill_result_tf() (stable-
    fixes).
  * bnxt_en: Fix GSO type for HW GRO packets on 5750X chips (git-fixes)
  * btrfs: fix use-after-free in btrfs_encoded_read_endio() (bsc#1235445).
  * btrfs: fix use-after-free waiting for encoded read endios (bsc#1235445).
  * bus: mhi: host: Free mhi_buf vector inside mhi_alloc_bhie_table() (git-
    fixes).
  * ceph: improve error handling and short/overflow-read logic in
    __ceph_sync_read() (bsc#1228592).
  * cleanup: Add conditional guard support (stable-fixes).
  * cleanup: Adjust scoped_guard() macros to avoid potential warning (stable-
    fixes).
  * cleanup: Remove address space of returned pointer (git-fixes).
  * cpufreq: ACPI: Fix max-frequency computation (git-fixes).
  * cpufreq: Do not unregister cpufreq cooling on CPU hotplug (git-fixes).
  * cpufreq: amd-pstate: remove global header file (git-fixes).
  * cpufreq: intel_pstate: Check turbo_is_disabled() in store_no_turbo()
    (bsc#1234619).
  * cpufreq: intel_pstate: Do not update global.turbo_disabled after
    initialization (bsc#1234619).
  * cpufreq: intel_pstate: Drop redundant locking from
    intel_pstate_driver_cleanup() (bsc#1234619).
  * cpufreq: intel_pstate: Fix unchecked HWP MSR access (bsc#1234619).
  * cpufreq: intel_pstate: Fold intel_pstate_max_within_limits() into caller
    (bsc#1234619).
  * cpufreq: intel_pstate: Get rid of unnecessary READ_ONCE() annotations
    (bsc#1234619).
  * cpufreq: intel_pstate: Make hwp_notify_lock a raw spinlock (git-fixes).
  * cpufreq: intel_pstate: Read global.no_turbo under READ_ONCE() (bsc#1234619).
  * cpufreq: intel_pstate: Rearrange show_no_turbo() and store_no_turbo()
    (bsc#1234619).
  * cpufreq: intel_pstate: Refine computation of P-state for given frequency
    (bsc#1234619).
  * cpufreq: intel_pstate: Replace three global.turbo_disabled checks
    (bsc#1234619).
  * cpufreq: intel_pstate: Revise global turbo disable check (bsc#1234619).
  * cpufreq: intel_pstate: Simplify spinlock locking (bsc#1234619).
  * cpufreq: intel_pstate: Update the maximum CPU frequency consistently
    (bsc#1234619).
  * cpufreq: intel_pstate: Use HWP to initialize ITMT if CPPC is missing (git-
    fixes).
  * cpufreq: intel_pstate: Use __ro_after_init for three variables
    (bsc#1234619).
  * cpufreq: intel_pstate: Wait for canceled delayed work to complete
    (bsc#1234619).
  * cpufreq: intel_pstate: fix pstate limits enforcement for adjust_perf call
    back (git-fixes).
  * cpuidle: Avoid potential overflow in integer multiplication (git-fixes).
  * cpupower: fix TSC MHz calculation (git-fixes).
  * crypto: caam - use JobR's space to access page 0 regs (git-fixes).
  * crypto: ecc - Prevent ecc_digits_from_bytes from reading too many bytes
    (git-fixes).
  * crypto: ecdsa - Avoid signed integer overflow on signature decoding (stable-
    fixes).
  * crypto: ecdsa - Convert byte arrays with key coordinates to digits (stable-
    fixes).
  * crypto: ecdsa - Rename keylen to bufsize where necessary (stable-fixes).
  * crypto: ecdsa - Use ecc_digits_from_bytes to convert signature (stable-
    fixes).
  * crypto: iaa - Fix IAA disabling that occurs when sync_mode is set to 'async'
    (git-fixes).
  * crypto: ixp4xx - fix OF node reference leaks in init_ixp_crypto() (git-
    fixes).
  * crypto: qce - fix goto jump in error path (git-fixes).
  * crypto: qce - fix priority to be less than ARMv8 CE (git-fixes).
  * crypto: qce - unregister previously registered algos in error path (git-
    fixes).
  * devcoredump: cleanup some comments (git-fixes).
  * dlm: fix possible lkb_resource null dereference (git-fixes).
  * dmaengine: ti: edma: fix OF node reference leaks in edma_driver (git-fixes).
  * docs: media: update location of the media patches (stable-fixes).
  * docs: power: Fix footnote reference for Toshiba Satellite P10-554 (git-
    fixes).
  * driver core: class: Fix wild pointer dereferences in API
    class_dev_iter_next() (git-fixes).
  * drivers/card_reader/rtsx_usb: Restore interrupt based detection (git-fixes).
  * drm/amd/display: Add check for granularity in dml ceil/floor helpers
    (stable-fixes).
  * drm/amd/display: Fix DSC-re-computing (stable-fixes).
  * drm/amd/display: Fix incorrect DSC recompute trigger (stable-fixes).
  * drm/amd/display: Use HW lock mgr for PSR1 (stable-fixes).
  * drm/amd/display: increase MAX_SURFACES to the value supported by hw (stable-
    fixes).
  * drm/amd/pm: Fix an error handling path in
    vega10_enable_se_edc_force_stall_config() (git-fixes).
  * drm/amdgpu/vcn: reset fw_shared under SRIOV (git-fixes).
  * drm/amdgpu: Fix potential NULL pointer dereference in
    atomctrl_get_smc_sclk_range_table (git-fixes).
  * drm/amdgpu: always sync the GFX pipe on ctx switch (stable-fixes).
  * drm/amdgpu: simplify return statement in amdgpu_ras_eeprom_init (git-fixes).
  * drm/amdgpu: tear down ttm range manager for doorbell in amdgpu_ttm_fini()
    (git-fixes).
  * drm/amdkfd: Correct the migration DMA map direction (stable-fixes).
  * drm/amdkfd: fixed page fault when enable MES shader debugger (git-fixes).
  * drm/bridge: it6505: Change definition of AUX_FIFO_MAX_SIZE (git-fixes).
  * drm/etnaviv: Fix page property being used for non writecombine buffers (git-
    fixes).
  * drm/i915/fb: Relax clear color alignment to 64 bytes (stable-fixes).
  * drm/mediatek: Add return value check when reading DPCD (git-fixes).
  * drm/mediatek: Add support for 180-degree rotation in the display driver
    (git-fixes).
  * drm/mediatek: Fix YCbCr422 color format issue for DP (git-fixes).
  * drm/mediatek: Fix mode valid issue for dp (git-fixes).
  * drm/mediatek: Set private->all_drm_private[i]->drm to NULL if mtk_drm_bind
    returns err (git-fixes).
  * drm/mediatek: mtk_dsi: Add registers to pdata to fix MT8186/MT8188 (git-
    fixes).
  * drm/mediatek: stop selecting foreign drivers (git-fixes).
  * drm/msm/dp: set safe_to_exit_level before printing it (git-fixes).
  * drm/msm/dpu: link DSPP_2/_3 blocks on SC8180X (git-fixes).
  * drm/msm/dpu: link DSPP_2/_3 blocks on SM8150 (git-fixes).
  * drm/msm/dpu: link DSPP_2/_3 blocks on SM8250 (git-fixes).
  * drm/msm/dpu: link DSPP_2/_3 blocks on SM8350 (git-fixes).
  * drm/msm/dpu: link DSPP_2/_3 blocks on SM8550 (git-fixes).
  * drm/msm: Check return value of of_dma_configure() (git-fixes).
  * drm/msm: do not clean up priv->kms prematurely (git-fixes).
  * drm/rcar-du: dsi: Fix PHY lock bit check (git-fixes).
  * drm/rockchip: cdn-dp: Use drm_connector_helper_hpd_irq_event() (git-fixes).
  * drm/rockchip: vop2: Check linear format for Cluster windows on rk3566/8
    (git-fixes).
  * drm/rockchip: vop2: Fix cluster windows alpha ctrl regsiters offset (git-
    fixes).
  * drm/rockchip: vop2: Fix the mixer alpha setup for layer 0 (git-fixes).
  * drm/tidss: Clear the interrupt status for interrupts being disabled (git-
    fixes).
  * drm/tidss: Fix issue in irq handling causing irq-flood issue (git-fixes).
  * drm/v3d: Assign job pointer to NULL before signaling the fence (git-fixes).
  * drm/v3d: Ensure job pointer is set to NULL after job completion (git-fixes).
  * drm/v3d: Stop active perfmon if it is being destroyed (git-fixes).
  * drm/vmwgfx: Add new keep_resv BO param (git-fixes).
  * exfat: ensure that ctime is updated whenever the mtime is (git-fixes).
  * exfat: fix the infinite loop in __exfat_free_cluster() (git-fixes).
  * exfat: fix the infinite loop in exfat_readdir() (git-fixes).
  * fbdev: omapfb: Fix an OF node leak in dss_of_port_get_parent_device() (git-
    fixes).
  * genirq: Make handle_enforce_irqctx() unconditionally available (git-fixes).
  * genksyms: fix memory leak when the same symbol is added from source (git-
    fixes).
  * genksyms: fix memory leak when the same symbol is read from *.symref file
    (git-fixes).
  * gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (git-fixes).
  * gpio: mxc: remove dead code after switch to DT-only (git-fixes).
  * gpio: xilinx: Convert gpio_lock to raw spinlock (git-fixes).
  * gtp: Use for_each_netdev_rcu() in gtp_genl_dump_pdp() (git-fixes).
  * hwmon: (drivetemp) Fix driver producing garbage data when SCSI errors occur
    (git-fixes).
  * hwmon: (drivetemp) Set scsi command timeout to 10s (stable-fixes).
  * hwmon: (tmp513) Fix division of negative numbers (git-fixes).
  * hyperv: Do not overlap the hvcall IO areas in get_vtl() (git-fixes).
  * i2c: core: fix reference leak in i2c_register_adapter() (git-fixes).
  * i2c: i801: Add support for Intel Arrow Lake-H (stable-fixes).
  * i2c: i801: Add support for Intel Panther Lake (stable-fixes).
  * i2c: mux: demux-pinctrl: check initial mux selection, too (git-fixes).
  * i2c: rcar: fix NACK handling when being a target (git-fixes).
  * i2c: xgene-slimpro: Migrate to use generic PCC shmem related macros (stable-
    fixes).
  * ibmvnic: Free any outstanding tx skbs during scrq reset (bsc#1226980).
  * ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe()
    (git-fixes).
  * iio: adc: ad7124: Disable all channels at probe time (git-fixes).
  * iio: adc: ad_sigma_delta: Handle CS assertion as intended in
    ad_sd_read_reg_raw() (git-fixes).
  * iio: adc: at91: call input_free_device() on allocated iio_dev (git-fixes).
  * iio: adc: rockchip_saradc: fix information leak in triggered buffer (git-
    fixes).
  * iio: adc: ti-ads124s08: Use gpiod_set_value_cansleep() (git-fixes).
  * iio: adc: ti-ads8688: fix information leak in triggered buffer (git-fixes).
  * iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered
    buffer (git-fixes).
  * iio: gyro: fxas21002c: Fix missing data update in trigger handler (git-
    fixes).
  * iio: iio-mux: kzalloc instead of devm_kzalloc to ensure page alignment (git-
    fixes).
  * iio: imu: kmx61: fix information leak in triggered buffer (git-fixes).
  * iio: inkern: call iio_device_put() only on mapped devices (git-fixes).
  * iio: light: as73211: fix channel handling in only-color triggered buffer
    (git-fixes).
  * iio: light: vcnl4035: fix information leak in triggered buffer (git-fixes).
  * iio: pressure: zpa2326: fix information leak in triggered buffer (git-
    fixes).
  * iio: test : check null return of kunit_kmalloc in iio_rescale_test_scale
    (git-fixes).
  * intel_th: core: fix kernel-doc warnings (git-fixes).
  * ipmi: ipmb: Add check devm_kasprintf() returned value (git-fixes).
  * ipmi: ssif_bmc: Fix new request loss when bmc ready for a response (git-
    fixes).
  * irqchip/gic-v3: Force propagation of the active state with a read-back
    (stable-fixes).
  * irqchip/gic: Correct declaration of *percpu_base pointer in union gic_base
    (stable-fixes).
  * kconfig: fix file name in warnings when loading KCONFIG_DEFCONFIG_LIST (git-
    fixes).
  * kheaders: Ignore silly-rename files (stable-fixes).
  * ktest.pl: Avoid false positives with grub2 skip regex (stable-fixes).
  * ktest.pl: Check kernelrelease return in get_version (git-fixes).
  * ktest.pl: Fix typo "accesing" (git-fixes).
  * ktest.pl: Fix typo in comment (git-fixes).
  * ktest.pl: Remove unused declarations in run_bisect_test function (git-
    fixes).
  * ktest: force $buildonly = 1 for 'make_warnings_file' test type (stable-
    fixes).
  * landlock: Handle weird files (git-fixes).
  * latencytop: use correct kernel-doc format for func params (git-fixes).
  * leds: lp8860: Write full EEPROM, not only half of it (git-fixes).
  * leds: netxbig: Fix an OF node reference leak in netxbig_leds_get_of_pdata()
    (git-fixes).
  * lib/inflate.c: remove dead code (git-fixes).
  * lib/stackdepot: print disabled message only if truly disabled (git-fixes).
  * mac802154: check local interfaces before deleting sdata list (stable-fixes).
  * mailbox: pcc: Add support for platform notification handling (stable-fixes).
  * mailbox: pcc: Support shared interrupt for multiple subspaces (stable-
    fixes).
  * mailbox: tegra-hsp: Clear mailbox before using message (git-fixes).
  * maple_tree: simplify split calculation (git-fixes).
  * media: camif-core: Add check for clk_enable() (git-fixes).
  * media: ccs: Clean up parsed CCS static data on parse failure (git-fixes).
  * media: ccs: Fix CCS static data parsing for large block sizes (git-fixes).
  * media: ccs: Fix cleanup order in ccs_probe() (git-fixes).
  * media: dvb-usb-v2: af9035: fix ISO C90 compilation error on
    af9035_i2c_master_xfer (git-fixes).
  * media: i2c: imx412: Add missing newline to prints (git-fixes).
  * media: i2c: ov9282: Correct the exposure offset (git-fixes).
  * media: imx-jpeg: Fix potential error pointer dereference in detach_pm()
    (git-fixes).
  * media: imx296: Add standby delay during probe (git-fixes).
  * media: lmedm04: Handle errors for lme2510_int_read (git-fixes).
  * media: marvell: Add check for clk_enable() (git-fixes).
  * media: mc: fix endpoint iteration (git-fixes).
  * media: mipi-csis: Add check for clk_enable() (git-fixes).
  * media: nxp: imx8-isi: fix v4l2-compliance test errors (git-fixes).
  * media: ov5640: fix get_light_freq on auto (git-fixes).
  * media: rc: iguanair: handle timeouts (git-fixes).
  * media: rkisp1: Fix unused value issue (git-fixes).
  * media: uvcvideo: Fix crash during unbind if gpio unit is in use (git-fixes).
  * media: uvcvideo: Fix double free in error path (git-fixes).
  * media: uvcvideo: Fix event flags in uvc_ctrl_send_events (git-fixes).
  * media: uvcvideo: Force UVC version to 1.0a for 0408:4035 (stable-fixes).
  * media: uvcvideo: Only save async fh if success (git-fixes).
  * media: uvcvideo: Propagate buf->error to userspace (git-fixes).
  * media: uvcvideo: Remove dangling pointers (git-fixes).
  * media: uvcvideo: Remove redundant NULL assignment (git-fixes).
  * media: uvcvideo: Support partial control reads (git-fixes).
  * memory tiering: count PGPROMOTE_SUCCESS when mem tiering is enabled (git-
    fixes).
  * memory-failure: use a folio in me_huge_page() (git-fixes).
  * memory: tegra20-emc: fix an OF node reference bug in
    tegra_emc_find_node_by_ram_code() (git-fixes).
  * misc: fastrpc: Deregister device nodes properly in error scenarios (git-
    fixes).
  * misc: fastrpc: Fix copy buffer page size (git-fixes).
  * misc: fastrpc: Fix registered buffer page address (git-fixes).
  * misc: microchip: pci1xxxx: Resolve kernel panic during GPIO IRQ handling
    (git-fixes).
  * misc: microchip: pci1xxxx: Resolve return code mismatch during GPIO set
    config (git-fixes).
  * misc: misc_minor_alloc to use ida for all dynamic/misc dynamic minors (git-
    fixes).
  * mm, kmsan: fix infinite recursion due to RCU critical section (git-fixes).
  * mm,page_owner: do not remove __GFP_NOLOCKDEP in add_stack_record_to_list
    (git-fixes).
  * mm/memory-failure: cast index to loff_t before shifting it (git-fixes).
  * mm/memory-failure: check the mapcount of the precise page (git-fixes).
  * mm/memory-failure: fix crash in split_huge_page_to_list from
    soft_offline_page (git-fixes).
  * mm/memory-failure: pass the folio and the page to collect_procs() (git-
    fixes).
  * mm/memory-failure: use raw_spinlock_t in struct memory_failure_cpu (git-
    fixes).
  * mm/memory_hotplug: add missing mem_hotplug_lock (git-fixes).
  * mm/memory_hotplug: fix error handling in add_memory_resource() (git-fixes).
  * mm/memory_hotplug: prevent accessing by index=-1 (git-fixes).
  * mm/memory_hotplug: use pfn math in place of direct struct page manipulation
    (git-fixes).
  * mm/migrate: correct nr_failed in migrate_pages_sync() (git-fixes).
  * mm/migrate: fix deadlock in migrate_pages_batch() on large folios (git-
    fixes).
  * mm/migrate: putback split folios when numa hint migration fails (git-fixes).
  * mm/migrate: split source folio if it is on deferred split list (git-fixes).
  * mm/page_owner: remove free_ts from page_owner output (git-fixes).
  * mm/rodata_test: use READ_ONCE() to read const variable (git-fixes).
  * mm: convert DAX lock/unlock page to lock/unlock folio (git-fixes).
  * mm: memory-failure: ensure moving HWPoison flag to the raw error pages (git-
    fixes).
  * mm: memory-failure: fetch compound head after extra page refcnt is held
    (git-fixes).
  * mm: memory-failure: fix potential page refcnt leak in memory_failure() (git-
    fixes).
  * mm: memory-failure: fix race window when trying to get hugetlb folio (git-
    fixes).
  * mm: memory-failure: remove unneeded PageHuge() check (git-fixes).
  * mm: prevent derefencing NULL ptr in pfn_section_valid() (git-fixes).
  * modpost: fix the missed iteration for the max bit in do_input() (git-fixes).
  * mtd: onenand: Fix uninitialized retlen in do_otp_read() (git-fixes).
  * mtd: spinand: Remove write_enable_op() in markbad() (git-fixes).
  * net/rose: prevent integer overflows in rose_setsockopt() (git-fixes).
  * net: mana: Cleanup "mana" debugfs dir after cleanup of all children
    (bsc#1236760).
  * net: mana: Enable debugfs files for MANA device (bsc#1236758).
  * net: netvsc: Update default VMBus channels (bsc#1236757).
  * net: phy: c45-tjaxx: add delay between MDIO write and read in soft_reset
    (git-fixes).
  * net: rose: fix timer races against user threads (git-fixes).
  * net: usb: qmi_wwan: add Telit FE910C04 compositions (stable-fixes).
  * net: usb: rtl8150: enable basic endpoint checking (git-fixes).
  * net: wwan: iosm: Properly check for valid exec stage in ipc_mmio_init()
    (git-fixes).
  * net: wwan: t7xx: Fix FSM command timeout issue (git-fixes).
  * netfilter: nf_tables: validate family when identifying table via handle
    (bsc#1233778 ZDI-24-1454).
  * nilfs2: fix possible int overflows in nilfs_fiemap() (git-fixes).
  * nvme-tcp: Fix I/O queue cpu spreading for multiple controllers (git-fixes).
  * nvme: Add error check for xa_store in nvme_get_effects_log (git-fixes).
  * nvme: Add error path for xa_store in nvme_init_effects (git-fixes).
  * nvme: fix bogus kzalloc() return check in nvme_init_effects_log() (git-
    fixes).
  * nvmet: propagate npwg topology (git-fixes).
  * padata: add pd get/put refcnt helper (git-fixes).
  * padata: avoid UAF for reorder_work (git-fixes).
  * padata: fix UAF in padata_reorder (git-fixes).
  * pinctrl: amd: Take suspend type into consideration which pins are non-wake
    (git-fixes).
  * pinctrl: samsung: fix fwnode refcount cleanup if platform_get_irq_optional()
    fails (git-fixes).
  * platform/x86/amd/pmc: Only disable IRQ1 wakeup where i8042 actually enabled
    it (git-fixes).
  * platform/x86/intel-uncore-freq: Ignore minor version change (bsc#1225897).
  * platform/x86/intel/tpmi: Add defines to get version information
    (bsc#1225897).
  * pm:cpupower: Add missing powercap_set_enabled() stub function (git-fixes).
  * power: ip5xxx_power: Fix return value on ADC read errors (git-fixes).
  * powerpc/iommu: Move pSeries specific functions to pseries/iommu.c
    (bsc#1220711 ltc#205755).
  * powerpc/iommu: Only build sPAPR access functions on pSeries (bsc#1220711
    ltc#205755).
  * powerpc/powernv/pci: Remove MVE code (bsc#1220711 ltc#205755).
  * powerpc/powernv/pci: Remove ioda1 support (bsc#1220711 ltc#205755).
  * powerpc/powernv/pci: Remove last IODA1 defines (bsc#1220711 ltc#205755).
  * powerpc/pseries/eeh: Fix get PE state translation (bsc#1215199).
  * powerpc/pseries/iommu: IOMMU incorrectly marks MMIO range in DDW
    (bsc#1218470 ltc#204531).
  * powerpc/pseries/vas: Add close() callback in vas_vm_ops struct
    (bsc#1234825).
  * pps: add an error check in parport_attach (git-fixes).
  * pps: remove usage of the deprecated ida_simple_xx() API (stable-fixes).
  * printk: Add is_printk_legacy_deferred() (bsc#1236733).
  * printk: Defer legacy printing when holding printk_cpu_sync (bsc#1236733).
  * pwm: stm32-lp: Add check for clk_enable() (git-fixes).
  * pwm: stm32: Add check for clk_enable() (git-fixes).
  * r8169: enable SG/TSO on selected chip versions per default (bsc#1235874).
  * rcu-tasks: Pull sampling of ->percpu_dequeue_lim out of loop (git-fixes)
  * rcu/tree: Defer setting of jiffies during stall reset (git-fixes)
  * rcu: Dump memory object info if callback function is invalid (git-fixes)
  * rcu: Eliminate rcu_gp_slow_unregister() false positive (git-fixes)
  * rcuscale: Move rcu_scale_writer() (git-fixes)
  * rdma/cxgb4: Prevent potential integer overflow on 32bit (git-fixes)
  * regulator: core: Add missing newline character (git-fixes).
  * regulator: of: Implement the unwind path of of_regulator_match() (git-
    fixes).
  * remoteproc: core: Fix ida_free call while not allocated (git-fixes).
  * rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read (git-fixes).
  * rtc: zynqmp: Fix optional clock name property (git-fixes).
  * s390x config: IOMMU_DEFAULT_DMA_LAZY=y (bsc#1235646)
  * samples/landlock: Fix possible NULL dereference in parse_path() (git-fixes).
  * sched/fair: Fix value reported by hot tasks pulled in /proc/schedstat
    (bsc#1235865).
  * sched/fair: Fix value reported by hot tasks pulled in /proc/schedstat -kabi
    (bsc#1235865).
  * scsi: storvsc: Ratelimit warning logs to prevent VM denial of service (git-
    fixes).
  * seccomp: Stub for !CONFIG_SECCOMP (stable-fixes).
  * selftest: media_tests: fix trivial UAF typo (git-fixes).
  * selftests/alsa: Fix circular dependency involving global-timer (stable-
    fixes).
  * selftests/landlock: Fix error message (git-fixes).
  * selftests/mm/cow: modify the incorrect checking parameters (git-fixes).
  * selftests/powerpc: Fix argument order to timer_sub() (git-fixes).
  * selftests: harness: fix printing of mismatch values in __EXPECT() (git-
    fixes).
  * selftests: mptcp: avoid spurious errors on disconnect (git-fixes).
  * selftests: tc-testing: reduce rshift value (stable-fixes).
  * selftests: timers: clocksource-switch: Adapt progress to kselftest framework
    (git-fixes).
  * selinux: Fix SCTP error inconsistency in selinux_socket_bind() (git-fixes).
  * serial: 8250: Adjust the timeout for FIFO mode (git-fixes).
  * serial: sh-sci: Do not probe the serial port if its slot in sci_ports[] is
    in use (git-fixes).
  * serial: sh-sci: Drop __initdata macro for port_cfg (git-fixes).
  * soc: atmel: fix device_node release in atmel_soc_device_init() (git-fixes).
  * soc: mediatek: mtk-devapc: Fix leaking IO map on error paths (git-fixes).
  * soc: qcom: smem_state: fix missing of_node_put in error path (git-fixes).
  * soc: qcom: socinfo: Avoid out of bounds read of serial number (git-fixes).
  * sound: usb: enable DSD output for ddHiFi TC44C (stable-fixes).
  * sound: usb: format: do not warn that raw DSD is unsupported (stable-fixes).
  * spi: zynq-qspi: Add check for clk_enable() (git-fixes).
  * srcu: Fix srcu_struct node grpmask overflow on 64-bit systems (git-fixes)
  * srcu: Only accelerate on enqueue time (git-fixes)
  * stackdepot: rename pool_index to pool_index_plus_1 (git-fixes).
  * stackdepot: respect __GFP_NOLOCKDEP allocation flag (git-fixes).
  * staging: iio: ad9832: Correct phase range check (git-fixes).
  * staging: iio: ad9834: Correct phase range check (git-fixes).
  * staging: media: imx: fix OF node leak in imx_media_add_of_subdevs() (git-
    fixes).
  * staging: media: max96712: fix kernel oops when removing module (git-fixes).
  * thermal: of: fix OF node leak in of_thermal_zone_find() (git-fixes).
  * thunderbolt: Add support for Intel Lunar Lake (stable-fixes).
  * thunderbolt: Add support for Intel Panther Lake-M/P (stable-fixes).
  * tipc: fix NULL deref in cleanup_bearer() (bsc#1235433).
  * tools: Sync if_xdp.h uapi tooling header (git-fixes).
  * tpm: Map the ACPI provided event log (bsc#1233260 bsc#1233259 bsc#1232421).
  * tty: serial: 8250: Fix another runtime PM usage counter underflow (git-
    fixes).
  * ubifs: skip dumping tnc tree when zroot is null (git-fixes).
  * uio: Fix return value of poll (git-fixes).
  * uio: uio_dmem_genirq: check the return value of devm_kasprintf() (git-
    fixes).
  * usb-storage: Add max sectors quirk for Nokia 208 (stable-fixes).
  * usb: chipidea: add CI_HDRC_FORCE_VBUS_ACTIVE_ALWAYS flag (stable-fixes).
  * usb: dwc3-am62: Disable autosuspend during remove (git-fixes).
  * usb: dwc3-am62: Fix an OF node leak in phy_syscon_pll_refclk() (git-fixes).
  * usb: dwc3: gadget: fix writing NYET threshold (git-fixes).
  * usb: fix reference leak in usb_new_device() (git-fixes).
  * usb: gadget: configfs: Ignore trailing LF for user strings to cdev (git-
    fixes).
  * usb: gadget: f_fs: Remove WARN_ON in functionfs_bind (git-fixes).
  * usb: gadget: f_tcm: Decrement command ref count on cleanup (git-fixes).
  * usb: gadget: f_tcm: Do not free command immediately (git-fixes).
  * usb: gadget: f_tcm: Do not prepare BOT write request twice (git-fixes).
  * usb: gadget: f_tcm: Fix Get/SetInterface return value (git-fixes).
  * usb: gadget: f_tcm: Translate error to sense (git-fixes).
  * usb: gadget: f_tcm: ep_autoconfig with fullspeed endpoint (git-fixes).
  * usb: gadget: f_uac2: Fix incorrect setting of bNumEndpoints (git-fixes).
  * usb: gadget: u_serial: Disable ep before setting port to null to fix the
    crash caused by port being null (git-fixes).
  * usb: host: xhci-plat: Assign shared_hcd->rsrc_start (git-fixes).
  * usb: typec: fix pm usage counter imbalance in ucsi_ccg_sync_control()
    (bsc#1235001)
  * usb: typec: tcpm/tcpci_maxim: fix error code in
    max_contaminant_read_resistance_kohm() (git-fixes).
  * usb: typec: tcpm: set SRC_SEND_CAPABILITIES timeout to PD_T_SENDER_RESPONSE
    (git-fixes).
  * usbnet: ipheth: break up NCM header size computation (git-fixes).
  * usbnet: ipheth: check that DPE points past NCM header (git-fixes).
  * usbnet: ipheth: fix DPE OoB read (git-fixes).
  * usbnet: ipheth: fix possible overflow in DPE length check (git-fixes).
  * usbnet: ipheth: refactor NCM datagram loop (git-fixes).
  * usbnet: ipheth: use static NDP16 location in URB (git-fixes).
  * vfio/pci: Lock external INTx masking ops (bsc#1222803).
  * vmscan,migrate: fix page count imbalance on node stats when demoting pages
    (git-fixes).
  * watchdog: rzg2l_wdt: Power on the watchdog domain in the restart handler
    (stable-fixes).
  * watchdog: rzg2l_wdt: Rely on the reset driver for doing proper reset
    (stable-fixes).
  * watchdog: rzg2l_wdt: Remove reset de-assert from probe (stable-fixes).
  * wifi: ath11k: Fix unexpected return buffer manager error for WCN6750/WCN6855
    (git-fixes).
  * wifi: ath11k: cleanup struct ath11k_mon_data (git-fixes).
  * wifi: ath12k: fix atomic calls in ath12k_mac_op_set_bitrate_mask() (stable-
    fixes).
  * wifi: ath12k: fix tx power, max reg power update to firmware (git-fixes).
  * wifi: brcmfmac: add missing header include for brcmf_dbg (git-fixes).
  * wifi: cfg80211: adjust allocation of colocated AP data (git-fixes).
  * wifi: iwlwifi: fw: read STEP table from correct UEFI var (git-fixes).
  * wifi: mac80211: Add non-atomic station iterator (stable-fixes).
  * wifi: mac80211: Fix common size calculation for ML element (git-fixes).
  * wifi: mac80211: do not flush non-uploaded STAs (git-fixes).
  * wifi: mac80211: export ieee80211_purge_tx_queue() for drivers (stable-
    fixes).
  * wifi: mac80211: fix mbss changed flags corruption on 32 bit systems (stable-
    fixes).
  * wifi: mac80211: fix tid removal during mesh forwarding (git-fixes).
  * wifi: mac80211: prohibit deactivating all links (git-fixes).
  * wifi: mac80211: wake the queues in case of failure in resume (stable-fixes).
  * wifi: mt76: mt76u_vendor_request: Do not print error messages when -EPROTO
    (git-fixes).
  * wifi: mt76: mt7915: Fix mesh scan on MT7916 DBDC (git-fixes).
  * wifi: mt76: mt7915: add module param to select 5 GHz or 6 GHz on MT7916
    (git-fixes).
  * wifi: mt76: mt7915: firmware restart on devices with a second pcie link
    (git-fixes).
  * wifi: mt76: mt7915: fix overflows seen when writing limit attributes (git-
    fixes).
  * wifi: mt76: mt7915: fix register mapping (git-fixes).
  * wifi: mt76: mt7921: fix using incorrect group cipher after disconnection
    (git-fixes).
  * wifi: mt76: mt7925: fix off by one in mt7925_load_clc() (git-fixes).
  * wifi: mt76: mt7996: add max mpdu len capability (git-fixes).
  * wifi: mt76: mt7996: fix HE Phy capability (git-fixes).
  * wifi: mt76: mt7996: fix definition of tx descriptor (git-fixes).
  * wifi: mt76: mt7996: fix incorrect indexing of MIB FW event (git-fixes).
  * wifi: mt76: mt7996: fix ldpc setting (git-fixes).
  * wifi: mt76: mt7996: fix overflows seen when writing limit attributes (git-
    fixes).
  * wifi: mt76: mt7996: fix register mapping (git-fixes).
  * wifi: mt76: mt7996: fix rx filter setting for bfee functionality (git-
    fixes).
  * wifi: mt76: mt7996: fix the capability of reception of EHT MU PPDU (git-
    fixes).
  * wifi: rtlwifi: destroy workqueue at rtl_deinit_core (git-fixes).
  * wifi: rtlwifi: do not complete firmware loading needlessly (git-fixes).
  * wifi: rtlwifi: fix init_sw_vars leak when probe fails (git-fixes).
  * wifi: rtlwifi: fix memory leaks and invalid access at probe error path (git-
    fixes).
  * wifi: rtlwifi: pci: wait for firmware loading before releasing memory (git-
    fixes).
  * wifi: rtlwifi: remove unused check_buddy_priv (git-fixes).
  * wifi: rtlwifi: rtl8192se: rise completion of firmware loading as last step
    (git-fixes).
  * wifi: rtlwifi: rtl8821ae: Fix media status report (git-fixes).
  * wifi: rtlwifi: rtl8821ae: phy: restore removed code to fix infinite loop
    (git-fixes).
  * wifi: rtlwifi: usb: fix workqueue leak when probe fails (git-fixes).
  * wifi: rtlwifi: wait for firmware loading before releasing memory (git-
    fixes).
  * wifi: rtw88: use ieee80211_purge_tx_queue() to purge TX skb (stable-fixes).
  * wifi: rtw89: mcc: consider time limits not divisible by 1024 (git-fixes).
  * wifi: wcn36xx: fix channel survey memory allocation size (git-fixes).
  * wifi: wlcore: fix unbalanced pm_runtime calls (git-fixes).
  * workqueue: Add rcu lock check at the end of work item execution
    (bsc#1236732).
  * x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0
    (git-fixes).
  * xfs: Add error handling for xfs_reflink_cancel_cow_range (git-fixes).
  * xfs: Propagate errors from xfs_reflink_cancel_cow_range in
    xfs_dax_write_iomap_end (git-fixes).

## Special Instructions and Notes:

  * Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-428=1 openSUSE-SLE-15.6-2025-428=1

  * Public Cloud Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-428=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 x86_64)
    * kernel-azure-optional-debuginfo-6.4.0-150600.8.26.1
    * kselftests-kmp-azure-debuginfo-6.4.0-150600.8.26.1
    * kernel-azure-optional-6.4.0-150600.8.26.1
    * ocfs2-kmp-azure-6.4.0-150600.8.26.1
    * kernel-azure-debugsource-6.4.0-150600.8.26.1
    * gfs2-kmp-azure-6.4.0-150600.8.26.1
    * kernel-azure-devel-debuginfo-6.4.0-150600.8.26.1
    * kernel-azure-devel-6.4.0-150600.8.26.1
    * kernel-azure-extra-debuginfo-6.4.0-150600.8.26.1
    * reiserfs-kmp-azure-debuginfo-6.4.0-150600.8.26.1
    * gfs2-kmp-azure-debuginfo-6.4.0-150600.8.26.1
    * kernel-azure-extra-6.4.0-150600.8.26.1
    * kselftests-kmp-azure-6.4.0-150600.8.26.1
    * dlm-kmp-azure-6.4.0-150600.8.26.1
    * kernel-azure-debuginfo-6.4.0-150600.8.26.1
    * cluster-md-kmp-azure-6.4.0-150600.8.26.1
    * kernel-syms-azure-6.4.0-150600.8.26.1
    * reiserfs-kmp-azure-6.4.0-150600.8.26.1
    * cluster-md-kmp-azure-debuginfo-6.4.0-150600.8.26.1
    * dlm-kmp-azure-debuginfo-6.4.0-150600.8.26.1
    * ocfs2-kmp-azure-debuginfo-6.4.0-150600.8.26.1
  * openSUSE Leap 15.6 (aarch64 nosrc x86_64)
    * kernel-azure-6.4.0-150600.8.26.1
  * openSUSE Leap 15.6 (x86_64)
    * kernel-azure-vdso-6.4.0-150600.8.26.1
    * kernel-azure-vdso-debuginfo-6.4.0-150600.8.26.1
  * openSUSE Leap 15.6 (noarch)
    * kernel-source-azure-6.4.0-150600.8.26.1
    * kernel-devel-azure-6.4.0-150600.8.26.1
  * Public Cloud Module 15-SP6 (aarch64 nosrc x86_64)
    * kernel-azure-6.4.0-150600.8.26.1
  * Public Cloud Module 15-SP6 (aarch64 x86_64)
    * kernel-syms-azure-6.4.0-150600.8.26.1
    * kernel-azure-devel-debuginfo-6.4.0-150600.8.26.1
    * kernel-azure-devel-6.4.0-150600.8.26.1
    * kernel-azure-debugsource-6.4.0-150600.8.26.1
    * kernel-azure-debuginfo-6.4.0-150600.8.26.1
  * Public Cloud Module 15-SP6 (noarch)
    * kernel-source-azure-6.4.0-150600.8.26.1
    * kernel-devel-azure-6.4.0-150600.8.26.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-52489.html
  * https://www.suse.com/security/cve/CVE-2023-52923.html
  * https://www.suse.com/security/cve/CVE-2024-36476.html
  * https://www.suse.com/security/cve/CVE-2024-39282.html
  * https://www.suse.com/security/cve/CVE-2024-43913.html
  * https://www.suse.com/security/cve/CVE-2024-45828.html
  * https://www.suse.com/security/cve/CVE-2024-46896.html
  * https://www.suse.com/security/cve/CVE-2024-47141.html
  * https://www.suse.com/security/cve/CVE-2024-47143.html
  * https://www.suse.com/security/cve/CVE-2024-47809.html
  * https://www.suse.com/security/cve/CVE-2024-48873.html
  * https://www.suse.com/security/cve/CVE-2024-48881.html
  * https://www.suse.com/security/cve/CVE-2024-49569.html
  * https://www.suse.com/security/cve/CVE-2024-49948.html
  * https://www.suse.com/security/cve/CVE-2024-49951.html
  * https://www.suse.com/security/cve/CVE-2024-49978.html
  * https://www.suse.com/security/cve/CVE-2024-49998.html
  * https://www.suse.com/security/cve/CVE-2024-50051.html
  * https://www.suse.com/security/cve/CVE-2024-50106.html
  * https://www.suse.com/security/cve/CVE-2024-50151.html
  * https://www.suse.com/security/cve/CVE-2024-50199.html
  * https://www.suse.com/security/cve/CVE-2024-50251.html
  * https://www.suse.com/security/cve/CVE-2024-50258.html
  * https://www.suse.com/security/cve/CVE-2024-50299.html
  * https://www.suse.com/security/cve/CVE-2024-50304.html
  * https://www.suse.com/security/cve/CVE-2024-52332.html
  * https://www.suse.com/security/cve/CVE-2024-53091.html
  * https://www.suse.com/security/cve/CVE-2024-53095.html
  * https://www.suse.com/security/cve/CVE-2024-53164.html
  * https://www.suse.com/security/cve/CVE-2024-53168.html
  * https://www.suse.com/security/cve/CVE-2024-53170.html
  * https://www.suse.com/security/cve/CVE-2024-53172.html
  * https://www.suse.com/security/cve/CVE-2024-53175.html
  * https://www.suse.com/security/cve/CVE-2024-53185.html
  * https://www.suse.com/security/cve/CVE-2024-53187.html
  * https://www.suse.com/security/cve/CVE-2024-53194.html
  * https://www.suse.com/security/cve/CVE-2024-53195.html
  * https://www.suse.com/security/cve/CVE-2024-53196.html
  * https://www.suse.com/security/cve/CVE-2024-53197.html
  * https://www.suse.com/security/cve/CVE-2024-53198.html
  * https://www.suse.com/security/cve/CVE-2024-53203.html
  * https://www.suse.com/security/cve/CVE-2024-53227.html
  * https://www.suse.com/security/cve/CVE-2024-53230.html
  * https://www.suse.com/security/cve/CVE-2024-53231.html
  * https://www.suse.com/security/cve/CVE-2024-53232.html
  * https://www.suse.com/security/cve/CVE-2024-53233.html
  * https://www.suse.com/security/cve/CVE-2024-53236.html
  * https://www.suse.com/security/cve/CVE-2024-53239.html
  * https://www.suse.com/security/cve/CVE-2024-53685.html
  * https://www.suse.com/security/cve/CVE-2024-53690.html
  * https://www.suse.com/security/cve/CVE-2024-54680.html
  * https://www.suse.com/security/cve/CVE-2024-55639.html
  * https://www.suse.com/security/cve/CVE-2024-55881.html
  * https://www.suse.com/security/cve/CVE-2024-55916.html
  * https://www.suse.com/security/cve/CVE-2024-56369.html
  * https://www.suse.com/security/cve/CVE-2024-56372.html
  * https://www.suse.com/security/cve/CVE-2024-56531.html
  * https://www.suse.com/security/cve/CVE-2024-56532.html
  * https://www.suse.com/security/cve/CVE-2024-56533.html
  * https://www.suse.com/security/cve/CVE-2024-56538.html
  * https://www.suse.com/security/cve/CVE-2024-56543.html
  * https://www.suse.com/security/cve/CVE-2024-56546.html
  * https://www.suse.com/security/cve/CVE-2024-56548.html
  * https://www.suse.com/security/cve/CVE-2024-56557.html
  * https://www.suse.com/security/cve/CVE-2024-56558.html
  * https://www.suse.com/security/cve/CVE-2024-56568.html
  * https://www.suse.com/security/cve/CVE-2024-56569.html
  * https://www.suse.com/security/cve/CVE-2024-56570.html
  * https://www.suse.com/security/cve/CVE-2024-56571.html
  * https://www.suse.com/security/cve/CVE-2024-56572.html
  * https://www.suse.com/security/cve/CVE-2024-56573.html
  * https://www.suse.com/security/cve/CVE-2024-56574.html
  * https://www.suse.com/security/cve/CVE-2024-56575.html
  * https://www.suse.com/security/cve/CVE-2024-56577.html
  * https://www.suse.com/security/cve/CVE-2024-56578.html
  * https://www.suse.com/security/cve/CVE-2024-56584.html
  * https://www.suse.com/security/cve/CVE-2024-56587.html
  * https://www.suse.com/security/cve/CVE-2024-56588.html
  * https://www.suse.com/security/cve/CVE-2024-56589.html
  * https://www.suse.com/security/cve/CVE-2024-56590.html
  * https://www.suse.com/security/cve/CVE-2024-56593.html
  * https://www.suse.com/security/cve/CVE-2024-56594.html
  * https://www.suse.com/security/cve/CVE-2024-56595.html
  * https://www.suse.com/security/cve/CVE-2024-56596.html
  * https://www.suse.com/security/cve/CVE-2024-56597.html
  * https://www.suse.com/security/cve/CVE-2024-56598.html
  * https://www.suse.com/security/cve/CVE-2024-56600.html
  * https://www.suse.com/security/cve/CVE-2024-56601.html
  * https://www.suse.com/security/cve/CVE-2024-56602.html
  * https://www.suse.com/security/cve/CVE-2024-56603.html
  * https://www.suse.com/security/cve/CVE-2024-56606.html
  * https://www.suse.com/security/cve/CVE-2024-56607.html
  * https://www.suse.com/security/cve/CVE-2024-56608.html
  * https://www.suse.com/security/cve/CVE-2024-56609.html
  * https://www.suse.com/security/cve/CVE-2024-56610.html
  * https://www.suse.com/security/cve/CVE-2024-56611.html
  * https://www.suse.com/security/cve/CVE-2024-56614.html
  * https://www.suse.com/security/cve/CVE-2024-56615.html
  * https://www.suse.com/security/cve/CVE-2024-56616.html
  * https://www.suse.com/security/cve/CVE-2024-56617.html
  * https://www.suse.com/security/cve/CVE-2024-56619.html
  * https://www.suse.com/security/cve/CVE-2024-56620.html
  * https://www.suse.com/security/cve/CVE-2024-56622.html
  * https://www.suse.com/security/cve/CVE-2024-56623.html
  * https://www.suse.com/security/cve/CVE-2024-56625.html
  * https://www.suse.com/security/cve/CVE-2024-56629.html
  * https://www.suse.com/security/cve/CVE-2024-56630.html
  * https://www.suse.com/security/cve/CVE-2024-56631.html
  * https://www.suse.com/security/cve/CVE-2024-56632.html
  * https://www.suse.com/security/cve/CVE-2024-56634.html
  * https://www.suse.com/security/cve/CVE-2024-56635.html
  * https://www.suse.com/security/cve/CVE-2024-56636.html
  * https://www.suse.com/security/cve/CVE-2024-56637.html
  * https://www.suse.com/security/cve/CVE-2024-56641.html
  * https://www.suse.com/security/cve/CVE-2024-56642.html
  * https://www.suse.com/security/cve/CVE-2024-56643.html
  * https://www.suse.com/security/cve/CVE-2024-56644.html
  * https://www.suse.com/security/cve/CVE-2024-56648.html
  * https://www.suse.com/security/cve/CVE-2024-56649.html
  * https://www.suse.com/security/cve/CVE-2024-56650.html
  * https://www.suse.com/security/cve/CVE-2024-56651.html
  * https://www.suse.com/security/cve/CVE-2024-56654.html
  * https://www.suse.com/security/cve/CVE-2024-56656.html
  * https://www.suse.com/security/cve/CVE-2024-56659.html
  * https://www.suse.com/security/cve/CVE-2024-56660.html
  * https://www.suse.com/security/cve/CVE-2024-56661.html
  * https://www.suse.com/security/cve/CVE-2024-56662.html
  * https://www.suse.com/security/cve/CVE-2024-56663.html
  * https://www.suse.com/security/cve/CVE-2024-56664.html
  * https://www.suse.com/security/cve/CVE-2024-56665.html
  * https://www.suse.com/security/cve/CVE-2024-56670.html
  * https://www.suse.com/security/cve/CVE-2024-56672.html
  * https://www.suse.com/security/cve/CVE-2024-56675.html
  * https://www.suse.com/security/cve/CVE-2024-56677.html
  * https://www.suse.com/security/cve/CVE-2024-56678.html
  * https://www.suse.com/security/cve/CVE-2024-56679.html
  * https://www.suse.com/security/cve/CVE-2024-56681.html
  * https://www.suse.com/security/cve/CVE-2024-56683.html
  * https://www.suse.com/security/cve/CVE-2024-56687.html
  * https://www.suse.com/security/cve/CVE-2024-56688.html
  * https://www.suse.com/security/cve/CVE-2024-56690.html
  * https://www.suse.com/security/cve/CVE-2024-56691.html
  * https://www.suse.com/security/cve/CVE-2024-56693.html
  * https://www.suse.com/security/cve/CVE-2024-56694.html
  * https://www.suse.com/security/cve/CVE-2024-56698.html
  * https://www.suse.com/security/cve/CVE-2024-56700.html
  * https://www.suse.com/security/cve/CVE-2024-56701.html
  * https://www.suse.com/security/cve/CVE-2024-56704.html
  * https://www.suse.com/security/cve/CVE-2024-56705.html
  * https://www.suse.com/security/cve/CVE-2024-56707.html
  * https://www.suse.com/security/cve/CVE-2024-56708.html
  * https://www.suse.com/security/cve/CVE-2024-56709.html
  * https://www.suse.com/security/cve/CVE-2024-56712.html
  * https://www.suse.com/security/cve/CVE-2024-56715.html
  * https://www.suse.com/security/cve/CVE-2024-56716.html
  * https://www.suse.com/security/cve/CVE-2024-56722.html
  * https://www.suse.com/security/cve/CVE-2024-56723.html
  * https://www.suse.com/security/cve/CVE-2024-56724.html
  * https://www.suse.com/security/cve/CVE-2024-56725.html
  * https://www.suse.com/security/cve/CVE-2024-56726.html
  * https://www.suse.com/security/cve/CVE-2024-56727.html
  * https://www.suse.com/security/cve/CVE-2024-56728.html
  * https://www.suse.com/security/cve/CVE-2024-56729.html
  * https://www.suse.com/security/cve/CVE-2024-56739.html
  * https://www.suse.com/security/cve/CVE-2024-56741.html
  * https://www.suse.com/security/cve/CVE-2024-56745.html
  * https://www.suse.com/security/cve/CVE-2024-56746.html
  * https://www.suse.com/security/cve/CVE-2024-56747.html
  * https://www.suse.com/security/cve/CVE-2024-56748.html
  * https://www.suse.com/security/cve/CVE-2024-56759.html
  * https://www.suse.com/security/cve/CVE-2024-56760.html
  * https://www.suse.com/security/cve/CVE-2024-56763.html
  * https://www.suse.com/security/cve/CVE-2024-56765.html
  * https://www.suse.com/security/cve/CVE-2024-56766.html
  * https://www.suse.com/security/cve/CVE-2024-56767.html
  * https://www.suse.com/security/cve/CVE-2024-56769.html
  * https://www.suse.com/security/cve/CVE-2024-56774.html
  * https://www.suse.com/security/cve/CVE-2024-56775.html
  * https://www.suse.com/security/cve/CVE-2024-56776.html
  * https://www.suse.com/security/cve/CVE-2024-56777.html
  * https://www.suse.com/security/cve/CVE-2024-56778.html
  * https://www.suse.com/security/cve/CVE-2024-56779.html
  * https://www.suse.com/security/cve/CVE-2024-56780.html
  * https://www.suse.com/security/cve/CVE-2024-56787.html
  * https://www.suse.com/security/cve/CVE-2024-57791.html
  * https://www.suse.com/security/cve/CVE-2024-57792.html
  * https://www.suse.com/security/cve/CVE-2024-57793.html
  * https://www.suse.com/security/cve/CVE-2024-57795.html
  * https://www.suse.com/security/cve/CVE-2024-57798.html
  * https://www.suse.com/security/cve/CVE-2024-57801.html
  * https://www.suse.com/security/cve/CVE-2024-57802.html
  * https://www.suse.com/security/cve/CVE-2024-57804.html
  * https://www.suse.com/security/cve/CVE-2024-57809.html
  * https://www.suse.com/security/cve/CVE-2024-57838.html
  * https://www.suse.com/security/cve/CVE-2024-57849.html
  * https://www.suse.com/security/cve/CVE-2024-57850.html
  * https://www.suse.com/security/cve/CVE-2024-57857.html
  * https://www.suse.com/security/cve/CVE-2024-57874.html
  * https://www.suse.com/security/cve/CVE-2024-57876.html
  * https://www.suse.com/security/cve/CVE-2024-57884.html
  * https://www.suse.com/security/cve/CVE-2024-57887.html
  * https://www.suse.com/security/cve/CVE-2024-57888.html
  * https://www.suse.com/security/cve/CVE-2024-57890.html
  * https://www.suse.com/security/cve/CVE-2024-57892.html
  * https://www.suse.com/security/cve/CVE-2024-57893.html
  * https://www.suse.com/security/cve/CVE-2024-57896.html
  * https://www.suse.com/security/cve/CVE-2024-57897.html
  * https://www.suse.com/security/cve/CVE-2024-57899.html
  * https://www.suse.com/security/cve/CVE-2024-57903.html
  * https://www.suse.com/security/cve/CVE-2024-57904.html
  * https://www.suse.com/security/cve/CVE-2024-57906.html
  * https://www.suse.com/security/cve/CVE-2024-57907.html
  * https://www.suse.com/security/cve/CVE-2024-57908.html
  * https://www.suse.com/security/cve/CVE-2024-57910.html
  * https://www.suse.com/security/cve/CVE-2024-57911.html
  * https://www.suse.com/security/cve/CVE-2024-57912.html
  * https://www.suse.com/security/cve/CVE-2024-57913.html
  * https://www.suse.com/security/cve/CVE-2024-57915.html
  * https://www.suse.com/security/cve/CVE-2024-57916.html
  * https://www.suse.com/security/cve/CVE-2024-57917.html
  * https://www.suse.com/security/cve/CVE-2024-57922.html
  * https://www.suse.com/security/cve/CVE-2024-57926.html
  * https://www.suse.com/security/cve/CVE-2024-57929.html
  * https://www.suse.com/security/cve/CVE-2024-57931.html
  * https://www.suse.com/security/cve/CVE-2024-57932.html
  * https://www.suse.com/security/cve/CVE-2024-57933.html
  * https://www.suse.com/security/cve/CVE-2024-57935.html
  * https://www.suse.com/security/cve/CVE-2024-57936.html
  * https://www.suse.com/security/cve/CVE-2024-57938.html
  * https://www.suse.com/security/cve/CVE-2024-57940.html
  * https://www.suse.com/security/cve/CVE-2024-57946.html
  * https://www.suse.com/security/cve/CVE-2025-21632.html
  * https://www.suse.com/security/cve/CVE-2025-21645.html
  * https://www.suse.com/security/cve/CVE-2025-21646.html
  * https://www.suse.com/security/cve/CVE-2025-21649.html
  * https://www.suse.com/security/cve/CVE-2025-21650.html
  * https://www.suse.com/security/cve/CVE-2025-21651.html
  * https://www.suse.com/security/cve/CVE-2025-21652.html
  * https://www.suse.com/security/cve/CVE-2025-21653.html
  * https://www.suse.com/security/cve/CVE-2025-21655.html
  * https://www.suse.com/security/cve/CVE-2025-21656.html
  * https://www.suse.com/security/cve/CVE-2025-21662.html
  * https://www.suse.com/security/cve/CVE-2025-21663.html
  * https://www.suse.com/security/cve/CVE-2025-21664.html
  * https://www.suse.com/security/cve/CVE-2025-21674.html
  * https://www.suse.com/security/cve/CVE-2025-21676.html
  * https://www.suse.com/security/cve/CVE-2025-21678.html
  * https://www.suse.com/security/cve/CVE-2025-21682.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1012628
  * https://bugzilla.suse.com/show_bug.cgi?id=1194869
  * https://bugzilla.suse.com/show_bug.cgi?id=1215199
  * https://bugzilla.suse.com/show_bug.cgi?id=1216813
  * https://bugzilla.suse.com/show_bug.cgi?id=1218470
  * https://bugzilla.suse.com/show_bug.cgi?id=1220711
  * https://bugzilla.suse.com/show_bug.cgi?id=1221326
  * https://bugzilla.suse.com/show_bug.cgi?id=1222803
  * https://bugzilla.suse.com/show_bug.cgi?id=1224049
  * https://bugzilla.suse.com/show_bug.cgi?id=1225897
  * https://bugzilla.suse.com/show_bug.cgi?id=1226980
  * https://bugzilla.suse.com/show_bug.cgi?id=1228592
  * https://bugzilla.suse.com/show_bug.cgi?id=1229833
  * https://bugzilla.suse.com/show_bug.cgi?id=1231016
  * https://bugzilla.suse.com/show_bug.cgi?id=1232087
  * https://bugzilla.suse.com/show_bug.cgi?id=1232101
  * https://bugzilla.suse.com/show_bug.cgi?id=1232158
  * https://bugzilla.suse.com/show_bug.cgi?id=1232161
  * https://bugzilla.suse.com/show_bug.cgi?id=1232421
  * https://bugzilla.suse.com/show_bug.cgi?id=1232882
  * https://bugzilla.suse.com/show_bug.cgi?id=1233055
  * https://bugzilla.suse.com/show_bug.cgi?id=1233112
  * https://bugzilla.suse.com/show_bug.cgi?id=1233221
  * https://bugzilla.suse.com/show_bug.cgi?id=1233248
  * https://bugzilla.suse.com/show_bug.cgi?id=1233259
  * https://bugzilla.suse.com/show_bug.cgi?id=1233260
  * https://bugzilla.suse.com/show_bug.cgi?id=1233488
  * https://bugzilla.suse.com/show_bug.cgi?id=1233522
  * https://bugzilla.suse.com/show_bug.cgi?id=1233638
  * https://bugzilla.suse.com/show_bug.cgi?id=1233642
  * https://bugzilla.suse.com/show_bug.cgi?id=1233778
  * https://bugzilla.suse.com/show_bug.cgi?id=1234195
  * https://bugzilla.suse.com/show_bug.cgi?id=1234619
  * https://bugzilla.suse.com/show_bug.cgi?id=1234635
  * https://bugzilla.suse.com/show_bug.cgi?id=1234683
  * https://bugzilla.suse.com/show_bug.cgi?id=1234693
  * https://bugzilla.suse.com/show_bug.cgi?id=1234726
  * https://bugzilla.suse.com/show_bug.cgi?id=1234825
  * https://bugzilla.suse.com/show_bug.cgi?id=1234863
  * https://bugzilla.suse.com/show_bug.cgi?id=1234887
  * https://bugzilla.suse.com/show_bug.cgi?id=1234888
  * https://bugzilla.suse.com/show_bug.cgi?id=1234893
  * https://bugzilla.suse.com/show_bug.cgi?id=1234898
  * https://bugzilla.suse.com/show_bug.cgi?id=1234901
  * https://bugzilla.suse.com/show_bug.cgi?id=1234906
  * https://bugzilla.suse.com/show_bug.cgi?id=1234923
  * https://bugzilla.suse.com/show_bug.cgi?id=1234931
  * https://bugzilla.suse.com/show_bug.cgi?id=1234934
  * https://bugzilla.suse.com/show_bug.cgi?id=1234947
  * https://bugzilla.suse.com/show_bug.cgi?id=1234957
  * https://bugzilla.suse.com/show_bug.cgi?id=1235000
  * https://bugzilla.suse.com/show_bug.cgi?id=1235001
  * https://bugzilla.suse.com/show_bug.cgi?id=1235011
  * https://bugzilla.suse.com/show_bug.cgi?id=1235031
  * https://bugzilla.suse.com/show_bug.cgi?id=1235032
  * https://bugzilla.suse.com/show_bug.cgi?id=1235035
  * https://bugzilla.suse.com/show_bug.cgi?id=1235037
  * https://bugzilla.suse.com/show_bug.cgi?id=1235038
  * https://bugzilla.suse.com/show_bug.cgi?id=1235039
  * https://bugzilla.suse.com/show_bug.cgi?id=1235040
  * https://bugzilla.suse.com/show_bug.cgi?id=1235042
  * https://bugzilla.suse.com/show_bug.cgi?id=1235043
  * https://bugzilla.suse.com/show_bug.cgi?id=1235046
  * https://bugzilla.suse.com/show_bug.cgi?id=1235050
  * https://bugzilla.suse.com/show_bug.cgi?id=1235051
  * https://bugzilla.suse.com/show_bug.cgi?id=1235053
  * https://bugzilla.suse.com/show_bug.cgi?id=1235054
  * https://bugzilla.suse.com/show_bug.cgi?id=1235057
  * https://bugzilla.suse.com/show_bug.cgi?id=1235059
  * https://bugzilla.suse.com/show_bug.cgi?id=1235061
  * https://bugzilla.suse.com/show_bug.cgi?id=1235065
  * https://bugzilla.suse.com/show_bug.cgi?id=1235070
  * https://bugzilla.suse.com/show_bug.cgi?id=1235073
  * https://bugzilla.suse.com/show_bug.cgi?id=1235100
  * https://bugzilla.suse.com/show_bug.cgi?id=1235112
  * https://bugzilla.suse.com/show_bug.cgi?id=1235115
  * https://bugzilla.suse.com/show_bug.cgi?id=1235117
  * https://bugzilla.suse.com/show_bug.cgi?id=1235122
  * https://bugzilla.suse.com/show_bug.cgi?id=1235123
  * https://bugzilla.suse.com/show_bug.cgi?id=1235125
  * https://bugzilla.suse.com/show_bug.cgi?id=1235132
  * https://bugzilla.suse.com/show_bug.cgi?id=1235133
  * https://bugzilla.suse.com/show_bug.cgi?id=1235155
  * https://bugzilla.suse.com/show_bug.cgi?id=1235160
  * https://bugzilla.suse.com/show_bug.cgi?id=1235217
  * https://bugzilla.suse.com/show_bug.cgi?id=1235219
  * https://bugzilla.suse.com/show_bug.cgi?id=1235220
  * https://bugzilla.suse.com/show_bug.cgi?id=1235222
  * https://bugzilla.suse.com/show_bug.cgi?id=1235223
  * https://bugzilla.suse.com/show_bug.cgi?id=1235224
  * https://bugzilla.suse.com/show_bug.cgi?id=1235227
  * https://bugzilla.suse.com/show_bug.cgi?id=1235230
  * https://bugzilla.suse.com/show_bug.cgi?id=1235241
  * https://bugzilla.suse.com/show_bug.cgi?id=1235249
  * https://bugzilla.suse.com/show_bug.cgi?id=1235251
  * https://bugzilla.suse.com/show_bug.cgi?id=1235252
  * https://bugzilla.suse.com/show_bug.cgi?id=1235389
  * https://bugzilla.suse.com/show_bug.cgi?id=1235390
  * https://bugzilla.suse.com/show_bug.cgi?id=1235391
  * https://bugzilla.suse.com/show_bug.cgi?id=1235406
  * https://bugzilla.suse.com/show_bug.cgi?id=1235410
  * https://bugzilla.suse.com/show_bug.cgi?id=1235412
  * https://bugzilla.suse.com/show_bug.cgi?id=1235413
  * https://bugzilla.suse.com/show_bug.cgi?id=1235415
  * https://bugzilla.suse.com/show_bug.cgi?id=1235416
  * https://bugzilla.suse.com/show_bug.cgi?id=1235417
  * https://bugzilla.suse.com/show_bug.cgi?id=1235418
  * https://bugzilla.suse.com/show_bug.cgi?id=1235423
  * https://bugzilla.suse.com/show_bug.cgi?id=1235424
  * https://bugzilla.suse.com/show_bug.cgi?id=1235425
  * https://bugzilla.suse.com/show_bug.cgi?id=1235426
  * https://bugzilla.suse.com/show_bug.cgi?id=1235427
  * https://bugzilla.suse.com/show_bug.cgi?id=1235428
  * https://bugzilla.suse.com/show_bug.cgi?id=1235429
  * https://bugzilla.suse.com/show_bug.cgi?id=1235430
  * https://bugzilla.suse.com/show_bug.cgi?id=1235433
  * https://bugzilla.suse.com/show_bug.cgi?id=1235437
  * https://bugzilla.suse.com/show_bug.cgi?id=1235439
  * https://bugzilla.suse.com/show_bug.cgi?id=1235444
  * https://bugzilla.suse.com/show_bug.cgi?id=1235445
  * https://bugzilla.suse.com/show_bug.cgi?id=1235449
  * https://bugzilla.suse.com/show_bug.cgi?id=1235451
  * https://bugzilla.suse.com/show_bug.cgi?id=1235454
  * https://bugzilla.suse.com/show_bug.cgi?id=1235458
  * https://bugzilla.suse.com/show_bug.cgi?id=1235459
  * https://bugzilla.suse.com/show_bug.cgi?id=1235464
  * https://bugzilla.suse.com/show_bug.cgi?id=1235466
  * https://bugzilla.suse.com/show_bug.cgi?id=1235473
  * https://bugzilla.suse.com/show_bug.cgi?id=1235479
  * https://bugzilla.suse.com/show_bug.cgi?id=1235480
  * https://bugzilla.suse.com/show_bug.cgi?id=1235483
  * https://bugzilla.suse.com/show_bug.cgi?id=1235486
  * https://bugzilla.suse.com/show_bug.cgi?id=1235487
  * https://bugzilla.suse.com/show_bug.cgi?id=1235488
  * https://bugzilla.suse.com/show_bug.cgi?id=1235489
  * https://bugzilla.suse.com/show_bug.cgi?id=1235491
  * https://bugzilla.suse.com/show_bug.cgi?id=1235494
  * https://bugzilla.suse.com/show_bug.cgi?id=1235495
  * https://bugzilla.suse.com/show_bug.cgi?id=1235496
  * https://bugzilla.suse.com/show_bug.cgi?id=1235497
  * https://bugzilla.suse.com/show_bug.cgi?id=1235498
  * https://bugzilla.suse.com/show_bug.cgi?id=1235500
  * https://bugzilla.suse.com/show_bug.cgi?id=1235502
  * https://bugzilla.suse.com/show_bug.cgi?id=1235503
  * https://bugzilla.suse.com/show_bug.cgi?id=1235519
  * https://bugzilla.suse.com/show_bug.cgi?id=1235520
  * https://bugzilla.suse.com/show_bug.cgi?id=1235521
  * https://bugzilla.suse.com/show_bug.cgi?id=1235523
  * https://bugzilla.suse.com/show_bug.cgi?id=1235526
  * https://bugzilla.suse.com/show_bug.cgi?id=1235528
  * https://bugzilla.suse.com/show_bug.cgi?id=1235532
  * https://bugzilla.suse.com/show_bug.cgi?id=1235533
  * https://bugzilla.suse.com/show_bug.cgi?id=1235534
  * https://bugzilla.suse.com/show_bug.cgi?id=1235537
  * https://bugzilla.suse.com/show_bug.cgi?id=1235538
  * https://bugzilla.suse.com/show_bug.cgi?id=1235545
  * https://bugzilla.suse.com/show_bug.cgi?id=1235552
  * https://bugzilla.suse.com/show_bug.cgi?id=1235555
  * https://bugzilla.suse.com/show_bug.cgi?id=1235557
  * https://bugzilla.suse.com/show_bug.cgi?id=1235563
  * https://bugzilla.suse.com/show_bug.cgi?id=1235564
  * https://bugzilla.suse.com/show_bug.cgi?id=1235565
  * https://bugzilla.suse.com/show_bug.cgi?id=1235568
  * https://bugzilla.suse.com/show_bug.cgi?id=1235570
  * https://bugzilla.suse.com/show_bug.cgi?id=1235571
  * https://bugzilla.suse.com/show_bug.cgi?id=1235577
  * https://bugzilla.suse.com/show_bug.cgi?id=1235578
  * https://bugzilla.suse.com/show_bug.cgi?id=1235582
  * https://bugzilla.suse.com/show_bug.cgi?id=1235583
  * https://bugzilla.suse.com/show_bug.cgi?id=1235584
  * https://bugzilla.suse.com/show_bug.cgi?id=1235587
  * https://bugzilla.suse.com/show_bug.cgi?id=1235611
  * https://bugzilla.suse.com/show_bug.cgi?id=1235612
  * https://bugzilla.suse.com/show_bug.cgi?id=1235616
  * https://bugzilla.suse.com/show_bug.cgi?id=1235622
  * https://bugzilla.suse.com/show_bug.cgi?id=1235627
  * https://bugzilla.suse.com/show_bug.cgi?id=1235632
  * https://bugzilla.suse.com/show_bug.cgi?id=1235635
  * https://bugzilla.suse.com/show_bug.cgi?id=1235638
  * https://bugzilla.suse.com/show_bug.cgi?id=1235641
  * https://bugzilla.suse.com/show_bug.cgi?id=1235643
  * https://bugzilla.suse.com/show_bug.cgi?id=1235645
  * https://bugzilla.suse.com/show_bug.cgi?id=1235646
  * https://bugzilla.suse.com/show_bug.cgi?id=1235647
  * https://bugzilla.suse.com/show_bug.cgi?id=1235650
  * https://bugzilla.suse.com/show_bug.cgi?id=1235653
  * https://bugzilla.suse.com/show_bug.cgi?id=1235656
  * https://bugzilla.suse.com/show_bug.cgi?id=1235657
  * https://bugzilla.suse.com/show_bug.cgi?id=1235663
  * https://bugzilla.suse.com/show_bug.cgi?id=1235686
  * https://bugzilla.suse.com/show_bug.cgi?id=1235700
  * https://bugzilla.suse.com/show_bug.cgi?id=1235705
  * https://bugzilla.suse.com/show_bug.cgi?id=1235707
  * https://bugzilla.suse.com/show_bug.cgi?id=1235708
  * https://bugzilla.suse.com/show_bug.cgi?id=1235710
  * https://bugzilla.suse.com/show_bug.cgi?id=1235714
  * https://bugzilla.suse.com/show_bug.cgi?id=1235716
  * https://bugzilla.suse.com/show_bug.cgi?id=1235720
  * https://bugzilla.suse.com/show_bug.cgi?id=1235723
  * https://bugzilla.suse.com/show_bug.cgi?id=1235727
  * https://bugzilla.suse.com/show_bug.cgi?id=1235730
  * https://bugzilla.suse.com/show_bug.cgi?id=1235737
  * https://bugzilla.suse.com/show_bug.cgi?id=1235739
  * https://bugzilla.suse.com/show_bug.cgi?id=1235745
  * https://bugzilla.suse.com/show_bug.cgi?id=1235747
  * https://bugzilla.suse.com/show_bug.cgi?id=1235750
  * https://bugzilla.suse.com/show_bug.cgi?id=1235753
  * https://bugzilla.suse.com/show_bug.cgi?id=1235759
  * https://bugzilla.suse.com/show_bug.cgi?id=1235764
  * https://bugzilla.suse.com/show_bug.cgi?id=1235768
  * https://bugzilla.suse.com/show_bug.cgi?id=1235776
  * https://bugzilla.suse.com/show_bug.cgi?id=1235777
  * https://bugzilla.suse.com/show_bug.cgi?id=1235778
  * https://bugzilla.suse.com/show_bug.cgi?id=1235779
  * https://bugzilla.suse.com/show_bug.cgi?id=1235793
  * https://bugzilla.suse.com/show_bug.cgi?id=1235798
  * https://bugzilla.suse.com/show_bug.cgi?id=1235806
  * https://bugzilla.suse.com/show_bug.cgi?id=1235808
  * https://bugzilla.suse.com/show_bug.cgi?id=1235812
  * https://bugzilla.suse.com/show_bug.cgi?id=1235814
  * https://bugzilla.suse.com/show_bug.cgi?id=1235818
  * https://bugzilla.suse.com/show_bug.cgi?id=1235842
  * https://bugzilla.suse.com/show_bug.cgi?id=1235865
  * https://bugzilla.suse.com/show_bug.cgi?id=1235874
  * https://bugzilla.suse.com/show_bug.cgi?id=1235894
  * https://bugzilla.suse.com/show_bug.cgi?id=1235902
  * https://bugzilla.suse.com/show_bug.cgi?id=1235903
  * https://bugzilla.suse.com/show_bug.cgi?id=1235906
  * https://bugzilla.suse.com/show_bug.cgi?id=1235918
  * https://bugzilla.suse.com/show_bug.cgi?id=1235919
  * https://bugzilla.suse.com/show_bug.cgi?id=1235920
  * https://bugzilla.suse.com/show_bug.cgi?id=1235924
  * https://bugzilla.suse.com/show_bug.cgi?id=1235940
  * https://bugzilla.suse.com/show_bug.cgi?id=1235941
  * https://bugzilla.suse.com/show_bug.cgi?id=1235946
  * https://bugzilla.suse.com/show_bug.cgi?id=1235948
  * https://bugzilla.suse.com/show_bug.cgi?id=1235952
  * https://bugzilla.suse.com/show_bug.cgi?id=1235964
  * https://bugzilla.suse.com/show_bug.cgi?id=1235965
  * https://bugzilla.suse.com/show_bug.cgi?id=1235967
  * https://bugzilla.suse.com/show_bug.cgi?id=1235969
  * https://bugzilla.suse.com/show_bug.cgi?id=1235976
  * https://bugzilla.suse.com/show_bug.cgi?id=1235977
  * https://bugzilla.suse.com/show_bug.cgi?id=1236078
  * https://bugzilla.suse.com/show_bug.cgi?id=1236080
  * https://bugzilla.suse.com/show_bug.cgi?id=1236082
  * https://bugzilla.suse.com/show_bug.cgi?id=1236088
  * https://bugzilla.suse.com/show_bug.cgi?id=1236090
  * https://bugzilla.suse.com/show_bug.cgi?id=1236091
  * https://bugzilla.suse.com/show_bug.cgi?id=1236096
  * https://bugzilla.suse.com/show_bug.cgi?id=1236097
  * https://bugzilla.suse.com/show_bug.cgi?id=1236098
  * https://bugzilla.suse.com/show_bug.cgi?id=1236101
  * https://bugzilla.suse.com/show_bug.cgi?id=1236102
  * https://bugzilla.suse.com/show_bug.cgi?id=1236104
  * https://bugzilla.suse.com/show_bug.cgi?id=1236106
  * https://bugzilla.suse.com/show_bug.cgi?id=1236120
  * https://bugzilla.suse.com/show_bug.cgi?id=1236125
  * https://bugzilla.suse.com/show_bug.cgi?id=1236127
  * https://bugzilla.suse.com/show_bug.cgi?id=1236131
  * https://bugzilla.suse.com/show_bug.cgi?id=1236138
  * https://bugzilla.suse.com/show_bug.cgi?id=1236143
  * https://bugzilla.suse.com/show_bug.cgi?id=1236144
  * https://bugzilla.suse.com/show_bug.cgi?id=1236145
  * https://bugzilla.suse.com/show_bug.cgi?id=1236160
  * https://bugzilla.suse.com/show_bug.cgi?id=1236161
  * https://bugzilla.suse.com/show_bug.cgi?id=1236163
  * https://bugzilla.suse.com/show_bug.cgi?id=1236168
  * https://bugzilla.suse.com/show_bug.cgi?id=1236178
  * https://bugzilla.suse.com/show_bug.cgi?id=1236180
  * https://bugzilla.suse.com/show_bug.cgi?id=1236181
  * https://bugzilla.suse.com/show_bug.cgi?id=1236182
  * https://bugzilla.suse.com/show_bug.cgi?id=1236190
  * https://bugzilla.suse.com/show_bug.cgi?id=1236192
  * https://bugzilla.suse.com/show_bug.cgi?id=1236198
  * https://bugzilla.suse.com/show_bug.cgi?id=1236227
  * https://bugzilla.suse.com/show_bug.cgi?id=1236245
  * https://bugzilla.suse.com/show_bug.cgi?id=1236247
  * https://bugzilla.suse.com/show_bug.cgi?id=1236248
  * https://bugzilla.suse.com/show_bug.cgi?id=1236260
  * https://bugzilla.suse.com/show_bug.cgi?id=1236262
  * https://bugzilla.suse.com/show_bug.cgi?id=1236628
  * https://bugzilla.suse.com/show_bug.cgi?id=1236688
  * https://bugzilla.suse.com/show_bug.cgi?id=1236696
  * https://bugzilla.suse.com/show_bug.cgi?id=1236698
  * https://bugzilla.suse.com/show_bug.cgi?id=1236703
  * https://bugzilla.suse.com/show_bug.cgi?id=1236732
  * https://bugzilla.suse.com/show_bug.cgi?id=1236733
  * https://bugzilla.suse.com/show_bug.cgi?id=1236757
  * https://bugzilla.suse.com/show_bug.cgi?id=1236758
  * https://bugzilla.suse.com/show_bug.cgi?id=1236760

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250211/ab811a1f/attachment.htm>

From null at suse.de  Tue Feb 11 16:30:08 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 11 Feb 2025 16:30:08 -0000
Subject: SUSE-SU-2025:0432-1: moderate: Security update for qemu
Message-ID: <173929140840.21738.3638608500518299265@smelt2.prg2.suse.org>



# Security update for qemu

Announcement ID: SUSE-SU-2025:0432-1  
Release Date: 2025-02-11T14:14:12Z  
Rating: moderate  
References:

  * bsc#1193914
  * bsc#1201944

  
Cross-References:

  * CVE-2021-3611

  
CVSS scores:

  * CVE-2021-3611 ( SUSE ):  5.3
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L
  * CVE-2021-3611 ( SUSE ):  5.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L
  * CVE-2021-3611 ( NVD ):  6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4

  
  
An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for qemu fixes the following issues:

  * CVE-2021-3611: Fixed segmentation fault due to stack overflow (bsc#1193914).

Other fixes:

  * qemu.spec: mark bridge.conf as noreplace (bsc#1201944).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-432=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-432=1

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-432=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-432=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-432=1

## Package List:

  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * qemu-ui-opengl-6.2.0-150400.37.40.1
    * qemu-guest-agent-6.2.0-150400.37.40.1
    * qemu-hw-usb-redirect-6.2.0-150400.37.40.1
    * qemu-chardev-spice-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-gpu-debuginfo-6.2.0-150400.37.40.1
    * qemu-audio-spice-6.2.0-150400.37.40.1
    * qemu-debugsource-6.2.0-150400.37.40.1
    * qemu-ui-opengl-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-gpu-6.2.0-150400.37.40.1
    * qemu-chardev-spice-debuginfo-6.2.0-150400.37.40.1
    * qemu-ui-spice-core-6.2.0-150400.37.40.1
    * qemu-audio-spice-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-vga-debuginfo-6.2.0-150400.37.40.1
    * qemu-tools-6.2.0-150400.37.40.1
    * qemu-tools-debuginfo-6.2.0-150400.37.40.1
    * qemu-ui-spice-core-debuginfo-6.2.0-150400.37.40.1
    * qemu-guest-agent-debuginfo-6.2.0-150400.37.40.1
    * qemu-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-usb-redirect-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-vga-6.2.0-150400.37.40.1
    * qemu-hw-display-qxl-debuginfo-6.2.0-150400.37.40.1
    * qemu-6.2.0-150400.37.40.1
    * qemu-hw-display-qxl-6.2.0-150400.37.40.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64)
    * qemu-arm-debuginfo-6.2.0-150400.37.40.1
    * qemu-arm-6.2.0-150400.37.40.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch)
    * qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.40.1
    * qemu-ipxe-1.0.0+-150400.37.40.1
    * qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.40.1
    * qemu-sgabios-8-150400.37.40.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (s390x)
    * qemu-s390x-debuginfo-6.2.0-150400.37.40.1
    * qemu-s390x-6.2.0-150400.37.40.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64)
    * qemu-x86-6.2.0-150400.37.40.1
    * qemu-accel-tcg-x86-6.2.0-150400.37.40.1
    * qemu-x86-debuginfo-6.2.0-150400.37.40.1
    * qemu-accel-tcg-x86-debuginfo-6.2.0-150400.37.40.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * qemu-ui-opengl-6.2.0-150400.37.40.1
    * qemu-guest-agent-6.2.0-150400.37.40.1
    * qemu-hw-usb-redirect-6.2.0-150400.37.40.1
    * qemu-chardev-spice-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-gpu-debuginfo-6.2.0-150400.37.40.1
    * qemu-audio-spice-6.2.0-150400.37.40.1
    * qemu-debugsource-6.2.0-150400.37.40.1
    * qemu-ui-opengl-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-gpu-6.2.0-150400.37.40.1
    * qemu-chardev-spice-debuginfo-6.2.0-150400.37.40.1
    * qemu-ui-spice-core-6.2.0-150400.37.40.1
    * qemu-audio-spice-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-vga-debuginfo-6.2.0-150400.37.40.1
    * qemu-tools-6.2.0-150400.37.40.1
    * qemu-tools-debuginfo-6.2.0-150400.37.40.1
    * qemu-ui-spice-core-debuginfo-6.2.0-150400.37.40.1
    * qemu-guest-agent-debuginfo-6.2.0-150400.37.40.1
    * qemu-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-usb-redirect-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-vga-6.2.0-150400.37.40.1
    * qemu-hw-display-qxl-debuginfo-6.2.0-150400.37.40.1
    * qemu-6.2.0-150400.37.40.1
    * qemu-hw-display-qxl-6.2.0-150400.37.40.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64)
    * qemu-arm-debuginfo-6.2.0-150400.37.40.1
    * qemu-arm-6.2.0-150400.37.40.1
  * SUSE Linux Enterprise Micro 5.4 (noarch)
    * qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.40.1
    * qemu-ipxe-1.0.0+-150400.37.40.1
    * qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.40.1
    * qemu-sgabios-8-150400.37.40.1
  * SUSE Linux Enterprise Micro 5.4 (s390x)
    * qemu-s390x-debuginfo-6.2.0-150400.37.40.1
    * qemu-s390x-6.2.0-150400.37.40.1
  * SUSE Linux Enterprise Micro 5.4 (x86_64)
    * qemu-x86-6.2.0-150400.37.40.1
    * qemu-accel-tcg-x86-6.2.0-150400.37.40.1
    * qemu-x86-debuginfo-6.2.0-150400.37.40.1
    * qemu-accel-tcg-x86-debuginfo-6.2.0-150400.37.40.1
  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * qemu-ui-opengl-6.2.0-150400.37.40.1
    * qemu-vhost-user-gpu-6.2.0-150400.37.40.1
    * qemu-block-ssh-debuginfo-6.2.0-150400.37.40.1
    * qemu-audio-alsa-6.2.0-150400.37.40.1
    * qemu-ui-spice-app-debuginfo-6.2.0-150400.37.40.1
    * qemu-ppc-debuginfo-6.2.0-150400.37.40.1
    * qemu-block-iscsi-6.2.0-150400.37.40.1
    * qemu-accel-qtest-debuginfo-6.2.0-150400.37.40.1
    * qemu-audio-jack-debuginfo-6.2.0-150400.37.40.1
    * qemu-ivshmem-tools-6.2.0-150400.37.40.1
    * qemu-audio-oss-6.2.0-150400.37.40.1
    * qemu-guest-agent-6.2.0-150400.37.40.1
    * qemu-linux-user-debugsource-6.2.0-150400.37.40.1
    * qemu-hw-usb-redirect-6.2.0-150400.37.40.1
    * qemu-ui-curses-debuginfo-6.2.0-150400.37.40.1
    * qemu-block-dmg-6.2.0-150400.37.40.1
    * qemu-chardev-spice-6.2.0-150400.37.40.1
    * qemu-ui-spice-app-6.2.0-150400.37.40.1
    * qemu-block-gluster-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-gpu-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-usb-smartcard-6.2.0-150400.37.40.1
    * qemu-audio-spice-6.2.0-150400.37.40.1
    * qemu-audio-pa-debuginfo-6.2.0-150400.37.40.1
    * qemu-lang-6.2.0-150400.37.40.1
    * qemu-x86-6.2.0-150400.37.40.1
    * qemu-accel-qtest-6.2.0-150400.37.40.1
    * qemu-ksm-6.2.0-150400.37.40.1
    * qemu-debugsource-6.2.0-150400.37.40.1
    * qemu-block-curl-debuginfo-6.2.0-150400.37.40.1
    * qemu-block-nfs-6.2.0-150400.37.40.1
    * qemu-ui-gtk-6.2.0-150400.37.40.1
    * qemu-ui-opengl-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-usb-host-debuginfo-6.2.0-150400.37.40.1
    * qemu-block-dmg-debuginfo-6.2.0-150400.37.40.1
    * qemu-chardev-spice-debuginfo-6.2.0-150400.37.40.1
    * qemu-block-iscsi-debuginfo-6.2.0-150400.37.40.1
    * qemu-extra-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-gpu-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-gpu-pci-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-s390x-virtio-gpu-ccw-6.2.0-150400.37.40.1
    * qemu-ui-gtk-debuginfo-6.2.0-150400.37.40.1
    * qemu-block-ssh-6.2.0-150400.37.40.1
    * qemu-ui-spice-core-6.2.0-150400.37.40.1
    * qemu-arm-debuginfo-6.2.0-150400.37.40.1
    * qemu-accel-tcg-x86-debuginfo-6.2.0-150400.37.40.1
    * qemu-chardev-baum-6.2.0-150400.37.40.1
    * qemu-audio-spice-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-vga-debuginfo-6.2.0-150400.37.40.1
    * qemu-arm-6.2.0-150400.37.40.1
    * qemu-audio-jack-6.2.0-150400.37.40.1
    * qemu-tools-6.2.0-150400.37.40.1
    * qemu-tools-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-s390x-virtio-gpu-ccw-debuginfo-6.2.0-150400.37.40.1
    * qemu-ui-spice-core-debuginfo-6.2.0-150400.37.40.1
    * qemu-chardev-baum-debuginfo-6.2.0-150400.37.40.1
    * qemu-audio-alsa-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.40.1
    * qemu-linux-user-6.2.0-150400.37.40.1
    * qemu-guest-agent-debuginfo-6.2.0-150400.37.40.1
    * qemu-ppc-6.2.0-150400.37.40.1
    * qemu-linux-user-debuginfo-6.2.0-150400.37.40.1
    * qemu-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-usb-redirect-debuginfo-6.2.0-150400.37.40.1
    * qemu-audio-pa-6.2.0-150400.37.40.1
    * qemu-s390x-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-vga-6.2.0-150400.37.40.1
    * qemu-vhost-user-gpu-debuginfo-6.2.0-150400.37.40.1
    * qemu-block-gluster-6.2.0-150400.37.40.1
    * qemu-hw-display-qxl-6.2.0-150400.37.40.1
    * qemu-hw-usb-host-6.2.0-150400.37.40.1
    * qemu-accel-tcg-x86-6.2.0-150400.37.40.1
    * qemu-hw-display-qxl-debuginfo-6.2.0-150400.37.40.1
    * qemu-x86-debuginfo-6.2.0-150400.37.40.1
    * qemu-audio-oss-debuginfo-6.2.0-150400.37.40.1
    * qemu-s390x-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-usb-smartcard-debuginfo-6.2.0-150400.37.40.1
    * qemu-block-nfs-debuginfo-6.2.0-150400.37.40.1
    * qemu-6.2.0-150400.37.40.1
    * qemu-ivshmem-tools-debuginfo-6.2.0-150400.37.40.1
    * qemu-ui-curses-6.2.0-150400.37.40.1
    * qemu-block-curl-6.2.0-150400.37.40.1
    * qemu-extra-debuginfo-6.2.0-150400.37.40.1
  * openSUSE Leap 15.4 (s390x x86_64 i586)
    * qemu-kvm-6.2.0-150400.37.40.1
  * openSUSE Leap 15.4 (noarch)
    * qemu-skiboot-6.2.0-150400.37.40.1
    * qemu-SLOF-6.2.0-150400.37.40.1
    * qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.40.1
    * qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.40.1
    * qemu-microvm-6.2.0-150400.37.40.1
    * qemu-sgabios-8-150400.37.40.1
    * qemu-ipxe-1.0.0+-150400.37.40.1
  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
    * qemu-block-rbd-debuginfo-6.2.0-150400.37.40.1
    * qemu-block-rbd-6.2.0-150400.37.40.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * qemu-ui-opengl-6.2.0-150400.37.40.1
    * qemu-guest-agent-6.2.0-150400.37.40.1
    * qemu-hw-usb-redirect-6.2.0-150400.37.40.1
    * qemu-chardev-spice-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-gpu-debuginfo-6.2.0-150400.37.40.1
    * qemu-audio-spice-6.2.0-150400.37.40.1
    * qemu-debugsource-6.2.0-150400.37.40.1
    * qemu-ui-opengl-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-gpu-6.2.0-150400.37.40.1
    * qemu-chardev-spice-debuginfo-6.2.0-150400.37.40.1
    * qemu-ui-spice-core-6.2.0-150400.37.40.1
    * qemu-audio-spice-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-vga-debuginfo-6.2.0-150400.37.40.1
    * qemu-tools-6.2.0-150400.37.40.1
    * qemu-tools-debuginfo-6.2.0-150400.37.40.1
    * qemu-ui-spice-core-debuginfo-6.2.0-150400.37.40.1
    * qemu-guest-agent-debuginfo-6.2.0-150400.37.40.1
    * qemu-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-usb-redirect-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-vga-6.2.0-150400.37.40.1
    * qemu-hw-display-qxl-debuginfo-6.2.0-150400.37.40.1
    * qemu-6.2.0-150400.37.40.1
    * qemu-hw-display-qxl-6.2.0-150400.37.40.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64)
    * qemu-arm-debuginfo-6.2.0-150400.37.40.1
    * qemu-arm-6.2.0-150400.37.40.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch)
    * qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.40.1
    * qemu-ipxe-1.0.0+-150400.37.40.1
    * qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.40.1
    * qemu-sgabios-8-150400.37.40.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (s390x)
    * qemu-s390x-debuginfo-6.2.0-150400.37.40.1
    * qemu-s390x-6.2.0-150400.37.40.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64)
    * qemu-x86-6.2.0-150400.37.40.1
    * qemu-accel-tcg-x86-6.2.0-150400.37.40.1
    * qemu-x86-debuginfo-6.2.0-150400.37.40.1
    * qemu-accel-tcg-x86-debuginfo-6.2.0-150400.37.40.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * qemu-ui-opengl-6.2.0-150400.37.40.1
    * qemu-guest-agent-6.2.0-150400.37.40.1
    * qemu-hw-usb-redirect-6.2.0-150400.37.40.1
    * qemu-chardev-spice-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-gpu-debuginfo-6.2.0-150400.37.40.1
    * qemu-audio-spice-6.2.0-150400.37.40.1
    * qemu-debugsource-6.2.0-150400.37.40.1
    * qemu-ui-opengl-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-gpu-6.2.0-150400.37.40.1
    * qemu-chardev-spice-debuginfo-6.2.0-150400.37.40.1
    * qemu-ui-spice-core-6.2.0-150400.37.40.1
    * qemu-audio-spice-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-vga-debuginfo-6.2.0-150400.37.40.1
    * qemu-tools-6.2.0-150400.37.40.1
    * qemu-tools-debuginfo-6.2.0-150400.37.40.1
    * qemu-ui-spice-core-debuginfo-6.2.0-150400.37.40.1
    * qemu-guest-agent-debuginfo-6.2.0-150400.37.40.1
    * qemu-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-usb-redirect-debuginfo-6.2.0-150400.37.40.1
    * qemu-hw-display-virtio-vga-6.2.0-150400.37.40.1
    * qemu-hw-display-qxl-debuginfo-6.2.0-150400.37.40.1
    * qemu-6.2.0-150400.37.40.1
    * qemu-hw-display-qxl-6.2.0-150400.37.40.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64)
    * qemu-arm-debuginfo-6.2.0-150400.37.40.1
    * qemu-arm-6.2.0-150400.37.40.1
  * SUSE Linux Enterprise Micro 5.3 (noarch)
    * qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.40.1
    * qemu-ipxe-1.0.0+-150400.37.40.1
    * qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.40.1
    * qemu-sgabios-8-150400.37.40.1
  * SUSE Linux Enterprise Micro 5.3 (s390x)
    * qemu-s390x-debuginfo-6.2.0-150400.37.40.1
    * qemu-s390x-6.2.0-150400.37.40.1
  * SUSE Linux Enterprise Micro 5.3 (x86_64)
    * qemu-x86-6.2.0-150400.37.40.1
    * qemu-accel-tcg-x86-6.2.0-150400.37.40.1
    * qemu-x86-debuginfo-6.2.0-150400.37.40.1
    * qemu-accel-tcg-x86-debuginfo-6.2.0-150400.37.40.1

## References:

  * https://www.suse.com/security/cve/CVE-2021-3611.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1193914
  * https://bugzilla.suse.com/show_bug.cgi?id=1201944

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250211/42e92539/attachment.htm>

From null at suse.de  Tue Feb 11 16:30:17 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 11 Feb 2025 16:30:17 -0000
Subject: SUSE-SU-2025:0429-1: moderate: Security update for govulncheck-vulndb
Message-ID: <173929141789.21738.14935389985602557089@smelt2.prg2.suse.org>



# Security update for govulncheck-vulndb

Announcement ID: SUSE-SU-2025:0429-1  
Release Date: 2025-02-11T14:12:33Z  
Rating: moderate  
References:

  * jsc#PED-11136

  
Cross-References:

  * CVE-2022-47930
  * CVE-2024-10846
  * CVE-2024-11741
  * CVE-2024-13484
  * CVE-2024-35177
  * CVE-2024-3727
  * CVE-2024-45336
  * CVE-2024-45339
  * CVE-2024-45340
  * CVE-2024-45341
  * CVE-2024-47770
  * CVE-2024-50354
  * CVE-2024-9312
  * CVE-2024-9313
  * CVE-2025-0750
  * CVE-2025-22865
  * CVE-2025-22866
  * CVE-2025-22867
  * CVE-2025-23216
  * CVE-2025-24366
  * CVE-2025-24369
  * CVE-2025-24371
  * CVE-2025-24376
  * CVE-2025-24784
  * CVE-2025-24786
  * CVE-2025-24787
  * CVE-2025-24883
  * CVE-2025-24884

  
CVSS scores:

  * CVE-2022-47930 ( NVD ):  6.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
  * CVE-2022-47930 ( NVD ):  6.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
  * CVE-2024-10846 ( SUSE ):  6.0
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H
  * CVE-2024-10846 ( SUSE ):  6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
  * CVE-2024-10846 ( NVD ):  5.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H
  * CVE-2024-11741 ( SUSE ):  2.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-11741 ( SUSE ):  3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-11741 ( NVD ):  4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-13484 ( NVD ):  8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
  * CVE-2024-35177 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-3727 ( SUSE ):  8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
  * CVE-2024-3727 ( NVD ):  8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
  * CVE-2024-45336 ( NVD ):  6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
  * CVE-2024-45339 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-45339 ( SUSE ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
  * CVE-2024-45339 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
  * CVE-2024-45340 ( SUSE ):  7.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
  * CVE-2024-45340 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45341 ( NVD ):  6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
  * CVE-2024-47770 ( NVD ):  4.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
  * CVE-2024-50354 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-9312 ( NVD ):  7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
  * CVE-2024-9313 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0750 ( NVD ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
  * CVE-2025-22865 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-22865 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2025-22866 ( SUSE ):  6.0
    CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-22866 ( SUSE ):  5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2025-22866 ( NVD ):  8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-22867 ( SUSE ):  6.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
  * CVE-2025-22867 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
  * CVE-2025-23216 ( NVD ):  6.8 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
  * CVE-2025-24366 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-24369 ( NVD ):  2.3
    CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2025-24371 ( NVD ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2025-24376 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
  * CVE-2025-24784 ( NVD ):  4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2025-24786 ( NVD ):  10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
  * CVE-2025-24787 ( NVD ):  8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
  * CVE-2025-24883 ( NVD ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2025-24884 ( NVD ):  5.1
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

  
Affected Products:

  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Package Hub 15 15-SP6

  
  
An update that solves 28 vulnerabilities and contains one feature can now be
installed.

## Description:

This update for govulncheck-vulndb fixes the following issues:

  * Update to version 0.0.20250207T224745 2025-02-07T22:47:45Z. Refs
    jsc#PED-11136 Go CVE Numbering Authority IDs added or updated with aliases:
  * GO-2025-3456 CVE-2025-24786 GHSA-9r4c-jwx3-3j76
  * GO-2025-3457 CVE-2025-24787 GHSA-c7w4-9wv8-7x7c
  * GO-2025-3458 CVE-2025-24366 GHSA-vj7w-3m8c-6vpx

  * Update to version 0.0.20250206T175003 2025-02-06T17:50:03Z. Refs
    jsc#PED-11136 Go CVE Numbering Authority IDs added or updated with aliases:

  * GO-2023-1867 CVE-2022-47930 GHSA-c58h-qv6g-fw74
  * GO-2024-3244 CVE-2024-50354 GHSA-cph5-3pgr-c82g

  * Update to version 0.0.20250206T165438 2025-02-06T16:54:38Z. Refs
    jsc#PED-11136 Go CVE Numbering Authority IDs added or updated with aliases:

  * GO-2025-3428 CVE-2025-22867
  * GO-2025-3447 CVE-2025-22866

  * Update to version 0.0.20250205T232745 2025-02-05T23:27:45Z. Refs
    jsc#PED-11136 Go CVE Numbering Authority IDs added or updated with aliases:

  * GO-2025-3408
  * GO-2025-3448 GHSA-23qp-3c2m-xx6w
  * GO-2025-3449 GHSA-mx2j-7cmv-353c
  * GO-2025-3450 GHSA-w7wm-2425-7p2h
  * GO-2025-3454 GHSA-mj4v-hp69-27x5
  * GO-2025-3455 GHSA-vqv5-385r-2hf8

  * Update to version 0.0.20250205T003520 2025-02-05T00:35:20Z. Refs
    jsc#PED-11136 Go CVE Numbering Authority IDs added or updated with aliases:

  * GO-2025-3451

  * Update to version 0.0.20250204T220613 2025-02-04T22:06:13Z. Refs
    jsc#PED-11136 Go CVE Numbering Authority IDs added or updated with aliases:

  * GO-2025-3431 CVE-2025-24884 GHSA-hcr5-wv4p-h2g2
  * GO-2025-3433 CVE-2025-23216 GHSA-47g2-qmh2-749v
  * GO-2025-3434 CVE-2025-24376 GHSA-fc89-jghx-8pvg
  * GO-2025-3435 CVE-2025-24784 GHSA-756x-m4mj-q96c
  * GO-2025-3436 CVE-2025-24883 GHSA-q26p-9cq4-7fc2
  * GO-2025-3437 GHSA-274v-mgcv-cm8j
  * GO-2025-3438 CVE-2024-11741 GHSA-wxcc-2f3q-4h58
  * GO-2025-3442 CVE-2025-24371 GHSA-22qq-3xwm-r5x4
  * GO-2025-3443 GHSA-r3r4-g7hq-pq4f
  * GO-2025-3444 CVE-2024-35177
  * GO-2025-3445 CVE-2024-47770

  * Use standard RPM macros to unpack the source and populate a working
    directory. Fixes build with RPM 4.20.

  * Update to version 0.0.20250130T185858 2025-01-30T18:58:58Z. Refs
    jsc#PED-11136 Go CVE Numbering Authority IDs added or updated with aliases:

  * GO-2024-2842 CVE-2024-3727 GHSA-6wvf-f2vw-3425
  * GO-2024-3181 CVE-2024-9313 GHSA-x5q3-c8rm-w787
  * GO-2024-3188 CVE-2024-9312 GHSA-4gfw-wf7c-w6g2
  * GO-2025-3372 CVE-2024-45339 GHSA-6wxm-mpqj-6jpf
  * GO-2025-3373 CVE-2024-45341
  * GO-2025-3383 CVE-2024-45340
  * GO-2025-3408
  * GO-2025-3412 CVE-2024-10846 GHSA-36gq-35j3-p9r9
  * GO-2025-3420 CVE-2024-45336
  * GO-2025-3421 CVE-2025-22865
  * GO-2025-3424 CVE-2025-24369
  * GO-2025-3426 CVE-2025-0750 GHSA-hp5j-2585-qx6g
  * GO-2025-3427 CVE-2024-13484 GHSA-58fx-7v9q-3g56

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-429=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-429=1

## Package List:

  * SUSE Package Hub 15 15-SP6 (noarch)
    * govulncheck-vulndb-0.0.20250207T224745-150000.1.32.1
  * openSUSE Leap 15.6 (noarch)
    * govulncheck-vulndb-0.0.20250207T224745-150000.1.32.1

## References:

  * https://www.suse.com/security/cve/CVE-2022-47930.html
  * https://www.suse.com/security/cve/CVE-2024-10846.html
  * https://www.suse.com/security/cve/CVE-2024-11741.html
  * https://www.suse.com/security/cve/CVE-2024-13484.html
  * https://www.suse.com/security/cve/CVE-2024-35177.html
  * https://www.suse.com/security/cve/CVE-2024-3727.html
  * https://www.suse.com/security/cve/CVE-2024-45336.html
  * https://www.suse.com/security/cve/CVE-2024-45339.html
  * https://www.suse.com/security/cve/CVE-2024-45340.html
  * https://www.suse.com/security/cve/CVE-2024-45341.html
  * https://www.suse.com/security/cve/CVE-2024-47770.html
  * https://www.suse.com/security/cve/CVE-2024-50354.html
  * https://www.suse.com/security/cve/CVE-2024-9312.html
  * https://www.suse.com/security/cve/CVE-2024-9313.html
  * https://www.suse.com/security/cve/CVE-2025-0750.html
  * https://www.suse.com/security/cve/CVE-2025-22865.html
  * https://www.suse.com/security/cve/CVE-2025-22866.html
  * https://www.suse.com/security/cve/CVE-2025-22867.html
  * https://www.suse.com/security/cve/CVE-2025-23216.html
  * https://www.suse.com/security/cve/CVE-2025-24366.html
  * https://www.suse.com/security/cve/CVE-2025-24369.html
  * https://www.suse.com/security/cve/CVE-2025-24371.html
  * https://www.suse.com/security/cve/CVE-2025-24376.html
  * https://www.suse.com/security/cve/CVE-2025-24784.html
  * https://www.suse.com/security/cve/CVE-2025-24786.html
  * https://www.suse.com/security/cve/CVE-2025-24787.html
  * https://www.suse.com/security/cve/CVE-2025-24883.html
  * https://www.suse.com/security/cve/CVE-2025-24884.html
  * https://jira.suse.com/browse/PED-11136

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250211/cae38b14/attachment.htm>

From null at suse.de  Tue Feb 11 16:30:20 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 11 Feb 2025 16:30:20 -0000
Subject: SUSE-RU-2025:0383-2: moderate: Recommended update for libica
Message-ID: <173929142094.21738.12526725975948379672@smelt2.prg2.suse.org>



# Recommended update for libica

Announcement ID: SUSE-RU-2025:0383-2  
Release Date: 2025-02-11T14:03:47Z  
Rating: moderate  
References:

  * bsc#1231302

  
Affected Products:

  * Server Applications Module 15-SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that has one fix can now be installed.

## Description:

This update for libica fixes the following issues:

  * (FIPS) Use AES-GCM external IV mode encryption (bsc#1231302).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * Server Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-383=1

## Package List:

  * Server Applications Module 15-SP6 (s390x)
    * libica-tools-debuginfo-4.3.1-150600.4.19.2
    * libica-openssl1_1-devel-4.3.1-150600.4.19.2
    * libica4-openssl1_1-debuginfo-4.3.1-150600.4.19.2
    * libica-openssl1_1-debugsource-4.3.1-150600.4.19.2
    * libica-openssl1_1-tools-4.3.1-150600.4.19.2
    * libica-debugsource-4.3.1-150600.4.19.2
    * libica-openssl1_1-tools-debuginfo-4.3.1-150600.4.19.2
    * libica-tools-4.3.1-150600.4.19.2
    * libica4-4.3.1-150600.4.19.2
    * libica-openssl1_1-debuginfo-4.3.1-150600.4.19.2
    * libica-debuginfo-4.3.1-150600.4.19.2
    * libica-openssl1_1-devel-static-4.3.1-150600.4.19.2
    * libica-devel-4.3.1-150600.4.19.2
    * libica-devel-static-4.3.1-150600.4.19.2
    * libica4-openssl1_1-4.3.1-150600.4.19.2
    * libica4-debuginfo-4.3.1-150600.4.19.2

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1231302

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250211/2bf63cda/attachment.htm>

From null at suse.de  Tue Feb 11 16:30:15 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 11 Feb 2025 16:30:15 -0000
Subject: SUSE-SU-2025:0430-1: moderate: Security update for openssl-3
Message-ID: <173929141588.21738.741123551980810417@smelt2.prg2.suse.org>



# Security update for openssl-3

Announcement ID: SUSE-SU-2025:0430-1  
Release Date: 2025-02-11T14:13:39Z  
Rating: moderate  
References:

  * bsc#1236136

  
Cross-References:

  * CVE-2024-13176

  
CVSS scores:

  * CVE-2024-13176 ( SUSE ):  6.0
    CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-13176 ( SUSE ):  5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-13176 ( NVD ):  4.1 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for openssl-3 fixes the following issues:

  * CVE-2024-13176: Fixed timing side-channel in ECDSA signature computation
    (bsc#1236136).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-430=1 openSUSE-SLE-15.6-2025-430=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-430=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * openssl-3-debugsource-3.1.4-150600.5.24.1
    * libopenssl-3-devel-3.1.4-150600.5.24.1
    * libopenssl-3-fips-provider-3.1.4-150600.5.24.1
    * libopenssl3-debuginfo-3.1.4-150600.5.24.1
    * libopenssl-3-fips-provider-debuginfo-3.1.4-150600.5.24.1
    * openssl-3-debuginfo-3.1.4-150600.5.24.1
    * libopenssl3-3.1.4-150600.5.24.1
    * openssl-3-3.1.4-150600.5.24.1
  * openSUSE Leap 15.6 (x86_64)
    * libopenssl-3-devel-32bit-3.1.4-150600.5.24.1
    * libopenssl3-32bit-debuginfo-3.1.4-150600.5.24.1
    * libopenssl-3-fips-provider-32bit-3.1.4-150600.5.24.1
    * libopenssl-3-fips-provider-32bit-debuginfo-3.1.4-150600.5.24.1
    * libopenssl3-32bit-3.1.4-150600.5.24.1
  * openSUSE Leap 15.6 (noarch)
    * openssl-3-doc-3.1.4-150600.5.24.1
  * openSUSE Leap 15.6 (aarch64_ilp32)
    * libopenssl-3-fips-provider-64bit-debuginfo-3.1.4-150600.5.24.1
    * libopenssl-3-devel-64bit-3.1.4-150600.5.24.1
    * libopenssl3-64bit-debuginfo-3.1.4-150600.5.24.1
    * libopenssl3-64bit-3.1.4-150600.5.24.1
    * libopenssl-3-fips-provider-64bit-3.1.4-150600.5.24.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * openssl-3-debugsource-3.1.4-150600.5.24.1
    * libopenssl-3-devel-3.1.4-150600.5.24.1
    * libopenssl-3-fips-provider-3.1.4-150600.5.24.1
    * libopenssl3-debuginfo-3.1.4-150600.5.24.1
    * libopenssl-3-fips-provider-debuginfo-3.1.4-150600.5.24.1
    * openssl-3-debuginfo-3.1.4-150600.5.24.1
    * libopenssl3-3.1.4-150600.5.24.1
    * openssl-3-3.1.4-150600.5.24.1
  * Basesystem Module 15-SP6 (x86_64)
    * libopenssl3-32bit-debuginfo-3.1.4-150600.5.24.1
    * libopenssl3-32bit-3.1.4-150600.5.24.1
    * libopenssl-3-fips-provider-32bit-3.1.4-150600.5.24.1
    * libopenssl-3-fips-provider-32bit-debuginfo-3.1.4-150600.5.24.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-13176.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236136

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250211/b6b31def/attachment.htm>

From null at suse.de  Tue Feb 11 16:30:12 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 11 Feb 2025 16:30:12 -0000
Subject: SUSE-SU-2025:0431-1: moderate: Security update for go1.24
Message-ID: <173929141251.21738.8598970358604845432@smelt2.prg2.suse.org>



# Security update for go1.24

Announcement ID: SUSE-SU-2025:0431-1  
Release Date: 2025-02-11T14:13:49Z  
Rating: moderate  
References:

  * bsc#1236217
  * bsc#1236801
  * bsc#1236839

  
Cross-References:

  * CVE-2025-22866
  * CVE-2025-22867

  
CVSS scores:

  * CVE-2025-22866 ( SUSE ):  6.0
    CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-22866 ( SUSE ):  5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2025-22866 ( NVD ):  8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-22867 ( SUSE ):  6.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
  * CVE-2025-22867 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

  
Affected Products:

  * Development Tools Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves two vulnerabilities and has one security fix can now be
installed.

## Description:

This update for go1.24 fixes the following issues:

  * CVE-2025-22866: Fixed timing sidechannel for P-256 on ppc64le (bsc#1236801).
  * CVE-2025-22867: Fixed arbitrary code execution during build on darwin
    (bsc#1236839).

Other fixes:

  * go1.2r42 release tracking (bsc#1236217)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-431=1

  * Development Tools Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-431=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * go1.24-doc-1.24rc3-150000.1.6.1
    * go1.24-race-1.24rc3-150000.1.6.1
    * go1.24-1.24rc3-150000.1.6.1
  * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * go1.24-doc-1.24rc3-150000.1.6.1
    * go1.24-race-1.24rc3-150000.1.6.1
    * go1.24-1.24rc3-150000.1.6.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-22866.html
  * https://www.suse.com/security/cve/CVE-2025-22867.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236217
  * https://bugzilla.suse.com/show_bug.cgi?id=1236801
  * https://bugzilla.suse.com/show_bug.cgi?id=1236839

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250211/eb727991/attachment.htm>

From null at suse.de  Tue Feb 11 20:30:10 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 11 Feb 2025 20:30:10 -0000
Subject: SUSE-SU-2025:0435-1: moderate: Security update for java-1_8_0-openj9
Message-ID: <173930581017.21757.17536721634567338433@smelt2.prg2.suse.org>



# Security update for java-1_8_0-openj9

Announcement ID: SUSE-SU-2025:0435-1  
Release Date: 2025-02-11T16:51:06Z  
Rating: moderate  
References:

  * bsc#1231702
  * bsc#1231711
  * bsc#1231716
  * bsc#1231719

  
Cross-References:

  * CVE-2024-21208
  * CVE-2024-21210
  * CVE-2024-21217
  * CVE-2024-21235

  
CVSS scores:

  * CVE-2024-21208 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-21208 ( SUSE ):  3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-21208 ( NVD ):  3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-21210 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-21210 ( SUSE ):  3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
  * CVE-2024-21210 ( NVD ):  3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
  * CVE-2024-21217 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-21217 ( SUSE ):  3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-21217 ( NVD ):  3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-21235 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-21235 ( SUSE ):  4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
  * CVE-2024-21235 ( NVD ):  4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

  
Affected Products:

  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Package Hub 15 15-SP6

  
  
An update that solves four vulnerabilities can now be installed.

## Description:

This update for java-1_8_0-openj9 fixes the following issues:

Update to OpenJDK 8u442 build 06 with OpenJ9 0.49.0 virtual machine.

  * CVE-2024-21235: unauthorized read/write access to data through the Hotspot
    component. (bsc#1231719)
  * CVE-2024-21217: partial denial-of-service through the Serialization
    component. (bsc#1231716)
  * CVE-2024-21210: unauthorized read/write access to data through the Hotspot
    component. (bsc#1231711)
  * CVE-2024-21208: partial denial-of-service through the Networking component.
    (bsc#1231702)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-435=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-435=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * java-1_8_0-openj9-debugsource-1.8.0.442-150200.3.51.1
    * java-1_8_0-openj9-1.8.0.442-150200.3.51.1
    * java-1_8_0-openj9-debuginfo-1.8.0.442-150200.3.51.1
    * java-1_8_0-openj9-demo-debuginfo-1.8.0.442-150200.3.51.1
    * java-1_8_0-openj9-devel-debuginfo-1.8.0.442-150200.3.51.1
    * java-1_8_0-openj9-headless-debuginfo-1.8.0.442-150200.3.51.1
    * java-1_8_0-openj9-headless-1.8.0.442-150200.3.51.1
    * java-1_8_0-openj9-demo-1.8.0.442-150200.3.51.1
    * java-1_8_0-openj9-devel-1.8.0.442-150200.3.51.1
    * java-1_8_0-openj9-accessibility-1.8.0.442-150200.3.51.1
    * java-1_8_0-openj9-src-1.8.0.442-150200.3.51.1
  * openSUSE Leap 15.6 (noarch)
    * java-1_8_0-openj9-javadoc-1.8.0.442-150200.3.51.1
  * SUSE Package Hub 15 15-SP6 (ppc64le s390x)
    * java-1_8_0-openj9-debugsource-1.8.0.442-150200.3.51.1
    * java-1_8_0-openj9-1.8.0.442-150200.3.51.1
    * java-1_8_0-openj9-debuginfo-1.8.0.442-150200.3.51.1
    * java-1_8_0-openj9-demo-debuginfo-1.8.0.442-150200.3.51.1
    * java-1_8_0-openj9-devel-debuginfo-1.8.0.442-150200.3.51.1
    * java-1_8_0-openj9-headless-debuginfo-1.8.0.442-150200.3.51.1
    * java-1_8_0-openj9-headless-1.8.0.442-150200.3.51.1
    * java-1_8_0-openj9-demo-1.8.0.442-150200.3.51.1
    * java-1_8_0-openj9-devel-1.8.0.442-150200.3.51.1
    * java-1_8_0-openj9-accessibility-1.8.0.442-150200.3.51.1
    * java-1_8_0-openj9-src-1.8.0.442-150200.3.51.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-21208.html
  * https://www.suse.com/security/cve/CVE-2024-21210.html
  * https://www.suse.com/security/cve/CVE-2024-21217.html
  * https://www.suse.com/security/cve/CVE-2024-21235.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1231702
  * https://bugzilla.suse.com/show_bug.cgi?id=1231711
  * https://bugzilla.suse.com/show_bug.cgi?id=1231716
  * https://bugzilla.suse.com/show_bug.cgi?id=1231719

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250211/f3350fbb/attachment-0001.htm>

From null at suse.de  Tue Feb 11 20:30:14 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 11 Feb 2025 20:30:14 -0000
Subject: SUSE-SU-2025:0434-1: moderate: Security update for python36
Message-ID: <173930581447.21757.18444945264563359255@smelt2.prg2.suse.org>



# Security update for python36

Announcement ID: SUSE-SU-2025:0434-1  
Release Date: 2025-02-11T16:47:10Z  
Rating: moderate  
References:

  * bsc#1236705

  
Cross-References:

  * CVE-2025-0938

  
CVSS scores:

  * CVE-2025-0938 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N
  * CVE-2025-0938 ( SUSE ):  4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
  * CVE-2025-0938 ( NVD ):  6.3
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

  
Affected Products:

  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for python36 fixes the following issues:

  * CVE-2025-0938: domain names containing square brackets are not identified as
    incorrect by urlparse. (bsc#1236705)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-434=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * libpython3_6m1_0-debuginfo-3.6.15-76.1
    * python36-devel-3.6.15-76.1
    * python36-3.6.15-76.1
    * python36-debuginfo-3.6.15-76.1
    * libpython3_6m1_0-debuginfo-32bit-3.6.15-76.1
    * libpython3_6m1_0-3.6.15-76.1
    * python36-base-debuginfo-3.6.15-76.1
    * libpython3_6m1_0-32bit-3.6.15-76.1
    * python36-debugsource-3.6.15-76.1
    * python36-base-3.6.15-76.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-0938.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236705

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250211/fb93dcc8/attachment.htm>

From null at suse.de  Tue Feb 11 20:30:15 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 11 Feb 2025 20:30:15 -0000
Subject: SUSE-RU-2025:0433-1: moderate: Recommended update for skelcd
Message-ID: <173930581577.21757.16888685573366886229@smelt2.prg2.suse.org>



# Recommended update for skelcd

Announcement ID: SUSE-RU-2025:0433-1  
Release Date: 2025-02-11T16:40:37Z  
Rating: moderate  
References:

  * jsc#PED-12111
  * jsc#SLE-18082

  
Affected Products:

  * openSUSE Leap 15.6

  
  
An update that contains two features can now be installed.

## Description:

This update for skelcd fixes the following issues:

  * add SUSE logo into BCI skelcd (jsc#PED-12111)
  * Update EULA with SLE BCI section (jsc#SLE-18082) Else in case beta EULAs
    have a more recent date than final EULAs

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-433=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * skelcd-EULA-suse-manager-retail-branch-server-container-20250207-150600.3.3.1
    * skelcd-EULA-sap-apl-20250207-150600.3.3.1
    * skelcd-EULA-suse-manager-server-container-20250207-150600.3.3.1
    * skelcd-EULA-suse-manager-retail-branch-server-20250207-150600.3.3.1
    * skelcd-suse-manager-proxy-20250207-150600.3.3.1
    * skelcd-EULA-sle_lp-20250207-150600.3.3.1
    * skelcd-sle_lp-20250207-150600.3.3.1
    * skelcd-EULA-suse-manager-server-20250207-150600.3.3.1
    * skelcd-EULA-suse-manager-proxy-20250207-150600.3.3.1
    * skelcd-EULA-sle_hpc-20250207-150600.3.3.1
    * skelcd-suse-manager-retail-branch-server-20250207-150600.3.3.1
    * skelcd-EULA-bci-20250207-150600.3.3.1
    * skelcd-sap-apl-20250207-150600.3.3.1
    * skelcd-suse-manager-server-20250207-150600.3.3.1
    * skelcd-EULA-ha-20250207-150600.3.3.1
    * skelcd-EULA-suse-manager-proxy-container-20250207-150600.3.3.1
    * skelcd-EULA-sles-20250207-150600.3.3.1
    * skelcd-ha-20250207-150600.3.3.1
    * skelcd-sles-20250207-150600.3.3.1
    * skelcd-sle_hpc-20250207-150600.3.3.1
    * skelcd-EULA-leanos-20250207-150600.3.3.1
    * skelcd-leanos-20250207-150600.3.3.1
  * openSUSE Leap 15.6 (aarch64 x86_64 i586)
    * skelcd-EULA-sle-we-20250207-150600.3.3.1
    * skelcd-sle-we-20250207-150600.3.3.1
  * openSUSE Leap 15.6 (x86_64 i586)
    * skelcd-EULA-sled-20250207-150600.3.3.1
    * skelcd-sled-20250207-150600.3.3.1
  * openSUSE Leap 15.6 (x86_64)
    * skelcd-EULA-sle_rt-20250207-150600.3.3.1
    * skelcd-rt-20250207-150600.3.3.1
    * skelcd-EULA-rt-20250207-150600.3.3.1
    * skelcd-sle_rt-20250207-150600.3.3.1

## References:

  * https://jira.suse.com/browse/PED-12111
  * https://jira.suse.com/browse/SLE-18082

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250211/d3432331/attachment.htm>

From null at suse.de  Wed Feb 12 08:30:06 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 12 Feb 2025 08:30:06 -0000
Subject: SUSE-SU-2025:0440-1: important: Security update for the Linux Kernel
 (Live Patch 61 for SLE 12 SP5)
Message-ID: <173934900673.21757.13309361415265732696@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 61 for SLE 12 SP5)

Announcement ID: SUSE-SU-2025:0440-1  
Release Date: 2025-02-12T07:04:06Z  
Rating: important  
References:

  * bsc#1230998
  * bsc#1231993

  
Cross-References:

  * CVE-2024-45016
  * CVE-2024-47684

  
CVSS scores:

  * CVE-2024-45016 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45016 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47684 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Live Patching 12-SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 4.12.14-122_231 fixes several issues.

The following security issues were fixed:

  * CVE-2024-45016: netem: fix return value if duplicate enqueue fails
    (bsc#1230998).
  * CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us()
    (bsc#1231993).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Live Patching 12-SP5  
    zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-440=1 SUSE-SLE-Live-
Patching-12-SP5-2025-439=1 SUSE-SLE-Live-Patching-12-SP5-2025-442=1 SUSE-SLE-
Live-Patching-12-SP5-2025-441=1 SUSE-SLE-Live-Patching-12-SP5-2025-443=1 SUSE-
SLE-Live-Patching-12-SP5-2025-444=1 SUSE-SLE-Live-Patching-12-SP5-2025-445=1
SUSE-SLE-Live-Patching-12-SP5-2025-446=1

## Package List:

  * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64)
    * kgraft-patch-4_12_14-122_201-default-12-2.1
    * kgraft-patch-4_12_14-122_228-default-3-2.1
    * kgraft-patch-4_12_14-122_225-default-4-2.1
    * kgraft-patch-4_12_14-122_219-default-7-2.1
    * kgraft-patch-4_12_14-122_216-default-10-2.1
    * kgraft-patch-4_12_14-122_231-default-3-2.1
    * kgraft-patch-4_12_14-122_189-default-15-2.1
    * kgraft-patch-4_12_14-122_194-default-13-2.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-45016.html
  * https://www.suse.com/security/cve/CVE-2024-47684.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1230998
  * https://bugzilla.suse.com/show_bug.cgi?id=1231993

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250212/638cf204/attachment.htm>

From null at suse.de  Wed Feb 12 08:30:10 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 12 Feb 2025 08:30:10 -0000
Subject: SUSE-RU-2025:0448-1: moderate: Recommended update for
 kiwi-templates-Minimal
Message-ID: <173934901097.21757.15719930899781146495@smelt2.prg2.suse.org>



# Recommended update for kiwi-templates-Minimal

Announcement ID: SUSE-RU-2025:0448-1  
Release Date: 2025-02-12T07:27:18Z  
Rating: moderate  
References:

  * bsc#1222897

  
Affected Products:

  * Development Tools Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that has one fix can now be installed.

## Description:

This update for kiwi-templates-Minimal fixes the following issues:

  * Enlarge EFI to usual 512 MB standard as Xen might fill currently too small
    partition (bsc#1222897)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-448=1 openSUSE-SLE-15.6-2025-448=1

  * Development Tools Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-448=1

## Package List:

  * openSUSE Leap 15.6 (noarch)
    * kiwi-templates-Minimal-15.6-150600.8.4.1
  * Development Tools Module 15-SP6 (noarch)
    * kiwi-templates-Minimal-15.6-150600.8.4.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1222897

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250212/e164abcd/attachment.htm>

From null at suse.de  Wed Feb 12 08:30:14 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 12 Feb 2025 08:30:14 -0000
Subject: SUSE-RU-2025:0447-1: important: Recommended update for trousers
Message-ID: <173934901457.21757.18366629250290546462@smelt2.prg2.suse.org>



# Recommended update for trousers

Announcement ID: SUSE-RU-2025:0447-1  
Release Date: 2025-02-12T07:26:38Z  
Rating: important  
References:

  * bsc#1231071
  * bsc#1236457

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that has two fixes can now be installed.

## Description:

This update for trousers fixes the following issues:

  * make sure that udev workers have finished before daemon-reload (bsc#1231071
    bsc#1236457)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-447=1 openSUSE-SLE-15.6-2025-447=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-447=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * trousers-debugsource-0.3.15-150600.10.3.1
    * libtspi1-debuginfo-0.3.15-150600.10.3.1
    * trousers-debuginfo-0.3.15-150600.10.3.1
    * trousers-devel-0.3.15-150600.10.3.1
    * trousers-0.3.15-150600.10.3.1
    * libtspi1-0.3.15-150600.10.3.1
  * openSUSE Leap 15.6 (x86_64)
    * libtspi1-32bit-debuginfo-0.3.15-150600.10.3.1
    * libtspi1-32bit-0.3.15-150600.10.3.1
  * openSUSE Leap 15.6 (aarch64_ilp32)
    * libtspi1-64bit-debuginfo-0.3.15-150600.10.3.1
    * libtspi1-64bit-0.3.15-150600.10.3.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * trousers-debugsource-0.3.15-150600.10.3.1
    * libtspi1-debuginfo-0.3.15-150600.10.3.1
    * trousers-debuginfo-0.3.15-150600.10.3.1
    * trousers-devel-0.3.15-150600.10.3.1
    * trousers-0.3.15-150600.10.3.1
    * libtspi1-0.3.15-150600.10.3.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1231071
  * https://bugzilla.suse.com/show_bug.cgi?id=1236457

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250212/6008ab08/attachment.htm>

From null at suse.de  Wed Feb 12 08:30:16 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 12 Feb 2025 08:30:16 -0000
Subject: SUSE-RU-2025:0438-1: moderate: Recommended update for bouncycastle,
 jsch, ed25519-java
Message-ID: <173934901622.21757.4139450573141317354@smelt2.prg2.suse.org>



# Recommended update for bouncycastle, jsch, ed25519-java

Announcement ID: SUSE-RU-2025:0438-1  
Release Date: 2025-02-12T05:07:38Z  
Rating: moderate  
References:

  
Affected Products:

  * Development Tools Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Manager Server 4.3
  * SUSE Manager Server 4.3 Module

  
  
An update that can now be installed.

## Description:

This update for bouncycastle, jsch and ed25519-java fixes the following issues:

bouncycastle was updated from version 1.78 to 1.79:

  * Bugfixes to address issues with:
  * Ed25519 signatures
  * Elephant cipher handling of large messages
  * CMSSignedData signer replacement
  * ERSInputStreamData hashing
  * CRL loading
  * EC curve name lookups
  * PhotonBeetle and Xoodyak digest resetting
  * OCSP caching
  * Java 21 provider service handling
  * CMS version calculation
  * Incorrect PGP armored output version strings
  * PGP algorithm lookups

  * New Features and Functionalities:

  * Object Identifiers have been added for ML-KEM, ML-DSA, and SLH-DSA.
  * The PQC algorithms, ML-KEM, ML-DSA (including pre-hash), and SLH-DSA
    (including pre-hash) have been added to the BC provider and the lightweight
    API.
  * A new spec, ContextParameterSpec, has been added to support signature
    contexts for ML-DSA and SLH-DSA.
  * BCJSSE: Added support for security property
    "jdk.tls.server.defaultDHEParameters" (disabled in FIPS mode).
  * BCJSSE: Added support for signature_algorithms_cert configuration via
    "org.bouncycastle.jsse.client.SignatureSchemesCert" and
    "org.bouncycastle.jsse.server.SignatureSchemesCert" system properties or
    BCSSLParameters property "SignatureSchemesCert".
  * BCJSSE: Added support for boolean system property
    "org.bouncycastle.jsse.fips.allowGCMCiphersIn12" (false by default).
  * (D)TLS: Removed redundant verification of self-generated RSA signatures.
  * CompositePrivateKeys now support the latest revision of the composite
    signature draft.
  * Delta Certificates now support the latest revision of the delta certificate
    extension draft.
  * A general KeyIdentifier class, encapsulating both PGP KeyID and the PGP key
    fingerprint has been added to the PGP API.
  * Support for the LibrePGP PreferredEncryptionModes signature subpacket has
    been added to the PGP API.
  * Support for Version 6 signatures, including salts, has been added to the PGP
    API.
  * Support for the PreferredKeyServer signature supacket has been added to the
    PGP API.
  * Support for RFC 9269, "Using KEMs in Cryptographic Message Syntax (CMS)",
    has been added to the CMS API.
  * Support for the Argon2 S2K has been added to the PGP API.
  * The system property "org.bouncycastle.pemreader.lax" has been introduced for
    situations where the BC PEM parsing is now too strict.
  * The system property "org.bouncycastle.ec.disable_f2m" has been introduced to
    allow F2m EC support to be disabled.

jsch was updated from version 0.2.15 to 0.2.22:

  * Key changes across these versions:
  * Authentication and logging improvements
  * Date handling improvements using java.time classes
  * DHGEX prime modulus enforcement
  * Expanded KEX algorithm support, this requires Bouncy Castle
  * Fixed a GSSAPI authentication issue
  * Fixed possible rekeying timeouts
  * Fixed SignatureECDSAN private key handling
  * Improved handling of negated patterns
  * Introduction of JSchProxyException
  * Modernized fingerprint output
  * More accurate ext-info logging
  * PBKDF2 algorithm additions (SHA512/256 & SHA512/224)

ed25519-java:

  * Fixed minor build issues

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-438=1

  * Development Tools Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-438=1

  * SUSE Manager Server 4.3 Module  
    zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2025-438=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-438=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-438=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-438=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-438=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-438=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-438=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-438=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-438=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-438=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-438=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-438=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-438=1

## Package List:

  * openSUSE Leap 15.6 (noarch)
    * bouncycastle-mail-1.79-150200.3.32.2
    * bouncycastle-1.79-150200.3.32.2
    * ed25519-java-0.3.0-150200.5.6.1
    * bouncycastle-tls-1.79-150200.3.32.2
    * jsch-javadoc-0.2.22-150200.11.16.2
    * bouncycastle-jmail-1.79-150200.3.32.2
    * bouncycastle-util-1.79-150200.3.32.2
    * jsch-0.2.22-150200.11.16.2
    * jsch-demo-0.2.22-150200.11.16.2
    * bouncycastle-pg-1.79-150200.3.32.2
    * bouncycastle-javadoc-1.79-150200.3.32.2
    * ed25519-java-javadoc-0.3.0-150200.5.6.1
    * bouncycastle-pkix-1.79-150200.3.32.2
  * Development Tools Module 15-SP6 (noarch)
    * bouncycastle-1.79-150200.3.32.2
    * ed25519-java-0.3.0-150200.5.6.1
    * bouncycastle-util-1.79-150200.3.32.2
    * bouncycastle-pg-1.79-150200.3.32.2
    * jsch-0.2.22-150200.11.16.2
    * bouncycastle-pkix-1.79-150200.3.32.2
  * SUSE Manager Server 4.3 Module (noarch)
    * jsch-0.2.22-150200.11.16.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * bouncycastle-1.79-150200.3.32.2
    * ed25519-java-0.3.0-150200.5.6.1
    * bouncycastle-util-1.79-150200.3.32.2
    * bouncycastle-pg-1.79-150200.3.32.2
    * jsch-0.2.22-150200.11.16.2
    * bouncycastle-pkix-1.79-150200.3.32.2
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * bouncycastle-1.79-150200.3.32.2
    * ed25519-java-0.3.0-150200.5.6.1
    * bouncycastle-util-1.79-150200.3.32.2
    * bouncycastle-pg-1.79-150200.3.32.2
    * jsch-0.2.22-150200.11.16.2
    * bouncycastle-pkix-1.79-150200.3.32.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * bouncycastle-1.79-150200.3.32.2
    * ed25519-java-0.3.0-150200.5.6.1
    * bouncycastle-util-1.79-150200.3.32.2
    * bouncycastle-pg-1.79-150200.3.32.2
    * jsch-0.2.22-150200.11.16.2
    * bouncycastle-pkix-1.79-150200.3.32.2
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * bouncycastle-1.79-150200.3.32.2
    * ed25519-java-0.3.0-150200.5.6.1
    * bouncycastle-util-1.79-150200.3.32.2
    * bouncycastle-pg-1.79-150200.3.32.2
    * jsch-0.2.22-150200.11.16.2
    * bouncycastle-pkix-1.79-150200.3.32.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * bouncycastle-1.79-150200.3.32.2
    * ed25519-java-0.3.0-150200.5.6.1
    * bouncycastle-util-1.79-150200.3.32.2
    * bouncycastle-pg-1.79-150200.3.32.2
    * jsch-0.2.22-150200.11.16.2
    * bouncycastle-pkix-1.79-150200.3.32.2
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * bouncycastle-1.79-150200.3.32.2
    * ed25519-java-0.3.0-150200.5.6.1
    * bouncycastle-util-1.79-150200.3.32.2
    * bouncycastle-pg-1.79-150200.3.32.2
    * jsch-0.2.22-150200.11.16.2
    * bouncycastle-pkix-1.79-150200.3.32.2
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * bouncycastle-1.79-150200.3.32.2
    * ed25519-java-0.3.0-150200.5.6.1
    * bouncycastle-util-1.79-150200.3.32.2
    * bouncycastle-pg-1.79-150200.3.32.2
    * jsch-0.2.22-150200.11.16.2
    * bouncycastle-pkix-1.79-150200.3.32.2
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * bouncycastle-1.79-150200.3.32.2
    * ed25519-java-0.3.0-150200.5.6.1
    * bouncycastle-util-1.79-150200.3.32.2
    * bouncycastle-pg-1.79-150200.3.32.2
    * jsch-0.2.22-150200.11.16.2
    * bouncycastle-pkix-1.79-150200.3.32.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * bouncycastle-1.79-150200.3.32.2
    * ed25519-java-0.3.0-150200.5.6.1
    * bouncycastle-util-1.79-150200.3.32.2
    * bouncycastle-pg-1.79-150200.3.32.2
    * jsch-0.2.22-150200.11.16.2
    * bouncycastle-pkix-1.79-150200.3.32.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * bouncycastle-1.79-150200.3.32.2
    * ed25519-java-0.3.0-150200.5.6.1
    * bouncycastle-util-1.79-150200.3.32.2
    * bouncycastle-pg-1.79-150200.3.32.2
    * jsch-0.2.22-150200.11.16.2
    * bouncycastle-pkix-1.79-150200.3.32.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * bouncycastle-1.79-150200.3.32.2
    * ed25519-java-0.3.0-150200.5.6.1
    * bouncycastle-util-1.79-150200.3.32.2
    * bouncycastle-pg-1.79-150200.3.32.2
    * jsch-0.2.22-150200.11.16.2
    * bouncycastle-pkix-1.79-150200.3.32.2
  * SUSE Enterprise Storage 7.1 (noarch)
    * bouncycastle-1.79-150200.3.32.2
    * ed25519-java-0.3.0-150200.5.6.1
    * bouncycastle-util-1.79-150200.3.32.2
    * bouncycastle-pg-1.79-150200.3.32.2
    * jsch-0.2.22-150200.11.16.2
    * bouncycastle-pkix-1.79-150200.3.32.2

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250212/4fe4f841/attachment.htm>

From null at suse.de  Wed Feb 12 08:30:19 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 12 Feb 2025 08:30:19 -0000
Subject: SUSE-RU-2025:0437-1: important: Recommended update for
 python-instance-billing-flavor-check
Message-ID: <173934901935.21757.7206210600474103560@smelt2.prg2.suse.org>



# Recommended update for python-instance-billing-flavor-check

Announcement ID: SUSE-RU-2025:0437-1  
Release Date: 2025-02-12T05:04:47Z  
Rating: important  
References:

  * bsc#1234444

  
Affected Products:

  * openSUSE Leap 15.6
  * Public Cloud Module 15-SP3
  * Public Cloud Module 15-SP4
  * Public Cloud Module 15-SP5
  * Public Cloud Module 15-SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Manager Proxy 4.2
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.2
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.2
  * SUSE Manager Server 4.3

  
  
An update that has one fix can now be installed.

## Description:

This update for python-instance-billing-flavor-check fixes the following issues:

  * Improve detection of IPv4 and IPv6 network setup and use appropriate IP
    version to access the update servers (bsc#1234444)
  * Improve reliability of flavor detection, use cached value in case of timeout
    (bsc#1234444)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-437=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-437=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-437=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-437=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-437=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-437=1

  * Public Cloud Module 15-SP3  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2025-437=1

  * Public Cloud Module 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-437=1

  * Public Cloud Module 15-SP5  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2025-437=1

  * Public Cloud Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-437=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * python-instance-billing-flavor-check-0.1.2-150000.1.17.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * python-instance-billing-flavor-check-0.1.2-150000.1.17.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * python-instance-billing-flavor-check-0.1.2-150000.1.17.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * python-instance-billing-flavor-check-0.1.2-150000.1.17.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * python-instance-billing-flavor-check-0.1.2-150000.1.17.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * python-instance-billing-flavor-check-0.1.2-150000.1.17.1
  * Public Cloud Module 15-SP3 (aarch64 ppc64le s390x x86_64)
    * python-instance-billing-flavor-check-0.1.2-150000.1.17.1
  * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64)
    * python-instance-billing-flavor-check-0.1.2-150000.1.17.1
  * Public Cloud Module 15-SP5 (aarch64 ppc64le s390x x86_64)
    * python-instance-billing-flavor-check-0.1.2-150000.1.17.1
  * Public Cloud Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * python-instance-billing-flavor-check-0.1.2-150000.1.17.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1234444

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250212/cc386b89/attachment.htm>

From null at suse.de  Wed Feb 12 08:30:21 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 12 Feb 2025 08:30:21 -0000
Subject: SUSE-RU-2025:0436-1: important: Recommended update for
 python-instance-billing-flavor-check
Message-ID: <173934902144.21757.7880017302853661482@smelt2.prg2.suse.org>



# Recommended update for python-instance-billing-flavor-check

Announcement ID: SUSE-RU-2025:0436-1  
Release Date: 2025-02-12T05:03:55Z  
Rating: important  
References:

  * bsc#1234444

  
Affected Products:

  * Public Cloud Module 12
  * SUSE Linux Enterprise High Performance Computing 12 SP2
  * SUSE Linux Enterprise High Performance Computing 12 SP3
  * SUSE Linux Enterprise High Performance Computing 12 SP4
  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12
  * SUSE Linux Enterprise Server 12 SP1
  * SUSE Linux Enterprise Server 12 SP2
  * SUSE Linux Enterprise Server 12 SP3
  * SUSE Linux Enterprise Server 12 SP4
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server for SAP Applications 12
  * SUSE Linux Enterprise Server for SAP Applications 12 SP1
  * SUSE Linux Enterprise Server for SAP Applications 12 SP2
  * SUSE Linux Enterprise Server for SAP Applications 12 SP3
  * SUSE Linux Enterprise Server for SAP Applications 12 SP4
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that has one fix can now be installed.

## Description:

This update for python-instance-billing-flavor-check fixes the following issues:

  * Improve detection of IPv4 and IPv6 network setup and use appropriate IP
    version to access the update servers (bsc#1234444)
  * Improve reliability of flavor detection, use cached value in case of timeout
    (bsc#1234444)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * Public Cloud Module 12  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2025-436=1

## Package List:

  * Public Cloud Module 12 (aarch64 ppc64le s390x x86_64)
    * python-instance-billing-flavor-check-0.1.2-1.17.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1234444

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250212/4a6dc2aa/attachment.htm>

From null at suse.de  Wed Feb 12 12:30:05 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 12 Feb 2025 12:30:05 -0000
Subject: SUSE-SU-2025:0452-1: important: Security update for the Linux Kernel
 (Live Patch 49 for SLE 15 SP3)
Message-ID: <173936340565.21757.12414736977076724423@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 49 for SLE 15 SP3)

Announcement ID: SUSE-SU-2025:0452-1  
Release Date: 2025-02-12T11:33:37Z  
Rating: important  
References:

  * bsc#1230998
  * bsc#1231993

  
Cross-References:

  * CVE-2024-45016
  * CVE-2024-47684

  
CVSS scores:

  * CVE-2024-45016 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45016 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47684 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * openSUSE Leap 15.3
  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise Live Patching 12-SP5
  * SUSE Linux Enterprise Live Patching 15-SP3
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 5.3.18-150300_59_179 fixes several issues.

The following security issues were fixed:

  * CVE-2024-45016: netem: fix return value if duplicate enqueue fails
    (bsc#1230998).
  * CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us()
    (bsc#1231993).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Live Patching 12-SP5  
    zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-452=1

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-454=1

  * SUSE Linux Enterprise Live Patching 15-SP3  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-454=1

## Package List:

  * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64)
    * kgraft-patch-4_12_14-122_222-default-5-2.1
  * openSUSE Leap 15.3 (ppc64le s390x x86_64)
    * kernel-livepatch-5_3_18-150300_59_179-default-3-150300.2.1
    * kernel-livepatch-SLE15-SP3_Update_49-debugsource-3-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_179-default-debuginfo-3-150300.2.1
  * openSUSE Leap 15.3 (x86_64)
    * kernel-livepatch-5_3_18-150300_59_179-preempt-3-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_179-preempt-debuginfo-3-150300.2.1
  * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64)
    * kernel-livepatch-5_3_18-150300_59_179-default-3-150300.2.1
    * kernel-livepatch-SLE15-SP3_Update_49-debugsource-3-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_179-default-debuginfo-3-150300.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-45016.html
  * https://www.suse.com/security/cve/CVE-2024-47684.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1230998
  * https://bugzilla.suse.com/show_bug.cgi?id=1231993

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250212/3bfee9c7/attachment.htm>

From null at suse.de  Wed Feb 12 12:30:12 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 12 Feb 2025 12:30:12 -0000
Subject: SUSE-SU-2025:0455-1: important: Security update for the Linux Kernel
 (Live Patch 26 for SLE 15 SP4)
Message-ID: <173936341290.21757.949773238082055594@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP4)

Announcement ID: SUSE-SU-2025:0455-1  
Release Date: 2025-02-12T11:33:44Z  
Rating: important  
References:

  * bsc#1229644
  * bsc#1229663
  * bsc#1230998
  * bsc#1231993

  
Cross-References:

  * CVE-2022-48912
  * CVE-2022-48923
  * CVE-2024-45016
  * CVE-2024-47684

  
CVSS scores:

  * CVE-2022-48912 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48912 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48923 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2022-48923 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48923 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-45016 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45016 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47684 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise Live Patching 15-SP4
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Real Time 15 SP4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4

  
  
An update that solves four vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 5.14.21-150400_24_119 fixes several issues.

The following security issues were fixed:

  * CVE-2024-45016: netem: fix return value if duplicate enqueue fails
    (bsc#1230998).
  * CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641)
  * CVE-2022-48923: btrfs: prevent copying too big compressed lzo segment
    (bsc#1229662)
  * CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us()
    (bsc#1231993).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-450=1 SUSE-2025-451=1 SUSE-2025-455=1

  * SUSE Linux Enterprise Live Patching 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-455=1 SUSE-SLE-
Module-Live-Patching-15-SP4-2025-450=1 SUSE-SLE-Module-Live-
Patching-15-SP4-2025-451=1

## Package List:

  * openSUSE Leap 15.4 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP4_Update_26-debugsource-11-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_119-default-11-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_22-debugsource-15-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_108-default-debuginfo-14-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_108-default-14-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_103-default-debuginfo-15-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_23-debugsource-14-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_119-default-debuginfo-11-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1
  * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP4_Update_26-debugsource-11-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_119-default-11-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_22-debugsource-15-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_108-default-debuginfo-14-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_108-default-14-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_103-default-debuginfo-15-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_23-debugsource-14-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_119-default-debuginfo-11-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_103-default-15-150400.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2022-48912.html
  * https://www.suse.com/security/cve/CVE-2022-48923.html
  * https://www.suse.com/security/cve/CVE-2024-45016.html
  * https://www.suse.com/security/cve/CVE-2024-47684.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1229644
  * https://bugzilla.suse.com/show_bug.cgi?id=1229663
  * https://bugzilla.suse.com/show_bug.cgi?id=1230998
  * https://bugzilla.suse.com/show_bug.cgi?id=1231993

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250212/46863ee3/attachment.htm>

From null at suse.de  Wed Feb 12 12:30:17 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 12 Feb 2025 12:30:17 -0000
Subject: SUSE-SU-2025:0449-1: important: Security update for the Linux Kernel
 (Live Patch 47 for SLE 15 SP3)
Message-ID: <173936341721.21757.10425891495400573108@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 47 for SLE 15 SP3)

Announcement ID: SUSE-SU-2025:0449-1  
Release Date: 2025-02-12T11:33:31Z  
Rating: important  
References:

  * bsc#1229644
  * bsc#1230998
  * bsc#1231993

  
Cross-References:

  * CVE-2022-48912
  * CVE-2024-45016
  * CVE-2024-47684

  
CVSS scores:

  * CVE-2022-48912 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48912 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45016 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45016 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47684 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * openSUSE Leap 15.3
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise Live Patching 15-SP3
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3

  
  
An update that solves three vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 5.3.18-150300_59_170 fixes several issues.

The following security issues were fixed:

  * CVE-2024-45016: netem: fix return value if duplicate enqueue fails
    (bsc#1230998).
  * CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641)
  * CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us()
    (bsc#1231993).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-449=1 SUSE-2025-453=1

  * SUSE Linux Enterprise Live Patching 15-SP3  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-449=1 SUSE-SLE-
Module-Live-Patching-15-SP3-2025-453=1

## Package List:

  * openSUSE Leap 15.3 (ppc64le s390x x86_64)
    * kernel-livepatch-5_3_18-150300_59_161-default-debuginfo-11-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_170-default-debuginfo-5-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_161-default-11-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_170-default-5-150300.2.1
    * kernel-livepatch-SLE15-SP3_Update_47-debugsource-5-150300.2.1
    * kernel-livepatch-SLE15-SP3_Update_44-debugsource-11-150300.2.1
  * openSUSE Leap 15.3 (x86_64)
    * kernel-livepatch-5_3_18-150300_59_161-preempt-11-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_170-preempt-5-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo-11-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_170-preempt-debuginfo-5-150300.2.1
  * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64)
    * kernel-livepatch-5_3_18-150300_59_170-default-debuginfo-5-150300.2.1
    * kernel-livepatch-SLE15-SP3_Update_47-debugsource-5-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_161-default-11-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_170-default-5-150300.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2022-48912.html
  * https://www.suse.com/security/cve/CVE-2024-45016.html
  * https://www.suse.com/security/cve/CVE-2024-47684.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1229644
  * https://bugzilla.suse.com/show_bug.cgi?id=1230998
  * https://bugzilla.suse.com/show_bug.cgi?id=1231993

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250212/cfb736cc/attachment.htm>

From null at suse.de  Wed Feb 12 16:30:08 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 12 Feb 2025 16:30:08 -0000
Subject: SUSE-SU-2025:0476-1: important: Security update for the Linux Kernel
 (Live Patch 5 for SLE 15 SP6)
Message-ID: <173937780804.21757.4524574882956283203@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP6)

Announcement ID: SUSE-SU-2025:0476-1  
Release Date: 2025-02-12T14:33:48Z  
Rating: important  
References:

  * bsc#1230998
  * bsc#1231993

  
Cross-References:

  * CVE-2024-45016
  * CVE-2024-47684

  
CVSS scores:

  * CVE-2024-45016 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45016 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47684 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise Live Patching 15-SP4
  * SUSE Linux Enterprise Live Patching 15-SP6
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Real Time 15 SP4
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 6.4.0-150600_23_25 fixes several issues.

The following security issues were fixed:

  * CVE-2024-45016: netem: fix return value if duplicate enqueue fails
    (bsc#1230998).
  * CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us()
    (bsc#1231993).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Live Patching 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-470=1 SUSE-SLE-
Module-Live-Patching-15-SP6-2025-471=1 SUSE-SLE-Module-Live-
Patching-15-SP6-2025-478=1 SUSE-SLE-Module-Live-Patching-15-SP6-2025-477=1 SUSE-
SLE-Module-Live-Patching-15-SP6-2025-468=1 SUSE-SLE-Module-Live-
Patching-15-SP6-2025-469=1

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-471=1 SUSE-2025-478=1 SUSE-2025-477=1
SUSE-2025-468=1 SUSE-2025-469=1 SUSE-2025-470=1

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-476=1

  * SUSE Linux Enterprise Live Patching 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-476=1

## Package List:

  * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64)
    * kernel-livepatch-6_4_0-150600_23_17-default-8-150600.2.1
    * kernel-livepatch-SLE15-SP6_Update_3-debugsource-8-150600.2.1
    * kernel-livepatch-6_4_0-150600_21-default-10-150600.4.22.1
    * kernel-livepatch-SLE15-SP6_Update_1-debugsource-8-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_14-default-debuginfo-8-150600.2.1
    * kernel-livepatch-SLE15-SP6_Update_0-debugsource-10-150600.4.22.1
    * kernel-livepatch-SLE15-SP6_Update_4-debugsource-4-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_17-default-debuginfo-8-150600.2.1
    * kernel-livepatch-SLE15-SP6_Update_2-debugsource-8-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_14-default-8-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_7-default-debuginfo-8-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_7-default-8-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_22-default-debuginfo-4-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_22-default-4-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_25-default-debuginfo-3-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_25-default-3-150600.2.1
    * kernel-livepatch-6_4_0-150600_21-default-debuginfo-10-150600.4.22.1
    * kernel-livepatch-SLE15-SP6_Update_5-debugsource-3-150600.2.1
  * openSUSE Leap 15.6 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP6_Update_1-debugsource-8-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_14-default-debuginfo-8-150600.2.1
    * kernel-livepatch-6_4_0-150600_21-default-10-150600.4.22.1
    * kernel-livepatch-6_4_0-150600_23_17-default-8-150600.2.1
    * kernel-livepatch-SLE15-SP6_Update_3-debugsource-8-150600.2.1
    * kernel-livepatch-SLE15-SP6_Update_0-debugsource-10-150600.4.22.1
    * kernel-livepatch-SLE15-SP6_Update_4-debugsource-4-150600.2.1
    * kernel-livepatch-SLE15-SP6_Update_2-debugsource-8-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_17-default-debuginfo-8-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_14-default-8-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_7-default-debuginfo-8-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_7-default-8-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_22-default-debuginfo-4-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_22-default-4-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_25-default-debuginfo-3-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_25-default-3-150600.2.1
    * kernel-livepatch-6_4_0-150600_21-default-debuginfo-10-150600.4.22.1
    * kernel-livepatch-SLE15-SP6_Update_5-debugsource-3-150600.2.1
  * openSUSE Leap 15.4 (ppc64le s390x x86_64)
    * kernel-livepatch-5_14_21-150400_24_136-default-3-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_32-debugsource-3-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_136-default-debuginfo-3-150400.2.1
  * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
    * kernel-livepatch-5_14_21-150400_24_136-default-3-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_32-debugsource-3-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_136-default-debuginfo-3-150400.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-45016.html
  * https://www.suse.com/security/cve/CVE-2024-47684.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1230998
  * https://bugzilla.suse.com/show_bug.cgi?id=1231993

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250212/335c6ace/attachment.htm>

From null at suse.de  Wed Feb 12 16:30:13 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 12 Feb 2025 16:30:13 -0000
Subject: SUSE-SU-2025:0465-1: important: Security update for the Linux Kernel
 (Live Patch 15 for SLE 15 SP5)
Message-ID: <173937781376.21757.6197043465168847481@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP5)

Announcement ID: SUSE-SU-2025:0465-1  
Release Date: 2025-02-12T13:33:36Z  
Rating: important  
References:

  * bsc#1229644
  * bsc#1230998
  * bsc#1231993

  
Cross-References:

  * CVE-2022-48912
  * CVE-2024-45016
  * CVE-2024-47684

  
CVSS scores:

  * CVE-2022-48912 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48912 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45016 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45016 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47684 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * openSUSE Leap 15.3
  * openSUSE Leap 15.5
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise Live Patching 15-SP3
  * SUSE Linux Enterprise Live Patching 15-SP5
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP5
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5

  
  
An update that solves three vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 5.14.21-150500_55_68 fixes several issues.

The following security issues were fixed:

  * CVE-2024-45016: netem: fix return value if duplicate enqueue fails
    (bsc#1230998).
  * CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641)
  * CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us()
    (bsc#1231993).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-466=1 SUSE-2025-461=1 SUSE-2025-465=1
SUSE-2025-472=1

  * SUSE Linux Enterprise Live Patching 15-SP3  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-472=1 SUSE-SLE-
Module-Live-Patching-15-SP3-2025-466=1 SUSE-SLE-Module-Live-
Patching-15-SP3-2025-461=1 SUSE-SLE-Module-Live-Patching-15-SP3-2025-465=1

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-464=1

  * SUSE Linux Enterprise Live Patching 15-SP5  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-464=1

## Package List:

  * openSUSE Leap 15.3 (ppc64le s390x x86_64)
    * kernel-livepatch-5_3_18-150300_59_153-default-debuginfo-13-150300.2.1
    * kernel-livepatch-SLE15-SP3_Update_43-debugsource-12-150300.2.1
    * kernel-livepatch-SLE15-SP3_Update_41-debugsource-16-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_158-default-debuginfo-12-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_158-default-12-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_167-default-debuginfo-7-150300.2.1
    * kernel-livepatch-SLE15-SP3_Update_46-debugsource-7-150300.2.1
    * kernel-livepatch-SLE15-SP3_Update_42-debugsource-13-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_167-default-7-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_150-default-debuginfo-16-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_150-default-16-150300.2.1
  * openSUSE Leap 15.3 (x86_64)
    * kernel-livepatch-5_3_18-150300_59_150-preempt-debuginfo-16-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_153-preempt-13-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_167-preempt-debuginfo-7-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_167-preempt-7-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_150-preempt-16-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_153-preempt-debuginfo-13-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo-12-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_158-preempt-12-150300.2.1
  * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64)
    * kernel-livepatch-5_3_18-150300_59_153-default-13-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_167-default-7-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_158-default-12-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_150-default-16-150300.2.1
  * openSUSE Leap 15.5 (ppc64le s390x x86_64)
    * kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_68-default-debuginfo-9-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_15-debugsource-9-150500.2.1
  * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64)
    * kernel-livepatch-5_14_21-150500_55_68-default-9-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_68-default-debuginfo-9-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_15-debugsource-9-150500.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2022-48912.html
  * https://www.suse.com/security/cve/CVE-2024-45016.html
  * https://www.suse.com/security/cve/CVE-2024-47684.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1229644
  * https://bugzilla.suse.com/show_bug.cgi?id=1230998
  * https://bugzilla.suse.com/show_bug.cgi?id=1231993

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250212/b9b5dc66/attachment.htm>

From null at suse.de  Wed Feb 12 16:30:18 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 12 Feb 2025 16:30:18 -0000
Subject: SUSE-SU-2025:0462-1: important: Security update for the Linux Kernel
 (Live Patch 14 for SLE 15 SP5)
Message-ID: <173937781852.21757.3264757159448968541@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP5)

Announcement ID: SUSE-SU-2025:0462-1  
Release Date: 2025-02-12T15:33:27Z  
Rating: important  
References:

  * bsc#1229644
  * bsc#1229663
  * bsc#1230998
  * bsc#1231993

  
Cross-References:

  * CVE-2022-48912
  * CVE-2022-48923
  * CVE-2024-45016
  * CVE-2024-47684

  
CVSS scores:

  * CVE-2022-48912 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48912 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48923 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2022-48923 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48923 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-45016 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45016 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47684 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * openSUSE Leap 15.5
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise Live Patching 15-SP4
  * SUSE Linux Enterprise Live Patching 15-SP5
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP4
  * SUSE Linux Enterprise Real Time 15 SP5
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5

  
  
An update that solves four vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 5.14.21-150500_55_65 fixes several issues.

The following security issues were fixed:

  * CVE-2024-45016: netem: fix return value if duplicate enqueue fails
    (bsc#1230998).
  * CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641)
  * CVE-2022-48923: btrfs: prevent copying too big compressed lzo segment
    (bsc#1229662)
  * CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us()
    (bsc#1231993).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Live Patching 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-479=1 SUSE-SLE-
Module-Live-Patching-15-SP4-2025-459=1 SUSE-SLE-Module-Live-
Patching-15-SP4-2025-462=1 SUSE-SLE-Module-Live-Patching-15-SP4-2025-475=1

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-459=1 SUSE-2025-462=1 SUSE-2025-475=1
SUSE-2025-479=1

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-480=1 SUSE-2025-463=1 SUSE-2025-467=1
SUSE-2025-473=1 SUSE-2025-460=1

  * SUSE Linux Enterprise Live Patching 15-SP5  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-480=1 SUSE-SLE-
Module-Live-Patching-15-SP5-2025-463=1 SUSE-SLE-Module-Live-
Patching-15-SP5-2025-467=1 SUSE-SLE-Module-Live-Patching-15-SP5-2025-473=1 SUSE-
SLE-Module-Live-Patching-15-SP5-2025-460=1

## Package List:

  * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
    * kernel-livepatch-5_14_21-150400_24_116-default-debuginfo-12-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_122-default-debuginfo-9-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_24-debugsource-12-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_27-debugsource-9-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_116-default-12-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_128-default-4-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_111-default-12-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_111-default-debuginfo-12-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_128-default-debuginfo-4-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_29-debugsource-4-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_25-debugsource-12-150400.2.1
  * openSUSE Leap 15.4 (ppc64le s390x x86_64)
    * kernel-livepatch-5_14_21-150400_24_116-default-debuginfo-12-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_122-default-debuginfo-9-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_24-debugsource-12-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_27-debugsource-9-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_116-default-12-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_128-default-4-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_122-default-9-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_111-default-12-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_111-default-debuginfo-12-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_128-default-debuginfo-4-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_29-debugsource-4-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_25-debugsource-12-150400.2.1
  * openSUSE Leap 15.5 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP5_Update_12-debugsource-12-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_11-debugsource-12-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_59-default-debuginfo-12-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_62-default-10-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_13-debugsource-10-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_65-default-debuginfo-10-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_14-debugsource-10-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_62-default-debuginfo-10-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_52-default-debuginfo-12-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_44-default-debuginfo-16-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_65-default-10-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_9-debugsource-16-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_52-default-12-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_59-default-12-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1
  * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP5_Update_12-debugsource-12-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_11-debugsource-12-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_59-default-debuginfo-12-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_62-default-10-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_13-debugsource-10-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_65-default-debuginfo-10-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_14-debugsource-10-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_62-default-debuginfo-10-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_52-default-debuginfo-12-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_44-default-debuginfo-16-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_65-default-10-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_9-debugsource-16-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_52-default-12-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_59-default-12-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_44-default-16-150500.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2022-48912.html
  * https://www.suse.com/security/cve/CVE-2022-48923.html
  * https://www.suse.com/security/cve/CVE-2024-45016.html
  * https://www.suse.com/security/cve/CVE-2024-47684.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1229644
  * https://bugzilla.suse.com/show_bug.cgi?id=1229663
  * https://bugzilla.suse.com/show_bug.cgi?id=1230998
  * https://bugzilla.suse.com/show_bug.cgi?id=1231993

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250212/90a17597/attachment.htm>

From null at suse.de  Wed Feb 12 16:30:22 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 12 Feb 2025 16:30:22 -0000
Subject: SUSE-RU-2025:0484-1: moderate: Recommended update for pam_u2f
Message-ID: <173937782288.21757.13407676119630564556@smelt2.prg2.suse.org>



# Recommended update for pam_u2f

Announcement ID: SUSE-RU-2025:0484-1  
Release Date: 2025-02-12T15:46:38Z  
Rating: moderate  
References:

  * bsc#1235961

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4

  
  
An update that has one fix can now be installed.

## Description:

This update for pam_u2f fixes the following issues:

  * Relax authentication file permission check to a warning instead of an error
    to prevent a breaking change locking existing users out of their systems
    (bsc#1235961).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-484=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-484=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-484=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-484=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-484=1

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-484=1

## Package List:

  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * pam_u2f-debuginfo-1.2.0-150400.4.8.1
    * pam_u2f-1.2.0-150400.4.8.1
    * pam_u2f-debugsource-1.2.0-150400.4.8.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * pam_u2f-debuginfo-1.2.0-150400.4.8.1
    * pam_u2f-1.2.0-150400.4.8.1
    * pam_u2f-debugsource-1.2.0-150400.4.8.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * pam_u2f-debuginfo-1.2.0-150400.4.8.1
    * pam_u2f-1.2.0-150400.4.8.1
    * pam_u2f-debugsource-1.2.0-150400.4.8.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * pam_u2f-debuginfo-1.2.0-150400.4.8.1
    * pam_u2f-1.2.0-150400.4.8.1
    * pam_u2f-debugsource-1.2.0-150400.4.8.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * pam_u2f-debuginfo-1.2.0-150400.4.8.1
    * pam_u2f-1.2.0-150400.4.8.1
    * pam_u2f-debugsource-1.2.0-150400.4.8.1
  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * pam_u2f-debuginfo-1.2.0-150400.4.8.1
    * pam_u2f-1.2.0-150400.4.8.1
    * pam_u2f-debugsource-1.2.0-150400.4.8.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1235961

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250212/3784ff80/attachment.htm>

From null at suse.de  Wed Feb 12 16:30:26 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 12 Feb 2025 16:30:26 -0000
Subject: SUSE-RU-2025:0483-1: moderate: Recommended update for pam_u2f
Message-ID: <173937782682.21757.6709791866611038570@smelt2.prg2.suse.org>



# Recommended update for pam_u2f

Announcement ID: SUSE-RU-2025:0483-1  
Release Date: 2025-02-12T15:46:14Z  
Rating: moderate  
References:

  * bsc#1235961

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that has one fix can now be installed.

## Description:

This update for pam_u2f fixes the following issues:

  * Relax authentication file permission check to a warning instead of an error
    to prevent a breaking change locking existing users out of their systems
    (bsc#1235961).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-483=1 openSUSE-SLE-15.6-2025-483=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-483=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * pam_u2f-1.2.0-150600.10.8.1
    * pam_u2f-debuginfo-1.2.0-150600.10.8.1
    * pam_u2f-debugsource-1.2.0-150600.10.8.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * pam_u2f-1.2.0-150600.10.8.1
    * pam_u2f-debuginfo-1.2.0-150600.10.8.1
    * pam_u2f-debugsource-1.2.0-150600.10.8.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1235961

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250212/049add09/attachment.htm>

From null at suse.de  Wed Feb 12 16:30:29 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 12 Feb 2025 16:30:29 -0000
Subject: SUSE-RU-2025:0482-1: moderate: Recommended update for smt
Message-ID: <173937782957.21757.1983925459889731637@smelt2.prg2.suse.org>



# Recommended update for smt

Announcement ID: SUSE-RU-2025:0482-1  
Release Date: 2025-02-12T15:46:02Z  
Rating: moderate  
References:

  * bsc#1228604
  * bsc#1234336

  
Affected Products:

  * Public Cloud Module 12
  * SUSE Linux Enterprise High Performance Computing 12 SP2
  * SUSE Linux Enterprise High Performance Computing 12 SP3
  * SUSE Linux Enterprise High Performance Computing 12 SP4
  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12
  * SUSE Linux Enterprise Server 12 SP1
  * SUSE Linux Enterprise Server 12 SP2
  * SUSE Linux Enterprise Server 12 SP3
  * SUSE Linux Enterprise Server 12 SP4
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12
  * SUSE Linux Enterprise Server for SAP Applications 12 SP1
  * SUSE Linux Enterprise Server for SAP Applications 12 SP2
  * SUSE Linux Enterprise Server for SAP Applications 12 SP3
  * SUSE Linux Enterprise Server for SAP Applications 12 SP4
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that has two fixes can now be installed.

## Description:

This update for smt fixes the following issues:

  * Create db user if it doesn't exist before granting database permission
    (bsc#1228604)
  * Identify dl.suse.com as SUSE owned host when updating repository information
    (bsc#1234336)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * Public Cloud Module 12  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2025-482=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-482=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-482=1

## Package List:

  * Public Cloud Module 12 (aarch64 ppc64le s390x x86_64)
    * smt-ha-3.0.51-52.54.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * smt-support-3.0.51-52.54.1
    * smt-debuginfo-3.0.51-52.54.1
    * smt-3.0.51-52.54.1
    * res-signingkeys-3.0.51-52.54.1
    * smt-debugsource-3.0.51-52.54.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * smt-support-3.0.51-52.54.1
    * smt-debuginfo-3.0.51-52.54.1
    * smt-3.0.51-52.54.1
    * res-signingkeys-3.0.51-52.54.1
    * smt-debugsource-3.0.51-52.54.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1228604
  * https://bugzilla.suse.com/show_bug.cgi?id=1234336

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250212/344eeb2b/attachment.htm>

From null at suse.de  Wed Feb 12 16:30:31 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 12 Feb 2025 16:30:31 -0000
Subject: SUSE-OU-2025:0481-1: low: Optional update for python-netaddr
Message-ID: <173937783146.21757.15613884866141024605@smelt2.prg2.suse.org>



# Optional update for python-netaddr

Announcement ID: SUSE-OU-2025:0481-1  
Release Date: 2025-02-12T15:45:46Z  
Rating: low  
References:

  * bsc#1236395

  
Affected Products:

  * openSUSE Leap 15.4
  * openSUSE Leap 15.6
  * Python 3 Module 15-SP6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that has one fix can now be installed.

## Description:

This update for python-netaddr fixes the following issues:

  * Add python311-netaddr (bsc#1236395)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * Python 3 Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2025-481=1

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-481=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-481=1

## Package List:

  * Python 3 Module 15-SP6 (noarch)
    * python311-netaddr-1.2.1-150400.11.5.1
  * openSUSE Leap 15.4 (noarch)
    * python311-netaddr-1.2.1-150400.11.5.1
  * openSUSE Leap 15.6 (noarch)
    * python311-netaddr-1.2.1-150400.11.5.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1236395

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250212/371206ae/attachment.htm>

From null at suse.de  Wed Feb 12 16:30:33 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 12 Feb 2025 16:30:33 -0000
Subject: SUSE-RU-2025:0474-1: moderate: Recommended update for rust
Message-ID: <173937783351.21757.11379115064068910235@smelt2.prg2.suse.org>



# Recommended update for rust

Announcement ID: SUSE-RU-2025:0474-1  
Release Date: 2025-02-12T14:00:50Z  
Rating: moderate  
References:

  * jsc#PED-11411
  * jsc#SLE-18626

  
Affected Products:

  * Development Tools Module 15-SP6
  * openSUSE Leap 15.3
  * openSUSE Leap 15.4
  * openSUSE Leap 15.5
  * openSUSE Leap 15.6
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that contains two features can now be installed.

## Description:

This update for rust fixes the following issues:

  * Update to version 1.84.0 - for details see the rust1.84 package

# Version 1.84.0 (2025-01-09)

## Language

  * Allow `#[deny]` inside `#[forbid]` as a no-op
  * Show a warning when `-Ctarget-feature` is used to toggle features that can
    lead to unsoundness due to ABI mismatches
  * Use the next-generation trait solver in coherence
  * Allow coercions to drop the principal of trait objects
  * Support `/` as the path separator for `include!()` in all cases on Windows
  * Taking a raw ref (`raw (const|mut)`) of a deref of a pointer (`*ptr`) is now
    safe
  * Stabilize s390x inline assembly
  * Stabilize Arm64EC inline assembly
  * Lint against creating pointers to immediately dropped temporaries
  * Execute drop glue when unwinding in an `extern &quot;C&quot;` function

## Compiler

  * Add `--print host-tuple` flag to print the host target tuple and affirm the
    "target tuple" terminology over "target triple"
  * Declaring functions with a calling convention not supported on the current
    target now triggers a hard error
  * Set up indirect access to external data for `loongarch64-unknown-
    linux-{musl,ohos}`
  * Enable XRay instrumentation for LoongArch Linux targets
  * Extend the `unexpected_cfgs` lint to also warn in external macros
  * Stabilize WebAssembly `multivalue`, `reference-types`, and `tail-call`
    target features
  * Added Tier 2 support for the `wasm32v1-none` target

## Libraries

  * Implement `From&lt;&amp;mut {slice}&gt;` for `Box/Rc/Arc&lt;{slice}&gt;`
  * Move `&lt;float&gt;::copysign`, `&lt;float&gt;::abs`,
    `&lt;float&gt;::signum` to `core`
  * Add `LowerExp` and `UpperExp` implementations to `NonZero`
  * Implement `FromStr` for `CString` and `TryFrom&lt;CString&gt;` for `String`
  * `std::os::darwin` has been made public

## Stabilized APIs

  * `Ipv6Addr::is_unique_local` https://doc.rust-
    lang.org/stable/core/net/struct.Ipv6Addr.html#method.is_unique_local
  * `Ipv6Addr::is_unicast_link_local` https://doc.rust-
    lang.org/stable/core/net/struct.Ipv6Addr.html#method.is_unicast_link_local
  * `core::ptr::with_exposed_provenance` https://doc.rust-
    lang.org/stable/core/ptr/fn.with_exposed_provenance.html
  * `core::ptr::with_exposed_provenance_mut` https://doc.rust-
    lang.org/stable/core/ptr/fn.with_exposed_provenance_mut.html
  * `&lt;ptr&gt;::addr` https://doc.rust-
    lang.org/stable/core/primitive.pointer.html#method.addr
  * `&lt;ptr&gt;::expose_provenance` https://doc.rust-
    lang.org/stable/core/primitive.pointer.html#method.expose_provenance
  * `&lt;ptr&gt;::with_addr` https://doc.rust-
    lang.org/stable/core/primitive.pointer.html#method.with_addr
  * `&lt;ptr&gt;::map_addr` https://doc.rust-
    lang.org/stable/core/primitive.pointer.html#method.map_addr
  * `&lt;int&gt;::isqrt` https://doc.rust-
    lang.org/stable/core/primitive.i32.html#method.isqrt
  * `&lt;int&gt;::checked_isqrt` https://doc.rust-
    lang.org/stable/core/primitive.i32.html#method.checked_isqrt
  * `&lt;uint&gt;::isqrt` https://doc.rust-
    lang.org/stable/core/primitive.u32.html#method.isqrt
  * `NonZero::isqrt` https://doc.rust-
    lang.org/stable/core/num/struct.NonZero.html#impl-
    NonZero%3Cu128%3E/method.isqrt
  * `core::ptr::without_provenance` https://doc.rust-
    lang.org/stable/core/ptr/fn.without_provenance.html
  * `core::ptr::without_provenance_mut` https://doc.rust-
    lang.org/stable/core/ptr/fn.without_provenance_mut.html
  * `core::ptr::dangling` https://doc.rust-
    lang.org/stable/core/ptr/fn.dangling.html
  * `core::ptr::dangling_mut` https://doc.rust-
    lang.org/stable/core/ptr/fn.dangling_mut.html
  * `Pin::as_deref_mut` https://doc.rust-
    lang.org/stable/core/pin/struct.Pin.html#method.as_deref_mut

  * `AtomicBool::from_ptr` https://doc.rust-
    lang.org/stable/core/sync/atomic/struct.AtomicBool.html#method.from_ptr

  * `AtomicPtr::from_ptr` https://doc.rust-
    lang.org/stable/core/sync/atomic/struct.AtomicPtr.html#method.from_ptr
  * `AtomicU8::from_ptr` https://doc.rust-
    lang.org/stable/core/sync/atomic/struct.AtomicU8.html#method.from_ptr
  * `AtomicU16::from_ptr` https://doc.rust-
    lang.org/stable/core/sync/atomic/struct.AtomicU16.html#method.from_ptr
  * `AtomicU32::from_ptr` https://doc.rust-
    lang.org/stable/core/sync/atomic/struct.AtomicU32.html#method.from_ptr
  * `AtomicU64::from_ptr` https://doc.rust-
    lang.org/stable/core/sync/atomic/struct.AtomicU64.html#method.from_ptr
  * `AtomicUsize::from_ptr` https://doc.rust-
    lang.org/stable/core/sync/atomic/struct.AtomicUsize.html#method.from_ptr
  * `AtomicI8::from_ptr` https://doc.rust-
    lang.org/stable/core/sync/atomic/struct.AtomicI8.html#method.from_ptr
  * `AtomicI16::from_ptr` https://doc.rust-
    lang.org/stable/core/sync/atomic/struct.AtomicI16.html#method.from_ptr
  * `AtomicI32::from_ptr` https://doc.rust-
    lang.org/stable/core/sync/atomic/struct.AtomicI32.html#method.from_ptr
  * `AtomicI64::from_ptr` https://doc.rust-
    lang.org/stable/core/sync/atomic/struct.AtomicI64.html#method.from_ptr
  * `AtomicIsize::from_ptr` https://doc.rust-
    lang.org/stable/core/sync/atomic/struct.AtomicIsize.html#method.from_ptr
  * `&lt;ptr&gt;::is_null` https://doc.rust-
    lang.org/stable/core/primitive.pointer.html#method.is_null-1
  * `&lt;ptr&gt;::as_ref` https://doc.rust-
    lang.org/stable/core/primitive.pointer.html#method.as_ref-1
  * `&lt;ptr&gt;::as_mut` https://doc.rust-
    lang.org/stable/core/primitive.pointer.html#method.as_mut
  * `Pin::new` https://doc.rust-
    lang.org/stable/core/pin/struct.Pin.html#method.new
  * `Pin::new_unchecked` https://doc.rust-
    lang.org/stable/core/pin/struct.Pin.html#method.new_unchecked
  * `Pin::get_ref` https://doc.rust-
    lang.org/stable/core/pin/struct.Pin.html#method.get_ref
  * `Pin::into_ref` https://doc.rust-
    lang.org/stable/core/pin/struct.Pin.html#method.into_ref
  * `Pin::get_mut` https://doc.rust-
    lang.org/stable/core/pin/struct.Pin.html#method.get_mut
  * `Pin::get_unchecked_mut` https://doc.rust-
    lang.org/stable/core/pin/struct.Pin.html#method.get_unchecked_mut
  * `Pin::static_ref` https://doc.rust-
    lang.org/stable/core/pin/struct.Pin.html#method.static_ref
  * `Pin::static_mut` https://doc.rust-
    lang.org/stable/core/pin/struct.Pin.html#method.static_mut

## Cargo

  * Stabilize MSRV-aware resolver config
  * Stabilize resolver v3

## Rustdoc

  * rustdoc-search: improve type-driven search

## Compatibility Notes

  * Enable by default the `LSX` target feature for LoongArch Linux targets
  * The unstable `-Zprofile` flag (?gcov-style? coverage instrumentation) has
    been removed. This does not affect the stable flags for coverage
    instrumentation (`-Cinstrument-coverage`) and profile-guided optimization
    (`-Cprofile-generate`, `-Cprofile-use`), which are unrelated and remain
    available.
  * Support for the target named `wasm32-wasi` has been removed as the target is
    now named `wasm32-wasip1`. This completes the transition plan for this
    target following the introduction of `wasm32-wasip1` in Rust 1.78. Compiler
    warnings on use of `wasm32-wasi` introduced in Rust 1.81 are now gone as
    well as the target is removed.
  * The syntax `&amp;pin (mut|const) T` is now parsed as a type which in theory
    could affect macro expansion results in some edge cases
  * Legacy syntax for calling `std::arch` functions is no longer permitted to
    declare items or bodies (such as closures, inline consts, or async blocks).
  * Declaring functions with a calling convention not supported on the current
    target now triggers a hard error
  * The next-generation trait solver is now enabled for coherence, fixing
    multiple soundness issues

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-474=1

  * Development Tools Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-474=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-474=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-474=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-474=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-474=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-474=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-474=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-474=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-474=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-474=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-474=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-474=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-474=1

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-474=1

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-474=1

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-474=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * cargo1.84-1.84.0-150300.7.4.3
    * cargo1.84-debuginfo-1.84.0-150300.7.4.3
    * rust1.84-debuginfo-1.84.0-150300.7.4.3
    * rust-1.84.0-150500.27.30.1
    * cargo-1.84.0-150500.27.30.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 nosrc)
    * rust1.84-1.84.0-150300.7.4.3
  * openSUSE Leap 15.6 (noarch)
    * rust1.84-src-1.84.0-150300.7.4.3
  * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * cargo1.84-1.84.0-150300.7.4.3
    * cargo1.84-debuginfo-1.84.0-150300.7.4.3
    * rust1.84-debuginfo-1.84.0-150300.7.4.3
    * rust-1.84.0-150500.27.30.1
    * cargo-1.84.0-150500.27.30.1
  * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64 nosrc)
    * rust1.84-1.84.0-150300.7.4.3
  * Development Tools Module 15-SP6 (noarch)
    * rust1.84-src-1.84.0-150300.7.4.3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * cargo1.84-1.84.0-150300.7.4.3
    * cargo1.84-debuginfo-1.84.0-150300.7.4.3
    * rust1.84-debuginfo-1.84.0-150300.7.4.3
    * cargo-1.84.0-150300.21.46.1
    * rust-1.84.0-150300.21.46.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 nosrc
    x86_64)
    * rust1.84-1.84.0-150300.7.4.3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * rust1.84-src-1.84.0-150300.7.4.3
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 nosrc
    x86_64)
    * rust1.84-1.84.0-150300.7.4.3
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * cargo1.84-1.84.0-150300.7.4.3
    * cargo1.84-debuginfo-1.84.0-150300.7.4.3
    * rust1.84-debuginfo-1.84.0-150300.7.4.3
    * rust-1.84.0-150400.24.36.1
    * cargo-1.84.0-150400.24.36.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * rust1.84-src-1.84.0-150300.7.4.3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * cargo1.84-1.84.0-150300.7.4.3
    * cargo1.84-debuginfo-1.84.0-150300.7.4.3
    * rust1.84-debuginfo-1.84.0-150300.7.4.3
    * rust-1.84.0-150400.24.36.1
    * cargo-1.84.0-150400.24.36.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc
    x86_64)
    * rust1.84-1.84.0-150300.7.4.3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * rust1.84-src-1.84.0-150300.7.4.3
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * cargo1.84-1.84.0-150300.7.4.3
    * cargo1.84-debuginfo-1.84.0-150300.7.4.3
    * rust1.84-debuginfo-1.84.0-150300.7.4.3
    * rust-1.84.0-150500.27.30.1
    * cargo-1.84.0-150500.27.30.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 nosrc
    x86_64)
    * rust1.84-1.84.0-150300.7.4.3
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * rust1.84-src-1.84.0-150300.7.4.3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * cargo1.84-1.84.0-150300.7.4.3
    * cargo1.84-debuginfo-1.84.0-150300.7.4.3
    * rust1.84-debuginfo-1.84.0-150300.7.4.3
    * rust-1.84.0-150500.27.30.1
    * cargo-1.84.0-150500.27.30.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 nosrc
    x86_64)
    * rust1.84-1.84.0-150300.7.4.3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * rust1.84-src-1.84.0-150300.7.4.3
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * cargo1.84-1.84.0-150300.7.4.3
    * cargo1.84-debuginfo-1.84.0-150300.7.4.3
    * rust1.84-debuginfo-1.84.0-150300.7.4.3
    * cargo-1.84.0-150300.21.46.1
    * rust-1.84.0-150300.21.46.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64
    nosrc)
    * rust1.84-1.84.0-150300.7.4.3
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * rust1.84-src-1.84.0-150300.7.4.3
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * cargo1.84-1.84.0-150300.7.4.3
    * cargo1.84-debuginfo-1.84.0-150300.7.4.3
    * rust1.84-debuginfo-1.84.0-150300.7.4.3
    * rust-1.84.0-150400.24.36.1
    * cargo-1.84.0-150400.24.36.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64
    nosrc)
    * rust1.84-1.84.0-150300.7.4.3
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * rust1.84-src-1.84.0-150300.7.4.3
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * cargo1.84-1.84.0-150300.7.4.3
    * cargo1.84-debuginfo-1.84.0-150300.7.4.3
    * rust1.84-debuginfo-1.84.0-150300.7.4.3
    * rust-1.84.0-150500.27.30.1
    * cargo-1.84.0-150500.27.30.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64
    nosrc)
    * rust1.84-1.84.0-150300.7.4.3
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * rust1.84-src-1.84.0-150300.7.4.3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * cargo1.84-1.84.0-150300.7.4.3
    * cargo1.84-debuginfo-1.84.0-150300.7.4.3
    * rust1.84-debuginfo-1.84.0-150300.7.4.3
    * cargo-1.84.0-150300.21.46.1
    * rust-1.84.0-150300.21.46.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc ppc64le
    x86_64)
    * rust1.84-1.84.0-150300.7.4.3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * rust1.84-src-1.84.0-150300.7.4.3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * cargo1.84-1.84.0-150300.7.4.3
    * cargo1.84-debuginfo-1.84.0-150300.7.4.3
    * rust1.84-debuginfo-1.84.0-150300.7.4.3
    * rust-1.84.0-150400.24.36.1
    * cargo-1.84.0-150400.24.36.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (nosrc ppc64le
    x86_64)
    * rust1.84-1.84.0-150300.7.4.3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * rust1.84-src-1.84.0-150300.7.4.3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * cargo1.84-1.84.0-150300.7.4.3
    * cargo1.84-debuginfo-1.84.0-150300.7.4.3
    * rust1.84-debuginfo-1.84.0-150300.7.4.3
    * rust-1.84.0-150500.27.30.1
    * cargo-1.84.0-150500.27.30.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (nosrc ppc64le
    x86_64)
    * rust1.84-1.84.0-150300.7.4.3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * rust1.84-src-1.84.0-150300.7.4.3
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * cargo1.84-1.84.0-150300.7.4.3
    * cargo1.84-debuginfo-1.84.0-150300.7.4.3
    * rust1.84-debuginfo-1.84.0-150300.7.4.3
    * cargo-1.84.0-150300.21.46.1
    * rust-1.84.0-150300.21.46.1
  * SUSE Enterprise Storage 7.1 (aarch64 nosrc x86_64)
    * rust1.84-1.84.0-150300.7.4.3
  * SUSE Enterprise Storage 7.1 (noarch)
    * rust1.84-src-1.84.0-150300.7.4.3
  * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
    * cargo1.84-1.84.0-150300.7.4.3
    * cargo1.84-debuginfo-1.84.0-150300.7.4.3
    * rust1.84-debuginfo-1.84.0-150300.7.4.3
    * cargo-1.84.0-150300.21.46.1
    * rust-1.84.0-150300.21.46.1
  * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586 nosrc)
    * rust1.84-1.84.0-150300.7.4.3
  * openSUSE Leap 15.3 (noarch)
    * rust1.84-src-1.84.0-150300.7.4.3
  * openSUSE Leap 15.3 (nosrc)
    * rust1.84-test-1.84.0-150300.7.4.2
  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * cargo-1.84.0-150400.24.36.1
    * rust-1.84.0-150400.24.36.1
  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
    * rust-1.84.0-150500.27.30.1
    * cargo-1.84.0-150500.27.30.1

## References:

  * https://jira.suse.com/browse/PED-11411
  * https://jira.suse.com/browse/SLE-18626

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250212/d49765ed/attachment.htm>

From null at suse.de  Wed Feb 12 16:30:36 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 12 Feb 2025 16:30:36 -0000
Subject: SUSE-RU-2025:0315-2: moderate: Recommended update for sssd
Message-ID: <173937783605.21757.18250011137321973591@smelt2.prg2.suse.org>



# Recommended update for sssd

Announcement ID: SUSE-RU-2025:0315-2  
Release Date: 2025-02-12T13:33:30Z  
Rating: moderate  
References:

  * bsc#1234368

  
Affected Products:

  * SUSE Linux Enterprise Micro 5.5

  
  
An update that has one fix can now be installed.

## Description:

This update for sssd fixes the following issue:

  * Allow multiple services per port (bsc#1234368).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-315=1

## Package List:

  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * libsss_idmap0-debuginfo-2.5.2-150500.10.25.2
    * sssd-ldap-debuginfo-2.5.2-150500.10.25.2
    * libsss_nss_idmap0-2.5.2-150500.10.25.2
    * libsss_certmap0-debuginfo-2.5.2-150500.10.25.2
    * libsss_idmap0-2.5.2-150500.10.25.2
    * sssd-krb5-common-debuginfo-2.5.2-150500.10.25.2
    * sssd-krb5-debuginfo-2.5.2-150500.10.25.2
    * sssd-debugsource-2.5.2-150500.10.25.2
    * sssd-krb5-common-2.5.2-150500.10.25.2
    * sssd-common-2.5.2-150500.10.25.2
    * sssd-ad-2.5.2-150500.10.25.2
    * sssd-common-debuginfo-2.5.2-150500.10.25.2
    * libsss_nss_idmap0-debuginfo-2.5.2-150500.10.25.2
    * libsss_certmap0-2.5.2-150500.10.25.2
    * sssd-2.5.2-150500.10.25.2
    * sssd-ldap-2.5.2-150500.10.25.2
    * sssd-krb5-2.5.2-150500.10.25.2
    * sssd-ad-debuginfo-2.5.2-150500.10.25.2

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1234368

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250212/88d13d08/attachment.htm>

From null at suse.de  Wed Feb 12 16:30:38 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 12 Feb 2025 16:30:38 -0000
Subject: SUSE-SU-2025:0458-1: moderate: Security update for podman
Message-ID: <173937783864.21757.17505011182379251022@smelt2.prg2.suse.org>



# Security update for podman

Announcement ID: SUSE-SU-2025:0458-1  
Release Date: 2025-02-12T12:02:33Z  
Rating: moderate  
References:

  * bsc#1227052
  * bsc#1236507

  
Cross-References:

  * CVE-2023-45288
  * CVE-2024-6104

  
CVSS scores:

  * CVE-2023-45288 ( SUSE ):  6.9
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2023-45288 ( SUSE ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-6104 ( SUSE ):  6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
  * CVE-2024-6104 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

  
Affected Products:

  * Containers Module 15-SP6
  * openSUSE Leap 15.5
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for podman fixes the following issues:

  * CVE-2024-6104: possible sensitive data exposure due to hashicorp/go-
    retryablehttp not sanitizing URLs when writing them to log files.
    (bsc#1227052)
  * CVE-2023-45288: possible excessive CPU consumption due to no limit being set
    on the number of CONTINUATION frames read for an HTTP/2 request in
    golang.org/x/net/http2. (bsc#1236507)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-458=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-458=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-458=1

  * Containers Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-458=1

## Package List:

  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
    * podmansh-4.9.5-150500.3.34.2
    * podman-4.9.5-150500.3.34.2
    * podman-remote-debuginfo-4.9.5-150500.3.34.2
    * podman-remote-4.9.5-150500.3.34.2
    * podman-debuginfo-4.9.5-150500.3.34.2
  * openSUSE Leap 15.5 (noarch)
    * podman-docker-4.9.5-150500.3.34.2
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * podmansh-4.9.5-150500.3.34.2
    * podman-4.9.5-150500.3.34.2
    * podman-remote-debuginfo-4.9.5-150500.3.34.2
    * podman-remote-4.9.5-150500.3.34.2
    * podman-debuginfo-4.9.5-150500.3.34.2
  * openSUSE Leap 15.6 (noarch)
    * podman-docker-4.9.5-150500.3.34.2
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * podmansh-4.9.5-150500.3.34.2
    * podman-4.9.5-150500.3.34.2
    * podman-remote-debuginfo-4.9.5-150500.3.34.2
    * podman-remote-4.9.5-150500.3.34.2
    * podman-debuginfo-4.9.5-150500.3.34.2
  * SUSE Linux Enterprise Micro 5.5 (noarch)
    * podman-docker-4.9.5-150500.3.34.2
  * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * podmansh-4.9.5-150500.3.34.2
    * podman-4.9.5-150500.3.34.2
    * podman-remote-debuginfo-4.9.5-150500.3.34.2
    * podman-remote-4.9.5-150500.3.34.2
    * podman-debuginfo-4.9.5-150500.3.34.2
  * Containers Module 15-SP6 (noarch)
    * podman-docker-4.9.5-150500.3.34.2

## References:

  * https://www.suse.com/security/cve/CVE-2023-45288.html
  * https://www.suse.com/security/cve/CVE-2024-6104.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1227052
  * https://bugzilla.suse.com/show_bug.cgi?id=1236507

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250212/dee82c92/attachment.htm>

From null at suse.de  Wed Feb 12 16:30:40 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 12 Feb 2025 16:30:40 -0000
Subject: SUSE-FU-2025:0456-1: moderate: Feature update for proftpd
Message-ID: <173937784045.21757.10499919947206760182@smelt2.prg2.suse.org>



# Feature update for proftpd

Announcement ID: SUSE-FU-2025:0456-1  
Release Date: 2025-02-12T11:59:14Z  
Rating: moderate  
References:

  * jsc#PED-10371

  
Affected Products:

  * openSUSE Leap 15.6
  * Server Applications Module 15-SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that contains one feature can now be installed.

## Description:

This update for proftpd fixes the following issue:

  * Add proftpd 1.3.8b (jsc#PED-10373)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-456=1 openSUSE-SLE-15.6-2025-456=1

  * Server Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-456=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * proftpd-mysql-debuginfo-1.3.8b-150600.13.3.2
    * proftpd-sqlite-1.3.8b-150600.13.3.2
    * proftpd-debugsource-1.3.8b-150600.13.3.2
    * proftpd-radius-1.3.8b-150600.13.3.2
    * proftpd-devel-1.3.8b-150600.13.3.2
    * proftpd-pgsql-1.3.8b-150600.13.3.2
    * proftpd-1.3.8b-150600.13.3.2
    * proftpd-doc-1.3.8b-150600.13.3.2
    * proftpd-radius-debuginfo-1.3.8b-150600.13.3.2
    * proftpd-sqlite-debuginfo-1.3.8b-150600.13.3.2
    * proftpd-pgsql-debuginfo-1.3.8b-150600.13.3.2
    * proftpd-mysql-1.3.8b-150600.13.3.2
    * proftpd-ldap-debuginfo-1.3.8b-150600.13.3.2
    * proftpd-debuginfo-1.3.8b-150600.13.3.2
    * proftpd-ldap-1.3.8b-150600.13.3.2
  * openSUSE Leap 15.6 (noarch)
    * proftpd-lang-1.3.8b-150600.13.3.2
  * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * proftpd-mysql-debuginfo-1.3.8b-150600.13.3.2
    * proftpd-sqlite-1.3.8b-150600.13.3.2
    * proftpd-debugsource-1.3.8b-150600.13.3.2
    * proftpd-radius-1.3.8b-150600.13.3.2
    * proftpd-devel-1.3.8b-150600.13.3.2
    * proftpd-pgsql-1.3.8b-150600.13.3.2
    * proftpd-1.3.8b-150600.13.3.2
    * proftpd-doc-1.3.8b-150600.13.3.2
    * proftpd-radius-debuginfo-1.3.8b-150600.13.3.2
    * proftpd-sqlite-debuginfo-1.3.8b-150600.13.3.2
    * proftpd-pgsql-debuginfo-1.3.8b-150600.13.3.2
    * proftpd-mysql-1.3.8b-150600.13.3.2
    * proftpd-ldap-debuginfo-1.3.8b-150600.13.3.2
    * proftpd-debuginfo-1.3.8b-150600.13.3.2
    * proftpd-ldap-1.3.8b-150600.13.3.2
  * Server Applications Module 15-SP6 (noarch)
    * proftpd-lang-1.3.8b-150600.13.3.2

## References:

  * https://jira.suse.com/browse/PED-10371

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250212/d21af529/attachment.htm>

From null at suse.de  Wed Feb 12 20:30:11 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 12 Feb 2025 20:30:11 -0000
Subject: SUSE-SU-2025:0494-1: important: Security update for the Linux Kernel
 (Live Patch 20 for SLE 15 SP5)
Message-ID: <173939221186.21560.12394800591729324558@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP5)

Announcement ID: SUSE-SU-2025:0494-1  
Release Date: 2025-02-12T18:35:51Z  
Rating: important  
References:

  * bsc#1230998
  * bsc#1231993

  
Cross-References:

  * CVE-2024-45016
  * CVE-2024-47684

  
CVSS scores:

  * CVE-2024-45016 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45016 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47684 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * openSUSE Leap 15.3
  * openSUSE Leap 15.5
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise Live Patching 15-SP3
  * SUSE Linux Enterprise Live Patching 15-SP5
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP5
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 5.14.21-150500_55_83 fixes several issues.

The following security issues were fixed:

  * CVE-2024-45016: netem: fix return value if duplicate enqueue fails
    (bsc#1230998).
  * CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us()
    (bsc#1231993).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-494=1

  * SUSE Linux Enterprise Live Patching 15-SP3  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-494=1

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-491=1 SUSE-2025-492=1

  * SUSE Linux Enterprise Live Patching 15-SP5  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-491=1 SUSE-SLE-
Module-Live-Patching-15-SP5-2025-492=1

## Package List:

  * openSUSE Leap 15.3 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP3_Update_48-debugsource-4-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_174-default-debuginfo-4-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_174-default-4-150300.2.1
  * openSUSE Leap 15.3 (x86_64)
    * kernel-livepatch-5_3_18-150300_59_174-preempt-debuginfo-4-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_174-preempt-4-150300.2.1
  * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64)
    * kernel-livepatch-5_3_18-150300_59_174-default-4-150300.2.1
  * openSUSE Leap 15.5 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP5_Update_19-debugsource-3-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_80-default-debuginfo-3-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_83-default-3-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_80-default-3-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_20-debugsource-3-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_83-default-debuginfo-3-150500.2.1
  * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP5_Update_19-debugsource-3-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_80-default-debuginfo-3-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_83-default-3-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_80-default-3-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_20-debugsource-3-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_83-default-debuginfo-3-150500.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-45016.html
  * https://www.suse.com/security/cve/CVE-2024-47684.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1230998
  * https://bugzilla.suse.com/show_bug.cgi?id=1231993

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250212/4bc2486f/attachment.htm>

From null at suse.de  Wed Feb 12 20:30:16 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 12 Feb 2025 20:30:16 -0000
Subject: SUSE-SU-2025:0489-1: important: Security update for the Linux Kernel
 (Live Patch 10 for SLE 15 SP5)
Message-ID: <173939221678.21560.17395492876244239874@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5)

Announcement ID: SUSE-SU-2025:0489-1  
Release Date: 2025-02-12T19:03:55Z  
Rating: important  
References:

  * bsc#1229644
  * bsc#1229663
  * bsc#1230998
  * bsc#1231993

  
Cross-References:

  * CVE-2022-48912
  * CVE-2022-48923
  * CVE-2024-45016
  * CVE-2024-47684

  
CVSS scores:

  * CVE-2022-48912 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48912 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48923 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2022-48923 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48923 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-45016 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45016 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47684 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * openSUSE Leap 15.5
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise Live Patching 15-SP4
  * SUSE Linux Enterprise Live Patching 15-SP5
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP4
  * SUSE Linux Enterprise Real Time 15 SP5
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5

  
  
An update that solves four vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 5.14.21-150500_55_49 fixes several issues.

The following security issues were fixed:

  * CVE-2024-45016: netem: fix return value if duplicate enqueue fails
    (bsc#1230998).
  * CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641)
  * CVE-2022-48923: btrfs: prevent copying too big compressed lzo segment
    (bsc#1229662)
  * CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us()
    (bsc#1231993).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-489=1

  * SUSE Linux Enterprise Live Patching 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-489=1

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-496=1

  * SUSE Linux Enterprise Live Patching 15-SP5  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-496=1

## Package List:

  * openSUSE Leap 15.4 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP4_Update_28-debugsource-6-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_125-default-debuginfo-6-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1
  * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP4_Update_28-debugsource-6-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_125-default-debuginfo-6-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_125-default-6-150400.2.1
  * openSUSE Leap 15.5 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP5_Update_10-debugsource-14-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_49-default-debuginfo-14-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1
  * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP5_Update_10-debugsource-14-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_49-default-debuginfo-14-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_49-default-14-150500.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2022-48912.html
  * https://www.suse.com/security/cve/CVE-2022-48923.html
  * https://www.suse.com/security/cve/CVE-2024-45016.html
  * https://www.suse.com/security/cve/CVE-2024-47684.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1229644
  * https://bugzilla.suse.com/show_bug.cgi?id=1229663
  * https://bugzilla.suse.com/show_bug.cgi?id=1230998
  * https://bugzilla.suse.com/show_bug.cgi?id=1231993

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250212/fdc695e1/attachment.htm>

From null at suse.de  Wed Feb 12 20:30:22 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 12 Feb 2025 20:30:22 -0000
Subject: SUSE-SU-2025:0487-1: important: Security update for the Linux Kernel
 (Live Patch 17 for SLE 15 SP5)
Message-ID: <173939222235.21560.12843512278191268260@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP5)

Announcement ID: SUSE-SU-2025:0487-1  
Release Date: 2025-02-12T17:04:23Z  
Rating: important  
References:

  * bsc#1229644
  * bsc#1230998
  * bsc#1231993

  
Cross-References:

  * CVE-2022-48912
  * CVE-2024-45016
  * CVE-2024-47684

  
CVSS scores:

  * CVE-2022-48912 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48912 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45016 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45016 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47684 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * openSUSE Leap 15.3
  * openSUSE Leap 15.5
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise Live Patching 15-SP3
  * SUSE Linux Enterprise Live Patching 15-SP5
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP5
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5

  
  
An update that solves three vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 5.14.21-150500_55_73 fixes several issues.

The following security issues were fixed:

  * CVE-2024-45016: netem: fix return value if duplicate enqueue fails
    (bsc#1230998).
  * CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641)
  * CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us()
    (bsc#1231993).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-490=1

  * SUSE Linux Enterprise Live Patching 15-SP5  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-490=1

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-487=1 SUSE-2025-488=1

  * SUSE Linux Enterprise Live Patching 15-SP3  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-487=1 SUSE-SLE-
Module-Live-Patching-15-SP3-2025-488=1

## Package List:

  * openSUSE Leap 15.5 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP5_Update_17-debugsource-4-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_73-default-debuginfo-4-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1
  * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64)
    * kernel-livepatch-5_14_21-150500_55_73-default-debuginfo-4-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_73-default-4-150500.2.1
  * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le x86_64)
    * kernel-livepatch-SLE15-SP5_Update_17-debugsource-4-150500.2.1
  * openSUSE Leap 15.3 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP3_Update_45-debugsource-8-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_164-default-debuginfo-8-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_147-default-debuginfo-17-150300.2.1
    * kernel-livepatch-SLE15-SP3_Update_40-debugsource-17-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_164-default-8-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1
  * openSUSE Leap 15.3 (x86_64)
    * kernel-livepatch-5_3_18-150300_59_164-preempt-debuginfo-8-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_147-preempt-debuginfo-17-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_147-preempt-17-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_164-preempt-8-150300.2.1
  * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64)
    * kernel-livepatch-5_3_18-150300_59_164-default-8-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_147-default-17-150300.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2022-48912.html
  * https://www.suse.com/security/cve/CVE-2024-45016.html
  * https://www.suse.com/security/cve/CVE-2024-47684.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1229644
  * https://bugzilla.suse.com/show_bug.cgi?id=1230998
  * https://bugzilla.suse.com/show_bug.cgi?id=1231993

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250212/a0122cdb/attachment.htm>

From null at suse.de  Wed Feb 12 20:30:27 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 12 Feb 2025 20:30:27 -0000
Subject: SUSE-SU-2025:0486-1: important: Security update for the Linux Kernel
 (Live Patch 31 for SLE 15 SP4)
Message-ID: <173939222705.21560.13981699753408405760@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 31 for SLE 15 SP4)

Announcement ID: SUSE-SU-2025:0486-1  
Release Date: 2025-02-12T16:03:57Z  
Rating: important  
References:

  * bsc#1229663
  * bsc#1230998
  * bsc#1231993

  
Cross-References:

  * CVE-2022-48923
  * CVE-2024-45016
  * CVE-2024-47684

  
CVSS scores:

  * CVE-2022-48923 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2022-48923 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48923 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-45016 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45016 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47684 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47684 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise Live Patching 15-SP4
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Real Time 15 SP4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4

  
  
An update that solves three vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 5.14.21-150400_24_133 fixes several issues.

The following security issues were fixed:

  * CVE-2024-45016: netem: fix return value if duplicate enqueue fails
    (bsc#1230998).
  * CVE-2022-48923: btrfs: prevent copying too big compressed lzo segment
    (bsc#1229662)
  * CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us()
    (bsc#1231993).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-486=1

  * SUSE Linux Enterprise Live Patching 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-486=1

## Package List:

  * openSUSE Leap 15.4 (ppc64le s390x x86_64)
    * kernel-livepatch-5_14_21-150400_24_133-default-debuginfo-3-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_31-debugsource-3-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_133-default-3-150400.2.1
  * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
    * kernel-livepatch-5_14_21-150400_24_133-default-debuginfo-3-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_31-debugsource-3-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_133-default-3-150400.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2022-48923.html
  * https://www.suse.com/security/cve/CVE-2024-45016.html
  * https://www.suse.com/security/cve/CVE-2024-47684.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1229663
  * https://bugzilla.suse.com/show_bug.cgi?id=1230998
  * https://bugzilla.suse.com/show_bug.cgi?id=1231993

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250212/12a02d28/attachment.htm>

From null at suse.de  Wed Feb 12 20:30:30 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 12 Feb 2025 20:30:30 -0000
Subject: SUSE-RU-2025:0495-1: moderate: Recommended update for openCryptoki
Message-ID: <173939223028.21560.16407560594585639291@smelt2.prg2.suse.org>



# Recommended update for openCryptoki

Announcement ID: SUSE-RU-2025:0495-1  
Release Date: 2025-02-12T18:46:21Z  
Rating: moderate  
References:

  * bsc#1225876
  * bsc#1236387

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that has two fixes can now be installed.

## Description:

This update for openCryptoki fixes the following issues:

  * Amended the .spec file for the configuration file (bsc#1236387).
  * Improved handling of user/group. use existing user/group if they exist.
    create user/group if not (bsc#1225876).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-495=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-495=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * openCryptoki-debugsource-3.17.0-5.12.2
    * openCryptoki-3.17.0-5.12.2
    * openCryptoki-devel-3.17.0-5.12.2
    * openCryptoki-debuginfo-3.17.0-5.12.2
  * SUSE Linux Enterprise Server 12 SP5 LTSS (ppc64le s390x x86_64)
    * openCryptoki-64bit-3.17.0-5.12.2
  * SUSE Linux Enterprise Server 12 SP5 LTSS (s390)
    * openCryptoki-32bit-3.17.0-5.12.2
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * openCryptoki-64bit-3.17.0-5.12.2
    * openCryptoki-devel-3.17.0-5.12.2
    * openCryptoki-3.17.0-5.12.2
    * openCryptoki-debugsource-3.17.0-5.12.2
    * openCryptoki-debuginfo-3.17.0-5.12.2

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1225876
  * https://bugzilla.suse.com/show_bug.cgi?id=1236387

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250212/3d060a28/attachment.htm>

From null at suse.de  Wed Feb 12 20:30:31 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 12 Feb 2025 20:30:31 -0000
Subject: SUSE-RU-2025:0493-1: moderate: Recommended update for suse-prime
Message-ID: <173939223152.21560.10917774280829231758@smelt2.prg2.suse.org>



# Recommended update for suse-prime

Announcement ID: SUSE-RU-2025:0493-1  
Release Date: 2025-02-12T17:16:58Z  
Rating: moderate  
References:

  
Affected Products:

  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Linux Enterprise Workstation Extension 15 SP6
  * SUSE Package Hub 15 15-SP6

  
  
An update that can now be installed.

## Description:

This update for suse-prime fixes the following issues:

  * require nvidia-xconfig for NVIDIA driver 570.86.15 or above.
  * Version update: SUSEPrime-0.8.18
  * no longer install by default together with 5xx/G06 driver package series
    (Supplements/modalias line)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-493=1 openSUSE-SLE-15.6-2025-493=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-493=1

  * SUSE Linux Enterprise Workstation Extension 15 SP6  
    zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2025-493=1

## Package List:

  * openSUSE Leap 15.6 (noarch)
    * suse-prime-0.8.18-150600.3.3.2
  * SUSE Package Hub 15 15-SP6 (noarch)
    * suse-prime-0.8.18-150600.3.3.2
  * SUSE Linux Enterprise Workstation Extension 15 SP6 (noarch)
    * suse-prime-0.8.18-150600.3.3.2

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250212/27a23170/attachment.htm>

From null at suse.de  Wed Feb 12 20:30:34 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 12 Feb 2025 20:30:34 -0000
Subject: SUSE-RU-2025:0485-1: moderate: Recommended update for rpmlint
Message-ID: <173939223408.21560.3748961975306834775@smelt2.prg2.suse.org>



# Recommended update for rpmlint

Announcement ID: SUSE-RU-2025:0485-1  
Release Date: 2025-02-12T16:03:17Z  
Rating: moderate  
References:

  * bsc#1236016

  
Affected Products:

  * Development Tools Module 15-SP6
  * openSUSE Leap 15.3
  * openSUSE Leap 15.4
  * openSUSE Leap 15.5
  * openSUSE Leap 15.6
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that has one fix can now be installed.

## Description:

This update for rpmlint fixes the following issues:

  * backport whitelisting for tuned ppd service (bsc#1236016)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-485=1

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-485=1

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-485=1

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-485=1 openSUSE-SLE-15.6-2025-485=1

  * Development Tools Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-485=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-485=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-485=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-485=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-485=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-485=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-485=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-485=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-485=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-485=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-485=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-485=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-485=1

## Package List:

  * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
    * rpmlint-mini-debugsource-1.10-150300.18.25.1
    * rpmlint-mini-1.10-150300.18.25.1
    * rpmlint-mini-debuginfo-1.10-150300.18.25.1
  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * rpmlint-mini-debugsource-1.10-150400.23.28.1
    * rpmlint-mini-debuginfo-1.10-150400.23.28.1
    * rpmlint-mini-1.10-150400.23.28.1
  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
    * rpmlint-mini-debugsource-1.10-150500.26.13.1
    * rpmlint-mini-debuginfo-1.10-150500.26.13.1
    * rpmlint-mini-1.10-150500.26.13.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * rpmlint-mini-debuginfo-1.10-150600.31.10.1
    * rpmlint-mini-1.10-150600.31.10.1
    * rpmlint-mini-debugsource-1.10-150600.31.10.1
  * openSUSE Leap 15.6 (noarch)
    * rpmlint-1.10-150000.7.93.1
  * Development Tools Module 15-SP6 (noarch)
    * rpmlint-1.10-150000.7.93.1
  * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * rpmlint-mini-debuginfo-1.10-150600.31.10.1
    * rpmlint-mini-1.10-150600.31.10.1
    * rpmlint-mini-debugsource-1.10-150600.31.10.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * rpmlint-1.10-150000.7.93.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * rpmlint-mini-debugsource-1.10-150300.18.25.1
    * rpmlint-mini-1.10-150300.18.25.1
    * rpmlint-mini-debuginfo-1.10-150300.18.25.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * rpmlint-1.10-150000.7.93.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * rpmlint-mini-debugsource-1.10-150400.23.28.1
    * rpmlint-mini-debuginfo-1.10-150400.23.28.1
    * rpmlint-mini-1.10-150400.23.28.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * rpmlint-1.10-150000.7.93.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * rpmlint-mini-debugsource-1.10-150400.23.28.1
    * rpmlint-mini-debuginfo-1.10-150400.23.28.1
    * rpmlint-mini-1.10-150400.23.28.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * rpmlint-1.10-150000.7.93.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * rpmlint-mini-debugsource-1.10-150500.26.13.1
    * rpmlint-mini-debuginfo-1.10-150500.26.13.1
    * rpmlint-mini-1.10-150500.26.13.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * rpmlint-1.10-150000.7.93.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * rpmlint-mini-debugsource-1.10-150500.26.13.1
    * rpmlint-mini-debuginfo-1.10-150500.26.13.1
    * rpmlint-mini-1.10-150500.26.13.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * rpmlint-1.10-150000.7.93.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * rpmlint-mini-debugsource-1.10-150300.18.25.1
    * rpmlint-mini-1.10-150300.18.25.1
    * rpmlint-mini-debuginfo-1.10-150300.18.25.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * rpmlint-1.10-150000.7.93.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * rpmlint-mini-debugsource-1.10-150400.23.28.1
    * rpmlint-mini-debuginfo-1.10-150400.23.28.1
    * rpmlint-mini-1.10-150400.23.28.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * rpmlint-1.10-150000.7.93.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * rpmlint-mini-debugsource-1.10-150500.26.13.1
    * rpmlint-mini-debuginfo-1.10-150500.26.13.1
    * rpmlint-mini-1.10-150500.26.13.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * rpmlint-1.10-150000.7.93.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * rpmlint-mini-debugsource-1.10-150300.18.25.1
    * rpmlint-mini-1.10-150300.18.25.1
    * rpmlint-mini-debuginfo-1.10-150300.18.25.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * rpmlint-1.10-150000.7.93.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * rpmlint-mini-debugsource-1.10-150400.23.28.1
    * rpmlint-mini-debuginfo-1.10-150400.23.28.1
    * rpmlint-mini-1.10-150400.23.28.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * rpmlint-1.10-150000.7.93.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * rpmlint-mini-debugsource-1.10-150500.26.13.1
    * rpmlint-mini-debuginfo-1.10-150500.26.13.1
    * rpmlint-mini-1.10-150500.26.13.1
  * SUSE Enterprise Storage 7.1 (noarch)
    * rpmlint-1.10-150000.7.93.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * rpmlint-mini-debugsource-1.10-150300.18.25.1
    * rpmlint-mini-1.10-150300.18.25.1
    * rpmlint-mini-debuginfo-1.10-150300.18.25.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1236016

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250212/acfc8a9b/attachment.htm>

From null at suse.de  Thu Feb 13 08:30:02 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 13 Feb 2025 08:30:02 -0000
Subject: SUSE-RU-2025:0497-1: moderate: Recommended update for osc
Message-ID: <173943540268.21560.8167776613553703621@smelt2.prg2.suse.org>



# Recommended update for osc

Announcement ID: SUSE-RU-2025:0497-1  
Release Date: 2025-02-12T22:07:05Z  
Rating: moderate  
References:

  
Affected Products:

  * Development Tools Module 15-SP6
  * openSUSE Leap 15.4
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that can now be installed.

## Description:

This update for osc fixes the following issues:

  * Add conflict with older versions of obs-service-source_validator.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-497=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-497=1

  * Development Tools Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-497=1

## Package List:

  * openSUSE Leap 15.4 (noarch)
    * osc-1.9.0-150400.10.9.1
  * openSUSE Leap 15.6 (noarch)
    * osc-1.9.0-150400.10.9.1
  * Development Tools Module 15-SP6 (noarch)
    * osc-1.9.0-150400.10.9.1

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250213/ec6417a8/attachment.htm>

From null at suse.de  Thu Feb 13 12:30:07 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 13 Feb 2025 12:30:07 -0000
Subject: SUSE-RU-2025:0515-1: moderate: Recommended update for dracut
Message-ID: <173944980759.21560.17479622275239713622@smelt2.prg2.suse.org>



# Recommended update for dracut

Announcement ID: SUSE-RU-2025:0515-1  
Release Date: 2025-02-13T11:58:51Z  
Rating: moderate  
References:

  * bsc#1228086
  * bsc#1231792
  * bsc#1235912

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Availability Extension 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that has three fixes can now be installed.

## Description:

This update for dracut fixes the following issue:

  * Version update 059+suse.552.g232957b4
  * fixes related to getting live image size (bsc#1235912).
  * fixes for booting from iSCSI offload with bnx2i (bsc#1228086).
  * rework timeout for devices added via --mount and --add-device (bsc#1231792).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-515=1 openSUSE-SLE-15.6-2025-515=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-515=1

  * SUSE Linux Enterprise High Availability Extension 15 SP6  
    zypper in -t patch SUSE-SLE-Product-HA-15-SP6-2025-515=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * dracut-debuginfo-059+suse.552.g232957b4-150600.3.17.2
    * dracut-mkinitrd-deprecated-059+suse.552.g232957b4-150600.3.17.2
    * dracut-059+suse.552.g232957b4-150600.3.17.2
    * dracut-fips-059+suse.552.g232957b4-150600.3.17.2
    * dracut-tools-059+suse.552.g232957b4-150600.3.17.2
    * dracut-debugsource-059+suse.552.g232957b4-150600.3.17.2
    * dracut-ima-059+suse.552.g232957b4-150600.3.17.2
    * dracut-extra-059+suse.552.g232957b4-150600.3.17.2
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * dracut-debuginfo-059+suse.552.g232957b4-150600.3.17.2
    * dracut-059+suse.552.g232957b4-150600.3.17.2
    * dracut-fips-059+suse.552.g232957b4-150600.3.17.2
    * dracut-debugsource-059+suse.552.g232957b4-150600.3.17.2
    * dracut-ima-059+suse.552.g232957b4-150600.3.17.2
  * SUSE Linux Enterprise High Availability Extension 15 SP6 (ppc64le x86_64)
    * dracut-mkinitrd-deprecated-059+suse.552.g232957b4-150600.3.17.2
    * dracut-debugsource-059+suse.552.g232957b4-150600.3.17.2
    * dracut-debuginfo-059+suse.552.g232957b4-150600.3.17.2

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1228086
  * https://bugzilla.suse.com/show_bug.cgi?id=1231792
  * https://bugzilla.suse.com/show_bug.cgi?id=1235912

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250213/b59962c5/attachment.htm>

From null at suse.de  Thu Feb 13 12:30:12 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 13 Feb 2025 12:30:12 -0000
Subject: SUSE-SU-2025:0514-1: moderate: Security update for python
Message-ID: <173944981263.21560.15954856650034502355@smelt2.prg2.suse.org>



# Security update for python

Announcement ID: SUSE-SU-2025:0514-1  
Release Date: 2025-02-13T11:50:56Z  
Rating: moderate  
References:

  * bsc#1236705

  
Cross-References:

  * CVE-2025-0938

  
CVSS scores:

  * CVE-2025-0938 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N
  * CVE-2025-0938 ( SUSE ):  4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
  * CVE-2025-0938 ( NVD ):  6.3
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

  
Affected Products:

  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Package Hub 15 15-SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for python fixes the following issues:

  * CVE-2025-0938: functions `urllib.parse.urlsplit` and `urlparse` accept
    domain names including square brackets (bsc#1236705).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-514=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-514=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * libpython2_7-1_0-debuginfo-2.7.18-150000.71.1
    * python-tk-2.7.18-150000.71.1
    * python-tk-debuginfo-2.7.18-150000.71.1
    * python-curses-2.7.18-150000.71.1
    * python-gdbm-2.7.18-150000.71.1
    * python-idle-2.7.18-150000.71.1
    * python-xml-2.7.18-150000.71.1
    * python-curses-debuginfo-2.7.18-150000.71.1
    * python-debuginfo-2.7.18-150000.71.1
    * libpython2_7-1_0-2.7.18-150000.71.1
    * python-demo-2.7.18-150000.71.1
    * python-2.7.18-150000.71.1
    * python-devel-2.7.18-150000.71.1
    * python-debugsource-2.7.18-150000.71.1
    * python-base-debugsource-2.7.18-150000.71.1
    * python-base-2.7.18-150000.71.1
    * python-base-debuginfo-2.7.18-150000.71.1
    * python-gdbm-debuginfo-2.7.18-150000.71.1
    * python-xml-debuginfo-2.7.18-150000.71.1
  * openSUSE Leap 15.6 (x86_64)
    * python-32bit-debuginfo-2.7.18-150000.71.1
    * python-base-32bit-2.7.18-150000.71.1
    * libpython2_7-1_0-32bit-debuginfo-2.7.18-150000.71.1
    * python-32bit-2.7.18-150000.71.1
    * libpython2_7-1_0-32bit-2.7.18-150000.71.1
    * python-base-32bit-debuginfo-2.7.18-150000.71.1
  * openSUSE Leap 15.6 (noarch)
    * python-doc-2.7.18-150000.71.1
    * python-doc-pdf-2.7.18-150000.71.1
  * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64)
    * libpython2_7-1_0-debuginfo-2.7.18-150000.71.1
    * python-curses-2.7.18-150000.71.1
    * python-gdbm-2.7.18-150000.71.1
    * python-xml-2.7.18-150000.71.1
    * python-curses-debuginfo-2.7.18-150000.71.1
    * python-debuginfo-2.7.18-150000.71.1
    * libpython2_7-1_0-2.7.18-150000.71.1
    * python-2.7.18-150000.71.1
    * python-debugsource-2.7.18-150000.71.1
    * python-base-debugsource-2.7.18-150000.71.1
    * python-base-2.7.18-150000.71.1
    * python-base-debuginfo-2.7.18-150000.71.1
    * python-gdbm-debuginfo-2.7.18-150000.71.1
    * python-xml-debuginfo-2.7.18-150000.71.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-0938.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236705

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250213/f23d8f4c/attachment.htm>

From null at suse.de  Thu Feb 13 12:30:15 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 13 Feb 2025 12:30:15 -0000
Subject: SUSE-RU-2025:0513-1: moderate: Recommended update for
 SAPHanaSR-ScaleOut
Message-ID: <173944981563.21560.16104366184936352932@smelt2.prg2.suse.org>



# Recommended update for SAPHanaSR-ScaleOut

Announcement ID: SUSE-RU-2025:0513-1  
Release Date: 2025-02-13T11:50:32Z  
Rating: moderate  
References:

  * bsc#1216918
  * bsc#1234342

  
Affected Products:

  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that has two fixes can now be installed.

## Description:

This update for SAPHanaSR-ScaleOut fixes the following issues:

  * Version update v0.185.4
  * Fix SAPHanaSR-monitor to get and display proper sync state and secondary
    score (bsc#1234342).
  * Fix SAPHanaSR-hookHelper by using full pathnames for commands. This will fix
    the failing fencing hooks (bsc#1216918).
  * Fix handling of HANA_CALL timeout return values.
  * Updating and adding new man pages.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server for SAP Applications 12 SP5  
    zypper in -t patch SUSE-SLE-SAP-12-SP5-2025-513=1

## Package List:

  * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch)
    * SAPHanaSR-ScaleOut-doc-0.185.4-3.44.2
    * SAPHanaSR-ScaleOut-0.185.4-3.44.2

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1216918
  * https://bugzilla.suse.com/show_bug.cgi?id=1234342

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250213/8892d870/attachment.htm>

From null at suse.de  Thu Feb 13 12:30:18 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 13 Feb 2025 12:30:18 -0000
Subject: SUSE-SU-2025:0512-1: important: Security update for libtasn1
Message-ID: <173944981812.21560.12427533473106184763@smelt2.prg2.suse.org>



# Security update for libtasn1

Announcement ID: SUSE-SU-2025:0512-1  
Release Date: 2025-02-13T11:47:14Z  
Rating: important  
References:

  * bsc#1236878

  
Cross-References:

  * CVE-2024-12133

  
CVSS scores:

  * CVE-2024-12133 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-12133 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-12133 ( NVD ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for libtasn1 fixes the following issues:

  * CVE-2024-12133: the processing of input DER data containing a large number
    of SEQUENCE OF or SET OF elements takes quadratic time to complete.
    (bsc#1236878)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-512=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-512=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * libtasn1-6-debuginfo-4.9-3.16.1
    * libtasn1-4.9-3.16.1
    * libtasn1-debugsource-4.9-3.16.1
    * libtasn1-debuginfo-4.9-3.16.1
    * libtasn1-6-4.9-3.16.1
    * libtasn1-devel-4.9-3.16.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64)
    * libtasn1-6-32bit-4.9-3.16.1
    * libtasn1-6-debuginfo-32bit-4.9-3.16.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * libtasn1-6-debuginfo-4.9-3.16.1
    * libtasn1-4.9-3.16.1
    * libtasn1-6-debuginfo-32bit-4.9-3.16.1
    * libtasn1-debugsource-4.9-3.16.1
    * libtasn1-debuginfo-4.9-3.16.1
    * libtasn1-6-32bit-4.9-3.16.1
    * libtasn1-6-4.9-3.16.1
    * libtasn1-devel-4.9-3.16.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-12133.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236878

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250213/16661242/attachment.htm>

From null at suse.de  Thu Feb 13 12:30:21 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 13 Feb 2025 12:30:21 -0000
Subject: SUSE-RU-2025:0511-1: moderate: Recommended update for
 SAPHanaSR-ScaleOut
Message-ID: <173944982103.21560.2831123235164482827@smelt2.prg2.suse.org>



# Recommended update for SAPHanaSR-ScaleOut

Announcement ID: SUSE-RU-2025:0511-1  
Release Date: 2025-02-13T11:47:00Z  
Rating: moderate  
References:

  * bsc#1216918
  * bsc#1234342

  
Affected Products:

  * openSUSE Leap 15.6
  * SAP Applications Module 15-SP3
  * SAP Applications Module 15-SP4
  * SAP Applications Module 15-SP5
  * SAP Applications Module 15-SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that has two fixes can now be installed.

## Description:

This update for SAPHanaSR-ScaleOut fixes the following issues:

  * Version update v0.185.4
  * Fix SAPHanaSR-monitor to get and display proper sync state and secondary
    score (bsc#1234342).
  * Fix SAPHanaSR-hookHelper by using full pathnames for commands. This will fix
    the failing fencing hooks (bsc#1216918).
  * Fix handling of HANA_CALL timeout return values
  * updating and adding new man pages

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-511=1

  * SAP Applications Module 15-SP3  
    zypper in -t patch SUSE-SLE-Module-SAP-Applications-15-SP3-2025-511=1

  * SAP Applications Module 15-SP4  
    zypper in -t patch SUSE-SLE-Module-SAP-Applications-15-SP4-2025-511=1

  * SAP Applications Module 15-SP5  
    zypper in -t patch SUSE-SLE-Module-SAP-Applications-15-SP5-2025-511=1

  * SAP Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-SAP-Applications-15-SP6-2025-511=1

## Package List:

  * openSUSE Leap 15.6 (noarch)
    * SAPHanaSR-ScaleOut-0.185.4-150000.48.4
    * SAPHanaSR-ScaleOut-doc-0.185.4-150000.48.4
  * SAP Applications Module 15-SP3 (noarch)
    * SAPHanaSR-ScaleOut-0.185.4-150000.48.4
    * SAPHanaSR-ScaleOut-doc-0.185.4-150000.48.4
  * SAP Applications Module 15-SP4 (noarch)
    * SAPHanaSR-ScaleOut-0.185.4-150000.48.4
    * SAPHanaSR-ScaleOut-doc-0.185.4-150000.48.4
  * SAP Applications Module 15-SP5 (noarch)
    * SAPHanaSR-ScaleOut-0.185.4-150000.48.4
    * SAPHanaSR-ScaleOut-doc-0.185.4-150000.48.4
  * SAP Applications Module 15-SP6 (noarch)
    * SAPHanaSR-ScaleOut-0.185.4-150000.48.4
    * SAPHanaSR-ScaleOut-doc-0.185.4-150000.48.4

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1216918
  * https://bugzilla.suse.com/show_bug.cgi?id=1234342

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250213/7692553b/attachment.htm>

From null at suse.de  Thu Feb 13 12:30:23 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 13 Feb 2025 12:30:23 -0000
Subject: SUSE-SU-2025:0510-1: moderate: Security update for glibc
Message-ID: <173944982388.21560.13991777374135353@smelt2.prg2.suse.org>



# Security update for glibc

Announcement ID: SUSE-SU-2025:0510-1  
Release Date: 2025-02-13T11:33:45Z  
Rating: moderate  
References:

  * bsc#1228044
  * bsc#1236282

  
Cross-References:

  * CVE-2025-0395

  
CVSS scores:

  * CVE-2025-0395 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-0395 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
  * CVE-2025-0395 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for glibc fixes the following issue:

  * CVE-2025-0395: Fix underallocation of abort_msg_s struct (bsc#1236282, BZ
    #32582))

  * s390x-wcsncmp patch: s390x: Fix segfault in wcsncmp (bsc#1228044).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-510=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-510=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * glibc-debugsource-2.22-114.40.1
    * glibc-devel-2.22-114.40.1
    * glibc-debuginfo-2.22-114.40.1
    * glibc-devel-static-2.22-114.40.1
    * glibc-devel-32bit-2.22-114.40.1
    * nscd-debuginfo-2.22-114.40.1
    * glibc-locale-debuginfo-2.22-114.40.1
    * glibc-32bit-2.22-114.40.1
    * glibc-profile-2.22-114.40.1
    * glibc-locale-debuginfo-32bit-2.22-114.40.1
    * glibc-locale-2.22-114.40.1
    * glibc-profile-32bit-2.22-114.40.1
    * glibc-devel-debuginfo-2.22-114.40.1
    * nscd-2.22-114.40.1
    * glibc-2.22-114.40.1
    * glibc-devel-debuginfo-32bit-2.22-114.40.1
    * glibc-debuginfo-32bit-2.22-114.40.1
    * glibc-locale-32bit-2.22-114.40.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch)
    * glibc-i18ndata-2.22-114.40.1
    * glibc-html-2.22-114.40.1
    * glibc-info-2.22-114.40.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * glibc-debugsource-2.22-114.40.1
    * glibc-devel-2.22-114.40.1
    * glibc-debuginfo-2.22-114.40.1
    * glibc-devel-static-2.22-114.40.1
    * nscd-debuginfo-2.22-114.40.1
    * glibc-profile-2.22-114.40.1
    * glibc-locale-2.22-114.40.1
    * glibc-devel-debuginfo-2.22-114.40.1
    * nscd-2.22-114.40.1
    * glibc-2.22-114.40.1
    * glibc-locale-debuginfo-2.22-114.40.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch)
    * glibc-i18ndata-2.22-114.40.1
    * glibc-html-2.22-114.40.1
    * glibc-info-2.22-114.40.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64)
    * glibc-devel-32bit-2.22-114.40.1
    * glibc-32bit-2.22-114.40.1
    * glibc-locale-debuginfo-32bit-2.22-114.40.1
    * glibc-profile-32bit-2.22-114.40.1
    * glibc-devel-debuginfo-32bit-2.22-114.40.1
    * glibc-debuginfo-32bit-2.22-114.40.1
    * glibc-locale-32bit-2.22-114.40.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-0395.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1228044
  * https://bugzilla.suse.com/show_bug.cgi?id=1236282

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250213/f591cf2a/attachment.htm>

From null at suse.de  Thu Feb 13 12:30:27 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 13 Feb 2025 12:30:27 -0000
Subject: SUSE-RU-2025:0509-1: moderate: Recommended update for go1.24
Message-ID: <173944982730.21560.987754553884249621@smelt2.prg2.suse.org>



# Recommended update for go1.24

Announcement ID: SUSE-RU-2025:0509-1  
Release Date: 2025-02-13T11:33:31Z  
Rating: moderate  
References:

  * bsc#1236217

  
Affected Products:

  * Development Tools Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that has one fix can now be installed.

## Description:

This update for go1.24 fixes the following issues:

go1.24 (released 2025-02-11) is a major release of Go.

go1.24.x minor releases will be provided through February 2026.
https://github.com/golang/go/wiki/Go-Release-Cycle

go1.24 arrives six months after Go 1.23. Most of its changes are in the
implementation of the toolchain, runtime, and libraries. As always, the release
maintains the Go 1 promise of compatibility. We expect almost all Go programs to
continue to compile and run as before. (boo#1236217)

  * Language change: Go 1.24 now fully supports generic type aliases: a type
    alias may be parameterized like a defined type. See the language spec for
    details. For now, the feature can be disabled by setting
    GOEXPERIMENT=noaliastypeparams; but the aliastypeparams setting will be
    removed for Go 1.25.
  * go command: Go modules can now track executable dependencies using tool
    directives in go.mod. This removes the need for the previous workaround of
    adding tools as blank imports to a file conventionally named "tools.go". The
    go tool command can now run these tools in addition to tools shipped with
    the Go distribution.
  * go command: The new -tool flag for go get causes a tool directive to be
    added to the current module for named packages in addition to adding require
    directives.
  * go command: The new tool meta-pattern refers to all tools in the current
    module. This can be used to upgrade them all with go get tool or to install
    them into your GOBIN directory with go install tool.
  * go command: Executables created by go run and the new behavior of go tool
    are now cached in the Go build cache. This makes repeated executions faster
    at the expense of making the cache larger. See go#69290.
  * go command: The go build and go install commands now accept a -json flag
    that reports build output and failures as structured JSON output on standard
    output. For details of the reporting format, see go help buildjson.
    Furthermore, go test -json now reports build output and failures in JSON,
    interleaved with test result JSON. These are distinguished by new Action
    types, but if they cause problems in a test integration system, you can
    revert to the text build output with GODEBUG setting gotestjsonbuildtext=1.
  * go command: The new GOAUTH environment variable provides a flexible way to
    authenticate private module fetches. See go help goauth for more
    information.
  * go command: The go build command now sets the main module's version in the
    compiled binary based on the version control system tag and/or commit. A
    +dirty suffix will be appended if there are uncommitted changes. Use the
    -buildvcs=false flag to omit version control information from the binary.
  * go command: The new GODEBUG setting toolchaintrace=1 can be used to trace
    the go command's toolchain selection process.
  * cgo: cgo supports new annotations for C functions to improve run time
    performance. cgo noescape cFunctionName tells the compiler that memory
    passed to the C function cFunctionname does not escape. cgo nocallback
    cFunctionName tells the compiler that the C function cFunctionName does not
    call back to any Go functions.
  * cgo: cgo currently refuses to compile calls to a C function which has
    multiple incompatible declarations. For instance, if f is declared as both
    void f(int) and void f(double), cgo will report an error instead of possibly
    generating an incorrect call sequence for f(0). New in this release is a
    better detector for this error condition when the incompatible declarations
    appear in different files. See go#67699.
  * objdump: The objdump tool now supports dissassembly on 64-bit LoongArch
    (GOARCH=loong64), RISC-V (GOARCH=riscv64), and S390X (GOARCH=s390x).
  * vet: The new tests analyzer reports common mistakes in declarations of
    tests, fuzzers, benchmarks, and examples in test packages, such as malformed
    names, incorrect signatures, or examples that document non-existent
    identifiers. Some of these mistakes may cause tests not to run. This
    analyzer is among the subset of analyzers that are run by go test.
  * vet: The existing printf analyzer now reports a diagnostic for calls of the
    form fmt.Printf(s), where s is a non-constant format string, with no other
    arguments. Such calls are nearly always a mistake as the value of s may
    contain the % symbol; use fmt.Print instead. See go#60529. This check tends
    to produce findings in existing code, and so is only applied when the
    language version (as specified by the go.mod go directive or //go:build
    comments) is at least Go 1.24, to avoid causing continuous integration
    failures when updating to the 1.24 Go toolchain.
  * vet: The existing buildtag analyzer now reports a diagnostic when there is
    an invalid Go major version build constraint within a //go:build directive.
    For example, //go:build go1.23.1 refers to a point release; use //go:build
    go1.23 instead. See go#64127.
  * vet: The existing copylock analyzer now reports a diagnostic when a variable
    declared in a 3-clause "for" loop such as for i := iter(); done(i); i =
    next(i) { ... } contains a sync.Locker, such as a sync.Mutex. Go 1.22
    changed the behavior of these loops to create a new variable for each
    iteration, copying the value from the previous iteration; this copy
    operation is not safe for locks. See go#66387.
  * GOCACHEPROG: The cmd/go internal binary and test caching mechanism can now
    be implemented by child processes implementing a JSON protocol between the
    cmd/go tool and the child process named by the GOCACHEPROG environment
    variable. This was previously behind a GOEXPERIMENT. For protocol details,
    see the documentation.
  * Runtime: Several performance improvements to the runtime have decreased CPU
    overheads by 2-3% on average across a suite of representative benchmarks.
    Results may vary by application. These improvements include a new builtin
    map implementation based on Swiss Tables, more efficient memory allocation
    of small objects, and a new runtime-internal mutex implementation.
  * Runtime: The new builtin map implementation and new runtime-internal mutex
    may be disabled by setting GOEXPERIMENT=noswissmap and
    GOEXPERIMENT=nospinbitmutex at build time respectively.
  * Compiler: The compiler already disallowed defining new methods with receiver
    types that were cgo-generated, but it was possible to circumvent that
    restriction via an alias type. Go 1.24 now always reports an error if a
    receiver denotes a cgo-generated type, whether directly or indirectly
    (through an alias type).
  * Linker: The linker now generates a GNU build ID (the ELF NT_GNU_BUILD_ID
    note) on ELF platforms and a UUID (the Mach-O LC_UUID load command) on macOS
    by default. The build ID or UUID is derived from the Go build ID. It can be
    disabled by the -B none linker flag, or overridden by the -B 0xNNNN linker
    flag with a user-specified hexadecimal value.
  * Bootstrap: As mentioned in the Go 1.22 release notes, Go 1.24 now requires
    Go 1.22.6 or later for bootstrap. We expect that Go 1.26 will require a
    point release of Go 1.24 or later for bootstrap.
  * Standard library: Directory-limited filesystem access: The new os.Root type
    provides the ability to perform filesystem operations within a specific
    directory. The os.OpenRoot function opens a directory and returns an
    os.Root. Methods on os.Root operate within the directory and do not permit
    paths that refer to locations outside the directory, including ones that
    follow symbolic links out of the directory. The methods on os.Root mirror
    most of the file system operations available in the os package, including
    for example os.Root.Open, os.Root.Create, os.Root.Mkdir, and os.Root.Stat,
  * Standard library: new benchmark function: Benchmarks may now use the faster
    and less error-prone testing.B.Loop method to perform benchmark iterations
    like for b.Loop() { ... } in place of the typical loop structures involving
    b.N like for range b.N. This offers two significant advantages: 1) The
    benchmark function will execute exactly once per -count, so expensive setup
    and cleanup steps execute only once, and 2) Function call parameters and
    results are kept alive, preventing the compiler from fully optimizing away
    the loop body.
  * Standard library: Improved finalizers: The new runtime.AddCleanup function
    is a finalization mechanism that is more flexible, more efficient, and less
    error-prone than runtime.SetFinalizer. AddCleanup attaches a cleanup
    function to an object that will run once the object is no longer reachable.
    However, unlike SetFinalizer, multiple cleanups may be attached to a single
    object, cleanups may be attached to interior pointers, cleanups do not
    generally cause leaks when objects form a cycle, and cleanups do not delay
    the freeing of an object or objects it points to. New code should prefer
    AddCleanup over SetFinalizer.
  * Standard library: New weak package: The new weak package provides weak
    pointers. Weak pointers are a low-level primitive provided to enable the
    creation of memory-efficient structures, such as weak maps for associating
    values, canonicalization maps for anything not covered by package unique,
    and various kinds of caches. For supporting these use-cases, this release
    also provides runtime.AddCleanup and maphash.Comparable.
  * Standard library: New crypto/mlkem package: The new crypto/mlkem package
    implements ML-KEM-768 and ML-KEM-1024. ML-KEM is a post-quantum key exchange
    mechanism formerly known as Kyber and specified in FIPS 203.
  * Standard library: New crypto/hkdf, crypto/pbkdf2, and crypto/sha3 packages:
    The new crypto/hkdf package implements the HMAC-based Extract-and-Expand key
    derivation function HKDF, as defined in RFC 5869. The new crypto/pbkdf2
    package implements the password-based key derivation function PBKDF2, as
    defined in RFC 8018. The new crypto/sha3 package implements the SHA-3 hash
    function and SHAKE and cSHAKE extendable-output functions, as defined in
    FIPS 202. All three packages are based on pre-existing
    golang.org/x/crypto/... packages.
  * FIPS: release includes a new set of mechanisms to facilitate FIPS 140-3
    compliance. See https://go.dev/doc/security/fips140 The Go Cryptographic
    Module is a set of internal standard library packages that are transparently
    used to implement FIPS 140-3 approved algorithms. Applications require no
    changes to use the Go Cryptographic Module for approved algorithms.
  * FIPS: The new GOFIPS140 environment variable can be used to select the Go
    Cryptographic Module version to use in a build. The new fips140 GODEBUG
    setting can be used to enable FIPS 140-3 mode at runtime.
  * FIPS: Go 1.24 includes Go Cryptographic Module version v1.0.0, which is
    currently under test with a CMVP-accredited laboratory.
  * Standard library: New experimental testing/synctest package: The new
    experimental testing/synctest package provides support for testing
    concurrent code. The synctest.Run function starts a group of goroutines in
    an isolated "bubble". Within the bubble, time package functions operate on a
    fake clock. The synctest.Wait function waits for all goroutines in the
    current bubble to block. The synctest package is experimental and must be
    enabled by setting GOEXPERIMENT=synctest at build time. The package API is
    subject to change in future releases. See issue go#67434 for more
    information and to provide feeback.
  * archive: The (*Writer).AddFS implementations in both archive/zip and
    archive/tar now write a directory header for an empty directory.
  * bytes: The bytes package adds several functions that work with iterators.
  * bytes: Lines returns an iterator over the newline-terminated lines in a byte
    slice.
  * bytes: SplitSeq returns an iterator over all subslices of a byte slice split
    around a separator.
  * bytes: SplitAfterSeq returns an iterator over subslices of a byte slice
    split after each instance of a separator.
  * bytes: FieldsSeq returns an iterator over subslices of a byte slice split
    around runs of whitespace characters, as defined by unicode.IsSpace.
  * bytes: FieldsFuncSeq returns an iterator over subslices of a byte slice
    split around runs of Unicode code points satisfying a predicate.
  * crypto/aes: The value returned by NewCipher no longer implements the NewCTR,
    NewGCM, NewCBCEncrypter, and NewCBCDecrypter methods. These methods were
    undocumented and not available on all architectures. Instead, the Block
    value should be passed directly to the relevant crypto/cipher functions. For
    now, crypto/cipher still checks for those methods on Block values, even if
    they are not used by the standard library anymore.
  * crypto/aes: The Stream implementation returned by NewCTR when used with
    crypto/aes is now several times faster on amd64 and arm64.
  * crypto/cipher: The new NewGCMWithRandomNonce function returns an AEAD that
    implements AES-GCM by generating a random nonce during Seal and prepending
    it to the ciphertext.
  * crypto/cipher: NewOFB, NewCFBEncrypter, and NewCFBDecrypter are now
    deprecated. OFB and CFB mode are not authenticated, which generally enables
    active attacks to manipulate and recover the plaintext. It is recommended
    that applications use AEAD modes instead. If an unauthenticated Stream mode
    is required, use NewCTR instead.
  * crypto/ecdsa: PrivateKey.Sign now produces a deterministic signature
    according to RFC 6979 if the random source is nil.
  * crypto/md5: The value returned by md5.New now also implements the
    encoding.BinaryAppender interface.
  * crypto/rand: The Read function is now guaranteed not to fail. It will always
    return nil as the error result. If Read were to encounter an error while
    reading from Reader, the program will irrecoverably crash. Note that the
    platform APIs used by the default Reader are documented to always succeed,
    so this change should only affect programs that override the Reader
    variable. One exception are Linux kernels before version 3.17, where the
    default Reader still opens /dev/urandom and may fail.
  * crypto/rand: On Linux 6.11 and later, Reader now uses the getrandom system
    call via vDSO. This is several times faster, especially for small reads.
  * crypto/rand: On OpenBSD, Reader now uses arc4random_buf(3).
  * crypto/rand: The new Text function can be used to generate cryptographically
    secure random text strings.
  * crypto/rsa: GenerateKey now returns an error if a key of less than 1024 bits
    is requested. All Sign, Verify, Encrypt, and Decrypt methods now return an
    error if used with a key smaller than 1024 bits. Such keys are insecure and
    should not be used. GODEBUG setting rsa1024min=0 restores the old behavior,
    but we recommend doing so only if necessary and only in tests, for example
    by adding a //go:debug rsa1024min=0 line to a test file. A new GenerateKey
    example provides an easy-to-use standard 2048-bit test key.
  * crypto/rsa: It is now safe and more efficient to call PrivateKey.Precompute
    before PrivateKey.Validate. Precompute is now faster in the presence of
    partially filled out PrecomputedValues, such as when unmarshaling a key from
    JSON.
  * crypto/rsa: The package now rejects more invalid keys, even when Validate is
    not called, and GenerateKey may return new errors for broken random sources.
    The Primes and Precomputed fields of PrivateKey are now used and validated
    even when some values are missing. See also the changes to crypto/x509
    parsing and marshaling of RSA keys described below.
  * crypto/rsa: SignPKCS1v15 and VerifyPKCS1v15 now support SHA-512/224,
    SHA-512/256, and SHA-3.
  * crypto/rsa: GenerateKey now uses a slightly different method to generate the
    private exponent (Carmichael's totient instead of Euler's totient). Rare
    applications that externally regenerate keys from only the prime factors may
    produce different but compatible results.
  * crypto/rsa: Public and private key operations are now up to two times faster
    on wasm.
  * crypto/sha1: The value returned by sha1.New now also implements the
    encoding.BinaryAppender interface.
  * crypto/sha256: The values returned by sha256.New and sha256.New224 now also
    implement the encoding.BinaryAppender interface.
  * crypto/sha512: The values returned by sha512.New, sha512.New384,
    sha512.New512_224 and sha512.New512_256 now also implement the
    encoding.BinaryAppender interface.
  * crypto/subtle: The new WithDataIndependentTiming function allows the user to
    run a function with architecture specific features enabled which guarantee
    specific instructions are data value timing invariant. This can be used to
    make sure that code designed to run in constant time is not optimized by
    CPU-level features such that it operates in variable time. Currently,
    WithDataIndependentTiming uses the PSTATE.DIT bit on arm64, and is a no-op
    on all other architectures. GODEBUG setting dataindependenttiming=1 enables
    the DIT mode for the entire Go program.
  * crypto/subtle: The XORBytes output must overlap exactly or not at all with
    the inputs. Previously, the behavior was otherwise undefined, while now
    XORBytes will panic.
  * crypto/tls: The TLS server now supports Encrypted Client Hello (ECH). This
    feature can be enabled by populating the Config.EncryptedClientHelloKeys
    field.
  * crypto/tls: The new post-quantum X25519MLKEM768 key exchange mechanism is
    now supported and is enabled by default when Config.CurvePreferences is nil.
    GODEBUG setting tlsmlkem=0 reverts the default.
  * crypto/tls: Support for the experimental X25519Kyber768Draft00 key exchange
    has been removed.
  * crypto/tls: Key exchange ordering is now handled entirely by the crypto/tls
    package. The order of Config.CurvePreferences is now ignored, and the
    contents are only used to determine which key exchanges to enable when the
    field is populated.
  * crypto/tls: The new ClientHelloInfo.Extensions field lists the IDs of the
    extensions received in the Client Hello message. This can be useful for
    fingerprinting TLS clients.
  * crypto/x509: The x509sha1 GODEBUG setting has been removed.
    Certificate.Verify no longer supports SHA-1 based signatures.
  * crypto/x509: OID now implements the encoding.BinaryAppender and
    encoding.TextAppender interfaces.
  * crypto/x509: The default certificate policies field has changed from
    Certificate.PolicyIdentifiers to Certificate.Policies. When parsing
    certificates, both fields will be populated, but when creating certificates
    policies will now be taken from the Certificate.Policies field instead of
    the Certificate.PolicyIdentifiers field. This change can be reverted with
    GODEBUG setting x509usepolicies=0.
  * crypto/x509: CreateCertificate will now generate a serial number using a RFC
    5280 compliant method when passed a template with a nil
    Certificate.SerialNumber field, instead of failing.
  * crypto/x509: Certificate.Verify now supports policy validation, as defined
    in RFC 5280 and RFC 9618. The new VerifyOptions.CertificatePolicies field
    can be set to an acceptable set of policy OIDs. Only certificate chains with
    valid policy graphs will be returned from Certificate.Verify.
  * crypto/x509: MarshalPKCS8PrivateKey now returns an error instead of
    marshaling an invalid RSA key. (MarshalPKCS1PrivateKey doesn't have an error
    return, and its behavior when provided invalid keys continues to be
    undefined.)
  * crypto/x509: ParsePKCS1PrivateKey and ParsePKCS8PrivateKey now use and
    validate the encoded CRT values, so might reject invalid RSA keys that were
    previously accepted. Use GODEBUG setting x509rsacrt=0 to revert to
    recomputing the CRT values.
  * debug/elf: The debug/elf package adds support for handling symbol versions
    in dynamic ELF (Executable and Linkable Format) files. The new
    File.DynamicVersions method returns a list of dynamic versions defined in
    the ELF file. The new File.DynamicVersionNeeds method returns a list of
    dynamic versions required by this ELF file that are defined in other ELF
    objects. Finally, the new Symbol.HasVersion and Symbol.VersionIndex fields
    indicate the version of a symbol.
  * encoding: Two new interfaces, TextAppender and BinaryAppender, have been
    introduced to append the textual or binary representation of an object to a
    byte slice. These interfaces provide the same functionality as TextMarshaler
    and BinaryMarshaler, but instead of allocating a new slice each time, they
    append the data directly to an existing slice. These interfaces are now
    implemented by standard library types that already implemented TextMarshaler
    and/or BinaryMarshaler.
  * encoding/json: When marshaling, a struct field with the new omitzero option
    in the struct field tag will be omitted if its value is zero. If the field
    type has an IsZero() bool method, that will be used to determine whether the
    value is zero. Otherwise, the value is zero if it is the zero value for its
    type. The omitzero field tag is clearer and less error-prone than omitempty
    when the intent is to omit zero values. In particular, unlike omitempty,
    omitzero omits zero-valued time.Time values, which is a common source of
    friction.
  * encoding/json: If both omitempty and omitzero are specified, the field will
    be omitted if the value is either empty or zero (or both).
  * encoding/json: UnmarshalTypeError.Field now includes embedded structs to
    provide more detailed error messages.
  * go/types: All go/types data structures that expose sequences using a pair of
    methods such as Len() int and At(int) T now also have methods that return
    iterators, allowing you to simplify code. The methods are:
    Interface.EmbeddedTypes, Interface.ExplicitMethods, Interface.Methods,
    MethodSet.Methods, Named.Methods, Scope.Children, Struct.Fields,
    Tuple.Variables, TypeList.Types, TypeParamList.TypeParams, Union.Terms.
  * hash/adler32: The value returned by New now also implements the
    encoding.BinaryAppender interface.
  * hash/crc32: The values returned by New and NewIEEE now also implement the
    encoding.BinaryAppender interface.
  * hash/crc64: The value returned by New now also implements the
    encoding.BinaryAppender interface.
  * hash/fnv: The values returned by New32, New32a, New64, New64a, New128 and
    New128a now also implement the encoding.BinaryAppender interface.
  * hash/maphash: The new Comparable and WriteComparable functions can compute
    the hash of any comparable value. These make it possible to hash anything
    that can be used as a Go map key.
  * log/slog: The new DiscardHandler is a handler that is never enabled and
    always discards its output.
  * log/slog: Level and LevelVar now implement the encoding.TextAppender
    interface.
  * math/big: Float, Int and Rat now implement the encoding.TextAppender
    interface.
  * math/rand: Calls to the deprecated top-level Seed function no longer have
    any effect. To restore the old behavior use GODEBUG setting randseednop=0.
    For more background see proposal go#67273.
  * math/rand/v2: ChaCha8 and PCG now implement the encoding.BinaryAppender
    interface.
  * net: ListenConfig now uses MPTCP by default on systems where it is supported
    (currently on Linux only).
  * net: IP now implements the encoding.TextAppender interface.
  * net/http: Transport's limit on 1xx informational responses received in
    response to a request has changed. It previously aborted a request and
    returned an error after receiving more than 5 1xx responses. It now returns
    an error if the total size of all 1xx responses exceeds the
    Transport.MaxResponseHeaderBytes configuration setting.
  * net/http: In addition, when a request has a
    net/http/httptrace.ClientTrace.Got1xxResponse trace hook, there is now no
    limit on the total number of 1xx responses. The Got1xxResponse hook may
    return an error to abort a request.
  * net/http: Transport and Server now have an HTTP2 field which permits
    configuring HTTP/2 protocol settings.
  * net/http: The new Server.Protocols and Transport.Protocols fields provide a
    simple way to configure what HTTP protocols a server or client use.
  * net/http: The server and client may be configured to support unencrypted
    HTTP/2 connections.
  * net/http: When Server.Protocols contains UnencryptedHTTP2, the server will
    accept HTTP/2 connections on unencrypted ports. The server can accept both
    HTTP/1 and unencrypted HTTP/2 on the same port.
  * net/http: When Transport.Protocols contains UnencryptedHTTP2 and does not
    contain HTTP1, the transport will use unencrypted HTTP/2 for http:// URLs.
    If the transport is configured to use both HTTP/1 and unencrypted HTTP/2, it
    will use HTTP/1.
  * net/http: Unencrypted HTTP/2 support uses "HTTP/2 with Prior Knowledge" (RFC
    9113, section 3.3). The deprecated "Upgrade: h2c" header is not supported.
  * net/netip: Addr, AddrPort and Prefix now implement the
    encoding.BinaryAppender and encoding.TextAppender interfaces.
  * net/url: URL now also implements the encoding.BinaryAppender interface.
  * os/user: On Windows, Current can now be used in Windows Nano Server. The
    implementation has been updated to avoid using functions from the NetApi32
    library, which is not available in Nano Server.
  * os/user: On Windows, Current, Lookup and LookupId now support the following
    built-in service user accounts: NT AUTHORITY\SYSTEM, NT AUTHORITY\LOCAL
    SERVICE, NT AUTHORITY\NETWORK SERVICE
  * os/user: On Windows, Current has been made considerably faster when the
    current user is joined to a slow domain, which is the usual case for many
    corporate users. The new implementation performance is now in the order of
    milliseconds, compared to the previous implementation which could take
    several seconds, or even minutes, to complete.
  * os/user: On Windows, Current now returns the process owner user when the
    current thread is impersonating another user. Previously, it returned an
    error.
  * regexp: Regexp now implements the encoding.TextAppender interface.
  * runtime: The GOROOT function is now deprecated. In new code prefer to use
    the system path to locate the "go" binary, and use go env GOROOT to find its
    GOROOT.
  * strings: The strings package adds several functions that work with
    iterators.
  * strings: Lines returns an iterator over the newline-terminated lines in a
    string.
  * strings: SplitSeq returns an iterator over all substrings of a string split
    around a separator.
  * strings: SplitAfterSeq returns an iterator over substrings of a string split
    after each instance of a separator.
  * strings: FieldsSeq returns an iterator over substrings of a string split
    around runs of whitespace characters, as defined by unicode.IsSpace.
  * strings: FieldsFuncSeq returns an iterator over substrings of a string split
    around runs of Unicode code points satisfying a predicate.
  * sync: The implementation of sync.Map has been changed, improving
    performance, particularly for map modifications. For instance, modifications
    of disjoint sets of keys are much less likely to contend on larger maps, and
    there is no longer any ramp-up time required to achieve low-contention loads
    from the map. If you encounter any problems, set
    GOEXPERIMENT=nosynchashtriemap at build time to switch back to the old
    implementation and please file an issue.
  * testing: The new T.Context and B.Context methods return a context that's
    canceled after the test completes and before test cleanup functions run.
  * testing: The new T.Chdir and B.Chdir methods can be used to change the
    working directory for the duration of a test or benchmark.
  * text/template: Templates now support range-over-func and range-over-int.
  * time: Time now implements the encoding.BinaryAppender and
    encoding.TextAppender interfaces.
  * Linux port: As announced in the Go 1.23 release notes, Go 1.24 requires
    Linux kernel version 3.2 or later.
  * Darwin port: Go 1.24 is the last release that will run on macOS 11 Big Sur.
    Go 1.25 will require macOS 12 Monterey or later.
  * WebAssembly: The go:wasmexport compiler directive is added for Go programs
    to export functions to the WebAssembly host.
  * WebAssembly: On WebAssembly System Interface Preview 1 (GOOS=wasip1
    GOARCH=wasm), Go 1.24 supports building a Go program as a reactor/library,
    by specifying the -buildmode=c-shared build flag.
  * WebAssembly: More types are now permitted as argument or result types for
    go:wasmimport functions. Specifically, bool, string, uintptr, and pointers
    to certain types are allowed (see the documentation for detail), along with
    32-bit and 64-bit integer and float types, and unsafe.Pointer, which are
    already allowed. These types are also permitted as argument or result types
    for go:wasmexport functions.
  * WebAssembly: The support files for WebAssembly have been moved to lib/wasm
    from misc/wasm.
  * Windows: The 32-bit windows/arm port (GOOS=windows GOARCH=arm) has been
    marked broken. See issue go#70705 for details.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-509=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-509=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-509=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-509=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-509=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-509=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-509=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-509=1

  * Development Tools Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-509=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-509=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-509=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-509=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-509=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-509=1

## Package List:

  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * go1.24-doc-1.24.0-150000.1.9.1
    * go1.24-race-1.24.0-150000.1.9.1
    * go1.24-1.24.0-150000.1.9.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * go1.24-doc-1.24.0-150000.1.9.1
    * go1.24-race-1.24.0-150000.1.9.1
    * go1.24-1.24.0-150000.1.9.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * go1.24-doc-1.24.0-150000.1.9.1
    * go1.24-race-1.24.0-150000.1.9.1
    * go1.24-1.24.0-150000.1.9.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * go1.24-doc-1.24.0-150000.1.9.1
    * go1.24-race-1.24.0-150000.1.9.1
    * go1.24-1.24.0-150000.1.9.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * go1.24-doc-1.24.0-150000.1.9.1
    * go1.24-race-1.24.0-150000.1.9.1
    * go1.24-1.24.0-150000.1.9.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * go1.24-doc-1.24.0-150000.1.9.1
    * go1.24-race-1.24.0-150000.1.9.1
    * go1.24-1.24.0-150000.1.9.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * go1.24-doc-1.24.0-150000.1.9.1
    * go1.24-race-1.24.0-150000.1.9.1
    * go1.24-1.24.0-150000.1.9.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * go1.24-doc-1.24.0-150000.1.9.1
    * go1.24-race-1.24.0-150000.1.9.1
    * go1.24-1.24.0-150000.1.9.1
  * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * go1.24-doc-1.24.0-150000.1.9.1
    * go1.24-race-1.24.0-150000.1.9.1
    * go1.24-1.24.0-150000.1.9.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * go1.24-doc-1.24.0-150000.1.9.1
    * go1.24-race-1.24.0-150000.1.9.1
    * go1.24-1.24.0-150000.1.9.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * go1.24-doc-1.24.0-150000.1.9.1
    * go1.24-race-1.24.0-150000.1.9.1
    * go1.24-1.24.0-150000.1.9.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * go1.24-doc-1.24.0-150000.1.9.1
    * go1.24-race-1.24.0-150000.1.9.1
    * go1.24-1.24.0-150000.1.9.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * go1.24-doc-1.24.0-150000.1.9.1
    * go1.24-race-1.24.0-150000.1.9.1
    * go1.24-1.24.0-150000.1.9.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * go1.24-doc-1.24.0-150000.1.9.1
    * go1.24-race-1.24.0-150000.1.9.1
    * go1.24-1.24.0-150000.1.9.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1236217

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250213/8272ba96/attachment.htm>

From null at suse.de  Thu Feb 13 12:30:30 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 13 Feb 2025 12:30:30 -0000
Subject: SUSE-RU-2025:0508-1: moderate: Recommended update for findutils
Message-ID: <173944983071.21560.14191584792936281627@smelt2.prg2.suse.org>



# Recommended update for findutils

Announcement ID: SUSE-RU-2025:0508-1  
Release Date: 2025-02-13T11:30:30Z  
Rating: moderate  
References:

  * bsc#1231472

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.3
  * openSUSE Leap 15.6
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Micro for Rancher 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that has one fix can now be installed.

## Description:

This update for findutils fixes the following issue:

  * fix crash when file system loop was encountered (bsc#1231472).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-508=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-508=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-508=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-508=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-508=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-508=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-508=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-508=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-508=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-508=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-508=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-508=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-508=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-508=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-508=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-508=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-508=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-508=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-508=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-508=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-508=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-508=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-508=1

  * SUSE Linux Enterprise Micro 5.1  
    zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-508=1

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-508=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-508=1

## Package List:

  * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
    * findutils-debuginfo-4.8.0-150300.3.3.2
    * findutils-4.8.0-150300.3.3.2
    * findutils-debugsource-4.8.0-150300.3.3.2
  * openSUSE Leap 15.3 (noarch)
    * findutils-lang-4.8.0-150300.3.3.2
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * findutils-debuginfo-4.8.0-150300.3.3.2
    * findutils-4.8.0-150300.3.3.2
    * findutils-debugsource-4.8.0-150300.3.3.2
  * openSUSE Leap 15.6 (noarch)
    * findutils-lang-4.8.0-150300.3.3.2
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * findutils-debuginfo-4.8.0-150300.3.3.2
    * findutils-4.8.0-150300.3.3.2
    * findutils-debugsource-4.8.0-150300.3.3.2
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * findutils-debuginfo-4.8.0-150300.3.3.2
    * findutils-4.8.0-150300.3.3.2
    * findutils-debugsource-4.8.0-150300.3.3.2
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * findutils-debuginfo-4.8.0-150300.3.3.2
    * findutils-4.8.0-150300.3.3.2
    * findutils-debugsource-4.8.0-150300.3.3.2
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * findutils-debuginfo-4.8.0-150300.3.3.2
    * findutils-4.8.0-150300.3.3.2
    * findutils-debugsource-4.8.0-150300.3.3.2
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * findutils-debuginfo-4.8.0-150300.3.3.2
    * findutils-4.8.0-150300.3.3.2
    * findutils-debugsource-4.8.0-150300.3.3.2
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * findutils-debuginfo-4.8.0-150300.3.3.2
    * findutils-4.8.0-150300.3.3.2
    * findutils-debugsource-4.8.0-150300.3.3.2
  * Basesystem Module 15-SP6 (noarch)
    * findutils-lang-4.8.0-150300.3.3.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * findutils-debuginfo-4.8.0-150300.3.3.2
    * findutils-4.8.0-150300.3.3.2
    * findutils-debugsource-4.8.0-150300.3.3.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * findutils-lang-4.8.0-150300.3.3.2
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * findutils-debuginfo-4.8.0-150300.3.3.2
    * findutils-4.8.0-150300.3.3.2
    * findutils-debugsource-4.8.0-150300.3.3.2
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * findutils-lang-4.8.0-150300.3.3.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * findutils-debuginfo-4.8.0-150300.3.3.2
    * findutils-4.8.0-150300.3.3.2
    * findutils-debugsource-4.8.0-150300.3.3.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * findutils-lang-4.8.0-150300.3.3.2
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * findutils-debuginfo-4.8.0-150300.3.3.2
    * findutils-4.8.0-150300.3.3.2
    * findutils-debugsource-4.8.0-150300.3.3.2
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * findutils-lang-4.8.0-150300.3.3.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * findutils-debuginfo-4.8.0-150300.3.3.2
    * findutils-4.8.0-150300.3.3.2
    * findutils-debugsource-4.8.0-150300.3.3.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * findutils-lang-4.8.0-150300.3.3.2
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * findutils-debuginfo-4.8.0-150300.3.3.2
    * findutils-4.8.0-150300.3.3.2
    * findutils-debugsource-4.8.0-150300.3.3.2
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * findutils-lang-4.8.0-150300.3.3.2
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * findutils-debuginfo-4.8.0-150300.3.3.2
    * findutils-4.8.0-150300.3.3.2
    * findutils-debugsource-4.8.0-150300.3.3.2
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * findutils-lang-4.8.0-150300.3.3.2
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * findutils-debuginfo-4.8.0-150300.3.3.2
    * findutils-4.8.0-150300.3.3.2
    * findutils-debugsource-4.8.0-150300.3.3.2
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * findutils-lang-4.8.0-150300.3.3.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * findutils-debuginfo-4.8.0-150300.3.3.2
    * findutils-4.8.0-150300.3.3.2
    * findutils-debugsource-4.8.0-150300.3.3.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * findutils-lang-4.8.0-150300.3.3.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * findutils-debuginfo-4.8.0-150300.3.3.2
    * findutils-4.8.0-150300.3.3.2
    * findutils-debugsource-4.8.0-150300.3.3.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * findutils-lang-4.8.0-150300.3.3.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * findutils-debuginfo-4.8.0-150300.3.3.2
    * findutils-4.8.0-150300.3.3.2
    * findutils-debugsource-4.8.0-150300.3.3.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * findutils-lang-4.8.0-150300.3.3.2
  * SUSE Manager Proxy 4.3 (x86_64)
    * findutils-debuginfo-4.8.0-150300.3.3.2
    * findutils-4.8.0-150300.3.3.2
    * findutils-debugsource-4.8.0-150300.3.3.2
  * SUSE Manager Proxy 4.3 (noarch)
    * findutils-lang-4.8.0-150300.3.3.2
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * findutils-debuginfo-4.8.0-150300.3.3.2
    * findutils-4.8.0-150300.3.3.2
    * findutils-debugsource-4.8.0-150300.3.3.2
  * SUSE Manager Retail Branch Server 4.3 (noarch)
    * findutils-lang-4.8.0-150300.3.3.2
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * findutils-debuginfo-4.8.0-150300.3.3.2
    * findutils-4.8.0-150300.3.3.2
    * findutils-debugsource-4.8.0-150300.3.3.2
  * SUSE Manager Server 4.3 (noarch)
    * findutils-lang-4.8.0-150300.3.3.2
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * findutils-debuginfo-4.8.0-150300.3.3.2
    * findutils-4.8.0-150300.3.3.2
    * findutils-debugsource-4.8.0-150300.3.3.2
  * SUSE Enterprise Storage 7.1 (noarch)
    * findutils-lang-4.8.0-150300.3.3.2
  * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
    * findutils-debuginfo-4.8.0-150300.3.3.2
    * findutils-4.8.0-150300.3.3.2
    * findutils-debugsource-4.8.0-150300.3.3.2
  * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
    * findutils-debuginfo-4.8.0-150300.3.3.2
    * findutils-4.8.0-150300.3.3.2
    * findutils-debugsource-4.8.0-150300.3.3.2
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
    * findutils-debuginfo-4.8.0-150300.3.3.2
    * findutils-4.8.0-150300.3.3.2
    * findutils-debugsource-4.8.0-150300.3.3.2

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1231472

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250213/e7faeaa4/attachment.htm>

From null at suse.de  Thu Feb 13 12:30:34 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 13 Feb 2025 12:30:34 -0000
Subject: SUSE-RU-2025:0507-1: moderate: Recommended update for open-iscsi
Message-ID: <173944983482.21560.14409596360594589717@smelt2.prg2.suse.org>



# Recommended update for open-iscsi

Announcement ID: SUSE-RU-2025:0507-1  
Release Date: 2025-02-13T11:09:05Z  
Rating: moderate  
References:

  * bsc#1206132
  * bsc#1207157
  * bsc#1235606

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that has three fixes can now be installed.

## Description:

This update for open-iscsi fixes the following issues:

  * Fix device discovery failure on systems with a large number of devices
    (bsc#1235606).
  * Fix issue with yast restarting iscsid service without restarting the iscsid
    socket, this upsets systemd and it is already fixed in upstream
    (bsc#1206132).
  * Branched SLE-15-SP3 from Factory. No longer in sync with Tumbleweed.
  * Backported upstream commit, which sets 'safe_logout' and 'startup' in
    iscsid.conf (bsc#1207157).
  * Updated year in SPEC file

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-507=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-507=1

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-507=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-507=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-507=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-507=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-507=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-507=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-507=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-507=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-507=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-507=1

## Package List:

  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * iscsiuio-debuginfo-0.7.8.6-150400.39.11.2
    * open-iscsi-debuginfo-2.1.7-150400.39.11.2
    * open-iscsi-2.1.7-150400.39.11.2
    * libopeniscsiusr0_2_0-debuginfo-2.1.7-150400.39.11.2
    * libopeniscsiusr0_2_0-2.1.7-150400.39.11.2
    * open-iscsi-debugsource-2.1.7-150400.39.11.2
    * open-iscsi-devel-2.1.7-150400.39.11.2
    * iscsiuio-0.7.8.6-150400.39.11.2
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * iscsiuio-debuginfo-0.7.8.6-150400.39.11.2
    * open-iscsi-debuginfo-2.1.7-150400.39.11.2
    * open-iscsi-2.1.7-150400.39.11.2
    * libopeniscsiusr0_2_0-debuginfo-2.1.7-150400.39.11.2
    * libopeniscsiusr0_2_0-2.1.7-150400.39.11.2
    * open-iscsi-debugsource-2.1.7-150400.39.11.2
    * open-iscsi-devel-2.1.7-150400.39.11.2
    * iscsiuio-0.7.8.6-150400.39.11.2
  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * iscsiuio-debuginfo-0.7.8.6-150400.39.11.2
    * open-iscsi-debuginfo-2.1.7-150400.39.11.2
    * open-iscsi-2.1.7-150400.39.11.2
    * libopeniscsiusr0_2_0-debuginfo-2.1.7-150400.39.11.2
    * libopeniscsiusr0_2_0-2.1.7-150400.39.11.2
    * open-iscsi-debugsource-2.1.7-150400.39.11.2
    * open-iscsi-devel-2.1.7-150400.39.11.2
    * iscsiuio-0.7.8.6-150400.39.11.2
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * iscsiuio-debuginfo-0.7.8.6-150400.39.11.2
    * open-iscsi-debuginfo-2.1.7-150400.39.11.2
    * open-iscsi-2.1.7-150400.39.11.2
    * libopeniscsiusr0_2_0-debuginfo-2.1.7-150400.39.11.2
    * libopeniscsiusr0_2_0-2.1.7-150400.39.11.2
    * open-iscsi-debugsource-2.1.7-150400.39.11.2
    * iscsiuio-0.7.8.6-150400.39.11.2
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * iscsiuio-debuginfo-0.7.8.6-150400.39.11.2
    * open-iscsi-debuginfo-2.1.7-150400.39.11.2
    * open-iscsi-2.1.7-150400.39.11.2
    * libopeniscsiusr0_2_0-debuginfo-2.1.7-150400.39.11.2
    * libopeniscsiusr0_2_0-2.1.7-150400.39.11.2
    * open-iscsi-debugsource-2.1.7-150400.39.11.2
    * iscsiuio-0.7.8.6-150400.39.11.2
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * iscsiuio-debuginfo-0.7.8.6-150400.39.11.2
    * open-iscsi-debuginfo-2.1.7-150400.39.11.2
    * open-iscsi-2.1.7-150400.39.11.2
    * libopeniscsiusr0_2_0-debuginfo-2.1.7-150400.39.11.2
    * libopeniscsiusr0_2_0-2.1.7-150400.39.11.2
    * open-iscsi-debugsource-2.1.7-150400.39.11.2
    * iscsiuio-0.7.8.6-150400.39.11.2
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * iscsiuio-debuginfo-0.7.8.6-150400.39.11.2
    * open-iscsi-debuginfo-2.1.7-150400.39.11.2
    * open-iscsi-2.1.7-150400.39.11.2
    * libopeniscsiusr0_2_0-debuginfo-2.1.7-150400.39.11.2
    * libopeniscsiusr0_2_0-2.1.7-150400.39.11.2
    * open-iscsi-debugsource-2.1.7-150400.39.11.2
    * iscsiuio-0.7.8.6-150400.39.11.2
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * iscsiuio-debuginfo-0.7.8.6-150400.39.11.2
    * open-iscsi-debuginfo-2.1.7-150400.39.11.2
    * open-iscsi-2.1.7-150400.39.11.2
    * libopeniscsiusr0_2_0-debuginfo-2.1.7-150400.39.11.2
    * libopeniscsiusr0_2_0-2.1.7-150400.39.11.2
    * open-iscsi-debugsource-2.1.7-150400.39.11.2
    * open-iscsi-devel-2.1.7-150400.39.11.2
    * iscsiuio-0.7.8.6-150400.39.11.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * iscsiuio-debuginfo-0.7.8.6-150400.39.11.2
    * open-iscsi-debuginfo-2.1.7-150400.39.11.2
    * open-iscsi-2.1.7-150400.39.11.2
    * libopeniscsiusr0_2_0-debuginfo-2.1.7-150400.39.11.2
    * libopeniscsiusr0_2_0-2.1.7-150400.39.11.2
    * open-iscsi-debugsource-2.1.7-150400.39.11.2
    * open-iscsi-devel-2.1.7-150400.39.11.2
    * iscsiuio-0.7.8.6-150400.39.11.2
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * iscsiuio-debuginfo-0.7.8.6-150400.39.11.2
    * open-iscsi-debuginfo-2.1.7-150400.39.11.2
    * open-iscsi-2.1.7-150400.39.11.2
    * libopeniscsiusr0_2_0-debuginfo-2.1.7-150400.39.11.2
    * libopeniscsiusr0_2_0-2.1.7-150400.39.11.2
    * open-iscsi-debugsource-2.1.7-150400.39.11.2
    * open-iscsi-devel-2.1.7-150400.39.11.2
    * iscsiuio-0.7.8.6-150400.39.11.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * iscsiuio-debuginfo-0.7.8.6-150400.39.11.2
    * open-iscsi-debuginfo-2.1.7-150400.39.11.2
    * open-iscsi-2.1.7-150400.39.11.2
    * libopeniscsiusr0_2_0-debuginfo-2.1.7-150400.39.11.2
    * libopeniscsiusr0_2_0-2.1.7-150400.39.11.2
    * open-iscsi-debugsource-2.1.7-150400.39.11.2
    * open-iscsi-devel-2.1.7-150400.39.11.2
    * iscsiuio-0.7.8.6-150400.39.11.2
  * SUSE Manager Proxy 4.3 (x86_64)
    * iscsiuio-debuginfo-0.7.8.6-150400.39.11.2
    * open-iscsi-debuginfo-2.1.7-150400.39.11.2
    * open-iscsi-2.1.7-150400.39.11.2
    * libopeniscsiusr0_2_0-debuginfo-2.1.7-150400.39.11.2
    * libopeniscsiusr0_2_0-2.1.7-150400.39.11.2
    * open-iscsi-debugsource-2.1.7-150400.39.11.2
    * open-iscsi-devel-2.1.7-150400.39.11.2
    * iscsiuio-0.7.8.6-150400.39.11.2

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1206132
  * https://bugzilla.suse.com/show_bug.cgi?id=1207157
  * https://bugzilla.suse.com/show_bug.cgi?id=1235606

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250213/e8403ed7/attachment.htm>

From null at suse.de  Thu Feb 13 12:30:38 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 13 Feb 2025 12:30:38 -0000
Subject: SUSE-RU-2025:0506-1: moderate: Recommended update for open-iscsi
Message-ID: <173944983856.21560.17561761751017361765@smelt2.prg2.suse.org>



# Recommended update for open-iscsi

Announcement ID: SUSE-RU-2025:0506-1  
Release Date: 2025-02-13T10:39:52Z  
Rating: moderate  
References:

  * bsc#1235606

  
Affected Products:

  * openSUSE Leap 15.3
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.2
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3

  
  
An update that has one fix can now be installed.

## Description:

This update for open-iscsi fixes the following issue:

  * Fixing device discovery failure on systems with a large number of devices
    (bsc#1235606).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-506=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-506=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-506=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-506=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-506=1

  * SUSE Linux Enterprise Micro 5.1  
    zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-506=1

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-506=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-506=1

## Package List:

  * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
    * iscsiuio-0.7.8.6-150300.32.30.2
    * open-iscsi-debuginfo-2.1.7-150300.32.30.2
    * open-iscsi-2.1.7-150300.32.30.2
    * iscsiuio-debuginfo-0.7.8.6-150300.32.30.2
    * open-iscsi-devel-2.1.7-150300.32.30.2
    * libopeniscsiusr0_2_0-2.1.7-150300.32.30.2
    * open-iscsi-debugsource-2.1.7-150300.32.30.2
    * libopeniscsiusr0_2_0-debuginfo-2.1.7-150300.32.30.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * iscsiuio-0.7.8.6-150300.32.30.2
    * open-iscsi-debuginfo-2.1.7-150300.32.30.2
    * open-iscsi-2.1.7-150300.32.30.2
    * iscsiuio-debuginfo-0.7.8.6-150300.32.30.2
    * open-iscsi-devel-2.1.7-150300.32.30.2
    * libopeniscsiusr0_2_0-2.1.7-150300.32.30.2
    * open-iscsi-debugsource-2.1.7-150300.32.30.2
    * libopeniscsiusr0_2_0-debuginfo-2.1.7-150300.32.30.2
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * iscsiuio-0.7.8.6-150300.32.30.2
    * open-iscsi-debuginfo-2.1.7-150300.32.30.2
    * open-iscsi-2.1.7-150300.32.30.2
    * iscsiuio-debuginfo-0.7.8.6-150300.32.30.2
    * open-iscsi-devel-2.1.7-150300.32.30.2
    * libopeniscsiusr0_2_0-2.1.7-150300.32.30.2
    * open-iscsi-debugsource-2.1.7-150300.32.30.2
    * libopeniscsiusr0_2_0-debuginfo-2.1.7-150300.32.30.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * iscsiuio-0.7.8.6-150300.32.30.2
    * open-iscsi-debuginfo-2.1.7-150300.32.30.2
    * open-iscsi-2.1.7-150300.32.30.2
    * iscsiuio-debuginfo-0.7.8.6-150300.32.30.2
    * open-iscsi-devel-2.1.7-150300.32.30.2
    * libopeniscsiusr0_2_0-2.1.7-150300.32.30.2
    * open-iscsi-debugsource-2.1.7-150300.32.30.2
    * libopeniscsiusr0_2_0-debuginfo-2.1.7-150300.32.30.2
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * iscsiuio-0.7.8.6-150300.32.30.2
    * open-iscsi-debuginfo-2.1.7-150300.32.30.2
    * open-iscsi-2.1.7-150300.32.30.2
    * iscsiuio-debuginfo-0.7.8.6-150300.32.30.2
    * open-iscsi-devel-2.1.7-150300.32.30.2
    * libopeniscsiusr0_2_0-2.1.7-150300.32.30.2
    * open-iscsi-debugsource-2.1.7-150300.32.30.2
    * libopeniscsiusr0_2_0-debuginfo-2.1.7-150300.32.30.2
  * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
    * iscsiuio-0.7.8.6-150300.32.30.2
    * open-iscsi-debuginfo-2.1.7-150300.32.30.2
    * open-iscsi-2.1.7-150300.32.30.2
    * iscsiuio-debuginfo-0.7.8.6-150300.32.30.2
    * libopeniscsiusr0_2_0-2.1.7-150300.32.30.2
    * open-iscsi-debugsource-2.1.7-150300.32.30.2
    * libopeniscsiusr0_2_0-debuginfo-2.1.7-150300.32.30.2
  * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
    * iscsiuio-0.7.8.6-150300.32.30.2
    * open-iscsi-debuginfo-2.1.7-150300.32.30.2
    * open-iscsi-2.1.7-150300.32.30.2
    * iscsiuio-debuginfo-0.7.8.6-150300.32.30.2
    * libopeniscsiusr0_2_0-2.1.7-150300.32.30.2
    * open-iscsi-debugsource-2.1.7-150300.32.30.2
    * libopeniscsiusr0_2_0-debuginfo-2.1.7-150300.32.30.2
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
    * iscsiuio-0.7.8.6-150300.32.30.2
    * open-iscsi-debuginfo-2.1.7-150300.32.30.2
    * open-iscsi-2.1.7-150300.32.30.2
    * iscsiuio-debuginfo-0.7.8.6-150300.32.30.2
    * libopeniscsiusr0_2_0-2.1.7-150300.32.30.2
    * open-iscsi-debugsource-2.1.7-150300.32.30.2
    * libopeniscsiusr0_2_0-debuginfo-2.1.7-150300.32.30.2

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1235606

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250213/33cf16d6/attachment.htm>

From null at suse.de  Thu Feb 13 12:30:40 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 13 Feb 2025 12:30:40 -0000
Subject: SUSE-RU-2025:0505-1: moderate: Recommended update for mdadm
Message-ID: <173944984082.21560.8751651739665401024@smelt2.prg2.suse.org>



# Recommended update for mdadm

Announcement ID: SUSE-RU-2025:0505-1  
Release Date: 2025-02-13T10:33:54Z  
Rating: moderate  
References:

  * bsc#1233265

  
Affected Products:

  * openSUSE Leap 15.5
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5

  
  
An update that has one fix can now be installed.

## Description:

This update for mdadm fixes the following issue:

  * mdopen: add /sbin to PATH when call system("modprobe md_mod") (bsc#1233265).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-505=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-505=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-505=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-505=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-505=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-505=1

## Package List:

  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
    * mdadm-4.2-150500.6.11.1
    * mdadm-debuginfo-4.2-150500.6.11.1
    * mdadm-debugsource-4.2-150500.6.11.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * mdadm-4.2-150500.6.11.1
    * mdadm-debuginfo-4.2-150500.6.11.1
    * mdadm-debugsource-4.2-150500.6.11.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * mdadm-4.2-150500.6.11.1
    * mdadm-debuginfo-4.2-150500.6.11.1
    * mdadm-debugsource-4.2-150500.6.11.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * mdadm-4.2-150500.6.11.1
    * mdadm-debuginfo-4.2-150500.6.11.1
    * mdadm-debugsource-4.2-150500.6.11.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * mdadm-4.2-150500.6.11.1
    * mdadm-debuginfo-4.2-150500.6.11.1
    * mdadm-debugsource-4.2-150500.6.11.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * mdadm-4.2-150500.6.11.1
    * mdadm-debuginfo-4.2-150500.6.11.1
    * mdadm-debugsource-4.2-150500.6.11.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1233265

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250213/f0d3b618/attachment.htm>

From null at suse.de  Thu Feb 13 12:30:45 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 13 Feb 2025 12:30:45 -0000
Subject: SUSE-RU-2025:0504-1: moderate: Recommended update for kdump
Message-ID: <173944984533.21560.9482288390387655899@smelt2.prg2.suse.org>



# Recommended update for kdump

Announcement ID: SUSE-RU-2025:0504-1  
Release Date: 2025-02-13T10:27:01Z  
Rating: moderate  
References:

  * bsc#1233137
  * bsc#1236921

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that has two fixes can now be installed.

## Description:

This update for kdump fixes the following issues:

  * Version update kdump-2.0.6+git20.gf8ecc01 (bsc#1236921).
  * Fix filtering ro keys in kdump_bond_config (bsc#1233137).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-504=1 openSUSE-SLE-15.6-2025-504=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-504=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * kdump-debugsource-2.0.6+git21.g35dcd64-150600.3.11.2
    * kdump-2.0.6+git21.g35dcd64-150600.3.11.2
    * kdump-debuginfo-2.0.6+git21.g35dcd64-150600.3.11.2
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * kdump-debugsource-2.0.6+git21.g35dcd64-150600.3.11.2
    * kdump-2.0.6+git21.g35dcd64-150600.3.11.2
    * kdump-debuginfo-2.0.6+git21.g35dcd64-150600.3.11.2

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1233137
  * https://bugzilla.suse.com/show_bug.cgi?id=1236921

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250213/4fbe6251/attachment.htm>

From null at suse.de  Thu Feb 13 12:30:56 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 13 Feb 2025 12:30:56 -0000
Subject: SUSE-SU-2025:0503-1: important: Security update for ovmf
Message-ID: <173944985664.21560.17773063428154448326@smelt2.prg2.suse.org>



# Security update for ovmf

Announcement ID: SUSE-SU-2025:0503-1  
Release Date: 2025-02-13T10:12:13Z  
Rating: important  
References:

  * bsc#1218879
  * bsc#1218880
  * bsc#1218881
  * bsc#1218882
  * bsc#1218883
  * bsc#1218884
  * bsc#1218885
  * bsc#1218886
  * bsc#1218887
  * bsc#1225889

  
Cross-References:

  * CVE-2023-45229
  * CVE-2023-45230
  * CVE-2023-45231
  * CVE-2023-45232
  * CVE-2023-45233
  * CVE-2023-45234
  * CVE-2023-45235
  * CVE-2023-45236
  * CVE-2023-45237
  * CVE-2024-1298

  
CVSS scores:

  * CVE-2023-45229 ( SUSE ):  6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-45229 ( NVD ):  6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-45230 ( SUSE ):  8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
  * CVE-2023-45230 ( NVD ):  8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-45230 ( NVD ):  8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
  * CVE-2023-45231 ( SUSE ):  6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-45231 ( NVD ):  6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-45232 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-45232 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-45233 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-45233 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-45234 ( SUSE ):  8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
  * CVE-2023-45234 ( NVD ):  8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-45235 ( SUSE ):  8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
  * CVE-2023-45235 ( NVD ):  8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-45236 ( SUSE ):  5.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
  * CVE-2023-45236 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-45237 ( SUSE ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
  * CVE-2023-45237 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-1298 ( SUSE ):  6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves 10 vulnerabilities can now be installed.

## Description:

This update for ovmf fixes the following issues:

  * CVE-2024-1298: potential division-by-zero crash in edk2 due to UINT32
    overflow in S3 ResumeCount. (bsc#1225889)
  * CVE-2023-45229: out-of-bounds read in edk2 when processing IA_NA/IA_TA
    options in DHCPv6 Advertise messages. (bsc#1218879)
  * CVE-2023-45230: buffer overflow in the DHCPv6 client in edk2 via a long
    Server ID option. (bsc#1218880)
  * CVE-2023-45231: out-of-bounds read in edk2 when handling a ND Redirect
    message with truncated options. (bsc#1218881)
  * CVE-2023-45232: infinite loop in edk2 when parsing unknown options in the
    Destination Options header. (bsc#1218882)
  * CVE-2023-45233: infinite loop in edk2 when parsing PadN options in the
    Destination Options header. (bsc#1218883)
  * CVE-2023-45234: buffer overflow in edk2 when processing DNS Servers options
    in a DHCPv6 Advertise message. (bsc#1218884)
  * CVE-2023-45235: buffer overflow in edk2 when handling the Server ID option
    in a DHCPv6 proxy Advertise message. (bsc#1218885)
  * CVE-2023-45236: predictable TCP Initial Sequence Numbers in edk2 network
    packages. (bsc#1218886)
  * CVE-2023-45237: use of a weak pseudorandom number generator in edk2.
    (bsc#1218887)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-503=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-503=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-503=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-503=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-503=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-503=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-503=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-503=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-503=1

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-503=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-503=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-503=1

## Package List:

  * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch)
    * qemu-uefi-aarch64-202202-150400.5.15.1
    * qemu-ovmf-x86_64-202202-150400.5.15.1
  * SUSE Linux Enterprise Micro 5.4 (noarch)
    * qemu-uefi-aarch64-202202-150400.5.15.1
    * qemu-ovmf-x86_64-202202-150400.5.15.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * ovmf-202202-150400.5.15.1
    * ovmf-tools-202202-150400.5.15.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * qemu-uefi-aarch64-202202-150400.5.15.1
    * qemu-ovmf-x86_64-202202-150400.5.15.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * ovmf-202202-150400.5.15.1
    * ovmf-tools-202202-150400.5.15.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * qemu-uefi-aarch64-202202-150400.5.15.1
    * qemu-ovmf-x86_64-202202-150400.5.15.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 x86_64)
    * ovmf-202202-150400.5.15.1
    * ovmf-tools-202202-150400.5.15.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * qemu-uefi-aarch64-202202-150400.5.15.1
    * qemu-ovmf-x86_64-202202-150400.5.15.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
    * ovmf-202202-150400.5.15.1
    * ovmf-tools-202202-150400.5.15.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * qemu-ovmf-x86_64-202202-150400.5.15.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * ovmf-202202-150400.5.15.1
    * ovmf-tools-202202-150400.5.15.1
  * SUSE Manager Proxy 4.3 (noarch)
    * qemu-ovmf-x86_64-202202-150400.5.15.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * ovmf-202202-150400.5.15.1
    * ovmf-tools-202202-150400.5.15.1
  * SUSE Manager Retail Branch Server 4.3 (noarch)
    * qemu-ovmf-x86_64-202202-150400.5.15.1
  * SUSE Manager Server 4.3 (x86_64)
    * ovmf-202202-150400.5.15.1
    * ovmf-tools-202202-150400.5.15.1
  * SUSE Manager Server 4.3 (noarch)
    * qemu-ovmf-x86_64-202202-150400.5.15.1
  * openSUSE Leap 15.4 (aarch64 x86_64)
    * ovmf-202202-150400.5.15.1
    * ovmf-tools-202202-150400.5.15.1
  * openSUSE Leap 15.4 (noarch)
    * qemu-ovmf-x86_64-202202-150400.5.15.1
    * qemu-uefi-aarch32-202202-150400.5.15.1
    * qemu-ovmf-ia32-202202-150400.5.15.1
    * qemu-uefi-aarch64-202202-150400.5.15.1
  * openSUSE Leap 15.4 (x86_64)
    * qemu-ovmf-x86_64-debug-202202-150400.5.15.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch)
    * qemu-uefi-aarch64-202202-150400.5.15.1
    * qemu-ovmf-x86_64-202202-150400.5.15.1
  * SUSE Linux Enterprise Micro 5.3 (noarch)
    * qemu-uefi-aarch64-202202-150400.5.15.1
    * qemu-ovmf-x86_64-202202-150400.5.15.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-45229.html
  * https://www.suse.com/security/cve/CVE-2023-45230.html
  * https://www.suse.com/security/cve/CVE-2023-45231.html
  * https://www.suse.com/security/cve/CVE-2023-45232.html
  * https://www.suse.com/security/cve/CVE-2023-45233.html
  * https://www.suse.com/security/cve/CVE-2023-45234.html
  * https://www.suse.com/security/cve/CVE-2023-45235.html
  * https://www.suse.com/security/cve/CVE-2023-45236.html
  * https://www.suse.com/security/cve/CVE-2023-45237.html
  * https://www.suse.com/security/cve/CVE-2024-1298.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1218879
  * https://bugzilla.suse.com/show_bug.cgi?id=1218880
  * https://bugzilla.suse.com/show_bug.cgi?id=1218881
  * https://bugzilla.suse.com/show_bug.cgi?id=1218882
  * https://bugzilla.suse.com/show_bug.cgi?id=1218883
  * https://bugzilla.suse.com/show_bug.cgi?id=1218884
  * https://bugzilla.suse.com/show_bug.cgi?id=1218885
  * https://bugzilla.suse.com/show_bug.cgi?id=1218886
  * https://bugzilla.suse.com/show_bug.cgi?id=1218887
  * https://bugzilla.suse.com/show_bug.cgi?id=1225889

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250213/5d8af1cd/attachment.htm>

From null at suse.de  Thu Feb 13 12:31:00 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 13 Feb 2025 12:31:00 -0000
Subject: SUSE-SU-2025:0502-1: moderate: Security update for python3
Message-ID: <173944986029.21560.7860676232281678797@smelt2.prg2.suse.org>



# Security update for python3

Announcement ID: SUSE-SU-2025:0502-1  
Release Date: 2025-02-13T10:11:12Z  
Rating: moderate  
References:

  * bsc#1236705

  
Cross-References:

  * CVE-2025-0938

  
CVSS scores:

  * CVE-2025-0938 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N
  * CVE-2025-0938 ( SUSE ):  4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
  * CVE-2025-0938 ( NVD ):  6.3
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

  
Affected Products:

  * SUSE Linux Enterprise Micro 5.1

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for python3 fixes the following issues:

  * CVE-2025-0938: domain names containing square brackets are not identified as
    incorrect by urlparse. (bsc#1236705)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro 5.1  
    zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-502=1

## Package List:

  * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
    * libpython3_6m1_0-3.6.15-150000.3.170.1
    * python3-base-debuginfo-3.6.15-150000.3.170.1
    * python3-core-debugsource-3.6.15-150000.3.170.1
    * python3-debuginfo-3.6.15-150000.3.170.1
    * python3-debugsource-3.6.15-150000.3.170.1
    * python3-base-3.6.15-150000.3.170.1
    * python3-3.6.15-150000.3.170.1
    * libpython3_6m1_0-debuginfo-3.6.15-150000.3.170.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-0938.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236705

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250213/263b59ed/attachment.htm>

From null at suse.de  Thu Feb 13 12:31:02 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 13 Feb 2025 12:31:02 -0000
Subject: SUSE-RU-2025:0501-1: moderate: Recommended update for permissions
Message-ID: <173944986245.21560.11201415045927564103@smelt2.prg2.suse.org>



# Recommended update for permissions

Announcement ID: SUSE-RU-2025:0501-1  
Release Date: 2025-02-13T09:53:26Z  
Rating: moderate  
References:

  * bsc#1236960

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that has one fix can now be installed.

## Description:

This update for permissions fixes the following issues:

  * Version update 20240826.
  * Reintroduced nscd socket, this is a whitelisting for glibc (bsc#1236960).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-501=1 openSUSE-SLE-15.6-2025-501=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-501=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * permissions-20240826-150600.10.18.2
    * permissions-debuginfo-20240826-150600.10.18.2
    * permissions-debugsource-20240826-150600.10.18.2
  * openSUSE Leap 15.6 (noarch)
    * permissions-zypp-plugin-20240826-150600.10.18.2
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * permissions-20240826-150600.10.18.2
    * permissions-debuginfo-20240826-150600.10.18.2
    * permissions-debugsource-20240826-150600.10.18.2
  * Basesystem Module 15-SP6 (noarch)
    * permissions-zypp-plugin-20240826-150600.10.18.2

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1236960

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250213/c6c7a7b4/attachment.htm>

From null at suse.de  Thu Feb 13 12:31:06 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 13 Feb 2025 12:31:06 -0000
Subject: SUSE-RU-2025:0500-1: moderate: Recommended update for mdadm
Message-ID: <173944986676.21560.15940979482219968595@smelt2.prg2.suse.org>



# Recommended update for mdadm

Announcement ID: SUSE-RU-2025:0500-1  
Release Date: 2025-02-13T08:27:02Z  
Rating: moderate  
References:

  * bsc#1233265

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that has one fix can now be installed.

## Description:

This update for mdadm fixes the following issue:

  * mdopen: add /sbin to PATH when call system("modprobe md_mod") (bsc#1233265).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-500=1 SUSE-2025-500=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-500=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * mdadm-debuginfo-4.3-150600.3.9.2
    * mdadm-4.3-150600.3.9.2
    * mdadm-debugsource-4.3-150600.3.9.2
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * mdadm-debuginfo-4.3-150600.3.9.2
    * mdadm-4.3-150600.3.9.2
    * mdadm-debugsource-4.3-150600.3.9.2

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1233265

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250213/24aabf75/attachment.htm>

From null at suse.de  Thu Feb 13 12:34:55 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 13 Feb 2025 12:34:55 -0000
Subject: SUSE-SU-2025:0499-1: important: Security update for the Linux Kernel
Message-ID: <173945009530.21560.11420929565033229537@smelt2.prg2.suse.org>



# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2025:0499-1  
Release Date: 2025-02-13T08:15:19Z  
Rating: important  
References:

  * bsc#1012628
  * bsc#1194869
  * bsc#1215199
  * bsc#1216813
  * bsc#1218470
  * bsc#1220711
  * bsc#1221326
  * bsc#1222803
  * bsc#1224049
  * bsc#1225897
  * bsc#1226980
  * bsc#1228592
  * bsc#1229833
  * bsc#1231016
  * bsc#1231088
  * bsc#1232087
  * bsc#1232101
  * bsc#1232158
  * bsc#1232161
  * bsc#1232421
  * bsc#1232882
  * bsc#1233055
  * bsc#1233112
  * bsc#1233221
  * bsc#1233248
  * bsc#1233259
  * bsc#1233260
  * bsc#1233488
  * bsc#1233522
  * bsc#1233638
  * bsc#1233642
  * bsc#1233778
  * bsc#1234195
  * bsc#1234619
  * bsc#1234635
  * bsc#1234683
  * bsc#1234693
  * bsc#1234726
  * bsc#1234825
  * bsc#1234863
  * bsc#1234887
  * bsc#1234888
  * bsc#1234893
  * bsc#1234898
  * bsc#1234901
  * bsc#1234906
  * bsc#1234923
  * bsc#1234931
  * bsc#1234934
  * bsc#1234947
  * bsc#1234957
  * bsc#1235000
  * bsc#1235001
  * bsc#1235011
  * bsc#1235031
  * bsc#1235032
  * bsc#1235035
  * bsc#1235037
  * bsc#1235038
  * bsc#1235039
  * bsc#1235040
  * bsc#1235042
  * bsc#1235043
  * bsc#1235046
  * bsc#1235050
  * bsc#1235051
  * bsc#1235053
  * bsc#1235054
  * bsc#1235057
  * bsc#1235059
  * bsc#1235065
  * bsc#1235070
  * bsc#1235073
  * bsc#1235100
  * bsc#1235112
  * bsc#1235115
  * bsc#1235117
  * bsc#1235122
  * bsc#1235123
  * bsc#1235125
  * bsc#1235132
  * bsc#1235133
  * bsc#1235155
  * bsc#1235160
  * bsc#1235217
  * bsc#1235219
  * bsc#1235220
  * bsc#1235222
  * bsc#1235223
  * bsc#1235224
  * bsc#1235227
  * bsc#1235230
  * bsc#1235241
  * bsc#1235244
  * bsc#1235249
  * bsc#1235251
  * bsc#1235252
  * bsc#1235389
  * bsc#1235390
  * bsc#1235391
  * bsc#1235406
  * bsc#1235410
  * bsc#1235412
  * bsc#1235413
  * bsc#1235415
  * bsc#1235416
  * bsc#1235417
  * bsc#1235418
  * bsc#1235423
  * bsc#1235424
  * bsc#1235425
  * bsc#1235426
  * bsc#1235427
  * bsc#1235428
  * bsc#1235429
  * bsc#1235430
  * bsc#1235433
  * bsc#1235437
  * bsc#1235439
  * bsc#1235441
  * bsc#1235444
  * bsc#1235445
  * bsc#1235449
  * bsc#1235451
  * bsc#1235454
  * bsc#1235458
  * bsc#1235459
  * bsc#1235464
  * bsc#1235466
  * bsc#1235473
  * bsc#1235479
  * bsc#1235480
  * bsc#1235483
  * bsc#1235486
  * bsc#1235487
  * bsc#1235488
  * bsc#1235489
  * bsc#1235491
  * bsc#1235494
  * bsc#1235495
  * bsc#1235496
  * bsc#1235497
  * bsc#1235498
  * bsc#1235500
  * bsc#1235502
  * bsc#1235503
  * bsc#1235519
  * bsc#1235520
  * bsc#1235521
  * bsc#1235523
  * bsc#1235526
  * bsc#1235528
  * bsc#1235532
  * bsc#1235533
  * bsc#1235534
  * bsc#1235537
  * bsc#1235538
  * bsc#1235545
  * bsc#1235552
  * bsc#1235555
  * bsc#1235557
  * bsc#1235563
  * bsc#1235564
  * bsc#1235565
  * bsc#1235568
  * bsc#1235570
  * bsc#1235571
  * bsc#1235577
  * bsc#1235578
  * bsc#1235582
  * bsc#1235583
  * bsc#1235584
  * bsc#1235587
  * bsc#1235611
  * bsc#1235612
  * bsc#1235616
  * bsc#1235622
  * bsc#1235627
  * bsc#1235632
  * bsc#1235635
  * bsc#1235638
  * bsc#1235641
  * bsc#1235643
  * bsc#1235645
  * bsc#1235646
  * bsc#1235647
  * bsc#1235650
  * bsc#1235653
  * bsc#1235656
  * bsc#1235657
  * bsc#1235663
  * bsc#1235686
  * bsc#1235700
  * bsc#1235705
  * bsc#1235707
  * bsc#1235708
  * bsc#1235710
  * bsc#1235714
  * bsc#1235716
  * bsc#1235720
  * bsc#1235723
  * bsc#1235727
  * bsc#1235730
  * bsc#1235737
  * bsc#1235739
  * bsc#1235745
  * bsc#1235747
  * bsc#1235750
  * bsc#1235753
  * bsc#1235759
  * bsc#1235764
  * bsc#1235768
  * bsc#1235776
  * bsc#1235777
  * bsc#1235778
  * bsc#1235779
  * bsc#1235793
  * bsc#1235798
  * bsc#1235806
  * bsc#1235808
  * bsc#1235812
  * bsc#1235814
  * bsc#1235818
  * bsc#1235842
  * bsc#1235865
  * bsc#1235874
  * bsc#1235894
  * bsc#1235902
  * bsc#1235903
  * bsc#1235906
  * bsc#1235914
  * bsc#1235918
  * bsc#1235919
  * bsc#1235920
  * bsc#1235924
  * bsc#1235940
  * bsc#1235941
  * bsc#1235946
  * bsc#1235948
  * bsc#1235952
  * bsc#1235964
  * bsc#1235965
  * bsc#1235967
  * bsc#1235969
  * bsc#1235976
  * bsc#1235977
  * bsc#1236078
  * bsc#1236080
  * bsc#1236082
  * bsc#1236088
  * bsc#1236090
  * bsc#1236091
  * bsc#1236096
  * bsc#1236097
  * bsc#1236098
  * bsc#1236101
  * bsc#1236102
  * bsc#1236104
  * bsc#1236106
  * bsc#1236120
  * bsc#1236125
  * bsc#1236127
  * bsc#1236131
  * bsc#1236138
  * bsc#1236143
  * bsc#1236144
  * bsc#1236145
  * bsc#1236160
  * bsc#1236161
  * bsc#1236163
  * bsc#1236168
  * bsc#1236178
  * bsc#1236180
  * bsc#1236181
  * bsc#1236182
  * bsc#1236190
  * bsc#1236192
  * bsc#1236198
  * bsc#1236227
  * bsc#1236245
  * bsc#1236247
  * bsc#1236248
  * bsc#1236260
  * bsc#1236262
  * bsc#1236628
  * bsc#1236680
  * bsc#1236683
  * bsc#1236685
  * bsc#1236688
  * bsc#1236694
  * bsc#1236696
  * bsc#1236698
  * bsc#1236703
  * bsc#1236732
  * bsc#1236733
  * bsc#1236757
  * bsc#1236758
  * bsc#1236760
  * bsc#1236761

  
Cross-References:

  * CVE-2023-52489
  * CVE-2023-52923
  * CVE-2024-26810
  * CVE-2024-36476
  * CVE-2024-39282
  * CVE-2024-43913
  * CVE-2024-45828
  * CVE-2024-46858
  * CVE-2024-46896
  * CVE-2024-47141
  * CVE-2024-47143
  * CVE-2024-47809
  * CVE-2024-48873
  * CVE-2024-48881
  * CVE-2024-49569
  * CVE-2024-49948
  * CVE-2024-49951
  * CVE-2024-49978
  * CVE-2024-49998
  * CVE-2024-50051
  * CVE-2024-50106
  * CVE-2024-50151
  * CVE-2024-50199
  * CVE-2024-50251
  * CVE-2024-50258
  * CVE-2024-50299
  * CVE-2024-50304
  * CVE-2024-52332
  * CVE-2024-53091
  * CVE-2024-53095
  * CVE-2024-53164
  * CVE-2024-53168
  * CVE-2024-53170
  * CVE-2024-53172
  * CVE-2024-53175
  * CVE-2024-53185
  * CVE-2024-53187
  * CVE-2024-53194
  * CVE-2024-53195
  * CVE-2024-53196
  * CVE-2024-53197
  * CVE-2024-53198
  * CVE-2024-53203
  * CVE-2024-53227
  * CVE-2024-53230
  * CVE-2024-53231
  * CVE-2024-53232
  * CVE-2024-53233
  * CVE-2024-53236
  * CVE-2024-53239
  * CVE-2024-53685
  * CVE-2024-53690
  * CVE-2024-54680
  * CVE-2024-55639
  * CVE-2024-55881
  * CVE-2024-55916
  * CVE-2024-56369
  * CVE-2024-56372
  * CVE-2024-56531
  * CVE-2024-56532
  * CVE-2024-56533
  * CVE-2024-56538
  * CVE-2024-56543
  * CVE-2024-56546
  * CVE-2024-56548
  * CVE-2024-56557
  * CVE-2024-56558
  * CVE-2024-56568
  * CVE-2024-56569
  * CVE-2024-56570
  * CVE-2024-56571
  * CVE-2024-56572
  * CVE-2024-56573
  * CVE-2024-56574
  * CVE-2024-56575
  * CVE-2024-56577
  * CVE-2024-56578
  * CVE-2024-56584
  * CVE-2024-56587
  * CVE-2024-56588
  * CVE-2024-56589
  * CVE-2024-56590
  * CVE-2024-56592
  * CVE-2024-56593
  * CVE-2024-56594
  * CVE-2024-56595
  * CVE-2024-56596
  * CVE-2024-56597
  * CVE-2024-56598
  * CVE-2024-56600
  * CVE-2024-56601
  * CVE-2024-56602
  * CVE-2024-56603
  * CVE-2024-56606
  * CVE-2024-56607
  * CVE-2024-56608
  * CVE-2024-56609
  * CVE-2024-56610
  * CVE-2024-56611
  * CVE-2024-56614
  * CVE-2024-56615
  * CVE-2024-56616
  * CVE-2024-56617
  * CVE-2024-56619
  * CVE-2024-56620
  * CVE-2024-56622
  * CVE-2024-56623
  * CVE-2024-56625
  * CVE-2024-56629
  * CVE-2024-56630
  * CVE-2024-56631
  * CVE-2024-56632
  * CVE-2024-56634
  * CVE-2024-56635
  * CVE-2024-56636
  * CVE-2024-56637
  * CVE-2024-56641
  * CVE-2024-56642
  * CVE-2024-56643
  * CVE-2024-56644
  * CVE-2024-56648
  * CVE-2024-56649
  * CVE-2024-56650
  * CVE-2024-56651
  * CVE-2024-56654
  * CVE-2024-56656
  * CVE-2024-56658
  * CVE-2024-56659
  * CVE-2024-56660
  * CVE-2024-56661
  * CVE-2024-56662
  * CVE-2024-56663
  * CVE-2024-56664
  * CVE-2024-56665
  * CVE-2024-56670
  * CVE-2024-56672
  * CVE-2024-56675
  * CVE-2024-56677
  * CVE-2024-56678
  * CVE-2024-56679
  * CVE-2024-56681
  * CVE-2024-56683
  * CVE-2024-56687
  * CVE-2024-56688
  * CVE-2024-56690
  * CVE-2024-56691
  * CVE-2024-56693
  * CVE-2024-56694
  * CVE-2024-56698
  * CVE-2024-56700
  * CVE-2024-56701
  * CVE-2024-56704
  * CVE-2024-56705
  * CVE-2024-56707
  * CVE-2024-56708
  * CVE-2024-56709
  * CVE-2024-56712
  * CVE-2024-56715
  * CVE-2024-56716
  * CVE-2024-56722
  * CVE-2024-56723
  * CVE-2024-56724
  * CVE-2024-56725
  * CVE-2024-56726
  * CVE-2024-56727
  * CVE-2024-56728
  * CVE-2024-56729
  * CVE-2024-56739
  * CVE-2024-56741
  * CVE-2024-56745
  * CVE-2024-56746
  * CVE-2024-56747
  * CVE-2024-56748
  * CVE-2024-56759
  * CVE-2024-56760
  * CVE-2024-56763
  * CVE-2024-56765
  * CVE-2024-56766
  * CVE-2024-56767
  * CVE-2024-56769
  * CVE-2024-56774
  * CVE-2024-56775
  * CVE-2024-56776
  * CVE-2024-56777
  * CVE-2024-56778
  * CVE-2024-56779
  * CVE-2024-56780
  * CVE-2024-56787
  * CVE-2024-57791
  * CVE-2024-57792
  * CVE-2024-57793
  * CVE-2024-57795
  * CVE-2024-57798
  * CVE-2024-57801
  * CVE-2024-57802
  * CVE-2024-57804
  * CVE-2024-57809
  * CVE-2024-57838
  * CVE-2024-57849
  * CVE-2024-57850
  * CVE-2024-57857
  * CVE-2024-57874
  * CVE-2024-57876
  * CVE-2024-57882
  * CVE-2024-57884
  * CVE-2024-57887
  * CVE-2024-57888
  * CVE-2024-57890
  * CVE-2024-57892
  * CVE-2024-57893
  * CVE-2024-57896
  * CVE-2024-57897
  * CVE-2024-57899
  * CVE-2024-57903
  * CVE-2024-57904
  * CVE-2024-57906
  * CVE-2024-57907
  * CVE-2024-57908
  * CVE-2024-57910
  * CVE-2024-57911
  * CVE-2024-57912
  * CVE-2024-57913
  * CVE-2024-57915
  * CVE-2024-57916
  * CVE-2024-57917
  * CVE-2024-57922
  * CVE-2024-57926
  * CVE-2024-57929
  * CVE-2024-57931
  * CVE-2024-57932
  * CVE-2024-57933
  * CVE-2024-57935
  * CVE-2024-57936
  * CVE-2024-57938
  * CVE-2024-57940
  * CVE-2024-57946
  * CVE-2025-21632
  * CVE-2025-21645
  * CVE-2025-21646
  * CVE-2025-21649
  * CVE-2025-21650
  * CVE-2025-21651
  * CVE-2025-21652
  * CVE-2025-21653
  * CVE-2025-21655
  * CVE-2025-21656
  * CVE-2025-21662
  * CVE-2025-21663
  * CVE-2025-21664
  * CVE-2025-21666
  * CVE-2025-21669
  * CVE-2025-21670
  * CVE-2025-21674
  * CVE-2025-21675
  * CVE-2025-21676
  * CVE-2025-21678
  * CVE-2025-21682

  
CVSS scores:

  * CVE-2023-52489 ( SUSE ):  5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-52923 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2023-52923 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-26810 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-26810 ( NVD ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-36476 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-36476 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-36476 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-39282 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-39282 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-43913 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-43913 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
  * CVE-2024-43913 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-45828 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-45828 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-45828 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-46858 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-46858 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-46896 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-46896 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47141 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47141 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47141 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47143 ( SUSE ):  5.6
    CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47143 ( SUSE ):  4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47143 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47809 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47809 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47809 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-48873 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-48873 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-48873 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-48881 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-48881 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-48881 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49569 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-49569 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49948 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49948 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49951 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49951 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49978 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49978 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49998 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49998 ( NVD ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50051 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-50051 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50051 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50051 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50106 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50106 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50106 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50151 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-50151 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2024-50151 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50199 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50251 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-50251 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50251 ( NVD ):  6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50258 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-50258 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50258 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50299 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50299 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50304 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50304 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-52332 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-52332 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53091 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53091 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53095 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53095 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53164 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53164 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53168 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53168 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53168 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53168 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53170 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53170 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53170 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53170 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53172 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53172 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53175 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-53175 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-53175 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53185 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53185 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53185 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53185 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53187 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-53187 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
  * CVE-2024-53187 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53194 ( SUSE ):  5.4
    CVSS:4.0/AV:P/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53194 ( SUSE ):  6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53194 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53195 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-53195 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-53196 ( SUSE ):  0.0
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-53196 ( SUSE ):  0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N
  * CVE-2024-53197 ( SUSE ):  5.6
    CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-53197 ( SUSE ):  4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-53198 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-53198 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-53203 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53203 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
  * CVE-2024-53203 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53227 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53227 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53227 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53227 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53230 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53230 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53230 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53231 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53231 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53231 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53232 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53232 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53232 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53232 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53233 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53233 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53236 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53236 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53239 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53239 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53239 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53239 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53685 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53685 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53690 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53690 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54680 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-54680 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54680 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-54680 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-55639 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-55639 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-55881 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-55881 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-55916 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-55916 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-55916 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56369 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56369 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56369 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56372 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56372 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56531 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56531 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56532 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56532 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56533 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56533 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56538 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56538 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56538 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56538 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56543 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56543 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56546 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56546 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56548 ( SUSE ):  8.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56548 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56557 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56557 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56558 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56558 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56558 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56568 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56568 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56568 ( NVD ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56569 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56569 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56569 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56570 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56570 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56571 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56571 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56572 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56572 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56572 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56573 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56573 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56574 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56574 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56574 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56575 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56575 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56575 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56577 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56577 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56577 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56578 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56578 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56578 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56584 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56584 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56587 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56587 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56587 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56588 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56588 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56588 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56589 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56589 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56590 ( SUSE ):  6.9
    CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56590 ( SUSE ):  5.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56592 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56592 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56593 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56593 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56593 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56594 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56594 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56595 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56595 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56595 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56596 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56596 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56596 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56597 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56597 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-56598 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56598 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56598 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56600 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56601 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56602 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56602 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56602 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56602 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56603 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56603 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56603 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56603 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56606 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56606 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56606 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56606 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56607 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56607 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56608 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56608 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56608 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56609 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56609 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56610 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56610 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56611 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56611 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56611 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56614 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56614 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56614 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56615 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56615 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56615 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56616 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56616 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56617 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56617 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56617 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56619 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56619 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56619 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56620 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56620 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56620 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56622 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56622 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56622 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56623 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56623 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56623 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56625 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56625 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56629 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56629 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56629 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56630 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56630 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56631 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56631 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56631 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56631 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56632 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56632 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56632 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56634 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56634 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56634 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56635 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56635 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56635 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56635 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56636 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56636 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  * CVE-2024-56637 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56637 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56641 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56641 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56642 ( SUSE ):  7.5
    CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56642 ( SUSE ):  7.1 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56642 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56642 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56643 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56643 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56643 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56644 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56644 ( SUSE ):  2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56648 ( SUSE ):  8.6
    CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56648 ( SUSE ):  8.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56648 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56649 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56649 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56649 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56650 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56650 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56650 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-56651 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56651 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56651 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56651 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56654 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56654 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56654 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56656 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56656 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56656 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56658 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56658 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56658 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56659 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56659 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56659 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56660 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56660 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56660 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56661 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56661 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56661 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56662 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56662 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
  * CVE-2024-56662 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-56663 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56663 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
  * CVE-2024-56663 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-56664 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56664 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56664 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56665 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56665 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56665 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56670 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56670 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56670 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56672 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56672 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56672 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56672 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56675 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56675 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56675 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56675 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56677 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56677 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56678 ( SUSE ):  8.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56678 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56678 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56679 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56679 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56681 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56681 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  * CVE-2024-56683 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56683 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56687 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56687 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56687 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56688 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56688 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56688 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56690 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56690 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56691 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56691 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56693 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56693 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56693 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56694 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56694 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56694 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56698 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56698 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56698 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56700 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56700 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56701 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56701 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56704 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56704 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56704 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56705 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56705 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56707 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56707 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56708 ( SUSE ):  8.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56708 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56708 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56709 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56709 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56712 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56712 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56712 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56715 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56715 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56715 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56716 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56716 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56716 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56722 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56722 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56722 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56723 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56723 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56723 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56724 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56724 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56724 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56725 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56725 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56725 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56726 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56726 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56726 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56727 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56727 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56727 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56728 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56728 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56728 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56729 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56729 ( SUSE ):  2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56729 ( NVD ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56739 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56739 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56739 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56741 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56741 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56741 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56745 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56745 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56745 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56746 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56746 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56746 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56747 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56747 ( SUSE ):  2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56747 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56748 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56748 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56748 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56759 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56759 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56760 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56760 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56760 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56763 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56763 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56763 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56765 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56765 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56765 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56766 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56766 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56766 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56767 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56767 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56767 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56769 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56769 ( SUSE ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-56769 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56774 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56774 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56774 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56775 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56775 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56775 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56776 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56776 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56776 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56777 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56777 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56777 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56778 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56778 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56778 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56779 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56779 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56779 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56780 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56780 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56780 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56787 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56787 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56787 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57791 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57791 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57792 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57792 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57793 ( SUSE ):  6.2
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H
  * CVE-2024-57793 ( SUSE ):  8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:H
  * CVE-2024-57795 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57795 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57798 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57798 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57798 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57801 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57801 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57801 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57801 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57802 ( SUSE ):  2.1
    CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-57802 ( SUSE ):  4.6 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
  * CVE-2024-57802 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57804 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57804 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2024-57809 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57809 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57838 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57838 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57849 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57849 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57850 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57850 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57857 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57857 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57874 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57874 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57874 ( NVD ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
  * CVE-2024-57876 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57876 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57882 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57882 ( SUSE ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
  * CVE-2024-57882 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57884 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57884 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57887 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57887 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57887 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57887 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57888 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57888 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57890 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57890 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
  * CVE-2024-57890 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57892 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57892 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57892 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57893 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57893 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57896 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57896 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57896 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57896 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57897 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57897 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57899 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57899 ( SUSE ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-57903 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57903 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57904 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57904 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57906 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57906 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57907 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57907 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57908 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57908 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57908 ( SUSE ):  3.3 AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57910 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57910 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57910 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-57911 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57911 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-57912 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57912 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57913 ( SUSE ):  0.0
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57913 ( SUSE ):  0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N
  * CVE-2024-57915 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57915 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57915 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57916 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57916 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57917 ( SUSE ):  5.6
    CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57917 ( SUSE ):  4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57922 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57922 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57926 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57926 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57926 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57926 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57929 ( SUSE ):  8.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57929 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57931 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57931 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57932 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57932 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57933 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57933 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57933 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57935 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57935 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57936 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57936 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57938 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57938 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57938 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57940 ( SUSE ):  5.6
    CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57940 ( SUSE ):  4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57940 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57946 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57946 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21632 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21632 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21645 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21645 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21646 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21646 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21649 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21649 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21649 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21650 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21650 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21651 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21651 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21652 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21652 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-21652 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-21652 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-21653 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-21653 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  * CVE-2025-21655 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21655 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21656 ( SUSE ):  1.0
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-21656 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:L
  * CVE-2025-21662 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21662 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21663 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21663 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21664 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21664 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21666 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21666 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21666 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21669 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21669 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21669 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21670 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21670 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21670 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21674 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21674 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21674 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21675 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21675 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21675 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21676 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21676 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21676 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21678 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21678 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21682 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21682 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21682 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * Development Tools Module 15-SP6
  * Legacy Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Availability Extension 15 SP6
  * SUSE Linux Enterprise Live Patching 15-SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Linux Enterprise Workstation Extension 15 SP6

  
  
An update that solves 257 vulnerabilities and has 42 security fixes can now be
installed.

## Description:

The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security
bugfixes.

The following security bugs were fixed:

  * CVE-2025-21682: eth: bnxt: always recalculate features after XDP clearing,
    fix null-deref (bsc#1236703).
  * CVE-2025-21678: gtp: Destroy device along with udp socket's netns dismantle
    (bsc#1236698).
  * CVE-2025-21676: net: fec: handle page_pool_dev_alloc_pages error
    (bsc#1236696).
  * CVE-2025-21675: net/mlx5: Clear port select structure when fail to create
    (bsc#1236694).
  * CVE-2025-21674: net/mlx5e: Fix inversion dependency warning while enabling
    IPsec tunnel (bsc#1236688).
  * CVE-2025-21670: vsock/bpf: return early if transport is not assigned
    (bsc#1236685).
  * CVE-2025-21669: vsock/virtio: discard packets if the transport changes
    (bsc#1236683).
  * CVE-2025-21666: vsock: prevent null-ptr-deref in vsock_*[has_data|has_space]
    (bsc#1236680).
  * CVE-2025-21664: dm thin: make get_first_thin use rcu-safe list first
    function (bsc#1236262).
  * CVE-2025-21663: net: stmmac: dwmac-tegra: Read iommu stream id from device
    tree (bsc#1236260).
  * CVE-2025-21662: net/mlx5: Fix variable not being completed when function
    returns (bsc#1236198).
  * CVE-2025-21655: io_uring/eventfd: ensure io_eventfd_signal() defers another
    RCU period (bsc#1236163).
  * CVE-2025-21653: net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute
    (bsc#1236161).
  * CVE-2025-21652: ipvlan: Fix use-after-free in ipvlan_get_iflink()
    (bsc#1236160).
  * CVE-2025-21651: net: hns3: do not auto enable misc vector (bsc#1236145).
  * CVE-2025-21650: net: hns3: fixed hclge_fetch_pf_reg accesses bar space out
    of bounds issue (bsc#1236144).
  * CVE-2025-21649: net: hns3: fix kernel crash when 1588 is sent on HIP08
    devices (bsc#1236143).
  * CVE-2025-21632: x86/fpu: Ensure shadow stack is active before "getting"
    registers (bsc#1236106).
  * CVE-2024-57946: virtio-blk: do not keep queue frozen during system suspend
    (bsc#1236247).
  * CVE-2024-57938: net/sctp: Prevent autoclose integer overflow in
    sctp_association_init() (bsc#1236182).
  * CVE-2024-57933: gve: guard XSK operations on the existence of queues
    (bsc#1236178).
  * CVE-2024-57932: gve: guard XDP xmit NDO on existence of xdp queues
    (bsc#1236190).
  * CVE-2024-57931: selinux: ignore unknown extended permissions (bsc#1236192).
  * CVE-2024-57929: dm array: fix releasing a faulty array block twice in
    dm_array_cursor_end (bsc#1236096).
  * CVE-2024-57917: topology: Keep the cpumask unchanged when printing cpumap
    (bsc#1236127).
  * CVE-2024-57903: net: restrict SO_REUSEPORT to inet sockets (bsc#1235967).
  * CVE-2024-57896: btrfs: flush delalloc workers queue before stopping cleaner
    kthread during unmount (bsc#1235965).
  * CVE-2024-57892: ocfs2: fix slab-use-after-free due to dangling pointer
    dqi_priv (bsc#1235964).
  * CVE-2024-57884: mm: vmscan: account for free pages to prevent infinite Loop
    in throttle_direct_reclaim() (bsc#1235948).
  * CVE-2024-57882: mptcp: fix TCP options overflow. (bsc#1235914).
  * CVE-2024-57857: RDMA/siw: Remove direct link to net_device (bsc#1235946).
  * CVE-2024-57838: s390/entry: Mark IRQ entries to fix stack depot warnings
    (bsc#1235798).
  * CVE-2024-57809: PCI: imx6: Fix suspend/resume support on i.MX6QDL
    (bsc#1235793).
  * CVE-2024-57804: scsi: mpi3mr: Fix corrupt config pages PHY state is switched
    in sysfs (bsc#1235779).
  * CVE-2024-57802: netrom: check buffer length before accessing it
    (bsc#1235941).
  * CVE-2024-57801: net/mlx5e: Skip restore TC rules for vport rep without
    loaded flag (bsc#1235940).
  * CVE-2024-57795: RDMA/rxe: Remove the direct link to net_device
    (bsc#1235906).
  * CVE-2024-57793: virt: tdx-guest: Just leak decrypted memory on unrecoverable
    errors (bsc#1235768).
  * CVE-2024-57791: net/smc: check return value of sock_recvmsg when draining
    clc data (bsc#1235759).
  * CVE-2024-56775: drm/amd/display: Fix handling of plane refcount
    (bsc#1235657).
  * CVE-2024-56774: btrfs: add a sanity check for btrfs root in
    btrfs_search_slot() (bsc#1235653).
  * CVE-2024-56763: tracing: Prevent bad count for tracing_cpumask_write
    (bsc#1235638).
  * CVE-2024-56759: btrfs: fix use-after-free when COWing tree bock and tracing
    is enabled (bsc#1235645).
  * CVE-2024-56748: scsi: qedf: Fix a possible memory leak in
    qedf_alloc_and_init_sb() (bsc#1235627).
  * CVE-2024-56747: scsi: qedi: Fix a possible memory leak in
    qedi_alloc_and_init_sb() (bsc#1234934).
  * CVE-2024-56729: smb: Initialize cfid->tcon before performing network ops
    (bsc#1235503).
  * CVE-2024-56728: octeontx2-pf: handle otx2_mbox_get_rsp errors in
    otx2_ethtool.c (bsc#1235656).
  * CVE-2024-56727: octeontx2-pf: handle otx2_mbox_get_rsp errors in
    otx2_flows.c (bsc#1235583).
  * CVE-2024-56726: octeontx2-pf: handle otx2_mbox_get_rsp errors in cn10k.c
    (bsc#1235582).
  * CVE-2024-56725: octeontx2-pf: handle otx2_mbox_get_rsp errors in
    otx2_dcbnl.c (bsc#1235578).
  * CVE-2024-56716: netdevsim: prevent bad user input in
    nsim_dev_health_break_write() (bsc#1235587).
  * CVE-2024-56715: ionic: Fix netdev notifier unregister on failure
    (bsc#1235612).
  * CVE-2024-56712: udmabuf: fix memory leak on last export_udmabuf() error path
    (bsc#1235565).
  * CVE-2024-56708: EDAC/igen6: Avoid segmentation fault on module unload
    (bsc#1235564).
  * CVE-2024-56707: octeontx2-pf: handle otx2_mbox_get_rsp errors in
    otx2_dmac_flt.c (bsc#1235545).
  * CVE-2024-56704: 9p/xen: fix release of IRQ (bsc#1235584).
  * CVE-2024-56694: bpf: fix recursive lock when verdict program return SK_PASS
    (bsc#1235412).
  * CVE-2024-56693: brd: defer automatic disk creation until module
    initialization succeeds (bsc#1235418).
  * CVE-2024-56679: octeontx2-pf: handle otx2_mbox_get_rsp errors in
    otx2_common.c (bsc#1235498).
  * CVE-2024-56675: bpf: Fix UAF via mismatching bpf_prog/attachment RCU flavors
    (bsc#1235555).
  * CVE-2024-56665: bpf,perf: Fix invalid prog_array access in
    perf_event_detach_bpf_prog (bsc#1235489).
  * CVE-2024-56664: bpf, sockmap: Fix race between element replace and close()
    (bsc#1235249).
  * CVE-2024-56660: net/mlx5: DR, prevent potential error pointer dereference
    (bsc#1235437).
  * CVE-2024-56659: net: lapb: increase LAPB_HEADER_LEN (bsc#1235439).
  * CVE-2024-56658: net: defer final 'struct net' free in netns dismantle
    (bsc#1235441).
  * CVE-2024-56656: bnxt_en: Fix aggregation ID mask to prevent oops on 5760X
    chips (bsc#1235444).
  * CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check()
    (bsc#1235430).
  * CVE-2024-56649: net: enetc: Do not configure preemptible TCs if SIs do not
    support (bsc#1235449).
  * CVE-2024-56648: net: hsr: avoid potential out-of-bound access in
    fill_frame_info() (bsc#1235451).
  * CVE-2024-56643: dccp: Fix memory leak in dccp_feat_change_recv
    (bsc#1235132).
  * CVE-2024-56641: net/smc: initialize close_work early to avoid warning
    (bsc#1235526).
  * CVE-2024-56637: netfilter: ipset: Hold module reference while requesting a
    module (bsc#1235523).
  * CVE-2024-56636: geneve: do not assume mac header is set in geneve_xmit_skb()
    (bsc#1235520).
  * CVE-2024-56635: net: avoid potential UAF in default_operstate()
    (bsc#1235519).
  * CVE-2024-56631: scsi: sg: Fix slab-use-after-free read in sg_release()
    (bsc#1235480).
  * CVE-2024-56622: scsi: ufs: core: sysfs: Prevent div by zero (bsc#1235251).
  * CVE-2024-56620: scsi: ufs: qcom: Only free platform MSIs when ESI is enabled
    (bsc#1235227).
  * CVE-2024-56617: cacheinfo: Allocate memory during CPU hotplug if not done
    from the primary CPU (bsc#1235429).
  * CVE-2024-56615: bpf: fix OOB devmap writes when deleting elements
    (bsc#1235426).
  * CVE-2024-56614: xsk: fix OOB map writes when deleting elements
    (bsc#1235424).
  * CVE-2024-56611: mm/mempolicy: fix migrate_to_node() assuming there is at
    least one VMA in a MM (bsc#1235391).
  * CVE-2024-56610: kcsan: Turn report_filterlist_lock into a raw_spinlock
    (bsc#1235390).
  * CVE-2024-56608: drm/amd/display: Fix out-of-bounds access in
    'dcn21_link_encoder_create' (bsc#1235487).
  * CVE-2024-56603: net: af_can: do not leave a dangling sk pointer in
    can_create() (bsc#1235415).
  * CVE-2024-56602: net: ieee802154: do not leave a dangling sk pointer in
    ieee802154_create() (bsc#1235521).
  * CVE-2024-56601: net: inet: do not leave a dangling sk pointer in
    inet_create() (bsc#1235230).
  * CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in
    inet6_create() (bsc#1235217).
  * CVE-2024-56592: bpf: Call free_htab_elem() after htab_unlock_bucket()
    (bsc#1235244).
  * CVE-2024-56589: scsi: hisi_sas: Add cond_resched() for no forced preemption
    model (bsc#1235241).
  * CVE-2024-56588: scsi: hisi_sas: Create all dump files during debugfs
    initialization (bsc#1235123).
  * CVE-2024-56570: ovl: Filter invalid inodes with missing lookup function
    (bsc#1235035).
  * CVE-2024-56569: ftrace: Fix regression with module command in
    stack_trace_filter (bsc#1235031).
  * CVE-2024-56568: iommu/arm-smmu: Defer probe of clients after smmu device
    bound (bsc#1235032).
  * CVE-2024-56372: net: tun: fix tun_napi_alloc_frags() (bsc#1235753).
  * CVE-2024-55881: KVM: x86: Play nice with protected guests in
    complete_hypercall_exit() (bsc#1235745).
  * CVE-2024-55639: net: renesas: rswitch: avoid use-after-put for a device tree
    node (bsc#1235737).
  * CVE-2024-53685: ceph: give up on paths longer than PATH_MAX (bsc#1235720).
  * CVE-2024-53236: xsk: Free skb when TX metadata options are invalid
    (bsc#1235000).
  * CVE-2024-53232: iommu/s390: Implement blocking domain (bsc#1235050).
  * CVE-2024-53227: scsi: bfa: Fix use-after-free in bfad_im_module_exit()
    (bsc#1235011).
  * CVE-2024-53203: usb: typec: fix potential array underflow in
    ucsi_ccg_sync_control() (bsc#1235001).
  * CVE-2024-53198: xen: Fix the issue of resource not being properly released
    in xenbus_dev_probe() (bsc#1234923).
  * CVE-2024-53196: KVM: arm64: Do not retire aborted MMIO instruction
    (bsc#1234906).
  * CVE-2024-53195: KVM: arm64: Get rid of userspace_irqchip_in_use
    (bsc#1234957).
  * CVE-2024-53187: io_uring: check for overflows in io_pin_pages (bsc#1234947).
  * CVE-2024-53185: smb: client: fix NULL ptr deref in crypto_aead_setkey()
    (bsc#1234901).
  * CVE-2024-53175: ipc: fix memleak if msg_init_ns failed in create_ipc_ns
    (bsc#1234893).
  * CVE-2024-53172: ubi: fastmap: Fix duplicate slab cache names while attaching
    (bsc#1234898).
  * CVE-2024-53170: block: fix uaf for flush rq while iterating tags
    (bsc#1234888).
  * CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1234863).
  * CVE-2024-53091: bpf: Add sk_is_inet and IS_ICSK check in
    tls_sw_has_ctx_tx/rx (bsc#1233638).
  * CVE-2024-50304: ipv4: ip_tunnel: Fix suspicious RCU usage warning in
    ip_tunnel_find() (bsc#1233522).
  * CVE-2024-50299: sctp: properly validate chunk size in sctp_sf_ootb()
    (bsc#1233488).
  * CVE-2024-50258: net: fix crash when config small
    gso_max_size/gso_ipv4_max_size (bsc#1233221).
  * CVE-2024-50251: netfilter: nft_payload: sanitize offset and length before
    calling skb_checksum() (bsc#1233248).
  * CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unuse_vma (bsc#1233112).
  * CVE-2024-50151: smb: client: fix OOBs when building SMB2_IOCTL request
    (bsc#1233055).
  * CVE-2024-49998: net: dsa: improve shutdown sequence (bsc#1232087).
  * CVE-2024-49978: gso: fix udp gso fraglist segmentation after pull from
    frag_list (bsc#1232101).
  * CVE-2024-49951: Bluetooth: MGMT: Fix possible crash on mgmt_index_removed
    (bsc#1232158).
  * CVE-2024-49948: net: add more sanity checks to qdisc_pkt_len_init()
    (bsc#1232161).
  * CVE-2024-48881: bcache: revert replacing IS_ERR_OR_NULL with IS_ERR again
    (bsc#1235727).
  * CVE-2024-46858: mptcp: pm: Fix uaf in __timer_delete_sync (bsc#1231088).
  * CVE-2024-45828: i3c: mipi-i3c-hci: Mask ring interrupts before ring stop
    request (bsc#1235705).
  * CVE-2024-26810: vfio/pci: Lock external INTx masking ops (bsc#1222803).
  * CVE-2023-52489: mm/sparsemem: fix race in accessing memory_section->usage
    (bsc#1221326).

The following non-security bugs were fixed:

  * ACPI/IORT: Add PMCG platform information for HiSilicon HIP09A (stable-
    fixes).
  * ACPI/IORT: Add PMCG platform information for HiSilicon HIP10/11 (stable-
    fixes).
  * ACPI: PCC: Add PCC shared memory region command and status bitfields
    (stable-fixes).
  * ACPI: fan: cleanup resources in the error path of .probe() (git-fixes).
  * ACPI: resource: Add Asus Vivobook X1504VAP to irq1_level_low_skip_override[]
    (stable-fixes).
  * ACPI: resource: Add TongFang GM5HG0A to irq1_edge_low_force_override[]
    (stable-fixes).
  * ACPI: resource: acpi_dev_irq_override(): Check DMI match last (stable-
    fixes).
  * ALSA: hda/realtek - Add support for ASUS Zen AIO 27 Z272SD_A272SD audio
    (stable-fixes).
  * ALSA: hda/realtek - Fixed headphone distorted sound on Acer Aspire A115-31
    laptop (git-fixes).
  * ALSA: hda/realtek: Add new alc2xx-fixup-headset-mic model (stable-fixes).
  * ALSA: hda/realtek: Add support for Ayaneo System using CS35L41 HDA (stable-
    fixes).
  * ALSA: hda/realtek: Add support for Galaxy Book2 Pro (NP950XEE) (stable-
    fixes).
  * ALSA: hda/realtek: Enable Mute LED on HP Laptop 14s-fq1xxx (stable-fixes).
  * ALSA: hda/realtek: Enable headset mic on Positivo C6400 (stable-fixes).
  * ALSA: hda/realtek: Workaround for resume on Dell Venue 11 Pro 7130
    (bsc#1235686).
  * ALSA: hda: Fix headset detection failure due to unstable sort (git-fixes).
  * ALSA: ump: Use guard() for locking (stable-fixes).
  * ALSA: usb-audio: Add delay quirk for USB Audio Device (stable-fixes).
  * ALSA: usb-audio: Add delay quirk for iBasso DC07 Pro (stable-fixes).
  * ASoC: Intel: avs: Fix theoretical infinite loop (git-fixes).
  * ASoC: acp: Support microphone from Lenovo Go S (stable-fixes).
  * ASoC: mediatek: disable buffer pre-allocation (stable-fixes).
  * ASoC: rockchip: i2s_tdm: Re-add the set_sysclk callback (git-fixes).
  * ASoC: rt722: add delay time to wait for the calibration procedure (stable-
    fixes).
  * ASoC: samsung: Add missing depends on I2C (git-fixes).
  * ASoC: samsung: Add missing selects for MFD_WM8994 (stable-fixes).
  * ASoC: sun4i-spdif: Add clock multiplier settings (git-fixes).
  * ASoC: wm8994: Add depends on MFD core (stable-fixes).
  * Align git commit ID abbreviation guidelines and checks (git-fixes).
  * Bluetooth: Add support ITTIM PE50-M75C (stable-fixes).
  * Bluetooth: L2CAP: accept zero as a special value for MTU auto-selection
    (git-fixes).
  * Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc (git-fixes).
  * Bluetooth: MGMT: Fix Add Device to responding before completing (git-fixes).
  * Bluetooth: btnxpuart: Fix driver sending truncated data (git-fixes).
  * Bluetooth: btnxpuart: Fix glitches seen in dual A2DP streaming (git-fixes).
  * Bluetooth: btusb: Add USB HW IDs for MT7921/MT7922/MT7925 (stable-fixes).
  * Bluetooth: btusb: Add new VID/PID 0489/e111 for MT7925 (stable-fixes).
  * Bluetooth: btusb: Add new VID/PID 13d3/3602 for MT7925 (stable-fixes).
  * Bluetooth: btusb: add callback function in btusb suspend/resume (stable-
    fixes).
  * Bluetooth: btusb: mediatek: add callback function in btusb_disconnect
    (stable-fixes).
  * Bluetooth: hci_sync: Fix not setting Random Address when required (git-
    fixes).
  * EDAC/{i10nm,skx,skx_common}: Support UV systems (bsc#1234693).
  * HID: core: Fix assumption that Resolution Multipliers must be in Logical
    Collections (git-fixes).
  * HID: fix generic desktop D-Pad controls (git-fixes).
  * HID: hid-sensor-hub: do not use stale platform-data on remove (git-fixes).
  * HID: hid-thrustmaster: Fix warning in thrustmaster_probe by adding endpoint
    check (git-fixes).
  * HID: multitouch: fix support for Goodix PID 0x01e9 (git-fixes).
  * Input: atkbd - map F23 key to support default copilot shortcut (stable-
    fixes).
  * Input: bbnsm_pwrkey - add remove hook (git-fixes).
  * Input: bbnsm_pwrkey - fix missed key press after suspend (git-fixes).
  * Input: davinci-keyscan - remove leftover header (git-fixes).
  * Input: xpad - add QH Electronics VID/PID (stable-fixes).
  * Input: xpad - add support for Nacon Evol-X Xbox One Controller (stable-
    fixes).
  * Input: xpad - add support for Nacon Pro Compact (stable-fixes).
  * Input: xpad - add support for wooting two he (arm) (stable-fixes).
  * Input: xpad - add unofficial Xbox 360 wireless receiver clone (stable-
    fixes).
  * Input: xpad - improve name of 8BitDo controller 2dc8:3106 (stable-fixes).
  * KVM: SVM: Allow guest writes to set MSR_AMD64_DE_CFG bits (bsc#1234635).
  * KVM: s390: Reject KVM_SET_GSI_ROUTING on ucontrol VMs (git-fixes
    bsc#1235776).
  * KVM: s390: Reject setting flic pfault attributes on ucontrol VMs (git-fixes
    bsc#1235777).
  * KVM: s390: vsie: fix virtual/physical address in unpin_scb() (git-fixes
    bsc#1235778).
  * NFC: nci: Add bounds checking in nci_hci_create_pipe() (git-fixes).
  * NFSv4.2: fix COPY_NOTIFY xdr buf size calculation (git-fixes).
  * NFSv4.2: mark OFFLOAD_CANCEL MOVEABLE (git-fixes).
  * PCI: Avoid putting some root ports into D3 on TUXEDO Sirius Gen1 (git-
    fixes).
  * PCI: dwc: Always stop link in the dw_pcie_suspend_noirq (git-fixes).
  * PCI: dwc: ep: Prevent changing BAR size/flags in pci_epc_set_bar() (git-
    fixes).
  * PCI: dwc: ep: Write BAR_MASK before iATU registers in pci_epc_set_bar()
    (git-fixes).
  * PCI: endpoint: Destroy the EPC device in devm_pci_epc_destroy() (git-fixes).
  * PCI: endpoint: Finish virtual EP removal in pci_epf_remove_vepf() (git-
    fixes).
  * PCI: endpoint: pci-epf-test: Fix check for DMA MEMCPY test (git-fixes).
  * PCI: endpoint: pci-epf-test: Set dma_chan_rx pointer to NULL on error (git-
    fixes).
  * PCI: imx6: Deassert apps_reset in imx_pcie_deassert_core_reset() (git-
    fixes).
  * PCI: imx6: Skip controller_id generation logic for i.MX7D (git-fixes).
  * PCI: microchip: Set inbound address translation for coherent or non-coherent
    mode (git-fixes).
  * PCI: rcar-ep: Fix incorrect variable used when calling
    devm_request_mem_region() (git-fixes).
  * PM: hibernate: Add error handling for syscore_suspend() (git-fixes).
  * RDMA/bnxt_re: Add send queue size check for variable wqe (git-fixes)
  * RDMA/bnxt_re: Fix MSN table size for variable wqe mode (git-fixes)
  * RDMA/bnxt_re: Fix max SGEs for the Work Request (git-fixes)
  * RDMA/bnxt_re: Fix the max WQE size for static WQE support (git-fixes)
  * RDMA/bnxt_re: Fix the max WQEs used in Static WQE mode (git-fixes)
  * RDMA/bnxt_re: Fix to drop reference to the mmap entry in case of error (git-
    fixes)
  * RDMA/bnxt_re: Fix to export port num to ib_query_qp (git-fixes)
  * RDMA/mlx4: Avoid false error about access to uninitialized gids array (git-
    fixes)
  * RDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error (git-
    fixes)
  * RDMA/mlx5: Fix implicit ODP use after free (git-fixes)
  * RDMA/mlx5: Fix indirect mkey ODP page count (git-fixes)
  * RDMA/rxe: Fix mismatched max_msg_sz (git-fixes)
  * RDMA/rxe: Fix the warning "__rxe_cleanup+0x12c/0x170 [rdma_rxe]" (git-fixes)
  * RDMA/srp: Fix error handling in srp_add_port (git-fixes)
  * Revert "HID: multitouch: Add support for lenovo Y9000P Touchpad" (stable-
    fixes).
  * Revert "drm/i915/dpt: Make DPT object unshrinkable" (stable-fixes).
  * Revert "mtd: spi-nor: core: replace dummy buswidth from addr to data" (git-
    fixes).
  * Revert "usb: gadget: u_serial: Disable ep before setting port to null to fix
    the crash caused by port being null" (stable-fixes).
  * USB: core: Disable LPM only for non-suspended ports (git-fixes).
  * USB: serial: cp210x: add Phoenix Contact UPS Device (stable-fixes).
  * USB: serial: option: add MeiG Smart SRM815 (stable-fixes).
  * USB: serial: option: add Neoway N723-EA support (stable-fixes).
  * USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() (git-
    fixes).
  * USB: usblp: return error when setting unsupported protocol (git-fixes).
  * VFS: use system_unbound_wq for delayed_mntput (bsc#1234683).
  * VMCI: fix reference to ioctl-number.rst (git-fixes).
  * afs: Fix EEXIST error returned from afs_rmdir() to be ENOTEMPTY (git-fixes).
  * afs: Fix cleanup of immediately failed async calls (git-fixes).
  * afs: Fix directory format encoding struct (git-fixes).
  * afs: Fix the fallback handling for the YFS.RemoveFile2 RPC call (git-fixes).
  * afs: Fix the maximum cell name length (git-fixes).
  * arm64/sme: Move storage of reg_smidr to __cpuinfo_store_cpu() (git-fixes)
  * arm64: Filter out SVE hwcaps when FEAT_SVE isn't implemented (git-fixes)
  * arm64: Kconfig: Make SME depend on BROKEN for now (git-fixes bsc#1236245).
  * arm64: dts: rockchip: Add sdmmc/sdio/emmc reset controls for RK3328 (git-
    fixes)
  * arm64: dts: rockchip: add hevc power domain clock to rk3328 (git-fixes).
  * arm64: dts: rockchip: increase gmac rx_delay on rk3399-puma (git-fixes)
  * arm64: ptrace: fix partial SETREGSET for NT_ARM_TAGGED_ADDR_CTRL (git-
    fixes).
  * arm64: tegra: Disable Tegra234 sce-fabric node (git-fixes)
  * arm64: tegra: Fix Tegra234 PCIe interrupt-map (git-fixes)
  * arm64: tegra: Fix typo in Tegra234 dce-fabric compatible (git-fixes)
  * ata: libata-core: Set ATA_QCFLAG_RTF_FILLED in fill_result_tf() (stable-
    fixes).
  * bnxt_en: Fix GSO type for HW GRO packets on 5750X chips (git-fixes)
  * btrfs: fix use-after-free in btrfs_encoded_read_endio() (bsc#1235445).
  * btrfs: fix use-after-free waiting for encoded read endios (bsc#1235445).
  * bus: mhi: host: Free mhi_buf vector inside mhi_alloc_bhie_table() (git-
    fixes).
  * ceph: improve error handling and short/overflow-read logic in
    __ceph_sync_read() (bsc#1228592).
  * cleanup: Add conditional guard support (stable-fixes).
  * cleanup: Adjust scoped_guard() macros to avoid potential warning (stable-
    fixes).
  * cleanup: Remove address space of returned pointer (git-fixes).
  * cpufreq: ACPI: Fix max-frequency computation (git-fixes).
  * cpufreq: Do not unregister cpufreq cooling on CPU hotplug (git-fixes).
  * cpufreq: amd-pstate: remove global header file (git-fixes).
  * cpufreq: intel_pstate: Check turbo_is_disabled() in store_no_turbo()
    (bsc#1234619).
  * cpufreq: intel_pstate: Do not update global.turbo_disabled after
    initialization (bsc#1234619).
  * cpufreq: intel_pstate: Drop redundant locking from
    intel_pstate_driver_cleanup() (bsc#1234619).
  * cpufreq: intel_pstate: Fix unchecked HWP MSR access (bsc#1234619).
  * cpufreq: intel_pstate: Fold intel_pstate_max_within_limits() into caller
    (bsc#1234619).
  * cpufreq: intel_pstate: Get rid of unnecessary READ_ONCE() annotations
    (bsc#1234619).
  * cpufreq: intel_pstate: Make hwp_notify_lock a raw spinlock (git-fixes).
  * cpufreq: intel_pstate: Read global.no_turbo under READ_ONCE() (bsc#1234619).
  * cpufreq: intel_pstate: Rearrange show_no_turbo() and store_no_turbo()
    (bsc#1234619).
  * cpufreq: intel_pstate: Refine computation of P-state for given frequency
    (bsc#1234619).
  * cpufreq: intel_pstate: Replace three global.turbo_disabled checks
    (bsc#1234619).
  * cpufreq: intel_pstate: Revise global turbo disable check (bsc#1234619).
  * cpufreq: intel_pstate: Simplify spinlock locking (bsc#1234619).
  * cpufreq: intel_pstate: Update the maximum CPU frequency consistently
    (bsc#1234619).
  * cpufreq: intel_pstate: Use HWP to initialize ITMT if CPPC is missing (git-
    fixes).
  * cpufreq: intel_pstate: Use __ro_after_init for three variables
    (bsc#1234619).
  * cpufreq: intel_pstate: Wait for canceled delayed work to complete
    (bsc#1234619).
  * cpufreq: intel_pstate: fix pstate limits enforcement for adjust_perf call
    back (git-fixes).
  * cpuidle: Avoid potential overflow in integer multiplication (git-fixes).
  * cpupower: fix TSC MHz calculation (git-fixes).
  * crypto: caam - use JobR's space to access page 0 regs (git-fixes).
  * crypto: ecc - Prevent ecc_digits_from_bytes from reading too many bytes
    (git-fixes).
  * crypto: ecdsa - Avoid signed integer overflow on signature decoding (stable-
    fixes).
  * crypto: ecdsa - Convert byte arrays with key coordinates to digits (stable-
    fixes).
  * crypto: ecdsa - Rename keylen to bufsize where necessary (stable-fixes).
  * crypto: ecdsa - Use ecc_digits_from_bytes to convert signature (stable-
    fixes).
  * crypto: iaa - Fix IAA disabling that occurs when sync_mode is set to 'async'
    (git-fixes).
  * crypto: ixp4xx - fix OF node reference leaks in init_ixp_crypto() (git-
    fixes).
  * crypto: qce - fix goto jump in error path (git-fixes).
  * crypto: qce - fix priority to be less than ARMv8 CE (git-fixes).
  * crypto: qce - unregister previously registered algos in error path (git-
    fixes).
  * devcoredump: cleanup some comments (git-fixes).
  * dlm: fix possible lkb_resource null dereference (git-fixes).
  * dmaengine: ti: edma: fix OF node reference leaks in edma_driver (git-fixes).
  * docs: media: update location of the media patches (stable-fixes).
  * docs: power: Fix footnote reference for Toshiba Satellite P10-554 (git-
    fixes).
  * driver core: class: Fix wild pointer dereferences in API
    class_dev_iter_next() (git-fixes).
  * drivers/card_reader/rtsx_usb: Restore interrupt based detection (git-fixes).
  * drm/amd/display: Add check for granularity in dml ceil/floor helpers
    (stable-fixes).
  * drm/amd/display: Fix DSC-re-computing (stable-fixes).
  * drm/amd/display: Fix incorrect DSC recompute trigger (stable-fixes).
  * drm/amd/display: Use HW lock mgr for PSR1 (stable-fixes).
  * drm/amd/display: increase MAX_SURFACES to the value supported by hw (stable-
    fixes).
  * drm/amd/pm: Fix an error handling path in
    vega10_enable_se_edc_force_stall_config() (git-fixes).
  * drm/amdgpu/vcn: reset fw_shared under SRIOV (git-fixes).
  * drm/amdgpu: Fix potential NULL pointer dereference in
    atomctrl_get_smc_sclk_range_table (git-fixes).
  * drm/amdgpu: always sync the GFX pipe on ctx switch (stable-fixes).
  * drm/amdgpu: simplify return statement in amdgpu_ras_eeprom_init (git-fixes).
  * drm/amdgpu: tear down ttm range manager for doorbell in amdgpu_ttm_fini()
    (git-fixes).
  * drm/amdkfd: Correct the migration DMA map direction (stable-fixes).
  * drm/amdkfd: fixed page fault when enable MES shader debugger (git-fixes).
  * drm/bridge: it6505: Change definition of AUX_FIFO_MAX_SIZE (git-fixes).
  * drm/etnaviv: Fix page property being used for non writecombine buffers (git-
    fixes).
  * drm/i915/fb: Relax clear color alignment to 64 bytes (stable-fixes).
  * drm/mediatek: Add return value check when reading DPCD (git-fixes).
  * drm/mediatek: Add support for 180-degree rotation in the display driver
    (git-fixes).
  * drm/mediatek: Fix YCbCr422 color format issue for DP (git-fixes).
  * drm/mediatek: Fix mode valid issue for dp (git-fixes).
  * drm/mediatek: Set private->all_drm_private[i]->drm to NULL if mtk_drm_bind
    returns err (git-fixes).
  * drm/mediatek: mtk_dsi: Add registers to pdata to fix MT8186/MT8188 (git-
    fixes).
  * drm/mediatek: stop selecting foreign drivers (git-fixes).
  * drm/msm/dp: set safe_to_exit_level before printing it (git-fixes).
  * drm/msm/dpu: link DSPP_2/_3 blocks on SC8180X (git-fixes).
  * drm/msm/dpu: link DSPP_2/_3 blocks on SM8150 (git-fixes).
  * drm/msm/dpu: link DSPP_2/_3 blocks on SM8250 (git-fixes).
  * drm/msm/dpu: link DSPP_2/_3 blocks on SM8350 (git-fixes).
  * drm/msm/dpu: link DSPP_2/_3 blocks on SM8550 (git-fixes).
  * drm/msm: Check return value of of_dma_configure() (git-fixes).
  * drm/msm: do not clean up priv->kms prematurely (git-fixes).
  * drm/rcar-du: dsi: Fix PHY lock bit check (git-fixes).
  * drm/rockchip: cdn-dp: Use drm_connector_helper_hpd_irq_event() (git-fixes).
  * drm/rockchip: vop2: Check linear format for Cluster windows on rk3566/8
    (git-fixes).
  * drm/rockchip: vop2: Fix cluster windows alpha ctrl regsiters offset (git-
    fixes).
  * drm/rockchip: vop2: Fix the mixer alpha setup for layer 0 (git-fixes).
  * drm/tidss: Clear the interrupt status for interrupts being disabled (git-
    fixes).
  * drm/tidss: Fix issue in irq handling causing irq-flood issue (git-fixes).
  * drm/v3d: Assign job pointer to NULL before signaling the fence (git-fixes).
  * drm/v3d: Ensure job pointer is set to NULL after job completion (git-fixes).
  * drm/v3d: Stop active perfmon if it is being destroyed (git-fixes).
  * drm/vmwgfx: Add new keep_resv BO param (git-fixes).
  * exfat: ensure that ctime is updated whenever the mtime is (git-fixes).
  * exfat: fix the infinite loop in __exfat_free_cluster() (git-fixes).
  * exfat: fix the infinite loop in exfat_readdir() (git-fixes).
  * fbdev: omapfb: Fix an OF node leak in dss_of_port_get_parent_device() (git-
    fixes).
  * genirq: Make handle_enforce_irqctx() unconditionally available (git-fixes).
  * genksyms: fix memory leak when the same symbol is added from source (git-
    fixes).
  * genksyms: fix memory leak when the same symbol is read from *.symref file
    (git-fixes).
  * gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (git-fixes).
  * gpio: mxc: remove dead code after switch to DT-only (git-fixes).
  * gpio: xilinx: Convert gpio_lock to raw spinlock (git-fixes).
  * gtp: Use for_each_netdev_rcu() in gtp_genl_dump_pdp() (git-fixes).
  * hwmon: (drivetemp) Fix driver producing garbage data when SCSI errors occur
    (git-fixes).
  * hwmon: (drivetemp) Set scsi command timeout to 10s (stable-fixes).
  * hwmon: (tmp513) Fix division of negative numbers (git-fixes).
  * hyperv: Do not overlap the hvcall IO areas in get_vtl() (git-fixes).
  * i2c: core: fix reference leak in i2c_register_adapter() (git-fixes).
  * i2c: i801: Add support for Intel Arrow Lake-H (stable-fixes).
  * i2c: i801: Add support for Intel Panther Lake (stable-fixes).
  * i2c: mux: demux-pinctrl: check initial mux selection, too (git-fixes).
  * i2c: rcar: fix NACK handling when being a target (git-fixes).
  * i2c: xgene-slimpro: Migrate to use generic PCC shmem related macros (stable-
    fixes).
  * ibmvnic: Free any outstanding tx skbs during scrq reset (bsc#1226980).
  * ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe()
    (git-fixes).
  * iio: adc: ad7124: Disable all channels at probe time (git-fixes).
  * iio: adc: ad_sigma_delta: Handle CS assertion as intended in
    ad_sd_read_reg_raw() (git-fixes).
  * iio: adc: at91: call input_free_device() on allocated iio_dev (git-fixes).
  * iio: adc: rockchip_saradc: fix information leak in triggered buffer (git-
    fixes).
  * iio: adc: ti-ads124s08: Use gpiod_set_value_cansleep() (git-fixes).
  * iio: adc: ti-ads8688: fix information leak in triggered buffer (git-fixes).
  * iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered
    buffer (git-fixes).
  * iio: gyro: fxas21002c: Fix missing data update in trigger handler (git-
    fixes).
  * iio: iio-mux: kzalloc instead of devm_kzalloc to ensure page alignment (git-
    fixes).
  * iio: imu: kmx61: fix information leak in triggered buffer (git-fixes).
  * iio: inkern: call iio_device_put() only on mapped devices (git-fixes).
  * iio: light: as73211: fix channel handling in only-color triggered buffer
    (git-fixes).
  * iio: light: vcnl4035: fix information leak in triggered buffer (git-fixes).
  * iio: pressure: zpa2326: fix information leak in triggered buffer (git-
    fixes).
  * iio: test : check null return of kunit_kmalloc in iio_rescale_test_scale
    (git-fixes).
  * intel_th: core: fix kernel-doc warnings (git-fixes).
  * ipmi: ipmb: Add check devm_kasprintf() returned value (git-fixes).
  * ipmi: ssif_bmc: Fix new request loss when bmc ready for a response (git-
    fixes).
  * irqchip/gic-v3: Force propagation of the active state with a read-back
    (stable-fixes).
  * irqchip/gic: Correct declaration of *percpu_base pointer in union gic_base
    (stable-fixes).
  * kABI workaround for struct auto_pin_cfg_item change (git-fixes).
  * kconfig: fix file name in warnings when loading KCONFIG_DEFCONFIG_LIST (git-
    fixes).
  * kheaders: Ignore silly-rename files (stable-fixes).
  * ktest.pl: Avoid false positives with grub2 skip regex (stable-fixes).
  * ktest.pl: Check kernelrelease return in get_version (git-fixes).
  * ktest.pl: Fix typo "accesing" (git-fixes).
  * ktest.pl: Fix typo in comment (git-fixes).
  * ktest.pl: Remove unused declarations in run_bisect_test function (git-
    fixes).
  * ktest: force $buildonly = 1 for 'make_warnings_file' test type (stable-
    fixes).
  * landlock: Handle weird files (git-fixes).
  * latencytop: use correct kernel-doc format for func params (git-fixes).
  * leds: lp8860: Write full EEPROM, not only half of it (git-fixes).
  * leds: netxbig: Fix an OF node reference leak in netxbig_leds_get_of_pdata()
    (git-fixes).
  * lib/inflate.c: remove dead code (git-fixes).
  * lib/stackdepot: print disabled message only if truly disabled (git-fixes).
  * mac802154: check local interfaces before deleting sdata list (stable-fixes).
  * mailbox: pcc: Add support for platform notification handling (stable-fixes).
  * mailbox: pcc: Support shared interrupt for multiple subspaces (stable-
    fixes).
  * mailbox: tegra-hsp: Clear mailbox before using message (git-fixes).
  * maple_tree: simplify split calculation (git-fixes).
  * media: camif-core: Add check for clk_enable() (git-fixes).
  * media: ccs: Clean up parsed CCS static data on parse failure (git-fixes).
  * media: ccs: Fix CCS static data parsing for large block sizes (git-fixes).
  * media: ccs: Fix cleanup order in ccs_probe() (git-fixes).
  * media: dvb-usb-v2: af9035: fix ISO C90 compilation error on
    af9035_i2c_master_xfer (git-fixes).
  * media: dvb: mb86a16: check the return value of mb86a16_read() (git-fixes).
  * media: firewire: firedtv-avc.c: replace BUG with proper, error return (git-
    fixes).
  * media: i2c: imx412: Add missing newline to prints (git-fixes).
  * media: i2c: ov9282: Correct the exposure offset (git-fixes).
  * media: imx-jpeg: Fix potential error pointer dereference in detach_pm()
    (git-fixes).
  * media: imx296: Add standby delay during probe (git-fixes).
  * media: lmedm04: Handle errors for lme2510_int_read (git-fixes).
  * media: marvell: Add check for clk_enable() (git-fixes).
  * media: mc: fix endpoint iteration (git-fixes).
  * media: mipi-csis: Add check for clk_enable() (git-fixes).
  * media: nxp: imx8-isi: fix v4l2-compliance test errors (git-fixes).
  * media: ov08x40: Fix hblank out of range issue (git-fixes).
  * media: ov5640: fix get_light_freq on auto (git-fixes).
  * media: rc: iguanair: handle timeouts (git-fixes).
  * media: rkisp1: Fix unused value issue (git-fixes).
  * media: uvcvideo: Drop uvcvideo fix due to regression (bsc#1235894)
  * media: uvcvideo: Fix crash during unbind if gpio unit is in use (git-fixes).
  * media: uvcvideo: Fix double free in error path (git-fixes).
  * media: uvcvideo: Fix event flags in uvc_ctrl_send_events (git-fixes).
  * media: uvcvideo: Force UVC version to 1.0a for 0408:4035 (stable-fixes).
  * media: uvcvideo: Only save async fh if success (git-fixes).
  * media: uvcvideo: Propagate buf->error to userspace (git-fixes).
  * media: uvcvideo: Remove dangling pointers (git-fixes).
  * media: uvcvideo: Remove redundant NULL assignment (git-fixes).
  * media: uvcvideo: Support partial control reads (git-fixes).
  * memory tiering: count PGPROMOTE_SUCCESS when mem tiering is enabled (git-
    fixes).
  * memory-failure: use a folio in me_huge_page() (git-fixes).
  * memory: tegra20-emc: fix an OF node reference bug in
    tegra_emc_find_node_by_ram_code() (git-fixes).
  * misc: fastrpc: Deregister device nodes properly in error scenarios (git-
    fixes).
  * misc: fastrpc: Fix copy buffer page size (git-fixes).
  * misc: fastrpc: Fix registered buffer page address (git-fixes).
  * misc: microchip: pci1xxxx: Resolve kernel panic during GPIO IRQ handling
    (git-fixes).
  * misc: microchip: pci1xxxx: Resolve return code mismatch during GPIO set
    config (git-fixes).
  * misc: misc_minor_alloc to use ida for all dynamic/misc dynamic minors (git-
    fixes).
  * mm, kmsan: fix infinite recursion due to RCU critical section (git-fixes).
  * mm,page_owner: do not remove __GFP_NOLOCKDEP in add_stack_record_to_list
    (git-fixes).
  * mm/compaction: fix UBSAN shift-out-of-bounds warning (git fixes
    (mm/compaction)).
  * mm/memory-failure: cast index to loff_t before shifting it (git-fixes).
  * mm/memory-failure: check the mapcount of the precise page (git-fixes).
  * mm/memory-failure: fix crash in split_huge_page_to_list from
    soft_offline_page (git-fixes).
  * mm/memory-failure: pass the folio and the page to collect_procs() (git-
    fixes).
  * mm/memory-failure: use raw_spinlock_t in struct memory_failure_cpu (git-
    fixes).
  * mm/memory_hotplug: add missing mem_hotplug_lock (git-fixes).
  * mm/memory_hotplug: fix error handling in add_memory_resource() (git-fixes).
  * mm/memory_hotplug: prevent accessing by index=-1 (git-fixes).
  * mm/memory_hotplug: use pfn math in place of direct struct page manipulation
    (git-fixes).
  * mm/migrate: correct nr_failed in migrate_pages_sync() (git-fixes).
  * mm/migrate: fix deadlock in migrate_pages_batch() on large folios (git-
    fixes).
  * mm/migrate: putback split folios when numa hint migration fails (git-fixes).
  * mm/migrate: split source folio if it is on deferred split list (git-fixes).
  * mm/page_owner: remove free_ts from page_owner output (git-fixes).
  * mm/rodata_test: use READ_ONCE() to read const variable (git-fixes).
  * mm: convert DAX lock/unlock page to lock/unlock folio (git-fixes).
  * mm: memory-failure: ensure moving HWPoison flag to the raw error pages (git-
    fixes).
  * mm: memory-failure: fetch compound head after extra page refcnt is held
    (git-fixes).
  * mm: memory-failure: fix potential page refcnt leak in memory_failure() (git-
    fixes).
  * mm: memory-failure: fix race window when trying to get hugetlb folio (git-
    fixes).
  * mm: memory-failure: remove unneeded PageHuge() check (git-fixes).
  * mm: prevent derefencing NULL ptr in pfn_section_valid() (git-fixes).
  * modpost: fix the missed iteration for the max bit in do_input() (git-fixes).
  * mtd: onenand: Fix uninitialized retlen in do_otp_read() (git-fixes).
  * mtd: spinand: Remove write_enable_op() in markbad() (git-fixes).
  * net/rose: prevent integer overflows in rose_setsockopt() (git-fixes).
  * net: mana: Add get_link and get_link_ksettings in ethtool (bsc#1236761).
  * net: mana: Cleanup "mana" debugfs dir after cleanup of all children
    (bsc#1236760).
  * net: mana: Enable debugfs files for MANA device (bsc#1236758).
  * net: netvsc: Update default VMBus channels (bsc#1236757).
  * net: phy: c45-tjaxx: add delay between MDIO write and read in soft_reset
    (git-fixes).
  * net: rose: fix timer races against user threads (git-fixes).
  * net: usb: qmi_wwan: add Telit FE910C04 compositions (stable-fixes).
  * net: usb: rtl8150: enable basic endpoint checking (git-fixes).
  * net: wwan: iosm: Properly check for valid exec stage in ipc_mmio_init()
    (git-fixes).
  * net: wwan: t7xx: Fix FSM command timeout issue (git-fixes).
  * netfilter: nf_tables: validate family when identifying table via handle
    (bsc#1233778 ZDI-24-1454).
  * nilfs2: fix possible int overflows in nilfs_fiemap() (git-fixes).
  * nvme-tcp: Fix I/O queue cpu spreading for multiple controllers (git-fixes).
  * nvme: Add error check for xa_store in nvme_get_effects_log (git-fixes).
  * nvme: Add error path for xa_store in nvme_init_effects (git-fixes).
  * nvme: fix bogus kzalloc() return check in nvme_init_effects_log() (git-
    fixes).
  * nvmet: propagate npwg topology (git-fixes).
  * ocfs2: temporarily disable upstream patch (bsc#1236138)
  * padata: add pd get/put refcnt helper (git-fixes).
  * padata: avoid UAF for reorder_work (git-fixes).
  * padata: fix UAF in padata_reorder (git-fixes).
  * pinctrl: amd: Take suspend type into consideration which pins are non-wake
    (git-fixes).
  * pinctrl: samsung: fix fwnode refcount cleanup if platform_get_irq_optional()
    fails (git-fixes).
  * platform/x86/amd/pmc: Only disable IRQ1 wakeup where i8042 actually enabled
    it (git-fixes).
  * platform/x86/intel-uncore-freq: Ignore minor version change (bsc#1225897).
  * platform/x86/intel/tpmi: Add defines to get version information
    (bsc#1225897).
  * pm:cpupower: Add missing powercap_set_enabled() stub function (git-fixes).
  * power: ip5xxx_power: Fix return value on ADC read errors (git-fixes).
  * powerpc/iommu: Move pSeries specific functions to pseries/iommu.c
    (bsc#1220711 ltc#205755).
  * powerpc/iommu: Only build sPAPR access functions on pSeries (bsc#1220711
    ltc#205755).
  * powerpc/powernv/pci: Remove MVE code (bsc#1220711 ltc#205755).
  * powerpc/powernv/pci: Remove ioda1 support (bsc#1220711 ltc#205755).
  * powerpc/powernv/pci: Remove last IODA1 defines (bsc#1220711 ltc#205755).
  * powerpc/pseries/eeh: Fix get PE state translation (bsc#1215199).
  * powerpc/pseries/iommu: IOMMU incorrectly marks MMIO range in DDW
    (bsc#1218470 ltc#204531).
  * powerpc/pseries/vas: Add close() callback in vas_vm_ops struct
    (bsc#1234825).
  * pps: add an error check in parport_attach (git-fixes).
  * pps: remove usage of the deprecated ida_simple_xx() API (stable-fixes).
  * printk: Add is_printk_legacy_deferred() (bsc#1236733).
  * printk: Defer legacy printing when holding printk_cpu_sync (bsc#1236733).
  * pwm: stm32-lp: Add check for clk_enable() (git-fixes).
  * pwm: stm32: Add check for clk_enable() (git-fixes).
  * r8169: enable SG/TSO on selected chip versions per default (bsc#1235874).
  * rcu-tasks: Pull sampling of ->percpu_dequeue_lim out of loop (git-fixes)
  * rcu/tree: Defer setting of jiffies during stall reset (git-fixes)
  * rcu: Dump memory object info if callback function is invalid (git-fixes)
  * rcu: Eliminate rcu_gp_slow_unregister() false positive (git-fixes)
  * rcuscale: Move rcu_scale_writer() (git-fixes)
  * rdma/cxgb4: Prevent potential integer overflow on 32bit (git-fixes)
  * regulator: core: Add missing newline character (git-fixes).
  * regulator: of: Implement the unwind path of of_regulator_match() (git-
    fixes).
  * remoteproc: core: Fix ida_free call while not allocated (git-fixes).
  * rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read (git-fixes).
  * rtc: zynqmp: Fix optional clock name property (git-fixes).
  * s390x config: IOMMU_DEFAULT_DMA_LAZY=y (bsc#1235646)
  * samples/landlock: Fix possible NULL dereference in parse_path() (git-fixes).
  * sched/fair: Fix value reported by hot tasks pulled in /proc/schedstat
    (bsc#1235865).
  * sched/fair: Fix value reported by hot tasks pulled in /proc/schedstat -kabi
    (bsc#1235865).
  * scsi: storvsc: Ratelimit warning logs to prevent VM denial of service (git-
    fixes).
  * seccomp: Stub for !CONFIG_SECCOMP (stable-fixes).
  * selftest: media_tests: fix trivial UAF typo (git-fixes).
  * selftests/alsa: Fix circular dependency involving global-timer (stable-
    fixes).
  * selftests/landlock: Fix error message (git-fixes).
  * selftests/mm/cow: modify the incorrect checking parameters (git-fixes).
  * selftests/powerpc: Fix argument order to timer_sub() (git-fixes).
  * selftests: harness: fix printing of mismatch values in __EXPECT() (git-
    fixes).
  * selftests: mptcp: avoid spurious errors on disconnect (git-fixes).
  * selftests: tc-testing: reduce rshift value (stable-fixes).
  * selftests: timers: clocksource-switch: Adapt progress to kselftest framework
    (git-fixes).
  * selinux: Fix SCTP error inconsistency in selinux_socket_bind() (git-fixes).
  * serial: 8250: Adjust the timeout for FIFO mode (git-fixes).
  * serial: sh-sci: Do not probe the serial port if its slot in sci_ports[] is
    in use (git-fixes).
  * serial: sh-sci: Drop __initdata macro for port_cfg (git-fixes).
  * soc: atmel: fix device_node release in atmel_soc_device_init() (git-fixes).
  * soc: mediatek: mtk-devapc: Fix leaking IO map on error paths (git-fixes).
  * soc: qcom: smem_state: fix missing of_node_put in error path (git-fixes).
  * soc: qcom: socinfo: Avoid out of bounds read of serial number (git-fixes).
  * sound: usb: enable DSD output for ddHiFi TC44C (stable-fixes).
  * sound: usb: format: do not warn that raw DSD is unsupported (stable-fixes).
  * spi: zynq-qspi: Add check for clk_enable() (git-fixes).
  * srcu: Fix srcu_struct node grpmask overflow on 64-bit systems (git-fixes)
  * srcu: Only accelerate on enqueue time (git-fixes)
  * stackdepot: rename pool_index to pool_index_plus_1 (git-fixes).
  * stackdepot: respect __GFP_NOLOCKDEP allocation flag (git-fixes).
  * staging: iio: ad9832: Correct phase range check (git-fixes).
  * staging: iio: ad9834: Correct phase range check (git-fixes).
  * staging: media: imx: fix OF node leak in imx_media_add_of_subdevs() (git-
    fixes).
  * staging: media: max96712: fix kernel oops when removing module (git-fixes).
  * thermal: of: fix OF node leak in of_thermal_zone_find() (git-fixes).
  * thunderbolt: Add support for Intel Lunar Lake (stable-fixes).
  * thunderbolt: Add support for Intel Panther Lake-M/P (stable-fixes).
  * tipc: fix NULL deref in cleanup_bearer() (bsc#1235433).
  * tools: Sync if_xdp.h uapi tooling header (git-fixes).
  * tpm: Map the ACPI provided event log (bsc#1233260 bsc#1233259 bsc#1232421).
  * tty: serial: 8250: Fix another runtime PM usage counter underflow (git-
    fixes).
  * tty: xilinx_uartps: split sysrq handling (git-fixes).
  * ubifs: skip dumping tnc tree when zroot is null (git-fixes).
  * uio: Fix return value of poll (git-fixes).
  * uio: uio_dmem_genirq: check the return value of devm_kasprintf() (git-
    fixes).
  * usb-storage: Add max sectors quirk for Nokia 208 (stable-fixes).
  * usb: chipidea: add CI_HDRC_FORCE_VBUS_ACTIVE_ALWAYS flag (stable-fixes).
  * usb: chipidea: ci_hdrc_imx: decrement device's refcount in .remove() and in
    the error path of .probe() (git-fixes).
  * usb: dwc3-am62: Disable autosuspend during remove (git-fixes).
  * usb: dwc3-am62: Fix an OF node leak in phy_syscon_pll_refclk() (git-fixes).
  * usb: dwc3: gadget: fix writing NYET threshold (git-fixes).
  * usb: fix reference leak in usb_new_device() (git-fixes).
  * usb: gadget: configfs: Ignore trailing LF for user strings to cdev (git-
    fixes).
  * usb: gadget: f_fs: Remove WARN_ON in functionfs_bind (git-fixes).
  * usb: gadget: f_tcm: Decrement command ref count on cleanup (git-fixes).
  * usb: gadget: f_tcm: Do not free command immediately (git-fixes).
  * usb: gadget: f_tcm: Do not prepare BOT write request twice (git-fixes).
  * usb: gadget: f_tcm: Fix Get/SetInterface return value (git-fixes).
  * usb: gadget: f_tcm: Translate error to sense (git-fixes).
  * usb: gadget: f_tcm: ep_autoconfig with fullspeed endpoint (git-fixes).
  * usb: gadget: f_uac2: Fix incorrect setting of bNumEndpoints (git-fixes).
  * usb: gadget: u_serial: Disable ep before setting port to null to fix the
    crash caused by port being null (git-fixes).
  * usb: host: xhci-plat: Assign shared_hcd->rsrc_start (git-fixes).
  * usb: typec: fix pm usage counter imbalance in ucsi_ccg_sync_control()
    (bsc#1235001)
  * usb: typec: tcpm/tcpci_maxim: fix error code in
    max_contaminant_read_resistance_kohm() (git-fixes).
  * usb: typec: tcpm: set SRC_SEND_CAPABILITIES timeout to PD_T_SENDER_RESPONSE
    (git-fixes).
  * usbnet: ipheth: break up NCM header size computation (git-fixes).
  * usbnet: ipheth: check that DPE points past NCM header (git-fixes).
  * usbnet: ipheth: fix DPE OoB read (git-fixes).
  * usbnet: ipheth: fix possible overflow in DPE length check (git-fixes).
  * usbnet: ipheth: refactor NCM datagram loop (git-fixes).
  * usbnet: ipheth: use static NDP16 location in URB (git-fixes).
  * virtio-mem: check if the config changed before fake offlining memory (git-
    fixes).
  * virtio-mem: convert most offline_and_remove_memory() errors to -EBUSY (git-
    fixes).
  * virtio-mem: keep retrying on offline_and_remove_memory() errors in Sub Block
    Mode (SBM) (git-fixes).
  * virtio-mem: remove unsafe unplug in Big Block Mode (BBM) (git-fixes).
  * vmscan,migrate: fix page count imbalance on node stats when demoting pages
    (git-fixes).
  * vsock/virtio: cancel close work in the destructor (git-fixes)
  * vsock: Keep the binding until socket destruction (git-fixes)
  * vsock: reset socket state when de-assigning the transport (git-fixes)
  * watchdog: rzg2l_wdt: Power on the watchdog domain in the restart handler
    (stable-fixes).
  * watchdog: rzg2l_wdt: Rely on the reset driver for doing proper reset
    (stable-fixes).
  * watchdog: rzg2l_wdt: Remove reset de-assert from probe (stable-fixes).
  * wifi: ath11k: Fix unexpected return buffer manager error for WCN6750/WCN6855
    (git-fixes).
  * wifi: ath11k: cleanup struct ath11k_mon_data (git-fixes).
  * wifi: ath12k: fix atomic calls in ath12k_mac_op_set_bitrate_mask() (stable-
    fixes).
  * wifi: ath12k: fix tx power, max reg power update to firmware (git-fixes).
  * wifi: brcmfmac: add missing header include for brcmf_dbg (git-fixes).
  * wifi: cfg80211: adjust allocation of colocated AP data (git-fixes).
  * wifi: iwlwifi: fw: read STEP table from correct UEFI var (git-fixes).
  * wifi: mac80211: Add non-atomic station iterator (stable-fixes).
  * wifi: mac80211: Fix common size calculation for ML element (git-fixes).
  * wifi: mac80211: do not flush non-uploaded STAs (git-fixes).
  * wifi: mac80211: export ieee80211_purge_tx_queue() for drivers (stable-
    fixes).
  * wifi: mac80211: fix mbss changed flags corruption on 32 bit systems (stable-
    fixes).
  * wifi: mac80211: fix tid removal during mesh forwarding (git-fixes).
  * wifi: mac80211: prohibit deactivating all links (git-fixes).
  * wifi: mac80211: wake the queues in case of failure in resume (stable-fixes).
  * wifi: mt76: mt76u_vendor_request: Do not print error messages when -EPROTO
    (git-fixes).
  * wifi: mt76: mt7915: Fix mesh scan on MT7916 DBDC (git-fixes).
  * wifi: mt76: mt7915: add module param to select 5 GHz or 6 GHz on MT7916
    (git-fixes).
  * wifi: mt76: mt7915: firmware restart on devices with a second pcie link
    (git-fixes).
  * wifi: mt76: mt7915: fix overflows seen when writing limit attributes (git-
    fixes).
  * wifi: mt76: mt7915: fix register mapping (git-fixes).
  * wifi: mt76: mt7921: fix using incorrect group cipher after disconnection
    (git-fixes).
  * wifi: mt76: mt7925: fix off by one in mt7925_load_clc() (git-fixes).
  * wifi: mt76: mt7996: add max mpdu len capability (git-fixes).
  * wifi: mt76: mt7996: fix HE Phy capability (git-fixes).
  * wifi: mt76: mt7996: fix definition of tx descriptor (git-fixes).
  * wifi: mt76: mt7996: fix incorrect indexing of MIB FW event (git-fixes).
  * wifi: mt76: mt7996: fix ldpc setting (git-fixes).
  * wifi: mt76: mt7996: fix overflows seen when writing limit attributes (git-
    fixes).
  * wifi: mt76: mt7996: fix register mapping (git-fixes).
  * wifi: mt76: mt7996: fix rx filter setting for bfee functionality (git-
    fixes).
  * wifi: mt76: mt7996: fix the capability of reception of EHT MU PPDU (git-
    fixes).
  * wifi: rtlwifi: destroy workqueue at rtl_deinit_core (git-fixes).
  * wifi: rtlwifi: do not complete firmware loading needlessly (git-fixes).
  * wifi: rtlwifi: fix init_sw_vars leak when probe fails (git-fixes).
  * wifi: rtlwifi: fix memory leaks and invalid access at probe error path (git-
    fixes).
  * wifi: rtlwifi: pci: wait for firmware loading before releasing memory (git-
    fixes).
  * wifi: rtlwifi: remove unused check_buddy_priv (git-fixes).
  * wifi: rtlwifi: rtl8192se: rise completion of firmware loading as last step
    (git-fixes).
  * wifi: rtlwifi: rtl8821ae: Fix media status report (git-fixes).
  * wifi: rtlwifi: rtl8821ae: phy: restore removed code to fix infinite loop
    (git-fixes).
  * wifi: rtlwifi: usb: fix workqueue leak when probe fails (git-fixes).
  * wifi: rtlwifi: wait for firmware loading before releasing memory (git-
    fixes).
  * wifi: rtw88: use ieee80211_purge_tx_queue() to purge TX skb (stable-fixes).
  * wifi: rtw89: mcc: consider time limits not divisible by 1024 (git-fixes).
  * wifi: wcn36xx: fix channel survey memory allocation size (git-fixes).
  * wifi: wlcore: fix unbalanced pm_runtime calls (git-fixes).
  * workqueue: Add rcu lock check at the end of work item execution
    (bsc#1236732).
  * x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0
    (git-fixes).
  * xfs: Add error handling for xfs_reflink_cancel_cow_range (git-fixes).
  * xfs: Propagate errors from xfs_reflink_cancel_cow_range in
    xfs_dax_write_iomap_end (git-fixes).

## Special Instructions and Notes:

  * Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-499=1 SUSE-2025-499=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-499=1

  * Development Tools Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-499=1

  * Legacy Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2025-499=1

  * SUSE Linux Enterprise Live Patching 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-499=1  
Please note that this is the initial kernel livepatch without fixes itself, this
package is later updated by separate standalone kernel livepatch updates.

  * SUSE Linux Enterprise High Availability Extension 15 SP6  
    zypper in -t patch SUSE-SLE-Product-HA-15-SP6-2025-499=1

  * SUSE Linux Enterprise Workstation Extension 15 SP6  
    zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2025-499=1

## Package List:

  * openSUSE Leap 15.6 (noarch nosrc)
    * kernel-docs-6.4.0-150600.23.38.1
  * openSUSE Leap 15.6 (noarch)
    * kernel-devel-6.4.0-150600.23.38.1
    * kernel-source-vanilla-6.4.0-150600.23.38.1
    * kernel-macros-6.4.0-150600.23.38.1
    * kernel-source-6.4.0-150600.23.38.1
    * kernel-docs-html-6.4.0-150600.23.38.1
  * openSUSE Leap 15.6 (nosrc ppc64le x86_64)
    * kernel-debug-6.4.0-150600.23.38.1
  * openSUSE Leap 15.6 (ppc64le x86_64)
    * kernel-debug-devel-debuginfo-6.4.0-150600.23.38.1
    * kernel-debug-debuginfo-6.4.0-150600.23.38.1
    * kernel-debug-debugsource-6.4.0-150600.23.38.1
    * kernel-debug-devel-6.4.0-150600.23.38.1
  * openSUSE Leap 15.6 (x86_64)
    * kernel-default-vdso-6.4.0-150600.23.38.1
    * kernel-kvmsmall-vdso-6.4.0-150600.23.38.1
    * kernel-kvmsmall-vdso-debuginfo-6.4.0-150600.23.38.1
    * kernel-default-vdso-debuginfo-6.4.0-150600.23.38.1
    * kernel-debug-vdso-6.4.0-150600.23.38.1
    * kernel-debug-vdso-debuginfo-6.4.0-150600.23.38.1
  * openSUSE Leap 15.6 (aarch64 ppc64le x86_64)
    * kernel-kvmsmall-debuginfo-6.4.0-150600.23.38.1
    * kernel-kvmsmall-debugsource-6.4.0-150600.23.38.1
    * kernel-default-base-6.4.0-150600.23.38.1.150600.12.16.2
    * kernel-kvmsmall-devel-6.4.0-150600.23.38.1
    * kernel-kvmsmall-devel-debuginfo-6.4.0-150600.23.38.1
    * kernel-default-base-rebuild-6.4.0-150600.23.38.1.150600.12.16.2
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * dlm-kmp-default-6.4.0-150600.23.38.1
    * kernel-default-optional-debuginfo-6.4.0-150600.23.38.1
    * kernel-default-optional-6.4.0-150600.23.38.1
    * reiserfs-kmp-default-debuginfo-6.4.0-150600.23.38.1
    * kernel-default-extra-6.4.0-150600.23.38.1
    * kernel-obs-build-6.4.0-150600.23.38.1
    * kernel-syms-6.4.0-150600.23.38.1
    * kernel-obs-qa-6.4.0-150600.23.38.1
    * cluster-md-kmp-default-debuginfo-6.4.0-150600.23.38.1
    * gfs2-kmp-default-debuginfo-6.4.0-150600.23.38.1
    * ocfs2-kmp-default-debuginfo-6.4.0-150600.23.38.1
    * kernel-default-debugsource-6.4.0-150600.23.38.1
    * kselftests-kmp-default-debuginfo-6.4.0-150600.23.38.1
    * kernel-default-extra-debuginfo-6.4.0-150600.23.38.1
    * kselftests-kmp-default-6.4.0-150600.23.38.1
    * dlm-kmp-default-debuginfo-6.4.0-150600.23.38.1
    * ocfs2-kmp-default-6.4.0-150600.23.38.1
    * kernel-default-devel-debuginfo-6.4.0-150600.23.38.1
    * reiserfs-kmp-default-6.4.0-150600.23.38.1
    * kernel-obs-build-debugsource-6.4.0-150600.23.38.1
    * kernel-default-debuginfo-6.4.0-150600.23.38.1
    * gfs2-kmp-default-6.4.0-150600.23.38.1
    * kernel-default-livepatch-6.4.0-150600.23.38.1
    * kernel-default-devel-6.4.0-150600.23.38.1
    * cluster-md-kmp-default-6.4.0-150600.23.38.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 nosrc)
    * kernel-default-6.4.0-150600.23.38.1
  * openSUSE Leap 15.6 (ppc64le s390x x86_64)
    * kernel-livepatch-6_4_0-150600_23_38-default-1-150600.13.3.2
    * kernel-livepatch-SLE15-SP6_Update_8-debugsource-1-150600.13.3.2
    * kernel-livepatch-6_4_0-150600_23_38-default-debuginfo-1-150600.13.3.2
    * kernel-default-livepatch-devel-6.4.0-150600.23.38.1
  * openSUSE Leap 15.6 (aarch64 nosrc ppc64le x86_64)
    * kernel-kvmsmall-6.4.0-150600.23.38.1
  * openSUSE Leap 15.6 (nosrc s390x)
    * kernel-zfcpdump-6.4.0-150600.23.38.1
  * openSUSE Leap 15.6 (s390x)
    * kernel-zfcpdump-debugsource-6.4.0-150600.23.38.1
    * kernel-zfcpdump-debuginfo-6.4.0-150600.23.38.1
  * openSUSE Leap 15.6 (nosrc)
    * dtb-aarch64-6.4.0-150600.23.38.1
  * openSUSE Leap 15.6 (aarch64)
    * dtb-renesas-6.4.0-150600.23.38.1
    * cluster-md-kmp-64kb-debuginfo-6.4.0-150600.23.38.1
    * reiserfs-kmp-64kb-6.4.0-150600.23.38.1
    * dtb-apple-6.4.0-150600.23.38.1
    * dtb-rockchip-6.4.0-150600.23.38.1
    * kselftests-kmp-64kb-6.4.0-150600.23.38.1
    * dtb-xilinx-6.4.0-150600.23.38.1
    * dtb-marvell-6.4.0-150600.23.38.1
    * dlm-kmp-64kb-6.4.0-150600.23.38.1
    * dtb-freescale-6.4.0-150600.23.38.1
    * dtb-exynos-6.4.0-150600.23.38.1
    * dtb-allwinner-6.4.0-150600.23.38.1
    * dlm-kmp-64kb-debuginfo-6.4.0-150600.23.38.1
    * dtb-amlogic-6.4.0-150600.23.38.1
    * dtb-broadcom-6.4.0-150600.23.38.1
    * dtb-hisilicon-6.4.0-150600.23.38.1
    * kernel-64kb-debuginfo-6.4.0-150600.23.38.1
    * ocfs2-kmp-64kb-6.4.0-150600.23.38.1
    * dtb-qcom-6.4.0-150600.23.38.1
    * kernel-64kb-extra-6.4.0-150600.23.38.1
    * kernel-64kb-devel-debuginfo-6.4.0-150600.23.38.1
    * dtb-cavium-6.4.0-150600.23.38.1
    * reiserfs-kmp-64kb-debuginfo-6.4.0-150600.23.38.1
    * dtb-amazon-6.4.0-150600.23.38.1
    * kernel-64kb-devel-6.4.0-150600.23.38.1
    * dtb-amd-6.4.0-150600.23.38.1
    * kernel-64kb-optional-debuginfo-6.4.0-150600.23.38.1
    * dtb-mediatek-6.4.0-150600.23.38.1
    * dtb-socionext-6.4.0-150600.23.38.1
    * kernel-64kb-extra-debuginfo-6.4.0-150600.23.38.1
    * dtb-arm-6.4.0-150600.23.38.1
    * gfs2-kmp-64kb-debuginfo-6.4.0-150600.23.38.1
    * kselftests-kmp-64kb-debuginfo-6.4.0-150600.23.38.1
    * dtb-lg-6.4.0-150600.23.38.1
    * kernel-64kb-optional-6.4.0-150600.23.38.1
    * ocfs2-kmp-64kb-debuginfo-6.4.0-150600.23.38.1
    * dtb-sprd-6.4.0-150600.23.38.1
    * cluster-md-kmp-64kb-6.4.0-150600.23.38.1
    * dtb-apm-6.4.0-150600.23.38.1
    * gfs2-kmp-64kb-6.4.0-150600.23.38.1
    * dtb-nvidia-6.4.0-150600.23.38.1
    * dtb-altera-6.4.0-150600.23.38.1
    * kernel-64kb-debugsource-6.4.0-150600.23.38.1
  * openSUSE Leap 15.6 (aarch64 nosrc)
    * kernel-64kb-6.4.0-150600.23.38.1
  * Basesystem Module 15-SP6 (aarch64 nosrc)
    * kernel-64kb-6.4.0-150600.23.38.1
  * Basesystem Module 15-SP6 (aarch64)
    * kernel-64kb-devel-6.4.0-150600.23.38.1
    * kernel-64kb-devel-debuginfo-6.4.0-150600.23.38.1
    * kernel-64kb-debuginfo-6.4.0-150600.23.38.1
    * kernel-64kb-debugsource-6.4.0-150600.23.38.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64 nosrc)
    * kernel-default-6.4.0-150600.23.38.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le x86_64)
    * kernel-default-base-6.4.0-150600.23.38.1.150600.12.16.2
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * kernel-default-devel-6.4.0-150600.23.38.1
    * kernel-default-devel-debuginfo-6.4.0-150600.23.38.1
    * kernel-default-debuginfo-6.4.0-150600.23.38.1
    * kernel-default-debugsource-6.4.0-150600.23.38.1
  * Basesystem Module 15-SP6 (noarch)
    * kernel-devel-6.4.0-150600.23.38.1
    * kernel-macros-6.4.0-150600.23.38.1
  * Basesystem Module 15-SP6 (nosrc s390x)
    * kernel-zfcpdump-6.4.0-150600.23.38.1
  * Basesystem Module 15-SP6 (s390x)
    * kernel-zfcpdump-debugsource-6.4.0-150600.23.38.1
    * kernel-zfcpdump-debuginfo-6.4.0-150600.23.38.1
  * Development Tools Module 15-SP6 (noarch nosrc)
    * kernel-docs-6.4.0-150600.23.38.1
  * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * kernel-obs-build-6.4.0-150600.23.38.1
    * kernel-obs-build-debugsource-6.4.0-150600.23.38.1
    * kernel-syms-6.4.0-150600.23.38.1
  * Development Tools Module 15-SP6 (noarch)
    * kernel-source-6.4.0-150600.23.38.1
  * Legacy Module 15-SP6 (nosrc)
    * kernel-default-6.4.0-150600.23.38.1
  * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * reiserfs-kmp-default-6.4.0-150600.23.38.1
    * reiserfs-kmp-default-debuginfo-6.4.0-150600.23.38.1
    * kernel-default-debuginfo-6.4.0-150600.23.38.1
    * kernel-default-debugsource-6.4.0-150600.23.38.1
  * SUSE Linux Enterprise Live Patching 15-SP6 (nosrc)
    * kernel-default-6.4.0-150600.23.38.1
  * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64)
    * kernel-livepatch-6_4_0-150600_23_38-default-debuginfo-1-150600.13.3.2
    * kernel-default-debugsource-6.4.0-150600.23.38.1
    * kernel-default-debuginfo-6.4.0-150600.23.38.1
    * kernel-livepatch-6_4_0-150600_23_38-default-1-150600.13.3.2
    * kernel-livepatch-SLE15-SP6_Update_8-debugsource-1-150600.13.3.2
    * kernel-default-livepatch-6.4.0-150600.23.38.1
    * kernel-default-livepatch-devel-6.4.0-150600.23.38.1
  * SUSE Linux Enterprise High Availability Extension 15 SP6 (aarch64 ppc64le
    s390x x86_64)
    * dlm-kmp-default-debuginfo-6.4.0-150600.23.38.1
    * ocfs2-kmp-default-6.4.0-150600.23.38.1
    * ocfs2-kmp-default-debuginfo-6.4.0-150600.23.38.1
    * dlm-kmp-default-6.4.0-150600.23.38.1
    * kernel-default-debugsource-6.4.0-150600.23.38.1
    * cluster-md-kmp-default-debuginfo-6.4.0-150600.23.38.1
    * gfs2-kmp-default-debuginfo-6.4.0-150600.23.38.1
    * kernel-default-debuginfo-6.4.0-150600.23.38.1
    * gfs2-kmp-default-6.4.0-150600.23.38.1
    * cluster-md-kmp-default-6.4.0-150600.23.38.1
  * SUSE Linux Enterprise High Availability Extension 15 SP6 (nosrc)
    * kernel-default-6.4.0-150600.23.38.1
  * SUSE Linux Enterprise Workstation Extension 15 SP6 (nosrc)
    * kernel-default-6.4.0-150600.23.38.1
  * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64)
    * kernel-default-extra-6.4.0-150600.23.38.1
    * kernel-default-extra-debuginfo-6.4.0-150600.23.38.1
    * kernel-default-debuginfo-6.4.0-150600.23.38.1
    * kernel-default-debugsource-6.4.0-150600.23.38.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-52489.html
  * https://www.suse.com/security/cve/CVE-2023-52923.html
  * https://www.suse.com/security/cve/CVE-2024-26810.html
  * https://www.suse.com/security/cve/CVE-2024-36476.html
  * https://www.suse.com/security/cve/CVE-2024-39282.html
  * https://www.suse.com/security/cve/CVE-2024-43913.html
  * https://www.suse.com/security/cve/CVE-2024-45828.html
  * https://www.suse.com/security/cve/CVE-2024-46858.html
  * https://www.suse.com/security/cve/CVE-2024-46896.html
  * https://www.suse.com/security/cve/CVE-2024-47141.html
  * https://www.suse.com/security/cve/CVE-2024-47143.html
  * https://www.suse.com/security/cve/CVE-2024-47809.html
  * https://www.suse.com/security/cve/CVE-2024-48873.html
  * https://www.suse.com/security/cve/CVE-2024-48881.html
  * https://www.suse.com/security/cve/CVE-2024-49569.html
  * https://www.suse.com/security/cve/CVE-2024-49948.html
  * https://www.suse.com/security/cve/CVE-2024-49951.html
  * https://www.suse.com/security/cve/CVE-2024-49978.html
  * https://www.suse.com/security/cve/CVE-2024-49998.html
  * https://www.suse.com/security/cve/CVE-2024-50051.html
  * https://www.suse.com/security/cve/CVE-2024-50106.html
  * https://www.suse.com/security/cve/CVE-2024-50151.html
  * https://www.suse.com/security/cve/CVE-2024-50199.html
  * https://www.suse.com/security/cve/CVE-2024-50251.html
  * https://www.suse.com/security/cve/CVE-2024-50258.html
  * https://www.suse.com/security/cve/CVE-2024-50299.html
  * https://www.suse.com/security/cve/CVE-2024-50304.html
  * https://www.suse.com/security/cve/CVE-2024-52332.html
  * https://www.suse.com/security/cve/CVE-2024-53091.html
  * https://www.suse.com/security/cve/CVE-2024-53095.html
  * https://www.suse.com/security/cve/CVE-2024-53164.html
  * https://www.suse.com/security/cve/CVE-2024-53168.html
  * https://www.suse.com/security/cve/CVE-2024-53170.html
  * https://www.suse.com/security/cve/CVE-2024-53172.html
  * https://www.suse.com/security/cve/CVE-2024-53175.html
  * https://www.suse.com/security/cve/CVE-2024-53185.html
  * https://www.suse.com/security/cve/CVE-2024-53187.html
  * https://www.suse.com/security/cve/CVE-2024-53194.html
  * https://www.suse.com/security/cve/CVE-2024-53195.html
  * https://www.suse.com/security/cve/CVE-2024-53196.html
  * https://www.suse.com/security/cve/CVE-2024-53197.html
  * https://www.suse.com/security/cve/CVE-2024-53198.html
  * https://www.suse.com/security/cve/CVE-2024-53203.html
  * https://www.suse.com/security/cve/CVE-2024-53227.html
  * https://www.suse.com/security/cve/CVE-2024-53230.html
  * https://www.suse.com/security/cve/CVE-2024-53231.html
  * https://www.suse.com/security/cve/CVE-2024-53232.html
  * https://www.suse.com/security/cve/CVE-2024-53233.html
  * https://www.suse.com/security/cve/CVE-2024-53236.html
  * https://www.suse.com/security/cve/CVE-2024-53239.html
  * https://www.suse.com/security/cve/CVE-2024-53685.html
  * https://www.suse.com/security/cve/CVE-2024-53690.html
  * https://www.suse.com/security/cve/CVE-2024-54680.html
  * https://www.suse.com/security/cve/CVE-2024-55639.html
  * https://www.suse.com/security/cve/CVE-2024-55881.html
  * https://www.suse.com/security/cve/CVE-2024-55916.html
  * https://www.suse.com/security/cve/CVE-2024-56369.html
  * https://www.suse.com/security/cve/CVE-2024-56372.html
  * https://www.suse.com/security/cve/CVE-2024-56531.html
  * https://www.suse.com/security/cve/CVE-2024-56532.html
  * https://www.suse.com/security/cve/CVE-2024-56533.html
  * https://www.suse.com/security/cve/CVE-2024-56538.html
  * https://www.suse.com/security/cve/CVE-2024-56543.html
  * https://www.suse.com/security/cve/CVE-2024-56546.html
  * https://www.suse.com/security/cve/CVE-2024-56548.html
  * https://www.suse.com/security/cve/CVE-2024-56557.html
  * https://www.suse.com/security/cve/CVE-2024-56558.html
  * https://www.suse.com/security/cve/CVE-2024-56568.html
  * https://www.suse.com/security/cve/CVE-2024-56569.html
  * https://www.suse.com/security/cve/CVE-2024-56570.html
  * https://www.suse.com/security/cve/CVE-2024-56571.html
  * https://www.suse.com/security/cve/CVE-2024-56572.html
  * https://www.suse.com/security/cve/CVE-2024-56573.html
  * https://www.suse.com/security/cve/CVE-2024-56574.html
  * https://www.suse.com/security/cve/CVE-2024-56575.html
  * https://www.suse.com/security/cve/CVE-2024-56577.html
  * https://www.suse.com/security/cve/CVE-2024-56578.html
  * https://www.suse.com/security/cve/CVE-2024-56584.html
  * https://www.suse.com/security/cve/CVE-2024-56587.html
  * https://www.suse.com/security/cve/CVE-2024-56588.html
  * https://www.suse.com/security/cve/CVE-2024-56589.html
  * https://www.suse.com/security/cve/CVE-2024-56590.html
  * https://www.suse.com/security/cve/CVE-2024-56592.html
  * https://www.suse.com/security/cve/CVE-2024-56593.html
  * https://www.suse.com/security/cve/CVE-2024-56594.html
  * https://www.suse.com/security/cve/CVE-2024-56595.html
  * https://www.suse.com/security/cve/CVE-2024-56596.html
  * https://www.suse.com/security/cve/CVE-2024-56597.html
  * https://www.suse.com/security/cve/CVE-2024-56598.html
  * https://www.suse.com/security/cve/CVE-2024-56600.html
  * https://www.suse.com/security/cve/CVE-2024-56601.html
  * https://www.suse.com/security/cve/CVE-2024-56602.html
  * https://www.suse.com/security/cve/CVE-2024-56603.html
  * https://www.suse.com/security/cve/CVE-2024-56606.html
  * https://www.suse.com/security/cve/CVE-2024-56607.html
  * https://www.suse.com/security/cve/CVE-2024-56608.html
  * https://www.suse.com/security/cve/CVE-2024-56609.html
  * https://www.suse.com/security/cve/CVE-2024-56610.html
  * https://www.suse.com/security/cve/CVE-2024-56611.html
  * https://www.suse.com/security/cve/CVE-2024-56614.html
  * https://www.suse.com/security/cve/CVE-2024-56615.html
  * https://www.suse.com/security/cve/CVE-2024-56616.html
  * https://www.suse.com/security/cve/CVE-2024-56617.html
  * https://www.suse.com/security/cve/CVE-2024-56619.html
  * https://www.suse.com/security/cve/CVE-2024-56620.html
  * https://www.suse.com/security/cve/CVE-2024-56622.html
  * https://www.suse.com/security/cve/CVE-2024-56623.html
  * https://www.suse.com/security/cve/CVE-2024-56625.html
  * https://www.suse.com/security/cve/CVE-2024-56629.html
  * https://www.suse.com/security/cve/CVE-2024-56630.html
  * https://www.suse.com/security/cve/CVE-2024-56631.html
  * https://www.suse.com/security/cve/CVE-2024-56632.html
  * https://www.suse.com/security/cve/CVE-2024-56634.html
  * https://www.suse.com/security/cve/CVE-2024-56635.html
  * https://www.suse.com/security/cve/CVE-2024-56636.html
  * https://www.suse.com/security/cve/CVE-2024-56637.html
  * https://www.suse.com/security/cve/CVE-2024-56641.html
  * https://www.suse.com/security/cve/CVE-2024-56642.html
  * https://www.suse.com/security/cve/CVE-2024-56643.html
  * https://www.suse.com/security/cve/CVE-2024-56644.html
  * https://www.suse.com/security/cve/CVE-2024-56648.html
  * https://www.suse.com/security/cve/CVE-2024-56649.html
  * https://www.suse.com/security/cve/CVE-2024-56650.html
  * https://www.suse.com/security/cve/CVE-2024-56651.html
  * https://www.suse.com/security/cve/CVE-2024-56654.html
  * https://www.suse.com/security/cve/CVE-2024-56656.html
  * https://www.suse.com/security/cve/CVE-2024-56658.html
  * https://www.suse.com/security/cve/CVE-2024-56659.html
  * https://www.suse.com/security/cve/CVE-2024-56660.html
  * https://www.suse.com/security/cve/CVE-2024-56661.html
  * https://www.suse.com/security/cve/CVE-2024-56662.html
  * https://www.suse.com/security/cve/CVE-2024-56663.html
  * https://www.suse.com/security/cve/CVE-2024-56664.html
  * https://www.suse.com/security/cve/CVE-2024-56665.html
  * https://www.suse.com/security/cve/CVE-2024-56670.html
  * https://www.suse.com/security/cve/CVE-2024-56672.html
  * https://www.suse.com/security/cve/CVE-2024-56675.html
  * https://www.suse.com/security/cve/CVE-2024-56677.html
  * https://www.suse.com/security/cve/CVE-2024-56678.html
  * https://www.suse.com/security/cve/CVE-2024-56679.html
  * https://www.suse.com/security/cve/CVE-2024-56681.html
  * https://www.suse.com/security/cve/CVE-2024-56683.html
  * https://www.suse.com/security/cve/CVE-2024-56687.html
  * https://www.suse.com/security/cve/CVE-2024-56688.html
  * https://www.suse.com/security/cve/CVE-2024-56690.html
  * https://www.suse.com/security/cve/CVE-2024-56691.html
  * https://www.suse.com/security/cve/CVE-2024-56693.html
  * https://www.suse.com/security/cve/CVE-2024-56694.html
  * https://www.suse.com/security/cve/CVE-2024-56698.html
  * https://www.suse.com/security/cve/CVE-2024-56700.html
  * https://www.suse.com/security/cve/CVE-2024-56701.html
  * https://www.suse.com/security/cve/CVE-2024-56704.html
  * https://www.suse.com/security/cve/CVE-2024-56705.html
  * https://www.suse.com/security/cve/CVE-2024-56707.html
  * https://www.suse.com/security/cve/CVE-2024-56708.html
  * https://www.suse.com/security/cve/CVE-2024-56709.html
  * https://www.suse.com/security/cve/CVE-2024-56712.html
  * https://www.suse.com/security/cve/CVE-2024-56715.html
  * https://www.suse.com/security/cve/CVE-2024-56716.html
  * https://www.suse.com/security/cve/CVE-2024-56722.html
  * https://www.suse.com/security/cve/CVE-2024-56723.html
  * https://www.suse.com/security/cve/CVE-2024-56724.html
  * https://www.suse.com/security/cve/CVE-2024-56725.html
  * https://www.suse.com/security/cve/CVE-2024-56726.html
  * https://www.suse.com/security/cve/CVE-2024-56727.html
  * https://www.suse.com/security/cve/CVE-2024-56728.html
  * https://www.suse.com/security/cve/CVE-2024-56729.html
  * https://www.suse.com/security/cve/CVE-2024-56739.html
  * https://www.suse.com/security/cve/CVE-2024-56741.html
  * https://www.suse.com/security/cve/CVE-2024-56745.html
  * https://www.suse.com/security/cve/CVE-2024-56746.html
  * https://www.suse.com/security/cve/CVE-2024-56747.html
  * https://www.suse.com/security/cve/CVE-2024-56748.html
  * https://www.suse.com/security/cve/CVE-2024-56759.html
  * https://www.suse.com/security/cve/CVE-2024-56760.html
  * https://www.suse.com/security/cve/CVE-2024-56763.html
  * https://www.suse.com/security/cve/CVE-2024-56765.html
  * https://www.suse.com/security/cve/CVE-2024-56766.html
  * https://www.suse.com/security/cve/CVE-2024-56767.html
  * https://www.suse.com/security/cve/CVE-2024-56769.html
  * https://www.suse.com/security/cve/CVE-2024-56774.html
  * https://www.suse.com/security/cve/CVE-2024-56775.html
  * https://www.suse.com/security/cve/CVE-2024-56776.html
  * https://www.suse.com/security/cve/CVE-2024-56777.html
  * https://www.suse.com/security/cve/CVE-2024-56778.html
  * https://www.suse.com/security/cve/CVE-2024-56779.html
  * https://www.suse.com/security/cve/CVE-2024-56780.html
  * https://www.suse.com/security/cve/CVE-2024-56787.html
  * https://www.suse.com/security/cve/CVE-2024-57791.html
  * https://www.suse.com/security/cve/CVE-2024-57792.html
  * https://www.suse.com/security/cve/CVE-2024-57793.html
  * https://www.suse.com/security/cve/CVE-2024-57795.html
  * https://www.suse.com/security/cve/CVE-2024-57798.html
  * https://www.suse.com/security/cve/CVE-2024-57801.html
  * https://www.suse.com/security/cve/CVE-2024-57802.html
  * https://www.suse.com/security/cve/CVE-2024-57804.html
  * https://www.suse.com/security/cve/CVE-2024-57809.html
  * https://www.suse.com/security/cve/CVE-2024-57838.html
  * https://www.suse.com/security/cve/CVE-2024-57849.html
  * https://www.suse.com/security/cve/CVE-2024-57850.html
  * https://www.suse.com/security/cve/CVE-2024-57857.html
  * https://www.suse.com/security/cve/CVE-2024-57874.html
  * https://www.suse.com/security/cve/CVE-2024-57876.html
  * https://www.suse.com/security/cve/CVE-2024-57882.html
  * https://www.suse.com/security/cve/CVE-2024-57884.html
  * https://www.suse.com/security/cve/CVE-2024-57887.html
  * https://www.suse.com/security/cve/CVE-2024-57888.html
  * https://www.suse.com/security/cve/CVE-2024-57890.html
  * https://www.suse.com/security/cve/CVE-2024-57892.html
  * https://www.suse.com/security/cve/CVE-2024-57893.html
  * https://www.suse.com/security/cve/CVE-2024-57896.html
  * https://www.suse.com/security/cve/CVE-2024-57897.html
  * https://www.suse.com/security/cve/CVE-2024-57899.html
  * https://www.suse.com/security/cve/CVE-2024-57903.html
  * https://www.suse.com/security/cve/CVE-2024-57904.html
  * https://www.suse.com/security/cve/CVE-2024-57906.html
  * https://www.suse.com/security/cve/CVE-2024-57907.html
  * https://www.suse.com/security/cve/CVE-2024-57908.html
  * https://www.suse.com/security/cve/CVE-2024-57910.html
  * https://www.suse.com/security/cve/CVE-2024-57911.html
  * https://www.suse.com/security/cve/CVE-2024-57912.html
  * https://www.suse.com/security/cve/CVE-2024-57913.html
  * https://www.suse.com/security/cve/CVE-2024-57915.html
  * https://www.suse.com/security/cve/CVE-2024-57916.html
  * https://www.suse.com/security/cve/CVE-2024-57917.html
  * https://www.suse.com/security/cve/CVE-2024-57922.html
  * https://www.suse.com/security/cve/CVE-2024-57926.html
  * https://www.suse.com/security/cve/CVE-2024-57929.html
  * https://www.suse.com/security/cve/CVE-2024-57931.html
  * https://www.suse.com/security/cve/CVE-2024-57932.html
  * https://www.suse.com/security/cve/CVE-2024-57933.html
  * https://www.suse.com/security/cve/CVE-2024-57935.html
  * https://www.suse.com/security/cve/CVE-2024-57936.html
  * https://www.suse.com/security/cve/CVE-2024-57938.html
  * https://www.suse.com/security/cve/CVE-2024-57940.html
  * https://www.suse.com/security/cve/CVE-2024-57946.html
  * https://www.suse.com/security/cve/CVE-2025-21632.html
  * https://www.suse.com/security/cve/CVE-2025-21645.html
  * https://www.suse.com/security/cve/CVE-2025-21646.html
  * https://www.suse.com/security/cve/CVE-2025-21649.html
  * https://www.suse.com/security/cve/CVE-2025-21650.html
  * https://www.suse.com/security/cve/CVE-2025-21651.html
  * https://www.suse.com/security/cve/CVE-2025-21652.html
  * https://www.suse.com/security/cve/CVE-2025-21653.html
  * https://www.suse.com/security/cve/CVE-2025-21655.html
  * https://www.suse.com/security/cve/CVE-2025-21656.html
  * https://www.suse.com/security/cve/CVE-2025-21662.html
  * https://www.suse.com/security/cve/CVE-2025-21663.html
  * https://www.suse.com/security/cve/CVE-2025-21664.html
  * https://www.suse.com/security/cve/CVE-2025-21666.html
  * https://www.suse.com/security/cve/CVE-2025-21669.html
  * https://www.suse.com/security/cve/CVE-2025-21670.html
  * https://www.suse.com/security/cve/CVE-2025-21674.html
  * https://www.suse.com/security/cve/CVE-2025-21675.html
  * https://www.suse.com/security/cve/CVE-2025-21676.html
  * https://www.suse.com/security/cve/CVE-2025-21678.html
  * https://www.suse.com/security/cve/CVE-2025-21682.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1012628
  * https://bugzilla.suse.com/show_bug.cgi?id=1194869
  * https://bugzilla.suse.com/show_bug.cgi?id=1215199
  * https://bugzilla.suse.com/show_bug.cgi?id=1216813
  * https://bugzilla.suse.com/show_bug.cgi?id=1218470
  * https://bugzilla.suse.com/show_bug.cgi?id=1220711
  * https://bugzilla.suse.com/show_bug.cgi?id=1221326
  * https://bugzilla.suse.com/show_bug.cgi?id=1222803
  * https://bugzilla.suse.com/show_bug.cgi?id=1224049
  * https://bugzilla.suse.com/show_bug.cgi?id=1225897
  * https://bugzilla.suse.com/show_bug.cgi?id=1226980
  * https://bugzilla.suse.com/show_bug.cgi?id=1228592
  * https://bugzilla.suse.com/show_bug.cgi?id=1229833
  * https://bugzilla.suse.com/show_bug.cgi?id=1231016
  * https://bugzilla.suse.com/show_bug.cgi?id=1231088
  * https://bugzilla.suse.com/show_bug.cgi?id=1232087
  * https://bugzilla.suse.com/show_bug.cgi?id=1232101
  * https://bugzilla.suse.com/show_bug.cgi?id=1232158
  * https://bugzilla.suse.com/show_bug.cgi?id=1232161
  * https://bugzilla.suse.com/show_bug.cgi?id=1232421
  * https://bugzilla.suse.com/show_bug.cgi?id=1232882
  * https://bugzilla.suse.com/show_bug.cgi?id=1233055
  * https://bugzilla.suse.com/show_bug.cgi?id=1233112
  * https://bugzilla.suse.com/show_bug.cgi?id=1233221
  * https://bugzilla.suse.com/show_bug.cgi?id=1233248
  * https://bugzilla.suse.com/show_bug.cgi?id=1233259
  * https://bugzilla.suse.com/show_bug.cgi?id=1233260
  * https://bugzilla.suse.com/show_bug.cgi?id=1233488
  * https://bugzilla.suse.com/show_bug.cgi?id=1233522
  * https://bugzilla.suse.com/show_bug.cgi?id=1233638
  * https://bugzilla.suse.com/show_bug.cgi?id=1233642
  * https://bugzilla.suse.com/show_bug.cgi?id=1233778
  * https://bugzilla.suse.com/show_bug.cgi?id=1234195
  * https://bugzilla.suse.com/show_bug.cgi?id=1234619
  * https://bugzilla.suse.com/show_bug.cgi?id=1234635
  * https://bugzilla.suse.com/show_bug.cgi?id=1234683
  * https://bugzilla.suse.com/show_bug.cgi?id=1234693
  * https://bugzilla.suse.com/show_bug.cgi?id=1234726
  * https://bugzilla.suse.com/show_bug.cgi?id=1234825
  * https://bugzilla.suse.com/show_bug.cgi?id=1234863
  * https://bugzilla.suse.com/show_bug.cgi?id=1234887
  * https://bugzilla.suse.com/show_bug.cgi?id=1234888
  * https://bugzilla.suse.com/show_bug.cgi?id=1234893
  * https://bugzilla.suse.com/show_bug.cgi?id=1234898
  * https://bugzilla.suse.com/show_bug.cgi?id=1234901
  * https://bugzilla.suse.com/show_bug.cgi?id=1234906
  * https://bugzilla.suse.com/show_bug.cgi?id=1234923
  * https://bugzilla.suse.com/show_bug.cgi?id=1234931
  * https://bugzilla.suse.com/show_bug.cgi?id=1234934
  * https://bugzilla.suse.com/show_bug.cgi?id=1234947
  * https://bugzilla.suse.com/show_bug.cgi?id=1234957
  * https://bugzilla.suse.com/show_bug.cgi?id=1235000
  * https://bugzilla.suse.com/show_bug.cgi?id=1235001
  * https://bugzilla.suse.com/show_bug.cgi?id=1235011
  * https://bugzilla.suse.com/show_bug.cgi?id=1235031
  * https://bugzilla.suse.com/show_bug.cgi?id=1235032
  * https://bugzilla.suse.com/show_bug.cgi?id=1235035
  * https://bugzilla.suse.com/show_bug.cgi?id=1235037
  * https://bugzilla.suse.com/show_bug.cgi?id=1235038
  * https://bugzilla.suse.com/show_bug.cgi?id=1235039
  * https://bugzilla.suse.com/show_bug.cgi?id=1235040
  * https://bugzilla.suse.com/show_bug.cgi?id=1235042
  * https://bugzilla.suse.com/show_bug.cgi?id=1235043
  * https://bugzilla.suse.com/show_bug.cgi?id=1235046
  * https://bugzilla.suse.com/show_bug.cgi?id=1235050
  * https://bugzilla.suse.com/show_bug.cgi?id=1235051
  * https://bugzilla.suse.com/show_bug.cgi?id=1235053
  * https://bugzilla.suse.com/show_bug.cgi?id=1235054
  * https://bugzilla.suse.com/show_bug.cgi?id=1235057
  * https://bugzilla.suse.com/show_bug.cgi?id=1235059
  * https://bugzilla.suse.com/show_bug.cgi?id=1235065
  * https://bugzilla.suse.com/show_bug.cgi?id=1235070
  * https://bugzilla.suse.com/show_bug.cgi?id=1235073
  * https://bugzilla.suse.com/show_bug.cgi?id=1235100
  * https://bugzilla.suse.com/show_bug.cgi?id=1235112
  * https://bugzilla.suse.com/show_bug.cgi?id=1235115
  * https://bugzilla.suse.com/show_bug.cgi?id=1235117
  * https://bugzilla.suse.com/show_bug.cgi?id=1235122
  * https://bugzilla.suse.com/show_bug.cgi?id=1235123
  * https://bugzilla.suse.com/show_bug.cgi?id=1235125
  * https://bugzilla.suse.com/show_bug.cgi?id=1235132
  * https://bugzilla.suse.com/show_bug.cgi?id=1235133
  * https://bugzilla.suse.com/show_bug.cgi?id=1235155
  * https://bugzilla.suse.com/show_bug.cgi?id=1235160
  * https://bugzilla.suse.com/show_bug.cgi?id=1235217
  * https://bugzilla.suse.com/show_bug.cgi?id=1235219
  * https://bugzilla.suse.com/show_bug.cgi?id=1235220
  * https://bugzilla.suse.com/show_bug.cgi?id=1235222
  * https://bugzilla.suse.com/show_bug.cgi?id=1235223
  * https://bugzilla.suse.com/show_bug.cgi?id=1235224
  * https://bugzilla.suse.com/show_bug.cgi?id=1235227
  * https://bugzilla.suse.com/show_bug.cgi?id=1235230
  * https://bugzilla.suse.com/show_bug.cgi?id=1235241
  * https://bugzilla.suse.com/show_bug.cgi?id=1235244
  * https://bugzilla.suse.com/show_bug.cgi?id=1235249
  * https://bugzilla.suse.com/show_bug.cgi?id=1235251
  * https://bugzilla.suse.com/show_bug.cgi?id=1235252
  * https://bugzilla.suse.com/show_bug.cgi?id=1235389
  * https://bugzilla.suse.com/show_bug.cgi?id=1235390
  * https://bugzilla.suse.com/show_bug.cgi?id=1235391
  * https://bugzilla.suse.com/show_bug.cgi?id=1235406
  * https://bugzilla.suse.com/show_bug.cgi?id=1235410
  * https://bugzilla.suse.com/show_bug.cgi?id=1235412
  * https://bugzilla.suse.com/show_bug.cgi?id=1235413
  * https://bugzilla.suse.com/show_bug.cgi?id=1235415
  * https://bugzilla.suse.com/show_bug.cgi?id=1235416
  * https://bugzilla.suse.com/show_bug.cgi?id=1235417
  * https://bugzilla.suse.com/show_bug.cgi?id=1235418
  * https://bugzilla.suse.com/show_bug.cgi?id=1235423
  * https://bugzilla.suse.com/show_bug.cgi?id=1235424
  * https://bugzilla.suse.com/show_bug.cgi?id=1235425
  * https://bugzilla.suse.com/show_bug.cgi?id=1235426
  * https://bugzilla.suse.com/show_bug.cgi?id=1235427
  * https://bugzilla.suse.com/show_bug.cgi?id=1235428
  * https://bugzilla.suse.com/show_bug.cgi?id=1235429
  * https://bugzilla.suse.com/show_bug.cgi?id=1235430
  * https://bugzilla.suse.com/show_bug.cgi?id=1235433
  * https://bugzilla.suse.com/show_bug.cgi?id=1235437
  * https://bugzilla.suse.com/show_bug.cgi?id=1235439
  * https://bugzilla.suse.com/show_bug.cgi?id=1235441
  * https://bugzilla.suse.com/show_bug.cgi?id=1235444
  * https://bugzilla.suse.com/show_bug.cgi?id=1235445
  * https://bugzilla.suse.com/show_bug.cgi?id=1235449
  * https://bugzilla.suse.com/show_bug.cgi?id=1235451
  * https://bugzilla.suse.com/show_bug.cgi?id=1235454
  * https://bugzilla.suse.com/show_bug.cgi?id=1235458
  * https://bugzilla.suse.com/show_bug.cgi?id=1235459
  * https://bugzilla.suse.com/show_bug.cgi?id=1235464
  * https://bugzilla.suse.com/show_bug.cgi?id=1235466
  * https://bugzilla.suse.com/show_bug.cgi?id=1235473
  * https://bugzilla.suse.com/show_bug.cgi?id=1235479
  * https://bugzilla.suse.com/show_bug.cgi?id=1235480
  * https://bugzilla.suse.com/show_bug.cgi?id=1235483
  * https://bugzilla.suse.com/show_bug.cgi?id=1235486
  * https://bugzilla.suse.com/show_bug.cgi?id=1235487
  * https://bugzilla.suse.com/show_bug.cgi?id=1235488
  * https://bugzilla.suse.com/show_bug.cgi?id=1235489
  * https://bugzilla.suse.com/show_bug.cgi?id=1235491
  * https://bugzilla.suse.com/show_bug.cgi?id=1235494
  * https://bugzilla.suse.com/show_bug.cgi?id=1235495
  * https://bugzilla.suse.com/show_bug.cgi?id=1235496
  * https://bugzilla.suse.com/show_bug.cgi?id=1235497
  * https://bugzilla.suse.com/show_bug.cgi?id=1235498
  * https://bugzilla.suse.com/show_bug.cgi?id=1235500
  * https://bugzilla.suse.com/show_bug.cgi?id=1235502
  * https://bugzilla.suse.com/show_bug.cgi?id=1235503
  * https://bugzilla.suse.com/show_bug.cgi?id=1235519
  * https://bugzilla.suse.com/show_bug.cgi?id=1235520
  * https://bugzilla.suse.com/show_bug.cgi?id=1235521
  * https://bugzilla.suse.com/show_bug.cgi?id=1235523
  * https://bugzilla.suse.com/show_bug.cgi?id=1235526
  * https://bugzilla.suse.com/show_bug.cgi?id=1235528
  * https://bugzilla.suse.com/show_bug.cgi?id=1235532
  * https://bugzilla.suse.com/show_bug.cgi?id=1235533
  * https://bugzilla.suse.com/show_bug.cgi?id=1235534
  * https://bugzilla.suse.com/show_bug.cgi?id=1235537
  * https://bugzilla.suse.com/show_bug.cgi?id=1235538
  * https://bugzilla.suse.com/show_bug.cgi?id=1235545
  * https://bugzilla.suse.com/show_bug.cgi?id=1235552
  * https://bugzilla.suse.com/show_bug.cgi?id=1235555
  * https://bugzilla.suse.com/show_bug.cgi?id=1235557
  * https://bugzilla.suse.com/show_bug.cgi?id=1235563
  * https://bugzilla.suse.com/show_bug.cgi?id=1235564
  * https://bugzilla.suse.com/show_bug.cgi?id=1235565
  * https://bugzilla.suse.com/show_bug.cgi?id=1235568
  * https://bugzilla.suse.com/show_bug.cgi?id=1235570
  * https://bugzilla.suse.com/show_bug.cgi?id=1235571
  * https://bugzilla.suse.com/show_bug.cgi?id=1235577
  * https://bugzilla.suse.com/show_bug.cgi?id=1235578
  * https://bugzilla.suse.com/show_bug.cgi?id=1235582
  * https://bugzilla.suse.com/show_bug.cgi?id=1235583
  * https://bugzilla.suse.com/show_bug.cgi?id=1235584
  * https://bugzilla.suse.com/show_bug.cgi?id=1235587
  * https://bugzilla.suse.com/show_bug.cgi?id=1235611
  * https://bugzilla.suse.com/show_bug.cgi?id=1235612
  * https://bugzilla.suse.com/show_bug.cgi?id=1235616
  * https://bugzilla.suse.com/show_bug.cgi?id=1235622
  * https://bugzilla.suse.com/show_bug.cgi?id=1235627
  * https://bugzilla.suse.com/show_bug.cgi?id=1235632
  * https://bugzilla.suse.com/show_bug.cgi?id=1235635
  * https://bugzilla.suse.com/show_bug.cgi?id=1235638
  * https://bugzilla.suse.com/show_bug.cgi?id=1235641
  * https://bugzilla.suse.com/show_bug.cgi?id=1235643
  * https://bugzilla.suse.com/show_bug.cgi?id=1235645
  * https://bugzilla.suse.com/show_bug.cgi?id=1235646
  * https://bugzilla.suse.com/show_bug.cgi?id=1235647
  * https://bugzilla.suse.com/show_bug.cgi?id=1235650
  * https://bugzilla.suse.com/show_bug.cgi?id=1235653
  * https://bugzilla.suse.com/show_bug.cgi?id=1235656
  * https://bugzilla.suse.com/show_bug.cgi?id=1235657
  * https://bugzilla.suse.com/show_bug.cgi?id=1235663
  * https://bugzilla.suse.com/show_bug.cgi?id=1235686
  * https://bugzilla.suse.com/show_bug.cgi?id=1235700
  * https://bugzilla.suse.com/show_bug.cgi?id=1235705
  * https://bugzilla.suse.com/show_bug.cgi?id=1235707
  * https://bugzilla.suse.com/show_bug.cgi?id=1235708
  * https://bugzilla.suse.com/show_bug.cgi?id=1235710
  * https://bugzilla.suse.com/show_bug.cgi?id=1235714
  * https://bugzilla.suse.com/show_bug.cgi?id=1235716
  * https://bugzilla.suse.com/show_bug.cgi?id=1235720
  * https://bugzilla.suse.com/show_bug.cgi?id=1235723
  * https://bugzilla.suse.com/show_bug.cgi?id=1235727
  * https://bugzilla.suse.com/show_bug.cgi?id=1235730
  * https://bugzilla.suse.com/show_bug.cgi?id=1235737
  * https://bugzilla.suse.com/show_bug.cgi?id=1235739
  * https://bugzilla.suse.com/show_bug.cgi?id=1235745
  * https://bugzilla.suse.com/show_bug.cgi?id=1235747
  * https://bugzilla.suse.com/show_bug.cgi?id=1235750
  * https://bugzilla.suse.com/show_bug.cgi?id=1235753
  * https://bugzilla.suse.com/show_bug.cgi?id=1235759
  * https://bugzilla.suse.com/show_bug.cgi?id=1235764
  * https://bugzilla.suse.com/show_bug.cgi?id=1235768
  * https://bugzilla.suse.com/show_bug.cgi?id=1235776
  * https://bugzilla.suse.com/show_bug.cgi?id=1235777
  * https://bugzilla.suse.com/show_bug.cgi?id=1235778
  * https://bugzilla.suse.com/show_bug.cgi?id=1235779
  * https://bugzilla.suse.com/show_bug.cgi?id=1235793
  * https://bugzilla.suse.com/show_bug.cgi?id=1235798
  * https://bugzilla.suse.com/show_bug.cgi?id=1235806
  * https://bugzilla.suse.com/show_bug.cgi?id=1235808
  * https://bugzilla.suse.com/show_bug.cgi?id=1235812
  * https://bugzilla.suse.com/show_bug.cgi?id=1235814
  * https://bugzilla.suse.com/show_bug.cgi?id=1235818
  * https://bugzilla.suse.com/show_bug.cgi?id=1235842
  * https://bugzilla.suse.com/show_bug.cgi?id=1235865
  * https://bugzilla.suse.com/show_bug.cgi?id=1235874
  * https://bugzilla.suse.com/show_bug.cgi?id=1235894
  * https://bugzilla.suse.com/show_bug.cgi?id=1235902
  * https://bugzilla.suse.com/show_bug.cgi?id=1235903
  * https://bugzilla.suse.com/show_bug.cgi?id=1235906
  * https://bugzilla.suse.com/show_bug.cgi?id=1235914
  * https://bugzilla.suse.com/show_bug.cgi?id=1235918
  * https://bugzilla.suse.com/show_bug.cgi?id=1235919
  * https://bugzilla.suse.com/show_bug.cgi?id=1235920
  * https://bugzilla.suse.com/show_bug.cgi?id=1235924
  * https://bugzilla.suse.com/show_bug.cgi?id=1235940
  * https://bugzilla.suse.com/show_bug.cgi?id=1235941
  * https://bugzilla.suse.com/show_bug.cgi?id=1235946
  * https://bugzilla.suse.com/show_bug.cgi?id=1235948
  * https://bugzilla.suse.com/show_bug.cgi?id=1235952
  * https://bugzilla.suse.com/show_bug.cgi?id=1235964
  * https://bugzilla.suse.com/show_bug.cgi?id=1235965
  * https://bugzilla.suse.com/show_bug.cgi?id=1235967
  * https://bugzilla.suse.com/show_bug.cgi?id=1235969
  * https://bugzilla.suse.com/show_bug.cgi?id=1235976
  * https://bugzilla.suse.com/show_bug.cgi?id=1235977
  * https://bugzilla.suse.com/show_bug.cgi?id=1236078
  * https://bugzilla.suse.com/show_bug.cgi?id=1236080
  * https://bugzilla.suse.com/show_bug.cgi?id=1236082
  * https://bugzilla.suse.com/show_bug.cgi?id=1236088
  * https://bugzilla.suse.com/show_bug.cgi?id=1236090
  * https://bugzilla.suse.com/show_bug.cgi?id=1236091
  * https://bugzilla.suse.com/show_bug.cgi?id=1236096
  * https://bugzilla.suse.com/show_bug.cgi?id=1236097
  * https://bugzilla.suse.com/show_bug.cgi?id=1236098
  * https://bugzilla.suse.com/show_bug.cgi?id=1236101
  * https://bugzilla.suse.com/show_bug.cgi?id=1236102
  * https://bugzilla.suse.com/show_bug.cgi?id=1236104
  * https://bugzilla.suse.com/show_bug.cgi?id=1236106
  * https://bugzilla.suse.com/show_bug.cgi?id=1236120
  * https://bugzilla.suse.com/show_bug.cgi?id=1236125
  * https://bugzilla.suse.com/show_bug.cgi?id=1236127
  * https://bugzilla.suse.com/show_bug.cgi?id=1236131
  * https://bugzilla.suse.com/show_bug.cgi?id=1236138
  * https://bugzilla.suse.com/show_bug.cgi?id=1236143
  * https://bugzilla.suse.com/show_bug.cgi?id=1236144
  * https://bugzilla.suse.com/show_bug.cgi?id=1236145
  * https://bugzilla.suse.com/show_bug.cgi?id=1236160
  * https://bugzilla.suse.com/show_bug.cgi?id=1236161
  * https://bugzilla.suse.com/show_bug.cgi?id=1236163
  * https://bugzilla.suse.com/show_bug.cgi?id=1236168
  * https://bugzilla.suse.com/show_bug.cgi?id=1236178
  * https://bugzilla.suse.com/show_bug.cgi?id=1236180
  * https://bugzilla.suse.com/show_bug.cgi?id=1236181
  * https://bugzilla.suse.com/show_bug.cgi?id=1236182
  * https://bugzilla.suse.com/show_bug.cgi?id=1236190
  * https://bugzilla.suse.com/show_bug.cgi?id=1236192
  * https://bugzilla.suse.com/show_bug.cgi?id=1236198
  * https://bugzilla.suse.com/show_bug.cgi?id=1236227
  * https://bugzilla.suse.com/show_bug.cgi?id=1236245
  * https://bugzilla.suse.com/show_bug.cgi?id=1236247
  * https://bugzilla.suse.com/show_bug.cgi?id=1236248
  * https://bugzilla.suse.com/show_bug.cgi?id=1236260
  * https://bugzilla.suse.com/show_bug.cgi?id=1236262
  * https://bugzilla.suse.com/show_bug.cgi?id=1236628
  * https://bugzilla.suse.com/show_bug.cgi?id=1236680
  * https://bugzilla.suse.com/show_bug.cgi?id=1236683
  * https://bugzilla.suse.com/show_bug.cgi?id=1236685
  * https://bugzilla.suse.com/show_bug.cgi?id=1236688
  * https://bugzilla.suse.com/show_bug.cgi?id=1236694
  * https://bugzilla.suse.com/show_bug.cgi?id=1236696
  * https://bugzilla.suse.com/show_bug.cgi?id=1236698
  * https://bugzilla.suse.com/show_bug.cgi?id=1236703
  * https://bugzilla.suse.com/show_bug.cgi?id=1236732
  * https://bugzilla.suse.com/show_bug.cgi?id=1236733
  * https://bugzilla.suse.com/show_bug.cgi?id=1236757
  * https://bugzilla.suse.com/show_bug.cgi?id=1236758
  * https://bugzilla.suse.com/show_bug.cgi?id=1236760
  * https://bugzilla.suse.com/show_bug.cgi?id=1236761

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250213/b269f279/attachment.htm>

From null at suse.de  Thu Feb 13 16:30:01 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 13 Feb 2025 16:30:01 -0000
Subject: SUSE-RU-2025:0518-1: moderate: Recommended update for python-lockfile
Message-ID: <173946420153.13737.6686353841583560463@smelt2.prg2.suse.org>



# Recommended update for python-lockfile

Announcement ID: SUSE-RU-2025:0518-1  
Release Date: 2025-02-13T14:42:41Z  
Rating: moderate  
References:

  
Affected Products:

  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Package Hub 15 15-SP6

  
  
An update that can now be installed.

## Description:

This update for python-lockfile fixes the following issues:

  * Add python311-lockfile

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-518=1 openSUSE-SLE-15.6-2025-518=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-518=1

## Package List:

  * openSUSE Leap 15.6 (noarch)
    * python311-lockfile-0.12.2-150600.16.3.1
  * SUSE Package Hub 15 15-SP6 (noarch)
    * python311-lockfile-0.12.2-150600.16.3.1

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250213/e7c03e4b/attachment.htm>

From null at suse.de  Thu Feb 13 16:30:20 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 13 Feb 2025 16:30:20 -0000
Subject: SUSE-SU-2025:0517-1: important: Security update for the Linux Kernel
Message-ID: <173946422004.13737.967492087851853927@smelt2.prg2.suse.org>



# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2025:0517-1  
Release Date: 2025-02-13T12:02:02Z  
Rating: important  
References:

  * bsc#1215420
  * bsc#1224763
  * bsc#1231847
  * bsc#1233112
  * bsc#1234025
  * bsc#1235217
  * bsc#1235230
  * bsc#1235249
  * bsc#1235430
  * bsc#1235441
  * bsc#1235466
  * bsc#1235645
  * bsc#1235759
  * bsc#1235814
  * bsc#1235818
  * bsc#1235920
  * bsc#1236104

  
Cross-References:

  * CVE-2023-4244
  * CVE-2023-52923
  * CVE-2024-35863
  * CVE-2024-50199
  * CVE-2024-53104
  * CVE-2024-56600
  * CVE-2024-56601
  * CVE-2024-56623
  * CVE-2024-56650
  * CVE-2024-56658
  * CVE-2024-56664
  * CVE-2024-56759
  * CVE-2024-57791
  * CVE-2024-57798
  * CVE-2024-57849
  * CVE-2024-57893

  
CVSS scores:

  * CVE-2023-4244 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-4244 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-52923 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2023-52923 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-35863 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-35863 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50199 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56600 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56601 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56623 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56623 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56623 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56650 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56650 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56650 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-56658 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56658 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56658 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56664 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56664 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56664 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56759 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57791 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57791 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57798 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57798 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57798 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57849 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57849 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57893 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57893 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.3
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Availability Extension 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise Live Patching 15-SP3
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.2
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 Business Critical Linux
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Manager Proxy 4.2
  * SUSE Manager Retail Branch Server 4.2
  * SUSE Manager Server 4.2

  
  
An update that solves 16 vulnerabilities and has one security fix can now be
installed.

## Description:

The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security
bugfixes.

The following security bugs were fixed:

  * CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break()
    (bsc#1224763).
  * CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unuse_vma (bsc#1233112).
  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1234025).
  * CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in
    inet6_create() (bsc#1235217).
  * CVE-2024-56601: net: inet: do not leave a dangling sk pointer in
    inet_create() (bsc#1235230).
  * CVE-2024-56623: scsi: qla2xxx: Fix use after free on unload (bsc#1235466).
  * CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check()
    (bsc#1235430).
  * CVE-2024-56658: net: defer final 'struct net' free in netns dismantle
    (bsc#1235441).
  * CVE-2024-56664: bpf, sockmap: Fix race between element replace and close()
    (bsc#1235249).
  * CVE-2024-56759: btrfs: fix use-after-free when COWing tree bock and tracing
    is enabled (bsc#1235645).
  * CVE-2024-57791: net/smc: check return value of sock_recvmsg when draining
    clc data (bsc#1235759).
  * CVE-2024-57798: drm/dp_mst: Ensure mst_primary pointer is valid in
    drm_dp_mst_handle_up_req() (bsc#1235818).
  * CVE-2024-57849: s390/cpum_sf: Handle CPU hotplug remove during sampling
    (bsc#1235814).
  * CVE-2024-57893: ALSA: seq: oss: Fix races at processing SysEx messages
    (bsc#1235920).

The following non-security bugs were fixed:

  * NFS: Adjust the amount of readahead performed by NFS readdir (bsc#1231847).
  * NFS: Do not flush the readdir cache in nfs_dentry_iput() (bsc#1231847).
  * NFS: Improve heuristic for readdirplus (bsc#1231847).
  * NFS: Reduce readdir stack usage (bsc#1231847).
  * NFS: Trigger the "ls -l" readdir heuristic sooner (bsc#1231847).
  * NFS: Use kmemdup_nul() in nfs_readdir_make_qstr() (bsc#1231847).

## Special Instructions and Notes:

  * Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro 5.1  
    zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-517=1

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-517=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-517=1

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-517=1

  * SUSE Linux Enterprise Live Patching 15-SP3  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-517=1

  * SUSE Linux Enterprise High Availability Extension 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2025-517=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-517=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-517=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-517=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-517=1

## Package List:

  * SUSE Linux Enterprise Micro 5.1 (aarch64 nosrc s390x x86_64)
    * kernel-default-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
    * kernel-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-base-5.3.18-150300.59.191.1.150300.18.113.1
    * kernel-default-debugsource-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Micro 5.2 (aarch64 nosrc s390x x86_64)
    * kernel-default-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Micro 5.2 (aarch64 x86_64)
    * kernel-default-base-5.3.18-150300.59.191.1.150300.18.113.1
  * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
    * kernel-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-debugsource-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 nosrc s390x x86_64)
    * kernel-default-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 x86_64)
    * kernel-default-base-5.3.18-150300.59.191.1.150300.18.113.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
    * kernel-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-debugsource-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (noarch nosrc)
    * kernel-docs-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (noarch)
    * kernel-devel-5.3.18-150300.59.191.1
    * kernel-source-5.3.18-150300.59.191.1
    * kernel-source-vanilla-5.3.18-150300.59.191.1
    * kernel-macros-5.3.18-150300.59.191.1
    * kernel-docs-html-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (nosrc ppc64le x86_64)
    * kernel-debug-5.3.18-150300.59.191.1
    * kernel-kvmsmall-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (ppc64le x86_64)
    * kernel-kvmsmall-debugsource-5.3.18-150300.59.191.1
    * kernel-kvmsmall-devel-5.3.18-150300.59.191.1
    * kernel-debug-debugsource-5.3.18-150300.59.191.1
    * kernel-debug-devel-5.3.18-150300.59.191.1
    * kernel-kvmsmall-debuginfo-5.3.18-150300.59.191.1
    * kernel-debug-debuginfo-5.3.18-150300.59.191.1
    * kernel-kvmsmall-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-debug-devel-debuginfo-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64)
    * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * cluster-md-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-base-5.3.18-150300.59.191.1.150300.18.113.1
    * kernel-default-livepatch-5.3.18-150300.59.191.1
    * kernel-default-extra-5.3.18-150300.59.191.1
    * kernel-obs-build-5.3.18-150300.59.191.1
    * kernel-obs-qa-5.3.18-150300.59.191.1
    * cluster-md-kmp-default-5.3.18-150300.59.191.1
    * kernel-default-debugsource-5.3.18-150300.59.191.1
    * dlm-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * gfs2-kmp-default-5.3.18-150300.59.191.1
    * kernel-default-optional-debuginfo-5.3.18-150300.59.191.1
    * reiserfs-kmp-default-5.3.18-150300.59.191.1
    * kernel-default-optional-5.3.18-150300.59.191.1
    * kernel-default-base-rebuild-5.3.18-150300.59.191.1.150300.18.113.1
    * kernel-default-devel-5.3.18-150300.59.191.1
    * ocfs2-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * kselftests-kmp-default-5.3.18-150300.59.191.1
    * kernel-default-debuginfo-5.3.18-150300.59.191.1
    * ocfs2-kmp-default-5.3.18-150300.59.191.1
    * kernel-default-devel-debuginfo-5.3.18-150300.59.191.1
    * dlm-kmp-default-5.3.18-150300.59.191.1
    * kernel-default-extra-debuginfo-5.3.18-150300.59.191.1
    * gfs2-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * kselftests-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-syms-5.3.18-150300.59.191.1
    * kernel-obs-build-debugsource-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 nosrc)
    * kernel-default-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP3_Update_53-debugsource-1-150300.7.3.1
    * kernel-livepatch-5_3_18-150300_59_191-default-debuginfo-1-150300.7.3.1
    * kernel-livepatch-5_3_18-150300_59_191-default-1-150300.7.3.1
    * kernel-default-livepatch-devel-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (x86_64)
    * kernel-livepatch-5_3_18-150300_59_191-preempt-1-150300.7.3.1
    * kernel-livepatch-5_3_18-150300_59_191-preempt-debuginfo-1-150300.7.3.1
  * openSUSE Leap 15.3 (aarch64 x86_64)
    * gfs2-kmp-preempt-5.3.18-150300.59.191.1
    * reiserfs-kmp-preempt-5.3.18-150300.59.191.1
    * ocfs2-kmp-preempt-debuginfo-5.3.18-150300.59.191.1
    * kselftests-kmp-preempt-debuginfo-5.3.18-150300.59.191.1
    * reiserfs-kmp-preempt-debuginfo-5.3.18-150300.59.191.1
    * dlm-kmp-preempt-5.3.18-150300.59.191.1
    * kernel-preempt-extra-5.3.18-150300.59.191.1
    * kernel-preempt-optional-5.3.18-150300.59.191.1
    * cluster-md-kmp-preempt-5.3.18-150300.59.191.1
    * kernel-preempt-devel-5.3.18-150300.59.191.1
    * kernel-preempt-extra-debuginfo-5.3.18-150300.59.191.1
    * gfs2-kmp-preempt-debuginfo-5.3.18-150300.59.191.1
    * kernel-preempt-debugsource-5.3.18-150300.59.191.1
    * kernel-preempt-optional-debuginfo-5.3.18-150300.59.191.1
    * ocfs2-kmp-preempt-5.3.18-150300.59.191.1
    * kernel-preempt-devel-debuginfo-5.3.18-150300.59.191.1
    * kselftests-kmp-preempt-5.3.18-150300.59.191.1
    * kernel-preempt-debuginfo-5.3.18-150300.59.191.1
    * dlm-kmp-preempt-debuginfo-5.3.18-150300.59.191.1
    * cluster-md-kmp-preempt-debuginfo-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (aarch64 nosrc x86_64)
    * kernel-preempt-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (nosrc s390x)
    * kernel-zfcpdump-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (s390x)
    * kernel-zfcpdump-debugsource-5.3.18-150300.59.191.1
    * kernel-zfcpdump-debuginfo-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (nosrc)
    * dtb-aarch64-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (aarch64)
    * dtb-arm-5.3.18-150300.59.191.1
    * dtb-sprd-5.3.18-150300.59.191.1
    * kernel-64kb-debuginfo-5.3.18-150300.59.191.1
    * kernel-64kb-devel-debuginfo-5.3.18-150300.59.191.1
    * dtb-zte-5.3.18-150300.59.191.1
    * dtb-broadcom-5.3.18-150300.59.191.1
    * dtb-socionext-5.3.18-150300.59.191.1
    * cluster-md-kmp-64kb-debuginfo-5.3.18-150300.59.191.1
    * gfs2-kmp-64kb-5.3.18-150300.59.191.1
    * dtb-amd-5.3.18-150300.59.191.1
    * cluster-md-kmp-64kb-5.3.18-150300.59.191.1
    * dlm-kmp-64kb-debuginfo-5.3.18-150300.59.191.1
    * dtb-xilinx-5.3.18-150300.59.191.1
    * kernel-64kb-optional-5.3.18-150300.59.191.1
    * kernel-64kb-extra-debuginfo-5.3.18-150300.59.191.1
    * dtb-lg-5.3.18-150300.59.191.1
    * dlm-kmp-64kb-5.3.18-150300.59.191.1
    * reiserfs-kmp-64kb-5.3.18-150300.59.191.1
    * kselftests-kmp-64kb-debuginfo-5.3.18-150300.59.191.1
    * ocfs2-kmp-64kb-debuginfo-5.3.18-150300.59.191.1
    * kernel-64kb-optional-debuginfo-5.3.18-150300.59.191.1
    * dtb-al-5.3.18-150300.59.191.1
    * dtb-exynos-5.3.18-150300.59.191.1
    * dtb-rockchip-5.3.18-150300.59.191.1
    * dtb-amlogic-5.3.18-150300.59.191.1
    * dtb-cavium-5.3.18-150300.59.191.1
    * dtb-qcom-5.3.18-150300.59.191.1
    * dtb-mediatek-5.3.18-150300.59.191.1
    * kernel-64kb-debugsource-5.3.18-150300.59.191.1
    * gfs2-kmp-64kb-debuginfo-5.3.18-150300.59.191.1
    * dtb-marvell-5.3.18-150300.59.191.1
    * dtb-freescale-5.3.18-150300.59.191.1
    * dtb-nvidia-5.3.18-150300.59.191.1
    * dtb-altera-5.3.18-150300.59.191.1
    * dtb-renesas-5.3.18-150300.59.191.1
    * kselftests-kmp-64kb-5.3.18-150300.59.191.1
    * kernel-64kb-devel-5.3.18-150300.59.191.1
    * dtb-hisilicon-5.3.18-150300.59.191.1
    * dtb-apm-5.3.18-150300.59.191.1
    * ocfs2-kmp-64kb-5.3.18-150300.59.191.1
    * dtb-allwinner-5.3.18-150300.59.191.1
    * reiserfs-kmp-64kb-debuginfo-5.3.18-150300.59.191.1
    * kernel-64kb-extra-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (aarch64 nosrc)
    * kernel-64kb-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Live Patching 15-SP3 (nosrc)
    * kernel-default-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64)
    * kernel-livepatch-5_3_18-150300_59_191-default-1-150300.7.3.1
    * kernel-default-debugsource-5.3.18-150300.59.191.1
    * kernel-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-livepatch-5.3.18-150300.59.191.1
    * kernel-default-livepatch-devel-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise High Availability Extension 15 SP3 (aarch64 ppc64le
    s390x x86_64)
    * ocfs2-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * cluster-md-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * cluster-md-kmp-default-5.3.18-150300.59.191.1
    * gfs2-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-debugsource-5.3.18-150300.59.191.1
    * kernel-default-debuginfo-5.3.18-150300.59.191.1
    * ocfs2-kmp-default-5.3.18-150300.59.191.1
    * dlm-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * gfs2-kmp-default-5.3.18-150300.59.191.1
    * dlm-kmp-default-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise High Availability Extension 15 SP3 (nosrc)
    * kernel-default-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 nosrc)
    * kernel-64kb-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64)
    * kernel-64kb-debuginfo-5.3.18-150300.59.191.1
    * kernel-64kb-debugsource-5.3.18-150300.59.191.1
    * kernel-64kb-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-64kb-devel-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 nosrc
    x86_64)
    * kernel-preempt-5.3.18-150300.59.191.1
    * kernel-default-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-obs-build-5.3.18-150300.59.191.1
    * kernel-default-devel-5.3.18-150300.59.191.1
    * kernel-syms-5.3.18-150300.59.191.1
    * reiserfs-kmp-default-5.3.18-150300.59.191.1
    * kernel-preempt-devel-5.3.18-150300.59.191.1
    * kernel-preempt-debugsource-5.3.18-150300.59.191.1
    * kernel-default-debugsource-5.3.18-150300.59.191.1
    * kernel-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-preempt-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-base-5.3.18-150300.59.191.1.150300.18.113.1
    * kernel-preempt-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-obs-build-debugsource-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * kernel-devel-5.3.18-150300.59.191.1
    * kernel-macros-5.3.18-150300.59.191.1
    * kernel-source-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch nosrc)
    * kernel-docs-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 nosrc)
    * kernel-64kb-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64)
    * kernel-64kb-debuginfo-5.3.18-150300.59.191.1
    * kernel-64kb-debugsource-5.3.18-150300.59.191.1
    * kernel-64kb-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-64kb-devel-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64
    nosrc)
    * kernel-default-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-obs-build-5.3.18-150300.59.191.1
    * kernel-default-devel-5.3.18-150300.59.191.1
    * reiserfs-kmp-default-5.3.18-150300.59.191.1
    * kernel-default-debugsource-5.3.18-150300.59.191.1
    * kernel-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-base-5.3.18-150300.59.191.1.150300.18.113.1
    * kernel-syms-5.3.18-150300.59.191.1
    * kernel-default-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-obs-build-debugsource-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * kernel-devel-5.3.18-150300.59.191.1
    * kernel-macros-5.3.18-150300.59.191.1
    * kernel-source-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch nosrc)
    * kernel-docs-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 nosrc x86_64)
    * kernel-preempt-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 x86_64)
    * kernel-preempt-devel-5.3.18-150300.59.191.1
    * kernel-preempt-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-preempt-debugsource-5.3.18-150300.59.191.1
    * kernel-preempt-debuginfo-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (nosrc s390x)
    * kernel-zfcpdump-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (s390x)
    * kernel-zfcpdump-debugsource-5.3.18-150300.59.191.1
    * kernel-zfcpdump-debuginfo-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc ppc64le
    x86_64)
    * kernel-default-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-obs-build-5.3.18-150300.59.191.1
    * kernel-default-devel-5.3.18-150300.59.191.1
    * reiserfs-kmp-default-5.3.18-150300.59.191.1
    * kernel-default-debugsource-5.3.18-150300.59.191.1
    * kernel-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-base-5.3.18-150300.59.191.1.150300.18.113.1
    * kernel-syms-5.3.18-150300.59.191.1
    * kernel-default-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-obs-build-debugsource-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * kernel-devel-5.3.18-150300.59.191.1
    * kernel-macros-5.3.18-150300.59.191.1
    * kernel-source-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch nosrc)
    * kernel-docs-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc x86_64)
    * kernel-preempt-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64)
    * kernel-preempt-devel-5.3.18-150300.59.191.1
    * kernel-preempt-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-preempt-debugsource-5.3.18-150300.59.191.1
    * kernel-preempt-debuginfo-5.3.18-150300.59.191.1
  * SUSE Enterprise Storage 7.1 (aarch64 nosrc)
    * kernel-64kb-5.3.18-150300.59.191.1
  * SUSE Enterprise Storage 7.1 (aarch64)
    * kernel-64kb-debuginfo-5.3.18-150300.59.191.1
    * kernel-64kb-debugsource-5.3.18-150300.59.191.1
    * kernel-64kb-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-64kb-devel-5.3.18-150300.59.191.1
  * SUSE Enterprise Storage 7.1 (aarch64 nosrc x86_64)
    * kernel-preempt-5.3.18-150300.59.191.1
    * kernel-default-5.3.18-150300.59.191.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-obs-build-5.3.18-150300.59.191.1
    * kernel-default-devel-5.3.18-150300.59.191.1
    * kernel-syms-5.3.18-150300.59.191.1
    * reiserfs-kmp-default-5.3.18-150300.59.191.1
    * kernel-preempt-devel-5.3.18-150300.59.191.1
    * kernel-preempt-debugsource-5.3.18-150300.59.191.1
    * kernel-default-debugsource-5.3.18-150300.59.191.1
    * kernel-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-preempt-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-base-5.3.18-150300.59.191.1.150300.18.113.1
    * kernel-preempt-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-obs-build-debugsource-5.3.18-150300.59.191.1
  * SUSE Enterprise Storage 7.1 (noarch)
    * kernel-devel-5.3.18-150300.59.191.1
    * kernel-macros-5.3.18-150300.59.191.1
    * kernel-source-5.3.18-150300.59.191.1
  * SUSE Enterprise Storage 7.1 (noarch nosrc)
    * kernel-docs-5.3.18-150300.59.191.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-4244.html
  * https://www.suse.com/security/cve/CVE-2023-52923.html
  * https://www.suse.com/security/cve/CVE-2024-35863.html
  * https://www.suse.com/security/cve/CVE-2024-50199.html
  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://www.suse.com/security/cve/CVE-2024-56600.html
  * https://www.suse.com/security/cve/CVE-2024-56601.html
  * https://www.suse.com/security/cve/CVE-2024-56623.html
  * https://www.suse.com/security/cve/CVE-2024-56650.html
  * https://www.suse.com/security/cve/CVE-2024-56658.html
  * https://www.suse.com/security/cve/CVE-2024-56664.html
  * https://www.suse.com/security/cve/CVE-2024-56759.html
  * https://www.suse.com/security/cve/CVE-2024-57791.html
  * https://www.suse.com/security/cve/CVE-2024-57798.html
  * https://www.suse.com/security/cve/CVE-2024-57849.html
  * https://www.suse.com/security/cve/CVE-2024-57893.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1215420
  * https://bugzilla.suse.com/show_bug.cgi?id=1224763
  * https://bugzilla.suse.com/show_bug.cgi?id=1231847
  * https://bugzilla.suse.com/show_bug.cgi?id=1233112
  * https://bugzilla.suse.com/show_bug.cgi?id=1234025
  * https://bugzilla.suse.com/show_bug.cgi?id=1235217
  * https://bugzilla.suse.com/show_bug.cgi?id=1235230
  * https://bugzilla.suse.com/show_bug.cgi?id=1235249
  * https://bugzilla.suse.com/show_bug.cgi?id=1235430
  * https://bugzilla.suse.com/show_bug.cgi?id=1235441
  * https://bugzilla.suse.com/show_bug.cgi?id=1235466
  * https://bugzilla.suse.com/show_bug.cgi?id=1235645
  * https://bugzilla.suse.com/show_bug.cgi?id=1235759
  * https://bugzilla.suse.com/show_bug.cgi?id=1235814
  * https://bugzilla.suse.com/show_bug.cgi?id=1235818
  * https://bugzilla.suse.com/show_bug.cgi?id=1235920
  * https://bugzilla.suse.com/show_bug.cgi?id=1236104

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250213/618739b9/attachment.htm>

From null at suse.de  Thu Feb 13 16:30:22 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 13 Feb 2025 16:30:22 -0000
Subject: SUSE-SU-2025:0516-1: moderate: Security update for qemu
Message-ID: <173946422295.13737.411840677985569207@smelt2.prg2.suse.org>



# Security update for qemu

Announcement ID: SUSE-SU-2025:0516-1  
Release Date: 2025-02-13T11:59:11Z  
Rating: moderate  
References:

  * bsc#1215192

  
Cross-References:

  * CVE-2023-42467

  
CVSS scores:

  * CVE-2023-42467 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-42467 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * openSUSE Leap 15.5
  * SUSE Linux Enterprise Micro 5.5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for qemu fixes the following issues:

  * CVE-2023-42467: Disallow block sizes smaller than 512 (bsc#1215192).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-516=1

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-516=1

## Package List:

  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * qemu-ui-spice-core-7.1.0-150500.49.30.1
    * qemu-block-curl-7.1.0-150500.49.30.1
    * qemu-guest-agent-7.1.0-150500.49.30.1
    * qemu-chardev-spice-debuginfo-7.1.0-150500.49.30.1
    * qemu-hw-display-virtio-vga-7.1.0-150500.49.30.1
    * qemu-debuginfo-7.1.0-150500.49.30.1
    * qemu-audio-spice-debuginfo-7.1.0-150500.49.30.1
    * qemu-hw-usb-redirect-7.1.0-150500.49.30.1
    * qemu-hw-display-qxl-7.1.0-150500.49.30.1
    * qemu-chardev-spice-7.1.0-150500.49.30.1
    * qemu-ui-opengl-debuginfo-7.1.0-150500.49.30.1
    * qemu-guest-agent-debuginfo-7.1.0-150500.49.30.1
    * qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.30.1
    * qemu-hw-display-virtio-gpu-7.1.0-150500.49.30.1
    * qemu-audio-spice-7.1.0-150500.49.30.1
    * qemu-debugsource-7.1.0-150500.49.30.1
    * qemu-block-curl-debuginfo-7.1.0-150500.49.30.1
    * qemu-tools-7.1.0-150500.49.30.1
    * qemu-ui-spice-core-debuginfo-7.1.0-150500.49.30.1
    * qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.30.1
    * qemu-7.1.0-150500.49.30.1
    * qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.30.1
    * qemu-ui-opengl-7.1.0-150500.49.30.1
    * qemu-tools-debuginfo-7.1.0-150500.49.30.1
    * qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.30.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64)
    * qemu-arm-debuginfo-7.1.0-150500.49.30.1
    * qemu-arm-7.1.0-150500.49.30.1
  * SUSE Linux Enterprise Micro 5.5 (noarch)
    * qemu-vgabios-1.16.0_0_gd239552-150500.49.30.1
    * qemu-SLOF-7.1.0-150500.49.30.1
    * qemu-ipxe-1.0.0+-150500.49.30.1
    * qemu-sgabios-8-150500.49.30.1
    * qemu-seabios-1.16.0_0_gd239552-150500.49.30.1
  * SUSE Linux Enterprise Micro 5.5 (ppc64le)
    * qemu-ppc-debuginfo-7.1.0-150500.49.30.1
    * qemu-ppc-7.1.0-150500.49.30.1
  * SUSE Linux Enterprise Micro 5.5 (s390x)
    * qemu-s390x-7.1.0-150500.49.30.1
    * qemu-s390x-debuginfo-7.1.0-150500.49.30.1
  * SUSE Linux Enterprise Micro 5.5 (x86_64)
    * qemu-accel-tcg-x86-7.1.0-150500.49.30.1
    * qemu-x86-debuginfo-7.1.0-150500.49.30.1
    * qemu-x86-7.1.0-150500.49.30.1
    * qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.30.1
  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
    * qemu-accel-qtest-debuginfo-7.1.0-150500.49.30.1
    * qemu-block-dmg-7.1.0-150500.49.30.1
    * qemu-ksm-7.1.0-150500.49.30.1
    * qemu-ui-spice-core-7.1.0-150500.49.30.1
    * qemu-arm-7.1.0-150500.49.30.1
    * qemu-ivshmem-tools-7.1.0-150500.49.30.1
    * qemu-hw-usb-redirect-7.1.0-150500.49.30.1
    * qemu-vhost-user-gpu-debuginfo-7.1.0-150500.49.30.1
    * qemu-ui-curses-7.1.0-150500.49.30.1
    * qemu-chardev-baum-7.1.0-150500.49.30.1
    * qemu-audio-jack-7.1.0-150500.49.30.1
    * qemu-hw-usb-smartcard-debuginfo-7.1.0-150500.49.30.1
    * qemu-audio-dbus-7.1.0-150500.49.30.1
    * qemu-linux-user-7.1.0-150500.49.30.1
    * qemu-hw-display-virtio-gpu-7.1.0-150500.49.30.1
    * qemu-block-curl-debuginfo-7.1.0-150500.49.30.1
    * qemu-chardev-baum-debuginfo-7.1.0-150500.49.30.1
    * qemu-linux-user-debuginfo-7.1.0-150500.49.30.1
    * qemu-audio-pa-7.1.0-150500.49.30.1
    * qemu-7.1.0-150500.49.30.1
    * qemu-ui-opengl-7.1.0-150500.49.30.1
    * qemu-ui-spice-app-7.1.0-150500.49.30.1
    * qemu-ui-dbus-7.1.0-150500.49.30.1
    * qemu-audio-oss-7.1.0-150500.49.30.1
    * qemu-ui-gtk-7.1.0-150500.49.30.1
    * qemu-hw-s390x-virtio-gpu-ccw-debuginfo-7.1.0-150500.49.30.1
    * qemu-ui-spice-app-debuginfo-7.1.0-150500.49.30.1
    * qemu-chardev-spice-debuginfo-7.1.0-150500.49.30.1
    * qemu-s390x-7.1.0-150500.49.30.1
    * qemu-audio-spice-debuginfo-7.1.0-150500.49.30.1
    * qemu-extra-7.1.0-150500.49.30.1
    * qemu-chardev-spice-7.1.0-150500.49.30.1
    * qemu-guest-agent-debuginfo-7.1.0-150500.49.30.1
    * qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.30.1
    * qemu-block-ssh-7.1.0-150500.49.30.1
    * qemu-tools-7.1.0-150500.49.30.1
    * qemu-ui-spice-core-debuginfo-7.1.0-150500.49.30.1
    * qemu-audio-pa-debuginfo-7.1.0-150500.49.30.1
    * qemu-accel-qtest-7.1.0-150500.49.30.1
    * qemu-audio-alsa-debuginfo-7.1.0-150500.49.30.1
    * qemu-vhost-user-gpu-7.1.0-150500.49.30.1
    * qemu-block-gluster-debuginfo-7.1.0-150500.49.30.1
    * qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.30.1
    * qemu-arm-debuginfo-7.1.0-150500.49.30.1
    * qemu-extra-debuginfo-7.1.0-150500.49.30.1
    * qemu-x86-debuginfo-7.1.0-150500.49.30.1
    * qemu-hw-display-virtio-gpu-pci-7.1.0-150500.49.30.1
    * qemu-ui-gtk-debuginfo-7.1.0-150500.49.30.1
    * qemu-block-gluster-7.1.0-150500.49.30.1
    * qemu-hw-display-virtio-vga-7.1.0-150500.49.30.1
    * qemu-hw-usb-host-7.1.0-150500.49.30.1
    * qemu-ppc-debuginfo-7.1.0-150500.49.30.1
    * qemu-block-iscsi-7.1.0-150500.49.30.1
    * qemu-block-ssh-debuginfo-7.1.0-150500.49.30.1
    * qemu-hw-usb-smartcard-7.1.0-150500.49.30.1
    * qemu-x86-7.1.0-150500.49.30.1
    * qemu-hw-usb-host-debuginfo-7.1.0-150500.49.30.1
    * qemu-block-dmg-debuginfo-7.1.0-150500.49.30.1
    * qemu-audio-spice-7.1.0-150500.49.30.1
    * qemu-linux-user-debugsource-7.1.0-150500.49.30.1
    * qemu-block-iscsi-debuginfo-7.1.0-150500.49.30.1
    * qemu-tools-debuginfo-7.1.0-150500.49.30.1
    * qemu-s390x-debuginfo-7.1.0-150500.49.30.1
    * qemu-headless-7.1.0-150500.49.30.1
    * qemu-ui-curses-debuginfo-7.1.0-150500.49.30.1
    * qemu-audio-jack-debuginfo-7.1.0-150500.49.30.1
    * qemu-block-nfs-7.1.0-150500.49.30.1
    * qemu-block-curl-7.1.0-150500.49.30.1
    * qemu-guest-agent-7.1.0-150500.49.30.1
    * qemu-debuginfo-7.1.0-150500.49.30.1
    * qemu-ppc-7.1.0-150500.49.30.1
    * qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.30.1
    * qemu-hw-display-virtio-gpu-pci-debuginfo-7.1.0-150500.49.30.1
    * qemu-hw-display-qxl-7.1.0-150500.49.30.1
    * qemu-hw-s390x-virtio-gpu-ccw-7.1.0-150500.49.30.1
    * qemu-audio-oss-debuginfo-7.1.0-150500.49.30.1
    * qemu-ivshmem-tools-debuginfo-7.1.0-150500.49.30.1
    * qemu-block-nfs-debuginfo-7.1.0-150500.49.30.1
    * qemu-ui-opengl-debuginfo-7.1.0-150500.49.30.1
    * qemu-audio-alsa-7.1.0-150500.49.30.1
    * qemu-ui-dbus-debuginfo-7.1.0-150500.49.30.1
    * qemu-debugsource-7.1.0-150500.49.30.1
    * qemu-accel-tcg-x86-7.1.0-150500.49.30.1
    * qemu-audio-dbus-debuginfo-7.1.0-150500.49.30.1
    * qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.30.1
    * qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.30.1
  * openSUSE Leap 15.5 (s390x x86_64 i586)
    * qemu-kvm-7.1.0-150500.49.30.1
  * openSUSE Leap 15.5 (noarch)
    * qemu-sgabios-8-150500.49.30.1
    * qemu-microvm-7.1.0-150500.49.30.1
    * qemu-lang-7.1.0-150500.49.30.1
    * qemu-vgabios-1.16.0_0_gd239552-150500.49.30.1
    * qemu-SLOF-7.1.0-150500.49.30.1
    * qemu-skiboot-7.1.0-150500.49.30.1
    * qemu-ipxe-1.0.0+-150500.49.30.1
    * qemu-seabios-1.16.0_0_gd239552-150500.49.30.1
  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
    * qemu-block-rbd-7.1.0-150500.49.30.1
    * qemu-block-rbd-debuginfo-7.1.0-150500.49.30.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-42467.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1215192

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250213/bd876ec9/attachment.htm>

From null at suse.de  Thu Feb 13 20:30:05 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 13 Feb 2025 20:30:05 -0000
Subject: SUSE-SU-2025:0521-1: important: Security update for python312
Message-ID: <173947860573.21757.7275920377663026383@smelt2.prg2.suse.org>



# Security update for python312

Announcement ID: SUSE-SU-2025:0521-1  
Release Date: 2025-02-13T16:11:53Z  
Rating: important  
References:

  * bsc#1228165
  * bsc#1234290
  * bsc#1236705

  
Cross-References:

  * CVE-2024-12254
  * CVE-2025-0938

  
CVSS scores:

  * CVE-2024-12254 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2024-12254 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-12254 ( NVD ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2024-12254 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-0938 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N
  * CVE-2025-0938 ( SUSE ):  4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
  * CVE-2025-0938 ( NVD ):  6.3
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

  
Affected Products:

  * openSUSE Leap 15.6
  * Python 3 Module 15-SP6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves two vulnerabilities and has one security fix can now be
installed.

## Description:

This update for python312 fixes the following issues:

  * CVE-2025-0938: Functions `urllib.parse.urlsplit` and `urlparse` accept
    domain names including square brackets (bsc#1236705).
  * CVE-2024-12254: Unbounded memory buffering in
    SelectorSocketTransport.writelines() (bsc#1234290).

Other bugfixes:

  * Position of SUSE Python interpreters on Externally managed environments
    (bsc#1228165).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-521=1 openSUSE-SLE-15.6-2025-521=1

  * Python 3 Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2025-521=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * libpython3_12-1_0-debuginfo-3.12.9-150600.3.18.1
    * python312-tk-3.12.9-150600.3.18.1
    * python312-curses-3.12.9-150600.3.18.1
    * python312-debugsource-3.12.9-150600.3.18.1
    * python312-idle-3.12.9-150600.3.18.1
    * python312-base-3.12.9-150600.3.18.1
    * python312-doc-devhelp-3.12.9-150600.3.18.1
    * python312-tk-debuginfo-3.12.9-150600.3.18.1
    * python312-debuginfo-3.12.9-150600.3.18.1
    * libpython3_12-1_0-3.12.9-150600.3.18.1
    * python312-base-debuginfo-3.12.9-150600.3.18.1
    * python312-testsuite-3.12.9-150600.3.18.1
    * python312-testsuite-debuginfo-3.12.9-150600.3.18.1
    * python312-dbm-3.12.9-150600.3.18.1
    * python312-curses-debuginfo-3.12.9-150600.3.18.1
    * python312-doc-3.12.9-150600.3.18.1
    * python312-3.12.9-150600.3.18.1
    * python312-devel-3.12.9-150600.3.18.1
    * python312-dbm-debuginfo-3.12.9-150600.3.18.1
    * python312-core-debugsource-3.12.9-150600.3.18.1
    * python312-tools-3.12.9-150600.3.18.1
  * openSUSE Leap 15.6 (x86_64)
    * python312-32bit-3.12.9-150600.3.18.1
    * python312-base-32bit-3.12.9-150600.3.18.1
    * libpython3_12-1_0-32bit-debuginfo-3.12.9-150600.3.18.1
    * python312-base-32bit-debuginfo-3.12.9-150600.3.18.1
    * libpython3_12-1_0-32bit-3.12.9-150600.3.18.1
    * python312-32bit-debuginfo-3.12.9-150600.3.18.1
  * openSUSE Leap 15.6 (aarch64_ilp32)
    * python312-base-64bit-debuginfo-3.12.9-150600.3.18.1
    * libpython3_12-1_0-64bit-debuginfo-3.12.9-150600.3.18.1
    * python312-64bit-3.12.9-150600.3.18.1
    * libpython3_12-1_0-64bit-3.12.9-150600.3.18.1
    * python312-64bit-debuginfo-3.12.9-150600.3.18.1
    * python312-base-64bit-3.12.9-150600.3.18.1
  * Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * libpython3_12-1_0-debuginfo-3.12.9-150600.3.18.1
    * python312-3.12.9-150600.3.18.1
    * python312-devel-3.12.9-150600.3.18.1
    * python312-idle-3.12.9-150600.3.18.1
    * python312-dbm-debuginfo-3.12.9-150600.3.18.1
    * python312-curses-3.12.9-150600.3.18.1
    * python312-tk-3.12.9-150600.3.18.1
    * python312-tk-debuginfo-3.12.9-150600.3.18.1
    * python312-debugsource-3.12.9-150600.3.18.1
    * libpython3_12-1_0-3.12.9-150600.3.18.1
    * python312-base-debuginfo-3.12.9-150600.3.18.1
    * python312-base-3.12.9-150600.3.18.1
    * python312-debuginfo-3.12.9-150600.3.18.1
    * python312-core-debugsource-3.12.9-150600.3.18.1
    * python312-tools-3.12.9-150600.3.18.1
    * python312-dbm-3.12.9-150600.3.18.1
    * python312-curses-debuginfo-3.12.9-150600.3.18.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-12254.html
  * https://www.suse.com/security/cve/CVE-2025-0938.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1228165
  * https://bugzilla.suse.com/show_bug.cgi?id=1234290
  * https://bugzilla.suse.com/show_bug.cgi?id=1236705

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250213/6352b295/attachment.htm>

From null at suse.de  Fri Feb 14 08:30:08 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 14 Feb 2025 08:30:08 -0000
Subject: SUSE-RU-2025:0547-1: moderate: Recommended update for systemd
Message-ID: <173952180862.21560.12516276165137514247@smelt2.prg2.suse.org>



# Recommended update for systemd

Announcement ID: SUSE-RU-2025:0547-1  
Release Date: 2025-02-14T07:26:45Z  
Rating: moderate  
References:

  * bsc#1229228
  * bsc#1233752
  * bsc#1234313
  * bsc#1234765

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Package Hub 15 15-SP6

  
  
An update that has four fixes can now be installed.

## Description:

This update for systemd fixes the following issues:

  * Fix agetty failing to open credentials directory (bsc#1229228)
  * stdio-bridge: fix polled fds
  * hwdb: comment out the entry for Logitech MX Keys for Mac
  * core/unit-serialize: fix serialization of markers
  * locale-setup: do not load locale from environemnt when /etc/locale.conf is
    unchanged
  * core: fix assert when AddDependencyUnitFiles is called with invalid
    parameter
  * Fix systemd-network recommending libidn2-devel (bsc#1234765)
  * tpm2-util: also retry unsealing after policy_pcr returns PCR_CHANGED
    (bsc#1233752 bsc#1234313)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-547=1 openSUSE-SLE-15.6-2025-547=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-547=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-547=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * udev-mini-254.23-150600.4.24.1
    * libudev1-debuginfo-254.23-150600.4.25.1
    * libsystemd0-mini-254.23-150600.4.24.1
    * systemd-sysvcompat-254.23-150600.4.25.1
    * systemd-network-debuginfo-254.23-150600.4.25.1
    * systemd-container-debuginfo-254.23-150600.4.25.1
    * systemd-coredump-debuginfo-254.23-150600.4.25.1
    * systemd-sysvcompat-debuginfo-254.23-150600.4.25.1
    * systemd-portable-debuginfo-254.23-150600.4.25.1
    * systemd-debugsource-254.23-150600.4.25.1
    * systemd-254.23-150600.4.25.1
    * libudev1-254.23-150600.4.25.1
    * libudev-mini1-254.23-150600.4.24.1
    * systemd-experimental-debuginfo-254.23-150600.4.25.1
    * udev-254.23-150600.4.25.1
    * systemd-mini-debuginfo-254.23-150600.4.24.1
    * systemd-doc-254.23-150600.4.25.1
    * systemd-testsuite-debuginfo-254.23-150600.4.25.1
    * libsystemd0-mini-debuginfo-254.23-150600.4.24.1
    * systemd-container-254.23-150600.4.25.1
    * systemd-devel-254.23-150600.4.25.1
    * udev-mini-debuginfo-254.23-150600.4.24.1
    * libsystemd0-254.23-150600.4.25.1
    * systemd-mini-container-254.23-150600.4.24.1
    * systemd-testsuite-254.23-150600.4.25.1
    * systemd-homed-debuginfo-254.23-150600.4.25.1
    * systemd-network-254.23-150600.4.25.1
    * systemd-journal-remote-254.23-150600.4.25.1
    * systemd-mini-254.23-150600.4.24.1
    * libsystemd0-debuginfo-254.23-150600.4.25.1
    * systemd-homed-254.23-150600.4.25.1
    * systemd-coredump-254.23-150600.4.25.1
    * udev-debuginfo-254.23-150600.4.25.1
    * libudev-mini1-debuginfo-254.23-150600.4.24.1
    * systemd-debuginfo-254.23-150600.4.25.1
    * systemd-experimental-254.23-150600.4.25.1
    * systemd-mini-debugsource-254.23-150600.4.24.1
    * systemd-mini-devel-254.23-150600.4.24.1
    * systemd-portable-254.23-150600.4.25.1
    * systemd-journal-remote-debuginfo-254.23-150600.4.25.1
    * systemd-mini-container-debuginfo-254.23-150600.4.24.1
  * openSUSE Leap 15.6 (x86_64)
    * systemd-32bit-debuginfo-254.23-150600.4.25.1
    * libudev1-32bit-254.23-150600.4.25.1
    * libsystemd0-32bit-254.23-150600.4.25.1
    * systemd-devel-32bit-254.23-150600.4.25.1
    * libudev1-32bit-debuginfo-254.23-150600.4.25.1
    * systemd-32bit-254.23-150600.4.25.1
    * libsystemd0-32bit-debuginfo-254.23-150600.4.25.1
  * openSUSE Leap 15.6 (aarch64 x86_64 i586)
    * systemd-boot-254.23-150600.4.25.1
    * systemd-boot-debuginfo-254.23-150600.4.25.1
  * openSUSE Leap 15.6 (noarch)
    * systemd-lang-254.23-150600.4.25.1
  * openSUSE Leap 15.6 (aarch64_ilp32)
    * systemd-devel-64bit-254.23-150600.4.25.1
    * libsystemd0-64bit-debuginfo-254.23-150600.4.25.1
    * libudev1-64bit-254.23-150600.4.25.1
    * systemd-64bit-debuginfo-254.23-150600.4.25.1
    * libudev1-64bit-debuginfo-254.23-150600.4.25.1
    * systemd-64bit-254.23-150600.4.25.1
    * libsystemd0-64bit-254.23-150600.4.25.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * udev-debuginfo-254.23-150600.4.25.1
    * libsystemd0-debuginfo-254.23-150600.4.25.1
    * systemd-container-254.23-150600.4.25.1
    * systemd-coredump-254.23-150600.4.25.1
    * systemd-coredump-debuginfo-254.23-150600.4.25.1
    * libudev1-debuginfo-254.23-150600.4.25.1
    * libsystemd0-254.23-150600.4.25.1
    * systemd-devel-254.23-150600.4.25.1
    * systemd-debugsource-254.23-150600.4.25.1
    * systemd-254.23-150600.4.25.1
    * systemd-journal-remote-254.23-150600.4.25.1
    * systemd-sysvcompat-debuginfo-254.23-150600.4.25.1
    * systemd-debuginfo-254.23-150600.4.25.1
    * systemd-sysvcompat-254.23-150600.4.25.1
    * libudev1-254.23-150600.4.25.1
    * udev-254.23-150600.4.25.1
    * systemd-container-debuginfo-254.23-150600.4.25.1
    * systemd-doc-254.23-150600.4.25.1
  * Basesystem Module 15-SP6 (noarch)
    * systemd-lang-254.23-150600.4.25.1
  * Basesystem Module 15-SP6 (x86_64)
    * systemd-32bit-debuginfo-254.23-150600.4.25.1
    * libudev1-32bit-254.23-150600.4.25.1
    * libsystemd0-32bit-254.23-150600.4.25.1
    * libudev1-32bit-debuginfo-254.23-150600.4.25.1
    * systemd-32bit-254.23-150600.4.25.1
    * libsystemd0-32bit-debuginfo-254.23-150600.4.25.1
  * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64)
    * systemd-network-debuginfo-254.23-150600.4.25.1
    * systemd-debugsource-254.23-150600.4.25.1
    * systemd-network-254.23-150600.4.25.1
    * systemd-debuginfo-254.23-150600.4.25.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1229228
  * https://bugzilla.suse.com/show_bug.cgi?id=1233752
  * https://bugzilla.suse.com/show_bug.cgi?id=1234313
  * https://bugzilla.suse.com/show_bug.cgi?id=1234765

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250214/3fd9ce3d/attachment.htm>

From null at suse.de  Fri Feb 14 08:30:11 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 14 Feb 2025 08:30:11 -0000
Subject: SUSE-SU-2025:0546-1: moderate: Security update
 golang-github-prometheus-prometheus
Message-ID: <173952181100.21560.9665393549947450423@smelt2.prg2.suse.org>



# Security update golang-github-prometheus-prometheus

Announcement ID: SUSE-SU-2025:0546-1  
Release Date: 2025-02-14T07:24:45Z  
Rating: moderate  
References:

  * bsc#1232970
  * jsc#MSQA-914
  * jsc#PED-11649

  
Cross-References:

  * CVE-2024-51744

  
CVSS scores:

  * CVE-2024-51744 ( SUSE ):  2.1
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-51744 ( SUSE ):  3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
  * CVE-2024-51744 ( NVD ):  3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

  
Affected Products:

  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Manager Proxy 4.3
  * SUSE Manager Proxy 4.3 Module
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Package Hub 15 15-SP6

  
  
An update that solves one vulnerability and contains two features can now be
installed.

## Description:

golang-github-prometheus-prometheus was updated from version 2.45.6 to 2.53.3
(jsc#PED-11649):

  * Security issues fixed:
  * CVE-2024-51744: Updated golang-jwt to version 5.0 to fix bad error handling
    (bsc#1232970)

  * Highlights of other changes:

  * Performance:
    * Significant enhancements to PromQL execution speed, TSDB operations (especially querying and compaction) and remote write operations.
    * Default GOGC value lowered to 75 for better memory management. 
    * Option to limit memory usage from dropped targets added.
  * New Features:
    * Experimental OpenTelemetry ingestion.
    * Automatic memory limit handling.
    * Native histogram support, including new functions, UI enhancements, and improved scraping.
    * Improved alerting features, such as relabeling rules for AlertmanagerConfig and a new query_offset option.
    * Expanded service discovery options with added metadata and support for new services.
    * New promtool commands for PromQL formatting, label manipulation, metric pushing, and OpenMetrics dumping.
  * Bug Fixes:
    * Numerous fixes across scraping, API, TSDB, PromQL, and service discovery.
  * For a detailed list of changes consult the package changelog or
    https://github.com/prometheus/prometheus/compare/v2.45.6...v2.53.3

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-546=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-546=1

  * SUSE Manager Proxy 4.3 Module  
    zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.3-2025-546=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * firewalld-prometheus-config-0.1-150100.4.23.1
    * golang-github-prometheus-prometheus-2.53.3-150100.4.23.1
  * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64)
    * golang-github-prometheus-prometheus-2.53.3-150100.4.23.1
  * SUSE Manager Proxy 4.3 Module (aarch64 ppc64le s390x x86_64)
    * golang-github-prometheus-prometheus-2.53.3-150100.4.23.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-51744.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1232970
  * https://jira.suse.com/browse/MSQA-914
  * https://jira.suse.com/browse/PED-11649

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250214/c45e4267/attachment.htm>

From null at suse.de  Fri Feb 14 08:30:16 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 14 Feb 2025 08:30:16 -0000
Subject: SUSE-SU-2025:0545-1: moderate: Security update for grafana
Message-ID: <173952181669.21560.10686639090174027596@smelt2.prg2.suse.org>



# Security update for grafana

Announcement ID: SUSE-SU-2025:0545-1  
Release Date: 2025-02-14T07:24:23Z  
Rating: moderate  
References:

  * bsc#1212641
  * bsc#1219912
  * bsc#1231024
  * bsc#1234554
  * bsc#1236301
  * jsc#MSQA-914
  * jsc#PED-11591
  * jsc#PED-11649

  
Cross-References:

  * CVE-2023-3128
  * CVE-2023-6152
  * CVE-2024-45337
  * CVE-2024-6837
  * CVE-2024-8118

  
CVSS scores:

  * CVE-2023-3128 ( SUSE ):  9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
  * CVE-2023-3128 ( NVD ):  9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
  * CVE-2023-3128 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-6152 ( SUSE ):  5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
  * CVE-2023-6152 ( NVD ):  5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
  * CVE-2023-6152 ( NVD ):  5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
  * CVE-2024-45337 ( SUSE ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45337 ( NVD ):  9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
  * CVE-2024-6837 ( SUSE ):  5.3
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-6837 ( SUSE ):  5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
  * CVE-2024-8118 ( SUSE ):  4.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
  * CVE-2024-8118 ( NVD ):  5.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

  
Affected Products:

  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Package Hub 15 15-SP6

  
  
An update that solves five vulnerabilities and contains three features can now
be installed.

## Description:

This update for grafana fixes the following issues:

grafana was updated from version 9.5.18 to 10.4.13
(jsc#PED-11591,jsc#PED-11649):

  * Security issues fixed:
  * CVE-2024-45337: Prevent possible misuse of ServerConfig.PublicKeyCallback by
    upgrading golang.org/x/crypto (bsc#1234554)
  * CVE-2023-3128: Fixed authentication bypass using Azure AD OAuth
    (bsc#1212641)
  * CVE-2023-6152: Add email verification when updating user email (bsc#1219912)
  * CVE-2024-6837: Fixed potential data source permission escalation
    (bsc#1236301)
  * CVE-2024-8118: Fixed permission on external alerting rule write endpoint
    (bsc#1231024)

  * Potential breaking changes in version 10:

  * In panels using the `extract fields` transformation, where one of the
    extracted names collides with one of the already existing ields, the
    extracted field will be renamed.
  * For the existing backend mode users who have table visualization might see
    some inconsistencies on their panels. We have updated the table column
    naming. This will potentially affect field transformations and/or field
    overrides. To resolve this either: update transformation or field override.
  * For the existing backend mode users who have Transformations with the `time`
    field, might see their transformations are not working. Those panels that
    have broken transformations will fail to render. This is because we changed
    the field key. To resolve this either: Remove the affected panel and re-
    create it; Select the `Time` field again; Edit the `time` field as `Time`
    for transformation in `panel.json` or `dashboard.json`
  * The following data source permission endpoints have been removed: `GET
    /datasources/:datasourceId/permissions` `POST
    /api/datasources/:datasourceId/permissions` `DELETE
    /datasources/:datasourceId/permissions` `POST
    /datasources/:datasourceId/enable-permissions` `POST
    /datasources/:datasourceId/disable-permissions`
    * Please use the following endpoints instead: `GET /api/access-control/datasources/:uid` for listing data source permissions `POST /api/access-control/datasources/:uid/users/:id`, `POST /api/access-control/datasources/:uid/teams/:id` and `POST /api/access-control/datasources/:uid/buildInRoles/:id` for adding or removing data source permissions
  * If you are using Terraform Grafana provider to manage data source
    permissions, you will need to upgrade your provider.
  * For the existing backend mode users who have table visualization might see
    some inconsistencies on their panels. We have updated the table column
    naming. This will potentially affect field transformations and/or field
    overrides.
  * The deprecated `/playlists/{uid}/dashboards` API endpoint has been removed.
    Dashboard information can be retrieved from the `/dashboard/...` APIs.
  * The `PUT /api/folders/:uid` endpoint no more supports modifying the folder's
    `UID`
  * Removed all components for the old panel header design.
  * Please review https://grafana.com/docs/grafana/next/breaking-
    changes/breaking-changes-v10-3/ for more details
  * OAuth role mapping enforcement: This change impacts GitHub, Gitlab, Okta,
    and Generic OAuth. To avoid overriding manually set roles, enable the
    skip_org_role_sync option in the Grafana configuration for your OAuth
    provider before upgrading
  * Angular has been deprecated
  * Grafana legacy alerting has been deprecated
  * API keys are migrating to service accounts
  * The experimental &#8220;dashboard previews&#8221; feature is removed
  * Usernames are now case-insensitive by default
  * Grafana OAuth integrations do not work anymore with email lookups
  * The &#8220;Alias&#8221; field in the CloudWatch data source is removed
  * Athena data source plugin must be updated to version &gt;=2.9.3
  * Redshift data source plugin must be updated to version &gt;=1.8.3
  * DoiT International BigQuery plugin no longer supported
  * Please review https://grafana.com/docs/grafana/next/breaking-
    changes/breaking-changes-v10-0 for more details

  * This update brings many new features, enhancements and fixes highlighted at:

  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-4/
  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-3/
  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-2/
  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-1/
  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-0/

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-545=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-545=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * grafana-10.4.13-150200.3.59.1
    * grafana-debuginfo-10.4.13-150200.3.59.1
  * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64)
    * grafana-10.4.13-150200.3.59.1
    * grafana-debuginfo-10.4.13-150200.3.59.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-3128.html
  * https://www.suse.com/security/cve/CVE-2023-6152.html
  * https://www.suse.com/security/cve/CVE-2024-45337.html
  * https://www.suse.com/security/cve/CVE-2024-6837.html
  * https://www.suse.com/security/cve/CVE-2024-8118.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1212641
  * https://bugzilla.suse.com/show_bug.cgi?id=1219912
  * https://bugzilla.suse.com/show_bug.cgi?id=1231024
  * https://bugzilla.suse.com/show_bug.cgi?id=1234554
  * https://bugzilla.suse.com/show_bug.cgi?id=1236301
  * https://jira.suse.com/browse/MSQA-914
  * https://jira.suse.com/browse/PED-11591
  * https://jira.suse.com/browse/PED-11649

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250214/210e71dd/attachment.htm>

From null at suse.de  Fri Feb 14 08:30:21 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 14 Feb 2025 08:30:21 -0000
Subject: SUSE-RU-2025:0544-1: important: Recommended update for salt
Message-ID: <173952182115.21560.15633994631532527200@smelt2.prg2.suse.org>



# Recommended update for salt

Announcement ID: SUSE-RU-2025:0544-1  
Release Date: 2025-02-14T07:24:05Z  
Rating: important  
References:

  * bsc#1228182
  * bsc#1228690
  * bsc#1233667
  * jsc#MSQA-914

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.5
  * openSUSE Leap 15.6
  * Server Applications Module 15-SP6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * Transactional Server Module 15-SP6

  
  
An update that contains one feature and has three fixes can now be installed.

## Description:

This update for salt fixes the following issues:

  * Revert setting SELinux context for minion service (bsc#1233667)
  * Removed System V init support
  * Fix the condition of alternatives for Tumbleweed and Leap 16
  * Build all python bindings for all flavors
  * Make minion reconnecting on changing master IP (bsc#1228182)
  * Handle logger exception when flushing already closed file
  * Include passlib as a recommended dependency
  * Make Salt Bundle more tolerant to long running jobs (bsc#1228690)

## Special Instructions and Notes:

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-544=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-544=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-544=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-544=1

  * Server Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-544=1

  * Transactional Server Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Transactional-Server-15-SP6-2025-544=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-544=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-544=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-544=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-544=1

## Package List:

  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
    * salt-ssh-3006.0-150500.4.47.1
    * salt-api-3006.0-150500.4.47.1
    * salt-proxy-3006.0-150500.4.47.1
    * python311-salt-3006.0-150500.4.47.1
    * python3-salt-3006.0-150500.4.47.1
    * salt-cloud-3006.0-150500.4.47.1
    * python311-salt-testsuite-3006.0-150500.4.47.1
    * salt-minion-3006.0-150500.4.47.1
    * salt-transactional-update-3006.0-150500.4.47.1
    * salt-3006.0-150500.4.47.1
    * python3-salt-testsuite-3006.0-150500.4.47.1
    * salt-master-3006.0-150500.4.47.1
    * salt-syndic-3006.0-150500.4.47.1
    * salt-standalone-formulas-configuration-3006.0-150500.4.47.1
    * salt-doc-3006.0-150500.4.47.1
  * openSUSE Leap 15.5 (noarch)
    * salt-zsh-completion-3006.0-150500.4.47.1
    * salt-fish-completion-3006.0-150500.4.47.1
    * salt-bash-completion-3006.0-150500.4.47.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * salt-ssh-3006.0-150500.4.47.1
    * salt-api-3006.0-150500.4.47.1
    * salt-proxy-3006.0-150500.4.47.1
    * python3-salt-3006.0-150500.4.47.1
    * salt-cloud-3006.0-150500.4.47.1
    * python3-salt-testsuite-3006.0-150500.4.47.1
    * salt-minion-3006.0-150500.4.47.1
    * salt-3006.0-150500.4.47.1
    * salt-transactional-update-3006.0-150500.4.47.1
    * salt-master-3006.0-150500.4.47.1
    * salt-syndic-3006.0-150500.4.47.1
    * salt-standalone-formulas-configuration-3006.0-150500.4.47.1
    * salt-doc-3006.0-150500.4.47.1
  * openSUSE Leap 15.6 (noarch)
    * salt-zsh-completion-3006.0-150500.4.47.1
    * salt-fish-completion-3006.0-150500.4.47.1
    * salt-bash-completion-3006.0-150500.4.47.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * salt-minion-3006.0-150500.4.47.1
    * salt-transactional-update-3006.0-150500.4.47.1
    * salt-3006.0-150500.4.47.1
    * python3-salt-3006.0-150500.4.47.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * salt-minion-3006.0-150500.4.47.1
    * salt-3006.0-150500.4.47.1
    * python3-salt-3006.0-150500.4.47.1
    * salt-doc-3006.0-150500.4.47.1
  * Basesystem Module 15-SP6 (noarch)
    * salt-zsh-completion-3006.0-150500.4.47.1
    * salt-bash-completion-3006.0-150500.4.47.1
  * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * salt-ssh-3006.0-150500.4.47.1
    * salt-api-3006.0-150500.4.47.1
    * salt-proxy-3006.0-150500.4.47.1
    * salt-cloud-3006.0-150500.4.47.1
    * salt-master-3006.0-150500.4.47.1
    * salt-syndic-3006.0-150500.4.47.1
    * salt-standalone-formulas-configuration-3006.0-150500.4.47.1
  * Server Applications Module 15-SP6 (noarch)
    * salt-fish-completion-3006.0-150500.4.47.1
  * Transactional Server Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * salt-transactional-update-3006.0-150500.4.47.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * salt-ssh-3006.0-150500.4.47.1
    * salt-api-3006.0-150500.4.47.1
    * salt-proxy-3006.0-150500.4.47.1
    * python3-salt-3006.0-150500.4.47.1
    * salt-cloud-3006.0-150500.4.47.1
    * salt-minion-3006.0-150500.4.47.1
    * salt-3006.0-150500.4.47.1
    * salt-master-3006.0-150500.4.47.1
    * salt-syndic-3006.0-150500.4.47.1
    * salt-standalone-formulas-configuration-3006.0-150500.4.47.1
    * salt-doc-3006.0-150500.4.47.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * salt-zsh-completion-3006.0-150500.4.47.1
    * salt-fish-completion-3006.0-150500.4.47.1
    * salt-bash-completion-3006.0-150500.4.47.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * salt-ssh-3006.0-150500.4.47.1
    * salt-api-3006.0-150500.4.47.1
    * salt-proxy-3006.0-150500.4.47.1
    * python3-salt-3006.0-150500.4.47.1
    * salt-cloud-3006.0-150500.4.47.1
    * salt-minion-3006.0-150500.4.47.1
    * salt-3006.0-150500.4.47.1
    * salt-master-3006.0-150500.4.47.1
    * salt-syndic-3006.0-150500.4.47.1
    * salt-standalone-formulas-configuration-3006.0-150500.4.47.1
    * salt-doc-3006.0-150500.4.47.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * salt-zsh-completion-3006.0-150500.4.47.1
    * salt-fish-completion-3006.0-150500.4.47.1
    * salt-bash-completion-3006.0-150500.4.47.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * salt-ssh-3006.0-150500.4.47.1
    * salt-api-3006.0-150500.4.47.1
    * salt-proxy-3006.0-150500.4.47.1
    * python3-salt-3006.0-150500.4.47.1
    * salt-cloud-3006.0-150500.4.47.1
    * salt-minion-3006.0-150500.4.47.1
    * salt-3006.0-150500.4.47.1
    * salt-master-3006.0-150500.4.47.1
    * salt-syndic-3006.0-150500.4.47.1
    * salt-standalone-formulas-configuration-3006.0-150500.4.47.1
    * salt-doc-3006.0-150500.4.47.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * salt-zsh-completion-3006.0-150500.4.47.1
    * salt-fish-completion-3006.0-150500.4.47.1
    * salt-bash-completion-3006.0-150500.4.47.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * salt-ssh-3006.0-150500.4.47.1
    * salt-api-3006.0-150500.4.47.1
    * salt-proxy-3006.0-150500.4.47.1
    * python3-salt-3006.0-150500.4.47.1
    * salt-cloud-3006.0-150500.4.47.1
    * salt-minion-3006.0-150500.4.47.1
    * salt-3006.0-150500.4.47.1
    * salt-master-3006.0-150500.4.47.1
    * salt-syndic-3006.0-150500.4.47.1
    * salt-standalone-formulas-configuration-3006.0-150500.4.47.1
    * salt-doc-3006.0-150500.4.47.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * salt-zsh-completion-3006.0-150500.4.47.1
    * salt-fish-completion-3006.0-150500.4.47.1
    * salt-bash-completion-3006.0-150500.4.47.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1228182
  * https://bugzilla.suse.com/show_bug.cgi?id=1228690
  * https://bugzilla.suse.com/show_bug.cgi?id=1233667
  * https://jira.suse.com/browse/MSQA-914

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250214/beacb509/attachment.htm>

From null at suse.de  Fri Feb 14 08:30:24 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 14 Feb 2025 08:30:24 -0000
Subject: SUSE-RU-2025:0543-1: important: Recommended update for salt
Message-ID: <173952182447.21560.13775575066632572040@smelt2.prg2.suse.org>



# Recommended update for salt

Announcement ID: SUSE-RU-2025:0543-1  
Release Date: 2025-02-14T07:23:14Z  
Rating: important  
References:

  * bsc#1228182
  * bsc#1228690
  * bsc#1233667
  * jsc#MSQA-914

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.4
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that contains one feature and has three fixes can now be installed.

## Description:

This update for salt fixes the following issues:

  * Revert setting SELinux context for minion service (bsc#1233667)
  * Removed System V init support
  * Fix the condition of alternatives for Tumbleweed and Leap 16
  * Build all python bindings for all flavors
  * Make minion reconnecting on changing master IP (bsc#1228182)
  * Handle logger exception when flushing already closed file
  * Include passlib as a recommended dependency
  * Make Salt Bundle more tolerant to long running jobs (bsc#1228690)

## Special Instructions and Notes:

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-543=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-543=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-543=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-543=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-543=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-543=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-543=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-543=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-543=1

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-543=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-543=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-543=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-543=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-543=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-543=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-543=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-543=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-543=1

## Package List:

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * python3-netaddr-0.7.19-150400.9.3.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * python3-netaddr-0.7.19-150400.9.3.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * salt-fish-completion-3006.0-150400.8.72.2
    * python3-netaddr-0.7.19-150400.9.3.1
    * salt-zsh-completion-3006.0-150400.8.72.2
    * salt-bash-completion-3006.0-150400.8.72.2
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * salt-3006.0-150400.8.72.2
    * salt-transactional-update-3006.0-150400.8.72.2
    * salt-doc-3006.0-150400.8.72.2
    * salt-api-3006.0-150400.8.72.2
    * salt-standalone-formulas-configuration-3006.0-150400.8.72.2
    * salt-syndic-3006.0-150400.8.72.2
    * salt-master-3006.0-150400.8.72.2
    * salt-minion-3006.0-150400.8.72.2
    * salt-cloud-3006.0-150400.8.72.2
    * python3-salt-3006.0-150400.8.72.2
    * salt-ssh-3006.0-150400.8.72.2
    * salt-proxy-3006.0-150400.8.72.2
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * python3-netaddr-0.7.19-150400.9.3.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * salt-fish-completion-3006.0-150400.8.72.2
    * python3-netaddr-0.7.19-150400.9.3.1
    * salt-zsh-completion-3006.0-150400.8.72.2
    * salt-bash-completion-3006.0-150400.8.72.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * salt-3006.0-150400.8.72.2
    * salt-doc-3006.0-150400.8.72.2
    * salt-api-3006.0-150400.8.72.2
    * salt-standalone-formulas-configuration-3006.0-150400.8.72.2
    * salt-syndic-3006.0-150400.8.72.2
    * salt-master-3006.0-150400.8.72.2
    * salt-minion-3006.0-150400.8.72.2
    * salt-cloud-3006.0-150400.8.72.2
    * python3-salt-3006.0-150400.8.72.2
    * salt-ssh-3006.0-150400.8.72.2
    * salt-proxy-3006.0-150400.8.72.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * python3-netaddr-0.7.19-150400.9.3.1
  * SUSE Manager Proxy 4.3 (noarch)
    * salt-fish-completion-3006.0-150400.8.72.2
    * python3-netaddr-0.7.19-150400.9.3.1
    * salt-zsh-completion-3006.0-150400.8.72.2
    * salt-bash-completion-3006.0-150400.8.72.2
  * SUSE Manager Proxy 4.3 (x86_64)
    * salt-3006.0-150400.8.72.2
    * salt-doc-3006.0-150400.8.72.2
    * salt-api-3006.0-150400.8.72.2
    * salt-standalone-formulas-configuration-3006.0-150400.8.72.2
    * salt-syndic-3006.0-150400.8.72.2
    * salt-master-3006.0-150400.8.72.2
    * salt-minion-3006.0-150400.8.72.2
    * salt-cloud-3006.0-150400.8.72.2
    * python3-salt-3006.0-150400.8.72.2
    * salt-ssh-3006.0-150400.8.72.2
    * salt-proxy-3006.0-150400.8.72.2
  * SUSE Manager Retail Branch Server 4.3 (noarch)
    * salt-fish-completion-3006.0-150400.8.72.2
    * python3-netaddr-0.7.19-150400.9.3.1
    * salt-zsh-completion-3006.0-150400.8.72.2
    * salt-bash-completion-3006.0-150400.8.72.2
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * salt-3006.0-150400.8.72.2
    * salt-doc-3006.0-150400.8.72.2
    * salt-api-3006.0-150400.8.72.2
    * salt-standalone-formulas-configuration-3006.0-150400.8.72.2
    * salt-syndic-3006.0-150400.8.72.2
    * salt-master-3006.0-150400.8.72.2
    * salt-minion-3006.0-150400.8.72.2
    * salt-cloud-3006.0-150400.8.72.2
    * python3-salt-3006.0-150400.8.72.2
    * salt-ssh-3006.0-150400.8.72.2
    * salt-proxy-3006.0-150400.8.72.2
  * SUSE Manager Server 4.3 (noarch)
    * salt-fish-completion-3006.0-150400.8.72.2
    * python3-netaddr-0.7.19-150400.9.3.1
    * salt-zsh-completion-3006.0-150400.8.72.2
    * salt-bash-completion-3006.0-150400.8.72.2
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * salt-3006.0-150400.8.72.2
    * salt-doc-3006.0-150400.8.72.2
    * salt-api-3006.0-150400.8.72.2
    * salt-standalone-formulas-configuration-3006.0-150400.8.72.2
    * salt-syndic-3006.0-150400.8.72.2
    * salt-master-3006.0-150400.8.72.2
    * salt-minion-3006.0-150400.8.72.2
    * salt-cloud-3006.0-150400.8.72.2
    * python3-salt-3006.0-150400.8.72.2
    * salt-ssh-3006.0-150400.8.72.2
    * salt-proxy-3006.0-150400.8.72.2
  * openSUSE Leap 15.4 (noarch)
    * salt-fish-completion-3006.0-150400.8.72.2
    * python3-netaddr-0.7.19-150400.9.3.1
    * salt-zsh-completion-3006.0-150400.8.72.2
    * salt-bash-completion-3006.0-150400.8.72.2
  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * salt-3006.0-150400.8.72.2
    * salt-transactional-update-3006.0-150400.8.72.2
    * salt-doc-3006.0-150400.8.72.2
    * salt-api-3006.0-150400.8.72.2
    * salt-standalone-formulas-configuration-3006.0-150400.8.72.2
    * salt-syndic-3006.0-150400.8.72.2
    * python3-salt-testsuite-3006.0-150400.8.72.1
    * python311-salt-3006.0-150400.8.72.2
    * salt-master-3006.0-150400.8.72.2
    * salt-minion-3006.0-150400.8.72.2
    * python311-salt-testsuite-3006.0-150400.8.72.1
    * salt-cloud-3006.0-150400.8.72.2
    * python3-salt-3006.0-150400.8.72.2
    * salt-ssh-3006.0-150400.8.72.2
    * salt-proxy-3006.0-150400.8.72.2
  * openSUSE Leap 15.6 (noarch)
    * python3-netaddr-0.7.19-150400.9.3.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * salt-3006.0-150400.8.72.2
    * salt-minion-3006.0-150400.8.72.2
    * salt-transactional-update-3006.0-150400.8.72.2
    * python3-salt-3006.0-150400.8.72.2
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * salt-3006.0-150400.8.72.2
    * salt-minion-3006.0-150400.8.72.2
    * salt-transactional-update-3006.0-150400.8.72.2
    * python3-salt-3006.0-150400.8.72.2
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * salt-3006.0-150400.8.72.2
    * salt-minion-3006.0-150400.8.72.2
    * salt-transactional-update-3006.0-150400.8.72.2
    * python3-salt-3006.0-150400.8.72.2
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * salt-3006.0-150400.8.72.2
    * salt-minion-3006.0-150400.8.72.2
    * salt-transactional-update-3006.0-150400.8.72.2
    * python3-salt-3006.0-150400.8.72.2
  * Basesystem Module 15-SP6 (noarch)
    * python3-netaddr-0.7.19-150400.9.3.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * salt-fish-completion-3006.0-150400.8.72.2
    * python3-netaddr-0.7.19-150400.9.3.1
    * salt-zsh-completion-3006.0-150400.8.72.2
    * salt-bash-completion-3006.0-150400.8.72.2
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * salt-3006.0-150400.8.72.2
    * salt-doc-3006.0-150400.8.72.2
    * salt-api-3006.0-150400.8.72.2
    * salt-standalone-formulas-configuration-3006.0-150400.8.72.2
    * salt-syndic-3006.0-150400.8.72.2
    * salt-master-3006.0-150400.8.72.2
    * salt-minion-3006.0-150400.8.72.2
    * salt-cloud-3006.0-150400.8.72.2
    * python3-salt-3006.0-150400.8.72.2
    * salt-ssh-3006.0-150400.8.72.2
    * salt-proxy-3006.0-150400.8.72.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * salt-fish-completion-3006.0-150400.8.72.2
    * python3-netaddr-0.7.19-150400.9.3.1
    * salt-zsh-completion-3006.0-150400.8.72.2
    * salt-bash-completion-3006.0-150400.8.72.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * salt-3006.0-150400.8.72.2
    * salt-doc-3006.0-150400.8.72.2
    * salt-api-3006.0-150400.8.72.2
    * salt-standalone-formulas-configuration-3006.0-150400.8.72.2
    * salt-syndic-3006.0-150400.8.72.2
    * salt-master-3006.0-150400.8.72.2
    * salt-minion-3006.0-150400.8.72.2
    * salt-cloud-3006.0-150400.8.72.2
    * python3-salt-3006.0-150400.8.72.2
    * salt-ssh-3006.0-150400.8.72.2
    * salt-proxy-3006.0-150400.8.72.2

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1228182
  * https://bugzilla.suse.com/show_bug.cgi?id=1228690
  * https://bugzilla.suse.com/show_bug.cgi?id=1233667
  * https://jira.suse.com/browse/MSQA-914

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250214/7893f1df/attachment.htm>

From null at suse.de  Fri Feb 14 08:30:28 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 14 Feb 2025 08:30:28 -0000
Subject: SUSE-RU-2025:0542-1: important: Recommended update for salt
Message-ID: <173952182831.21560.11284614649197920835@smelt2.prg2.suse.org>



# Recommended update for salt

Announcement ID: SUSE-RU-2025:0542-1  
Release Date: 2025-02-14T07:22:07Z  
Rating: important  
References:

  * bsc#1228182
  * bsc#1228690
  * bsc#1233667
  * jsc#MSQA-914

  
Affected Products:

  * openSUSE Leap 15.3
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.2
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3

  
  
An update that contains one feature and has three fixes can now be installed.

## Description:

This update for salt fixes the following issues:

  * Revert setting SELinux context for minion service (bsc#1233667)
  * Removed System V init support
  * Fix the condition of alternatives for Tumbleweed and Leap 16
  * Build all python bindings for all flavors
  * Make minion reconnecting on changing master IP (bsc#1228182)
  * Handle logger exception when flushing already closed file
  * Include passlib as a recommended dependency
  * Make Salt Bundle more tolerant to long running jobs (bsc#1228690)

## Special Instructions and Notes:

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-542=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-542=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-542=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-542=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-542=1

  * SUSE Linux Enterprise Micro 5.1  
    zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-542=1

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-542=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-542=1

## Package List:

  * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
    * salt-api-3006.0-150300.53.88.1
    * salt-cloud-3006.0-150300.53.88.1
    * salt-3006.0-150300.53.88.1
    * salt-minion-3006.0-150300.53.88.1
    * salt-syndic-3006.0-150300.53.88.1
    * salt-transactional-update-3006.0-150300.53.88.1
    * salt-master-3006.0-150300.53.88.1
    * python3-salt-testsuite-3006.0-150300.53.88.1
    * salt-standalone-formulas-configuration-3006.0-150300.53.88.1
    * python3-salt-3006.0-150300.53.88.1
    * salt-doc-3006.0-150300.53.88.1
    * salt-ssh-3006.0-150300.53.88.1
    * salt-proxy-3006.0-150300.53.88.1
  * openSUSE Leap 15.3 (noarch)
    * salt-zsh-completion-3006.0-150300.53.88.1
    * salt-bash-completion-3006.0-150300.53.88.1
    * salt-fish-completion-3006.0-150300.53.88.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * salt-api-3006.0-150300.53.88.1
    * salt-cloud-3006.0-150300.53.88.1
    * salt-3006.0-150300.53.88.1
    * salt-minion-3006.0-150300.53.88.1
    * salt-syndic-3006.0-150300.53.88.1
    * salt-master-3006.0-150300.53.88.1
    * salt-standalone-formulas-configuration-3006.0-150300.53.88.1
    * python3-salt-3006.0-150300.53.88.1
    * salt-doc-3006.0-150300.53.88.1
    * salt-ssh-3006.0-150300.53.88.1
    * salt-proxy-3006.0-150300.53.88.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * salt-zsh-completion-3006.0-150300.53.88.1
    * salt-bash-completion-3006.0-150300.53.88.1
    * salt-fish-completion-3006.0-150300.53.88.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * salt-api-3006.0-150300.53.88.1
    * salt-cloud-3006.0-150300.53.88.1
    * salt-3006.0-150300.53.88.1
    * salt-minion-3006.0-150300.53.88.1
    * salt-syndic-3006.0-150300.53.88.1
    * salt-transactional-update-3006.0-150300.53.88.1
    * salt-master-3006.0-150300.53.88.1
    * salt-standalone-formulas-configuration-3006.0-150300.53.88.1
    * python3-salt-3006.0-150300.53.88.1
    * salt-doc-3006.0-150300.53.88.1
    * salt-ssh-3006.0-150300.53.88.1
    * salt-proxy-3006.0-150300.53.88.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * salt-zsh-completion-3006.0-150300.53.88.1
    * salt-bash-completion-3006.0-150300.53.88.1
    * salt-fish-completion-3006.0-150300.53.88.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * salt-api-3006.0-150300.53.88.1
    * salt-cloud-3006.0-150300.53.88.1
    * salt-3006.0-150300.53.88.1
    * salt-minion-3006.0-150300.53.88.1
    * salt-syndic-3006.0-150300.53.88.1
    * salt-master-3006.0-150300.53.88.1
    * salt-standalone-formulas-configuration-3006.0-150300.53.88.1
    * python3-salt-3006.0-150300.53.88.1
    * salt-doc-3006.0-150300.53.88.1
    * salt-ssh-3006.0-150300.53.88.1
    * salt-proxy-3006.0-150300.53.88.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * salt-zsh-completion-3006.0-150300.53.88.1
    * salt-bash-completion-3006.0-150300.53.88.1
    * salt-fish-completion-3006.0-150300.53.88.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * salt-api-3006.0-150300.53.88.1
    * salt-cloud-3006.0-150300.53.88.1
    * salt-3006.0-150300.53.88.1
    * salt-minion-3006.0-150300.53.88.1
    * salt-syndic-3006.0-150300.53.88.1
    * salt-transactional-update-3006.0-150300.53.88.1
    * salt-master-3006.0-150300.53.88.1
    * salt-standalone-formulas-configuration-3006.0-150300.53.88.1
    * python3-salt-3006.0-150300.53.88.1
    * salt-doc-3006.0-150300.53.88.1
    * salt-ssh-3006.0-150300.53.88.1
    * salt-proxy-3006.0-150300.53.88.1
  * SUSE Enterprise Storage 7.1 (noarch)
    * salt-zsh-completion-3006.0-150300.53.88.1
    * salt-bash-completion-3006.0-150300.53.88.1
    * salt-fish-completion-3006.0-150300.53.88.1
  * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
    * salt-transactional-update-3006.0-150300.53.88.1
    * python3-salt-3006.0-150300.53.88.1
    * salt-3006.0-150300.53.88.1
    * salt-minion-3006.0-150300.53.88.1
  * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
    * salt-transactional-update-3006.0-150300.53.88.1
    * python3-salt-3006.0-150300.53.88.1
    * salt-3006.0-150300.53.88.1
    * salt-minion-3006.0-150300.53.88.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
    * salt-transactional-update-3006.0-150300.53.88.1
    * python3-salt-3006.0-150300.53.88.1
    * salt-3006.0-150300.53.88.1
    * salt-minion-3006.0-150300.53.88.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1228182
  * https://bugzilla.suse.com/show_bug.cgi?id=1228690
  * https://bugzilla.suse.com/show_bug.cgi?id=1233667
  * https://jira.suse.com/browse/MSQA-914

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250214/9b89e7c9/attachment.htm>

From null at suse.de  Fri Feb 14 08:30:33 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 14 Feb 2025 08:30:33 -0000
Subject: SUSE-RU-2025:0541-1: moderate: Recommended update for SUSE Manager
 Salt Bundle
Message-ID: <173952183387.21560.13118596251797571471@smelt2.prg2.suse.org>



# Recommended update for SUSE Manager Salt Bundle

Announcement ID: SUSE-RU-2025:0541-1  
Release Date: 2025-02-14T07:21:41Z  
Rating: moderate  
References:

  * bsc#1228182
  * bsc#1228690
  * bsc#1231045
  * bsc#1231618
  * bsc#1231697
  * bsc#1233667
  * jsc#MSQA-914

  
Affected Products:

  * SUSE Manager Client Tools for RHEL, Liberty and Clones 9

  
  
An update that contains one feature and has six fixes can now be installed.

## Description:

This update fixes the following issues:

venv-salt-minion:

  * Included D-Bus python module for SUSE distros (bsc#1231618)
  * include-rpm
  * Reverted setting SELinux context for minion service (bsc#1233667)
  * Make minion reconnecting on changing master IP (bsc#1228182)
  * Fixed post_start_cleanup.sh shebang to work on all systems
  * Handle logger exception when flushing already closed file
  * Made Salt Bundle more tolerant to long running jobs (bsc#1228690)
  * Fixed zyppnotify plugin after latest zypp/libzypp upgrades (bsc#1231697,
    bsc#1231045)

## Special Instructions and Notes:

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Manager Client Tools for RHEL, Liberty and Clones 9  
    zypper in -t patch SUSE-EL-9-CLIENT-TOOLS-2025-541=1

## Package List:

  * SUSE Manager Client Tools for RHEL, Liberty and Clones 9 (aarch64 ppc64le
    s390x x86_64)
    * venv-salt-minion-3006.0-1.50.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1228182
  * https://bugzilla.suse.com/show_bug.cgi?id=1228690
  * https://bugzilla.suse.com/show_bug.cgi?id=1231045
  * https://bugzilla.suse.com/show_bug.cgi?id=1231618
  * https://bugzilla.suse.com/show_bug.cgi?id=1231697
  * https://bugzilla.suse.com/show_bug.cgi?id=1233667
  * https://jira.suse.com/browse/MSQA-914

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250214/ab7fc91b/attachment.htm>

From null at suse.de  Fri Feb 14 08:30:39 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 14 Feb 2025 08:30:39 -0000
Subject: SUSE-RU-2025:0538-1: moderate: Recommended update for SUSE Manager
 Salt Bundle
Message-ID: <173952183911.21560.17736279054130530957@smelt2.prg2.suse.org>



# Recommended update for SUSE Manager Salt Bundle

Announcement ID: SUSE-RU-2025:0538-1  
Release Date: 2025-02-14T07:21:19Z  
Rating: moderate  
References:

  * bsc#1228182
  * bsc#1228690
  * bsc#1231045
  * bsc#1231618
  * bsc#1231697
  * bsc#1233667
  * jsc#MSQA-914

  
Affected Products:

  * SUSE Manager Client Tools for Debian 12

  
  
An update that contains one feature and has six fixes can now be installed.

## Description:

This update fixes the following issues:

venv-salt-minion:

  * Included D-Bus python module for SUSE distros (bsc#1231618)
  * include-rpm
  * Reverted setting SELinux context for minion service (bsc#1233667)
  * Make minion reconnecting on changing master IP (bsc#1228182)
  * Fixed post_start_cleanup.sh shebang to work on all systems
  * Handle logger exception when flushing already closed file
  * Made Salt Bundle more tolerant to long running jobs (bsc#1228690)
  * Fixed zyppnotify plugin after latest zypp/libzypp upgrades (bsc#1231697,
    bsc#1231045)

## Special Instructions and Notes:

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Manager Client Tools for Debian 12  
    zypper in -t patch SUSE-Debian-12-CLIENT-TOOLS-x86_64-2025-538=1

## Package List:

  * SUSE Manager Client Tools for Debian 12 (amd64)
    * venv-salt-minion-3006.0-2.26.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1228182
  * https://bugzilla.suse.com/show_bug.cgi?id=1228690
  * https://bugzilla.suse.com/show_bug.cgi?id=1231045
  * https://bugzilla.suse.com/show_bug.cgi?id=1231618
  * https://bugzilla.suse.com/show_bug.cgi?id=1231697
  * https://bugzilla.suse.com/show_bug.cgi?id=1233667
  * https://jira.suse.com/browse/MSQA-914

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250214/cc496f53/attachment.htm>

From null at suse.de  Fri Feb 14 08:30:44 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 14 Feb 2025 08:30:44 -0000
Subject: SUSE-RU-202501:15292-1: moderate: Recommended update for SUSE Manager
 Salt Bundle
Message-ID: <173952184412.21560.14191650989924978421@smelt2.prg2.suse.org>



# Recommended update for SUSE Manager Salt Bundle

Announcement ID: SUSE-RU-202501:15292-1  
Release Date: 2025-02-14T07:21:12Z  
Rating: moderate  
References:

  * bsc#1228182
  * bsc#1228690
  * bsc#1231045
  * bsc#1231618
  * bsc#1231697
  * bsc#1233667
  * jsc#MSQA-914

  
Affected Products:

  * SUSE Manager Client Tools for Ubuntu 24.04 2404

  
  
An update that contains one feature and has six fixes can now be installed.

## Description:

This update fixes the following issues:

venv-salt-minion:

  * Included D-Bus python module for SUSE distros (bsc#1231618)
  * include-rpm
  * Reverted setting SELinux context for minion service (bsc#1233667)
  * Make minion reconnecting on changing master IP (bsc#1228182)
  * Fixed post_start_cleanup.sh shebang to work on all systems
  * Handle logger exception when flushing already closed file
  * Made Salt Bundle more tolerant to long running jobs (bsc#1228690)
  * Fixed zyppnotify plugin after latest zypp/libzypp upgrades (bsc#1231697,
    bsc#1231045)

## Special Instructions and Notes:

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Manager Client Tools for Ubuntu 24.04 2404  
    zypper in -t patch suse-ubu244ct-client-tools-202501-15292=1

## Package List:

  * SUSE Manager Client Tools for Ubuntu 24.04 2404 (amd64)
    * venv-salt-minion-3006.0-2.6.3

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1228182
  * https://bugzilla.suse.com/show_bug.cgi?id=1228690
  * https://bugzilla.suse.com/show_bug.cgi?id=1231045
  * https://bugzilla.suse.com/show_bug.cgi?id=1231618
  * https://bugzilla.suse.com/show_bug.cgi?id=1231697
  * https://bugzilla.suse.com/show_bug.cgi?id=1233667
  * https://jira.suse.com/browse/MSQA-914

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250214/e54c9445/attachment.htm>

From null at suse.de  Fri Feb 14 08:30:49 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 14 Feb 2025 08:30:49 -0000
Subject: SUSE-RU-202501:15291-1: moderate: Recommended update for SUSE Manager
 Salt Bundle
Message-ID: <173952184933.21560.3097103957259189711@smelt2.prg2.suse.org>



# Recommended update for SUSE Manager Salt Bundle

Announcement ID: SUSE-RU-202501:15291-1  
Release Date: 2025-02-14T07:21:06Z  
Rating: moderate  
References:

  * bsc#1228182
  * bsc#1228690
  * bsc#1231045
  * bsc#1231618
  * bsc#1231697
  * bsc#1233667
  * jsc#MSQA-914

  
Affected Products:

  * SUSE Manager Client Tools for Ubuntu 22.04 2204

  
  
An update that contains one feature and has six fixes can now be installed.

## Description:

This update fixes the following issues:

venv-salt-minion:

  * Included D-Bus python module for SUSE distros (bsc#1231618)
  * include-rpm
  * Reverted setting SELinux context for minion service (bsc#1233667)
  * Make minion reconnecting on changing master IP (bsc#1228182)
  * Fixed post_start_cleanup.sh shebang to work on all systems
  * Handle logger exception when flushing already closed file
  * Made Salt Bundle more tolerant to long running jobs (bsc#1228690)
  * Fixed zyppnotify plugin after latest zypp/libzypp upgrades (bsc#1231697,
    bsc#1231045)

## Special Instructions and Notes:

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Manager Client Tools for Ubuntu 22.04 2204  
    zypper in -t patch suse-ubu224ct-client-tools-202501-15291=1

## Package List:

  * SUSE Manager Client Tools for Ubuntu 22.04 2204 (amd64)
    * venv-salt-minion-3006.0-2.57.2

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1228182
  * https://bugzilla.suse.com/show_bug.cgi?id=1228690
  * https://bugzilla.suse.com/show_bug.cgi?id=1231045
  * https://bugzilla.suse.com/show_bug.cgi?id=1231618
  * https://bugzilla.suse.com/show_bug.cgi?id=1231697
  * https://bugzilla.suse.com/show_bug.cgi?id=1233667
  * https://jira.suse.com/browse/MSQA-914

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250214/56fcbe35/attachment.htm>

From null at suse.de  Fri Feb 14 08:30:54 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 14 Feb 2025 08:30:54 -0000
Subject: SUSE-RU-202501:15290-1: moderate: Recommended update for SUSE Manager
 Salt Bundle
Message-ID: <173952185438.21560.5011101383685457139@smelt2.prg2.suse.org>



# Recommended update for SUSE Manager Salt Bundle

Announcement ID: SUSE-RU-202501:15290-1  
Release Date: 2025-02-14T07:21:00Z  
Rating: moderate  
References:

  * bsc#1228182
  * bsc#1228690
  * bsc#1231045
  * bsc#1231618
  * bsc#1231697
  * bsc#1233667
  * jsc#MSQA-914

  
Affected Products:

  * SUSE Manager Client Tools for Ubuntu 20.04 2004

  
  
An update that contains one feature and has six fixes can now be installed.

## Description:

This update fixes the following issues:

venv-salt-minion:

  * Included D-Bus python module for SUSE distros (bsc#1231618)
  * include-rpm
  * Reverted setting SELinux context for minion service (bsc#1233667)
  * Make minion reconnecting on changing master IP (bsc#1228182)
  * Fixed post_start_cleanup.sh shebang to work on all systems
  * Handle logger exception when flushing already closed file
  * Made Salt Bundle more tolerant to long running jobs (bsc#1228690)
  * Fixed zyppnotify plugin after latest zypp/libzypp upgrades (bsc#1231697,
    bsc#1231045)

## Special Instructions and Notes:

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Manager Client Tools for Ubuntu 20.04 2004  
    zypper in -t patch suse-ubu204ct-client-tools-202501-15290=1

## Package List:

  * SUSE Manager Client Tools for Ubuntu 20.04 2004 (amd64)
    * venv-salt-minion-3006.0-2.66.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1228182
  * https://bugzilla.suse.com/show_bug.cgi?id=1228690
  * https://bugzilla.suse.com/show_bug.cgi?id=1231045
  * https://bugzilla.suse.com/show_bug.cgi?id=1231618
  * https://bugzilla.suse.com/show_bug.cgi?id=1231697
  * https://bugzilla.suse.com/show_bug.cgi?id=1233667
  * https://jira.suse.com/browse/MSQA-914

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250214/ffb36c7a/attachment.htm>

From null at suse.de  Fri Feb 14 08:30:58 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 14 Feb 2025 08:30:58 -0000
Subject: SUSE-RU-2025:0534-1: moderate: Recommended update for SUSE Manager
 Salt Bundle
Message-ID: <173952185832.21560.4123595226410812032@smelt2.prg2.suse.org>



# Recommended update for SUSE Manager Salt Bundle

Announcement ID: SUSE-RU-2025:0534-1  
Release Date: 2025-02-14T07:20:54Z  
Rating: moderate  
References:

  * bsc#1228182
  * bsc#1228690
  * bsc#1231618
  * bsc#1233667
  * jsc#MSQA-914

  
Affected Products:

  * openSUSE Leap 15.3
  * openSUSE Leap 15.4
  * openSUSE Leap 15.5
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15
  * SUSE Linux Enterprise Desktop 15 SP1
  * SUSE Linux Enterprise Desktop 15 SP2
  * SUSE Linux Enterprise Desktop 15 SP3
  * SUSE Linux Enterprise Desktop 15 SP4
  * SUSE Linux Enterprise Desktop 15 SP5
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15
  * SUSE Linux Enterprise High Performance Computing 15 SP1
  * SUSE Linux Enterprise High Performance Computing 15 SP2
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise Micro 5.0
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP1
  * SUSE Linux Enterprise Real Time 15 SP2
  * SUSE Linux Enterprise Real Time 15 SP3
  * SUSE Linux Enterprise Real Time 15 SP4
  * SUSE Linux Enterprise Real Time 15 SP5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15
  * SUSE Linux Enterprise Server 15 SP1
  * SUSE Linux Enterprise Server 15 SP2
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15
  * SUSE Linux Enterprise Server for SAP Applications 15 SP1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Manager Client Tools for SLE 15
  * SUSE Manager Client Tools for SLE Micro 5
  * SUSE Manager Proxy 4.3
  * SUSE Manager Proxy 4.3 Module
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3
  * SUSE Manager Server 4.3 Module

  
  
An update that contains one feature and has four fixes can now be installed.

## Description:

This update fixes the following issues:

venv-salt-minion:

  * Included D-Bus python module for SUSE distros (bsc#1231618)
  * include-rpm
  * Reverted setting SELinux context for minion service (bsc#1233667)
  * Make minion reconnecting on changing master IP (bsc#1228182)
  * Fixed post_start_cleanup.sh shebang to work on all systems
  * Handle logger exception when flushing already closed file
  * Made Salt Bundle more tolerant to long running jobs (bsc#1228690)

## Special Instructions and Notes:

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Manager Client Tools for SLE 15  
    zypper in -t patch SUSE-SLE-Manager-Tools-15-2025-534=1

  * SUSE Manager Client Tools for SLE Micro 5  
    zypper in -t patch SUSE-SLE-Manager-Tools-For-Micro-5-2025-534=1

  * SUSE Manager Proxy 4.3 Module  
    zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.3-2025-534=1

  * SUSE Manager Server 4.3 Module  
    zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2025-534=1

## Package List:

  * SUSE Manager Client Tools for SLE 15 (aarch64 ppc64le s390x x86_64)
    * venv-salt-minion-3006.0-150000.3.72.1
  * SUSE Manager Client Tools for SLE Micro 5 (aarch64 s390x x86_64)
    * venv-salt-minion-3006.0-150000.3.72.1
  * SUSE Manager Proxy 4.3 Module (aarch64 ppc64le s390x x86_64)
    * venv-salt-minion-3006.0-150000.3.72.1
  * SUSE Manager Server 4.3 Module (aarch64 ppc64le s390x x86_64)
    * venv-salt-minion-3006.0-150000.3.72.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1228182
  * https://bugzilla.suse.com/show_bug.cgi?id=1228690
  * https://bugzilla.suse.com/show_bug.cgi?id=1231618
  * https://bugzilla.suse.com/show_bug.cgi?id=1233667
  * https://jira.suse.com/browse/MSQA-914

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250214/d678ac03/attachment.htm>

From null at suse.de  Fri Feb 14 08:31:02 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 14 Feb 2025 08:31:02 -0000
Subject: SUSE-RU-2025:0533-1: moderate: Recommended update for SUSE Manager
 Salt Bundle
Message-ID: <173952186204.21560.13375999638189335911@smelt2.prg2.suse.org>



# Recommended update for SUSE Manager Salt Bundle

Announcement ID: SUSE-RU-2025:0533-1  
Release Date: 2025-02-14T07:20:25Z  
Rating: moderate  
References:

  * bsc#1228182
  * bsc#1228690
  * bsc#1231618
  * bsc#1233667
  * jsc#MSQA-914

  
Affected Products:

  * SUSE Linux Enterprise Desktop 12
  * SUSE Linux Enterprise Desktop 12 SP1
  * SUSE Linux Enterprise Desktop 12 SP2
  * SUSE Linux Enterprise Desktop 12 SP3
  * SUSE Linux Enterprise Desktop 12 SP4
  * SUSE Linux Enterprise High Performance Computing 12 SP2
  * SUSE Linux Enterprise High Performance Computing 12 SP3
  * SUSE Linux Enterprise High Performance Computing 12 SP4
  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12
  * SUSE Linux Enterprise Server 12 SP1
  * SUSE Linux Enterprise Server 12 SP2
  * SUSE Linux Enterprise Server 12 SP3
  * SUSE Linux Enterprise Server 12 SP4
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server for SAP Applications 12
  * SUSE Linux Enterprise Server for SAP Applications 12 SP1
  * SUSE Linux Enterprise Server for SAP Applications 12 SP2
  * SUSE Linux Enterprise Server for SAP Applications 12 SP3
  * SUSE Linux Enterprise Server for SAP Applications 12 SP4
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5
  * SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2
  * SUSE Manager Client Tools for SLE 12

  
  
An update that contains one feature and has four fixes can now be installed.

## Description:

This update fixes the following issues:

venv-salt-minion:

  * Included D-Bus python module for SUSE distros (bsc#1231618)
  * include-rpm
  * Reverted setting SELinux context for minion service (bsc#1233667)
  * Make minion reconnecting on changing master IP (bsc#1228182)
  * Fixed post_start_cleanup.sh shebang to work on all systems
  * Handle logger exception when flushing already closed file
  * Made Salt Bundle more tolerant to long running jobs (bsc#1228690)

## Special Instructions and Notes:

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Manager Client Tools for SLE 12  
    zypper in -t patch SUSE-SLE-Manager-Tools-12-2025-533=1

## Package List:

  * SUSE Manager Client Tools for SLE 12 (aarch64 ppc64le s390x x86_64)
    * venv-salt-minion-3006.0-3.68.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1228182
  * https://bugzilla.suse.com/show_bug.cgi?id=1228690
  * https://bugzilla.suse.com/show_bug.cgi?id=1231618
  * https://bugzilla.suse.com/show_bug.cgi?id=1233667
  * https://jira.suse.com/browse/MSQA-914

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250214/158ca543/attachment.htm>

From null at suse.de  Fri Feb 14 08:31:13 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 14 Feb 2025 08:31:13 -0000
Subject: SUSE-SU-2025:0532-1: moderate: Security update for SUSE Manager
 Client Tools
Message-ID: <173952187334.21560.2834662551279921306@smelt2.prg2.suse.org>



# Security update for SUSE Manager Client Tools

Announcement ID: SUSE-SU-2025:0532-1  
Release Date: 2025-02-14T07:20:13Z  
Rating: moderate  
References:

  * bsc#1229079
  * bsc#1229104
  * bsc#1230361
  * bsc#1231497
  * bsc#1231568
  * bsc#1231759
  * bsc#1232575
  * bsc#1232769
  * bsc#1232817
  * bsc#1233202
  * bsc#1233279
  * bsc#1233630
  * bsc#1233660
  * bsc#1234123
  * jsc#ECO-3319
  * jsc#MSQA-914

  
Cross-References:

  * CVE-2024-22037

  
CVSS scores:

  * CVE-2024-22037 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L
  * CVE-2024-22037 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-22037 ( NVD ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2024-22037 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

  
Affected Products:

  * SUSE Manager Client Tools for RHEL, Liberty and Clones 9

  
  
An update that solves one vulnerability, contains two features and has 13
security fixes can now be installed.

## Description:

This update fixes the following issues:

scap-security-guide was updated to version 0.1.75 (jsc#ECO-3319):

  * Added Ism profile for OL8, OL9
  * Added new product kylinserver10
  * Created OL10 product
  * Release SLMicro5 product
  * Replaced two date injections by SOURCE_DATE_EPOCH to make reproducible
    (bsc#1230361)
  * Updated PCI-DSS control file for version 4.0.1

spacecmd was updated to version 5.0.11-0:

  * Updated translation strings

uyuni-tools was updated from version 0.1.23-0 to 0.1.27-0:

  * Security issues fixed:
  * CVE-2024-22037: Use podman secret to store the database credentials
    (bsc#1231497)
  * Other changes and bugs fixed:
  * Version 0.1.27-0
    * Bump the default image tag to 5.0.3
    * IsInstalled function fix
    * Run systemctl daemon-reload after changing the container image config (bsc#1233279)
    * Coco-replicas-upgrade
    * Persist search server indexes (bsc#1231759)
    * Sync deletes files during migration (bsc#1233660)
    * Ignore coco and hub images when applying PTF if they are not ailable (bsc#1229079)
    * Add --registry back to mgrpxy (bsc#1233202)
    * Only add java.hostname on migrated server if not present
    * Consider the configuration file to detect the coco or hub api images should be pulled (bsc#1229104)
    * Only raise an error if cloudguestregistryauth fails for PAYG (bsc#1233630)
    * Add registry.suse.com login to mgradm upgrade podman list (bsc#1234123)
  * Version 0.1.26-0
    * Ignore all zypper caches during migration (bsc#1232769)
    * Use the uyuni network for all podman containers (bsc#1232817)
  * Version 0.1.25-0
    * Don't migrate enabled systemd services, recreate them (bsc#1232575)
  * Version 0.1.24-0
    * Redact JSESSIONID and pxt-session-cookie values from logs and console output (bsc#1231568)

## Special Instructions and Notes:

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Manager Client Tools for RHEL, Liberty and Clones 9  
    zypper in -t patch SUSE-EL-9-CLIENT-TOOLS-2025-532=1

## Package List:

  * SUSE Manager Client Tools for RHEL, Liberty and Clones 9 (aarch64 ppc64le
    s390x x86_64)
    * mgrctl-0.1.28-1.14.1
    * mgrctl-debuginfo-0.1.28-1.14.1
  * SUSE Manager Client Tools for RHEL, Liberty and Clones 9 (noarch)
    * mgrctl-zsh-completion-0.1.28-1.14.1
    * scap-security-guide-redhat-0.1.75-1.32.1
    * spacecmd-5.0.11-1.44.1
    * mgrctl-bash-completion-0.1.28-1.14.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-22037.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1229079
  * https://bugzilla.suse.com/show_bug.cgi?id=1229104
  * https://bugzilla.suse.com/show_bug.cgi?id=1230361
  * https://bugzilla.suse.com/show_bug.cgi?id=1231497
  * https://bugzilla.suse.com/show_bug.cgi?id=1231568
  * https://bugzilla.suse.com/show_bug.cgi?id=1231759
  * https://bugzilla.suse.com/show_bug.cgi?id=1232575
  * https://bugzilla.suse.com/show_bug.cgi?id=1232769
  * https://bugzilla.suse.com/show_bug.cgi?id=1232817
  * https://bugzilla.suse.com/show_bug.cgi?id=1233202
  * https://bugzilla.suse.com/show_bug.cgi?id=1233279
  * https://bugzilla.suse.com/show_bug.cgi?id=1233630
  * https://bugzilla.suse.com/show_bug.cgi?id=1233660
  * https://bugzilla.suse.com/show_bug.cgi?id=1234123
  * https://jira.suse.com/browse/ECO-3319
  * https://jira.suse.com/browse/MSQA-914

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250214/63ced40e/attachment.htm>

From null at suse.de  Fri Feb 14 08:31:24 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 14 Feb 2025 08:31:24 -0000
Subject: SUSE-SU-2025:0529-1: moderate: Security update for SUSE Manager
 Client Tools MU 5.0.3
Message-ID: <173952188400.21560.13534907094852040763@smelt2.prg2.suse.org>



# Security update for SUSE Manager Client Tools MU 5.0.3

Announcement ID: SUSE-SU-2025:0529-1  
Release Date: 2025-02-14T07:19:47Z  
Rating: moderate  
References:

  * bsc#1229079
  * bsc#1229104
  * bsc#1231497
  * bsc#1231568
  * bsc#1231759
  * bsc#1232575
  * bsc#1232769
  * bsc#1232817
  * bsc#1233202
  * bsc#1233279
  * bsc#1233630
  * bsc#1233660
  * bsc#1234123
  * jsc#MSQA-914

  
Cross-References:

  * CVE-2024-22037

  
CVSS scores:

  * CVE-2024-22037 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L
  * CVE-2024-22037 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-22037 ( NVD ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2024-22037 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

  
Affected Products:

  * SUSE Manager Client Tools for Debian 12

  
  
An update that solves one vulnerability, contains one feature and has 12
security fixes can now be installed.

## Description:

This update fixes the following issues:

spacecmd was updated to version 5.0.11-0:

  * Updated translation strings

uyuni-tools was updated from version 0.1.23-0 to 0.1.27-0:

  * Security issues fixed:
  * CVE-2024-22037: Use podman secret to store the database credentials
    (bsc#1231497)
  * Other changes and bugs fixed:
  * Version 0.1.27-0
    * Bump the default image tag to 5.0.3
    * IsInstalled function fix
    * Run systemctl daemon-reload after changing the container image config (bsc#1233279)
    * Coco-replicas-upgrade
    * Persist search server indexes (bsc#1231759)
    * Sync deletes files during migration (bsc#1233660)
    * Ignore coco and hub images when applying PTF if they are not ailable (bsc#1229079)
    * Add --registry back to mgrpxy (bsc#1233202)
    * Only add java.hostname on migrated server if not present
    * Consider the configuration file to detect the coco or hub api images should be pulled (bsc#1229104)
    * Only raise an error if cloudguestregistryauth fails for PAYG (bsc#1233630)
    * Add registry.suse.com login to mgradm upgrade podman list (bsc#1234123)
  * Version 0.1.26-0
    * Ignore all zypper caches during migration (bsc#1232769)
    * Use the uyuni network for all podman containers (bsc#1232817)
  * Version 0.1.25-0
    * Don't migrate enabled systemd services, recreate them (bsc#1232575)
  * Version 0.1.24-0
    * Redact JSESSIONID and pxt-session-cookie values from logs and console output (bsc#1231568)

## Special Instructions and Notes:

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Manager Client Tools for Debian 12  
    zypper in -t patch SUSE-Debian-12-CLIENT-TOOLS-x86_64-2025-529=1

## Package List:

  * SUSE Manager Client Tools for Debian 12 (all)
    * mgrctl-fish-completion-0.1.28-2.16.1
    * mgrctl-bash-completion-0.1.28-2.16.1
    * spacecmd-5.0.11-3.26.1
    * mgrctl-zsh-completion-0.1.28-2.16.1
  * SUSE Manager Client Tools for Debian 12 (amd64)
    * mgrctl-0.1.28-2.16.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-22037.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1229079
  * https://bugzilla.suse.com/show_bug.cgi?id=1229104
  * https://bugzilla.suse.com/show_bug.cgi?id=1231497
  * https://bugzilla.suse.com/show_bug.cgi?id=1231568
  * https://bugzilla.suse.com/show_bug.cgi?id=1231759
  * https://bugzilla.suse.com/show_bug.cgi?id=1232575
  * https://bugzilla.suse.com/show_bug.cgi?id=1232769
  * https://bugzilla.suse.com/show_bug.cgi?id=1232817
  * https://bugzilla.suse.com/show_bug.cgi?id=1233202
  * https://bugzilla.suse.com/show_bug.cgi?id=1233279
  * https://bugzilla.suse.com/show_bug.cgi?id=1233630
  * https://bugzilla.suse.com/show_bug.cgi?id=1233660
  * https://bugzilla.suse.com/show_bug.cgi?id=1234123
  * https://jira.suse.com/browse/MSQA-914

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250214/ad914614/attachment.htm>

From null at suse.de  Fri Feb 14 08:31:36 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 14 Feb 2025 08:31:36 -0000
Subject: SUSE-SU-202501:15288-1: moderate: Security update for SUSE Manager
 Client Tools
Message-ID: <173952189698.21560.10985241777909211505@smelt2.prg2.suse.org>



# Security update for SUSE Manager Client Tools

Announcement ID: SUSE-SU-202501:15288-1  
Release Date: 2025-02-14T07:19:41Z  
Rating: moderate  
References:

  * bsc#1229079
  * bsc#1229104
  * bsc#1231497
  * bsc#1231568
  * bsc#1231759
  * bsc#1232575
  * bsc#1232769
  * bsc#1232817
  * bsc#1233202
  * bsc#1233279
  * bsc#1233630
  * bsc#1233660
  * bsc#1234123
  * jsc#MSQA-914

  
Cross-References:

  * CVE-2024-22037

  
CVSS scores:

  * CVE-2024-22037 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L
  * CVE-2024-22037 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-22037 ( NVD ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2024-22037 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

  
Affected Products:

  * SUSE Manager Client Tools for Ubuntu 24.04 2404

  
  
An update that solves one vulnerability, contains one feature and has 12
security fixes can now be installed.

## Description:

This update fixes the following issues:

spacecmd was updated to version 5.0.11-0:

  * Updated translation strings

uyuni-tools was updated from version 0.1.23-0 to 0.1.27-0:

  * Security issues fixed:
  * CVE-2024-22037: Use podman secret to store the database credentials
    (bsc#1231497)
  * Other changes and bugs fixed:
  * Version 0.1.27-0
    * Bump the default image tag to 5.0.3
    * IsInstalled function fix
    * Run systemctl daemon-reload after changing the container image config (bsc#1233279)
    * Coco-replicas-upgrade
    * Persist search server indexes (bsc#1231759)
    * Sync deletes files during migration (bsc#1233660)
    * Ignore coco and hub images when applying PTF if they are not ailable (bsc#1229079)
    * Add --registry back to mgrpxy (bsc#1233202)
    * Only add java.hostname on migrated server if not present
    * Consider the configuration file to detect the coco or hub api images should be pulled (bsc#1229104)
    * Only raise an error if cloudguestregistryauth fails for PAYG (bsc#1233630)
    * Add registry.suse.com login to mgradm upgrade podman list (bsc#1234123)
  * Version 0.1.26-0
    * Ignore all zypper caches during migration (bsc#1232769)
    * Use the uyuni network for all podman containers (bsc#1232817)
  * Version 0.1.25-0
    * Don't migrate enabled systemd services, recreate them (bsc#1232575)
  * Version 0.1.24-0
    * Redact JSESSIONID and pxt-session-cookie values from logs and console output (bsc#1231568)

## Special Instructions and Notes:

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Manager Client Tools for Ubuntu 24.04 2404  
    zypper in -t patch suse-ubu244ct-client-tools-202501-15288=1

## Package List:

  * SUSE Manager Client Tools for Ubuntu 24.04 2404 (all)
    * mgrctl-bash-completion-0.1.28-2.6.2
    * mgrctl-fish-completion-0.1.28-2.6.2
    * spacecmd-5.0.11-2.6.1
    * mgrctl-zsh-completion-0.1.28-2.6.2
  * SUSE Manager Client Tools for Ubuntu 24.04 2404 (amd64)
    * mgrctl-0.1.28-2.6.2

## References:

  * https://www.suse.com/security/cve/CVE-2024-22037.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1229079
  * https://bugzilla.suse.com/show_bug.cgi?id=1229104
  * https://bugzilla.suse.com/show_bug.cgi?id=1231497
  * https://bugzilla.suse.com/show_bug.cgi?id=1231568
  * https://bugzilla.suse.com/show_bug.cgi?id=1231759
  * https://bugzilla.suse.com/show_bug.cgi?id=1232575
  * https://bugzilla.suse.com/show_bug.cgi?id=1232769
  * https://bugzilla.suse.com/show_bug.cgi?id=1232817
  * https://bugzilla.suse.com/show_bug.cgi?id=1233202
  * https://bugzilla.suse.com/show_bug.cgi?id=1233279
  * https://bugzilla.suse.com/show_bug.cgi?id=1233630
  * https://bugzilla.suse.com/show_bug.cgi?id=1233660
  * https://bugzilla.suse.com/show_bug.cgi?id=1234123
  * https://jira.suse.com/browse/MSQA-914

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250214/4d929f56/attachment.htm>

From null at suse.de  Fri Feb 14 08:31:48 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 14 Feb 2025 08:31:48 -0000
Subject: SUSE-SU-202501:15287-1: moderate: Security update for SUSE Manager
 Client Tools
Message-ID: <173952190892.21560.9535302994533543674@smelt2.prg2.suse.org>



# Security update for SUSE Manager Client Tools

Announcement ID: SUSE-SU-202501:15287-1  
Release Date: 2025-02-14T07:19:35Z  
Rating: moderate  
References:

  * bsc#1229079
  * bsc#1229104
  * bsc#1230361
  * bsc#1231497
  * bsc#1231568
  * bsc#1231759
  * bsc#1232575
  * bsc#1232769
  * bsc#1232817
  * bsc#1233202
  * bsc#1233279
  * bsc#1233630
  * bsc#1233660
  * bsc#1234123
  * jsc#ECO-3319
  * jsc#MSQA-914

  
Cross-References:

  * CVE-2024-22037

  
CVSS scores:

  * CVE-2024-22037 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L
  * CVE-2024-22037 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-22037 ( NVD ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2024-22037 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

  
Affected Products:

  * SUSE Manager Client Tools for Ubuntu 22.04 2204

  
  
An update that solves one vulnerability, contains two features and has 13
security fixes can now be installed.

## Description:

This update fixes the following issues:

scap-security-guide was updated to version 0.1.75 (jsc#ECO-3319):

  * Added Ism profile for OL8, OL9
  * Added new product kylinserver10
  * Created OL10 product
  * Release SLMicro5 product
  * Replaced two date injections by SOURCE_DATE_EPOCH to make reproducible
    (bsc#1230361)
  * Updated PCI-DSS control file for version 4.0.1

spacecmd was updated to version 5.0.11-0:

  * Updated translation strings

uyuni-tools was updated from version 0.1.23-0 to 0.1.27-0:

  * Security issues fixed:
  * CVE-2024-22037: Use podman secret to store the database credentials
    (bsc#1231497)
  * Other changes and bugs fixed:
  * Version 0.1.27-0
    * Bump the default image tag to 5.0.3
    * IsInstalled function fix
    * Run systemctl daemon-reload after changing the container image config (bsc#1233279)
    * Coco-replicas-upgrade
    * Persist search server indexes (bsc#1231759)
    * Sync deletes files during migration (bsc#1233660)
    * Ignore coco and hub images when applying PTF if they are not ailable (bsc#1229079)
    * Add --registry back to mgrpxy (bsc#1233202)
    * Only add java.hostname on migrated server if not present
    * Consider the configuration file to detect the coco or hub api images should be pulled (bsc#1229104)
    * Only raise an error if cloudguestregistryauth fails for PAYG (bsc#1233630)
    * Add registry.suse.com login to mgradm upgrade podman list (bsc#1234123)
  * Version 0.1.26-0
    * Ignore all zypper caches during migration (bsc#1232769)
    * Use the uyuni network for all podman containers (bsc#1232817)
  * Version 0.1.25-0
    * Don't migrate enabled systemd services, recreate them (bsc#1232575)
  * Version 0.1.24-0
    * Redact JSESSIONID and pxt-session-cookie values from logs and console output (bsc#1231568)

## Special Instructions and Notes:

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Manager Client Tools for Ubuntu 22.04 2204  
    zypper in -t patch suse-ubu224ct-client-tools-202501-15287=1

## Package List:

  * SUSE Manager Client Tools for Ubuntu 22.04 2204 (all)
    * mgrctl-fish-completion-0.1.28-2.16.2
    * mgrctl-bash-completion-0.1.28-2.16.2
    * spacecmd-5.0.11-2.50.2
    * scap-security-guide-ubuntu-0.1.75-2.34.2
    * mgrctl-zsh-completion-0.1.28-2.16.2
  * SUSE Manager Client Tools for Ubuntu 22.04 2204 (amd64)
    * mgrctl-0.1.28-2.16.2

## References:

  * https://www.suse.com/security/cve/CVE-2024-22037.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1229079
  * https://bugzilla.suse.com/show_bug.cgi?id=1229104
  * https://bugzilla.suse.com/show_bug.cgi?id=1230361
  * https://bugzilla.suse.com/show_bug.cgi?id=1231497
  * https://bugzilla.suse.com/show_bug.cgi?id=1231568
  * https://bugzilla.suse.com/show_bug.cgi?id=1231759
  * https://bugzilla.suse.com/show_bug.cgi?id=1232575
  * https://bugzilla.suse.com/show_bug.cgi?id=1232769
  * https://bugzilla.suse.com/show_bug.cgi?id=1232817
  * https://bugzilla.suse.com/show_bug.cgi?id=1233202
  * https://bugzilla.suse.com/show_bug.cgi?id=1233279
  * https://bugzilla.suse.com/show_bug.cgi?id=1233630
  * https://bugzilla.suse.com/show_bug.cgi?id=1233660
  * https://bugzilla.suse.com/show_bug.cgi?id=1234123
  * https://jira.suse.com/browse/ECO-3319
  * https://jira.suse.com/browse/MSQA-914

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250214/c868a0ef/attachment.htm>

From null at suse.de  Fri Feb 14 08:32:02 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 14 Feb 2025 08:32:02 -0000
Subject: SUSE-SU-202501:15286-1: moderate: Security update for SUSE Manager
 Client Tools
Message-ID: <173952192247.21560.13266961704123795160@smelt2.prg2.suse.org>



# Security update for SUSE Manager Client Tools

Announcement ID: SUSE-SU-202501:15286-1  
Release Date: 2025-02-14T07:19:29Z  
Rating: moderate  
References:

  * bsc#1228182
  * bsc#1228690
  * bsc#1229079
  * bsc#1229104
  * bsc#1230361
  * bsc#1231497
  * bsc#1231568
  * bsc#1231759
  * bsc#1232575
  * bsc#1232769
  * bsc#1232817
  * bsc#1233202
  * bsc#1233279
  * bsc#1233630
  * bsc#1233660
  * bsc#1233667
  * bsc#1234123
  * jsc#ECO-3319
  * jsc#MSQA-914

  
Cross-References:

  * CVE-2024-22037

  
CVSS scores:

  * CVE-2024-22037 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L
  * CVE-2024-22037 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-22037 ( NVD ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2024-22037 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

  
Affected Products:

  * SUSE Manager Client Tools for Ubuntu 20.04 2004

  
  
An update that solves one vulnerability, contains two features and has 16
security fixes can now be installed.

## Description:

This update fixes the following issues:

salt:

  * Build all python bindings for all flavors
  * Fixed the condition of alternatives for Tumbleweed and Leap 16
  * Handle logger exception when flushing already closed file
  * Included passlib as a recommended dependency
  * Make minion reconnecting on changing master IP (bsc#1228182)
  * Make Salt Bundle more tolerant to long running jobs (bsc#1228690)
  * Removed System V init support
  * Reverted setting SELinux context for minion service (bsc#1233667)
  * Use update-alternatives for salt-call and fix builing on EL8

scap-security-guide was updated to version 0.1.75 (jsc#ECO-3319):

  * Added Ism profile for OL8, OL9
  * Added new product kylinserver10
  * Created OL10 product
  * Release SLMicro5 product
  * Replaced two date injections by SOURCE_DATE_EPOCH to make reproducible
    (bsc#1230361)
  * Updated PCI-DSS control file for version 4.0.1

spacecmd was updated to version 5.0.11-0:

  * Updated translation strings

uyuni-tools was updated from version 0.1.23-0 to 0.1.27-0:

  * Security issues fixed:
  * CVE-2024-22037: Use podman secret to store the database credentials
    (bsc#1231497)
  * Other changes and bugs fixed:
  * Version 0.1.27-0
    * Bump the default image tag to 5.0.3
    * IsInstalled function fix
    * Run systemctl daemon-reload after changing the container image config (bsc#1233279)
    * Coco-replicas-upgrade
    * Persist search server indexes (bsc#1231759)
    * Sync deletes files during migration (bsc#1233660)
    * Ignore coco and hub images when applying PTF if they are not ailable (bsc#1229079)
    * Add --registry back to mgrpxy (bsc#1233202)
    * Only add java.hostname on migrated server if not present
    * Consider the configuration file to detect the coco or hub api images should be pulled (bsc#1229104)
    * Only raise an error if cloudguestregistryauth fails for PAYG (bsc#1233630)
    * Add registry.suse.com login to mgradm upgrade podman list (bsc#1234123)
  * Version 0.1.26-0
    * Ignore all zypper caches during migration (bsc#1232769)
    * Use the uyuni network for all podman containers (bsc#1232817)
  * Version 0.1.25-0
    * Don't migrate enabled systemd services, recreate them (bsc#1232575)
  * Version 0.1.24-0
    * Redact JSESSIONID and pxt-session-cookie values from logs and console output (bsc#1231568)

## Special Instructions and Notes:

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Manager Client Tools for Ubuntu 20.04 2004  
    zypper in -t patch suse-ubu204ct-client-tools-202501-15286=1

## Package List:

  * SUSE Manager Client Tools for Ubuntu 20.04 2004 (all)
    * scap-security-guide-ubuntu-0.1.75-2.55.2
    * salt-common-3006.0+ds-1+2.134.2
    * mgrctl-bash-completion-0.1.28-2.16.2
    * mgrctl-fish-completion-0.1.28-2.16.2
    * spacecmd-5.0.11-2.95.2
    * salt-minion-3006.0+ds-1+2.134.2
    * mgrctl-zsh-completion-0.1.28-2.16.2
  * SUSE Manager Client Tools for Ubuntu 20.04 2004 (amd64)
    * mgrctl-0.1.28-2.16.2

## References:

  * https://www.suse.com/security/cve/CVE-2024-22037.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1228182
  * https://bugzilla.suse.com/show_bug.cgi?id=1228690
  * https://bugzilla.suse.com/show_bug.cgi?id=1229079
  * https://bugzilla.suse.com/show_bug.cgi?id=1229104
  * https://bugzilla.suse.com/show_bug.cgi?id=1230361
  * https://bugzilla.suse.com/show_bug.cgi?id=1231497
  * https://bugzilla.suse.com/show_bug.cgi?id=1231568
  * https://bugzilla.suse.com/show_bug.cgi?id=1231759
  * https://bugzilla.suse.com/show_bug.cgi?id=1232575
  * https://bugzilla.suse.com/show_bug.cgi?id=1232769
  * https://bugzilla.suse.com/show_bug.cgi?id=1232817
  * https://bugzilla.suse.com/show_bug.cgi?id=1233202
  * https://bugzilla.suse.com/show_bug.cgi?id=1233279
  * https://bugzilla.suse.com/show_bug.cgi?id=1233630
  * https://bugzilla.suse.com/show_bug.cgi?id=1233660
  * https://bugzilla.suse.com/show_bug.cgi?id=1233667
  * https://bugzilla.suse.com/show_bug.cgi?id=1234123
  * https://jira.suse.com/browse/ECO-3319
  * https://jira.suse.com/browse/MSQA-914

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250214/003cd30f/attachment.htm>

From null at suse.de  Fri Feb 14 08:32:17 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 14 Feb 2025 08:32:17 -0000
Subject: SUSE-SU-2025:0525-1: moderate: Security update for SUSE Manager
 Client Tools
Message-ID: <173952193767.21560.14873528535145414819@smelt2.prg2.suse.org>



# Security update for SUSE Manager Client Tools

Announcement ID: SUSE-SU-2025:0525-1  
Release Date: 2025-02-14T07:19:20Z  
Rating: moderate  
References:

  * bsc#1212641
  * bsc#1219912
  * bsc#1229079
  * bsc#1229104
  * bsc#1231024
  * bsc#1231497
  * bsc#1231568
  * bsc#1231759
  * bsc#1232575
  * bsc#1232769
  * bsc#1232817
  * bsc#1232970
  * bsc#1233202
  * bsc#1233279
  * bsc#1233630
  * bsc#1233660
  * bsc#1234123
  * bsc#1234554
  * bsc#1235145
  * bsc#1236301
  * jsc#MSQA-914
  * jsc#PED-11591
  * jsc#PED-11649
  * jsc#SUMA-314

  
Cross-References:

  * CVE-2023-3128
  * CVE-2023-6152
  * CVE-2024-22037
  * CVE-2024-45337
  * CVE-2024-51744
  * CVE-2024-6837
  * CVE-2024-8118

  
CVSS scores:

  * CVE-2023-3128 ( SUSE ):  9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
  * CVE-2023-3128 ( NVD ):  9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
  * CVE-2023-3128 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-6152 ( SUSE ):  5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
  * CVE-2023-6152 ( NVD ):  5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
  * CVE-2023-6152 ( NVD ):  5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
  * CVE-2024-22037 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L
  * CVE-2024-22037 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-22037 ( NVD ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2024-22037 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-45337 ( SUSE ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45337 ( NVD ):  9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
  * CVE-2024-51744 ( SUSE ):  2.1
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-51744 ( SUSE ):  3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
  * CVE-2024-51744 ( NVD ):  3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
  * CVE-2024-6837 ( SUSE ):  5.3
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-6837 ( SUSE ):  5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
  * CVE-2024-8118 ( SUSE ):  4.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
  * CVE-2024-8118 ( NVD ):  5.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.3
  * openSUSE Leap 15.4
  * openSUSE Leap 15.5
  * openSUSE Leap 15.6
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise Desktop 15
  * SUSE Linux Enterprise Desktop 15 SP1
  * SUSE Linux Enterprise Desktop 15 SP2
  * SUSE Linux Enterprise Desktop 15 SP3
  * SUSE Linux Enterprise Desktop 15 SP4
  * SUSE Linux Enterprise Desktop 15 SP5
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15
  * SUSE Linux Enterprise High Performance Computing 15 SP1
  * SUSE Linux Enterprise High Performance Computing 15 SP2
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.0
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP1
  * SUSE Linux Enterprise Real Time 15 SP2
  * SUSE Linux Enterprise Real Time 15 SP3
  * SUSE Linux Enterprise Real Time 15 SP4
  * SUSE Linux Enterprise Real Time 15 SP5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15
  * SUSE Linux Enterprise Server 15 SP1
  * SUSE Linux Enterprise Server 15 SP2
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15
  * SUSE Linux Enterprise Server for SAP Applications 15 SP1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Manager Client Tools for SLE 15
  * SUSE Manager Client Tools for SLE Micro 5
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3
  * SUSE Package Hub 15 15-SP6

  
  
An update that solves seven vulnerabilities, contains four features and has 13
security fixes can now be installed.

## Description:

This update fixes the following issues:

dracut-saltboot was updated to version 0.1.1728559936.c16d4fb:

  * Added MAC based terminal naming option (jsc#SUMA-314)

golang-github-prometheus-prometheus was updated from version 2.45.6 to 2.53.3
(jsc#PED-11649):

  * Security issues fixed:
  * CVE-2024-51744: Updated golang-jwt to version 5.0 to fix bad error handling
    (bsc#1232970)

  * Highlights of other changes:

  * Performance:
    * Significant enhancements to PromQL execution speed, TSDB operations (especially querying and compaction) and remote write operations.
    * Default GOGC value lowered to 75 for better memory management. 
    * Option to limit memory usage from dropped targets added.
  * New Features:
    * Experimental OpenTelemetry ingestion.
    * Automatic memory limit handling.
    * Native histogram support, including new functions, UI enhancements, and improved scraping.
    * Improved alerting features, such as relabeling rules for AlertmanagerConfig and a new query_offset option.
    * Expanded service discovery options with added metadata and support for new services.
    * New promtool commands for PromQL formatting, label manipulation, metric pushing, and OpenMetrics dumping.
  * Bug Fixes:
    * Numerous fixes across scraping, API, TSDB, PromQL, and service discovery.
  * For a detailed list of changes consult the package changelog or
    https://github.com/prometheus/prometheus/compare/v2.45.6...v2.53.3

grafana was updated from version 9.5.18 to 10.4.13
(jsc#PED-11591,jsc#PED-11649):

  * Security issues fixed:
  * CVE-2024-45337: Prevent possible misuse of ServerConfig.PublicKeyCallback by
    upgrading golang.org/x/crypto (bsc#1234554)
  * CVE-2023-3128: Fixed authentication bypass using Azure AD OAuth
    (bsc#1212641)
  * CVE-2023-6152: Add email verification when updating user email (bsc#1219912)
  * CVE-2024-6837: Fixed potential data source permission escalation
    (bsc#1236301)
  * CVE-2024-8118: Fixed permission on external alerting rule write endpoint
    (bsc#1231024)

  * Potential breaking changes in version 10:

  * In panels using the `extract fields` transformation, where one of the
    extracted names collides with one of the already existing ields, the
    extracted field will be renamed.
  * For the existing backend mode users who have table visualization might see
    some inconsistencies on their panels. We have updated the table column
    naming. This will potentially affect field transformations and/or field
    overrides. To resolve this either: update transformation or field override.
  * For the existing backend mode users who have Transformations with the `time`
    field, might see their transformations are not working. Those panels that
    have broken transformations will fail to render. This is because we changed
    the field key. To resolve this either: Remove the affected panel and re-
    create it; Select the `Time` field again; Edit the `time` field as `Time`
    for transformation in `panel.json` or `dashboard.json`
  * The following data source permission endpoints have been removed: `GET
    /datasources/:datasourceId/permissions` `POST
    /api/datasources/:datasourceId/permissions` `DELETE
    /datasources/:datasourceId/permissions` `POST
    /datasources/:datasourceId/enable-permissions` `POST
    /datasources/:datasourceId/disable-permissions`
    * Please use the following endpoints instead: `GET /api/access-control/datasources/:uid` for listing data source permissions `POST /api/access-control/datasources/:uid/users/:id`, `POST /api/access-control/datasources/:uid/teams/:id` and `POST /api/access-control/datasources/:uid/buildInRoles/:id` for adding or removing data source permissions
  * If you are using Terraform Grafana provider to manage data source
    permissions, you will need to upgrade your provider.
  * For the existing backend mode users who have table visualization might see
    some inconsistencies on their panels. We have updated the table column
    naming. This will potentially affect field transformations and/or field
    overrides.
  * The deprecated `/playlists/{uid}/dashboards` API endpoint has been removed.
    Dashboard information can be retrieved from the `/dashboard/...` APIs.
  * The `PUT /api/folders/:uid` endpoint no more supports modifying the folder's
    `UID`
  * Removed all components for the old panel header design.
  * Please review https://grafana.com/docs/grafana/next/breaking-
    changes/breaking-changes-v10-3/ for more details
  * OAuth role mapping enforcement: This change impacts GitHub, Gitlab, Okta,
    and Generic OAuth. To avoid overriding manually set roles, enable the
    skip_org_role_sync option in the Grafana configuration for your OAuth
    provider before upgrading
  * Angular has been deprecated
  * Grafana legacy alerting has been deprecated
  * API keys are migrating to service accounts
  * The experimental ?dashboard previews? feature is removed
  * Usernames are now case-insensitive by default
  * Grafana OAuth integrations do not work anymore with email lookups
  * The ?Alias? field in the CloudWatch data source is removed
  * Athena data source plugin must be updated to version >=2.9.3
  * Redshift data source plugin must be updated to version >=1.8.3
  * DoiT International BigQuery plugin no longer supported
  * Please review https://grafana.com/docs/grafana/next/breaking-
    changes/breaking-changes-v10-0 for more details

  * This update brings many new features, enhancements and fixes highlighted at:

  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-4/
  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-3/
  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-2/
  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-1/
  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-0/:

spacecmd was updated to version 5.0.11-0:

  * Updated translation strings

supportutils-plugin-salt was updated to version 1.2.3:

  * Adjusted requirements for plugin to allow compatibility with supportutils
    3.2.9 release (bsc#1235145)
  * Provide backwards-compatible scripts version

supportutils-plugin-susemanager-client was updated to version 5.0.4-0:

  * Adjusted requirements for plugin to allow compatibility with supportutils
    3.2.9 release (bsc#1235145)

uyuni-tools was updated from version 0.1.23-0 to 0.1.27-0:

  * Security issues fixed:
  * CVE-2024-22037: Use podman secret to store the database credentials
    (bsc#1231497)
  * Other changes and bugs fixed:
  * Version 0.1.27-0
    * Bump the default image tag to 5.0.3
    * IsInstalled function fix
    * Run systemctl daemon-reload after changing the container image config (bsc#1233279)
    * Coco-replicas-upgrade
    * Persist search server indexes (bsc#1231759)
    * Sync deletes files during migration (bsc#1233660)
    * Ignore coco and hub images when applying PTF if they are not ailable (bsc#1229079)
    * Add --registry back to mgrpxy (bsc#1233202)
    * Only add java.hostname on migrated server if not present
    * Consider the configuration file to detect the coco or hub api images should be pulled (bsc#1229104)
    * Only raise an error if cloudguestregistryauth fails for PAYG (bsc#1233630)
    * Add registry.suse.com login to mgradm upgrade podman list (bsc#1234123)
  * Version 0.1.26-0
    * Ignore all zypper caches during migration (bsc#1232769)
    * Use the uyuni network for all podman containers (bsc#1232817)
  * Version 0.1.25-0
    * Don't migrate enabled systemd services, recreate them (bsc#1232575)
  * Version 0.1.24-0
    * Redact JSESSIONID and pxt-session-cookie values from logs and console output (bsc#1231568)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-525=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-525=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-525=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-525=1

  * SUSE Manager Client Tools for SLE 15  
    zypper in -t patch SUSE-SLE-Manager-Tools-15-2025-525=1

  * SUSE Manager Client Tools for SLE Micro 5  
    zypper in -t patch SUSE-SLE-Manager-Tools-For-Micro-5-2025-525=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-525=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-525=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-525=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-525=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-525=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-525=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-525=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-525=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-525=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-525=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-525=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-525=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-525=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-525=1

## Package List:

  * SUSE Manager Retail Branch Server 4.3 (noarch)
    * supportutils-plugin-salt-1.2.3-150000.3.16.1
  * SUSE Manager Server 4.3 (noarch)
    * supportutils-plugin-salt-1.2.3-150000.3.16.1
  * SUSE Enterprise Storage 7.1 (noarch)
    * supportutils-plugin-salt-1.2.3-150000.3.16.1
  * openSUSE Leap 15.6 (noarch)
    * supportutils-plugin-salt-1.2.3-150000.3.16.1
    * dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1
    * supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1
    * spacecmd-5.0.11-150000.3.130.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * golang-github-prometheus-promu-0.17.0-150000.3.24.1
  * SUSE Manager Client Tools for SLE 15 (noarch)
    * mgrctl-lang-0.1.28-150000.1.16.1
    * mgrctl-bash-completion-0.1.28-150000.1.16.1
    * dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1
    * mgrctl-zsh-completion-0.1.28-150000.1.16.1
    * supportutils-plugin-salt-1.2.3-150000.3.16.1
    * spacecmd-5.0.11-150000.3.130.1
    * supportutils-plugin-susemanager-client-5.0.4-150000.3.27.1
  * SUSE Manager Client Tools for SLE 15 (aarch64 ppc64le s390x x86_64)
    * grafana-debuginfo-10.4.13-150000.1.66.1
    * grafana-10.4.13-150000.1.66.1
    * golang-github-prometheus-prometheus-2.53.3-150000.3.59.1
    * mgrctl-debuginfo-0.1.28-150000.1.16.1
    * mgrctl-0.1.28-150000.1.16.1
    * firewalld-prometheus-config-0.1-150000.3.59.1
  * SUSE Manager Client Tools for SLE Micro 5 (noarch)
    * mgrctl-lang-0.1.28-150000.1.16.1
    * dracut-saltboot-0.1.1728559936.c16d4fb-150000.1.56.1
    * mgrctl-zsh-completion-0.1.28-150000.1.16.1
    * mgrctl-bash-completion-0.1.28-150000.1.16.1
  * SUSE Manager Client Tools for SLE Micro 5 (aarch64 s390x x86_64)
    * mgrctl-debuginfo-0.1.28-150000.1.16.1
    * mgrctl-0.1.28-150000.1.16.1
  * Basesystem Module 15-SP6 (noarch)
    * supportutils-plugin-salt-1.2.3-150000.3.16.1
  * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64)
    * golang-github-prometheus-promu-0.17.0-150000.3.24.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * supportutils-plugin-salt-1.2.3-150000.3.16.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * supportutils-plugin-salt-1.2.3-150000.3.16.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * supportutils-plugin-salt-1.2.3-150000.3.16.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * supportutils-plugin-salt-1.2.3-150000.3.16.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * supportutils-plugin-salt-1.2.3-150000.3.16.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * supportutils-plugin-salt-1.2.3-150000.3.16.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * supportutils-plugin-salt-1.2.3-150000.3.16.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * supportutils-plugin-salt-1.2.3-150000.3.16.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * supportutils-plugin-salt-1.2.3-150000.3.16.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * supportutils-plugin-salt-1.2.3-150000.3.16.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * supportutils-plugin-salt-1.2.3-150000.3.16.1
  * SUSE Manager Proxy 4.3 (noarch)
    * supportutils-plugin-salt-1.2.3-150000.3.16.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-3128.html
  * https://www.suse.com/security/cve/CVE-2023-6152.html
  * https://www.suse.com/security/cve/CVE-2024-22037.html
  * https://www.suse.com/security/cve/CVE-2024-45337.html
  * https://www.suse.com/security/cve/CVE-2024-51744.html
  * https://www.suse.com/security/cve/CVE-2024-6837.html
  * https://www.suse.com/security/cve/CVE-2024-8118.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1212641
  * https://bugzilla.suse.com/show_bug.cgi?id=1219912
  * https://bugzilla.suse.com/show_bug.cgi?id=1229079
  * https://bugzilla.suse.com/show_bug.cgi?id=1229104
  * https://bugzilla.suse.com/show_bug.cgi?id=1231024
  * https://bugzilla.suse.com/show_bug.cgi?id=1231497
  * https://bugzilla.suse.com/show_bug.cgi?id=1231568
  * https://bugzilla.suse.com/show_bug.cgi?id=1231759
  * https://bugzilla.suse.com/show_bug.cgi?id=1232575
  * https://bugzilla.suse.com/show_bug.cgi?id=1232769
  * https://bugzilla.suse.com/show_bug.cgi?id=1232817
  * https://bugzilla.suse.com/show_bug.cgi?id=1232970
  * https://bugzilla.suse.com/show_bug.cgi?id=1233202
  * https://bugzilla.suse.com/show_bug.cgi?id=1233279
  * https://bugzilla.suse.com/show_bug.cgi?id=1233630
  * https://bugzilla.suse.com/show_bug.cgi?id=1233660
  * https://bugzilla.suse.com/show_bug.cgi?id=1234123
  * https://bugzilla.suse.com/show_bug.cgi?id=1234554
  * https://bugzilla.suse.com/show_bug.cgi?id=1235145
  * https://bugzilla.suse.com/show_bug.cgi?id=1236301
  * https://jira.suse.com/browse/MSQA-914
  * https://jira.suse.com/browse/PED-11591
  * https://jira.suse.com/browse/PED-11649
  * https://jira.suse.com/browse/SUMA-314

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250214/d9fc8d3d/attachment.htm>

From null at suse.de  Fri Feb 14 08:32:34 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 14 Feb 2025 08:32:34 -0000
Subject: SUSE-SU-2025:0524-1: moderate: Security update for SUSE Manager
 Client Tools
Message-ID: <173952195406.21560.2093764703534374364@smelt2.prg2.suse.org>



# Security update for SUSE Manager Client Tools

Announcement ID: SUSE-SU-2025:0524-1  
Release Date: 2025-02-14T07:16:37Z  
Rating: moderate  
References:

  * bsc#1212641
  * bsc#1219912
  * bsc#1229079
  * bsc#1229104
  * bsc#1231024
  * bsc#1231497
  * bsc#1231568
  * bsc#1231759
  * bsc#1232575
  * bsc#1232769
  * bsc#1232817
  * bsc#1232970
  * bsc#1233202
  * bsc#1233279
  * bsc#1233630
  * bsc#1233660
  * bsc#1234123
  * bsc#1234554
  * bsc#1235145
  * bsc#1236301
  * jsc#MSQA-914
  * jsc#PED-11591
  * jsc#PED-11649

  
Cross-References:

  * CVE-2023-3128
  * CVE-2023-6152
  * CVE-2024-22037
  * CVE-2024-45337
  * CVE-2024-51744
  * CVE-2024-6837
  * CVE-2024-8118

  
CVSS scores:

  * CVE-2023-3128 ( SUSE ):  9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
  * CVE-2023-3128 ( NVD ):  9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
  * CVE-2023-3128 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-6152 ( SUSE ):  5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
  * CVE-2023-6152 ( NVD ):  5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
  * CVE-2023-6152 ( NVD ):  5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
  * CVE-2024-22037 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L
  * CVE-2024-22037 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-22037 ( NVD ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2024-22037 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-45337 ( SUSE ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45337 ( NVD ):  9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
  * CVE-2024-51744 ( SUSE ):  2.1
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-51744 ( SUSE ):  3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
  * CVE-2024-51744 ( NVD ):  3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
  * CVE-2024-6837 ( SUSE ):  5.3
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-6837 ( SUSE ):  5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
  * CVE-2024-8118 ( SUSE ):  4.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
  * CVE-2024-8118 ( NVD ):  5.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

  
Affected Products:

  * SUSE Linux Enterprise Desktop 12
  * SUSE Linux Enterprise Desktop 12 SP1
  * SUSE Linux Enterprise Desktop 12 SP2
  * SUSE Linux Enterprise Desktop 12 SP3
  * SUSE Linux Enterprise Desktop 12 SP4
  * SUSE Linux Enterprise High Performance Computing 12 SP2
  * SUSE Linux Enterprise High Performance Computing 12 SP3
  * SUSE Linux Enterprise High Performance Computing 12 SP4
  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12
  * SUSE Linux Enterprise Server 12 SP1
  * SUSE Linux Enterprise Server 12 SP2
  * SUSE Linux Enterprise Server 12 SP3
  * SUSE Linux Enterprise Server 12 SP4
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server for SAP Applications 12
  * SUSE Linux Enterprise Server for SAP Applications 12 SP1
  * SUSE Linux Enterprise Server for SAP Applications 12 SP2
  * SUSE Linux Enterprise Server for SAP Applications 12 SP3
  * SUSE Linux Enterprise Server for SAP Applications 12 SP4
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5
  * SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2
  * SUSE Manager Client Tools for SLE 12

  
  
An update that solves seven vulnerabilities, contains three features and has 13
security fixes can now be installed.

## Description:

This update fixes the following issues:

golang-github-prometheus-prometheus was updated from version 2.45.6 to 2.53.3
(jsc#PED-11649):

  * Security issues fixed:
  * CVE-2024-51744: Updated golang-jwt to version 5.0 to fix bad error handling
    (bsc#1232970)

  * Highlights of other changes:

  * Performance:
    * Significant enhancements to PromQL execution speed, TSDB operations (especially querying and compaction) and remote write operations.
    * Default GOGC value lowered to 75 for better memory management. 
    * Option to limit memory usage from dropped targets added.
  * New Features:
    * Experimental OpenTelemetry ingestion.
    * Automatic memory limit handling.
    * Native histogram support, including new functions, UI enhancements, and improved scraping.
    * Improved alerting features, such as relabeling rules for AlertmanagerConfig and a new query_offset option.
    * Expanded service discovery options with added metadata and support for new services.
    * New promtool commands for PromQL formatting, label manipulation, metric pushing, and OpenMetrics dumping.
  * Bug Fixes:
    * Numerous fixes across scraping, API, TSDB, PromQL, and service discovery.
  * For a detailed list of changes consult the package changelog or
    https://github.com/prometheus/prometheus/compare/v2.45.6...v2.53.3

golang-github-prometheus-promu was updated to version 0.17.0:

  * Added codesign utility function

grafana was updated from version 9.5.18 to 10.4.13
(jsc#PED-11591,jsc#PED-11649):

  * Security issues fixed:
  * CVE-2024-45337: Prevent possible misuse of ServerConfig.PublicKeyCallback by
    upgrading golang.org/x/crypto (bsc#1234554)
  * CVE-2023-3128: Fixed authentication bypass using Azure AD OAuth
    (bsc#1212641)
  * CVE-2023-6152: Add email verification when updating user email (bsc#1219912)
  * CVE-2024-6837: Fixed potential data source permission escalation
    (bsc#1236301)
  * CVE-2024-8118: Fixed permission on external alerting rule write endpoint
    (bsc#1231024)

  * Potential breaking changes in version 10:

  * In panels using the `extract fields` transformation, where one of the
    extracted names collides with one of the already existing ields, the
    extracted field will be renamed.
  * For the existing backend mode users who have table visualization might see
    some inconsistencies on their panels. We have updated the table column
    naming. This will potentially affect field transformations and/or field
    overrides. To resolve this either: update transformation or field override.
  * For the existing backend mode users who have Transformations with the `time`
    field, might see their transformations are not working. Those panels that
    have broken transformations will fail to render. This is because we changed
    the field key. To resolve this either: Remove the affected panel and re-
    create it; Select the `Time` field again; Edit the `time` field as `Time`
    for transformation in `panel.json` or `dashboard.json`
  * The following data source permission endpoints have been removed: `GET
    /datasources/:datasourceId/permissions` `POST
    /api/datasources/:datasourceId/permissions` `DELETE
    /datasources/:datasourceId/permissions` `POST
    /datasources/:datasourceId/enable-permissions` `POST
    /datasources/:datasourceId/disable-permissions`
    * Please use the following endpoints instead: `GET /api/access-control/datasources/:uid` for listing data source permissions `POST /api/access-control/datasources/:uid/users/:id`, `POST /api/access-control/datasources/:uid/teams/:id` and `POST /api/access-control/datasources/:uid/buildInRoles/:id` for adding or removing data source permissions
  * If you are using Terraform Grafana provider to manage data source
    permissions, you will need to upgrade your provider.
  * For the existing backend mode users who have table visualization might see
    some inconsistencies on their panels. We have updated the table column
    naming. This will potentially affect field transformations and/or field
    overrides.
  * The deprecated `/playlists/{uid}/dashboards` API endpoint has been removed.
    Dashboard information can be retrieved from the `/dashboard/...` APIs.
  * The `PUT /api/folders/:uid` endpoint no more supports modifying the folder's
    `UID`
  * Removed all components for the old panel header design.
  * Please review https://grafana.com/docs/grafana/next/breaking-
    changes/breaking-changes-v10-3/ for more details
  * OAuth role mapping enforcement: This change impacts GitHub, Gitlab, Okta,
    and Generic OAuth. To avoid overriding manually set roles, enable the
    skip_org_role_sync option in the Grafana configuration for your OAuth
    provider before upgrading
  * Angular has been deprecated
  * Grafana legacy alerting has been deprecated
  * API keys are migrating to service accounts
  * The experimental &#8220;dashboard previews&#8221; feature is removed
  * Usernames are now case-insensitive by default
  * Grafana OAuth integrations do not work anymore with email lookups
  * The &#8220;Alias&#8221; field in the CloudWatch data source is removed
  * Athena data source plugin must be updated to version &gt;=2.9.3
  * Redshift data source plugin must be updated to version &gt;=1.8.3
  * DoiT International BigQuery plugin no longer supported
  * Please review https://grafana.com/docs/grafana/next/breaking-
    changes/breaking-changes-v10-0 for more details

  * This update brings many new features, enhancements and fixes highlighted at:

  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-4/
  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-3/
  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-2/
  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-1/
  * https://grafana.com/docs/grafana/next/whatsnew/whats-new-in-v10-0/

spacecmd was updated to version 5.0.11-0:

  * Updated translation strings

supportutils-plugin-salt was updated to version 1.2.3:

  * Adjusted requirements for plugin to allow compatibility with supportutils
    3.2.9 release (bsc#1235145)
  * Provide backwards-compatible scripts version

supportutils-plugin-susemanager-client was updated to version 5.0.4-0:

  * Adjusted requirements for plugin to allow compatibility with supportutils
    3.2.9 release (bsc#1235145)

uyuni-tools was updated from version 0.1.23-0 to 0.1.27-0:

  * Security issues fixed:
  * CVE-2024-22037: Use podman secret to store the database credentials
    (bsc#1231497)
  * Other changes and bugs fixed:
  * Version 0.1.27-0
    * Bump the default image tag to 5.0.3
    * IsInstalled function fix
    * Run systemctl daemon-reload after changing the container image config (bsc#1233279)
    * Coco-replicas-upgrade
    * Persist search server indexes (bsc#1231759)
    * Sync deletes files during migration (bsc#1233660)
    * Ignore coco and hub images when applying PTF if they are not ailable (bsc#1229079)
    * Add --registry back to mgrpxy (bsc#1233202)
    * Only add java.hostname on migrated server if not present
    * Consider the configuration file to detect the coco or hub api images should be pulled (bsc#1229104)
    * Only raise an error if cloudguestregistryauth fails for PAYG (bsc#1233630)
    * Add registry.suse.com login to mgradm upgrade podman list (bsc#1234123)
  * Version 0.1.26-0
    * Ignore all zypper caches during migration (bsc#1232769)
    * Use the uyuni network for all podman containers (bsc#1232817)
  * Version 0.1.25-0
    * Don't migrate enabled systemd services, recreate them (bsc#1232575)
    * Redact JSESSIONID and pxt-session-cookie values from logs and console output (bsc#1231568)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Manager Client Tools for SLE 12  
    zypper in -t patch SUSE-SLE-Manager-Tools-12-2025-524=1

## Package List:

  * SUSE Manager Client Tools for SLE 12 (aarch64 ppc64le s390x x86_64)
    * mgrctl-0.1.28-1.16.1
    * mgrctl-debuginfo-0.1.28-1.16.1
    * golang-github-prometheus-prometheus-2.53.3-1.56.1
    * golang-github-prometheus-promu-0.17.0-1.24.1
    * grafana-10.4.13-1.66.2
  * SUSE Manager Client Tools for SLE 12 (noarch)
    * supportutils-plugin-susemanager-client-5.0.4-6.33.1
    * mgrctl-zsh-completion-0.1.28-1.16.1
    * mgrctl-bash-completion-0.1.28-1.16.1
    * supportutils-plugin-salt-1.2.3-6.25.1
    * spacecmd-5.0.11-38.153.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-3128.html
  * https://www.suse.com/security/cve/CVE-2023-6152.html
  * https://www.suse.com/security/cve/CVE-2024-22037.html
  * https://www.suse.com/security/cve/CVE-2024-45337.html
  * https://www.suse.com/security/cve/CVE-2024-51744.html
  * https://www.suse.com/security/cve/CVE-2024-6837.html
  * https://www.suse.com/security/cve/CVE-2024-8118.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1212641
  * https://bugzilla.suse.com/show_bug.cgi?id=1219912
  * https://bugzilla.suse.com/show_bug.cgi?id=1229079
  * https://bugzilla.suse.com/show_bug.cgi?id=1229104
  * https://bugzilla.suse.com/show_bug.cgi?id=1231024
  * https://bugzilla.suse.com/show_bug.cgi?id=1231497
  * https://bugzilla.suse.com/show_bug.cgi?id=1231568
  * https://bugzilla.suse.com/show_bug.cgi?id=1231759
  * https://bugzilla.suse.com/show_bug.cgi?id=1232575
  * https://bugzilla.suse.com/show_bug.cgi?id=1232769
  * https://bugzilla.suse.com/show_bug.cgi?id=1232817
  * https://bugzilla.suse.com/show_bug.cgi?id=1232970
  * https://bugzilla.suse.com/show_bug.cgi?id=1233202
  * https://bugzilla.suse.com/show_bug.cgi?id=1233279
  * https://bugzilla.suse.com/show_bug.cgi?id=1233630
  * https://bugzilla.suse.com/show_bug.cgi?id=1233660
  * https://bugzilla.suse.com/show_bug.cgi?id=1234123
  * https://bugzilla.suse.com/show_bug.cgi?id=1234554
  * https://bugzilla.suse.com/show_bug.cgi?id=1235145
  * https://bugzilla.suse.com/show_bug.cgi?id=1236301
  * https://jira.suse.com/browse/MSQA-914
  * https://jira.suse.com/browse/PED-11591
  * https://jira.suse.com/browse/PED-11649

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250214/d5748e1d/attachment.htm>

From null at suse.de  Fri Feb 14 08:33:26 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 14 Feb 2025 08:33:26 -0000
Subject: SUSE-RU-2025:0523-1: moderate: Maintenance update for SUSE Manager
 5.0: Server, Proxy and Retail Branch Server
Message-ID: <173952200681.21560.4810360742817188391@smelt2.prg2.suse.org>



# Maintenance update for SUSE Manager 5.0: Server, Proxy and Retail Branch
Server

Announcement ID: SUSE-RU-2025:0523-1  
Release Date: 2025-02-14T07:16:09Z  
Rating: moderate  
References:

  * bsc#1027642
  * bsc#1212161
  * bsc#1212985
  * bsc#1213437
  * bsc#1215815
  * bsc#1216683
  * bsc#1216946
  * bsc#1217338
  * bsc#1220494
  * bsc#1220902
  * bsc#1221219
  * bsc#1222447
  * bsc#1222574
  * bsc#1222820
  * bsc#1224318
  * bsc#1226958
  * bsc#1227374
  * bsc#1227644
  * bsc#1227759
  * bsc#1227827
  * bsc#1227852
  * bsc#1227882
  * bsc#1228182
  * bsc#1228232
  * bsc#1228261
  * bsc#1228319
  * bsc#1228351
  * bsc#1228856
  * bsc#1228956
  * bsc#1229000
  * bsc#1229077
  * bsc#1229079
  * bsc#1229286
  * bsc#1229848
  * bsc#1229902
  * bsc#1230502
  * bsc#1230585
  * bsc#1230670
  * bsc#1230741
  * bsc#1230833
  * bsc#1230943
  * bsc#1231053
  * bsc#1231255
  * bsc#1231377
  * bsc#1231378
  * bsc#1231398
  * bsc#1231404
  * bsc#1231430
  * bsc#1231459
  * bsc#1231762
  * bsc#1232042
  * bsc#1232125
  * bsc#1232530
  * bsc#1232713
  * bsc#1233258
  * bsc#1233383
  * bsc#1233400
  * bsc#1233426
  * bsc#1233431
  * bsc#1233450
  * bsc#1233497
  * bsc#1233595
  * bsc#1233696
  * bsc#1233724
  * bsc#1233761
  * bsc#1233793
  * bsc#1233871
  * bsc#1233884
  * bsc#1234251
  * bsc#1234441
  * bsc#1234994
  * bsc#1235145
  * bsc#1235692
  * bsc#1235908
  * jsc#MSQA-914
  * jsc#SUMA-314
  * jsc#SUMA-406
  * jsc#SUMA-431

  
Cross-References:

  * CVE-2024-21528
  * CVE-2024-45801

  
CVSS scores:

  * CVE-2024-21528 ( NVD ):  5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-45801 ( NVD ):  7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

  
Affected Products:

  * SUSE Linux Enterprise Micro 5.5
  * SUSE Manager Proxy 5.0 Extension
  * SUSE Manager Retail Branch Server 5.0 Extension
  * SUSE Manager Server 5.0 Extension

  
  
An update that solves two vulnerabilities, contains four features and has 72
fixes can now be installed.

## Recommended update for SUSE Manager Proxy 5.0

### Description:

This update fixes the following issues:

proxy-helm:

  * Version 5.0.11:
  * Update for next release

proxy-httpd-image:

  * Version 5.0.9:
  * Update for next release

proxy-salt-broker-image:

  * Version 5.0.9:
  * Update for next release

proxy-squid-image:

  * Version 5.0.9:
  * Update for next release

proxy-ssh-image:

  * Version 5.0.9:
  * Update for next release

proxy-tftpd-image:

  * Version 5.0.9:
  * Update for next release

## Recommended update for SUSE Manager Retail Branch Server 5.0

### Description:

This update fixes the following issues:

proxy-helm:

  * Version 5.0.11:
  * Update for next release

proxy-httpd-image:

  * Version 5.0.9:
  * Update for next release

proxy-salt-broker-image:

  * Version 5.0.9:
  * Update for next release

proxy-squid-image:

  * Version 5.0.9:
  * Update for next release

proxy-ssh-image:

  * Version 5.0.9:
  * Update for next release

proxy-tftpd-image:

  * Version 5.0.9:

## Recommended update for SUSE Manager Server 5.0

### Description:

This update fixes the following issues:

server-attestation-image:

  * Version 5.0.7:
  * Update for next release

server-hub-xmlrpc-api-image:

  * Version 5.0.9:
  * Update for next release

server-image:

  * Version 5.0.11:
  * Fixed timezone alignment on container restart (bsc#1235692)
  * Version 5.0.10:
  * Added aarch64 and ppc64 grub loaders (bsc#1231762)
  * Use FILE: type for krb5 ccache
  * Removed pam_ldap as it is no longer shipped (bsc#1231377)

server-migration-14-16-image:

  * Version 5.0.10:
  * Update for next release

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Manager Proxy 5.0 Extension  
    zypper in -t patch SUSE-SUSE-Manager-Proxy-5.0-2025-523=1

  * SUSE Manager Retail Branch Server 5.0 Extension  
    zypper in -t patch SUSE-SUSE-Manager-Retail-Branch-Server-5.0-2025-523=1

  * SUSE Manager Server 5.0 Extension  
    zypper in -t patch SUSE-SUSE-Manager-Server-5.0-2025-523=1

## Package List:

  * SUSE Manager Proxy 5.0 Extension (aarch64)
    * suse-manager-5.0-aarch64-proxy-ssh-image-5.0.3-7.9.6
    * suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.3-7.9.6
    * suse-manager-5.0-aarch64-proxy-squid-image-5.0.3-7.9.6
    * suse-manager-5.0-aarch64-proxy-httpd-image-5.0.3-7.9.12
    * suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.3-7.9.14
  * SUSE Manager Proxy 5.0 Extension (ppc64le)
    * suse-manager-5.0-ppc64le-proxy-squid-image-5.0.3-7.9.6
    * suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.3-7.9.6
    * suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.3-7.9.12
    * suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.3-7.9.6
    * suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.3-7.9.14
  * SUSE Manager Proxy 5.0 Extension (s390x)
    * suse-manager-5.0-s390x-proxy-httpd-image-5.0.3-7.9.12
    * suse-manager-5.0-s390x-proxy-squid-image-5.0.3-7.9.6
    * suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.3-7.9.14
    * suse-manager-5.0-s390x-proxy-tftpd-image-5.0.3-7.9.6
    * suse-manager-5.0-s390x-proxy-ssh-image-5.0.3-7.9.6
  * SUSE Manager Proxy 5.0 Extension (x86_64)
    * suse-manager-5.0-x86_64-proxy-squid-image-5.0.3-7.9.6
    * suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.3-7.9.6
    * suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.3-7.9.14
    * suse-manager-5.0-x86_64-proxy-ssh-image-5.0.3-7.9.6
    * suse-manager-5.0-x86_64-proxy-httpd-image-5.0.3-7.9.12
  * SUSE Manager Retail Branch Server 5.0 Extension (aarch64)
    * suse-manager-5.0-aarch64-proxy-ssh-image-5.0.3-7.9.6
    * suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.3-7.9.6
    * suse-manager-5.0-aarch64-proxy-squid-image-5.0.3-7.9.6
    * suse-manager-5.0-aarch64-proxy-httpd-image-5.0.3-7.9.12
    * suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.3-7.9.14
  * SUSE Manager Retail Branch Server 5.0 Extension (ppc64le)
    * suse-manager-5.0-ppc64le-proxy-squid-image-5.0.3-7.9.6
    * suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.3-7.9.6
    * suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.3-7.9.12
    * suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.3-7.9.6
    * suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.3-7.9.14
  * SUSE Manager Retail Branch Server 5.0 Extension (s390x)
    * suse-manager-5.0-s390x-proxy-httpd-image-5.0.3-7.9.12
    * suse-manager-5.0-s390x-proxy-squid-image-5.0.3-7.9.6
    * suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.3-7.9.14
    * suse-manager-5.0-s390x-proxy-tftpd-image-5.0.3-7.9.6
    * suse-manager-5.0-s390x-proxy-ssh-image-5.0.3-7.9.6
  * SUSE Manager Retail Branch Server 5.0 Extension (x86_64)
    * suse-manager-5.0-x86_64-proxy-squid-image-5.0.3-7.9.6
    * suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.3-7.9.6
    * suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.3-7.9.14
    * suse-manager-5.0-x86_64-proxy-ssh-image-5.0.3-7.9.6
    * suse-manager-5.0-x86_64-proxy-httpd-image-5.0.3-7.9.12
  * SUSE Manager Server 5.0 Extension (x86_64)
    * suse-manager-5.0-x86_64-server-image-5.0.3-7.11.12
    * suse-manager-5.0-x86_64-server-hub-xmlrpc-api-image-5.0.3-6.9.5
    * suse-manager-5.0-x86_64-server-migration-14-16-image-5.0.3-7.9.7
    * suse-manager-5.0-x86_64-server-attestation-image-5.0.3-6.9.10
  * SUSE Manager Server 5.0 Extension (aarch64)
    * suse-manager-5.0-aarch64-server-attestation-image-5.0.3-6.9.10
    * suse-manager-5.0-aarch64-server-image-5.0.3-7.11.12
    * suse-manager-5.0-aarch64-server-migration-14-16-image-5.0.3-7.9.7
    * suse-manager-5.0-aarch64-server-hub-xmlrpc-api-image-5.0.3-6.9.5
  * SUSE Manager Server 5.0 Extension (ppc64le)
    * suse-manager-5.0-ppc64le-server-image-5.0.3-7.11.12
    * suse-manager-5.0-ppc64le-server-attestation-image-5.0.3-6.9.10
    * suse-manager-5.0-ppc64le-server-hub-xmlrpc-api-image-5.0.3-6.9.5
    * suse-manager-5.0-ppc64le-server-migration-14-16-image-5.0.3-7.9.7
  * SUSE Manager Server 5.0 Extension (s390x)
    * suse-manager-5.0-s390x-server-hub-xmlrpc-api-image-5.0.3-6.9.5
    * suse-manager-5.0-s390x-server-attestation-image-5.0.3-6.9.10
    * suse-manager-5.0-s390x-server-image-5.0.3-7.11.12
    * suse-manager-5.0-s390x-server-migration-14-16-image-5.0.3-7.9.7

## References:

  * https://www.suse.com/security/cve/CVE-2024-21528.html
  * https://www.suse.com/security/cve/CVE-2024-45801.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1027642
  * https://bugzilla.suse.com/show_bug.cgi?id=1212161
  * https://bugzilla.suse.com/show_bug.cgi?id=1212985
  * https://bugzilla.suse.com/show_bug.cgi?id=1213437
  * https://bugzilla.suse.com/show_bug.cgi?id=1215815
  * https://bugzilla.suse.com/show_bug.cgi?id=1216683
  * https://bugzilla.suse.com/show_bug.cgi?id=1216946
  * https://bugzilla.suse.com/show_bug.cgi?id=1217338
  * https://bugzilla.suse.com/show_bug.cgi?id=1220494
  * https://bugzilla.suse.com/show_bug.cgi?id=1220902
  * https://bugzilla.suse.com/show_bug.cgi?id=1221219
  * https://bugzilla.suse.com/show_bug.cgi?id=1222447
  * https://bugzilla.suse.com/show_bug.cgi?id=1222574
  * https://bugzilla.suse.com/show_bug.cgi?id=1222820
  * https://bugzilla.suse.com/show_bug.cgi?id=1224318
  * https://bugzilla.suse.com/show_bug.cgi?id=1226958
  * https://bugzilla.suse.com/show_bug.cgi?id=1227374
  * https://bugzilla.suse.com/show_bug.cgi?id=1227644
  * https://bugzilla.suse.com/show_bug.cgi?id=1227759
  * https://bugzilla.suse.com/show_bug.cgi?id=1227827
  * https://bugzilla.suse.com/show_bug.cgi?id=1227852
  * https://bugzilla.suse.com/show_bug.cgi?id=1227882
  * https://bugzilla.suse.com/show_bug.cgi?id=1228182
  * https://bugzilla.suse.com/show_bug.cgi?id=1228232
  * https://bugzilla.suse.com/show_bug.cgi?id=1228261
  * https://bugzilla.suse.com/show_bug.cgi?id=1228319
  * https://bugzilla.suse.com/show_bug.cgi?id=1228351
  * https://bugzilla.suse.com/show_bug.cgi?id=1228856
  * https://bugzilla.suse.com/show_bug.cgi?id=1228956
  * https://bugzilla.suse.com/show_bug.cgi?id=1229000
  * https://bugzilla.suse.com/show_bug.cgi?id=1229077
  * https://bugzilla.suse.com/show_bug.cgi?id=1229079
  * https://bugzilla.suse.com/show_bug.cgi?id=1229286
  * https://bugzilla.suse.com/show_bug.cgi?id=1229848
  * https://bugzilla.suse.com/show_bug.cgi?id=1229902
  * https://bugzilla.suse.com/show_bug.cgi?id=1230502
  * https://bugzilla.suse.com/show_bug.cgi?id=1230585
  * https://bugzilla.suse.com/show_bug.cgi?id=1230670
  * https://bugzilla.suse.com/show_bug.cgi?id=1230741
  * https://bugzilla.suse.com/show_bug.cgi?id=1230833
  * https://bugzilla.suse.com/show_bug.cgi?id=1230943
  * https://bugzilla.suse.com/show_bug.cgi?id=1231053
  * https://bugzilla.suse.com/show_bug.cgi?id=1231255
  * https://bugzilla.suse.com/show_bug.cgi?id=1231377
  * https://bugzilla.suse.com/show_bug.cgi?id=1231378
  * https://bugzilla.suse.com/show_bug.cgi?id=1231398
  * https://bugzilla.suse.com/show_bug.cgi?id=1231404
  * https://bugzilla.suse.com/show_bug.cgi?id=1231430
  * https://bugzilla.suse.com/show_bug.cgi?id=1231459
  * https://bugzilla.suse.com/show_bug.cgi?id=1231762
  * https://bugzilla.suse.com/show_bug.cgi?id=1232042
  * https://bugzilla.suse.com/show_bug.cgi?id=1232125
  * https://bugzilla.suse.com/show_bug.cgi?id=1232530
  * https://bugzilla.suse.com/show_bug.cgi?id=1232713
  * https://bugzilla.suse.com/show_bug.cgi?id=1233258
  * https://bugzilla.suse.com/show_bug.cgi?id=1233383
  * https://bugzilla.suse.com/show_bug.cgi?id=1233400
  * https://bugzilla.suse.com/show_bug.cgi?id=1233426
  * https://bugzilla.suse.com/show_bug.cgi?id=1233431
  * https://bugzilla.suse.com/show_bug.cgi?id=1233450
  * https://bugzilla.suse.com/show_bug.cgi?id=1233497
  * https://bugzilla.suse.com/show_bug.cgi?id=1233595
  * https://bugzilla.suse.com/show_bug.cgi?id=1233696
  * https://bugzilla.suse.com/show_bug.cgi?id=1233724
  * https://bugzilla.suse.com/show_bug.cgi?id=1233761
  * https://bugzilla.suse.com/show_bug.cgi?id=1233793
  * https://bugzilla.suse.com/show_bug.cgi?id=1233871
  * https://bugzilla.suse.com/show_bug.cgi?id=1233884
  * https://bugzilla.suse.com/show_bug.cgi?id=1234251
  * https://bugzilla.suse.com/show_bug.cgi?id=1234441
  * https://bugzilla.suse.com/show_bug.cgi?id=1234994
  * https://bugzilla.suse.com/show_bug.cgi?id=1235145
  * https://bugzilla.suse.com/show_bug.cgi?id=1235692
  * https://bugzilla.suse.com/show_bug.cgi?id=1235908
  * https://jira.suse.com/browse/MSQA-914
  * https://jira.suse.com/browse/SUMA-314
  * https://jira.suse.com/browse/SUMA-406
  * https://jira.suse.com/browse/SUMA-431

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250214/4493b395/attachment.htm>

From null at suse.de  Fri Feb 14 08:33:34 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 14 Feb 2025 08:33:34 -0000
Subject: SUSE-RU-2025:0522-1: moderate: Maintenance update for SUSE Manager
 5.0: Server, Proxy and Retail Branch Server
Message-ID: <173952201400.21560.5196541802130678041@smelt2.prg2.suse.org>



# Maintenance update for SUSE Manager 5.0: Server, Proxy and Retail Branch
Server

Announcement ID: SUSE-RU-2025:0522-1  
Release Date: 2025-02-14T07:14:05Z  
Rating: moderate  
References:

  * bsc#1229079
  * bsc#1229104
  * bsc#1231759
  * bsc#1232817
  * bsc#1233202
  * bsc#1233279
  * bsc#1233630
  * bsc#1233660
  * bsc#1234123
  * jsc#MSQA-914

  
Affected Products:

  * SUSE Linux Enterprise Micro 5.5
  * SUSE Manager Proxy 5.0 Extension
  * SUSE Manager Retail Branch Server 5.0 Extension
  * SUSE Manager Server 5.0 Extension

  
  
An update that contains one feature and has nine fixes can now be installed.

## Recommended update for SUSE Manager Proxy 5.0

### Description:

This update fixes the following issues:

uyuni-tools was update to version 0.1.28-0:

  * Added --registry back to mgrpxy (bsc#1233202)
  * Added registry.suse.com login to mgradm upgrade podman list (bsc#1234123)
  * Bumped the default image tag to 5.0.3
  * coco-replicas-upgrade
  * Consider the configuration file to detect the coco or Hub API images should
    be pulled (bsc#1229104)
  * Ignore coco and Hub images when applying PTF if they are not available
    (bsc#1229079)
  * Only add java.hostname on migrated server if not present
  * Only raise an error if cloudguestregistryauth fails for PAYG (bsc#1233630)
  * Persist search server indexes (bsc#1231759)
  * Run systemctl daemon-reload after changing the container image config
    (bsc#1233279)
  * Sync deletes files during migration (bsc#1233660)
  * Use the uyuni network for all podman containers (bsc#1232817)

How to apply this update:

  1. Log in as root user to the Multi-Linux Manager Proxy.
  2. Upgrade mgrpxy.
  3. If you are in a disconnected environment, upgrade the image packages.
  4. Reboot the system.
  5. Run `mgrpxy upgrade podman` which will use the default image tags.

## Recommended update for SUSE Manager Retail Branch Server 5.0

### Description:

This update fixes the following issues:

uyuni-tools was update to version 0.1.28-0:

  * Added --registry back to mgrpxy (bsc#1233202)
  * Added registry.suse.com login to mgradm upgrade podman list (bsc#1234123)
  * Bumped the default image tag to 5.0.3
  * coco-replicas-upgrade
  * Consider the configuration file to detect the coco or Hub API images should
    be pulled (bsc#1229104)
  * Ignore coco and Hub images when applying PTF if they are not available
    (bsc#1229079)
  * Only add java.hostname on migrated server if not present
  * Only raise an error if cloudguestregistryauth fails for PAYG (bsc#1233630)
  * Persist search server indexes (bsc#1231759)
  * Run systemctl daemon-reload after changing the container image config
    (bsc#1233279)
  * Sync deletes files during migration (bsc#1233660)
  * Use the uyuni network for all podman containers (bsc#1232817)

How to apply this update:

  1. Log in as root user to the Multi-Linux Manager Retail Branch Server.
  2. Upgrade mgrpxy.
  3. If you are in a disconnected environment, upgrade the image packages.
  4. Reboot the system.
  5. Run `mgrpxy upgrade podman` which will use the default image tags.

## Recommended update for SUSE Manager Server 5.0

### Description:

This update fixes the following issues:

uyuni-tools was update to version 0.1.28-0:

  * Added --registry back to mgrpxy (bsc#1233202)
  * Added registry.suse.com login to mgradm upgrade podman list (bsc#1234123)
  * Bumped the default image tag to 5.0.3
  * coco-replicas-upgrade
  * Consider the configuration file to detect the coco or Hub API images should
    be pulled (bsc#1229104)
  * Ignore coco and Hub images when applying PTF if they are not available
    (bsc#1229079)
  * Only add java.hostname on migrated server if not present
  * Only raise an error if cloudguestregistryauth fails for PAYG (bsc#1233630)
  * Persist search server indexes (bsc#1231759)
  * Run systemctl daemon-reload after changing the container image config
    (bsc#1233279)
  * Sync deletes files during migration (bsc#1233660)
  * Use the uyuni network for all podman containers (bsc#1232817)

How to apply this update:

  1. Log in as root user to the Multi-Linux Manager Server.
  2. Upgrade mgradm and mgrctl.
  3. If you are in a disconnected environment, upgrade the image packages.
  4. Reboot the system.
  5. Run `mgradm upgrade podman` which will use the default image tags.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Manager Proxy 5.0 Extension  
    zypper in -t patch SUSE-SUSE-Manager-Proxy-5.0-2025-522=1

  * SUSE Manager Retail Branch Server 5.0 Extension  
    zypper in -t patch SUSE-SUSE-Manager-Retail-Branch-Server-5.0-2025-522=1

  * SUSE Manager Server 5.0 Extension  
    zypper in -t patch SUSE-SUSE-Manager-Server-5.0-2025-522=1

## Package List:

  * SUSE Manager Proxy 5.0 Extension (aarch64 ppc64le s390x x86_64)
    * mgrpxy-0.1.28-150500.3.18.1
    * mgrpxy-debuginfo-0.1.28-150500.3.18.1
  * SUSE Manager Proxy 5.0 Extension (noarch)
    * mgrpxy-lang-0.1.28-150500.3.18.1
    * mgrpxy-zsh-completion-0.1.28-150500.3.18.1
    * mgrpxy-bash-completion-0.1.28-150500.3.18.1
  * SUSE Manager Retail Branch Server 5.0 Extension (aarch64 ppc64le s390x
    x86_64)
    * mgrpxy-0.1.28-150500.3.18.1
    * mgrpxy-debuginfo-0.1.28-150500.3.18.1
  * SUSE Manager Retail Branch Server 5.0 Extension (noarch)
    * mgrpxy-lang-0.1.28-150500.3.18.1
    * mgrpxy-zsh-completion-0.1.28-150500.3.18.1
    * mgrpxy-bash-completion-0.1.28-150500.3.18.1
  * SUSE Manager Server 5.0 Extension (aarch64 ppc64le s390x x86_64)
    * mgradm-0.1.28-150500.3.18.1
    * mgrctl-debuginfo-0.1.28-150500.3.18.1
    * mgrctl-0.1.28-150500.3.18.1
    * mgradm-debuginfo-0.1.28-150500.3.18.1
  * SUSE Manager Server 5.0 Extension (noarch)
    * mgradm-zsh-completion-0.1.28-150500.3.18.1
    * mgradm-bash-completion-0.1.28-150500.3.18.1
    * mgrctl-bash-completion-0.1.28-150500.3.18.1
    * mgrctl-lang-0.1.28-150500.3.18.1
    * mgradm-lang-0.1.28-150500.3.18.1
    * mgrctl-zsh-completion-0.1.28-150500.3.18.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1229079
  * https://bugzilla.suse.com/show_bug.cgi?id=1229104
  * https://bugzilla.suse.com/show_bug.cgi?id=1231759
  * https://bugzilla.suse.com/show_bug.cgi?id=1232817
  * https://bugzilla.suse.com/show_bug.cgi?id=1233202
  * https://bugzilla.suse.com/show_bug.cgi?id=1233279
  * https://bugzilla.suse.com/show_bug.cgi?id=1233630
  * https://bugzilla.suse.com/show_bug.cgi?id=1233660
  * https://bugzilla.suse.com/show_bug.cgi?id=1234123
  * https://jira.suse.com/browse/MSQA-914

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250214/0db7fbbf/attachment.htm>

From null at suse.de  Fri Feb 14 12:30:06 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 14 Feb 2025 12:30:06 -0000
Subject: SUSE-SU-2025:0548-1: important: Security update for libtasn1
Message-ID: <173953620649.21560.10565613383403140079@smelt2.prg2.suse.org>



# Security update for libtasn1

Announcement ID: SUSE-SU-2025:0548-1  
Release Date: 2025-02-14T10:20:38Z  
Rating: important  
References:

  * bsc#1236878

  
Cross-References:

  * CVE-2024-12133

  
CVSS scores:

  * CVE-2024-12133 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-12133 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-12133 ( NVD ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Micro for Rancher 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for libtasn1 fixes the following issues:

  * CVE-2024-12133: the processing of input DER data containing a large number
    of SEQUENCE OF or SET OF elements takes quadratic time to complete.
    (bsc#1236878)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-548=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-548=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-548=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-548=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-548=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-548=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-548=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-548=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-548=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-548=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-548=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-548=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-548=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-548=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-548=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-548=1

  * SUSE Linux Enterprise Micro 5.1  
    zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-548=1

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-548=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-548=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-548=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-548=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-548=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-548=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-548=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-548=1

## Package List:

  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-devel-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * Basesystem Module 15-SP6 (x86_64)
    * libtasn1-6-32bit-4.13-150000.4.11.1
    * libtasn1-6-32bit-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-devel-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64)
    * libtasn1-6-32bit-4.13-150000.4.11.1
    * libtasn1-6-32bit-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-devel-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
    * libtasn1-6-32bit-4.13-150000.4.11.1
    * libtasn1-6-32bit-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-devel-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
    * libtasn1-6-32bit-4.13-150000.4.11.1
    * libtasn1-6-32bit-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-devel-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64)
    * libtasn1-6-32bit-4.13-150000.4.11.1
    * libtasn1-6-32bit-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-devel-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64)
    * libtasn1-6-32bit-4.13-150000.4.11.1
    * libtasn1-6-32bit-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-devel-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (x86_64)
    * libtasn1-6-32bit-4.13-150000.4.11.1
    * libtasn1-6-32bit-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-devel-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64)
    * libtasn1-6-32bit-4.13-150000.4.11.1
    * libtasn1-6-32bit-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-devel-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64)
    * libtasn1-6-32bit-4.13-150000.4.11.1
    * libtasn1-6-32bit-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-devel-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64)
    * libtasn1-6-32bit-4.13-150000.4.11.1
    * libtasn1-6-32bit-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-devel-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
    * libtasn1-6-32bit-4.13-150000.4.11.1
    * libtasn1-6-32bit-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-devel-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64)
    * libtasn1-6-32bit-4.13-150000.4.11.1
    * libtasn1-6-32bit-debuginfo-4.13-150000.4.11.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * libtasn1-6-32bit-4.13-150000.4.11.1
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-6-32bit-debuginfo-4.13-150000.4.11.1
    * libtasn1-devel-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * libtasn1-6-32bit-4.13-150000.4.11.1
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-6-32bit-debuginfo-4.13-150000.4.11.1
    * libtasn1-devel-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-devel-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * SUSE Manager Server 4.3 (x86_64)
    * libtasn1-6-32bit-4.13-150000.4.11.1
    * libtasn1-6-32bit-debuginfo-4.13-150000.4.11.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-devel-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * SUSE Enterprise Storage 7.1 (x86_64)
    * libtasn1-6-32bit-4.13-150000.4.11.1
    * libtasn1-6-32bit-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-devel-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * openSUSE Leap 15.6 (x86_64)
    * libtasn1-6-32bit-4.13-150000.4.11.1
    * libtasn1-devel-32bit-4.13-150000.4.11.1
    * libtasn1-6-32bit-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * libtasn1-debugsource-4.13-150000.4.11.1
    * libtasn1-4.13-150000.4.11.1
    * libtasn1-6-4.13-150000.4.11.1
    * libtasn1-6-debuginfo-4.13-150000.4.11.1
    * libtasn1-debuginfo-4.13-150000.4.11.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-12133.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236878

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250214/ab42fcbd/attachment.htm>

From null at suse.de  Fri Feb 14 16:33:22 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 14 Feb 2025 16:33:22 -0000
Subject: SUSE-SU-2025:0557-1: important: Security update for the Linux Kernel
Message-ID: <173955080221.19940.1857276453617739489@smelt2.prg2.suse.org>



# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2025:0557-1  
Release Date: 2025-02-14T15:26:54Z  
Rating: important  
References:

  * bsc#1012628
  * bsc#1194869
  * bsc#1215199
  * bsc#1216813
  * bsc#1218470
  * bsc#1220711
  * bsc#1222803
  * bsc#1224049
  * bsc#1225897
  * bsc#1226980
  * bsc#1228592
  * bsc#1229833
  * bsc#1231016
  * bsc#1231088
  * bsc#1232087
  * bsc#1232101
  * bsc#1232158
  * bsc#1232161
  * bsc#1232421
  * bsc#1232882
  * bsc#1233055
  * bsc#1233112
  * bsc#1233221
  * bsc#1233248
  * bsc#1233259
  * bsc#1233260
  * bsc#1233488
  * bsc#1233522
  * bsc#1233638
  * bsc#1233642
  * bsc#1233778
  * bsc#1234195
  * bsc#1234619
  * bsc#1234635
  * bsc#1234683
  * bsc#1234693
  * bsc#1234726
  * bsc#1234825
  * bsc#1234863
  * bsc#1234887
  * bsc#1234888
  * bsc#1234893
  * bsc#1234898
  * bsc#1234901
  * bsc#1234906
  * bsc#1234923
  * bsc#1234931
  * bsc#1234934
  * bsc#1234947
  * bsc#1234957
  * bsc#1235000
  * bsc#1235001
  * bsc#1235011
  * bsc#1235031
  * bsc#1235032
  * bsc#1235035
  * bsc#1235037
  * bsc#1235038
  * bsc#1235039
  * bsc#1235040
  * bsc#1235042
  * bsc#1235043
  * bsc#1235046
  * bsc#1235050
  * bsc#1235051
  * bsc#1235053
  * bsc#1235054
  * bsc#1235057
  * bsc#1235059
  * bsc#1235065
  * bsc#1235070
  * bsc#1235073
  * bsc#1235100
  * bsc#1235112
  * bsc#1235115
  * bsc#1235117
  * bsc#1235122
  * bsc#1235123
  * bsc#1235125
  * bsc#1235132
  * bsc#1235133
  * bsc#1235155
  * bsc#1235160
  * bsc#1235217
  * bsc#1235219
  * bsc#1235220
  * bsc#1235222
  * bsc#1235223
  * bsc#1235224
  * bsc#1235227
  * bsc#1235230
  * bsc#1235241
  * bsc#1235244
  * bsc#1235249
  * bsc#1235251
  * bsc#1235252
  * bsc#1235389
  * bsc#1235390
  * bsc#1235391
  * bsc#1235406
  * bsc#1235410
  * bsc#1235412
  * bsc#1235413
  * bsc#1235415
  * bsc#1235416
  * bsc#1235417
  * bsc#1235418
  * bsc#1235423
  * bsc#1235424
  * bsc#1235425
  * bsc#1235426
  * bsc#1235427
  * bsc#1235428
  * bsc#1235429
  * bsc#1235430
  * bsc#1235433
  * bsc#1235437
  * bsc#1235439
  * bsc#1235441
  * bsc#1235444
  * bsc#1235445
  * bsc#1235449
  * bsc#1235451
  * bsc#1235454
  * bsc#1235458
  * bsc#1235459
  * bsc#1235464
  * bsc#1235466
  * bsc#1235473
  * bsc#1235479
  * bsc#1235480
  * bsc#1235483
  * bsc#1235486
  * bsc#1235487
  * bsc#1235488
  * bsc#1235489
  * bsc#1235491
  * bsc#1235494
  * bsc#1235495
  * bsc#1235496
  * bsc#1235497
  * bsc#1235498
  * bsc#1235500
  * bsc#1235502
  * bsc#1235503
  * bsc#1235519
  * bsc#1235520
  * bsc#1235521
  * bsc#1235523
  * bsc#1235526
  * bsc#1235528
  * bsc#1235532
  * bsc#1235533
  * bsc#1235534
  * bsc#1235537
  * bsc#1235538
  * bsc#1235545
  * bsc#1235552
  * bsc#1235555
  * bsc#1235557
  * bsc#1235563
  * bsc#1235564
  * bsc#1235565
  * bsc#1235568
  * bsc#1235570
  * bsc#1235571
  * bsc#1235577
  * bsc#1235578
  * bsc#1235582
  * bsc#1235583
  * bsc#1235584
  * bsc#1235587
  * bsc#1235611
  * bsc#1235612
  * bsc#1235616
  * bsc#1235622
  * bsc#1235627
  * bsc#1235632
  * bsc#1235635
  * bsc#1235638
  * bsc#1235641
  * bsc#1235643
  * bsc#1235645
  * bsc#1235646
  * bsc#1235647
  * bsc#1235650
  * bsc#1235653
  * bsc#1235656
  * bsc#1235657
  * bsc#1235663
  * bsc#1235686
  * bsc#1235700
  * bsc#1235705
  * bsc#1235707
  * bsc#1235708
  * bsc#1235710
  * bsc#1235714
  * bsc#1235716
  * bsc#1235720
  * bsc#1235723
  * bsc#1235727
  * bsc#1235730
  * bsc#1235737
  * bsc#1235739
  * bsc#1235745
  * bsc#1235747
  * bsc#1235750
  * bsc#1235753
  * bsc#1235759
  * bsc#1235764
  * bsc#1235768
  * bsc#1235776
  * bsc#1235777
  * bsc#1235778
  * bsc#1235779
  * bsc#1235793
  * bsc#1235798
  * bsc#1235806
  * bsc#1235808
  * bsc#1235812
  * bsc#1235814
  * bsc#1235818
  * bsc#1235842
  * bsc#1235865
  * bsc#1235874
  * bsc#1235894
  * bsc#1235902
  * bsc#1235903
  * bsc#1235906
  * bsc#1235914
  * bsc#1235918
  * bsc#1235919
  * bsc#1235920
  * bsc#1235924
  * bsc#1235940
  * bsc#1235941
  * bsc#1235946
  * bsc#1235948
  * bsc#1235952
  * bsc#1235964
  * bsc#1235965
  * bsc#1235967
  * bsc#1235969
  * bsc#1235976
  * bsc#1235977
  * bsc#1236078
  * bsc#1236080
  * bsc#1236082
  * bsc#1236088
  * bsc#1236090
  * bsc#1236091
  * bsc#1236096
  * bsc#1236097
  * bsc#1236098
  * bsc#1236101
  * bsc#1236102
  * bsc#1236104
  * bsc#1236106
  * bsc#1236120
  * bsc#1236125
  * bsc#1236127
  * bsc#1236131
  * bsc#1236138
  * bsc#1236143
  * bsc#1236144
  * bsc#1236145
  * bsc#1236160
  * bsc#1236161
  * bsc#1236163
  * bsc#1236168
  * bsc#1236178
  * bsc#1236180
  * bsc#1236181
  * bsc#1236182
  * bsc#1236190
  * bsc#1236192
  * bsc#1236198
  * bsc#1236227
  * bsc#1236245
  * bsc#1236247
  * bsc#1236248
  * bsc#1236260
  * bsc#1236262
  * bsc#1236628
  * bsc#1236680
  * bsc#1236683
  * bsc#1236685
  * bsc#1236688
  * bsc#1236694
  * bsc#1236696
  * bsc#1236698
  * bsc#1236703
  * bsc#1236732
  * bsc#1236733
  * bsc#1236757
  * bsc#1236758
  * bsc#1236760
  * bsc#1236761
  * jsc#PED-7242

  
Cross-References:

  * CVE-2023-52923
  * CVE-2024-36476
  * CVE-2024-39282
  * CVE-2024-43913
  * CVE-2024-45828
  * CVE-2024-46858
  * CVE-2024-46896
  * CVE-2024-47141
  * CVE-2024-47143
  * CVE-2024-47809
  * CVE-2024-48873
  * CVE-2024-48881
  * CVE-2024-49569
  * CVE-2024-49948
  * CVE-2024-49951
  * CVE-2024-49978
  * CVE-2024-49998
  * CVE-2024-50051
  * CVE-2024-50106
  * CVE-2024-50151
  * CVE-2024-50199
  * CVE-2024-50251
  * CVE-2024-50258
  * CVE-2024-50299
  * CVE-2024-50304
  * CVE-2024-52332
  * CVE-2024-53091
  * CVE-2024-53095
  * CVE-2024-53164
  * CVE-2024-53168
  * CVE-2024-53170
  * CVE-2024-53172
  * CVE-2024-53175
  * CVE-2024-53185
  * CVE-2024-53187
  * CVE-2024-53194
  * CVE-2024-53195
  * CVE-2024-53196
  * CVE-2024-53197
  * CVE-2024-53198
  * CVE-2024-53203
  * CVE-2024-53227
  * CVE-2024-53230
  * CVE-2024-53231
  * CVE-2024-53232
  * CVE-2024-53233
  * CVE-2024-53236
  * CVE-2024-53239
  * CVE-2024-53685
  * CVE-2024-53690
  * CVE-2024-54680
  * CVE-2024-55639
  * CVE-2024-55881
  * CVE-2024-55916
  * CVE-2024-56369
  * CVE-2024-56372
  * CVE-2024-56531
  * CVE-2024-56532
  * CVE-2024-56533
  * CVE-2024-56538
  * CVE-2024-56543
  * CVE-2024-56546
  * CVE-2024-56548
  * CVE-2024-56557
  * CVE-2024-56558
  * CVE-2024-56568
  * CVE-2024-56569
  * CVE-2024-56570
  * CVE-2024-56571
  * CVE-2024-56572
  * CVE-2024-56573
  * CVE-2024-56574
  * CVE-2024-56575
  * CVE-2024-56577
  * CVE-2024-56578
  * CVE-2024-56584
  * CVE-2024-56587
  * CVE-2024-56588
  * CVE-2024-56589
  * CVE-2024-56590
  * CVE-2024-56592
  * CVE-2024-56593
  * CVE-2024-56594
  * CVE-2024-56595
  * CVE-2024-56596
  * CVE-2024-56597
  * CVE-2024-56598
  * CVE-2024-5660
  * CVE-2024-56600
  * CVE-2024-56601
  * CVE-2024-56602
  * CVE-2024-56603
  * CVE-2024-56606
  * CVE-2024-56607
  * CVE-2024-56608
  * CVE-2024-56609
  * CVE-2024-56610
  * CVE-2024-56611
  * CVE-2024-56614
  * CVE-2024-56615
  * CVE-2024-56616
  * CVE-2024-56617
  * CVE-2024-56619
  * CVE-2024-56620
  * CVE-2024-56622
  * CVE-2024-56623
  * CVE-2024-56625
  * CVE-2024-56629
  * CVE-2024-56630
  * CVE-2024-56631
  * CVE-2024-56632
  * CVE-2024-56634
  * CVE-2024-56635
  * CVE-2024-56636
  * CVE-2024-56637
  * CVE-2024-56641
  * CVE-2024-56642
  * CVE-2024-56643
  * CVE-2024-56644
  * CVE-2024-56648
  * CVE-2024-56649
  * CVE-2024-56650
  * CVE-2024-56651
  * CVE-2024-56654
  * CVE-2024-56656
  * CVE-2024-56658
  * CVE-2024-56659
  * CVE-2024-56660
  * CVE-2024-56661
  * CVE-2024-56662
  * CVE-2024-56663
  * CVE-2024-56664
  * CVE-2024-56665
  * CVE-2024-56670
  * CVE-2024-56672
  * CVE-2024-56675
  * CVE-2024-56677
  * CVE-2024-56678
  * CVE-2024-56679
  * CVE-2024-56681
  * CVE-2024-56683
  * CVE-2024-56687
  * CVE-2024-56688
  * CVE-2024-56690
  * CVE-2024-56691
  * CVE-2024-56693
  * CVE-2024-56694
  * CVE-2024-56698
  * CVE-2024-56700
  * CVE-2024-56701
  * CVE-2024-56704
  * CVE-2024-56705
  * CVE-2024-56707
  * CVE-2024-56708
  * CVE-2024-56709
  * CVE-2024-56712
  * CVE-2024-56715
  * CVE-2024-56716
  * CVE-2024-56722
  * CVE-2024-56723
  * CVE-2024-56724
  * CVE-2024-56725
  * CVE-2024-56726
  * CVE-2024-56727
  * CVE-2024-56728
  * CVE-2024-56729
  * CVE-2024-56739
  * CVE-2024-56741
  * CVE-2024-56745
  * CVE-2024-56746
  * CVE-2024-56747
  * CVE-2024-56748
  * CVE-2024-56759
  * CVE-2024-56760
  * CVE-2024-56763
  * CVE-2024-56765
  * CVE-2024-56766
  * CVE-2024-56767
  * CVE-2024-56769
  * CVE-2024-56774
  * CVE-2024-56775
  * CVE-2024-56776
  * CVE-2024-56777
  * CVE-2024-56778
  * CVE-2024-56779
  * CVE-2024-56780
  * CVE-2024-56787
  * CVE-2024-57791
  * CVE-2024-57792
  * CVE-2024-57793
  * CVE-2024-57795
  * CVE-2024-57798
  * CVE-2024-57801
  * CVE-2024-57802
  * CVE-2024-57804
  * CVE-2024-57809
  * CVE-2024-57838
  * CVE-2024-57849
  * CVE-2024-57850
  * CVE-2024-57857
  * CVE-2024-57874
  * CVE-2024-57876
  * CVE-2024-57882
  * CVE-2024-57884
  * CVE-2024-57887
  * CVE-2024-57888
  * CVE-2024-57890
  * CVE-2024-57892
  * CVE-2024-57893
  * CVE-2024-57896
  * CVE-2024-57897
  * CVE-2024-57899
  * CVE-2024-57903
  * CVE-2024-57904
  * CVE-2024-57906
  * CVE-2024-57907
  * CVE-2024-57908
  * CVE-2024-57910
  * CVE-2024-57911
  * CVE-2024-57912
  * CVE-2024-57913
  * CVE-2024-57915
  * CVE-2024-57916
  * CVE-2024-57917
  * CVE-2024-57922
  * CVE-2024-57926
  * CVE-2024-57929
  * CVE-2024-57931
  * CVE-2024-57932
  * CVE-2024-57933
  * CVE-2024-57935
  * CVE-2024-57936
  * CVE-2024-57938
  * CVE-2024-57940
  * CVE-2024-57946
  * CVE-2025-21632
  * CVE-2025-21645
  * CVE-2025-21646
  * CVE-2025-21649
  * CVE-2025-21650
  * CVE-2025-21651
  * CVE-2025-21652
  * CVE-2025-21653
  * CVE-2025-21655
  * CVE-2025-21656
  * CVE-2025-21662
  * CVE-2025-21663
  * CVE-2025-21664
  * CVE-2025-21666
  * CVE-2025-21669
  * CVE-2025-21670
  * CVE-2025-21674
  * CVE-2025-21675
  * CVE-2025-21676
  * CVE-2025-21678
  * CVE-2025-21682

  
CVSS scores:

  * CVE-2023-52923 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2023-52923 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-36476 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-36476 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-36476 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-39282 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-39282 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-43913 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-43913 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
  * CVE-2024-43913 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-45828 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-45828 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-45828 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-46858 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-46858 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-46896 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-46896 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47141 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47141 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47141 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47143 ( SUSE ):  5.6
    CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47143 ( SUSE ):  4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47143 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47809 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47809 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47809 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-48873 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-48873 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-48873 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-48881 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-48881 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-48881 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49569 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-49569 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49948 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49948 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49951 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49951 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49978 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49978 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49998 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49998 ( NVD ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50051 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-50051 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50051 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50051 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50106 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50106 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50106 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50151 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-50151 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2024-50151 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50199 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50251 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-50251 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50251 ( NVD ):  6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50258 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-50258 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50258 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50299 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50299 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50304 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50304 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-52332 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-52332 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53091 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53091 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53095 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53095 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53164 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53164 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53168 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53168 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53168 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53168 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53170 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53170 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53170 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53170 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53172 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53172 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53175 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-53175 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-53175 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53185 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53185 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53185 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53185 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53187 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-53187 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
  * CVE-2024-53187 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53194 ( SUSE ):  5.4
    CVSS:4.0/AV:P/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53194 ( SUSE ):  6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53194 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53195 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-53195 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-53196 ( SUSE ):  0.0
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-53196 ( SUSE ):  0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N
  * CVE-2024-53197 ( SUSE ):  5.6
    CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-53197 ( SUSE ):  4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-53198 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-53198 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-53203 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53203 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
  * CVE-2024-53203 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53227 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53227 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53227 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53227 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53230 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53230 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53230 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53231 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53231 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53231 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53232 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53232 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53232 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53232 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53233 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53233 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53236 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53236 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53239 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53239 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53239 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53239 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53685 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53685 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53690 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53690 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54680 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-54680 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54680 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54680 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-55639 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-55639 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-55881 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-55881 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-55916 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-55916 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-55916 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56369 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56369 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56369 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56372 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56372 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56531 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56531 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56532 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56532 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56533 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56533 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56538 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56538 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56538 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56538 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56543 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56543 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56546 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56546 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56548 ( SUSE ):  8.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56548 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56557 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56557 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56558 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56558 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56558 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56568 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56568 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56568 ( NVD ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56569 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56569 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56569 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56570 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56570 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56571 ( SUSE ):  0.0
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-56571 ( SUSE ):  0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N
  * CVE-2024-56572 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56572 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56572 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56573 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56573 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56574 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56574 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56574 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56575 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56575 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56575 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56577 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56577 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56577 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56578 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56578 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56578 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56584 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56584 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56587 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56587 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56587 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56588 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56588 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56588 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56589 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56589 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56590 ( SUSE ):  6.9
    CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56590 ( SUSE ):  5.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56592 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56592 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56593 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56593 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56593 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56594 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56594 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56595 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56595 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56595 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56596 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56596 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56596 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56597 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56597 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-56598 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56598 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56598 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-5660 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56600 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56601 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56602 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56602 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56602 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56602 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56603 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56603 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56603 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56603 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56606 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56606 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56606 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56606 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56607 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56607 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56608 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56608 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56608 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56609 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56609 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56610 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56610 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56611 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56611 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56611 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56614 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56614 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56614 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56615 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56615 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56615 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56616 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56616 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56617 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56617 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56617 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56619 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56619 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56619 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56620 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56620 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56620 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56622 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56622 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56622 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56623 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56623 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56623 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56625 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56625 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56629 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56629 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56629 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56630 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56630 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56631 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56631 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56631 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56631 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56632 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56632 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56632 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56634 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56634 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56634 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56635 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56635 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56635 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56635 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56636 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56636 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  * CVE-2024-56637 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56637 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56641 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56641 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56642 ( SUSE ):  7.5
    CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56642 ( SUSE ):  7.1 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56642 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56642 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56643 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56643 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56643 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56644 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56644 ( SUSE ):  2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56648 ( SUSE ):  8.6
    CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56648 ( SUSE ):  8.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56648 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56649 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56649 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56649 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56650 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56650 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56650 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-56651 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56651 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56651 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56651 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56654 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56654 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56654 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56656 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56656 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56656 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56658 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56658 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56658 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56659 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56659 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56659 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56660 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56660 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56660 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56661 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56661 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56661 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56662 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56662 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
  * CVE-2024-56662 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-56663 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56663 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
  * CVE-2024-56663 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-56664 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56664 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56664 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56665 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56665 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56665 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56670 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56670 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56670 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56672 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56672 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56672 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56672 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56675 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56675 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56675 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56675 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56677 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56677 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56678 ( SUSE ):  8.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56678 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56678 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56679 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56679 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56681 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56681 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  * CVE-2024-56683 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56683 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56687 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56687 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56687 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56688 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56688 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56688 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56690 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56690 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56691 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56691 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56693 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56693 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56693 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56694 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56694 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56694 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56698 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56698 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56698 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56700 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56700 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56701 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56701 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56704 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56704 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56704 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56705 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56705 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56707 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56707 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56708 ( SUSE ):  8.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56708 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56708 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56709 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56709 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56712 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56712 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56712 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56715 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56715 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56715 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56716 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56716 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56716 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56722 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56722 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56722 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56723 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56723 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56723 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56724 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56724 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56724 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56725 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56725 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56725 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56726 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56726 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56726 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56727 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56727 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56727 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56728 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56728 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56728 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56729 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56729 ( SUSE ):  2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56729 ( NVD ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56739 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56739 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56739 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56741 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56741 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56741 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56745 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56745 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56745 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56746 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56746 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56746 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56747 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56747 ( SUSE ):  2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56747 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56748 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56748 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56748 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56759 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56759 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56760 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56760 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56760 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56763 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56763 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56763 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56765 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56765 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56765 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56765 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56766 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56766 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56766 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56767 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56767 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56767 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56769 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56769 ( SUSE ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-56769 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56774 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56774 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56774 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56775 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56775 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56775 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56776 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56776 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56776 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56777 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56777 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56777 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56778 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56778 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56778 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56779 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56779 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56779 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56780 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56780 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56780 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56787 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56787 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56787 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57791 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57791 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57792 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57792 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57793 ( SUSE ):  6.2
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H
  * CVE-2024-57793 ( SUSE ):  8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:H
  * CVE-2024-57795 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57795 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57795 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57798 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57798 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57798 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57801 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57801 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57801 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57801 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57802 ( SUSE ):  2.1
    CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-57802 ( SUSE ):  4.6 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
  * CVE-2024-57802 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57804 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57804 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2024-57809 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57809 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57838 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57838 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57849 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57849 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57850 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57850 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57857 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57857 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57857 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57874 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57874 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57874 ( NVD ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
  * CVE-2024-57876 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57876 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57882 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57882 ( SUSE ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
  * CVE-2024-57882 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57884 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57884 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57887 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57887 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57887 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57887 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57888 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57888 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57890 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57890 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
  * CVE-2024-57890 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57892 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57892 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57892 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57892 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57893 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57893 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57896 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57896 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57896 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57896 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57897 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57897 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57899 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57899 ( SUSE ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-57903 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57903 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57904 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57904 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57906 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57906 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57907 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57907 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57908 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57908 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57908 ( SUSE ):  3.3 AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57910 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57910 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57910 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-57911 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57911 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-57912 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57912 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-57913 ( SUSE ):  0.0
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57913 ( SUSE ):  0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N
  * CVE-2024-57915 ( SUSE ):  0.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57915 ( SUSE ):  0.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:N
  * CVE-2024-57915 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57916 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57916 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57917 ( SUSE ):  5.6
    CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57917 ( SUSE ):  4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57922 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57922 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57926 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57926 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57926 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57926 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57929 ( SUSE ):  8.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57929 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57931 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57931 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57932 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57932 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57933 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57933 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57933 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57935 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57935 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57936 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57936 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57938 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57938 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57938 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57940 ( SUSE ):  5.6
    CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57940 ( SUSE ):  4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57940 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57946 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57946 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21632 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21632 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21645 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21645 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21646 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21646 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21649 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21649 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21649 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21650 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21650 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21651 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21651 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21652 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21652 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-21652 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-21652 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-21653 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-21653 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  * CVE-2025-21655 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21655 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21656 ( SUSE ):  1.0
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-21656 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:L
  * CVE-2025-21662 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21662 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21663 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21663 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21664 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21664 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21666 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21666 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21666 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21669 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21669 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21669 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21670 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21670 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21670 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21674 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21674 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21674 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21675 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21675 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21675 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21676 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21676 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21676 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21678 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21678 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21682 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21682 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21682 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Live Patching 15-SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Real Time Module 15-SP6

  
  
An update that solves 256 vulnerabilities, contains one feature and has 42
security fixes can now be installed.

## Description:

The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various
security bugfixes.

The following security bugs were fixed:

  * CVE-2024-45828: i3c: mipi-i3c-hci: Mask ring interrupts before ring stop
    request (bsc#1235705).
  * CVE-2024-46858: mptcp: pm: Fix uaf in __timer_delete_sync (bsc#1231088).
  * CVE-2024-48881: bcache: revert replacing IS_ERR_OR_NULL with IS_ERR again
    (bsc#1235727).
  * CVE-2024-49948: net: add more sanity checks to qdisc_pkt_len_init()
    (bsc#1232161).
  * CVE-2024-49951: Bluetooth: MGMT: Fix possible crash on mgmt_index_removed
    (bsc#1232158).
  * CVE-2024-49978: gso: fix udp gso fraglist segmentation after pull from
    frag_list (bsc#1232101).
  * CVE-2024-49998: net: dsa: improve shutdown sequence (bsc#1232087).
  * CVE-2024-50151: smb: client: fix OOBs when building SMB2_IOCTL request
    (bsc#1233055).
  * CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unuse_vma (bsc#1233112).
  * CVE-2024-50251: netfilter: nft_payload: sanitize offset and length before
    calling skb_checksum() (bsc#1233248).
  * CVE-2024-50258: net: fix crash when config small
    gso_max_size/gso_ipv4_max_size (bsc#1233221).
  * CVE-2024-50299: sctp: properly validate chunk size in sctp_sf_ootb()
    (bsc#1233488).
  * CVE-2024-50304: ipv4: ip_tunnel: Fix suspicious RCU usage warning in
    ip_tunnel_find() (bsc#1233522).
  * CVE-2024-53091: bpf: Add sk_is_inet and IS_ICSK check in
    tls_sw_has_ctx_tx/rx (bsc#1233638).
  * CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1234863).
  * CVE-2024-53170: block: fix uaf for flush rq while iterating tags
    (bsc#1234888).
  * CVE-2024-53172: ubi: fastmap: Fix duplicate slab cache names while attaching
    (bsc#1234898).
  * CVE-2024-53175: ipc: fix memleak if msg_init_ns failed in create_ipc_ns
    (bsc#1234893).
  * CVE-2024-53185: smb: client: fix NULL ptr deref in crypto_aead_setkey()
    (bsc#1234901).
  * CVE-2024-53187: io_uring: check for overflows in io_pin_pages (bsc#1234947).
  * CVE-2024-53195: KVM: arm64: Get rid of userspace_irqchip_in_use
    (bsc#1234957).
  * CVE-2024-53196: KVM: arm64: Do not retire aborted MMIO instruction
    (bsc#1234906).
  * CVE-2024-53198: xen: Fix the issue of resource not being properly released
    in xenbus_dev_probe() (bsc#1234923).
  * CVE-2024-53203: usb: typec: fix potential array underflow in
    ucsi_ccg_sync_control() (bsc#1235001).
  * CVE-2024-53227: scsi: bfa: Fix use-after-free in bfad_im_module_exit()
    (bsc#1235011).
  * CVE-2024-53232: iommu/s390: Implement blocking domain (bsc#1235050).
  * CVE-2024-53236: xsk: Free skb when TX metadata options are invalid
    (bsc#1235000).
  * CVE-2024-53685: ceph: give up on paths longer than PATH_MAX (bsc#1235720).
  * CVE-2024-55639: net: renesas: rswitch: avoid use-after-put for a device tree
    node (bsc#1235737).
  * CVE-2024-55881: KVM: x86: Play nice with protected guests in
    complete_hypercall_exit() (bsc#1235745).
  * CVE-2024-56372: net: tun: fix tun_napi_alloc_frags() (bsc#1235753).
  * CVE-2024-56568: iommu/arm-smmu: Defer probe of clients after smmu device
    bound (bsc#1235032).
  * CVE-2024-56569: ftrace: Fix regression with module command in
    stack_trace_filter (bsc#1235031).
  * CVE-2024-56570: ovl: Filter invalid inodes with missing lookup function
    (bsc#1235035).
  * CVE-2024-56588: scsi: hisi_sas: Create all dump files during debugfs
    initialization (bsc#1235123).
  * CVE-2024-56589: scsi: hisi_sas: Add cond_resched() for no forced preemption
    model (bsc#1235241).
  * CVE-2024-56592: bpf: Call free_htab_elem() after htab_unlock_bucket()
    (bsc#1235244).
  * CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in
    inet6_create() (bsc#1235217).
  * CVE-2024-56601: net: inet: do not leave a dangling sk pointer in
    inet_create() (bsc#1235230).
  * CVE-2024-56602: net: ieee802154: do not leave a dangling sk pointer in
    ieee802154_create() (bsc#1235521).
  * CVE-2024-56603: net: af_can: do not leave a dangling sk pointer in
    can_create() (bsc#1235415).
  * CVE-2024-56608: drm/amd/display: Fix out-of-bounds access in
    'dcn21_link_encoder_create' (bsc#1235487).
  * CVE-2024-56610: kcsan: Turn report_filterlist_lock into a raw_spinlock
    (bsc#1235390).
  * CVE-2024-56611: mm/mempolicy: fix migrate_to_node() assuming there is at
    least one VMA in a MM (bsc#1235391).
  * CVE-2024-56614: xsk: fix OOB map writes when deleting elements
    (bsc#1235424).
  * CVE-2024-56615: bpf: fix OOB devmap writes when deleting elements
    (bsc#1235426).
  * CVE-2024-56617: cacheinfo: Allocate memory during CPU hotplug if not done
    from the primary CPU (bsc#1235429).
  * CVE-2024-56620: scsi: ufs: qcom: Only free platform MSIs when ESI is enabled
    (bsc#1235227).
  * CVE-2024-56622: scsi: ufs: core: sysfs: Prevent div by zero (bsc#1235251).
  * CVE-2024-56631: scsi: sg: Fix slab-use-after-free read in sg_release()
    (bsc#1235480).
  * CVE-2024-56635: net: avoid potential UAF in default_operstate()
    (bsc#1235519).
  * CVE-2024-56636: geneve: do not assume mac header is set in geneve_xmit_skb()
    (bsc#1235520).
  * CVE-2024-56637: netfilter: ipset: Hold module reference while requesting a
    module (bsc#1235523).
  * CVE-2024-56641: net/smc: initialize close_work early to avoid warning
    (bsc#1235526).
  * CVE-2024-56643: dccp: Fix memory leak in dccp_feat_change_recv
    (bsc#1235132).
  * CVE-2024-56648: net: hsr: avoid potential out-of-bound access in
    fill_frame_info() (bsc#1235451).
  * CVE-2024-56649: net: enetc: Do not configure preemptible TCs if SIs do not
    support (bsc#1235449).
  * CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check()
    (bsc#1235430).
  * CVE-2024-56656: bnxt_en: Fix aggregation ID mask to prevent oops on 5760X
    chips (bsc#1235444).
  * CVE-2024-56658: net: defer final 'struct net' free in netns dismantle
    (bsc#1235441).
  * CVE-2024-56659: net: lapb: increase LAPB_HEADER_LEN (bsc#1235439).
  * CVE-2024-56660: net/mlx5: DR, prevent potential error pointer dereference
    (bsc#1235437).
  * CVE-2024-56664: bpf, sockmap: Fix race between element replace and close()
    (bsc#1235249).
  * CVE-2024-56665: bpf,perf: Fix invalid prog_array access in
    perf_event_detach_bpf_prog (bsc#1235489).
  * CVE-2024-56675: bpf: Fix UAF via mismatching bpf_prog/attachment RCU flavors
    (bsc#1235555).
  * CVE-2024-56679: octeontx2-pf: handle otx2_mbox_get_rsp errors in
    otx2_common.c (bsc#1235498).
  * CVE-2024-56693: brd: defer automatic disk creation until module
    initialization succeeds (bsc#1235418).
  * CVE-2024-56694: bpf: fix recursive lock when verdict program return SK_PASS
    (bsc#1235412).
  * CVE-2024-56704: 9p/xen: fix release of IRQ (bsc#1235584).
  * CVE-2024-56707: octeontx2-pf: handle otx2_mbox_get_rsp errors in
    otx2_dmac_flt.c (bsc#1235545).
  * CVE-2024-56708: EDAC/igen6: Avoid segmentation fault on module unload
    (bsc#1235564).
  * CVE-2024-56712: udmabuf: fix memory leak on last export_udmabuf() error path
    (bsc#1235565).
  * CVE-2024-56715: ionic: Fix netdev notifier unregister on failure
    (bsc#1235612).
  * CVE-2024-56716: netdevsim: prevent bad user input in
    nsim_dev_health_break_write() (bsc#1235587).
  * CVE-2024-56725: octeontx2-pf: handle otx2_mbox_get_rsp errors in
    otx2_dcbnl.c (bsc#1235578).
  * CVE-2024-56726: octeontx2-pf: handle otx2_mbox_get_rsp errors in cn10k.c
    (bsc#1235582).
  * CVE-2024-56727: octeontx2-pf: handle otx2_mbox_get_rsp errors in
    otx2_flows.c (bsc#1235583).
  * CVE-2024-56728: octeontx2-pf: handle otx2_mbox_get_rsp errors in
    otx2_ethtool.c (bsc#1235656).
  * CVE-2024-56729: smb: Initialize cfid->tcon before performing network ops
    (bsc#1235503).
  * CVE-2024-56747: scsi: qedi: Fix a possible memory leak in
    qedi_alloc_and_init_sb() (bsc#1234934).
  * CVE-2024-56748: scsi: qedf: Fix a possible memory leak in
    qedf_alloc_and_init_sb() (bsc#1235627).
  * CVE-2024-56759: btrfs: fix use-after-free when COWing tree bock and tracing
    is enabled (bsc#1235645).
  * CVE-2024-56763: tracing: Prevent bad count for tracing_cpumask_write
    (bsc#1235638).
  * CVE-2024-56774: btrfs: add a sanity check for btrfs root in
    btrfs_search_slot() (bsc#1235653).
  * CVE-2024-56775: drm/amd/display: Fix handling of plane refcount
    (bsc#1235657).
  * CVE-2024-57791: net/smc: check return value of sock_recvmsg when draining
    clc data (bsc#1235759).
  * CVE-2024-57793: virt: tdx-guest: Just leak decrypted memory on unrecoverable
    errors (bsc#1235768).
  * CVE-2024-57795: RDMA/rxe: Remove the direct link to net_device
    (bsc#1235906).
  * CVE-2024-57801: net/mlx5e: Skip restore TC rules for vport rep without
    loaded flag (bsc#1235940).
  * CVE-2024-57802: netrom: check buffer length before accessing it
    (bsc#1235941).
  * CVE-2024-57804: scsi: mpi3mr: Fix corrupt config pages PHY state is switched
    in sysfs (bsc#1235779).
  * CVE-2024-57809: PCI: imx6: Fix suspend/resume support on i.MX6QDL
    (bsc#1235793).
  * CVE-2024-57838: s390/entry: Mark IRQ entries to fix stack depot warnings
    (bsc#1235798).
  * CVE-2024-57857: RDMA/siw: Remove direct link to net_device (bsc#1235946).
  * CVE-2024-57882: mptcp: fix TCP options overflow. (bsc#1235914).
  * CVE-2024-57884: mm: vmscan: account for free pages to prevent infinite Loop
    in throttle_direct_reclaim() (bsc#1235948).
  * CVE-2024-57892: ocfs2: fix slab-use-after-free due to dangling pointer
    dqi_priv (bsc#1235964).
  * CVE-2024-57896: btrfs: flush delalloc workers queue before stopping cleaner
    kthread during unmount (bsc#1235965).
  * CVE-2024-57903: net: restrict SO_REUSEPORT to inet sockets (bsc#1235967).
  * CVE-2024-57917: topology: Keep the cpumask unchanged when printing cpumap
    (bsc#1236127).
  * CVE-2024-57929: dm array: fix releasing a faulty array block twice in
    dm_array_cursor_end (bsc#1236096).
  * CVE-2024-57931: selinux: ignore unknown extended permissions (bsc#1236192).
  * CVE-2024-57932: gve: guard XDP xmit NDO on existence of xdp queues
    (bsc#1236190).
  * CVE-2024-57933: gve: guard XSK operations on the existence of queues
    (bsc#1236178).
  * CVE-2024-57938: net/sctp: Prevent autoclose integer overflow in
    sctp_association_init() (bsc#1236182).
  * CVE-2024-57946: virtio-blk: do not keep queue frozen during system suspend
    (bsc#1236247).
  * CVE-2025-21632: x86/fpu: Ensure shadow stack is active before "getting"
    registers (bsc#1236106).
  * CVE-2025-21649: net: hns3: fix kernel crash when 1588 is sent on HIP08
    devices (bsc#1236143).
  * CVE-2025-21650: net: hns3: fixed hclge_fetch_pf_reg accesses bar space out
    of bounds issue (bsc#1236144).
  * CVE-2025-21651: net: hns3: do not auto enable misc vector (bsc#1236145).
  * CVE-2025-21652: ipvlan: Fix use-after-free in ipvlan_get_iflink()
    (bsc#1236160).
  * CVE-2025-21653: net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute
    (bsc#1236161).
  * CVE-2025-21655: io_uring/eventfd: ensure io_eventfd_signal() defers another
    RCU period (bsc#1236163).
  * CVE-2025-21662: net/mlx5: Fix variable not being completed when function
    returns (bsc#1236198).
  * CVE-2025-21663: net: stmmac: dwmac-tegra: Read iommu stream id from device
    tree (bsc#1236260).
  * CVE-2025-21664: dm thin: make get_first_thin use rcu-safe list first
    function (bsc#1236262).
  * CVE-2025-21666: vsock: prevent null-ptr-deref in vsock_*[has_data|has_space]
    (bsc#1236680).
  * CVE-2025-21669: vsock/virtio: discard packets if the transport changes
    (bsc#1236683).
  * CVE-2025-21670: vsock/bpf: return early if transport is not assigned
    (bsc#1236685).
  * CVE-2025-21674: net/mlx5e: Fix inversion dependency warning while enabling
    IPsec tunnel (bsc#1236688).
  * CVE-2025-21675: net/mlx5: Clear port select structure when fail to create
    (bsc#1236694).
  * CVE-2025-21676: net: fec: handle page_pool_dev_alloc_pages error
    (bsc#1236696).
  * CVE-2025-21678: gtp: Destroy device along with udp socket's netns dismantle
    (bsc#1236698).
  * CVE-2025-21682: eth: bnxt: always recalculate features after XDP clearing,
    fix null-deref (bsc#1236703).

The following non-security bugs were fixed:

  * ACPI/IORT: Add PMCG platform information for HiSilicon HIP09A (stable-
    fixes).
  * ACPI/IORT: Add PMCG platform information for HiSilicon HIP10/11 (stable-
    fixes).
  * ACPI: PCC: Add PCC shared memory region command and status bitfields
    (stable-fixes).
  * ACPI: fan: cleanup resources in the error path of .probe() (git-fixes).
  * ACPI: resource: Add Asus Vivobook X1504VAP to irq1_level_low_skip_override[]
    (stable-fixes).
  * ACPI: resource: Add TongFang GM5HG0A to irq1_edge_low_force_override[]
    (stable-fixes).
  * ACPI: resource: acpi_dev_irq_override(): Check DMI match last (stable-
    fixes).
  * ALSA: hda/realtek - Add support for ASUS Zen AIO 27 Z272SD_A272SD audio
    (stable-fixes).
  * ALSA: hda/realtek - Fixed headphone distorted sound on Acer Aspire A115-31
    laptop (git-fixes).
  * ALSA: hda/realtek: Add new alc2xx-fixup-headset-mic model (stable-fixes).
  * ALSA: hda/realtek: Add support for Ayaneo System using CS35L41 HDA (stable-
    fixes).
  * ALSA: hda/realtek: Add support for Galaxy Book2 Pro (NP950XEE) (stable-
    fixes).
  * ALSA: hda/realtek: Enable Mute LED on HP Laptop 14s-fq1xxx (stable-fixes).
  * ALSA: hda/realtek: Enable headset mic on Positivo C6400 (stable-fixes).
  * ALSA: hda/realtek: Workaround for resume on Dell Venue 11 Pro 7130
    (bsc#1235686).
  * ALSA: hda: Fix headset detection failure due to unstable sort (git-fixes).
  * ALSA: ump: Use guard() for locking (stable-fixes).
  * ALSA: usb-audio: Add delay quirk for USB Audio Device (stable-fixes).
  * ALSA: usb-audio: Add delay quirk for iBasso DC07 Pro (stable-fixes).
  * ASoC: Intel: avs: Fix theoretical infinite loop (git-fixes).
  * ASoC: acp: Support microphone from Lenovo Go S (stable-fixes).
  * ASoC: mediatek: disable buffer pre-allocation (stable-fixes).
  * ASoC: rockchip: i2s_tdm: Re-add the set_sysclk callback (git-fixes).
  * ASoC: rt722: add delay time to wait for the calibration procedure (stable-
    fixes).
  * ASoC: samsung: Add missing depends on I2C (git-fixes).
  * ASoC: samsung: Add missing selects for MFD_WM8994 (stable-fixes).
  * ASoC: sun4i-spdif: Add clock multiplier settings (git-fixes).
  * ASoC: wm8994: Add depends on MFD core (stable-fixes).
  * Align git commit ID abbreviation guidelines and checks (git-fixes).
  * Bluetooth: Add support ITTIM PE50-M75C (stable-fixes).
  * Bluetooth: L2CAP: accept zero as a special value for MTU auto-selection
    (git-fixes).
  * Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc (git-fixes).
  * Bluetooth: MGMT: Fix Add Device to responding before completing (git-fixes).
  * Bluetooth: btnxpuart: Fix driver sending truncated data (git-fixes).
  * Bluetooth: btnxpuart: Fix glitches seen in dual A2DP streaming (git-fixes).
  * Bluetooth: btusb: Add USB HW IDs for MT7921/MT7922/MT7925 (stable-fixes).
  * Bluetooth: btusb: Add new VID/PID 0489/e111 for MT7925 (stable-fixes).
  * Bluetooth: btusb: Add new VID/PID 13d3/3602 for MT7925 (stable-fixes).
  * Bluetooth: btusb: add callback function in btusb suspend/resume (stable-
    fixes).
  * Bluetooth: btusb: mediatek: add callback function in btusb_disconnect
    (stable-fixes).
  * Bluetooth: hci_sync: Fix not setting Random Address when required (git-
    fixes).
  * uvcvideo: drop fix due to regression (bsc#1235894)
  * EDAC/{i10nm,skx,skx_common}: Support UV systems (bsc#1234693).
  * HID: core: Fix assumption that Resolution Multipliers must be in Logical
    Collections (git-fixes).
  * HID: fix generic desktop D-Pad controls (git-fixes).
  * HID: hid-sensor-hub: do not use stale platform-data on remove (git-fixes).
  * HID: hid-thrustmaster: Fix warning in thrustmaster_probe by adding endpoint
    check (git-fixes).
  * HID: multitouch: fix support for Goodix PID 0x01e9 (git-fixes).
  * Input: atkbd - map F23 key to support default copilot shortcut (stable-
    fixes).
  * Input: bbnsm_pwrkey - add remove hook (git-fixes).
  * Input: bbnsm_pwrkey - fix missed key press after suspend (git-fixes).
  * Input: davinci-keyscan - remove leftover header (git-fixes).
  * Input: xpad - add QH Electronics VID/PID (stable-fixes).
  * Input: xpad - add support for Nacon Evol-X Xbox One Controller (stable-
    fixes).
  * Input: xpad - add support for Nacon Pro Compact (stable-fixes).
  * Input: xpad - add support for wooting two he (arm) (stable-fixes).
  * Input: xpad - add unofficial Xbox 360 wireless receiver clone (stable-
    fixes).
  * Input: xpad - improve name of 8BitDo controller 2dc8:3106 (stable-fixes).
  * KVM: SVM: Allow guest writes to set MSR_AMD64_DE_CFG bits (bsc#1234635).
  * KVM: s390: Reject KVM_SET_GSI_ROUTING on ucontrol VMs (git-fixes
    bsc#1235776).
  * KVM: s390: Reject setting flic pfault attributes on ucontrol VMs (git-fixes
    bsc#1235777).
  * KVM: s390: vsie: fix virtual/physical address in unpin_scb() (git-fixes
    bsc#1235778).
  * Move upstreamed DRM patch into sorted section
  * Move upstreamed NFS patch into sorted section
  * Move upstreamed TPM patch into sorted section
  * Move upstreamed lpfc patches into sorted section
  * Move upstreamed ppc patch into sorted section
  * Move upstreamed sound patch into sorted section
  * NFC: nci: Add bounds checking in nci_hci_create_pipe() (git-fixes).
  * NFSv4.2: fix COPY_NOTIFY xdr buf size calculation (git-fixes).
  * NFSv4.2: mark OFFLOAD_CANCEL MOVEABLE (git-fixes).
  * PCI: Avoid putting some root ports into D3 on TUXEDO Sirius Gen1 (git-
    fixes).
  * PCI: dwc: Always stop link in the dw_pcie_suspend_noirq (git-fixes).
  * PCI: dwc: ep: Prevent changing BAR size/flags in pci_epc_set_bar() (git-
    fixes).
  * PCI: dwc: ep: Write BAR_MASK before iATU registers in pci_epc_set_bar()
    (git-fixes).
  * PCI: endpoint: Destroy the EPC device in devm_pci_epc_destroy() (git-fixes).
  * PCI: endpoint: Finish virtual EP removal in pci_epf_remove_vepf() (git-
    fixes).
  * PCI: endpoint: pci-epf-test: Fix check for DMA MEMCPY test (git-fixes).
  * PCI: endpoint: pci-epf-test: Set dma_chan_rx pointer to NULL on error (git-
    fixes).
  * PCI: imx6: Deassert apps_reset in imx_pcie_deassert_core_reset() (git-
    fixes).
  * PCI: imx6: Skip controller_id generation logic for i.MX7D (git-fixes).
  * PCI: microchip: Set inbound address translation for coherent or non-coherent
    mode (git-fixes).
  * PCI: rcar-ep: Fix incorrect variable used when calling
    devm_request_mem_region() (git-fixes).
  * PM: hibernate: Add error handling for syscore_suspend() (git-fixes).
  * RDMA/bnxt_re: Add send queue size check for variable wqe (git-fixes)
  * RDMA/bnxt_re: Fix MSN table size for variable wqe mode (git-fixes)
  * RDMA/bnxt_re: Fix max SGEs for the Work Request (git-fixes)
  * RDMA/bnxt_re: Fix the max WQE size for static WQE support (git-fixes)
  * RDMA/bnxt_re: Fix the max WQEs used in Static WQE mode (git-fixes)
  * RDMA/bnxt_re: Fix to drop reference to the mmap entry in case of error (git-
    fixes)
  * RDMA/bnxt_re: Fix to export port num to ib_query_qp (git-fixes)
  * RDMA/mlx4: Avoid false error about access to uninitialized gids array (git-
    fixes)
  * RDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error (git-
    fixes)
  * RDMA/mlx5: Fix implicit ODP use after free (git-fixes)
  * RDMA/mlx5: Fix indirect mkey ODP page count (git-fixes)
  * RDMA/rxe: Fix mismatched max_msg_sz (git-fixes)
  * RDMA/rxe: Fix the warning "__rxe_cleanup+0x12c/0x170 [rdma_rxe]" (git-fixes)
  * RDMA/srp: Fix error handling in srp_add_port (git-fixes)
  * USB: core: Disable LPM only for non-suspended ports (git-fixes).
  * USB: serial: cp210x: add Phoenix Contact UPS Device (stable-fixes).
  * USB: serial: option: add MeiG Smart SRM815 (stable-fixes).
  * USB: serial: option: add Neoway N723-EA support (stable-fixes).
  * USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() (git-
    fixes).
  * USB: usblp: return error when setting unsupported protocol (git-fixes).
  * Update patches.suse/nvme-tcp-Fix-I-O-queue-cpu-spreading-for-multiple-
    co.patch (git-fixes bsc#1224049).
  * VFS: use system_unbound_wq for delayed_mntput (bsc#1234683).
  * VMCI: fix reference to ioctl-number.rst (git-fixes).
  * afs: Fix EEXIST error returned from afs_rmdir() to be ENOTEMPTY (git-fixes).
  * afs: Fix cleanup of immediately failed async calls (git-fixes).
  * afs: Fix directory format encoding struct (git-fixes).
  * afs: Fix the fallback handling for the YFS.RemoveFile2 RPC call (git-fixes).
  * afs: Fix the maximum cell name length (git-fixes).
  * arm64/sme: Move storage of reg_smidr to __cpuinfo_store_cpu() (git-fixes)
  * arm64: Filter out SVE hwcaps when FEAT_SVE isn't implemented (git-fixes)
  * arm64: Kconfig: Make SME depend on BROKEN for now (git-fixes bsc#1236245).
  * arm64: dts: rockchip: Add sdmmc/sdio/emmc reset controls for RK3328 (git-
    fixes)
  * arm64: dts: rockchip: add hevc power domain clock to rk3328 (git-fixes).
  * arm64: dts: rockchip: increase gmac rx_delay on rk3399-puma (git-fixes)
  * arm64: ptrace: fix partial SETREGSET for NT_ARM_TAGGED_ADDR_CTRL (git-
    fixes).
  * arm64: tegra: Disable Tegra234 sce-fabric node (git-fixes)
  * arm64: tegra: Fix Tegra234 PCIe interrupt-map (git-fixes)
  * arm64: tegra: Fix typo in Tegra234 dce-fabric compatible (git-fixes)
  * ata: libata-core: Set ATA_QCFLAG_RTF_FILLED in fill_result_tf() (stable-
    fixes).
  * bnxt_en: Fix GSO type for HW GRO packets on 5750X chips (git-fixes)
  * btrfs: fix use-after-free in btrfs_encoded_read_endio() (bsc#1235445).
  * btrfs: fix use-after-free waiting for encoded read endios (bsc#1235445).
  * bus: mhi: host: Free mhi_buf vector inside mhi_alloc_bhie_table() (git-
    fixes).
  * ceph: improve error handling and short/overflow-read logic in
    __ceph_sync_read() (bsc#1228592).
  * cleanup: Add conditional guard support (stable-fixes).
  * cleanup: Adjust scoped_guard() macros to avoid potential warning (stable-
    fixes).
  * cleanup: Remove address space of returned pointer (git-fixes).
  * cpufreq: ACPI: Fix max-frequency computation (git-fixes).
  * cpufreq: Do not unregister cpufreq cooling on CPU hotplug (git-fixes).
  * cpufreq: amd-pstate: remove global header file (git-fixes).
  * cpufreq: intel_pstate: Check turbo_is_disabled() in store_no_turbo()
    (bsc#1234619).
  * cpufreq: intel_pstate: Do not update global.turbo_disabled after
    initialization (bsc#1234619).
  * cpufreq: intel_pstate: Drop redundant locking from
    intel_pstate_driver_cleanup() (bsc#1234619).
  * cpufreq: intel_pstate: Fix unchecked HWP MSR access (bsc#1234619).
  * cpufreq: intel_pstate: Fold intel_pstate_max_within_limits() into caller
    (bsc#1234619).
  * cpufreq: intel_pstate: Get rid of unnecessary READ_ONCE() annotations
    (bsc#1234619).
  * cpufreq: intel_pstate: Make hwp_notify_lock a raw spinlock (git-fixes).
  * cpufreq: intel_pstate: Read global.no_turbo under READ_ONCE() (bsc#1234619).
  * cpufreq: intel_pstate: Rearrange show_no_turbo() and store_no_turbo()
    (bsc#1234619).
  * cpufreq: intel_pstate: Refine computation of P-state for given frequency
    (bsc#1234619).
  * cpufreq: intel_pstate: Replace three global.turbo_disabled checks
    (bsc#1234619).
  * cpufreq: intel_pstate: Revise global turbo disable check (bsc#1234619).
  * cpufreq: intel_pstate: Simplify spinlock locking (bsc#1234619).
  * cpufreq: intel_pstate: Update the maximum CPU frequency consistently
    (bsc#1234619).
  * cpufreq: intel_pstate: Use HWP to initialize ITMT if CPPC is missing (git-
    fixes).
  * cpufreq: intel_pstate: Use __ro_after_init for three variables
    (bsc#1234619).
  * cpufreq: intel_pstate: Wait for canceled delayed work to complete
    (bsc#1234619).
  * cpufreq: intel_pstate: fix pstate limits enforcement for adjust_perf call
    back (git-fixes).
  * cpuidle: Avoid potential overflow in integer multiplication (git-fixes).
  * cpupower: fix TSC MHz calculation (git-fixes).
  * crypto: caam - use JobR's space to access page 0 regs (git-fixes).
  * crypto: ecc - Prevent ecc_digits_from_bytes from reading too many bytes
    (git-fixes).
  * crypto: ecdsa - Avoid signed integer overflow on signature decoding (stable-
    fixes).
  * crypto: ecdsa - Convert byte arrays with key coordinates to digits (stable-
    fixes).
  * crypto: ecdsa - Rename keylen to bufsize where necessary (stable-fixes).
  * crypto: ecdsa - Use ecc_digits_from_bytes to convert signature (stable-
    fixes).
  * crypto: iaa - Fix IAA disabling that occurs when sync_mode is set to 'async'
    (git-fixes).
  * crypto: ixp4xx - fix OF node reference leaks in init_ixp_crypto() (git-
    fixes).
  * crypto: qce - fix goto jump in error path (git-fixes).
  * crypto: qce - fix priority to be less than ARMv8 CE (git-fixes).
  * crypto: qce - unregister previously registered algos in error path (git-
    fixes).
  * devcoredump: cleanup some comments (git-fixes).
  * dlm: fix possible lkb_resource null dereference (git-fixes).
  * dmaengine: ti: edma: fix OF node reference leaks in edma_driver (git-fixes).
  * doc/README.SUSE: Point to the updated version of LKMPG
  * docs: media: update location of the media patches (stable-fixes).
  * docs: power: Fix footnote reference for Toshiba Satellite P10-554 (git-
    fixes).
  * driver core: class: Fix wild pointer dereferences in API
    class_dev_iter_next() (git-fixes).
  * drivers/card_reader/rtsx_usb: Restore interrupt based detection (git-fixes).
  * drm/amd/display: Add check for granularity in dml ceil/floor helpers
    (stable-fixes).
  * drm/amd/display: Fix DSC-re-computing (stable-fixes).
  * drm/amd/display: Fix incorrect DSC recompute trigger (stable-fixes).
  * drm/amd/display: Use HW lock mgr for PSR1 (stable-fixes).
  * drm/amd/display: increase MAX_SURFACES to the value supported by hw (stable-
    fixes).
  * drm/amd/pm: Fix an error handling path in
    vega10_enable_se_edc_force_stall_config() (git-fixes).
  * drm/amdgpu/vcn: reset fw_shared under SRIOV (git-fixes).
  * drm/amdgpu: Fix potential NULL pointer dereference in
    atomctrl_get_smc_sclk_range_table (git-fixes).
  * drm/amdgpu: always sync the GFX pipe on ctx switch (stable-fixes).
  * drm/amdgpu: simplify return statement in amdgpu_ras_eeprom_init (git-fixes).
  * drm/amdgpu: tear down ttm range manager for doorbell in amdgpu_ttm_fini()
    (git-fixes).
  * drm/amdkfd: Correct the migration DMA map direction (stable-fixes).
  * drm/amdkfd: fixed page fault when enable MES shader debugger (git-fixes).
  * drm/bridge: it6505: Change definition of AUX_FIFO_MAX_SIZE (git-fixes).
  * drm/etnaviv: Fix page property being used for non writecombine buffers (git-
    fixes).
  * drm/i915/fb: Relax clear color alignment to 64 bytes (stable-fixes).
  * drm/mediatek: Add return value check when reading DPCD (git-fixes).
  * drm/mediatek: Add support for 180-degree rotation in the display driver
    (git-fixes).
  * drm/mediatek: Fix YCbCr422 color format issue for DP (git-fixes).
  * drm/mediatek: Fix mode valid issue for dp (git-fixes).
  * drm/mediatek: Set private->all_drm_private[i]->drm to NULL if mtk_drm_bind
    returns err (git-fixes).
  * drm/mediatek: mtk_dsi: Add registers to pdata to fix MT8186/MT8188 (git-
    fixes).
  * drm/mediatek: stop selecting foreign drivers (git-fixes).
  * drm/msm/dp: set safe_to_exit_level before printing it (git-fixes).
  * drm/msm/dpu: link DSPP_2/_3 blocks on SC8180X (git-fixes).
  * drm/msm/dpu: link DSPP_2/_3 blocks on SM8150 (git-fixes).
  * drm/msm/dpu: link DSPP_2/_3 blocks on SM8250 (git-fixes).
  * drm/msm/dpu: link DSPP_2/_3 blocks on SM8350 (git-fixes).
  * drm/msm/dpu: link DSPP_2/_3 blocks on SM8550 (git-fixes).
  * drm/msm: Check return value of of_dma_configure() (git-fixes).
  * drm/msm: do not clean up priv->kms prematurely (git-fixes).
  * drm/rcar-du: dsi: Fix PHY lock bit check (git-fixes).
  * drm/rockchip: cdn-dp: Use drm_connector_helper_hpd_irq_event() (git-fixes).
  * drm/rockchip: vop2: Check linear format for Cluster windows on rk3566/8
    (git-fixes).
  * drm/rockchip: vop2: Fix cluster windows alpha ctrl regsiters offset (git-
    fixes).
  * drm/rockchip: vop2: Fix the mixer alpha setup for layer 0 (git-fixes).
  * drm/tidss: Clear the interrupt status for interrupts being disabled (git-
    fixes).
  * drm/tidss: Fix issue in irq handling causing irq-flood issue (git-fixes).
  * drm/v3d: Assign job pointer to NULL before signaling the fence (git-fixes).
  * drm/v3d: Ensure job pointer is set to NULL after job completion (git-fixes).
  * drm/v3d: Stop active perfmon if it is being destroyed (git-fixes).
  * drm/vmwgfx: Add new keep_resv BO param (git-fixes).
  * exfat: ensure that ctime is updated whenever the mtime is (git-fixes).
  * exfat: fix the infinite loop in __exfat_free_cluster() (git-fixes).
  * exfat: fix the infinite loop in exfat_readdir() (git-fixes).
  * fbdev: omapfb: Fix an OF node leak in dss_of_port_get_parent_device() (git-
    fixes).
  * genirq: Make handle_enforce_irqctx() unconditionally available (git-fixes).
  * genksyms: fix memory leak when the same symbol is added from source (git-
    fixes).
  * genksyms: fix memory leak when the same symbol is read from *.symref file
    (git-fixes).
  * gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (git-fixes).
  * gpio: mxc: remove dead code after switch to DT-only (git-fixes).
  * gpio: xilinx: Convert gpio_lock to raw spinlock (git-fixes).
  * gtp: Use for_each_netdev_rcu() in gtp_genl_dump_pdp() (git-fixes).
  * hwmon: (drivetemp) Fix driver producing garbage data when SCSI errors occur
    (git-fixes).
  * hwmon: (drivetemp) Set scsi command timeout to 10s (stable-fixes).
  * hwmon: (tmp513) Fix division of negative numbers (git-fixes).
  * hyperv: Do not overlap the hvcall IO areas in get_vtl() (git-fixes).
  * i2c: core: fix reference leak in i2c_register_adapter() (git-fixes).
  * i2c: i801: Add support for Intel Arrow Lake-H (stable-fixes).
  * i2c: i801: Add support for Intel Panther Lake (stable-fixes).
  * i2c: mux: demux-pinctrl: check initial mux selection, too (git-fixes).
  * i2c: rcar: fix NACK handling when being a target (git-fixes).
  * i2c: xgene-slimpro: Migrate to use generic PCC shmem related macros (stable-
    fixes).
  * ibmvnic: Free any outstanding tx skbs during scrq reset (bsc#1226980).
  * ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe()
    (git-fixes).
  * iio: adc: ad7124: Disable all channels at probe time (git-fixes).
  * iio: adc: ad_sigma_delta: Handle CS assertion as intended in
    ad_sd_read_reg_raw() (git-fixes).
  * iio: adc: at91: call input_free_device() on allocated iio_dev (git-fixes).
  * iio: adc: rockchip_saradc: fix information leak in triggered buffer (git-
    fixes).
  * iio: adc: ti-ads124s08: Use gpiod_set_value_cansleep() (git-fixes).
  * iio: adc: ti-ads8688: fix information leak in triggered buffer (git-fixes).
  * iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered
    buffer (git-fixes).
  * iio: gyro: fxas21002c: Fix missing data update in trigger handler (git-
    fixes).
  * iio: iio-mux: kzalloc instead of devm_kzalloc to ensure page alignment (git-
    fixes).
  * iio: imu: kmx61: fix information leak in triggered buffer (git-fixes).
  * iio: inkern: call iio_device_put() only on mapped devices (git-fixes).
  * iio: light: as73211: fix channel handling in only-color triggered buffer
    (git-fixes).
  * iio: light: vcnl4035: fix information leak in triggered buffer (git-fixes).
  * iio: pressure: zpa2326: fix information leak in triggered buffer (git-
    fixes).
  * iio: test : check null return of kunit_kmalloc in iio_rescale_test_scale
    (git-fixes).
  * intel_th: core: fix kernel-doc warnings (git-fixes).
  * ipmi: ipmb: Add check devm_kasprintf() returned value (git-fixes).
  * ipmi: ssif_bmc: Fix new request loss when bmc ready for a response (git-
    fixes).
  * irqchip/gic-v3: Force propagation of the active state with a read-back
    (stable-fixes).
  * irqchip/gic: Correct declaration of *percpu_base pointer in union gic_base
    (stable-fixes).
  * kABI workaround for struct auto_pin_cfg_item change (git-fixes).
  * kconfig: fix file name in warnings when loading KCONFIG_DEFCONFIG_LIST (git-
    fixes).
  * kheaders: Ignore silly-rename files (stable-fixes).
  * ktest.pl: Avoid false positives with grub2 skip regex (stable-fixes).
  * ktest.pl: Check kernelrelease return in get_version (git-fixes).
  * ktest.pl: Fix typo "accesing" (git-fixes).
  * ktest.pl: Fix typo in comment (git-fixes).
  * ktest.pl: Remove unused declarations in run_bisect_test function (git-
    fixes).
  * ktest: force $buildonly = 1 for 'make_warnings_file' test type (stable-
    fixes).
  * landlock: Handle weird files (git-fixes).
  * latencytop: use correct kernel-doc format for func params (git-fixes).
  * leds: lp8860: Write full EEPROM, not only half of it (git-fixes).
  * leds: netxbig: Fix an OF node reference leak in netxbig_leds_get_of_pdata()
    (git-fixes).
  * lib/inflate.c: remove dead code (git-fixes).
  * lib/stackdepot: print disabled message only if truly disabled (git-fixes).
  * mac802154: check local interfaces before deleting sdata list (stable-fixes).
  * mailbox: pcc: Add support for platform notification handling (stable-fixes).
  * mailbox: pcc: Support shared interrupt for multiple subspaces (stable-
    fixes).
  * mailbox: tegra-hsp: Clear mailbox before using message (git-fixes).
  * maple_tree: simplify split calculation (git-fixes).
  * media: camif-core: Add check for clk_enable() (git-fixes).
  * media: ccs: Clean up parsed CCS static data on parse failure (git-fixes).
  * media: ccs: Fix CCS static data parsing for large block sizes (git-fixes).
  * media: ccs: Fix cleanup order in ccs_probe() (git-fixes).
  * media: dvb-usb-v2: af9035: fix ISO C90 compilation error on
    af9035_i2c_master_xfer (git-fixes).
  * media: dvb: mb86a16: check the return value of mb86a16_read() (git-fixes).
  * media: firewire: firedtv-avc.c: replace BUG with proper, error return (git-
    fixes).
  * media: i2c: imx412: Add missing newline to prints (git-fixes).
  * media: i2c: ov9282: Correct the exposure offset (git-fixes).
  * media: imx-jpeg: Fix potential error pointer dereference in detach_pm()
    (git-fixes).
  * media: imx296: Add standby delay during probe (git-fixes).
  * media: lmedm04: Handle errors for lme2510_int_read (git-fixes).
  * media: marvell: Add check for clk_enable() (git-fixes).
  * media: mc: fix endpoint iteration (git-fixes).
  * media: mipi-csis: Add check for clk_enable() (git-fixes).
  * media: nxp: imx8-isi: fix v4l2-compliance test errors (git-fixes).
  * media: ov08x40: Fix hblank out of range issue (git-fixes).
  * media: ov5640: fix get_light_freq on auto (git-fixes).
  * media: rc: iguanair: handle timeouts (git-fixes).
  * media: rkisp1: Fix unused value issue (git-fixes).
  * media: uvcvideo: Fix crash during unbind if gpio unit is in use (git-fixes).
  * media: uvcvideo: Fix double free in error path (git-fixes).
  * media: uvcvideo: Fix event flags in uvc_ctrl_send_events (git-fixes).
  * media: uvcvideo: Force UVC version to 1.0a for 0408:4035 (stable-fixes).
  * media: uvcvideo: Only save async fh if success (git-fixes).
  * media: uvcvideo: Propagate buf->error to userspace (git-fixes).
  * media: uvcvideo: Remove dangling pointers (git-fixes).
  * media: uvcvideo: Remove redundant NULL assignment (git-fixes).
  * media: uvcvideo: Support partial control reads (git-fixes).
  * memory tiering: count PGPROMOTE_SUCCESS when mem tiering is enabled (git-
    fixes).
  * memory-failure: use a folio in me_huge_page() (git-fixes).
  * memory: tegra20-emc: fix an OF node reference bug in
    tegra_emc_find_node_by_ram_code() (git-fixes).
  * misc: fastrpc: Deregister device nodes properly in error scenarios (git-
    fixes).
  * misc: fastrpc: Fix copy buffer page size (git-fixes).
  * misc: fastrpc: Fix registered buffer page address (git-fixes).
  * misc: microchip: pci1xxxx: Resolve kernel panic during GPIO IRQ handling
    (git-fixes).
  * misc: microchip: pci1xxxx: Resolve return code mismatch during GPIO set
    config (git-fixes).
  * misc: misc_minor_alloc to use ida for all dynamic/misc dynamic minors (git-
    fixes).
  * mm, kmsan: fix infinite recursion due to RCU critical section (git-fixes).
  * mm,page_owner: do not remove __GFP_NOLOCKDEP in add_stack_record_to_list
    (git-fixes).
  * mm/compaction: fix UBSAN shift-out-of-bounds warning (git fixes
    (mm/compaction)).
  * mm/memory-failure: cast index to loff_t before shifting it (git-fixes).
  * mm/memory-failure: check the mapcount of the precise page (git-fixes).
  * mm/memory-failure: fix crash in split_huge_page_to_list from
    soft_offline_page (git-fixes).
  * mm/memory-failure: pass the folio and the page to collect_procs() (git-
    fixes).
  * mm/memory-failure: use raw_spinlock_t in struct memory_failure_cpu (git-
    fixes).
  * mm/memory_hotplug: add missing mem_hotplug_lock (git-fixes).
  * mm/memory_hotplug: fix error handling in add_memory_resource() (git-fixes).
  * mm/memory_hotplug: prevent accessing by index=-1 (git-fixes).
  * mm/memory_hotplug: use pfn math in place of direct struct page manipulation
    (git-fixes).
  * mm/migrate: correct nr_failed in migrate_pages_sync() (git-fixes).
  * mm/migrate: fix deadlock in migrate_pages_batch() on large folios (git-
    fixes).
  * mm/migrate: putback split folios when numa hint migration fails (git-fixes).
  * mm/migrate: split source folio if it is on deferred split list (git-fixes).
  * mm/page_owner: remove free_ts from page_owner output (git-fixes).
  * mm/rodata_test: use READ_ONCE() to read const variable (git-fixes).
  * mm: convert DAX lock/unlock page to lock/unlock folio (git-fixes).
  * mm: memory-failure: ensure moving HWPoison flag to the raw error pages (git-
    fixes).
  * mm: memory-failure: fetch compound head after extra page refcnt is held
    (git-fixes).
  * mm: memory-failure: fix potential page refcnt leak in memory_failure() (git-
    fixes).
  * mm: memory-failure: fix race window when trying to get hugetlb folio (git-
    fixes).
  * mm: memory-failure: remove unneeded PageHuge() check (git-fixes).
  * mm: prevent derefencing NULL ptr in pfn_section_valid() (git-fixes).
  * modpost: fix the missed iteration for the max bit in do_input() (git-fixes).
  * mtd: onenand: Fix uninitialized retlen in do_otp_read() (git-fixes).
  * mtd: spinand: Remove write_enable_op() in markbad() (git-fixes).
  * net/rose: prevent integer overflows in rose_setsockopt() (git-fixes).
  * net: mana: Add get_link and get_link_ksettings in ethtool (bsc#1236761).
  * net: mana: Cleanup "mana" debugfs dir after cleanup of all children
    (bsc#1236760).
  * net: mana: Enable debugfs files for MANA device (bsc#1236758).
  * net: netvsc: Update default VMBus channels (bsc#1236757).
  * net: phy: c45-tjaxx: add delay between MDIO write and read in soft_reset
    (git-fixes).
  * net: rose: fix timer races against user threads (git-fixes).
  * net: usb: qmi_wwan: add Telit FE910C04 compositions (stable-fixes).
  * net: usb: rtl8150: enable basic endpoint checking (git-fixes).
  * net: wwan: iosm: Properly check for valid exec stage in ipc_mmio_init()
    (git-fixes).
  * net: wwan: t7xx: Fix FSM command timeout issue (git-fixes).
  * netfilter: nf_tables: validate family when identifying table via handle
    (bsc#1233778 ZDI-24-1454).
  * nilfs2: fix possible int overflows in nilfs_fiemap() (git-fixes).
  * nvme-tcp: Fix I/O queue cpu spreading for multiple controllers (git-fixes).
  * nvme: Add error check for xa_store in nvme_get_effects_log (git-fixes).
  * nvme: Add error path for xa_store in nvme_init_effects (git-fixes).
  * nvme: fix bogus kzalloc() return check in nvme_init_effects_log() (git-
    fixes).
  * nvmet: propagate npwg topology (git-fixes).
  * padata: add pd get/put refcnt helper (git-fixes).
  * padata: avoid UAF for reorder_work (git-fixes).
  * padata: fix UAF in padata_reorder (git-fixes).
  * pinctrl: amd: Take suspend type into consideration which pins are non-wake
    (git-fixes).
  * pinctrl: samsung: fix fwnode refcount cleanup if platform_get_irq_optional()
    fails (git-fixes).
  * platform/x86/amd/pmc: Only disable IRQ1 wakeup where i8042 actually enabled
    it (git-fixes).
  * platform/x86/intel-uncore-freq: Ignore minor version change (bsc#1225897).
  * platform/x86/intel/tpmi: Add defines to get version information
    (bsc#1225897).
  * pm:cpupower: Add missing powercap_set_enabled() stub function (git-fixes).
  * power: ip5xxx_power: Fix return value on ADC read errors (git-fixes).
  * powerpc/iommu: Move pSeries specific functions to pseries/iommu.c
    (bsc#1220711 ltc#205755).
  * powerpc/iommu: Only build sPAPR access functions on pSeries (bsc#1220711
    ltc#205755).
  * powerpc/powernv/pci: Remove MVE code (bsc#1220711 ltc#205755).
  * powerpc/powernv/pci: Remove ioda1 support (bsc#1220711 ltc#205755).
  * powerpc/powernv/pci: Remove last IODA1 defines (bsc#1220711 ltc#205755).
  * powerpc/pseries/eeh: Fix get PE state translation (bsc#1215199).
  * powerpc/pseries/iommu: IOMMU incorrectly marks MMIO range in DDW
    (bsc#1218470 ltc#204531).
  * powerpc/pseries/vas: Add close() callback in vas_vm_ops struct
    (bsc#1234825).
  * pps: add an error check in parport_attach (git-fixes).
  * pps: remove usage of the deprecated ida_simple_xx() API (stable-fixes).
  * printk: Add is_printk_legacy_deferred() (bsc#1236733).
  * printk: Defer legacy printing when holding printk_cpu_sync (bsc#1236733).
  * pwm: stm32-lp: Add check for clk_enable() (git-fixes).
  * pwm: stm32: Add check for clk_enable() (git-fixes).
  * r8169: enable SG/TSO on selected chip versions per default (bsc#1235874).
  * rcu-tasks: Pull sampling of ->percpu_dequeue_lim out of loop (git-fixes)
  * rcu/tree: Defer setting of jiffies during stall reset (git-fixes)
  * rcu: Dump memory object info if callback function is invalid (git-fixes)
  * rcu: Eliminate rcu_gp_slow_unregister() false positive (git-fixes)
  * rcuscale: Move rcu_scale_writer() (git-fixes)
  * rdma/cxgb4: Prevent potential integer overflow on 32bit (git-fixes)
  * regulator: core: Add missing newline character (git-fixes).
  * regulator: of: Implement the unwind path of of_regulator_match() (git-
    fixes).
  * remoteproc: core: Fix ida_free call while not allocated (git-fixes).
  * rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read (git-fixes).
  * rtc: zynqmp: Fix optional clock name property (git-fixes).
  * s390x config: IOMMU_DEFAULT_DMA_LAZY=y (bsc#1235646)
  * samples/landlock: Fix possible NULL dereference in parse_path() (git-fixes).
  * sched/fair: Fix value reported by hot tasks pulled in /proc/schedstat
    (bsc#1235865).
  * sched/fair: Fix value reported by hot tasks pulled in /proc/schedstat -kabi
    (bsc#1235865).
  * scsi: storvsc: Ratelimit warning logs to prevent VM denial of service (git-
    fixes).
  * seccomp: Stub for !CONFIG_SECCOMP (stable-fixes).
  * selftest: media_tests: fix trivial UAF typo (git-fixes).
  * selftests/alsa: Fix circular dependency involving global-timer (stable-
    fixes).
  * selftests/landlock: Fix error message (git-fixes).
  * selftests/mm/cow: modify the incorrect checking parameters (git-fixes).
  * selftests/powerpc: Fix argument order to timer_sub() (git-fixes).
  * selftests: harness: fix printing of mismatch values in __EXPECT() (git-
    fixes).
  * selftests: mptcp: avoid spurious errors on disconnect (git-fixes).
  * selftests: tc-testing: reduce rshift value (stable-fixes).
  * selftests: timers: clocksource-switch: Adapt progress to kselftest framework
    (git-fixes).
  * selinux: Fix SCTP error inconsistency in selinux_socket_bind() (git-fixes).
  * serial: 8250: Adjust the timeout for FIFO mode (git-fixes).
  * serial: sh-sci: Do not probe the serial port if its slot in sci_ports[] is
    in use (git-fixes).
  * serial: sh-sci: Drop __initdata macro for port_cfg (git-fixes).
  * ocfs2: temporarily disable upstream patch (bsc#1236138).
  * soc: atmel: fix device_node release in atmel_soc_device_init() (git-fixes).
  * soc: mediatek: mtk-devapc: Fix leaking IO map on error paths (git-fixes).
  * soc: qcom: smem_state: fix missing of_node_put in error path (git-fixes).
  * soc: qcom: socinfo: Avoid out of bounds read of serial number (git-fixes).
  * sound: usb: enable DSD output for ddHiFi TC44C (stable-fixes).
  * sound: usb: format: do not warn that raw DSD is unsupported (stable-fixes).
  * spi: zynq-qspi: Add check for clk_enable() (git-fixes).
  * srcu: Fix srcu_struct node grpmask overflow on 64-bit systems (git-fixes)
  * srcu: Only accelerate on enqueue time (git-fixes)
  * stackdepot: rename pool_index to pool_index_plus_1 (git-fixes).
  * stackdepot: respect __GFP_NOLOCKDEP allocation flag (git-fixes).
  * staging: iio: ad9832: Correct phase range check (git-fixes).
  * staging: iio: ad9834: Correct phase range check (git-fixes).
  * staging: media: imx: fix OF node leak in imx_media_add_of_subdevs() (git-
    fixes).
  * staging: media: max96712: fix kernel oops when removing module (git-fixes).
  * thermal: of: fix OF node leak in of_thermal_zone_find() (git-fixes).
  * thunderbolt: Add support for Intel Lunar Lake (stable-fixes).
  * thunderbolt: Add support for Intel Panther Lake-M/P (stable-fixes).
  * tipc: fix NULL deref in cleanup_bearer() (bsc#1235433).
  * tools: Sync if_xdp.h uapi tooling header (git-fixes).
  * tpm: Map the ACPI provided event log (bsc#1233260 bsc#1233259 bsc#1232421).
  * tty: serial: 8250: Fix another runtime PM usage counter underflow (git-
    fixes).
  * tty: xilinx_uartps: split sysrq handling (git-fixes).
  * ubifs: skip dumping tnc tree when zroot is null (git-fixes).
  * uio: Fix return value of poll (git-fixes).
  * uio: uio_dmem_genirq: check the return value of devm_kasprintf() (git-
    fixes).
  * usb-storage: Add max sectors quirk for Nokia 208 (stable-fixes).
  * usb: chipidea: add CI_HDRC_FORCE_VBUS_ACTIVE_ALWAYS flag (stable-fixes).
  * usb: chipidea: ci_hdrc_imx: decrement device's refcount in .remove() and in
    the error path of .probe() (git-fixes).
  * usb: dwc3-am62: Disable autosuspend during remove (git-fixes).
  * usb: dwc3-am62: Fix an OF node leak in phy_syscon_pll_refclk() (git-fixes).
  * usb: dwc3: gadget: fix writing NYET threshold (git-fixes).
  * usb: fix reference leak in usb_new_device() (git-fixes).
  * usb: gadget: configfs: Ignore trailing LF for user strings to cdev (git-
    fixes).
  * usb: gadget: f_fs: Remove WARN_ON in functionfs_bind (git-fixes).
  * usb: gadget: f_tcm: Decrement command ref count on cleanup (git-fixes).
  * usb: gadget: f_tcm: Do not free command immediately (git-fixes).
  * usb: gadget: f_tcm: Do not prepare BOT write request twice (git-fixes).
  * usb: gadget: f_tcm: Fix Get/SetInterface return value (git-fixes).
  * usb: gadget: f_tcm: Translate error to sense (git-fixes).
  * usb: gadget: f_tcm: ep_autoconfig with fullspeed endpoint (git-fixes).
  * usb: gadget: f_uac2: Fix incorrect setting of bNumEndpoints (git-fixes).
  * usb: gadget: u_serial: Disable ep before setting port to null to fix the
    crash caused by port being null (git-fixes).
  * usb: host: xhci-plat: Assign shared_hcd->rsrc_start (git-fixes).
  * usb: typec: fix pm usage counter imbalance in ucsi_ccg_sync_control()
    (bsc#1235001)
  * usb: typec: tcpm/tcpci_maxim: fix error code in
    max_contaminant_read_resistance_kohm() (git-fixes).
  * usb: typec: tcpm: set SRC_SEND_CAPABILITIES timeout to PD_T_SENDER_RESPONSE
    (git-fixes).
  * usbnet: ipheth: break up NCM header size computation (git-fixes).
  * usbnet: ipheth: check that DPE points past NCM header (git-fixes).
  * usbnet: ipheth: fix DPE OoB read (git-fixes).
  * usbnet: ipheth: fix possible overflow in DPE length check (git-fixes).
  * usbnet: ipheth: refactor NCM datagram loop (git-fixes).
  * usbnet: ipheth: use static NDP16 location in URB (git-fixes).
  * vfio/pci: Lock external INTx masking ops (bsc#1222803).
  * virtio-mem: check if the config changed before fake offlining memory (git-
    fixes).
  * virtio-mem: convert most offline_and_remove_memory() errors to -EBUSY (git-
    fixes).
  * virtio-mem: keep retrying on offline_and_remove_memory() errors in Sub Block
    Mode (SBM) (git-fixes).
  * virtio-mem: remove unsafe unplug in Big Block Mode (BBM) (git-fixes).
  * vmscan,migrate: fix page count imbalance on node stats when demoting pages
    (git-fixes).
  * vsock/virtio: cancel close work in the destructor (git-fixes)
  * vsock: Keep the binding until socket destruction (git-fixes)
  * vsock: reset socket state when de-assigning the transport (git-fixes)
  * watchdog: rzg2l_wdt: Power on the watchdog domain in the restart handler
    (stable-fixes).
  * watchdog: rzg2l_wdt: Rely on the reset driver for doing proper reset
    (stable-fixes).
  * watchdog: rzg2l_wdt: Remove reset de-assert from probe (stable-fixes).
  * wifi: ath11k: Fix unexpected return buffer manager error for WCN6750/WCN6855
    (git-fixes).
  * wifi: ath11k: cleanup struct ath11k_mon_data (git-fixes).
  * wifi: ath12k: fix atomic calls in ath12k_mac_op_set_bitrate_mask() (stable-
    fixes).
  * wifi: ath12k: fix tx power, max reg power update to firmware (git-fixes).
  * wifi: brcmfmac: add missing header include for brcmf_dbg (git-fixes).
  * wifi: cfg80211: adjust allocation of colocated AP data (git-fixes).
  * wifi: iwlwifi: fw: read STEP table from correct UEFI var (git-fixes).
  * wifi: mac80211: Add non-atomic station iterator (stable-fixes).
  * wifi: mac80211: Fix common size calculation for ML element (git-fixes).
  * wifi: mac80211: do not flush non-uploaded STAs (git-fixes).
  * wifi: mac80211: export ieee80211_purge_tx_queue() for drivers (stable-
    fixes).
  * wifi: mac80211: fix mbss changed flags corruption on 32 bit systems (stable-
    fixes).
  * wifi: mac80211: fix tid removal during mesh forwarding (git-fixes).
  * wifi: mac80211: prohibit deactivating all links (git-fixes).
  * wifi: mac80211: wake the queues in case of failure in resume (stable-fixes).
  * wifi: mt76: mt76u_vendor_request: Do not print error messages when -EPROTO
    (git-fixes).
  * wifi: mt76: mt7915: Fix mesh scan on MT7916 DBDC (git-fixes).
  * wifi: mt76: mt7915: add module param to select 5 GHz or 6 GHz on MT7916
    (git-fixes).
  * wifi: mt76: mt7915: firmware restart on devices with a second pcie link
    (git-fixes).
  * wifi: mt76: mt7915: fix overflows seen when writing limit attributes (git-
    fixes).
  * wifi: mt76: mt7915: fix register mapping (git-fixes).
  * wifi: mt76: mt7921: fix using incorrect group cipher after disconnection
    (git-fixes).
  * wifi: mt76: mt7925: fix off by one in mt7925_load_clc() (git-fixes).
  * wifi: mt76: mt7996: add max mpdu len capability (git-fixes).
  * wifi: mt76: mt7996: fix HE Phy capability (git-fixes).
  * wifi: mt76: mt7996: fix definition of tx descriptor (git-fixes).
  * wifi: mt76: mt7996: fix incorrect indexing of MIB FW event (git-fixes).
  * wifi: mt76: mt7996: fix ldpc setting (git-fixes).
  * wifi: mt76: mt7996: fix overflows seen when writing limit attributes (git-
    fixes).
  * wifi: mt76: mt7996: fix register mapping (git-fixes).
  * wifi: mt76: mt7996: fix rx filter setting for bfee functionality (git-
    fixes).
  * wifi: mt76: mt7996: fix the capability of reception of EHT MU PPDU (git-
    fixes).
  * wifi: rtlwifi: destroy workqueue at rtl_deinit_core (git-fixes).
  * wifi: rtlwifi: do not complete firmware loading needlessly (git-fixes).
  * wifi: rtlwifi: fix init_sw_vars leak when probe fails (git-fixes).
  * wifi: rtlwifi: fix memory leaks and invalid access at probe error path (git-
    fixes).
  * wifi: rtlwifi: pci: wait for firmware loading before releasing memory (git-
    fixes).
  * wifi: rtlwifi: remove unused check_buddy_priv (git-fixes).
  * wifi: rtlwifi: rtl8192se: rise completion of firmware loading as last step
    (git-fixes).
  * wifi: rtlwifi: rtl8821ae: Fix media status report (git-fixes).
  * wifi: rtlwifi: rtl8821ae: phy: restore removed code to fix infinite loop
    (git-fixes).
  * wifi: rtlwifi: usb: fix workqueue leak when probe fails (git-fixes).
  * wifi: rtlwifi: wait for firmware loading before releasing memory (git-
    fixes).
  * wifi: rtw88: use ieee80211_purge_tx_queue() to purge TX skb (stable-fixes).
  * wifi: rtw89: mcc: consider time limits not divisible by 1024 (git-fixes).
  * wifi: wcn36xx: fix channel survey memory allocation size (git-fixes).
  * wifi: wlcore: fix unbalanced pm_runtime calls (git-fixes).
  * workqueue: Add rcu lock check at the end of work item execution
    (bsc#1236732).
  * x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0
    (git-fixes).
  * xfs: Add error handling for xfs_reflink_cancel_cow_range (git-fixes).
  * xfs: Propagate errors from xfs_reflink_cancel_cow_range in
    xfs_dax_write_iomap_end (git-fixes).

## Special Instructions and Notes:

  * Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-557=1

  * SUSE Linux Enterprise Live Patching 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-557=1

  * SUSE Real Time Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-RT-15-SP6-2025-557=1

## Package List:

  * openSUSE Leap 15.6 (x86_64)
    * kernel-rt-devel-6.4.0-150600.10.26.1
    * reiserfs-kmp-rt-6.4.0-150600.10.26.1
    * reiserfs-kmp-rt-debuginfo-6.4.0-150600.10.26.1
    * gfs2-kmp-rt-debuginfo-6.4.0-150600.10.26.1
    * dlm-kmp-rt-6.4.0-150600.10.26.1
    * kernel-rt-debugsource-6.4.0-150600.10.26.1
    * cluster-md-kmp-rt-debuginfo-6.4.0-150600.10.26.1
    * kernel-rt_debug-devel-6.4.0-150600.10.26.1
    * kernel-rt-devel-debuginfo-6.4.0-150600.10.26.1
    * ocfs2-kmp-rt-debuginfo-6.4.0-150600.10.26.1
    * kernel-rt_debug-debugsource-6.4.0-150600.10.26.1
    * kernel-rt-extra-6.4.0-150600.10.26.1
    * kernel-rt-livepatch-devel-6.4.0-150600.10.26.1
    * kernel-syms-rt-6.4.0-150600.10.26.1
    * dlm-kmp-rt-debuginfo-6.4.0-150600.10.26.1
    * kernel-rt_debug-devel-debuginfo-6.4.0-150600.10.26.1
    * cluster-md-kmp-rt-6.4.0-150600.10.26.1
    * kernel-rt_debug-vdso-6.4.0-150600.10.26.1
    * kernel-rt-debuginfo-6.4.0-150600.10.26.1
    * gfs2-kmp-rt-6.4.0-150600.10.26.1
    * kernel-rt-vdso-debuginfo-6.4.0-150600.10.26.1
    * kernel-rt_debug-vdso-debuginfo-6.4.0-150600.10.26.1
    * kernel-rt-optional-debuginfo-6.4.0-150600.10.26.1
    * kernel-rt-vdso-6.4.0-150600.10.26.1
    * kselftests-kmp-rt-6.4.0-150600.10.26.1
    * kernel-rt-extra-debuginfo-6.4.0-150600.10.26.1
    * kernel-rt_debug-debuginfo-6.4.0-150600.10.26.1
    * kselftests-kmp-rt-debuginfo-6.4.0-150600.10.26.1
    * kernel-rt-optional-6.4.0-150600.10.26.1
    * ocfs2-kmp-rt-6.4.0-150600.10.26.1
  * openSUSE Leap 15.6 (noarch)
    * kernel-source-rt-6.4.0-150600.10.26.1
    * kernel-devel-rt-6.4.0-150600.10.26.1
  * openSUSE Leap 15.6 (nosrc x86_64)
    * kernel-rt-6.4.0-150600.10.26.1
    * kernel-rt_debug-6.4.0-150600.10.26.1
  * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64)
    * kernel-livepatch-6_4_0-150600_10_26-rt-debuginfo-1-150600.1.3.1
    * kernel-livepatch-6_4_0-150600_10_26-rt-1-150600.1.3.1
    * kernel-livepatch-SLE15-SP6-RT_Update_8-debugsource-1-150600.1.3.1
  * SUSE Real Time Module 15-SP6 (x86_64)
    * kernel-rt-devel-debuginfo-6.4.0-150600.10.26.1
    * kernel-rt-debuginfo-6.4.0-150600.10.26.1
    * ocfs2-kmp-rt-debuginfo-6.4.0-150600.10.26.1
    * kernel-rt-devel-6.4.0-150600.10.26.1
    * gfs2-kmp-rt-6.4.0-150600.10.26.1
    * kernel-rt_debug-debugsource-6.4.0-150600.10.26.1
    * gfs2-kmp-rt-debuginfo-6.4.0-150600.10.26.1
    * dlm-kmp-rt-6.4.0-150600.10.26.1
    * kernel-syms-rt-6.4.0-150600.10.26.1
    * kernel-rt-debugsource-6.4.0-150600.10.26.1
    * cluster-md-kmp-rt-debuginfo-6.4.0-150600.10.26.1
    * dlm-kmp-rt-debuginfo-6.4.0-150600.10.26.1
    * kernel-rt_debug-debuginfo-6.4.0-150600.10.26.1
    * kernel-rt_debug-devel-debuginfo-6.4.0-150600.10.26.1
    * cluster-md-kmp-rt-6.4.0-150600.10.26.1
    * kernel-rt_debug-devel-6.4.0-150600.10.26.1
    * ocfs2-kmp-rt-6.4.0-150600.10.26.1
  * SUSE Real Time Module 15-SP6 (noarch)
    * kernel-source-rt-6.4.0-150600.10.26.1
    * kernel-devel-rt-6.4.0-150600.10.26.1
  * SUSE Real Time Module 15-SP6 (nosrc x86_64)
    * kernel-rt-6.4.0-150600.10.26.1
    * kernel-rt_debug-6.4.0-150600.10.26.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-52923.html
  * https://www.suse.com/security/cve/CVE-2024-36476.html
  * https://www.suse.com/security/cve/CVE-2024-39282.html
  * https://www.suse.com/security/cve/CVE-2024-43913.html
  * https://www.suse.com/security/cve/CVE-2024-45828.html
  * https://www.suse.com/security/cve/CVE-2024-46858.html
  * https://www.suse.com/security/cve/CVE-2024-46896.html
  * https://www.suse.com/security/cve/CVE-2024-47141.html
  * https://www.suse.com/security/cve/CVE-2024-47143.html
  * https://www.suse.com/security/cve/CVE-2024-47809.html
  * https://www.suse.com/security/cve/CVE-2024-48873.html
  * https://www.suse.com/security/cve/CVE-2024-48881.html
  * https://www.suse.com/security/cve/CVE-2024-49569.html
  * https://www.suse.com/security/cve/CVE-2024-49948.html
  * https://www.suse.com/security/cve/CVE-2024-49951.html
  * https://www.suse.com/security/cve/CVE-2024-49978.html
  * https://www.suse.com/security/cve/CVE-2024-49998.html
  * https://www.suse.com/security/cve/CVE-2024-50051.html
  * https://www.suse.com/security/cve/CVE-2024-50106.html
  * https://www.suse.com/security/cve/CVE-2024-50151.html
  * https://www.suse.com/security/cve/CVE-2024-50199.html
  * https://www.suse.com/security/cve/CVE-2024-50251.html
  * https://www.suse.com/security/cve/CVE-2024-50258.html
  * https://www.suse.com/security/cve/CVE-2024-50299.html
  * https://www.suse.com/security/cve/CVE-2024-50304.html
  * https://www.suse.com/security/cve/CVE-2024-52332.html
  * https://www.suse.com/security/cve/CVE-2024-53091.html
  * https://www.suse.com/security/cve/CVE-2024-53095.html
  * https://www.suse.com/security/cve/CVE-2024-53164.html
  * https://www.suse.com/security/cve/CVE-2024-53168.html
  * https://www.suse.com/security/cve/CVE-2024-53170.html
  * https://www.suse.com/security/cve/CVE-2024-53172.html
  * https://www.suse.com/security/cve/CVE-2024-53175.html
  * https://www.suse.com/security/cve/CVE-2024-53185.html
  * https://www.suse.com/security/cve/CVE-2024-53187.html
  * https://www.suse.com/security/cve/CVE-2024-53194.html
  * https://www.suse.com/security/cve/CVE-2024-53195.html
  * https://www.suse.com/security/cve/CVE-2024-53196.html
  * https://www.suse.com/security/cve/CVE-2024-53197.html
  * https://www.suse.com/security/cve/CVE-2024-53198.html
  * https://www.suse.com/security/cve/CVE-2024-53203.html
  * https://www.suse.com/security/cve/CVE-2024-53227.html
  * https://www.suse.com/security/cve/CVE-2024-53230.html
  * https://www.suse.com/security/cve/CVE-2024-53231.html
  * https://www.suse.com/security/cve/CVE-2024-53232.html
  * https://www.suse.com/security/cve/CVE-2024-53233.html
  * https://www.suse.com/security/cve/CVE-2024-53236.html
  * https://www.suse.com/security/cve/CVE-2024-53239.html
  * https://www.suse.com/security/cve/CVE-2024-53685.html
  * https://www.suse.com/security/cve/CVE-2024-53690.html
  * https://www.suse.com/security/cve/CVE-2024-54680.html
  * https://www.suse.com/security/cve/CVE-2024-55639.html
  * https://www.suse.com/security/cve/CVE-2024-55881.html
  * https://www.suse.com/security/cve/CVE-2024-55916.html
  * https://www.suse.com/security/cve/CVE-2024-56369.html
  * https://www.suse.com/security/cve/CVE-2024-56372.html
  * https://www.suse.com/security/cve/CVE-2024-56531.html
  * https://www.suse.com/security/cve/CVE-2024-56532.html
  * https://www.suse.com/security/cve/CVE-2024-56533.html
  * https://www.suse.com/security/cve/CVE-2024-56538.html
  * https://www.suse.com/security/cve/CVE-2024-56543.html
  * https://www.suse.com/security/cve/CVE-2024-56546.html
  * https://www.suse.com/security/cve/CVE-2024-56548.html
  * https://www.suse.com/security/cve/CVE-2024-56557.html
  * https://www.suse.com/security/cve/CVE-2024-56558.html
  * https://www.suse.com/security/cve/CVE-2024-56568.html
  * https://www.suse.com/security/cve/CVE-2024-56569.html
  * https://www.suse.com/security/cve/CVE-2024-56570.html
  * https://www.suse.com/security/cve/CVE-2024-56571.html
  * https://www.suse.com/security/cve/CVE-2024-56572.html
  * https://www.suse.com/security/cve/CVE-2024-56573.html
  * https://www.suse.com/security/cve/CVE-2024-56574.html
  * https://www.suse.com/security/cve/CVE-2024-56575.html
  * https://www.suse.com/security/cve/CVE-2024-56577.html
  * https://www.suse.com/security/cve/CVE-2024-56578.html
  * https://www.suse.com/security/cve/CVE-2024-56584.html
  * https://www.suse.com/security/cve/CVE-2024-56587.html
  * https://www.suse.com/security/cve/CVE-2024-56588.html
  * https://www.suse.com/security/cve/CVE-2024-56589.html
  * https://www.suse.com/security/cve/CVE-2024-56590.html
  * https://www.suse.com/security/cve/CVE-2024-56592.html
  * https://www.suse.com/security/cve/CVE-2024-56593.html
  * https://www.suse.com/security/cve/CVE-2024-56594.html
  * https://www.suse.com/security/cve/CVE-2024-56595.html
  * https://www.suse.com/security/cve/CVE-2024-56596.html
  * https://www.suse.com/security/cve/CVE-2024-56597.html
  * https://www.suse.com/security/cve/CVE-2024-56598.html
  * https://www.suse.com/security/cve/CVE-2024-5660.html
  * https://www.suse.com/security/cve/CVE-2024-56600.html
  * https://www.suse.com/security/cve/CVE-2024-56601.html
  * https://www.suse.com/security/cve/CVE-2024-56602.html
  * https://www.suse.com/security/cve/CVE-2024-56603.html
  * https://www.suse.com/security/cve/CVE-2024-56606.html
  * https://www.suse.com/security/cve/CVE-2024-56607.html
  * https://www.suse.com/security/cve/CVE-2024-56608.html
  * https://www.suse.com/security/cve/CVE-2024-56609.html
  * https://www.suse.com/security/cve/CVE-2024-56610.html
  * https://www.suse.com/security/cve/CVE-2024-56611.html
  * https://www.suse.com/security/cve/CVE-2024-56614.html
  * https://www.suse.com/security/cve/CVE-2024-56615.html
  * https://www.suse.com/security/cve/CVE-2024-56616.html
  * https://www.suse.com/security/cve/CVE-2024-56617.html
  * https://www.suse.com/security/cve/CVE-2024-56619.html
  * https://www.suse.com/security/cve/CVE-2024-56620.html
  * https://www.suse.com/security/cve/CVE-2024-56622.html
  * https://www.suse.com/security/cve/CVE-2024-56623.html
  * https://www.suse.com/security/cve/CVE-2024-56625.html
  * https://www.suse.com/security/cve/CVE-2024-56629.html
  * https://www.suse.com/security/cve/CVE-2024-56630.html
  * https://www.suse.com/security/cve/CVE-2024-56631.html
  * https://www.suse.com/security/cve/CVE-2024-56632.html
  * https://www.suse.com/security/cve/CVE-2024-56634.html
  * https://www.suse.com/security/cve/CVE-2024-56635.html
  * https://www.suse.com/security/cve/CVE-2024-56636.html
  * https://www.suse.com/security/cve/CVE-2024-56637.html
  * https://www.suse.com/security/cve/CVE-2024-56641.html
  * https://www.suse.com/security/cve/CVE-2024-56642.html
  * https://www.suse.com/security/cve/CVE-2024-56643.html
  * https://www.suse.com/security/cve/CVE-2024-56644.html
  * https://www.suse.com/security/cve/CVE-2024-56648.html
  * https://www.suse.com/security/cve/CVE-2024-56649.html
  * https://www.suse.com/security/cve/CVE-2024-56650.html
  * https://www.suse.com/security/cve/CVE-2024-56651.html
  * https://www.suse.com/security/cve/CVE-2024-56654.html
  * https://www.suse.com/security/cve/CVE-2024-56656.html
  * https://www.suse.com/security/cve/CVE-2024-56658.html
  * https://www.suse.com/security/cve/CVE-2024-56659.html
  * https://www.suse.com/security/cve/CVE-2024-56660.html
  * https://www.suse.com/security/cve/CVE-2024-56661.html
  * https://www.suse.com/security/cve/CVE-2024-56662.html
  * https://www.suse.com/security/cve/CVE-2024-56663.html
  * https://www.suse.com/security/cve/CVE-2024-56664.html
  * https://www.suse.com/security/cve/CVE-2024-56665.html
  * https://www.suse.com/security/cve/CVE-2024-56670.html
  * https://www.suse.com/security/cve/CVE-2024-56672.html
  * https://www.suse.com/security/cve/CVE-2024-56675.html
  * https://www.suse.com/security/cve/CVE-2024-56677.html
  * https://www.suse.com/security/cve/CVE-2024-56678.html
  * https://www.suse.com/security/cve/CVE-2024-56679.html
  * https://www.suse.com/security/cve/CVE-2024-56681.html
  * https://www.suse.com/security/cve/CVE-2024-56683.html
  * https://www.suse.com/security/cve/CVE-2024-56687.html
  * https://www.suse.com/security/cve/CVE-2024-56688.html
  * https://www.suse.com/security/cve/CVE-2024-56690.html
  * https://www.suse.com/security/cve/CVE-2024-56691.html
  * https://www.suse.com/security/cve/CVE-2024-56693.html
  * https://www.suse.com/security/cve/CVE-2024-56694.html
  * https://www.suse.com/security/cve/CVE-2024-56698.html
  * https://www.suse.com/security/cve/CVE-2024-56700.html
  * https://www.suse.com/security/cve/CVE-2024-56701.html
  * https://www.suse.com/security/cve/CVE-2024-56704.html
  * https://www.suse.com/security/cve/CVE-2024-56705.html
  * https://www.suse.com/security/cve/CVE-2024-56707.html
  * https://www.suse.com/security/cve/CVE-2024-56708.html
  * https://www.suse.com/security/cve/CVE-2024-56709.html
  * https://www.suse.com/security/cve/CVE-2024-56712.html
  * https://www.suse.com/security/cve/CVE-2024-56715.html
  * https://www.suse.com/security/cve/CVE-2024-56716.html
  * https://www.suse.com/security/cve/CVE-2024-56722.html
  * https://www.suse.com/security/cve/CVE-2024-56723.html
  * https://www.suse.com/security/cve/CVE-2024-56724.html
  * https://www.suse.com/security/cve/CVE-2024-56725.html
  * https://www.suse.com/security/cve/CVE-2024-56726.html
  * https://www.suse.com/security/cve/CVE-2024-56727.html
  * https://www.suse.com/security/cve/CVE-2024-56728.html
  * https://www.suse.com/security/cve/CVE-2024-56729.html
  * https://www.suse.com/security/cve/CVE-2024-56739.html
  * https://www.suse.com/security/cve/CVE-2024-56741.html
  * https://www.suse.com/security/cve/CVE-2024-56745.html
  * https://www.suse.com/security/cve/CVE-2024-56746.html
  * https://www.suse.com/security/cve/CVE-2024-56747.html
  * https://www.suse.com/security/cve/CVE-2024-56748.html
  * https://www.suse.com/security/cve/CVE-2024-56759.html
  * https://www.suse.com/security/cve/CVE-2024-56760.html
  * https://www.suse.com/security/cve/CVE-2024-56763.html
  * https://www.suse.com/security/cve/CVE-2024-56765.html
  * https://www.suse.com/security/cve/CVE-2024-56766.html
  * https://www.suse.com/security/cve/CVE-2024-56767.html
  * https://www.suse.com/security/cve/CVE-2024-56769.html
  * https://www.suse.com/security/cve/CVE-2024-56774.html
  * https://www.suse.com/security/cve/CVE-2024-56775.html
  * https://www.suse.com/security/cve/CVE-2024-56776.html
  * https://www.suse.com/security/cve/CVE-2024-56777.html
  * https://www.suse.com/security/cve/CVE-2024-56778.html
  * https://www.suse.com/security/cve/CVE-2024-56779.html
  * https://www.suse.com/security/cve/CVE-2024-56780.html
  * https://www.suse.com/security/cve/CVE-2024-56787.html
  * https://www.suse.com/security/cve/CVE-2024-57791.html
  * https://www.suse.com/security/cve/CVE-2024-57792.html
  * https://www.suse.com/security/cve/CVE-2024-57793.html
  * https://www.suse.com/security/cve/CVE-2024-57795.html
  * https://www.suse.com/security/cve/CVE-2024-57798.html
  * https://www.suse.com/security/cve/CVE-2024-57801.html
  * https://www.suse.com/security/cve/CVE-2024-57802.html
  * https://www.suse.com/security/cve/CVE-2024-57804.html
  * https://www.suse.com/security/cve/CVE-2024-57809.html
  * https://www.suse.com/security/cve/CVE-2024-57838.html
  * https://www.suse.com/security/cve/CVE-2024-57849.html
  * https://www.suse.com/security/cve/CVE-2024-57850.html
  * https://www.suse.com/security/cve/CVE-2024-57857.html
  * https://www.suse.com/security/cve/CVE-2024-57874.html
  * https://www.suse.com/security/cve/CVE-2024-57876.html
  * https://www.suse.com/security/cve/CVE-2024-57882.html
  * https://www.suse.com/security/cve/CVE-2024-57884.html
  * https://www.suse.com/security/cve/CVE-2024-57887.html
  * https://www.suse.com/security/cve/CVE-2024-57888.html
  * https://www.suse.com/security/cve/CVE-2024-57890.html
  * https://www.suse.com/security/cve/CVE-2024-57892.html
  * https://www.suse.com/security/cve/CVE-2024-57893.html
  * https://www.suse.com/security/cve/CVE-2024-57896.html
  * https://www.suse.com/security/cve/CVE-2024-57897.html
  * https://www.suse.com/security/cve/CVE-2024-57899.html
  * https://www.suse.com/security/cve/CVE-2024-57903.html
  * https://www.suse.com/security/cve/CVE-2024-57904.html
  * https://www.suse.com/security/cve/CVE-2024-57906.html
  * https://www.suse.com/security/cve/CVE-2024-57907.html
  * https://www.suse.com/security/cve/CVE-2024-57908.html
  * https://www.suse.com/security/cve/CVE-2024-57910.html
  * https://www.suse.com/security/cve/CVE-2024-57911.html
  * https://www.suse.com/security/cve/CVE-2024-57912.html
  * https://www.suse.com/security/cve/CVE-2024-57913.html
  * https://www.suse.com/security/cve/CVE-2024-57915.html
  * https://www.suse.com/security/cve/CVE-2024-57916.html
  * https://www.suse.com/security/cve/CVE-2024-57917.html
  * https://www.suse.com/security/cve/CVE-2024-57922.html
  * https://www.suse.com/security/cve/CVE-2024-57926.html
  * https://www.suse.com/security/cve/CVE-2024-57929.html
  * https://www.suse.com/security/cve/CVE-2024-57931.html
  * https://www.suse.com/security/cve/CVE-2024-57932.html
  * https://www.suse.com/security/cve/CVE-2024-57933.html
  * https://www.suse.com/security/cve/CVE-2024-57935.html
  * https://www.suse.com/security/cve/CVE-2024-57936.html
  * https://www.suse.com/security/cve/CVE-2024-57938.html
  * https://www.suse.com/security/cve/CVE-2024-57940.html
  * https://www.suse.com/security/cve/CVE-2024-57946.html
  * https://www.suse.com/security/cve/CVE-2025-21632.html
  * https://www.suse.com/security/cve/CVE-2025-21645.html
  * https://www.suse.com/security/cve/CVE-2025-21646.html
  * https://www.suse.com/security/cve/CVE-2025-21649.html
  * https://www.suse.com/security/cve/CVE-2025-21650.html
  * https://www.suse.com/security/cve/CVE-2025-21651.html
  * https://www.suse.com/security/cve/CVE-2025-21652.html
  * https://www.suse.com/security/cve/CVE-2025-21653.html
  * https://www.suse.com/security/cve/CVE-2025-21655.html
  * https://www.suse.com/security/cve/CVE-2025-21656.html
  * https://www.suse.com/security/cve/CVE-2025-21662.html
  * https://www.suse.com/security/cve/CVE-2025-21663.html
  * https://www.suse.com/security/cve/CVE-2025-21664.html
  * https://www.suse.com/security/cve/CVE-2025-21666.html
  * https://www.suse.com/security/cve/CVE-2025-21669.html
  * https://www.suse.com/security/cve/CVE-2025-21670.html
  * https://www.suse.com/security/cve/CVE-2025-21674.html
  * https://www.suse.com/security/cve/CVE-2025-21675.html
  * https://www.suse.com/security/cve/CVE-2025-21676.html
  * https://www.suse.com/security/cve/CVE-2025-21678.html
  * https://www.suse.com/security/cve/CVE-2025-21682.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1012628
  * https://bugzilla.suse.com/show_bug.cgi?id=1194869
  * https://bugzilla.suse.com/show_bug.cgi?id=1215199
  * https://bugzilla.suse.com/show_bug.cgi?id=1216813
  * https://bugzilla.suse.com/show_bug.cgi?id=1218470
  * https://bugzilla.suse.com/show_bug.cgi?id=1220711
  * https://bugzilla.suse.com/show_bug.cgi?id=1222803
  * https://bugzilla.suse.com/show_bug.cgi?id=1224049
  * https://bugzilla.suse.com/show_bug.cgi?id=1225897
  * https://bugzilla.suse.com/show_bug.cgi?id=1226980
  * https://bugzilla.suse.com/show_bug.cgi?id=1228592
  * https://bugzilla.suse.com/show_bug.cgi?id=1229833
  * https://bugzilla.suse.com/show_bug.cgi?id=1231016
  * https://bugzilla.suse.com/show_bug.cgi?id=1231088
  * https://bugzilla.suse.com/show_bug.cgi?id=1232087
  * https://bugzilla.suse.com/show_bug.cgi?id=1232101
  * https://bugzilla.suse.com/show_bug.cgi?id=1232158
  * https://bugzilla.suse.com/show_bug.cgi?id=1232161
  * https://bugzilla.suse.com/show_bug.cgi?id=1232421
  * https://bugzilla.suse.com/show_bug.cgi?id=1232882
  * https://bugzilla.suse.com/show_bug.cgi?id=1233055
  * https://bugzilla.suse.com/show_bug.cgi?id=1233112
  * https://bugzilla.suse.com/show_bug.cgi?id=1233221
  * https://bugzilla.suse.com/show_bug.cgi?id=1233248
  * https://bugzilla.suse.com/show_bug.cgi?id=1233259
  * https://bugzilla.suse.com/show_bug.cgi?id=1233260
  * https://bugzilla.suse.com/show_bug.cgi?id=1233488
  * https://bugzilla.suse.com/show_bug.cgi?id=1233522
  * https://bugzilla.suse.com/show_bug.cgi?id=1233638
  * https://bugzilla.suse.com/show_bug.cgi?id=1233642
  * https://bugzilla.suse.com/show_bug.cgi?id=1233778
  * https://bugzilla.suse.com/show_bug.cgi?id=1234195
  * https://bugzilla.suse.com/show_bug.cgi?id=1234619
  * https://bugzilla.suse.com/show_bug.cgi?id=1234635
  * https://bugzilla.suse.com/show_bug.cgi?id=1234683
  * https://bugzilla.suse.com/show_bug.cgi?id=1234693
  * https://bugzilla.suse.com/show_bug.cgi?id=1234726
  * https://bugzilla.suse.com/show_bug.cgi?id=1234825
  * https://bugzilla.suse.com/show_bug.cgi?id=1234863
  * https://bugzilla.suse.com/show_bug.cgi?id=1234887
  * https://bugzilla.suse.com/show_bug.cgi?id=1234888
  * https://bugzilla.suse.com/show_bug.cgi?id=1234893
  * https://bugzilla.suse.com/show_bug.cgi?id=1234898
  * https://bugzilla.suse.com/show_bug.cgi?id=1234901
  * https://bugzilla.suse.com/show_bug.cgi?id=1234906
  * https://bugzilla.suse.com/show_bug.cgi?id=1234923
  * https://bugzilla.suse.com/show_bug.cgi?id=1234931
  * https://bugzilla.suse.com/show_bug.cgi?id=1234934
  * https://bugzilla.suse.com/show_bug.cgi?id=1234947
  * https://bugzilla.suse.com/show_bug.cgi?id=1234957
  * https://bugzilla.suse.com/show_bug.cgi?id=1235000
  * https://bugzilla.suse.com/show_bug.cgi?id=1235001
  * https://bugzilla.suse.com/show_bug.cgi?id=1235011
  * https://bugzilla.suse.com/show_bug.cgi?id=1235031
  * https://bugzilla.suse.com/show_bug.cgi?id=1235032
  * https://bugzilla.suse.com/show_bug.cgi?id=1235035
  * https://bugzilla.suse.com/show_bug.cgi?id=1235037
  * https://bugzilla.suse.com/show_bug.cgi?id=1235038
  * https://bugzilla.suse.com/show_bug.cgi?id=1235039
  * https://bugzilla.suse.com/show_bug.cgi?id=1235040
  * https://bugzilla.suse.com/show_bug.cgi?id=1235042
  * https://bugzilla.suse.com/show_bug.cgi?id=1235043
  * https://bugzilla.suse.com/show_bug.cgi?id=1235046
  * https://bugzilla.suse.com/show_bug.cgi?id=1235050
  * https://bugzilla.suse.com/show_bug.cgi?id=1235051
  * https://bugzilla.suse.com/show_bug.cgi?id=1235053
  * https://bugzilla.suse.com/show_bug.cgi?id=1235054
  * https://bugzilla.suse.com/show_bug.cgi?id=1235057
  * https://bugzilla.suse.com/show_bug.cgi?id=1235059
  * https://bugzilla.suse.com/show_bug.cgi?id=1235065
  * https://bugzilla.suse.com/show_bug.cgi?id=1235070
  * https://bugzilla.suse.com/show_bug.cgi?id=1235073
  * https://bugzilla.suse.com/show_bug.cgi?id=1235100
  * https://bugzilla.suse.com/show_bug.cgi?id=1235112
  * https://bugzilla.suse.com/show_bug.cgi?id=1235115
  * https://bugzilla.suse.com/show_bug.cgi?id=1235117
  * https://bugzilla.suse.com/show_bug.cgi?id=1235122
  * https://bugzilla.suse.com/show_bug.cgi?id=1235123
  * https://bugzilla.suse.com/show_bug.cgi?id=1235125
  * https://bugzilla.suse.com/show_bug.cgi?id=1235132
  * https://bugzilla.suse.com/show_bug.cgi?id=1235133
  * https://bugzilla.suse.com/show_bug.cgi?id=1235155
  * https://bugzilla.suse.com/show_bug.cgi?id=1235160
  * https://bugzilla.suse.com/show_bug.cgi?id=1235217
  * https://bugzilla.suse.com/show_bug.cgi?id=1235219
  * https://bugzilla.suse.com/show_bug.cgi?id=1235220
  * https://bugzilla.suse.com/show_bug.cgi?id=1235222
  * https://bugzilla.suse.com/show_bug.cgi?id=1235223
  * https://bugzilla.suse.com/show_bug.cgi?id=1235224
  * https://bugzilla.suse.com/show_bug.cgi?id=1235227
  * https://bugzilla.suse.com/show_bug.cgi?id=1235230
  * https://bugzilla.suse.com/show_bug.cgi?id=1235241
  * https://bugzilla.suse.com/show_bug.cgi?id=1235244
  * https://bugzilla.suse.com/show_bug.cgi?id=1235249
  * https://bugzilla.suse.com/show_bug.cgi?id=1235251
  * https://bugzilla.suse.com/show_bug.cgi?id=1235252
  * https://bugzilla.suse.com/show_bug.cgi?id=1235389
  * https://bugzilla.suse.com/show_bug.cgi?id=1235390
  * https://bugzilla.suse.com/show_bug.cgi?id=1235391
  * https://bugzilla.suse.com/show_bug.cgi?id=1235406
  * https://bugzilla.suse.com/show_bug.cgi?id=1235410
  * https://bugzilla.suse.com/show_bug.cgi?id=1235412
  * https://bugzilla.suse.com/show_bug.cgi?id=1235413
  * https://bugzilla.suse.com/show_bug.cgi?id=1235415
  * https://bugzilla.suse.com/show_bug.cgi?id=1235416
  * https://bugzilla.suse.com/show_bug.cgi?id=1235417
  * https://bugzilla.suse.com/show_bug.cgi?id=1235418
  * https://bugzilla.suse.com/show_bug.cgi?id=1235423
  * https://bugzilla.suse.com/show_bug.cgi?id=1235424
  * https://bugzilla.suse.com/show_bug.cgi?id=1235425
  * https://bugzilla.suse.com/show_bug.cgi?id=1235426
  * https://bugzilla.suse.com/show_bug.cgi?id=1235427
  * https://bugzilla.suse.com/show_bug.cgi?id=1235428
  * https://bugzilla.suse.com/show_bug.cgi?id=1235429
  * https://bugzilla.suse.com/show_bug.cgi?id=1235430
  * https://bugzilla.suse.com/show_bug.cgi?id=1235433
  * https://bugzilla.suse.com/show_bug.cgi?id=1235437
  * https://bugzilla.suse.com/show_bug.cgi?id=1235439
  * https://bugzilla.suse.com/show_bug.cgi?id=1235441
  * https://bugzilla.suse.com/show_bug.cgi?id=1235444
  * https://bugzilla.suse.com/show_bug.cgi?id=1235445
  * https://bugzilla.suse.com/show_bug.cgi?id=1235449
  * https://bugzilla.suse.com/show_bug.cgi?id=1235451
  * https://bugzilla.suse.com/show_bug.cgi?id=1235454
  * https://bugzilla.suse.com/show_bug.cgi?id=1235458
  * https://bugzilla.suse.com/show_bug.cgi?id=1235459
  * https://bugzilla.suse.com/show_bug.cgi?id=1235464
  * https://bugzilla.suse.com/show_bug.cgi?id=1235466
  * https://bugzilla.suse.com/show_bug.cgi?id=1235473
  * https://bugzilla.suse.com/show_bug.cgi?id=1235479
  * https://bugzilla.suse.com/show_bug.cgi?id=1235480
  * https://bugzilla.suse.com/show_bug.cgi?id=1235483
  * https://bugzilla.suse.com/show_bug.cgi?id=1235486
  * https://bugzilla.suse.com/show_bug.cgi?id=1235487
  * https://bugzilla.suse.com/show_bug.cgi?id=1235488
  * https://bugzilla.suse.com/show_bug.cgi?id=1235489
  * https://bugzilla.suse.com/show_bug.cgi?id=1235491
  * https://bugzilla.suse.com/show_bug.cgi?id=1235494
  * https://bugzilla.suse.com/show_bug.cgi?id=1235495
  * https://bugzilla.suse.com/show_bug.cgi?id=1235496
  * https://bugzilla.suse.com/show_bug.cgi?id=1235497
  * https://bugzilla.suse.com/show_bug.cgi?id=1235498
  * https://bugzilla.suse.com/show_bug.cgi?id=1235500
  * https://bugzilla.suse.com/show_bug.cgi?id=1235502
  * https://bugzilla.suse.com/show_bug.cgi?id=1235503
  * https://bugzilla.suse.com/show_bug.cgi?id=1235519
  * https://bugzilla.suse.com/show_bug.cgi?id=1235520
  * https://bugzilla.suse.com/show_bug.cgi?id=1235521
  * https://bugzilla.suse.com/show_bug.cgi?id=1235523
  * https://bugzilla.suse.com/show_bug.cgi?id=1235526
  * https://bugzilla.suse.com/show_bug.cgi?id=1235528
  * https://bugzilla.suse.com/show_bug.cgi?id=1235532
  * https://bugzilla.suse.com/show_bug.cgi?id=1235533
  * https://bugzilla.suse.com/show_bug.cgi?id=1235534
  * https://bugzilla.suse.com/show_bug.cgi?id=1235537
  * https://bugzilla.suse.com/show_bug.cgi?id=1235538
  * https://bugzilla.suse.com/show_bug.cgi?id=1235545
  * https://bugzilla.suse.com/show_bug.cgi?id=1235552
  * https://bugzilla.suse.com/show_bug.cgi?id=1235555
  * https://bugzilla.suse.com/show_bug.cgi?id=1235557
  * https://bugzilla.suse.com/show_bug.cgi?id=1235563
  * https://bugzilla.suse.com/show_bug.cgi?id=1235564
  * https://bugzilla.suse.com/show_bug.cgi?id=1235565
  * https://bugzilla.suse.com/show_bug.cgi?id=1235568
  * https://bugzilla.suse.com/show_bug.cgi?id=1235570
  * https://bugzilla.suse.com/show_bug.cgi?id=1235571
  * https://bugzilla.suse.com/show_bug.cgi?id=1235577
  * https://bugzilla.suse.com/show_bug.cgi?id=1235578
  * https://bugzilla.suse.com/show_bug.cgi?id=1235582
  * https://bugzilla.suse.com/show_bug.cgi?id=1235583
  * https://bugzilla.suse.com/show_bug.cgi?id=1235584
  * https://bugzilla.suse.com/show_bug.cgi?id=1235587
  * https://bugzilla.suse.com/show_bug.cgi?id=1235611
  * https://bugzilla.suse.com/show_bug.cgi?id=1235612
  * https://bugzilla.suse.com/show_bug.cgi?id=1235616
  * https://bugzilla.suse.com/show_bug.cgi?id=1235622
  * https://bugzilla.suse.com/show_bug.cgi?id=1235627
  * https://bugzilla.suse.com/show_bug.cgi?id=1235632
  * https://bugzilla.suse.com/show_bug.cgi?id=1235635
  * https://bugzilla.suse.com/show_bug.cgi?id=1235638
  * https://bugzilla.suse.com/show_bug.cgi?id=1235641
  * https://bugzilla.suse.com/show_bug.cgi?id=1235643
  * https://bugzilla.suse.com/show_bug.cgi?id=1235645
  * https://bugzilla.suse.com/show_bug.cgi?id=1235646
  * https://bugzilla.suse.com/show_bug.cgi?id=1235647
  * https://bugzilla.suse.com/show_bug.cgi?id=1235650
  * https://bugzilla.suse.com/show_bug.cgi?id=1235653
  * https://bugzilla.suse.com/show_bug.cgi?id=1235656
  * https://bugzilla.suse.com/show_bug.cgi?id=1235657
  * https://bugzilla.suse.com/show_bug.cgi?id=1235663
  * https://bugzilla.suse.com/show_bug.cgi?id=1235686
  * https://bugzilla.suse.com/show_bug.cgi?id=1235700
  * https://bugzilla.suse.com/show_bug.cgi?id=1235705
  * https://bugzilla.suse.com/show_bug.cgi?id=1235707
  * https://bugzilla.suse.com/show_bug.cgi?id=1235708
  * https://bugzilla.suse.com/show_bug.cgi?id=1235710
  * https://bugzilla.suse.com/show_bug.cgi?id=1235714
  * https://bugzilla.suse.com/show_bug.cgi?id=1235716
  * https://bugzilla.suse.com/show_bug.cgi?id=1235720
  * https://bugzilla.suse.com/show_bug.cgi?id=1235723
  * https://bugzilla.suse.com/show_bug.cgi?id=1235727
  * https://bugzilla.suse.com/show_bug.cgi?id=1235730
  * https://bugzilla.suse.com/show_bug.cgi?id=1235737
  * https://bugzilla.suse.com/show_bug.cgi?id=1235739
  * https://bugzilla.suse.com/show_bug.cgi?id=1235745
  * https://bugzilla.suse.com/show_bug.cgi?id=1235747
  * https://bugzilla.suse.com/show_bug.cgi?id=1235750
  * https://bugzilla.suse.com/show_bug.cgi?id=1235753
  * https://bugzilla.suse.com/show_bug.cgi?id=1235759
  * https://bugzilla.suse.com/show_bug.cgi?id=1235764
  * https://bugzilla.suse.com/show_bug.cgi?id=1235768
  * https://bugzilla.suse.com/show_bug.cgi?id=1235776
  * https://bugzilla.suse.com/show_bug.cgi?id=1235777
  * https://bugzilla.suse.com/show_bug.cgi?id=1235778
  * https://bugzilla.suse.com/show_bug.cgi?id=1235779
  * https://bugzilla.suse.com/show_bug.cgi?id=1235793
  * https://bugzilla.suse.com/show_bug.cgi?id=1235798
  * https://bugzilla.suse.com/show_bug.cgi?id=1235806
  * https://bugzilla.suse.com/show_bug.cgi?id=1235808
  * https://bugzilla.suse.com/show_bug.cgi?id=1235812
  * https://bugzilla.suse.com/show_bug.cgi?id=1235814
  * https://bugzilla.suse.com/show_bug.cgi?id=1235818
  * https://bugzilla.suse.com/show_bug.cgi?id=1235842
  * https://bugzilla.suse.com/show_bug.cgi?id=1235865
  * https://bugzilla.suse.com/show_bug.cgi?id=1235874
  * https://bugzilla.suse.com/show_bug.cgi?id=1235894
  * https://bugzilla.suse.com/show_bug.cgi?id=1235902
  * https://bugzilla.suse.com/show_bug.cgi?id=1235903
  * https://bugzilla.suse.com/show_bug.cgi?id=1235906
  * https://bugzilla.suse.com/show_bug.cgi?id=1235914
  * https://bugzilla.suse.com/show_bug.cgi?id=1235918
  * https://bugzilla.suse.com/show_bug.cgi?id=1235919
  * https://bugzilla.suse.com/show_bug.cgi?id=1235920
  * https://bugzilla.suse.com/show_bug.cgi?id=1235924
  * https://bugzilla.suse.com/show_bug.cgi?id=1235940
  * https://bugzilla.suse.com/show_bug.cgi?id=1235941
  * https://bugzilla.suse.com/show_bug.cgi?id=1235946
  * https://bugzilla.suse.com/show_bug.cgi?id=1235948
  * https://bugzilla.suse.com/show_bug.cgi?id=1235952
  * https://bugzilla.suse.com/show_bug.cgi?id=1235964
  * https://bugzilla.suse.com/show_bug.cgi?id=1235965
  * https://bugzilla.suse.com/show_bug.cgi?id=1235967
  * https://bugzilla.suse.com/show_bug.cgi?id=1235969
  * https://bugzilla.suse.com/show_bug.cgi?id=1235976
  * https://bugzilla.suse.com/show_bug.cgi?id=1235977
  * https://bugzilla.suse.com/show_bug.cgi?id=1236078
  * https://bugzilla.suse.com/show_bug.cgi?id=1236080
  * https://bugzilla.suse.com/show_bug.cgi?id=1236082
  * https://bugzilla.suse.com/show_bug.cgi?id=1236088
  * https://bugzilla.suse.com/show_bug.cgi?id=1236090
  * https://bugzilla.suse.com/show_bug.cgi?id=1236091
  * https://bugzilla.suse.com/show_bug.cgi?id=1236096
  * https://bugzilla.suse.com/show_bug.cgi?id=1236097
  * https://bugzilla.suse.com/show_bug.cgi?id=1236098
  * https://bugzilla.suse.com/show_bug.cgi?id=1236101
  * https://bugzilla.suse.com/show_bug.cgi?id=1236102
  * https://bugzilla.suse.com/show_bug.cgi?id=1236104
  * https://bugzilla.suse.com/show_bug.cgi?id=1236106
  * https://bugzilla.suse.com/show_bug.cgi?id=1236120
  * https://bugzilla.suse.com/show_bug.cgi?id=1236125
  * https://bugzilla.suse.com/show_bug.cgi?id=1236127
  * https://bugzilla.suse.com/show_bug.cgi?id=1236131
  * https://bugzilla.suse.com/show_bug.cgi?id=1236138
  * https://bugzilla.suse.com/show_bug.cgi?id=1236143
  * https://bugzilla.suse.com/show_bug.cgi?id=1236144
  * https://bugzilla.suse.com/show_bug.cgi?id=1236145
  * https://bugzilla.suse.com/show_bug.cgi?id=1236160
  * https://bugzilla.suse.com/show_bug.cgi?id=1236161
  * https://bugzilla.suse.com/show_bug.cgi?id=1236163
  * https://bugzilla.suse.com/show_bug.cgi?id=1236168
  * https://bugzilla.suse.com/show_bug.cgi?id=1236178
  * https://bugzilla.suse.com/show_bug.cgi?id=1236180
  * https://bugzilla.suse.com/show_bug.cgi?id=1236181
  * https://bugzilla.suse.com/show_bug.cgi?id=1236182
  * https://bugzilla.suse.com/show_bug.cgi?id=1236190
  * https://bugzilla.suse.com/show_bug.cgi?id=1236192
  * https://bugzilla.suse.com/show_bug.cgi?id=1236198
  * https://bugzilla.suse.com/show_bug.cgi?id=1236227
  * https://bugzilla.suse.com/show_bug.cgi?id=1236245
  * https://bugzilla.suse.com/show_bug.cgi?id=1236247
  * https://bugzilla.suse.com/show_bug.cgi?id=1236248
  * https://bugzilla.suse.com/show_bug.cgi?id=1236260
  * https://bugzilla.suse.com/show_bug.cgi?id=1236262
  * https://bugzilla.suse.com/show_bug.cgi?id=1236628
  * https://bugzilla.suse.com/show_bug.cgi?id=1236680
  * https://bugzilla.suse.com/show_bug.cgi?id=1236683
  * https://bugzilla.suse.com/show_bug.cgi?id=1236685
  * https://bugzilla.suse.com/show_bug.cgi?id=1236688
  * https://bugzilla.suse.com/show_bug.cgi?id=1236694
  * https://bugzilla.suse.com/show_bug.cgi?id=1236696
  * https://bugzilla.suse.com/show_bug.cgi?id=1236698
  * https://bugzilla.suse.com/show_bug.cgi?id=1236703
  * https://bugzilla.suse.com/show_bug.cgi?id=1236732
  * https://bugzilla.suse.com/show_bug.cgi?id=1236733
  * https://bugzilla.suse.com/show_bug.cgi?id=1236757
  * https://bugzilla.suse.com/show_bug.cgi?id=1236758
  * https://bugzilla.suse.com/show_bug.cgi?id=1236760
  * https://bugzilla.suse.com/show_bug.cgi?id=1236761
  * https://jira.suse.com/browse/PED-7242

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250214/7b55894c/attachment-0001.htm>

From null at suse.de  Fri Feb 14 16:33:29 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 14 Feb 2025 16:33:29 -0000
Subject: SUSE-SU-2025:0558-1: moderate: Security update for buildah
Message-ID: <173955080910.19940.1492633854662393090@smelt2.prg2.suse.org>



# Security update for buildah

Announcement ID: SUSE-SU-2025:0558-1  
Release Date: 2025-02-14T15:28:52Z  
Rating: moderate  
References:

  * bsc#1236531

  
Cross-References:

  * CVE-2023-45288

  
CVSS scores:

  * CVE-2023-45288 ( SUSE ):  6.9
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2023-45288 ( SUSE ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

  
Affected Products:

  * openSUSE Leap 15.4

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for buildah fixes the following issues:

  * CVE-2023-45288: possible excessive CPU consumption due to no limit being set
    on the number of CONTINUATION frames read for an HTTP/2 request in
    golang.org/x/net/http2. (bsc#1236531)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-558=1

## Package List:

  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * buildah-1.35.5-150400.3.39.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-45288.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236531

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250214/eaf8746d/attachment.htm>

From null at suse.de  Fri Feb 14 16:34:42 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 14 Feb 2025 16:34:42 -0000
Subject: SUSE-SU-2025:0556-1: important: Security update for the Linux Kernel
Message-ID: <173955088290.19940.10094047454736878211@smelt2.prg2.suse.org>



# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2025:0556-1  
Release Date: 2025-02-14T15:26:36Z  
Rating: important  
References:

  * bsc#1194869
  * bsc#1216813
  * bsc#1223384
  * bsc#1225736
  * bsc#1226848
  * bsc#1226980
  * bsc#1228537
  * bsc#1228592
  * bsc#1230341
  * bsc#1230432
  * bsc#1230527
  * bsc#1230697
  * bsc#1231088
  * bsc#1231847
  * bsc#1232914
  * bsc#1233028
  * bsc#1233055
  * bsc#1233097
  * bsc#1233103
  * bsc#1233112
  * bsc#1233464
  * bsc#1233488
  * bsc#1233642
  * bsc#1233778
  * bsc#1234024
  * bsc#1234025
  * bsc#1234078
  * bsc#1234087
  * bsc#1234153
  * bsc#1234155
  * bsc#1234223
  * bsc#1234381
  * bsc#1234683
  * bsc#1234690
  * bsc#1234825
  * bsc#1234829
  * bsc#1234832
  * bsc#1234884
  * bsc#1234889
  * bsc#1234896
  * bsc#1234899
  * bsc#1234900
  * bsc#1234905
  * bsc#1234909
  * bsc#1234916
  * bsc#1234918
  * bsc#1234922
  * bsc#1234930
  * bsc#1234931
  * bsc#1234934
  * bsc#1234962
  * bsc#1234999
  * bsc#1235002
  * bsc#1235009
  * bsc#1235011
  * bsc#1235053
  * bsc#1235057
  * bsc#1235059
  * bsc#1235100
  * bsc#1235122
  * bsc#1235123
  * bsc#1235133
  * bsc#1235134
  * bsc#1235217
  * bsc#1235222
  * bsc#1235230
  * bsc#1235249
  * bsc#1235410
  * bsc#1235430
  * bsc#1235433
  * bsc#1235441
  * bsc#1235451
  * bsc#1235458
  * bsc#1235466
  * bsc#1235473
  * bsc#1235480
  * bsc#1235491
  * bsc#1235495
  * bsc#1235496
  * bsc#1235521
  * bsc#1235557
  * bsc#1235563
  * bsc#1235570
  * bsc#1235584
  * bsc#1235611
  * bsc#1235635
  * bsc#1235641
  * bsc#1235643
  * bsc#1235645
  * bsc#1235647
  * bsc#1235723
  * bsc#1235739
  * bsc#1235747
  * bsc#1235759
  * bsc#1235764
  * bsc#1235768
  * bsc#1235806
  * bsc#1235812
  * bsc#1235814
  * bsc#1235818
  * bsc#1235842
  * bsc#1235920
  * bsc#1235969
  * bsc#1236628

  
Cross-References:

  * CVE-2024-26758
  * CVE-2024-26943
  * CVE-2024-36898
  * CVE-2024-38599
  * CVE-2024-41047
  * CVE-2024-45019
  * CVE-2024-46858
  * CVE-2024-50051
  * CVE-2024-50136
  * CVE-2024-50142
  * CVE-2024-50151
  * CVE-2024-50195
  * CVE-2024-50199
  * CVE-2024-50210
  * CVE-2024-50275
  * CVE-2024-50299
  * CVE-2024-53095
  * CVE-2024-53103
  * CVE-2024-53104
  * CVE-2024-53112
  * CVE-2024-53121
  * CVE-2024-53127
  * CVE-2024-53129
  * CVE-2024-53138
  * CVE-2024-53141
  * CVE-2024-53144
  * CVE-2024-53148
  * CVE-2024-53151
  * CVE-2024-53166
  * CVE-2024-53169
  * CVE-2024-53171
  * CVE-2024-53174
  * CVE-2024-53177
  * CVE-2024-53208
  * CVE-2024-53209
  * CVE-2024-53215
  * CVE-2024-53217
  * CVE-2024-53224
  * CVE-2024-53227
  * CVE-2024-53229
  * CVE-2024-53690
  * CVE-2024-54680
  * CVE-2024-55916
  * CVE-2024-56531
  * CVE-2024-56532
  * CVE-2024-56533
  * CVE-2024-56557
  * CVE-2024-56558
  * CVE-2024-56562
  * CVE-2024-56567
  * CVE-2024-56588
  * CVE-2024-56595
  * CVE-2024-56596
  * CVE-2024-56597
  * CVE-2024-56600
  * CVE-2024-56601
  * CVE-2024-56602
  * CVE-2024-56623
  * CVE-2024-56629
  * CVE-2024-56631
  * CVE-2024-56642
  * CVE-2024-56644
  * CVE-2024-56645
  * CVE-2024-56648
  * CVE-2024-56650
  * CVE-2024-56658
  * CVE-2024-56661
  * CVE-2024-56664
  * CVE-2024-56678
  * CVE-2024-56681
  * CVE-2024-56698
  * CVE-2024-56701
  * CVE-2024-56704
  * CVE-2024-56722
  * CVE-2024-56739
  * CVE-2024-56745
  * CVE-2024-56747
  * CVE-2024-56754
  * CVE-2024-56756
  * CVE-2024-56759
  * CVE-2024-56765
  * CVE-2024-56776
  * CVE-2024-56777
  * CVE-2024-56778
  * CVE-2024-57791
  * CVE-2024-57792
  * CVE-2024-57793
  * CVE-2024-57798
  * CVE-2024-57849
  * CVE-2024-57850
  * CVE-2024-57876
  * CVE-2024-57893
  * CVE-2024-57897
  * CVE-2024-8805

  
CVSS scores:

  * CVE-2024-26758 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-26758 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-26943 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-36898 ( SUSE ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
  * CVE-2024-38599 ( SUSE ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
  * CVE-2024-41047 ( SUSE ):  0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N
  * CVE-2024-45019 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-45019 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-46858 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-46858 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50051 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-50051 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50051 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50051 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50136 ( SUSE ):  0.0
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-50136 ( SUSE ):  0.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
  * CVE-2024-50136 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50142 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-50142 ( SUSE ):  6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
  * CVE-2024-50142 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50151 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-50151 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2024-50151 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50195 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50195 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50199 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50210 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-50210 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50210 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50275 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50275 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50299 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50299 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53095 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53095 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53103 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53103 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53112 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53112 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53112 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53121 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53121 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53127 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53129 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53129 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53138 ( SUSE ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
  * CVE-2024-53138 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53141 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53141 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53141 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53144 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53148 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53148 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53151 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53151 ( SUSE ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-53151 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53166 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53166 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53166 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53166 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53169 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53169 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53171 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53171 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53171 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53171 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53174 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53174 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53174 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53177 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53177 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53177 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53208 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53208 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53208 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53209 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53209 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-53215 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53215 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53215 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53217 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53217 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53217 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53224 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53224 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53224 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53227 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53227 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53227 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53227 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53229 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53229 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53690 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53690 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54680 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-54680 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54680 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54680 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-55916 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-55916 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-55916 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56531 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56531 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56532 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56532 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56533 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56533 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56557 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56557 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56558 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56558 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56558 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56562 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56562 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56567 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56567 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56567 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56588 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56588 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56588 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56595 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56595 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56595 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56596 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56596 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56596 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56597 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56597 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-56600 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56600 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56601 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56602 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56602 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56602 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56602 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56623 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56623 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56623 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56629 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56629 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56629 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56631 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56631 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56631 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56631 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56642 ( SUSE ):  7.5
    CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56642 ( SUSE ):  7.1 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56642 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56642 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56644 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56644 ( SUSE ):  2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56645 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56645 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56648 ( SUSE ):  8.6
    CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56648 ( SUSE ):  8.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56648 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56650 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56650 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56650 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-56658 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56658 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56658 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56661 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56661 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56661 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56664 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56664 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56664 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56678 ( SUSE ):  8.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56678 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56678 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56681 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56681 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  * CVE-2024-56698 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56698 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56698 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56701 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56701 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56704 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56704 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56704 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56722 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56722 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56722 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56739 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56739 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56739 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56745 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56745 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56745 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56747 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56747 ( SUSE ):  2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56747 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56754 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56754 ( SUSE ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-56754 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56756 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56756 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-56756 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56759 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56759 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56765 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56765 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56765 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56765 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56776 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56776 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56776 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56777 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56777 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56777 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56778 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56778 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56778 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57791 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57791 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57792 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57792 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57793 ( SUSE ):  6.2
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H
  * CVE-2024-57793 ( SUSE ):  8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:H
  * CVE-2024-57798 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57798 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57798 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57849 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57849 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57850 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57850 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57876 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57876 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57893 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57893 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57897 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57897 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-8805 ( SUSE ):  8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-8805 ( NVD ):  8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-8805 ( NVD ):  8.8 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.5
  * SUSE Linux Enterprise Micro 5.5

  
  
An update that solves 94 vulnerabilities and has 10 security fixes can now be
installed.

## Description:

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various
security bugfixes.

The following security bugs were fixed:

  * CVE-2024-57897: drm/amdkfd: Correct the migration DMA map direction
    (bsc#1235969).
  * CVE-2024-57893: ALSA: seq: oss: Fix races at processing SysEx messages
    (bsc#1235920).
  * CVE-2024-57876: drm/dp_mst: Fix resetting msg rx state after topology
    removal (bsc#1235806).
  * CVE-2024-57849: s390/cpum_sf: Handle CPU hotplug remove during sampling
    (bsc#1235814).
  * CVE-2024-57798: drm/dp_mst: Ensure mst_primary pointer is valid in
    drm_dp_mst_handle_up_req() (bsc#1235818).
  * CVE-2024-57793: virt: tdx-guest: Just leak decrypted memory on unrecoverable
    errors (bsc#1235768).
  * CVE-2024-57792: power: supply: gpio-charger: Fix set charge current limits
    (bsc#1235764).
  * CVE-2024-57791: net/smc: check return value of sock_recvmsg when draining
    clc data (bsc#1235759).
  * CVE-2024-56759: btrfs: fix use-after-free when COWing tree bock and tracing
    is enabled (bsc#1235645).
  * CVE-2024-56747: scsi: qedi: Fix a possible memory leak in
    qedi_alloc_and_init_sb() (bsc#1234934).
  * CVE-2024-56704: 9p/xen: fix release of IRQ (bsc#1235584).
  * CVE-2024-56664: bpf, sockmap: Fix race between element replace and close()
    (bsc#1235249).
  * CVE-2024-56658: net: defer final 'struct net' free in netns dismantle
    (bsc#1235441).
  * CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check()
    (bsc#1235430).
  * CVE-2024-56648: net: hsr: avoid potential out-of-bound access in
    fill_frame_info() (bsc#1235451).
  * CVE-2024-56642: tipc: Fix use-after-free of kernel socket in
    cleanup_bearer() (bsc#1235433).
  * CVE-2024-56631: scsi: sg: Fix slab-use-after-free read in sg_release()
    (bsc#1235480).
  * CVE-2024-56623: scsi: qla2xxx: Fix use after free on unload (bsc#1235466).
  * CVE-2024-56602: net: ieee802154: do not leave a dangling sk pointer in
    ieee802154_create() (bsc#1235521).
  * CVE-2024-56601: net: inet: do not leave a dangling sk pointer in
    inet_create() (bsc#1235230).
  * CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in
    inet6_create() (bsc#1235217).
  * CVE-2024-56588: scsi: hisi_sas: Create all dump files during debugfs
    initialization (bsc#1235123).
  * CVE-2024-53227: scsi: bfa: Fix use-after-free in bfad_im_module_exit()
    (bsc#1235011).
  * CVE-2024-53209: bnxt_en: Fix receive ring space parameters when XDP is
    active (bsc#1235002).
  * CVE-2024-53177: smb: prevent use-after-free due to open_cached_dir error
    paths (bsc#1234896).
  * CVE-2024-53166: block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234884).
  * CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt
    (bsc#1234381).
  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1234025).
  * CVE-2024-50299: sctp: properly validate chunk size in sctp_sf_ootb()
    (bsc#1233488).
  * CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unuse_vma (bsc#1233112).
  * CVE-2024-50151: smb: client: fix OOBs when building SMB2_IOCTL request
    (bsc#1233055).
  * CVE-2024-50142: xfrm: validate new SA's prefixlen using SA family when
    sel.family is unset (bsc#1233028).
  * CVE-2024-46858: mptcp: pm: Fix uaf in __timer_delete_sync (bsc#1231088).
  * CVE-2024-36898: gpiolib: cdev: fix uninitialised kfifo (bsc#1225736).

The following non-security bugs were fixed:

  * NFS: Adjust the amount of readahead performed by NFS readdir (bsc#1231847).
  * NFS: Do not flush the readdir cache in nfs_dentry_iput() (bsc#1231847).
  * NFS: Improve heuristic for readdirplus (bsc#1231847).
  * NFS: Trigger the "ls -l" readdir heuristic sooner (bsc#1231847).
  * VFS: use system_unbound_wq for delayed_mntput (bsc#1234683).
  * ceph: improve error handling and short/overflow-read logic in
    __ceph_sync_read() (bsc#1228592).
  * ibmvnic: Free any outstanding tx skbs during scrq reset (bsc#1226980).
  * netfilter: nf_tables: validate family when identifying table via handle
    (bsc#1233778 ZDI-24-1454).
  * powerpc/pseries/vas: Add close() callback in vas_vm_ops struct
    (bsc#1234825).
  * tipc: fix NULL deref in cleanup_bearer() (bsc#1235433).
  * x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0
    (git-fixes).

## Special Instructions and Notes:

  * Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-556=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-556=1

## Package List:

  * openSUSE Leap 15.5 (noarch)
    * kernel-devel-rt-5.14.21-150500.13.85.1
    * kernel-source-rt-5.14.21-150500.13.85.1
  * openSUSE Leap 15.5 (x86_64)
    * kernel-rt-vdso-debuginfo-5.14.21-150500.13.85.1
    * kernel-rt-optional-5.14.21-150500.13.85.1
    * kernel-rt_debug-devel-5.14.21-150500.13.85.1
    * kernel-syms-rt-5.14.21-150500.13.85.1
    * kernel-rt-vdso-5.14.21-150500.13.85.1
    * ocfs2-kmp-rt-5.14.21-150500.13.85.1
    * kernel-rt-optional-debuginfo-5.14.21-150500.13.85.1
    * kselftests-kmp-rt-debuginfo-5.14.21-150500.13.85.1
    * kernel-rt-livepatch-devel-5.14.21-150500.13.85.1
    * cluster-md-kmp-rt-5.14.21-150500.13.85.1
    * kernel-rt-debugsource-5.14.21-150500.13.85.1
    * kernel-rt-devel-5.14.21-150500.13.85.1
    * kernel-rt-extra-debuginfo-5.14.21-150500.13.85.1
    * reiserfs-kmp-rt-debuginfo-5.14.21-150500.13.85.1
    * kernel-rt-devel-debuginfo-5.14.21-150500.13.85.1
    * gfs2-kmp-rt-5.14.21-150500.13.85.1
    * dlm-kmp-rt-5.14.21-150500.13.85.1
    * kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.85.1
    * kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.85.1
    * kernel-rt_debug-debuginfo-5.14.21-150500.13.85.1
    * kernel-rt_debug-vdso-5.14.21-150500.13.85.1
    * kernel-rt_debug-debugsource-5.14.21-150500.13.85.1
    * kernel-rt-livepatch-5.14.21-150500.13.85.1
    * dlm-kmp-rt-debuginfo-5.14.21-150500.13.85.1
    * kselftests-kmp-rt-5.14.21-150500.13.85.1
    * gfs2-kmp-rt-debuginfo-5.14.21-150500.13.85.1
    * ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.85.1
    * kernel-rt-extra-5.14.21-150500.13.85.1
    * kernel-rt-debuginfo-5.14.21-150500.13.85.1
    * cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.85.1
    * reiserfs-kmp-rt-5.14.21-150500.13.85.1
  * openSUSE Leap 15.5 (nosrc x86_64)
    * kernel-rt_debug-5.14.21-150500.13.85.1
    * kernel-rt-5.14.21-150500.13.85.1
  * SUSE Linux Enterprise Micro 5.5 (nosrc x86_64)
    * kernel-rt-5.14.21-150500.13.85.1
  * SUSE Linux Enterprise Micro 5.5 (x86_64)
    * kernel-rt-debuginfo-5.14.21-150500.13.85.1
    * kernel-rt-debugsource-5.14.21-150500.13.85.1
  * SUSE Linux Enterprise Micro 5.5 (noarch)
    * kernel-source-rt-5.14.21-150500.13.85.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-26758.html
  * https://www.suse.com/security/cve/CVE-2024-26943.html
  * https://www.suse.com/security/cve/CVE-2024-36898.html
  * https://www.suse.com/security/cve/CVE-2024-38599.html
  * https://www.suse.com/security/cve/CVE-2024-41047.html
  * https://www.suse.com/security/cve/CVE-2024-45019.html
  * https://www.suse.com/security/cve/CVE-2024-46858.html
  * https://www.suse.com/security/cve/CVE-2024-50051.html
  * https://www.suse.com/security/cve/CVE-2024-50136.html
  * https://www.suse.com/security/cve/CVE-2024-50142.html
  * https://www.suse.com/security/cve/CVE-2024-50151.html
  * https://www.suse.com/security/cve/CVE-2024-50195.html
  * https://www.suse.com/security/cve/CVE-2024-50199.html
  * https://www.suse.com/security/cve/CVE-2024-50210.html
  * https://www.suse.com/security/cve/CVE-2024-50275.html
  * https://www.suse.com/security/cve/CVE-2024-50299.html
  * https://www.suse.com/security/cve/CVE-2024-53095.html
  * https://www.suse.com/security/cve/CVE-2024-53103.html
  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://www.suse.com/security/cve/CVE-2024-53112.html
  * https://www.suse.com/security/cve/CVE-2024-53121.html
  * https://www.suse.com/security/cve/CVE-2024-53127.html
  * https://www.suse.com/security/cve/CVE-2024-53129.html
  * https://www.suse.com/security/cve/CVE-2024-53138.html
  * https://www.suse.com/security/cve/CVE-2024-53141.html
  * https://www.suse.com/security/cve/CVE-2024-53144.html
  * https://www.suse.com/security/cve/CVE-2024-53148.html
  * https://www.suse.com/security/cve/CVE-2024-53151.html
  * https://www.suse.com/security/cve/CVE-2024-53166.html
  * https://www.suse.com/security/cve/CVE-2024-53169.html
  * https://www.suse.com/security/cve/CVE-2024-53171.html
  * https://www.suse.com/security/cve/CVE-2024-53174.html
  * https://www.suse.com/security/cve/CVE-2024-53177.html
  * https://www.suse.com/security/cve/CVE-2024-53208.html
  * https://www.suse.com/security/cve/CVE-2024-53209.html
  * https://www.suse.com/security/cve/CVE-2024-53215.html
  * https://www.suse.com/security/cve/CVE-2024-53217.html
  * https://www.suse.com/security/cve/CVE-2024-53224.html
  * https://www.suse.com/security/cve/CVE-2024-53227.html
  * https://www.suse.com/security/cve/CVE-2024-53229.html
  * https://www.suse.com/security/cve/CVE-2024-53690.html
  * https://www.suse.com/security/cve/CVE-2024-54680.html
  * https://www.suse.com/security/cve/CVE-2024-55916.html
  * https://www.suse.com/security/cve/CVE-2024-56531.html
  * https://www.suse.com/security/cve/CVE-2024-56532.html
  * https://www.suse.com/security/cve/CVE-2024-56533.html
  * https://www.suse.com/security/cve/CVE-2024-56557.html
  * https://www.suse.com/security/cve/CVE-2024-56558.html
  * https://www.suse.com/security/cve/CVE-2024-56562.html
  * https://www.suse.com/security/cve/CVE-2024-56567.html
  * https://www.suse.com/security/cve/CVE-2024-56588.html
  * https://www.suse.com/security/cve/CVE-2024-56595.html
  * https://www.suse.com/security/cve/CVE-2024-56596.html
  * https://www.suse.com/security/cve/CVE-2024-56597.html
  * https://www.suse.com/security/cve/CVE-2024-56600.html
  * https://www.suse.com/security/cve/CVE-2024-56601.html
  * https://www.suse.com/security/cve/CVE-2024-56602.html
  * https://www.suse.com/security/cve/CVE-2024-56623.html
  * https://www.suse.com/security/cve/CVE-2024-56629.html
  * https://www.suse.com/security/cve/CVE-2024-56631.html
  * https://www.suse.com/security/cve/CVE-2024-56642.html
  * https://www.suse.com/security/cve/CVE-2024-56644.html
  * https://www.suse.com/security/cve/CVE-2024-56645.html
  * https://www.suse.com/security/cve/CVE-2024-56648.html
  * https://www.suse.com/security/cve/CVE-2024-56650.html
  * https://www.suse.com/security/cve/CVE-2024-56658.html
  * https://www.suse.com/security/cve/CVE-2024-56661.html
  * https://www.suse.com/security/cve/CVE-2024-56664.html
  * https://www.suse.com/security/cve/CVE-2024-56678.html
  * https://www.suse.com/security/cve/CVE-2024-56681.html
  * https://www.suse.com/security/cve/CVE-2024-56698.html
  * https://www.suse.com/security/cve/CVE-2024-56701.html
  * https://www.suse.com/security/cve/CVE-2024-56704.html
  * https://www.suse.com/security/cve/CVE-2024-56722.html
  * https://www.suse.com/security/cve/CVE-2024-56739.html
  * https://www.suse.com/security/cve/CVE-2024-56745.html
  * https://www.suse.com/security/cve/CVE-2024-56747.html
  * https://www.suse.com/security/cve/CVE-2024-56754.html
  * https://www.suse.com/security/cve/CVE-2024-56756.html
  * https://www.suse.com/security/cve/CVE-2024-56759.html
  * https://www.suse.com/security/cve/CVE-2024-56765.html
  * https://www.suse.com/security/cve/CVE-2024-56776.html
  * https://www.suse.com/security/cve/CVE-2024-56777.html
  * https://www.suse.com/security/cve/CVE-2024-56778.html
  * https://www.suse.com/security/cve/CVE-2024-57791.html
  * https://www.suse.com/security/cve/CVE-2024-57792.html
  * https://www.suse.com/security/cve/CVE-2024-57793.html
  * https://www.suse.com/security/cve/CVE-2024-57798.html
  * https://www.suse.com/security/cve/CVE-2024-57849.html
  * https://www.suse.com/security/cve/CVE-2024-57850.html
  * https://www.suse.com/security/cve/CVE-2024-57876.html
  * https://www.suse.com/security/cve/CVE-2024-57893.html
  * https://www.suse.com/security/cve/CVE-2024-57897.html
  * https://www.suse.com/security/cve/CVE-2024-8805.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1194869
  * https://bugzilla.suse.com/show_bug.cgi?id=1216813
  * https://bugzilla.suse.com/show_bug.cgi?id=1223384
  * https://bugzilla.suse.com/show_bug.cgi?id=1225736
  * https://bugzilla.suse.com/show_bug.cgi?id=1226848
  * https://bugzilla.suse.com/show_bug.cgi?id=1226980
  * https://bugzilla.suse.com/show_bug.cgi?id=1228537
  * https://bugzilla.suse.com/show_bug.cgi?id=1228592
  * https://bugzilla.suse.com/show_bug.cgi?id=1230341
  * https://bugzilla.suse.com/show_bug.cgi?id=1230432
  * https://bugzilla.suse.com/show_bug.cgi?id=1230527
  * https://bugzilla.suse.com/show_bug.cgi?id=1230697
  * https://bugzilla.suse.com/show_bug.cgi?id=1231088
  * https://bugzilla.suse.com/show_bug.cgi?id=1231847
  * https://bugzilla.suse.com/show_bug.cgi?id=1232914
  * https://bugzilla.suse.com/show_bug.cgi?id=1233028
  * https://bugzilla.suse.com/show_bug.cgi?id=1233055
  * https://bugzilla.suse.com/show_bug.cgi?id=1233097
  * https://bugzilla.suse.com/show_bug.cgi?id=1233103
  * https://bugzilla.suse.com/show_bug.cgi?id=1233112
  * https://bugzilla.suse.com/show_bug.cgi?id=1233464
  * https://bugzilla.suse.com/show_bug.cgi?id=1233488
  * https://bugzilla.suse.com/show_bug.cgi?id=1233642
  * https://bugzilla.suse.com/show_bug.cgi?id=1233778
  * https://bugzilla.suse.com/show_bug.cgi?id=1234024
  * https://bugzilla.suse.com/show_bug.cgi?id=1234025
  * https://bugzilla.suse.com/show_bug.cgi?id=1234078
  * https://bugzilla.suse.com/show_bug.cgi?id=1234087
  * https://bugzilla.suse.com/show_bug.cgi?id=1234153
  * https://bugzilla.suse.com/show_bug.cgi?id=1234155
  * https://bugzilla.suse.com/show_bug.cgi?id=1234223
  * https://bugzilla.suse.com/show_bug.cgi?id=1234381
  * https://bugzilla.suse.com/show_bug.cgi?id=1234683
  * https://bugzilla.suse.com/show_bug.cgi?id=1234690
  * https://bugzilla.suse.com/show_bug.cgi?id=1234825
  * https://bugzilla.suse.com/show_bug.cgi?id=1234829
  * https://bugzilla.suse.com/show_bug.cgi?id=1234832
  * https://bugzilla.suse.com/show_bug.cgi?id=1234884
  * https://bugzilla.suse.com/show_bug.cgi?id=1234889
  * https://bugzilla.suse.com/show_bug.cgi?id=1234896
  * https://bugzilla.suse.com/show_bug.cgi?id=1234899
  * https://bugzilla.suse.com/show_bug.cgi?id=1234900
  * https://bugzilla.suse.com/show_bug.cgi?id=1234905
  * https://bugzilla.suse.com/show_bug.cgi?id=1234909
  * https://bugzilla.suse.com/show_bug.cgi?id=1234916
  * https://bugzilla.suse.com/show_bug.cgi?id=1234918
  * https://bugzilla.suse.com/show_bug.cgi?id=1234922
  * https://bugzilla.suse.com/show_bug.cgi?id=1234930
  * https://bugzilla.suse.com/show_bug.cgi?id=1234931
  * https://bugzilla.suse.com/show_bug.cgi?id=1234934
  * https://bugzilla.suse.com/show_bug.cgi?id=1234962
  * https://bugzilla.suse.com/show_bug.cgi?id=1234999
  * https://bugzilla.suse.com/show_bug.cgi?id=1235002
  * https://bugzilla.suse.com/show_bug.cgi?id=1235009
  * https://bugzilla.suse.com/show_bug.cgi?id=1235011
  * https://bugzilla.suse.com/show_bug.cgi?id=1235053
  * https://bugzilla.suse.com/show_bug.cgi?id=1235057
  * https://bugzilla.suse.com/show_bug.cgi?id=1235059
  * https://bugzilla.suse.com/show_bug.cgi?id=1235100
  * https://bugzilla.suse.com/show_bug.cgi?id=1235122
  * https://bugzilla.suse.com/show_bug.cgi?id=1235123
  * https://bugzilla.suse.com/show_bug.cgi?id=1235133
  * https://bugzilla.suse.com/show_bug.cgi?id=1235134
  * https://bugzilla.suse.com/show_bug.cgi?id=1235217
  * https://bugzilla.suse.com/show_bug.cgi?id=1235222
  * https://bugzilla.suse.com/show_bug.cgi?id=1235230
  * https://bugzilla.suse.com/show_bug.cgi?id=1235249
  * https://bugzilla.suse.com/show_bug.cgi?id=1235410
  * https://bugzilla.suse.com/show_bug.cgi?id=1235430
  * https://bugzilla.suse.com/show_bug.cgi?id=1235433
  * https://bugzilla.suse.com/show_bug.cgi?id=1235441
  * https://bugzilla.suse.com/show_bug.cgi?id=1235451
  * https://bugzilla.suse.com/show_bug.cgi?id=1235458
  * https://bugzilla.suse.com/show_bug.cgi?id=1235466
  * https://bugzilla.suse.com/show_bug.cgi?id=1235473
  * https://bugzilla.suse.com/show_bug.cgi?id=1235480
  * https://bugzilla.suse.com/show_bug.cgi?id=1235491
  * https://bugzilla.suse.com/show_bug.cgi?id=1235495
  * https://bugzilla.suse.com/show_bug.cgi?id=1235496
  * https://bugzilla.suse.com/show_bug.cgi?id=1235521
  * https://bugzilla.suse.com/show_bug.cgi?id=1235557
  * https://bugzilla.suse.com/show_bug.cgi?id=1235563
  * https://bugzilla.suse.com/show_bug.cgi?id=1235570
  * https://bugzilla.suse.com/show_bug.cgi?id=1235584
  * https://bugzilla.suse.com/show_bug.cgi?id=1235611
  * https://bugzilla.suse.com/show_bug.cgi?id=1235635
  * https://bugzilla.suse.com/show_bug.cgi?id=1235641
  * https://bugzilla.suse.com/show_bug.cgi?id=1235643
  * https://bugzilla.suse.com/show_bug.cgi?id=1235645
  * https://bugzilla.suse.com/show_bug.cgi?id=1235647
  * https://bugzilla.suse.com/show_bug.cgi?id=1235723
  * https://bugzilla.suse.com/show_bug.cgi?id=1235739
  * https://bugzilla.suse.com/show_bug.cgi?id=1235747
  * https://bugzilla.suse.com/show_bug.cgi?id=1235759
  * https://bugzilla.suse.com/show_bug.cgi?id=1235764
  * https://bugzilla.suse.com/show_bug.cgi?id=1235768
  * https://bugzilla.suse.com/show_bug.cgi?id=1235806
  * https://bugzilla.suse.com/show_bug.cgi?id=1235812
  * https://bugzilla.suse.com/show_bug.cgi?id=1235814
  * https://bugzilla.suse.com/show_bug.cgi?id=1235818
  * https://bugzilla.suse.com/show_bug.cgi?id=1235842
  * https://bugzilla.suse.com/show_bug.cgi?id=1235920
  * https://bugzilla.suse.com/show_bug.cgi?id=1235969
  * https://bugzilla.suse.com/show_bug.cgi?id=1236628

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250214/7ab0179b/attachment.htm>

From null at suse.de  Fri Feb 14 16:35:04 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 14 Feb 2025 16:35:04 -0000
Subject: SUSE-SU-2025:0555-1: important: Security update for the Linux Kernel
Message-ID: <173955090446.19940.7016032323012765879@smelt2.prg2.suse.org>



# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2025:0555-1  
Release Date: 2025-02-14T15:25:28Z  
Rating: important  
References:

  * bsc#1230697
  * bsc#1231847
  * bsc#1233112
  * bsc#1233642
  * bsc#1234025
  * bsc#1234690
  * bsc#1234884
  * bsc#1234896
  * bsc#1234931
  * bsc#1235134
  * bsc#1235217
  * bsc#1235230
  * bsc#1235249
  * bsc#1235430
  * bsc#1235433
  * bsc#1235441
  * bsc#1235451
  * bsc#1235466
  * bsc#1235480
  * bsc#1235521
  * bsc#1235584
  * bsc#1235645
  * bsc#1235723
  * bsc#1235759
  * bsc#1235764
  * bsc#1235814
  * bsc#1235818
  * bsc#1235920
  * bsc#1235969
  * bsc#1236628

  
Cross-References:

  * CVE-2024-50199
  * CVE-2024-53095
  * CVE-2024-53104
  * CVE-2024-53144
  * CVE-2024-53166
  * CVE-2024-53177
  * CVE-2024-54680
  * CVE-2024-56600
  * CVE-2024-56601
  * CVE-2024-56602
  * CVE-2024-56623
  * CVE-2024-56631
  * CVE-2024-56642
  * CVE-2024-56645
  * CVE-2024-56648
  * CVE-2024-56650
  * CVE-2024-56658
  * CVE-2024-56661
  * CVE-2024-56664
  * CVE-2024-56704
  * CVE-2024-56759
  * CVE-2024-57791
  * CVE-2024-57792
  * CVE-2024-57798
  * CVE-2024-57849
  * CVE-2024-57893
  * CVE-2024-57897
  * CVE-2024-8805

  
CVSS scores:

  * CVE-2024-50199 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53095 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53095 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53144 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53166 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53166 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53166 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53166 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53177 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53177 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53177 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-54680 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-54680 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54680 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54680 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56600 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56601 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56602 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56602 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56602 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56602 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56623 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56623 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56623 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56631 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56631 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56631 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56631 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56642 ( SUSE ):  7.5
    CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56642 ( SUSE ):  7.1 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56642 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56642 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56645 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56645 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56648 ( SUSE ):  8.6
    CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56648 ( SUSE ):  8.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56648 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56650 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56650 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56650 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-56658 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56658 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56658 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56661 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56661 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56661 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56664 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56664 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56664 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56704 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56704 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56704 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56759 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57791 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57791 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57792 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57792 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57798 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57798 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57798 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57849 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57849 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57893 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57893 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57897 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57897 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-8805 ( SUSE ):  8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-8805 ( NVD ):  8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-8805 ( NVD ):  8.8 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4

  
  
An update that solves 28 vulnerabilities and has two security fixes can now be
installed.

## Description:

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various
security bugfixes.

The following security bugs were fixed:

  * CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unuse_vma (bsc#1233112).
  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1234025).
  * CVE-2024-53166: block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234884).
  * CVE-2024-53177: smb: prevent use-after-free due to open_cached_dir error
    paths (bsc#1234896).
  * CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in
    inet6_create() (bsc#1235217).
  * CVE-2024-56601: net: inet: do not leave a dangling sk pointer in
    inet_create() (bsc#1235230).
  * CVE-2024-56602: net: ieee802154: do not leave a dangling sk pointer in
    ieee802154_create() (bsc#1235521).
  * CVE-2024-56623: scsi: qla2xxx: Fix use after free on unload (bsc#1235466).
  * CVE-2024-56631: scsi: sg: Fix slab-use-after-free read in sg_release()
    (bsc#1235480).
  * CVE-2024-56642: tipc: Fix use-after-free of kernel socket in
    cleanup_bearer() (bsc#1235433).
  * CVE-2024-56645: can: j1939: j1939_session_new(): fix skb reference counting
    (bsc#1235134).
  * CVE-2024-56648: net: hsr: avoid potential out-of-bound access in
    fill_frame_info() (bsc#1235451).
  * CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check()
    (bsc#1235430).
  * CVE-2024-56658: net: defer final 'struct net' free in netns dismantle
    (bsc#1235441).
  * CVE-2024-56664: bpf, sockmap: Fix race between element replace and close()
    (bsc#1235249).
  * CVE-2024-56704: 9p/xen: fix release of IRQ (bsc#1235584).
  * CVE-2024-56759: btrfs: fix use-after-free when COWing tree bock and tracing
    is enabled (bsc#1235645).
  * CVE-2024-57791: net/smc: check return value of sock_recvmsg when draining
    clc data (bsc#1235759).
  * CVE-2024-57792: power: supply: gpio-charger: Fix set charge current limits
    (bsc#1235764).
  * CVE-2024-57798: drm/dp_mst: Ensure mst_primary pointer is valid in
    drm_dp_mst_handle_up_req() (bsc#1235818).
  * CVE-2024-57849: s390/cpum_sf: Handle CPU hotplug remove during sampling
    (bsc#1235814).
  * CVE-2024-57893: ALSA: seq: oss: Fix races at processing SysEx messages
    (bsc#1235920).
  * CVE-2024-57897: drm/amdkfd: Correct the migration DMA map direction
    (bsc#1235969).

The following non-security bugs were fixed:

  * NFS: Adjust the amount of readahead performed by NFS readdir (bsc#1231847).
  * NFS: Do not flush the readdir cache in nfs_dentry_iput() (bsc#1231847).
  * NFS: Improve heuristic for readdirplus (bsc#1231847).
  * NFS: Trigger the "ls -l" readdir heuristic sooner (bsc#1231847).
  * tipc: fix NULL deref in cleanup_bearer() (bsc#1235433).
  * x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0
    (git-fixes).

## Special Instructions and Notes:

  * Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-555=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-555=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-555=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-555=1

## Package List:

  * SUSE Linux Enterprise Micro for Rancher 5.3 (nosrc x86_64)
    * kernel-rt-5.14.21-150400.15.109.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64)
    * kernel-rt-debuginfo-5.14.21-150400.15.109.1
    * kernel-rt-debugsource-5.14.21-150400.15.109.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch)
    * kernel-source-rt-5.14.21-150400.15.109.1
  * SUSE Linux Enterprise Micro 5.3 (nosrc x86_64)
    * kernel-rt-5.14.21-150400.15.109.1
  * SUSE Linux Enterprise Micro 5.3 (x86_64)
    * kernel-rt-debuginfo-5.14.21-150400.15.109.1
    * kernel-rt-debugsource-5.14.21-150400.15.109.1
  * SUSE Linux Enterprise Micro 5.3 (noarch)
    * kernel-source-rt-5.14.21-150400.15.109.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (nosrc x86_64)
    * kernel-rt-5.14.21-150400.15.109.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64)
    * kernel-rt-debuginfo-5.14.21-150400.15.109.1
    * kernel-rt-debugsource-5.14.21-150400.15.109.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch)
    * kernel-source-rt-5.14.21-150400.15.109.1
  * SUSE Linux Enterprise Micro 5.4 (nosrc x86_64)
    * kernel-rt-5.14.21-150400.15.109.1
  * SUSE Linux Enterprise Micro 5.4 (x86_64)
    * kernel-rt-debuginfo-5.14.21-150400.15.109.1
    * kernel-rt-debugsource-5.14.21-150400.15.109.1
  * SUSE Linux Enterprise Micro 5.4 (noarch)
    * kernel-source-rt-5.14.21-150400.15.109.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-50199.html
  * https://www.suse.com/security/cve/CVE-2024-53095.html
  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://www.suse.com/security/cve/CVE-2024-53144.html
  * https://www.suse.com/security/cve/CVE-2024-53166.html
  * https://www.suse.com/security/cve/CVE-2024-53177.html
  * https://www.suse.com/security/cve/CVE-2024-54680.html
  * https://www.suse.com/security/cve/CVE-2024-56600.html
  * https://www.suse.com/security/cve/CVE-2024-56601.html
  * https://www.suse.com/security/cve/CVE-2024-56602.html
  * https://www.suse.com/security/cve/CVE-2024-56623.html
  * https://www.suse.com/security/cve/CVE-2024-56631.html
  * https://www.suse.com/security/cve/CVE-2024-56642.html
  * https://www.suse.com/security/cve/CVE-2024-56645.html
  * https://www.suse.com/security/cve/CVE-2024-56648.html
  * https://www.suse.com/security/cve/CVE-2024-56650.html
  * https://www.suse.com/security/cve/CVE-2024-56658.html
  * https://www.suse.com/security/cve/CVE-2024-56661.html
  * https://www.suse.com/security/cve/CVE-2024-56664.html
  * https://www.suse.com/security/cve/CVE-2024-56704.html
  * https://www.suse.com/security/cve/CVE-2024-56759.html
  * https://www.suse.com/security/cve/CVE-2024-57791.html
  * https://www.suse.com/security/cve/CVE-2024-57792.html
  * https://www.suse.com/security/cve/CVE-2024-57798.html
  * https://www.suse.com/security/cve/CVE-2024-57849.html
  * https://www.suse.com/security/cve/CVE-2024-57893.html
  * https://www.suse.com/security/cve/CVE-2024-57897.html
  * https://www.suse.com/security/cve/CVE-2024-8805.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1230697
  * https://bugzilla.suse.com/show_bug.cgi?id=1231847
  * https://bugzilla.suse.com/show_bug.cgi?id=1233112
  * https://bugzilla.suse.com/show_bug.cgi?id=1233642
  * https://bugzilla.suse.com/show_bug.cgi?id=1234025
  * https://bugzilla.suse.com/show_bug.cgi?id=1234690
  * https://bugzilla.suse.com/show_bug.cgi?id=1234884
  * https://bugzilla.suse.com/show_bug.cgi?id=1234896
  * https://bugzilla.suse.com/show_bug.cgi?id=1234931
  * https://bugzilla.suse.com/show_bug.cgi?id=1235134
  * https://bugzilla.suse.com/show_bug.cgi?id=1235217
  * https://bugzilla.suse.com/show_bug.cgi?id=1235230
  * https://bugzilla.suse.com/show_bug.cgi?id=1235249
  * https://bugzilla.suse.com/show_bug.cgi?id=1235430
  * https://bugzilla.suse.com/show_bug.cgi?id=1235433
  * https://bugzilla.suse.com/show_bug.cgi?id=1235441
  * https://bugzilla.suse.com/show_bug.cgi?id=1235451
  * https://bugzilla.suse.com/show_bug.cgi?id=1235466
  * https://bugzilla.suse.com/show_bug.cgi?id=1235480
  * https://bugzilla.suse.com/show_bug.cgi?id=1235521
  * https://bugzilla.suse.com/show_bug.cgi?id=1235584
  * https://bugzilla.suse.com/show_bug.cgi?id=1235645
  * https://bugzilla.suse.com/show_bug.cgi?id=1235723
  * https://bugzilla.suse.com/show_bug.cgi?id=1235759
  * https://bugzilla.suse.com/show_bug.cgi?id=1235764
  * https://bugzilla.suse.com/show_bug.cgi?id=1235814
  * https://bugzilla.suse.com/show_bug.cgi?id=1235818
  * https://bugzilla.suse.com/show_bug.cgi?id=1235920
  * https://bugzilla.suse.com/show_bug.cgi?id=1235969
  * https://bugzilla.suse.com/show_bug.cgi?id=1236628

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250214/b59bd78b/attachment.htm>

From null at suse.de  Fri Feb 14 16:35:08 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 14 Feb 2025 16:35:08 -0000
Subject: SUSE-SU-2025:0554-1: moderate: Security update for python3
Message-ID: <173955090881.19940.1330718502311351525@smelt2.prg2.suse.org>



# Security update for python3

Announcement ID: SUSE-SU-2025:0554-1  
Release Date: 2025-02-14T15:11:05Z  
Rating: moderate  
References:

  * bsc#1236705

  
Cross-References:

  * CVE-2025-0938

  
CVSS scores:

  * CVE-2025-0938 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N
  * CVE-2025-0938 ( SUSE ):  4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
  * CVE-2025-0938 ( NVD ):  6.3
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

  
Affected Products:

  * Basesystem Module 15-SP6
  * Development Tools Module 15-SP6
  * openSUSE Leap 15.3
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Micro for Rancher 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for python3 fixes the following issues:

  * CVE-2025-0938: domain names containing square brackets are not identified as
    incorrect by urlparse. (bsc#1236705)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-554=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-554=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-554=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-554=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-554=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-554=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-554=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-554=1

  * Development Tools Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-554=1

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-554=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-554=1

## Package List:

  * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
    * python3-dbm-3.6.15-150300.10.81.1
    * python3-devel-debuginfo-3.6.15-150300.10.81.1
    * python3-testsuite-debuginfo-3.6.15-150300.10.81.1
    * python3-tk-3.6.15-150300.10.81.1
    * python3-dbm-debuginfo-3.6.15-150300.10.81.1
    * libpython3_6m1_0-debuginfo-3.6.15-150300.10.81.1
    * python3-debuginfo-3.6.15-150300.10.81.1
    * python3-curses-debuginfo-3.6.15-150300.10.81.1
    * python3-debugsource-3.6.15-150300.10.81.1
    * libpython3_6m1_0-3.6.15-150300.10.81.1
    * python3-testsuite-3.6.15-150300.10.81.1
    * python3-tools-3.6.15-150300.10.81.1
    * python3-doc-3.6.15-150300.10.81.1
    * python3-base-3.6.15-150300.10.81.1
    * python3-doc-devhelp-3.6.15-150300.10.81.1
    * python3-idle-3.6.15-150300.10.81.1
    * python3-devel-3.6.15-150300.10.81.1
    * python3-curses-3.6.15-150300.10.81.1
    * python3-core-debugsource-3.6.15-150300.10.81.1
    * python3-tk-debuginfo-3.6.15-150300.10.81.1
    * python3-3.6.15-150300.10.81.1
    * python3-base-debuginfo-3.6.15-150300.10.81.1
  * openSUSE Leap 15.3 (x86_64)
    * libpython3_6m1_0-32bit-3.6.15-150300.10.81.1
    * libpython3_6m1_0-32bit-debuginfo-3.6.15-150300.10.81.1
  * openSUSE Leap 15.3 (aarch64_ilp32)
    * libpython3_6m1_0-64bit-debuginfo-3.6.15-150300.10.81.1
    * libpython3_6m1_0-64bit-3.6.15-150300.10.81.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * python3-dbm-3.6.15-150300.10.81.1
    * python3-devel-debuginfo-3.6.15-150300.10.81.1
    * python3-testsuite-debuginfo-3.6.15-150300.10.81.1
    * python3-tk-3.6.15-150300.10.81.1
    * python3-dbm-debuginfo-3.6.15-150300.10.81.1
    * libpython3_6m1_0-debuginfo-3.6.15-150300.10.81.1
    * python3-debuginfo-3.6.15-150300.10.81.1
    * python3-curses-debuginfo-3.6.15-150300.10.81.1
    * libpython3_6m1_0-3.6.15-150300.10.81.1
    * python3-debugsource-3.6.15-150300.10.81.1
    * python3-testsuite-3.6.15-150300.10.81.1
    * python3-tools-3.6.15-150300.10.81.1
    * python3-doc-3.6.15-150300.10.81.1
    * python3-base-3.6.15-150300.10.81.1
    * python3-doc-devhelp-3.6.15-150300.10.81.1
    * python3-idle-3.6.15-150300.10.81.1
    * python3-devel-3.6.15-150300.10.81.1
    * python3-curses-3.6.15-150300.10.81.1
    * python3-core-debugsource-3.6.15-150300.10.81.1
    * python3-tk-debuginfo-3.6.15-150300.10.81.1
    * python3-3.6.15-150300.10.81.1
    * python3-base-debuginfo-3.6.15-150300.10.81.1
  * openSUSE Leap 15.6 (x86_64)
    * libpython3_6m1_0-32bit-3.6.15-150300.10.81.1
    * libpython3_6m1_0-32bit-debuginfo-3.6.15-150300.10.81.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * libpython3_6m1_0-3.6.15-150300.10.81.1
    * python3-debugsource-3.6.15-150300.10.81.1
    * libpython3_6m1_0-debuginfo-3.6.15-150300.10.81.1
    * python3-debuginfo-3.6.15-150300.10.81.1
    * python3-base-3.6.15-150300.10.81.1
    * python3-core-debugsource-3.6.15-150300.10.81.1
    * python3-3.6.15-150300.10.81.1
    * python3-base-debuginfo-3.6.15-150300.10.81.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * libpython3_6m1_0-3.6.15-150300.10.81.1
    * python3-debugsource-3.6.15-150300.10.81.1
    * libpython3_6m1_0-debuginfo-3.6.15-150300.10.81.1
    * python3-debuginfo-3.6.15-150300.10.81.1
    * python3-base-3.6.15-150300.10.81.1
    * python3-core-debugsource-3.6.15-150300.10.81.1
    * python3-3.6.15-150300.10.81.1
    * python3-base-debuginfo-3.6.15-150300.10.81.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * libpython3_6m1_0-3.6.15-150300.10.81.1
    * python3-debugsource-3.6.15-150300.10.81.1
    * libpython3_6m1_0-debuginfo-3.6.15-150300.10.81.1
    * python3-debuginfo-3.6.15-150300.10.81.1
    * python3-base-3.6.15-150300.10.81.1
    * python3-core-debugsource-3.6.15-150300.10.81.1
    * python3-3.6.15-150300.10.81.1
    * python3-base-debuginfo-3.6.15-150300.10.81.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * libpython3_6m1_0-3.6.15-150300.10.81.1
    * python3-debugsource-3.6.15-150300.10.81.1
    * libpython3_6m1_0-debuginfo-3.6.15-150300.10.81.1
    * python3-debuginfo-3.6.15-150300.10.81.1
    * python3-base-3.6.15-150300.10.81.1
    * python3-core-debugsource-3.6.15-150300.10.81.1
    * python3-3.6.15-150300.10.81.1
    * python3-base-debuginfo-3.6.15-150300.10.81.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * libpython3_6m1_0-3.6.15-150300.10.81.1
    * python3-debugsource-3.6.15-150300.10.81.1
    * libpython3_6m1_0-debuginfo-3.6.15-150300.10.81.1
    * python3-debuginfo-3.6.15-150300.10.81.1
    * python3-base-3.6.15-150300.10.81.1
    * python3-core-debugsource-3.6.15-150300.10.81.1
    * python3-3.6.15-150300.10.81.1
    * python3-base-debuginfo-3.6.15-150300.10.81.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * libpython3_6m1_0-3.6.15-150300.10.81.1
    * python3-dbm-3.6.15-150300.10.81.1
    * python3-debugsource-3.6.15-150300.10.81.1
    * python3-devel-3.6.15-150300.10.81.1
    * python3-devel-debuginfo-3.6.15-150300.10.81.1
    * python3-idle-3.6.15-150300.10.81.1
    * python3-tk-3.6.15-150300.10.81.1
    * python3-dbm-debuginfo-3.6.15-150300.10.81.1
    * python3-curses-3.6.15-150300.10.81.1
    * libpython3_6m1_0-debuginfo-3.6.15-150300.10.81.1
    * python3-debuginfo-3.6.15-150300.10.81.1
    * python3-base-3.6.15-150300.10.81.1
    * python3-core-debugsource-3.6.15-150300.10.81.1
    * python3-curses-debuginfo-3.6.15-150300.10.81.1
    * python3-tk-debuginfo-3.6.15-150300.10.81.1
    * python3-3.6.15-150300.10.81.1
    * python3-base-debuginfo-3.6.15-150300.10.81.1
  * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * python3-core-debugsource-3.6.15-150300.10.81.1
    * python3-tools-3.6.15-150300.10.81.1
  * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
    * libpython3_6m1_0-3.6.15-150300.10.81.1
    * python3-debugsource-3.6.15-150300.10.81.1
    * libpython3_6m1_0-debuginfo-3.6.15-150300.10.81.1
    * python3-debuginfo-3.6.15-150300.10.81.1
    * python3-base-3.6.15-150300.10.81.1
    * python3-core-debugsource-3.6.15-150300.10.81.1
    * python3-3.6.15-150300.10.81.1
    * python3-base-debuginfo-3.6.15-150300.10.81.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
    * libpython3_6m1_0-3.6.15-150300.10.81.1
    * python3-debugsource-3.6.15-150300.10.81.1
    * libpython3_6m1_0-debuginfo-3.6.15-150300.10.81.1
    * python3-debuginfo-3.6.15-150300.10.81.1
    * python3-base-3.6.15-150300.10.81.1
    * python3-core-debugsource-3.6.15-150300.10.81.1
    * python3-3.6.15-150300.10.81.1
    * python3-base-debuginfo-3.6.15-150300.10.81.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-0938.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236705

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250214/236f69a7/attachment.htm>

From null at suse.de  Fri Feb 14 16:35:11 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 14 Feb 2025 16:35:11 -0000
Subject: SUSE-SU-2025:0553-1: moderate: Security update for python
Message-ID: <173955091129.19940.8226408585661538713@smelt2.prg2.suse.org>



# Security update for python

Announcement ID: SUSE-SU-2025:0553-1  
Release Date: 2025-02-14T15:10:20Z  
Rating: moderate  
References:

  * bsc#1236705

  
Cross-References:

  * CVE-2025-0938

  
CVSS scores:

  * CVE-2025-0938 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N
  * CVE-2025-0938 ( SUSE ):  4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
  * CVE-2025-0938 ( NVD ):  6.3
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

  
Affected Products:

  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for python fixes the following issues:

  * CVE-2025-0938: functions `urllib.parse.urlsplit` and `urlparse` accept
    domain names including square brackets (bsc#1236705).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-553=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * python-debuginfo-32bit-2.7.18-33.41.1
    * libpython2_7-1_0-debuginfo-32bit-2.7.18-33.41.1
    * python-idle-2.7.18-33.41.1
    * python-xml-debuginfo-2.7.18-33.41.1
    * python-curses-2.7.18-33.41.1
    * libpython2_7-1_0-debuginfo-2.7.18-33.41.1
    * python-base-2.7.18-33.41.1
    * libpython2_7-1_0-32bit-2.7.18-33.41.1
    * python-gdbm-debuginfo-2.7.18-33.41.1
    * python-xml-2.7.18-33.41.1
    * libpython2_7-1_0-2.7.18-33.41.1
    * python-32bit-2.7.18-33.41.1
    * python-base-32bit-2.7.18-33.41.1
    * python-devel-2.7.18-33.41.1
    * python-curses-debuginfo-2.7.18-33.41.1
    * python-gdbm-2.7.18-33.41.1
    * python-base-debugsource-2.7.18-33.41.1
    * python-2.7.18-33.41.1
    * python-demo-2.7.18-33.41.1
    * python-tk-debuginfo-2.7.18-33.41.1
    * python-tk-2.7.18-33.41.1
    * python-base-debuginfo-32bit-2.7.18-33.41.1
    * python-debugsource-2.7.18-33.41.1
    * python-debuginfo-2.7.18-33.41.1
    * python-base-debuginfo-2.7.18-33.41.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch)
    * python-doc-pdf-2.7.18-33.41.1
    * python-doc-2.7.18-33.41.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-0938.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236705

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250214/1d3cefa7/attachment.htm>

From null at suse.de  Fri Feb 14 16:35:13 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 14 Feb 2025 16:35:13 -0000
Subject: SUSE-SU-2025:0552-1: moderate: Security update for python3
Message-ID: <173955091345.19940.4329343687454051428@smelt2.prg2.suse.org>



# Security update for python3

Announcement ID: SUSE-SU-2025:0552-1  
Release Date: 2025-02-14T15:10:11Z  
Rating: moderate  
References:

  * bsc#1236705

  
Cross-References:

  * CVE-2025-0938

  
CVSS scores:

  * CVE-2025-0938 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N
  * CVE-2025-0938 ( SUSE ):  4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
  * CVE-2025-0938 ( NVD ):  6.3
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

  
Affected Products:

  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for python3 fixes the following issues:

  * CVE-2025-0938: domain names containing square brackets are not identified as
    incorrect by urlparse. (bsc#1236705)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-552=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * python3-debugsource-3.4.10-25.148.1
    * python3-base-debuginfo-32bit-3.4.10-25.148.1
    * python3-base-debuginfo-3.4.10-25.148.1
    * libpython3_4m1_0-debuginfo-3.4.10-25.148.1
    * python3-devel-debuginfo-3.4.10-25.148.1
    * python3-debuginfo-3.4.10-25.148.1
    * python3-base-3.4.10-25.148.1
    * python3-curses-3.4.10-25.148.1
    * python3-tk-3.4.10-25.148.1
    * libpython3_4m1_0-debuginfo-32bit-3.4.10-25.148.1
    * python3-3.4.10-25.148.1
    * python3-tk-debuginfo-3.4.10-25.148.1
    * libpython3_4m1_0-3.4.10-25.148.1
    * python3-curses-debuginfo-3.4.10-25.148.1
    * python3-devel-3.4.10-25.148.1
    * libpython3_4m1_0-32bit-3.4.10-25.148.1
    * python3-base-debugsource-3.4.10-25.148.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-0938.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236705

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250214/f39466f5/attachment.htm>

From null at suse.de  Fri Feb 14 16:35:16 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 14 Feb 2025 16:35:16 -0000
Subject: SUSE-SU-2025:0551-1: moderate: Security update for python311
Message-ID: <173955091689.19940.16523846417647226196@smelt2.prg2.suse.org>



# Security update for python311

Announcement ID: SUSE-SU-2025:0551-1  
Release Date: 2025-02-14T15:10:00Z  
Rating: moderate  
References:

  * bsc#1228165
  * bsc#1231795
  * bsc#1236705

  
Cross-References:

  * CVE-2025-0938

  
CVSS scores:

  * CVE-2025-0938 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N
  * CVE-2025-0938 ( SUSE ):  4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
  * CVE-2025-0938 ( NVD ):  6.3
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * Python 3 Module 15-SP6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves one vulnerability and has two security fixes can now be
installed.

## Description:

This update for python311 fixes the following issues:

  * CVE-2025-0938: domain names containing square brackets are not identified as
    incorrect by urlparse. (bsc#1236705)

Other fixes:

  * Update to version 3.11.11.
  * Remove -IVendor/ from python-config. (bsc#1231795)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-551=1 openSUSE-SLE-15.6-2025-551=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-551=1

  * Python 3 Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2025-551=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * python311-idle-3.11.11-150600.3.16.2
    * python311-debuginfo-3.11.11-150600.3.16.2
    * python311-curses-debuginfo-3.11.11-150600.3.16.2
    * libpython3_11-1_0-3.11.11-150600.3.16.2
    * libpython3_11-1_0-debuginfo-3.11.11-150600.3.16.2
    * python311-doc-3.11.11-150600.3.16.2
    * python311-testsuite-debuginfo-3.11.11-150600.3.16.2
    * python311-tools-3.11.11-150600.3.16.2
    * python311-dbm-debuginfo-3.11.11-150600.3.16.2
    * python311-3.11.11-150600.3.16.2
    * python311-devel-3.11.11-150600.3.16.2
    * python311-debugsource-3.11.11-150600.3.16.2
    * python311-tk-3.11.11-150600.3.16.2
    * python311-curses-3.11.11-150600.3.16.2
    * python311-dbm-3.11.11-150600.3.16.2
    * python311-testsuite-3.11.11-150600.3.16.2
    * python311-doc-devhelp-3.11.11-150600.3.16.2
    * python311-core-debugsource-3.11.11-150600.3.16.2
    * python311-base-3.11.11-150600.3.16.2
    * python311-tk-debuginfo-3.11.11-150600.3.16.2
    * python311-base-debuginfo-3.11.11-150600.3.16.2
  * openSUSE Leap 15.6 (x86_64)
    * python311-base-32bit-debuginfo-3.11.11-150600.3.16.2
    * python311-base-32bit-3.11.11-150600.3.16.2
    * python311-32bit-3.11.11-150600.3.16.2
    * libpython3_11-1_0-32bit-debuginfo-3.11.11-150600.3.16.2
    * libpython3_11-1_0-32bit-3.11.11-150600.3.16.2
    * python311-32bit-debuginfo-3.11.11-150600.3.16.2
  * openSUSE Leap 15.6 (aarch64_ilp32)
    * libpython3_11-1_0-64bit-debuginfo-3.11.11-150600.3.16.2
    * python311-64bit-3.11.11-150600.3.16.2
    * libpython3_11-1_0-64bit-3.11.11-150600.3.16.2
    * python311-base-64bit-debuginfo-3.11.11-150600.3.16.2
    * python311-base-64bit-3.11.11-150600.3.16.2
    * python311-64bit-debuginfo-3.11.11-150600.3.16.2
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * python311-core-debugsource-3.11.11-150600.3.16.2
    * python311-base-3.11.11-150600.3.16.2
    * libpython3_11-1_0-3.11.11-150600.3.16.2
    * libpython3_11-1_0-debuginfo-3.11.11-150600.3.16.2
    * python311-base-debuginfo-3.11.11-150600.3.16.2
  * Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * python311-dbm-debuginfo-3.11.11-150600.3.16.2
    * python311-3.11.11-150600.3.16.2
    * python311-devel-3.11.11-150600.3.16.2
    * python311-debugsource-3.11.11-150600.3.16.2
    * python311-idle-3.11.11-150600.3.16.2
    * python311-dbm-3.11.11-150600.3.16.2
    * python311-tk-3.11.11-150600.3.16.2
    * python311-debuginfo-3.11.11-150600.3.16.2
    * python311-core-debugsource-3.11.11-150600.3.16.2
    * python311-curses-3.11.11-150600.3.16.2
    * python311-tk-debuginfo-3.11.11-150600.3.16.2
    * python311-curses-debuginfo-3.11.11-150600.3.16.2
    * python311-tools-3.11.11-150600.3.16.2

## References:

  * https://www.suse.com/security/cve/CVE-2025-0938.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1228165
  * https://bugzilla.suse.com/show_bug.cgi?id=1231795
  * https://bugzilla.suse.com/show_bug.cgi?id=1236705

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250214/508efd50/attachment.htm>

From null at suse.de  Mon Feb 17 08:30:01 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 17 Feb 2025 08:30:01 -0000
Subject: SUSE-RU-2025:0559-1: moderate: Recommended update for server-image
Message-ID: <173978100176.16037.163123796302515070@smelt2.prg2.suse.org>



# Recommended update for server-image

Announcement ID: SUSE-RU-2025:0559-1  
Release Date: 2025-02-17T05:19:39Z  
Rating: moderate  
References:

  
Affected Products:

  * SUSE Linux Enterprise Micro 5.5
  * SUSE Manager Server 5.0 Extension

  
  
An update that can now be installed.

## Description:

This update for server-image fixes the following issues:

  * version 5.0.12
    * Create krb5.conf.d by moving original directory

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Manager Server 5.0 Extension  
    zypper in -t patch SUSE-SUSE-Manager-Server-5.0-2025-559=1

## Package List:

  * SUSE Manager Server 5.0 Extension (aarch64)
    * suse-manager-5.0-aarch64-server-image-5.0.3-7.14.1
  * SUSE Manager Server 5.0 Extension (ppc64le)
    * suse-manager-5.0-ppc64le-server-image-5.0.3-7.14.1
  * SUSE Manager Server 5.0 Extension (s390x)
    * suse-manager-5.0-s390x-server-image-5.0.3-7.14.1
  * SUSE Manager Server 5.0 Extension (x86_64)
    * suse-manager-5.0-x86_64-server-image-5.0.3-7.14.1

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250217/3014f902/attachment.htm>

From null at suse.de  Mon Feb 17 12:30:05 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 17 Feb 2025 12:30:05 -0000
Subject: SUSE-SU-2025:0562-1: low: Security update for glibc
Message-ID: <173979540577.21560.11053444659200742797@smelt2.prg2.suse.org>



# Security update for glibc

Announcement ID: SUSE-SU-2025:0562-1  
Release Date: 2025-02-17T11:45:11Z  
Rating: low  
References:

  * bsc#1236282

  
Cross-References:

  * CVE-2025-0395

  
CVSS scores:

  * CVE-2025-0395 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-0395 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
  * CVE-2025-0395 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * openSUSE Leap 15.3
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Micro for Rancher 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for glibc fixes the following issues:

  * CVE-2025-0395: Fix underallocation of abort_msg_s struct (bsc#1236282)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-562=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-562=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-562=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-562=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-562=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-562=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-562=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-562=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-562=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-562=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-562=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-562=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-562=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-562=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-562=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-562=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-562=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-562=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-562=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-562=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-562=1

  * SUSE Linux Enterprise Micro 5.1  
    zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-562=1

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-562=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-562=1

## Package List:

  * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586 i686)
    * glibc-devel-debuginfo-2.31-150300.92.1
    * glibc-devel-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-profile-2.31-150300.92.1
    * glibc-devel-static-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
    * glibc-extra-2.31-150300.92.1
    * nscd-2.31-150300.92.1
    * nscd-debuginfo-2.31-150300.92.1
    * glibc-extra-debuginfo-2.31-150300.92.1
    * glibc-utils-2.31-150300.92.1
    * glibc-utils-src-debugsource-2.31-150300.92.1
    * glibc-utils-debuginfo-2.31-150300.92.1
  * openSUSE Leap 15.3 (noarch)
    * glibc-info-2.31-150300.92.1
    * glibc-html-2.31-150300.92.1
    * glibc-lang-2.31-150300.92.1
    * glibc-i18ndata-2.31-150300.92.1
  * openSUSE Leap 15.3 (x86_64)
    * glibc-profile-32bit-2.31-150300.92.1
    * glibc-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-static-32bit-2.31-150300.92.1
    * glibc-devel-32bit-debuginfo-2.31-150300.92.1
    * glibc-locale-base-32bit-2.31-150300.92.1
    * glibc-utils-32bit-2.31-150300.92.1
    * glibc-utils-32bit-debuginfo-2.31-150300.92.1
    * glibc-32bit-2.31-150300.92.1
    * glibc-locale-base-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-2.31-150300.92.1
  * openSUSE Leap 15.3 (aarch64_ilp32)
    * glibc-utils-64bit-debuginfo-2.31-150300.92.1
    * glibc-locale-base-64bit-debuginfo-2.31-150300.92.1
    * glibc-devel-64bit-debuginfo-2.31-150300.92.1
    * glibc-devel-static-64bit-2.31-150300.92.1
    * glibc-utils-64bit-2.31-150300.92.1
    * glibc-64bit-debuginfo-2.31-150300.92.1
    * glibc-64bit-2.31-150300.92.1
    * glibc-devel-64bit-2.31-150300.92.1
    * glibc-locale-base-64bit-2.31-150300.92.1
    * glibc-profile-64bit-2.31-150300.92.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * glibc-devel-debuginfo-2.31-150300.92.1
    * glibc-devel-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * glibc-devel-debuginfo-2.31-150300.92.1
    * glibc-devel-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * glibc-devel-debuginfo-2.31-150300.92.1
    * glibc-devel-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * glibc-devel-debuginfo-2.31-150300.92.1
    * glibc-devel-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * glibc-devel-debuginfo-2.31-150300.92.1
    * glibc-devel-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * glibc-extra-2.31-150300.92.1
    * glibc-devel-debuginfo-2.31-150300.92.1
    * glibc-devel-2.31-150300.92.1
    * nscd-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * nscd-debuginfo-2.31-150300.92.1
    * glibc-extra-debuginfo-2.31-150300.92.1
    * glibc-utils-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-utils-src-debugsource-2.31-150300.92.1
    * glibc-profile-2.31-150300.92.1
    * glibc-utils-debuginfo-2.31-150300.92.1
    * glibc-devel-static-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * glibc-info-2.31-150300.92.1
    * glibc-lang-2.31-150300.92.1
    * glibc-i18ndata-2.31-150300.92.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64)
    * glibc-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-debuginfo-2.31-150300.92.1
    * glibc-locale-base-32bit-2.31-150300.92.1
    * glibc-32bit-2.31-150300.92.1
    * glibc-locale-base-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-2.31-150300.92.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * glibc-extra-2.31-150300.92.1
    * glibc-devel-debuginfo-2.31-150300.92.1
    * glibc-devel-2.31-150300.92.1
    * nscd-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * nscd-debuginfo-2.31-150300.92.1
    * glibc-extra-debuginfo-2.31-150300.92.1
    * glibc-utils-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-utils-src-debugsource-2.31-150300.92.1
    * glibc-profile-2.31-150300.92.1
    * glibc-utils-debuginfo-2.31-150300.92.1
    * glibc-devel-static-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * glibc-info-2.31-150300.92.1
    * glibc-lang-2.31-150300.92.1
    * glibc-i18ndata-2.31-150300.92.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
    * glibc-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-debuginfo-2.31-150300.92.1
    * glibc-locale-base-32bit-2.31-150300.92.1
    * glibc-32bit-2.31-150300.92.1
    * glibc-locale-base-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-2.31-150300.92.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * glibc-extra-2.31-150300.92.1
    * glibc-devel-debuginfo-2.31-150300.92.1
    * glibc-devel-2.31-150300.92.1
    * nscd-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * nscd-debuginfo-2.31-150300.92.1
    * glibc-extra-debuginfo-2.31-150300.92.1
    * glibc-utils-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-utils-src-debugsource-2.31-150300.92.1
    * glibc-profile-2.31-150300.92.1
    * glibc-utils-debuginfo-2.31-150300.92.1
    * glibc-devel-static-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * glibc-info-2.31-150300.92.1
    * glibc-lang-2.31-150300.92.1
    * glibc-i18ndata-2.31-150300.92.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
    * glibc-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-debuginfo-2.31-150300.92.1
    * glibc-locale-base-32bit-2.31-150300.92.1
    * glibc-32bit-2.31-150300.92.1
    * glibc-locale-base-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-2.31-150300.92.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * glibc-extra-2.31-150300.92.1
    * glibc-devel-debuginfo-2.31-150300.92.1
    * glibc-devel-2.31-150300.92.1
    * nscd-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * nscd-debuginfo-2.31-150300.92.1
    * glibc-extra-debuginfo-2.31-150300.92.1
    * glibc-utils-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-utils-src-debugsource-2.31-150300.92.1
    * glibc-profile-2.31-150300.92.1
    * glibc-utils-debuginfo-2.31-150300.92.1
    * glibc-devel-static-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * glibc-info-2.31-150300.92.1
    * glibc-lang-2.31-150300.92.1
    * glibc-i18ndata-2.31-150300.92.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64)
    * glibc-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-debuginfo-2.31-150300.92.1
    * glibc-locale-base-32bit-2.31-150300.92.1
    * glibc-32bit-2.31-150300.92.1
    * glibc-locale-base-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-2.31-150300.92.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * glibc-extra-2.31-150300.92.1
    * glibc-devel-debuginfo-2.31-150300.92.1
    * glibc-devel-2.31-150300.92.1
    * nscd-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * nscd-debuginfo-2.31-150300.92.1
    * glibc-extra-debuginfo-2.31-150300.92.1
    * glibc-utils-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-utils-src-debugsource-2.31-150300.92.1
    * glibc-profile-2.31-150300.92.1
    * glibc-utils-debuginfo-2.31-150300.92.1
    * glibc-devel-static-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * glibc-info-2.31-150300.92.1
    * glibc-lang-2.31-150300.92.1
    * glibc-i18ndata-2.31-150300.92.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64)
    * glibc-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-debuginfo-2.31-150300.92.1
    * glibc-locale-base-32bit-2.31-150300.92.1
    * glibc-32bit-2.31-150300.92.1
    * glibc-locale-base-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-2.31-150300.92.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * glibc-extra-2.31-150300.92.1
    * glibc-devel-debuginfo-2.31-150300.92.1
    * glibc-devel-2.31-150300.92.1
    * nscd-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * nscd-debuginfo-2.31-150300.92.1
    * glibc-extra-debuginfo-2.31-150300.92.1
    * glibc-utils-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-utils-src-debugsource-2.31-150300.92.1
    * glibc-profile-2.31-150300.92.1
    * glibc-utils-debuginfo-2.31-150300.92.1
    * glibc-devel-static-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * glibc-info-2.31-150300.92.1
    * glibc-lang-2.31-150300.92.1
    * glibc-i18ndata-2.31-150300.92.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (x86_64)
    * glibc-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-debuginfo-2.31-150300.92.1
    * glibc-locale-base-32bit-2.31-150300.92.1
    * glibc-32bit-2.31-150300.92.1
    * glibc-locale-base-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-2.31-150300.92.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * glibc-extra-2.31-150300.92.1
    * glibc-devel-debuginfo-2.31-150300.92.1
    * glibc-devel-2.31-150300.92.1
    * nscd-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * nscd-debuginfo-2.31-150300.92.1
    * glibc-extra-debuginfo-2.31-150300.92.1
    * glibc-utils-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-utils-src-debugsource-2.31-150300.92.1
    * glibc-profile-2.31-150300.92.1
    * glibc-utils-debuginfo-2.31-150300.92.1
    * glibc-devel-static-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * glibc-info-2.31-150300.92.1
    * glibc-lang-2.31-150300.92.1
    * glibc-i18ndata-2.31-150300.92.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64)
    * glibc-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-debuginfo-2.31-150300.92.1
    * glibc-locale-base-32bit-2.31-150300.92.1
    * glibc-32bit-2.31-150300.92.1
    * glibc-locale-base-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-2.31-150300.92.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * glibc-extra-2.31-150300.92.1
    * glibc-devel-debuginfo-2.31-150300.92.1
    * glibc-devel-2.31-150300.92.1
    * nscd-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * nscd-debuginfo-2.31-150300.92.1
    * glibc-extra-debuginfo-2.31-150300.92.1
    * glibc-utils-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-utils-src-debugsource-2.31-150300.92.1
    * glibc-profile-2.31-150300.92.1
    * glibc-utils-debuginfo-2.31-150300.92.1
    * glibc-devel-static-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * glibc-info-2.31-150300.92.1
    * glibc-lang-2.31-150300.92.1
    * glibc-i18ndata-2.31-150300.92.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64)
    * glibc-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-debuginfo-2.31-150300.92.1
    * glibc-locale-base-32bit-2.31-150300.92.1
    * glibc-32bit-2.31-150300.92.1
    * glibc-locale-base-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-2.31-150300.92.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * glibc-extra-2.31-150300.92.1
    * glibc-devel-debuginfo-2.31-150300.92.1
    * glibc-devel-2.31-150300.92.1
    * nscd-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * nscd-debuginfo-2.31-150300.92.1
    * glibc-extra-debuginfo-2.31-150300.92.1
    * glibc-utils-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-utils-src-debugsource-2.31-150300.92.1
    * glibc-profile-2.31-150300.92.1
    * glibc-utils-debuginfo-2.31-150300.92.1
    * glibc-devel-static-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * glibc-info-2.31-150300.92.1
    * glibc-lang-2.31-150300.92.1
    * glibc-i18ndata-2.31-150300.92.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64)
    * glibc-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-debuginfo-2.31-150300.92.1
    * glibc-locale-base-32bit-2.31-150300.92.1
    * glibc-32bit-2.31-150300.92.1
    * glibc-locale-base-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-2.31-150300.92.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * glibc-extra-2.31-150300.92.1
    * glibc-devel-debuginfo-2.31-150300.92.1
    * glibc-devel-2.31-150300.92.1
    * nscd-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * nscd-debuginfo-2.31-150300.92.1
    * glibc-extra-debuginfo-2.31-150300.92.1
    * glibc-utils-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-utils-src-debugsource-2.31-150300.92.1
    * glibc-profile-2.31-150300.92.1
    * glibc-utils-debuginfo-2.31-150300.92.1
    * glibc-devel-static-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * glibc-info-2.31-150300.92.1
    * glibc-lang-2.31-150300.92.1
    * glibc-i18ndata-2.31-150300.92.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
    * glibc-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-debuginfo-2.31-150300.92.1
    * glibc-locale-base-32bit-2.31-150300.92.1
    * glibc-32bit-2.31-150300.92.1
    * glibc-locale-base-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-2.31-150300.92.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * glibc-extra-2.31-150300.92.1
    * glibc-devel-debuginfo-2.31-150300.92.1
    * glibc-devel-2.31-150300.92.1
    * nscd-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * nscd-debuginfo-2.31-150300.92.1
    * glibc-extra-debuginfo-2.31-150300.92.1
    * glibc-utils-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-utils-src-debugsource-2.31-150300.92.1
    * glibc-profile-2.31-150300.92.1
    * glibc-utils-debuginfo-2.31-150300.92.1
    * glibc-devel-static-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * glibc-info-2.31-150300.92.1
    * glibc-lang-2.31-150300.92.1
    * glibc-i18ndata-2.31-150300.92.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64)
    * glibc-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-debuginfo-2.31-150300.92.1
    * glibc-locale-base-32bit-2.31-150300.92.1
    * glibc-32bit-2.31-150300.92.1
    * glibc-locale-base-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-2.31-150300.92.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * glibc-extra-2.31-150300.92.1
    * glibc-devel-debuginfo-2.31-150300.92.1
    * glibc-devel-2.31-150300.92.1
    * nscd-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * nscd-debuginfo-2.31-150300.92.1
    * glibc-32bit-debuginfo-2.31-150300.92.1
    * glibc-extra-debuginfo-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-locale-base-32bit-2.31-150300.92.1
    * glibc-32bit-2.31-150300.92.1
    * glibc-profile-2.31-150300.92.1
    * glibc-locale-base-32bit-debuginfo-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Manager Proxy 4.3 (noarch)
    * glibc-info-2.31-150300.92.1
    * glibc-lang-2.31-150300.92.1
    * glibc-i18ndata-2.31-150300.92.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * glibc-extra-2.31-150300.92.1
    * glibc-devel-debuginfo-2.31-150300.92.1
    * glibc-devel-2.31-150300.92.1
    * nscd-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * nscd-debuginfo-2.31-150300.92.1
    * glibc-32bit-debuginfo-2.31-150300.92.1
    * glibc-extra-debuginfo-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-locale-base-32bit-2.31-150300.92.1
    * glibc-32bit-2.31-150300.92.1
    * glibc-profile-2.31-150300.92.1
    * glibc-locale-base-32bit-debuginfo-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Manager Retail Branch Server 4.3 (noarch)
    * glibc-info-2.31-150300.92.1
    * glibc-lang-2.31-150300.92.1
    * glibc-i18ndata-2.31-150300.92.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * glibc-extra-2.31-150300.92.1
    * glibc-devel-debuginfo-2.31-150300.92.1
    * glibc-devel-2.31-150300.92.1
    * nscd-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * nscd-debuginfo-2.31-150300.92.1
    * glibc-extra-debuginfo-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-profile-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Manager Server 4.3 (noarch)
    * glibc-info-2.31-150300.92.1
    * glibc-lang-2.31-150300.92.1
    * glibc-i18ndata-2.31-150300.92.1
  * SUSE Manager Server 4.3 (x86_64)
    * glibc-locale-base-32bit-2.31-150300.92.1
    * glibc-locale-base-32bit-debuginfo-2.31-150300.92.1
    * glibc-32bit-2.31-150300.92.1
    * glibc-32bit-debuginfo-2.31-150300.92.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * glibc-extra-2.31-150300.92.1
    * glibc-devel-debuginfo-2.31-150300.92.1
    * glibc-devel-2.31-150300.92.1
    * nscd-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * nscd-debuginfo-2.31-150300.92.1
    * glibc-extra-debuginfo-2.31-150300.92.1
    * glibc-utils-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-utils-src-debugsource-2.31-150300.92.1
    * glibc-profile-2.31-150300.92.1
    * glibc-utils-debuginfo-2.31-150300.92.1
    * glibc-devel-static-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Enterprise Storage 7.1 (noarch)
    * glibc-info-2.31-150300.92.1
    * glibc-lang-2.31-150300.92.1
    * glibc-i18ndata-2.31-150300.92.1
  * SUSE Enterprise Storage 7.1 (x86_64)
    * glibc-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-debuginfo-2.31-150300.92.1
    * glibc-locale-base-32bit-2.31-150300.92.1
    * glibc-32bit-2.31-150300.92.1
    * glibc-locale-base-32bit-debuginfo-2.31-150300.92.1
    * glibc-devel-32bit-2.31-150300.92.1
  * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
    * glibc-devel-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
    * glibc-devel-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
    * glibc-devel-2.31-150300.92.1
    * glibc-locale-base-2.31-150300.92.1
    * glibc-debuginfo-2.31-150300.92.1
    * glibc-locale-base-debuginfo-2.31-150300.92.1
    * glibc-locale-2.31-150300.92.1
    * glibc-debugsource-2.31-150300.92.1
    * glibc-2.31-150300.92.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-0395.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236282

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250217/0212476c/attachment.htm>

From null at suse.de  Mon Feb 17 12:30:11 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 17 Feb 2025 12:30:11 -0000
Subject: SUSE-SU-2025:0561-1: important: Security update for openvswitch
Message-ID: <173979541184.21560.12648514703009863625@smelt2.prg2.suse.org>



# Security update for openvswitch

Announcement ID: SUSE-SU-2025:0561-1  
Release Date: 2025-02-17T10:39:51Z  
Rating: important  
References:

  * bsc#1236353

  
Cross-References:

  * CVE-2025-0650

  
CVSS scores:

  * CVE-2025-0650 ( SUSE ):  9.2
    CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-0650 ( SUSE ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0650 ( NVD ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for openvswitch fixes the following issues:

  * CVE-2025-0650: ovn: egress ACLs may be bypassed via specially crafted UDP
    packet. (bsc#1236353)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-561=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-561=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * openvswitch-debuginfo-2.11.5-3.24.2
    * libopenvswitch-2_11-0-2.11.5-3.24.2
    * libopenvswitch-2_11-0-debuginfo-2.11.5-3.24.2
    * openvswitch-2.11.5-3.24.2
    * openvswitch-debugsource-2.11.5-3.24.2
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * openvswitch-debuginfo-2.11.5-3.24.2
    * libopenvswitch-2_11-0-2.11.5-3.24.2
    * libopenvswitch-2_11-0-debuginfo-2.11.5-3.24.2
    * openvswitch-2.11.5-3.24.2
    * openvswitch-debugsource-2.11.5-3.24.2

## References:

  * https://www.suse.com/security/cve/CVE-2025-0650.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236353

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250217/325bc16c/attachment.htm>

From null at suse.de  Mon Feb 17 16:30:44 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 17 Feb 2025 16:30:44 -0000
Subject: SUSE-SU-2025:0565-1: important: Security update for the Linux Kernel
Message-ID: <173980984454.28497.1885541297818896902@smelt2.prg2.suse.org>



# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2025:0565-1  
Release Date: 2025-02-17T13:28:40Z  
Rating: important  
References:

  * bsc#1221282
  * bsc#1222072
  * bsc#1222803
  * bsc#1224856
  * bsc#1224857
  * bsc#1232161
  * bsc#1233028
  * bsc#1234855
  * bsc#1234901
  * bsc#1234931
  * bsc#1234934
  * bsc#1234963
  * bsc#1235011
  * bsc#1235040
  * bsc#1235053
  * bsc#1235059
  * bsc#1235132
  * bsc#1235155
  * bsc#1235217
  * bsc#1235230
  * bsc#1235252
  * bsc#1235413
  * bsc#1235426
  * bsc#1235430
  * bsc#1235433
  * bsc#1235464
  * bsc#1235466
  * bsc#1235479
  * bsc#1235500
  * bsc#1235523
  * bsc#1235526
  * bsc#1235533
  * bsc#1235557
  * bsc#1235570
  * bsc#1235611
  * bsc#1235627
  * bsc#1235638
  * bsc#1235645
  * bsc#1235700
  * bsc#1235714
  * bsc#1235727
  * bsc#1235747
  * bsc#1235750
  * bsc#1235919
  * bsc#1235924
  * bsc#1235948
  * bsc#1235965
  * bsc#1235967
  * bsc#1236080
  * bsc#1236096
  * bsc#1236161
  * bsc#1236182
  * bsc#1236190
  * bsc#1236192
  * bsc#1236262
  * bsc#1236698
  * bsc#1236703

  
Cross-References:

  * CVE-2021-47222
  * CVE-2021-47223
  * CVE-2024-26644
  * CVE-2024-47809
  * CVE-2024-48881
  * CVE-2024-49948
  * CVE-2024-50142
  * CVE-2024-52332
  * CVE-2024-53155
  * CVE-2024-53185
  * CVE-2024-53197
  * CVE-2024-53227
  * CVE-2024-55916
  * CVE-2024-56369
  * CVE-2024-56532
  * CVE-2024-56533
  * CVE-2024-56539
  * CVE-2024-56574
  * CVE-2024-56593
  * CVE-2024-56594
  * CVE-2024-56600
  * CVE-2024-56601
  * CVE-2024-56615
  * CVE-2024-56623
  * CVE-2024-56630
  * CVE-2024-56637
  * CVE-2024-56641
  * CVE-2024-56643
  * CVE-2024-56650
  * CVE-2024-56661
  * CVE-2024-56662
  * CVE-2024-56681
  * CVE-2024-56700
  * CVE-2024-56722
  * CVE-2024-56739
  * CVE-2024-56747
  * CVE-2024-56748
  * CVE-2024-56759
  * CVE-2024-56763
  * CVE-2024-56769
  * CVE-2024-57884
  * CVE-2024-57890
  * CVE-2024-57896
  * CVE-2024-57899
  * CVE-2024-57903
  * CVE-2024-57922
  * CVE-2024-57929
  * CVE-2024-57931
  * CVE-2024-57932
  * CVE-2024-57938
  * CVE-2025-21653
  * CVE-2025-21664
  * CVE-2025-21678
  * CVE-2025-21682

  
CVSS scores:

  * CVE-2021-47222 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2021-47223 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2021-47223 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-26644 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47809 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-47809 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-47809 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-48881 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-48881 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-48881 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49948 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49948 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50142 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-50142 ( SUSE ):  6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
  * CVE-2024-50142 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-52332 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-52332 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53155 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53155 ( SUSE ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-53155 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-53185 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53185 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53185 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53185 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53197 ( SUSE ):  5.6
    CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-53197 ( SUSE ):  4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-53227 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53227 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53227 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53227 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-55916 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-55916 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-55916 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56369 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56369 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56369 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56532 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56532 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56533 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56533 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56539 ( SUSE ):  8.6
    CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56539 ( SUSE ):  8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-56574 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56574 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56574 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56593 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56593 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56593 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56594 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56594 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56600 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56600 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56601 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56615 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56615 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56615 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56623 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56623 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56623 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56630 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56630 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56637 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56637 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56641 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56641 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56643 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56643 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56643 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56650 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56650 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56650 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-56661 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56661 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56661 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56662 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56662 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
  * CVE-2024-56662 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-56681 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56681 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  * CVE-2024-56700 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56700 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56722 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56722 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56722 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56739 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56739 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56739 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56747 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56747 ( SUSE ):  2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56747 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56748 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56748 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56748 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56759 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56759 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56763 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56763 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56763 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56769 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56769 ( SUSE ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-56769 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57884 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57884 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57890 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57890 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
  * CVE-2024-57890 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57896 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57896 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57896 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57896 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57899 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57899 ( SUSE ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-57903 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57903 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57922 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57922 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57929 ( SUSE ):  8.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57929 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57931 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57931 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57932 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57932 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57938 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57938 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57938 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21653 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-21653 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  * CVE-2025-21664 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21664 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21678 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21678 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21682 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21682 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21682 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Availability Extension 12 SP5
  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Live Patching 12-SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves 54 vulnerabilities and has three security fixes can now be
installed.

## Description:

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security
bugfixes.

The following security bugs were fixed:

  * CVE-2021-47222: net: bridge: fix vlan tunnel dst refcnt when egressing
    (bsc#1224857).
  * CVE-2021-47223: net: bridge: fix vlan tunnel dst null pointer dereference
    (bsc#1224856).
  * CVE-2024-26644: btrfs: do not abort filesystem when attempting to snapshot
    deleted subvolume (bsc#1222072).
  * CVE-2024-47809: dlm: fix possible lkb_resource null dereference
    (bsc#1235714).
  * CVE-2024-48881: bcache: revert replacing IS_ERR_OR_NULL with IS_ERR again
    (bsc#1235727).
  * CVE-2024-49948: net: add more sanity checks to qdisc_pkt_len_init()
    (bsc#1232161).
  * CVE-2024-50142: xfrm: validate new SA's prefixlen using SA family when
    sel.family is unset (bsc#1233028).
  * CVE-2024-52332: igb: Fix potential invalid memory access in
    igb_init_module() (bsc#1235700).
  * CVE-2024-53155: ocfs2: fix uninitialized value in ocfs2_file_read_iter()
    (bsc#1234855).
  * CVE-2024-53185: smb: client: fix NULL ptr deref in crypto_aead_setkey()
    (bsc#1234901).
  * CVE-2024-53197: ALSA: usb-audio: Fix potential out-of-bound accesses for
    Extigy and Mbox devices (bsc#1235464).
  * CVE-2024-53227: scsi: bfa: Fix use-after-free in bfad_im_module_exit()
    (bsc#1235011).
  * CVE-2024-55916: Drivers: hv: util: Avoid accessing a ringbuffer not
    initialized yet (bsc#1235747).
  * CVE-2024-56369: drm/modes: Avoid divide by zero harder in
    drm_mode_vrefresh() (bsc#1235750).
  * CVE-2024-56532: ALSA: us122l: Use snd_card_free_when_closed() at
    disconnection (bsc#1235059).
  * CVE-2024-56533: ALSA: usx2y: Use snd_card_free_when_closed() at
    disconnection (bsc#1235053).
  * CVE-2024-56539: wifi: mwifiex: Fix memcpy() field-spanning write warning in
    mwifiex_config_scan() (bsc#1234963).
  * CVE-2024-56574: media: ts2020: fix null-ptr-deref in ts2020_probe()
    (bsc#1235040).
  * CVE-2024-56593: wifi: brcmfmac: Fix oops due to NULL pointer dereference in
    brcmf_sdiod_sglist_rw() (bsc#1235252).
  * CVE-2024-56594: drm/amdgpu: set the right AMDGPU sg segment limitation
    (bsc#1235413).
  * CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in
    inet6_create() (bsc#1235217).
  * CVE-2024-56601: net: inet: do not leave a dangling sk pointer in
    inet_create() (bsc#1235230).
  * CVE-2024-56615: bpf: fix OOB devmap writes when deleting elements
    (bsc#1235426).
  * CVE-2024-56623: scsi: qla2xxx: Fix use after free on unload (bsc#1235466).
  * CVE-2024-56630: ocfs2: free inode when ocfs2_get_init_inode() fails
    (bsc#1235479).
  * CVE-2024-56637: netfilter: ipset: Hold module reference while requesting a
    module (bsc#1235523).
  * CVE-2024-56641: net/smc: initialize close_work early to avoid warning
    (bsc#1235526).
  * CVE-2024-56643: dccp: Fix memory leak in dccp_feat_change_recv
    (bsc#1235132).
  * CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check()
    (bsc#1235430).
  * CVE-2024-56662: acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl
    (bsc#1235533).
  * CVE-2024-56681: crypto: bcm - add error check in the ahash_hmac_init
    function (bsc#1235557).
  * CVE-2024-56700: media: wl128x: Fix atomicity violation in fmc_send_cmd()
    (bsc#1235500).
  * CVE-2024-56722: RDMA/hns: Fix cpu stuck caused by printings during reset
    (bsc#1235570).
  * CVE-2024-56739: rtc: check if __rtc_read_time was successful in
    rtc_timer_do_work() (bsc#1235611).
  * CVE-2024-56747: scsi: qedi: Fix a possible memory leak in
    qedi_alloc_and_init_sb() (bsc#1234934).
  * CVE-2024-56748: scsi: qedf: Fix a possible memory leak in
    qedf_alloc_and_init_sb() (bsc#1235627).
  * CVE-2024-56759: btrfs: fix use-after-free when COWing tree bock and tracing
    is enabled (bsc#1235645).
  * CVE-2024-56763: tracing: Prevent bad count for tracing_cpumask_write
    (bsc#1235638).
  * CVE-2024-56769: media: dvb-frontends: dib3000mb: fix uninit-value in
    dib3000_write_reg (bsc#1235155).
  * CVE-2024-57884: mm: vmscan: account for free pages to prevent infinite Loop
    in throttle_direct_reclaim() (bsc#1235948).
  * CVE-2024-57890: RDMA/uverbs: Prevent integer overflow issue (bsc#1235919).
  * CVE-2024-57896: btrfs: flush delalloc workers queue before stopping cleaner
    kthread during unmount (bsc#1235965).
  * CVE-2024-57899: wifi: mac80211: fix mbss changed flags corruption on 32 bit
    systems (bsc#1235924).
  * CVE-2024-57903: net: restrict SO_REUSEPORT to inet sockets (bsc#1235967).
  * CVE-2024-57922: drm/amd/display: Add check for granularity in dml ceil/floor
    helpers (bsc#1236080).
  * CVE-2024-57929: dm array: fix releasing a faulty array block twice in
    dm_array_cursor_end (bsc#1236096).
  * CVE-2024-57931: selinux: ignore unknown extended permissions (bsc#1236192).
  * CVE-2024-57932: gve: guard XDP xmit NDO on existence of xdp queues
    (bsc#1236190).
  * CVE-2024-57938: net/sctp: Prevent autoclose integer overflow in
    sctp_association_init() (bsc#1236182).
  * CVE-2025-21653: net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute
    (bsc#1236161).
  * CVE-2025-21664: dm thin: make get_first_thin use rcu-safe list first
    function (bsc#1236262).
  * CVE-2025-21678: gtp: Destroy device along with udp socket's netns dismantle
    (bsc#1236698).
  * CVE-2025-21682: eth: bnxt: always recalculate features after XDP clearing,
    fix null-deref (bsc#1236703).

The following non-security bugs were fixed:

  * ALSA: usb-audio: Fix a DMA to stack memory bug (git-fixes).
  * drm/modes: Switch to 64bit maths to avoid integer overflow (bsc#1235750).
  * vfio/pci: Lock external INTx masking ops (bsc#1222803).
  * btrfs: fstests btrfs/309 fails on btrfs (bsc#1221282).

## Special Instructions and Notes:

  * Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server for SAP Applications 12 SP5  
    zypper in -t patch SUSE-SLE-HA-12-SP5-2025-565=1

  * SUSE Linux Enterprise High Availability Extension 12 SP5  
    zypper in -t patch SUSE-SLE-HA-12-SP5-2025-565=1

  * SUSE Linux Enterprise Live Patching 12-SP5  
    zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-565=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-565=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-565=1

## Package List:

  * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (nosrc)
    * kernel-default-4.12.14-122.247.1
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64)
    * kernel-default-debugsource-4.12.14-122.247.1
    * kernel-default-debuginfo-4.12.14-122.247.1
  * SUSE Linux Enterprise High Availability Extension 12 SP5 (nosrc)
    * kernel-default-4.12.14-122.247.1
  * SUSE Linux Enterprise High Availability Extension 12 SP5 (ppc64le s390x
    x86_64)
    * kernel-default-debugsource-4.12.14-122.247.1
    * kernel-default-debuginfo-4.12.14-122.247.1
  * SUSE Linux Enterprise Live Patching 12-SP5 (nosrc)
    * kernel-default-4.12.14-122.247.1
  * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64)
    * kgraft-patch-4_12_14-122_247-default-1-8.3.1
    * kernel-default-debuginfo-4.12.14-122.247.1
    * kernel-default-debugsource-4.12.14-122.247.1
    * kernel-default-kgraft-devel-4.12.14-122.247.1
    * kernel-default-kgraft-4.12.14-122.247.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * ocfs2-kmp-default-debuginfo-4.12.14-122.247.1
    * dlm-kmp-default-debuginfo-4.12.14-122.247.1
    * dlm-kmp-default-4.12.14-122.247.1
    * kernel-default-debuginfo-4.12.14-122.247.1
    * cluster-md-kmp-default-debuginfo-4.12.14-122.247.1
    * kernel-default-base-4.12.14-122.247.1
    * kernel-default-devel-4.12.14-122.247.1
    * kernel-syms-4.12.14-122.247.1
    * ocfs2-kmp-default-4.12.14-122.247.1
    * cluster-md-kmp-default-4.12.14-122.247.1
    * kernel-default-base-debuginfo-4.12.14-122.247.1
    * gfs2-kmp-default-debuginfo-4.12.14-122.247.1
    * gfs2-kmp-default-4.12.14-122.247.1
    * kernel-default-debugsource-4.12.14-122.247.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64
    nosrc)
    * kernel-default-4.12.14-122.247.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch)
    * kernel-source-4.12.14-122.247.1
    * kernel-macros-4.12.14-122.247.1
    * kernel-devel-4.12.14-122.247.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x)
    * kernel-default-man-4.12.14-122.247.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (x86_64)
    * kernel-default-devel-debuginfo-4.12.14-122.247.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * ocfs2-kmp-default-debuginfo-4.12.14-122.247.1
    * kernel-default-devel-debuginfo-4.12.14-122.247.1
    * dlm-kmp-default-debuginfo-4.12.14-122.247.1
    * dlm-kmp-default-4.12.14-122.247.1
    * kernel-default-debuginfo-4.12.14-122.247.1
    * cluster-md-kmp-default-debuginfo-4.12.14-122.247.1
    * kernel-default-base-4.12.14-122.247.1
    * kernel-default-devel-4.12.14-122.247.1
    * kernel-syms-4.12.14-122.247.1
    * ocfs2-kmp-default-4.12.14-122.247.1
    * cluster-md-kmp-default-4.12.14-122.247.1
    * kernel-default-base-debuginfo-4.12.14-122.247.1
    * gfs2-kmp-default-debuginfo-4.12.14-122.247.1
    * gfs2-kmp-default-4.12.14-122.247.1
    * kernel-default-debugsource-4.12.14-122.247.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (nosrc x86_64)
    * kernel-default-4.12.14-122.247.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch)
    * kernel-source-4.12.14-122.247.1
    * kernel-macros-4.12.14-122.247.1
    * kernel-devel-4.12.14-122.247.1

## References:

  * https://www.suse.com/security/cve/CVE-2021-47222.html
  * https://www.suse.com/security/cve/CVE-2021-47223.html
  * https://www.suse.com/security/cve/CVE-2024-26644.html
  * https://www.suse.com/security/cve/CVE-2024-47809.html
  * https://www.suse.com/security/cve/CVE-2024-48881.html
  * https://www.suse.com/security/cve/CVE-2024-49948.html
  * https://www.suse.com/security/cve/CVE-2024-50142.html
  * https://www.suse.com/security/cve/CVE-2024-52332.html
  * https://www.suse.com/security/cve/CVE-2024-53155.html
  * https://www.suse.com/security/cve/CVE-2024-53185.html
  * https://www.suse.com/security/cve/CVE-2024-53197.html
  * https://www.suse.com/security/cve/CVE-2024-53227.html
  * https://www.suse.com/security/cve/CVE-2024-55916.html
  * https://www.suse.com/security/cve/CVE-2024-56369.html
  * https://www.suse.com/security/cve/CVE-2024-56532.html
  * https://www.suse.com/security/cve/CVE-2024-56533.html
  * https://www.suse.com/security/cve/CVE-2024-56539.html
  * https://www.suse.com/security/cve/CVE-2024-56574.html
  * https://www.suse.com/security/cve/CVE-2024-56593.html
  * https://www.suse.com/security/cve/CVE-2024-56594.html
  * https://www.suse.com/security/cve/CVE-2024-56600.html
  * https://www.suse.com/security/cve/CVE-2024-56601.html
  * https://www.suse.com/security/cve/CVE-2024-56615.html
  * https://www.suse.com/security/cve/CVE-2024-56623.html
  * https://www.suse.com/security/cve/CVE-2024-56630.html
  * https://www.suse.com/security/cve/CVE-2024-56637.html
  * https://www.suse.com/security/cve/CVE-2024-56641.html
  * https://www.suse.com/security/cve/CVE-2024-56643.html
  * https://www.suse.com/security/cve/CVE-2024-56650.html
  * https://www.suse.com/security/cve/CVE-2024-56661.html
  * https://www.suse.com/security/cve/CVE-2024-56662.html
  * https://www.suse.com/security/cve/CVE-2024-56681.html
  * https://www.suse.com/security/cve/CVE-2024-56700.html
  * https://www.suse.com/security/cve/CVE-2024-56722.html
  * https://www.suse.com/security/cve/CVE-2024-56739.html
  * https://www.suse.com/security/cve/CVE-2024-56747.html
  * https://www.suse.com/security/cve/CVE-2024-56748.html
  * https://www.suse.com/security/cve/CVE-2024-56759.html
  * https://www.suse.com/security/cve/CVE-2024-56763.html
  * https://www.suse.com/security/cve/CVE-2024-56769.html
  * https://www.suse.com/security/cve/CVE-2024-57884.html
  * https://www.suse.com/security/cve/CVE-2024-57890.html
  * https://www.suse.com/security/cve/CVE-2024-57896.html
  * https://www.suse.com/security/cve/CVE-2024-57899.html
  * https://www.suse.com/security/cve/CVE-2024-57903.html
  * https://www.suse.com/security/cve/CVE-2024-57922.html
  * https://www.suse.com/security/cve/CVE-2024-57929.html
  * https://www.suse.com/security/cve/CVE-2024-57931.html
  * https://www.suse.com/security/cve/CVE-2024-57932.html
  * https://www.suse.com/security/cve/CVE-2024-57938.html
  * https://www.suse.com/security/cve/CVE-2025-21653.html
  * https://www.suse.com/security/cve/CVE-2025-21664.html
  * https://www.suse.com/security/cve/CVE-2025-21678.html
  * https://www.suse.com/security/cve/CVE-2025-21682.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1221282
  * https://bugzilla.suse.com/show_bug.cgi?id=1222072
  * https://bugzilla.suse.com/show_bug.cgi?id=1222803
  * https://bugzilla.suse.com/show_bug.cgi?id=1224856
  * https://bugzilla.suse.com/show_bug.cgi?id=1224857
  * https://bugzilla.suse.com/show_bug.cgi?id=1232161
  * https://bugzilla.suse.com/show_bug.cgi?id=1233028
  * https://bugzilla.suse.com/show_bug.cgi?id=1234855
  * https://bugzilla.suse.com/show_bug.cgi?id=1234901
  * https://bugzilla.suse.com/show_bug.cgi?id=1234931
  * https://bugzilla.suse.com/show_bug.cgi?id=1234934
  * https://bugzilla.suse.com/show_bug.cgi?id=1234963
  * https://bugzilla.suse.com/show_bug.cgi?id=1235011
  * https://bugzilla.suse.com/show_bug.cgi?id=1235040
  * https://bugzilla.suse.com/show_bug.cgi?id=1235053
  * https://bugzilla.suse.com/show_bug.cgi?id=1235059
  * https://bugzilla.suse.com/show_bug.cgi?id=1235132
  * https://bugzilla.suse.com/show_bug.cgi?id=1235155
  * https://bugzilla.suse.com/show_bug.cgi?id=1235217
  * https://bugzilla.suse.com/show_bug.cgi?id=1235230
  * https://bugzilla.suse.com/show_bug.cgi?id=1235252
  * https://bugzilla.suse.com/show_bug.cgi?id=1235413
  * https://bugzilla.suse.com/show_bug.cgi?id=1235426
  * https://bugzilla.suse.com/show_bug.cgi?id=1235430
  * https://bugzilla.suse.com/show_bug.cgi?id=1235433
  * https://bugzilla.suse.com/show_bug.cgi?id=1235464
  * https://bugzilla.suse.com/show_bug.cgi?id=1235466
  * https://bugzilla.suse.com/show_bug.cgi?id=1235479
  * https://bugzilla.suse.com/show_bug.cgi?id=1235500
  * https://bugzilla.suse.com/show_bug.cgi?id=1235523
  * https://bugzilla.suse.com/show_bug.cgi?id=1235526
  * https://bugzilla.suse.com/show_bug.cgi?id=1235533
  * https://bugzilla.suse.com/show_bug.cgi?id=1235557
  * https://bugzilla.suse.com/show_bug.cgi?id=1235570
  * https://bugzilla.suse.com/show_bug.cgi?id=1235611
  * https://bugzilla.suse.com/show_bug.cgi?id=1235627
  * https://bugzilla.suse.com/show_bug.cgi?id=1235638
  * https://bugzilla.suse.com/show_bug.cgi?id=1235645
  * https://bugzilla.suse.com/show_bug.cgi?id=1235700
  * https://bugzilla.suse.com/show_bug.cgi?id=1235714
  * https://bugzilla.suse.com/show_bug.cgi?id=1235727
  * https://bugzilla.suse.com/show_bug.cgi?id=1235747
  * https://bugzilla.suse.com/show_bug.cgi?id=1235750
  * https://bugzilla.suse.com/show_bug.cgi?id=1235919
  * https://bugzilla.suse.com/show_bug.cgi?id=1235924
  * https://bugzilla.suse.com/show_bug.cgi?id=1235948
  * https://bugzilla.suse.com/show_bug.cgi?id=1235965
  * https://bugzilla.suse.com/show_bug.cgi?id=1235967
  * https://bugzilla.suse.com/show_bug.cgi?id=1236080
  * https://bugzilla.suse.com/show_bug.cgi?id=1236096
  * https://bugzilla.suse.com/show_bug.cgi?id=1236161
  * https://bugzilla.suse.com/show_bug.cgi?id=1236182
  * https://bugzilla.suse.com/show_bug.cgi?id=1236190
  * https://bugzilla.suse.com/show_bug.cgi?id=1236192
  * https://bugzilla.suse.com/show_bug.cgi?id=1236262
  * https://bugzilla.suse.com/show_bug.cgi?id=1236698
  * https://bugzilla.suse.com/show_bug.cgi?id=1236703

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250217/fc58ef80/attachment.htm>

From null at suse.de  Mon Feb 17 16:30:47 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 17 Feb 2025 16:30:47 -0000
Subject: SUSE-RU-2025:0566-1: moderate: Recommended update for libica
Message-ID: <173980984734.28497.9621616294228133658@smelt2.prg2.suse.org>



# Recommended update for libica

Announcement ID: SUSE-RU-2025:0566-1  
Release Date: 2025-02-17T15:07:13Z  
Rating: moderate  
References:

  * bsc#1236955

  
Affected Products:

  * openSUSE Leap 15.6
  * Server Applications Module 15-SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that has one fix can now be installed.

## Description:

This update for libica fixes the following issues:

  * FIPS: Fixed an AES-XTS bug (bsc#1236955)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-566=1 openSUSE-SLE-15.6-2025-566=1

  * Server Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-566=1

## Package List:

  * openSUSE Leap 15.6 (s390x)
    * libica-openssl1_1-debugsource-4.3.1-150600.4.22.1
    * libica-openssl1_1-devel-static-4.3.1-150600.4.22.1
    * libica-tools-4.3.1-150600.4.22.1
    * libica-debugsource-4.3.1-150600.4.22.1
    * libica-debuginfo-4.3.1-150600.4.22.1
    * libica-openssl1_1-debuginfo-4.3.1-150600.4.22.1
    * libica-openssl1_1-devel-4.3.1-150600.4.22.1
    * libica4-openssl1_1-debuginfo-4.3.1-150600.4.22.1
    * libica-openssl1_1-tools-4.3.1-150600.4.22.1
    * libica-openssl1_1-tools-debuginfo-4.3.1-150600.4.22.1
    * libica-devel-4.3.1-150600.4.22.1
    * libica4-4.3.1-150600.4.22.1
    * libica-tools-debuginfo-4.3.1-150600.4.22.1
    * libica-devel-static-4.3.1-150600.4.22.1
    * libica4-openssl1_1-4.3.1-150600.4.22.1
    * libica4-debuginfo-4.3.1-150600.4.22.1
  * Server Applications Module 15-SP6 (s390x)
    * libica-openssl1_1-debugsource-4.3.1-150600.4.22.1
    * libica-openssl1_1-devel-static-4.3.1-150600.4.22.1
    * libica-tools-4.3.1-150600.4.22.1
    * libica-debugsource-4.3.1-150600.4.22.1
    * libica-debuginfo-4.3.1-150600.4.22.1
    * libica-openssl1_1-debuginfo-4.3.1-150600.4.22.1
    * libica-openssl1_1-devel-4.3.1-150600.4.22.1
    * libica4-openssl1_1-debuginfo-4.3.1-150600.4.22.1
    * libica-openssl1_1-tools-4.3.1-150600.4.22.1
    * libica-openssl1_1-tools-debuginfo-4.3.1-150600.4.22.1
    * libica-devel-4.3.1-150600.4.22.1
    * libica4-4.3.1-150600.4.22.1
    * libica-tools-debuginfo-4.3.1-150600.4.22.1
    * libica-devel-static-4.3.1-150600.4.22.1
    * libica4-openssl1_1-4.3.1-150600.4.22.1
    * libica4-debuginfo-4.3.1-150600.4.22.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1236955

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250217/bce2dccf/attachment.htm>

From null at suse.de  Mon Feb 17 16:31:38 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 17 Feb 2025 16:31:38 -0000
Subject: SUSE-SU-2025:0564-1: important: Security update for the Linux Kernel
Message-ID: <173980989850.28497.13048825389669718761@smelt2.prg2.suse.org>



# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2025:0564-1  
Release Date: 2025-02-17T13:26:35Z  
Rating: important  
References:

  * bsc#1215199
  * bsc#1222803
  * bsc#1224049
  * bsc#1226980
  * bsc#1227937
  * bsc#1231088
  * bsc#1232101
  * bsc#1232161
  * bsc#1233028
  * bsc#1233221
  * bsc#1233248
  * bsc#1233522
  * bsc#1233778
  * bsc#1234070
  * bsc#1234683
  * bsc#1234693
  * bsc#1234947
  * bsc#1235001
  * bsc#1235217
  * bsc#1235230
  * bsc#1235244
  * bsc#1235390
  * bsc#1235418
  * bsc#1235430
  * bsc#1235441
  * bsc#1235485
  * bsc#1235487
  * bsc#1235489
  * bsc#1235498
  * bsc#1235545
  * bsc#1235578
  * bsc#1235582
  * bsc#1235583
  * bsc#1235612
  * bsc#1235638
  * bsc#1235656
  * bsc#1235686
  * bsc#1235865
  * bsc#1235874
  * bsc#1235914
  * bsc#1235941
  * bsc#1235948
  * bsc#1236127
  * bsc#1236160
  * bsc#1236161
  * bsc#1236163
  * bsc#1236182
  * bsc#1236192
  * bsc#1236245
  * bsc#1236247
  * bsc#1236260
  * bsc#1236262
  * bsc#1236628
  * bsc#1236680
  * bsc#1236681
  * bsc#1236682
  * bsc#1236683
  * bsc#1236684
  * bsc#1236685
  * bsc#1236688
  * bsc#1236689
  * bsc#1236694
  * bsc#1236696
  * bsc#1236698
  * bsc#1236702
  * bsc#1236703
  * bsc#1236732
  * bsc#1236733
  * bsc#1236757
  * bsc#1236758
  * bsc#1236759
  * bsc#1236760
  * bsc#1236761
  * jsc#PED-12094
  * jsc#PED-7242

  
Cross-References:

  * CVE-2024-40980
  * CVE-2024-46858
  * CVE-2024-49948
  * CVE-2024-49978
  * CVE-2024-50142
  * CVE-2024-50251
  * CVE-2024-50258
  * CVE-2024-50304
  * CVE-2024-53123
  * CVE-2024-53187
  * CVE-2024-53203
  * CVE-2024-56592
  * CVE-2024-56600
  * CVE-2024-56601
  * CVE-2024-56608
  * CVE-2024-56610
  * CVE-2024-56633
  * CVE-2024-56650
  * CVE-2024-56658
  * CVE-2024-56665
  * CVE-2024-56679
  * CVE-2024-56693
  * CVE-2024-56707
  * CVE-2024-56715
  * CVE-2024-56725
  * CVE-2024-56726
  * CVE-2024-56727
  * CVE-2024-56728
  * CVE-2024-56763
  * CVE-2024-57802
  * CVE-2024-57882
  * CVE-2024-57884
  * CVE-2024-57917
  * CVE-2024-57931
  * CVE-2024-57938
  * CVE-2024-57946
  * CVE-2025-21652
  * CVE-2025-21653
  * CVE-2025-21655
  * CVE-2025-21663
  * CVE-2025-21664
  * CVE-2025-21665
  * CVE-2025-21666
  * CVE-2025-21667
  * CVE-2025-21668
  * CVE-2025-21669
  * CVE-2025-21670
  * CVE-2025-21673
  * CVE-2025-21674
  * CVE-2025-21675
  * CVE-2025-21676
  * CVE-2025-21678
  * CVE-2025-21681
  * CVE-2025-21682

  
CVSS scores:

  * CVE-2024-40980 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-40980 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-46858 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-46858 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-49948 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49948 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49978 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49978 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50142 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-50142 ( SUSE ):  6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
  * CVE-2024-50142 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50251 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-50251 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50251 ( NVD ):  6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50258 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-50258 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50258 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50304 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50304 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53123 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53123 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53187 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-53187 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
  * CVE-2024-53187 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53203 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53203 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
  * CVE-2024-53203 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56592 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56592 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56600 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56600 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56601 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56608 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56608 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56608 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56610 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56610 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56633 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56633 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56650 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56650 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56650 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-56658 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56658 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56658 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56665 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56665 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56665 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56679 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56679 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56693 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56693 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56693 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56707 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56707 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56715 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56715 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56715 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56725 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56725 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56725 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56726 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56726 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56726 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56727 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56727 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56727 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56728 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56728 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56728 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56763 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56763 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56763 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57802 ( SUSE ):  2.1
    CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-57802 ( SUSE ):  4.6 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
  * CVE-2024-57802 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57882 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57882 ( SUSE ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
  * CVE-2024-57882 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57884 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57884 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57917 ( SUSE ):  5.6
    CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57917 ( SUSE ):  4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57931 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57931 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57938 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57938 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57938 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57946 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57946 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21652 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21652 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-21652 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-21652 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-21653 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-21653 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  * CVE-2025-21655 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21655 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21663 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21663 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21664 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21664 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21665 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21665 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21665 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21666 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21666 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21666 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21667 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21667 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21667 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21668 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21668 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
  * CVE-2025-21669 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21669 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21669 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21670 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21670 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21670 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21673 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21673 ( SUSE ):  6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
  * CVE-2025-21673 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21674 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21674 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21674 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21675 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21675 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21675 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21676 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21676 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21676 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21678 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21678 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21681 ( SUSE ):  8.2
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
  * CVE-2025-21681 ( SUSE ):  6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
  * CVE-2025-21682 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-21682 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-21682 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * Confidential Computing Module 15-SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves 54 vulnerabilities, contains two features and has 19
security fixes can now be installed.

## Description:

The SUSE Linux Enterprise 15 SP6 Confidential Computing kernel was updated to
receive various security bugfixes.

The following security bugs were fixed:

  * CVE-2024-40980: drop_monitor: replace spin_lock by raw_spin_lock
    (bsc#1227937).
  * CVE-2024-46858: mptcp: pm: Fix uaf in __timer_delete_sync (bsc#1231088).
  * CVE-2024-49948: net: add more sanity checks to qdisc_pkt_len_init()
    (bsc#1232161).
  * CVE-2024-49978: gso: fix udp gso fraglist segmentation after pull from
    frag_list (bsc#1232101).
  * CVE-2024-50142: xfrm: validate new SA's prefixlen using SA family when
    sel.family is unset (bsc#1233028).
  * CVE-2024-50251: netfilter: nft_payload: sanitize offset and length before
    calling skb_checksum() (bsc#1233248).
  * CVE-2024-50258: net: fix crash when config small
    gso_max_size/gso_ipv4_max_size (bsc#1233221).
  * CVE-2024-50304: ipv4: ip_tunnel: Fix suspicious RCU usage warning in
    ip_tunnel_find() (bsc#1233522).
  * CVE-2024-53123: mptcp: error out earlier on disconnect (bsc#1234070).
  * CVE-2024-53187: io_uring: check for overflows in io_pin_pages (bsc#1234947).
  * CVE-2024-53203: usb: typec: fix potential array underflow in
    ucsi_ccg_sync_control() (bsc#1235001).
  * CVE-2024-56592: bpf: Call free_htab_elem() after htab_unlock_bucket()
    (bsc#1235244).
  * CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in
    inet6_create() (bsc#1235217).
  * CVE-2024-56601: net: inet: do not leave a dangling sk pointer in
    inet_create() (bsc#1235230).
  * CVE-2024-56608: drm/amd/display: Fix out-of-bounds access in
    'dcn21_link_encoder_create' (bsc#1235487).
  * CVE-2024-56610: kcsan: Turn report_filterlist_lock into a raw_spinlock
    (bsc#1235390).
  * CVE-2024-56633: tcp_bpf: Fix the sk_mem_uncharge logic in tcp_bpf_sendmsg
    (bsc#1235485).
  * CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check()
    (bsc#1235430).
  * CVE-2024-56658: net: defer final 'struct net' free in netns dismantle
    (bsc#1235441).
  * CVE-2024-56665: bpf,perf: Fix invalid prog_array access in
    perf_event_detach_bpf_prog (bsc#1235489).
  * CVE-2024-56679: octeontx2-pf: handle otx2_mbox_get_rsp errors in
    otx2_common.c (bsc#1235498).
  * CVE-2024-56693: brd: defer automatic disk creation until module
    initialization succeeds (bsc#1235418).
  * CVE-2024-56707: octeontx2-pf: handle otx2_mbox_get_rsp errors in
    otx2_dmac_flt.c (bsc#1235545).
  * CVE-2024-56715: ionic: Fix netdev notifier unregister on failure
    (bsc#1235612).
  * CVE-2024-56725: octeontx2-pf: handle otx2_mbox_get_rsp errors in
    otx2_dcbnl.c (bsc#1235578).
  * CVE-2024-56726: octeontx2-pf: handle otx2_mbox_get_rsp errors in cn10k.c
    (bsc#1235582).
  * CVE-2024-56727: octeontx2-pf: handle otx2_mbox_get_rsp errors in
    otx2_flows.c (bsc#1235583).
  * CVE-2024-56728: octeontx2-pf: handle otx2_mbox_get_rsp errors in
    otx2_ethtool.c (bsc#1235656).
  * CVE-2024-56763: tracing: Prevent bad count for tracing_cpumask_write
    (bsc#1235638).
  * CVE-2024-57802: netrom: check buffer length before accessing it
    (bsc#1235941).
  * CVE-2024-57882: mptcp: fix TCP options overflow. (bsc#1235914).
  * CVE-2024-57884: mm: vmscan: account for free pages to prevent infinite Loop
    in throttle_direct_reclaim() (bsc#1235948).
  * CVE-2024-57917: topology: Keep the cpumask unchanged when printing cpumap
    (bsc#1236127).
  * CVE-2024-57931: selinux: ignore unknown extended permissions (bsc#1236192).
  * CVE-2024-57938: net/sctp: Prevent autoclose integer overflow in
    sctp_association_init() (bsc#1236182).
  * CVE-2024-57946: virtio-blk: do not keep queue frozen during system suspend
    (bsc#1236247).
  * CVE-2025-21652: ipvlan: Fix use-after-free in ipvlan_get_iflink()
    (bsc#1236160).
  * CVE-2025-21653: net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute
    (bsc#1236161).
  * CVE-2025-21655: io_uring/eventfd: ensure io_eventfd_signal() defers another
    RCU period (bsc#1236163).
  * CVE-2025-21663: net: stmmac: dwmac-tegra: Read iommu stream id from device
    tree (bsc#1236260).
  * CVE-2025-21664: dm thin: make get_first_thin use rcu-safe list first
    function (bsc#1236262).
  * CVE-2025-21665: filemap: avoid truncating 64-bit offset to 32 bits
    (bsc#1236684).
  * CVE-2025-21666: vsock: prevent null-ptr-deref in vsock_*[has_data|has_space]
    (bsc#1236680).
  * CVE-2025-21667: iomap: avoid avoid truncating 64-bit offset to 32 bits
    (bsc#1236681).
  * CVE-2025-21668: pmdomain: imx8mp-blk-ctrl: add missing loop break condition
    (bsc#1236682).
  * CVE-2025-21669: vsock/virtio: discard packets if the transport changes
    (bsc#1236683).
  * CVE-2025-21670: vsock/bpf: return early if transport is not assigned
    (bsc#1236685).
  * CVE-2025-21673: smb: client: fix double free of TCP_Server_Info::hostname
    (bsc#1236689).
  * CVE-2025-21674: net/mlx5e: Fix inversion dependency warning while enabling
    IPsec tunnel (bsc#1236688).
  * CVE-2025-21675: net/mlx5: Clear port select structure when fail to create
    (bsc#1236694).
  * CVE-2025-21676: net: fec: handle page_pool_dev_alloc_pages error
    (bsc#1236696).
  * CVE-2025-21678: gtp: Destroy device along with udp socket's netns dismantle
    (bsc#1236698).
  * CVE-2025-21681: openvswitch: fix lockup on tx to unregistering netdev with
    carrier (bsc#1236702).
  * CVE-2025-21682: eth: bnxt: always recalculate features after XDP clearing,
    fix null-deref (bsc#1236703).

The following non-security bugs were fixed:

  * ACPI: PRM: Remove unnecessary strict handler address checks (git-fixes).
  * ACPI: fan: cleanup resources in the error path of .probe() (git-fixes).
  * ACPI: property: Fix return value for nval == 0 in acpi_data_prop_read()
    (git-fixes).
  * ACPI: resource: acpi_dev_irq_override(): Check DMI match last (stable-
    fixes).
  * ALSA: hda/realtek - Fixed headphone distorted sound on Acer Aspire A115-31
    laptop (git-fixes).
  * ALSA: hda/realtek: Enable Mute LED on HP Laptop 14s-fq1xxx (stable-fixes).
  * ALSA: hda/realtek: Enable headset mic on Positivo C6400 (stable-fixes).
  * ALSA: hda/realtek: Workaround for resume on Dell Venue 11 Pro 7130
    (bsc#1235686).
  * ALSA: hda: Fix headset detection failure due to unstable sort (git-fixes).
  * ALSA: seq: Make dependency on UMP clearer (git-fixes).
  * ALSA: seq: remove redundant 'tristate' for SND_SEQ_UMP_CLIENT (stable-
    fixes).
  * ALSA: usb-audio: Add delay quirk for USB Audio Device (stable-fixes).
  * ALSA: usb-audio: Add delay quirk for iBasso DC07 Pro (stable-fixes).
  * ASoC: Intel: avs: Abstract IPC handling (stable-fixes).
  * ASoC: Intel: avs: Do not readq() u32 registers (git-fixes).
  * ASoC: Intel: avs: Fix theoretical infinite loop (git-fixes).
  * ASoC: Intel: avs: Prefix SKL/APL-specific members (stable-fixes).
  * ASoC: acp: Support microphone from Lenovo Go S (stable-fixes).
  * ASoC: rockchip: i2s_tdm: Re-add the set_sysclk callback (git-fixes).
  * ASoC: samsung: Add missing depends on I2C (git-fixes).
  * ASoC: samsung: Add missing selects for MFD_WM8994 (stable-fixes).
  * ASoC: sun4i-spdif: Add clock multiplier settings (git-fixes).
  * ASoC: wm8994: Add depends on MFD core (stable-fixes).
  * Bluetooth: L2CAP: accept zero as a special value for MTU auto-selection
    (git-fixes).
  * Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc (git-fixes).
  * Bluetooth: btnxpuart: Fix glitches seen in dual A2DP streaming (git-fixes).
  * EDAC/{i10nm,skx,skx_common}: Support UV systems (bsc#1234693).
  * HID: core: Fix assumption that Resolution Multipliers must be in Logical
    Collections (git-fixes).
  * HID: fix generic desktop D-Pad controls (git-fixes).
  * HID: hid-sensor-hub: do not use stale platform-data on remove (git-fixes).
  * HID: hid-thrustmaster: Fix warning in thrustmaster_probe by adding endpoint
    check (git-fixes).
  * HID: multitouch: fix support for Goodix PID 0x01e9 (git-fixes).
  * Input: atkbd - map F23 key to support default copilot shortcut (stable-
    fixes).
  * Input: bbnsm_pwrkey - add remove hook (git-fixes).
  * Input: davinci-keyscan - remove leftover header (git-fixes).
  * Input: xpad - add QH Electronics VID/PID (stable-fixes).
  * Input: xpad - add support for Nacon Evol-X Xbox One Controller (stable-
    fixes).
  * Input: xpad - add support for Nacon Pro Compact (stable-fixes).
  * Input: xpad - add support for wooting two he (arm) (stable-fixes).
  * Input: xpad - add unofficial Xbox 360 wireless receiver clone (stable-
    fixes).
  * Input: xpad - improve name of 8BitDo controller 2dc8:3106 (stable-fixes).
  * KVM: Allow page-sized MMU caches to be initialized with custom 64-bit values
    (jsc#PED-6143).
  * KVM: x86/mmu: Add Suppress VE bit to EPT
    shadow_mmio_mask/shadow_present_mask (jsc#PED-6143).
  * KVM: x86/mmu: Allow non-zero value for non-present SPTE and removed SPTE
    (jsc#PED-6143).
  * KVM: x86/mmu: Replace hardcoded value 0 for the initial value for SPTE
    (jsc#PED-6143).
  * KVM: x86/mmu: Track shadow MMIO value on a per-VM basis (jsc#PED-6143).
  * NFC: nci: Add bounds checking in nci_hci_create_pipe() (git-fixes).
  * NFSv4.2: fix COPY_NOTIFY xdr buf size calculation (git-fixes).
  * NFSv4.2: mark OFFLOAD_CANCEL MOVEABLE (git-fixes).
  * PCI: Avoid putting some root ports into D3 on TUXEDO Sirius Gen1 (git-
    fixes).
  * PCI: dwc: Always stop link in the dw_pcie_suspend_noirq (git-fixes).
  * PCI: dwc: ep: Prevent changing BAR size/flags in pci_epc_set_bar() (git-
    fixes).
  * PCI: dwc: ep: Write BAR_MASK before iATU registers in pci_epc_set_bar()
    (git-fixes).
  * PCI: endpoint: Destroy the EPC device in devm_pci_epc_destroy() (git-fixes).
  * PCI: endpoint: Finish virtual EP removal in pci_epf_remove_vepf() (git-
    fixes).
  * PCI: endpoint: pci-epf-test: Fix check for DMA MEMCPY test (git-fixes).
  * PCI: endpoint: pci-epf-test: Set dma_chan_rx pointer to NULL on error (git-
    fixes).
  * PCI: imx6: Deassert apps_reset in imx_pcie_deassert_core_reset() (git-
    fixes).
  * PCI: imx6: Skip controller_id generation logic for i.MX7D (git-fixes).
  * PCI: microchip: Set inbound address translation for coherent or non-coherent
    mode (git-fixes).
  * PCI: rcar-ep: Fix incorrect variable used when calling
    devm_request_mem_region() (git-fixes).
  * PM: hibernate: Add error handling for syscore_suspend() (git-fixes).
  * RDMA/bnxt_re: Fix to drop reference to the mmap entry in case of error (git-
    fixes)
  * RDMA/bnxt_re: Fix to export port num to ib_query_qp (git-fixes)
  * RDMA/mlx4: Avoid false error about access to uninitialized gids array (git-
    fixes)
  * RDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error (git-
    fixes)
  * RDMA/mlx5: Fix implicit ODP use after free (git-fixes)
  * RDMA/mlx5: Fix indirect mkey ODP page count (git-fixes)
  * RDMA/rxe: Fix mismatched max_msg_sz (git-fixes)
  * RDMA/rxe: Fix the warning "__rxe_cleanup+0x12c/0x170 [rdma_rxe]" (git-fixes)
  * RDMA/srp: Fix error handling in srp_add_port (git-fixes)
  * Remove "iommu/arm-smmu: Defer probe of clients after smmu device bound",
    reverted by upstream.
  * Revert "HID: multitouch: Add support for lenovo Y9000P Touchpad" (stable-
    fixes).
  * Revert "drm/i915/dpt: Make DPT object unshrinkable" (stable-fixes).
  * Revert "usb: gadget: u_serial: Disable ep before setting port to null to fix
    the crash caused by port being null" (stable-fixes).
  * Revert "Disable ceph".
  * USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() (git-
    fixes).
  * VFS: use system_unbound_wq for delayed_mntput (bsc#1234683).
  * VMCI: fix reference to ioctl-number.rst (git-fixes).
  * afs: Fix EEXIST error returned from afs_rmdir() to be ENOTEMPTY (git-fixes).
  * afs: Fix cleanup of immediately failed async calls (git-fixes).
  * afs: Fix directory format encoding struct (git-fixes).
  * afs: Fix the fallback handling for the YFS.RemoveFile2 RPC call (git-fixes).
  * arm64/sme: Move storage of reg_smidr to __cpuinfo_store_cpu() (git-fixes)
  * arm64: Filter out SVE hwcaps when FEAT_SVE isn't implemented (git-fixes)
  * arm64: Kconfig: Make SME depend on BROKEN for now (git-fixes bsc#1236245)
    Update arm64 default configuration file
  * arm64: dts: rockchip: Add sdmmc/sdio/emmc reset controls for RK3328 (git-
    fixes)
  * arm64: dts: rockchip: increase gmac rx_delay on rk3399-puma (git-fixes)
  * arm64: tegra: Disable Tegra234 sce-fabric node (git-fixes)
  * arm64: tegra: Fix Tegra234 PCIe interrupt-map (git-fixes)
  * arm64: tegra: Fix typo in Tegra234 dce-fabric compatible (git-fixes)
  * ata: libata-core: Set ATA_QCFLAG_RTF_FILLED in fill_result_tf() (stable-
    fixes).
  * bus: mhi: host: Free mhi_buf vector inside mhi_alloc_bhie_table() (git-
    fixes).
  * cpufreq: ACPI: Fix max-frequency computation (git-fixes).
  * cpufreq: Do not unregister cpufreq cooling on CPU hotplug (git-fixes).
  * cpufreq: amd-pstate: remove global header file (git-fixes).
  * cpufreq: imx6q: Do not disable 792 Mhz OPP unnecessarily (git-fixes).
  * cpufreq: imx6q: do not warn for disabling a non-existing frequency (git-
    fixes).
  * cpufreq: intel_pstate: Make hwp_notify_lock a raw spinlock (git-fixes).
  * cpufreq: intel_pstate: Use HWP to initialize ITMT if CPPC is missing (git-
    fixes).
  * cpufreq: intel_pstate: fix pstate limits enforcement for adjust_perf call
    back (git-fixes).
  * cpufreq: mediatek-hw: Do not error out if supply is not found (git-fixes).
  * cpufreq: mediatek-hw: Wait for CPU supplies before probing (git-fixes).
  * cpufreq: qcom-nvmem: Enable virtual power domain devices (git-fixes).
  * cpufreq: qcom-nvmem: Simplify driver data allocation (stable-fixes).
  * cpufreq: qcom-nvmem: add support for IPQ8064 (git-fixes).
  * cpufreq: qcom-nvmem: drop pvs_ver for format a fuses (git-fixes).
  * cpufreq: qcom-nvmem: fix memory leaks in probe error paths (git-fixes).
  * cpufreq: qcom-nvmem: use SoC ID-s from bindings (git-fixes).
  * cpufreq: qcom-nvmem: use helper to get SMEM SoC ID (git-fixes).
  * cpufreq: qcom: Fix qcom_cpufreq_hw_recalc_rate() to query LUT if LMh IRQ is
    not available (git-fixes).
  * cpufreq: qcom: Implement clk_ops::determine_rate() for qcom_cpufreq* clocks
    (git-fixes).
  * cpuidle: Avoid potential overflow in integer multiplication (git-fixes).
  * cpupower: fix TSC MHz calculation (git-fixes).
  * crypto: caam - use JobR's space to access page 0 regs (git-fixes).
  * crypto: hisilicon/sec2 - fix for aead icv error (git-fixes).
  * crypto: hisilicon/sec2 - fix for aead invalid authsize (git-fixes).
  * crypto: hisilicon/sec2 - optimize the error return process (stable-fixes).
  * crypto: iaa - Fix IAA disabling that occurs when sync_mode is set to 'async'
    (git-fixes).
  * crypto: ixp4xx - fix OF node reference leaks in init_ixp_crypto() (git-
    fixes).
  * crypto: qce - fix goto jump in error path (git-fixes).
  * crypto: qce - fix priority to be less than ARMv8 CE (git-fixes).
  * crypto: qce - unregister previously registered algos in error path (git-
    fixes).
  * devcoredump: cleanup some comments (git-fixes).
  * dmaengine: ti: edma: fix OF node reference leaks in edma_driver (git-fixes).
  * docs: power: Fix footnote reference for Toshiba Satellite P10-554 (git-
    fixes).
  * driver core: class: Fix wild pointer dereferences in API
    class_dev_iter_next() (git-fixes).
  * drivers/card_reader/rtsx_usb: Restore interrupt based detection (git-fixes).
  * drm/amd/display: Use HW lock mgr for PSR1 (stable-fixes).
  * drm/amd/pm: Fix an error handling path in
    vega10_enable_se_edc_force_stall_config() (git-fixes).
  * drm/amdgpu/vcn: reset fw_shared under SRIOV (git-fixes).
  * drm/amdgpu: Fix potential NULL pointer dereference in
    atomctrl_get_smc_sclk_range_table (git-fixes).
  * drm/amdgpu: always sync the GFX pipe on ctx switch (stable-fixes).
  * drm/amdgpu: fix UVD contiguous CS mapping problem (bsc#1236759).
  * drm/amdgpu: simplify return statement in amdgpu_ras_eeprom_init (git-fixes).
  * drm/amdgpu: tear down ttm range manager for doorbell in amdgpu_ttm_fini()
    (git-fixes).
  * drm/bridge: it6505: Change definition of AUX_FIFO_MAX_SIZE (git-fixes).
  * drm/etnaviv: Fix page property being used for non writecombine buffers (git-
    fixes).
  * drm/i915/dp: Iterate DSC BPP from high to low on all platforms (git-fixes).
  * drm/i915/fb: Relax clear color alignment to 64 bytes (stable-fixes).
  * drm/i915/guc: Debug print LRC state entries only if the context is pinned
    (git-fixes).
  * drm/i915/pmu: Fix zero delta busyness issue (git-fixes).
  * drm/komeda: Add check for komeda_get_layer_fourcc_list() (git-fixes).
  * drm/mgag200: Added support for the new device G200eH5 (jsc#PED-12094)
  * drm/msm/dp: set safe_to_exit_level before printing it (git-fixes).
  * drm/msm/dpu: link DSPP_2/_3 blocks on SC8180X (git-fixes).
  * drm/msm/dpu: link DSPP_2/_3 blocks on SM8150 (git-fixes).
  * drm/msm/dpu: link DSPP_2/_3 blocks on SM8250 (git-fixes).
  * drm/msm/dpu: link DSPP_2/_3 blocks on SM8350 (git-fixes).
  * drm/msm/dpu: link DSPP_2/_3 blocks on SM8550 (git-fixes).
  * drm/msm: Check return value of of_dma_configure() (git-fixes).
  * drm/msm: do not clean up priv->kms prematurely (git-fixes).
  * drm/rcar-du: dsi: Fix PHY lock bit check (git-fixes).
  * drm/rockchip: cdn-dp: Use drm_connector_helper_hpd_irq_event() (git-fixes).
  * drm/rockchip: move output interface related definition to rockchip_drm_drv.h
    (stable-fixes).
  * drm/rockchip: vop2: Check linear format for Cluster windows on rk3566/8
    (git-fixes).
  * drm/rockchip: vop2: Fix cluster windows alpha ctrl regsiters offset (git-
    fixes).
  * drm/rockchip: vop2: Fix the mixer alpha setup for layer 0 (git-fixes).
  * drm/rockchip: vop2: Fix the windows switch between different layers (git-
    fixes).
  * drm/rockchip: vop2: Set YUV/RGB overlay mode (stable-fixes).
  * drm/rockchip: vop2: include rockchip_drm_drv.h (git-fixes).
  * drm/rockchip: vop2: set bg dly and prescan dly at vop2_post_config (stable-
    fixes).
  * drm/tidss: Clear the interrupt status for interrupts being disabled (git-
    fixes).
  * drm/tidss: Fix issue in irq handling causing irq-flood issue (git-fixes).
  * drm/v3d: Assign job pointer to NULL before signaling the fence (git-fixes).
  * drm/v3d: Stop active perfmon if it is being destroyed (git-fixes).
  * fbdev: omapfb: Fix an OF node leak in dss_of_port_get_parent_device() (git-
    fixes).
  * firmware: iscsi_ibft: fix ISCSI_IBFT Kconfig entry (git-fixes).
  * futex: Do not include process MM in futex key on no-MMU (git-fixes).
  * genirq: Make handle_enforce_irqctx() unconditionally available (git-fixes).
  * genksyms: fix memory leak when the same symbol is added from source (git-
    fixes).
  * genksyms: fix memory leak when the same symbol is read from *.symref file
    (git-fixes).
  * gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (git-fixes).
  * gpio: mxc: remove dead code after switch to DT-only (git-fixes).
  * gpio: pca953x: Improve interrupt support (git-fixes).
  * gpu: drm_dp_cec: fix broken CEC adapter properties check (git-fixes).
  * gtp: Use for_each_netdev_rcu() in gtp_genl_dump_pdp() (git-fixes).
  * hwmon: (drivetemp) Set scsi command timeout to 10s (stable-fixes).
  * hyperv: Do not overlap the hvcall IO areas in get_vtl() (git-fixes).
  * ibmvnic: Free any outstanding tx skbs during scrq reset (bsc#1226980).
  * iio: adc: ad_sigma_delta: Handle CS assertion as intended in
    ad_sd_read_reg_raw() (git-fixes).
  * iio: iio-mux: kzalloc instead of devm_kzalloc to ensure page alignment (git-
    fixes).
  * iio: light: as73211: fix channel handling in only-color triggered buffer
    (git-fixes).
  * intel_th: core: fix kernel-doc warnings (git-fixes).
  * ipmi: ipmb: Add check devm_kasprintf() returned value (git-fixes).
  * ipmi: ssif_bmc: Fix new request loss when bmc ready for a response (git-
    fixes).
  * kconfig: fix file name in warnings when loading KCONFIG_DEFCONFIG_LIST (git-
    fixes).
  * kheaders: Ignore silly-rename files (stable-fixes).
  * ktest.pl: Avoid false positives with grub2 skip regex (stable-fixes).
  * ktest.pl: Check kernelrelease return in get_version (git-fixes).
  * ktest.pl: Fix typo "accesing" (git-fixes).
  * ktest.pl: Fix typo in comment (git-fixes).
  * ktest.pl: Remove unused declarations in run_bisect_test function (git-
    fixes).
  * ktest: force $buildonly = 1 for 'make_warnings_file' test type (stable-
    fixes).
  * landlock: Handle weird files (git-fixes).
  * latencytop: use correct kernel-doc format for func params (git-fixes).
  * leds: lp8860: Write full EEPROM, not only half of it (git-fixes).
  * leds: netxbig: Fix an OF node reference leak in netxbig_leds_get_of_pdata()
    (git-fixes).
  * lib/inflate.c: remove dead code (git-fixes).
  * lockdep: fix deadlock issue between lockdep and rcu (git-fixes).
  * locking/lockdep: Avoid creating new name string literals in
    lockdep_set_subclass() (git-fixes).
  * locking/rwsem: Add __always_inline annotation to __down_write_common() and
    inlined callers (git-fixes).
  * mac802154: check local interfaces before deleting sdata list (stable-fixes).
  * mailbox: tegra-hsp: Clear mailbox before using message (git-fixes).
  * maple_tree: simplify split calculation (git-fixes).
  * media: camif-core: Add check for clk_enable() (git-fixes).
  * media: ccs: Clean up parsed CCS static data on parse failure (git-fixes).
  * media: ccs: Fix CCS static data parsing for large block sizes (git-fixes).
  * media: ccs: Fix cleanup order in ccs_probe() (git-fixes).
  * media: dvb-usb-v2: af9035: fix ISO C90 compilation error on
    af9035_i2c_master_xfer (git-fixes).
  * media: dvb: mb86a16: check the return value of mb86a16_read() (git-fixes).
  * media: firewire: firedtv-avc.c: replace BUG with proper, error return (git-
    fixes).
  * media: i2c: imx412: Add missing newline to prints (git-fixes).
  * media: i2c: ov9282: Correct the exposure offset (git-fixes).
  * media: imx-jpeg: Fix potential error pointer dereference in detach_pm()
    (git-fixes).
  * media: imx296: Add standby delay during probe (git-fixes).
  * media: lmedm04: Handle errors for lme2510_int_read (git-fixes).
  * media: marvell: Add check for clk_enable() (git-fixes).
  * media: mc: fix endpoint iteration (git-fixes).
  * media: mipi-csis: Add check for clk_enable() (git-fixes).
  * media: nxp: imx8-isi: fix v4l2-compliance test errors (git-fixes).
  * media: ov08x40: Fix hblank out of range issue (git-fixes).
  * media: ov5640: fix get_light_freq on auto (git-fixes).
  * media: rc: iguanair: handle timeouts (git-fixes).
  * media: rkisp1: Fix unused value issue (git-fixes).
  * media: uvcvideo: Fix crash during unbind if gpio unit is in use (git-fixes).
  * media: uvcvideo: Fix double free in error path (git-fixes).
  * media: uvcvideo: Fix event flags in uvc_ctrl_send_events (git-fixes).
  * media: uvcvideo: Only save async fh if success (git-fixes).
  * media: uvcvideo: Propagate buf->error to userspace (git-fixes).
  * media: uvcvideo: Remove dangling pointers (git-fixes).
  * media: uvcvideo: Remove redundant NULL assignment (git-fixes).
  * media: uvcvideo: Support partial control reads (git-fixes).
  * memory: tegra20-emc: fix an OF node reference bug in
    tegra_emc_find_node_by_ram_code() (git-fixes).
  * misc: fastrpc: Deregister device nodes properly in error scenarios (git-
    fixes).
  * misc: fastrpc: Fix copy buffer page size (git-fixes).
  * misc: fastrpc: Fix registered buffer page address (git-fixes).
  * misc: misc_minor_alloc to use ida for all dynamic/misc dynamic minors (git-
    fixes).
  * mm/compaction: fix UBSAN shift-out-of-bounds warning (git fixes
    (mm/compaction)).
  * mm/rodata_test: use READ_ONCE() to read const variable (git-fixes).
  * mptcp: fix recvbuffer adjust on sleeping rcvmsg (git-fixes)
  * mtd: onenand: Fix uninitialized retlen in do_otp_read() (git-fixes).
  * mtd: spinand: Remove write_enable_op() in markbad() (git-fixes).
  * net/rose: prevent integer overflows in rose_setsockopt() (git-fixes).
  * net: mana: Add get_link and get_link_ksettings in ethtool (bsc#1236761).
  * net: mana: Cleanup "mana" debugfs dir after cleanup of all children
    (bsc#1236760).
  * net: mana: Enable debugfs files for MANA device (bsc#1236758).
  * net: netvsc: Update default VMBus channels (bsc#1236757).
  * net: phy: c45-tjaxx: add delay between MDIO write and read in soft_reset
    (git-fixes).
  * net: rose: fix timer races against user threads (git-fixes).
  * net: usb: rtl8150: enable basic endpoint checking (git-fixes).
  * netfilter: nf_tables: validate family when identifying table via handle
    (bsc#1233778 ZDI-24-1454).
  * nilfs2: fix possible int overflows in nilfs_fiemap() (git-fixes).
  * nvme-tcp: Fix I/O queue cpu spreading for multiple controllers (git-fixes).
  * nvme: Add error check for xa_store in nvme_get_effects_log (git-fixes).
  * nvme: Add error path for xa_store in nvme_init_effects (git-fixes).
  * nvme: fix bogus kzalloc() return check in nvme_init_effects_log() (git-
    fixes).
  * nvmet: propagate npwg topology (git-fixes).
  * padata: add pd get/put refcnt helper (git-fixes).
  * padata: avoid UAF for reorder_work (git-fixes).
  * padata: fix UAF in padata_reorder (git-fixes).
  * pinctrl: amd: Take suspend type into consideration which pins are non-wake
    (git-fixes).
  * pinctrl: samsung: fix fwnode refcount cleanup if platform_get_irq_optional()
    fails (git-fixes).
  * pm:cpupower: Add missing powercap_set_enabled() stub function (git-fixes).
  * power: ip5xxx_power: Fix return value on ADC read errors (git-fixes).
  * powerpc/pseries/eeh: Fix get PE state translation (bsc#1215199).
  * pps: add an error check in parport_attach (git-fixes).
  * pps: remove usage of the deprecated ida_simple_xx() API (stable-fixes).
  * printk: Add is_printk_legacy_deferred() (bsc#1236733).
  * printk: Defer legacy printing when holding printk_cpu_sync (bsc#1236733).
  * pwm: stm32-lp: Add check for clk_enable() (git-fixes).
  * pwm: stm32: Add check for clk_enable() (git-fixes).
  * r8169: enable SG/TSO on selected chip versions per default (bsc#1235874).
  * rcu-tasks: Pull sampling of ->percpu_dequeue_lim out of loop (git-fixes)
  * rcu/tree: Defer setting of jiffies during stall reset (git-fixes)
  * rcu: Dump memory object info if callback function is invalid (git-fixes)
  * rcu: Eliminate rcu_gp_slow_unregister() false positive (git-fixes)
  * rcuscale: Move rcu_scale_writer() (git-fixes)
  * rdma/cxgb4: Prevent potential integer overflow on 32bit (git-fixes)
  * regulator: core: Add missing newline character (git-fixes).
  * regulator: of: Implement the unwind path of of_regulator_match() (git-
    fixes).
  * remoteproc: core: Fix ida_free call while not allocated (git-fixes).
  * rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read (git-fixes).
  * rtc: zynqmp: Fix optional clock name property (git-fixes).
  * samples/landlock: Fix possible NULL dereference in parse_path() (git-fixes).
  * sched/fair: Fix value reported by hot tasks pulled in /proc/schedstat
    (bsc#1235865).
  * sched/fair: Fix value reported by hot tasks pulled in /proc/schedstat -kabi
    (bsc#1235865).
  * scsi: storvsc: Ratelimit warning logs to prevent VM denial of service (git-
    fixes).
  * seccomp: Stub for !CONFIG_SECCOMP (stable-fixes).
  * selftest: media_tests: fix trivial UAF typo (git-fixes).
  * selftests/alsa: Fix circular dependency involving global-timer (stable-
    fixes).
  * selftests/futex: pass _GNU_SOURCE without a value to the compiler (git-
    fixes).
  * selftests/landlock: Fix error message (git-fixes).
  * selftests/mm/cow: modify the incorrect checking parameters (git-fixes).
  * selftests/powerpc: Fix argument order to timer_sub() (git-fixes).
  * selftests: harness: fix printing of mismatch values in __EXPECT() (git-
    fixes).
  * selftests: tc-testing: reduce rshift value (stable-fixes).
  * selftests: timers: clocksource-switch: Adapt progress to kselftest framework
    (git-fixes).
  * selinux: Fix SCTP error inconsistency in selinux_socket_bind() (git-fixes).
  * serial: 8250: Adjust the timeout for FIFO mode (git-fixes).
  * serial: sc16is7xx: use device_property APIs when configuring irda mode
    (stable-fixes).
  * serial: sh-sci: Do not probe the serial port if its slot in sci_ports[] is
    in use (git-fixes).
  * serial: sh-sci: Drop __initdata macro for port_cfg (git-fixes).
  * soc: atmel: fix device_node release in atmel_soc_device_init() (git-fixes).
  * soc: mediatek: mtk-devapc: Fix leaking IO map on error paths (git-fixes).
  * soc: qcom: smem: introduce qcom_smem_get_soc_id() (git-fixes).
  * soc: qcom: smem_state: fix missing of_node_put in error path (git-fixes).
  * soc: qcom: socinfo: Avoid out of bounds read of serial number (git-fixes).
  * soc: qcom: socinfo: move SMEM item struct and defines to a header (git-
    fixes).
  * spi: zynq-qspi: Add check for clk_enable() (git-fixes).
  * srcu: Fix srcu_struct node grpmask overflow on 64-bit systems (git-fixes)
  * srcu: Only accelerate on enqueue time (git-fixes)
  * staging: media: imx: fix OF node leak in imx_media_add_of_subdevs() (git-
    fixes).
  * staging: media: max96712: fix kernel oops when removing module (git-fixes).
  * tools: Sync if_xdp.h uapi tooling header (git-fixes).
  * tty: xilinx_uartps: split sysrq handling (git-fixes).
  * ubifs: skip dumping tnc tree when zroot is null (git-fixes).
  * uio: Fix return value of poll (git-fixes).
  * uio: uio_dmem_genirq: check the return value of devm_kasprintf() (git-
    fixes).
  * usb: chipidea: ci_hdrc_imx: decrement device's refcount in .remove() and in
    the error path of .probe() (git-fixes).
  * usb: dwc3-am62: Fix an OF node leak in phy_syscon_pll_refclk() (git-fixes).
  * usb: gadget: f_tcm: Decrement command ref count on cleanup (git-fixes).
  * usb: gadget: f_tcm: Do not free command immediately (git-fixes).
  * usb: gadget: f_tcm: Do not prepare BOT write request twice (git-fixes).
  * usb: gadget: f_tcm: Fix Get/SetInterface return value (git-fixes).
  * usb: gadget: f_tcm: Translate error to sense (git-fixes).
  * usb: gadget: f_tcm: ep_autoconfig with fullspeed endpoint (git-fixes).
  * usb: host: xhci-plat: Assign shared_hcd->rsrc_start (git-fixes).
  * usb: typec: fix pm usage counter imbalance in ucsi_ccg_sync_control()
    (bsc#1235001)
  * usb: typec: tcpm: set SRC_SEND_CAPABILITIES timeout to PD_T_SENDER_RESPONSE
    (git-fixes).
  * usbnet: ipheth: break up NCM header size computation (git-fixes).
  * usbnet: ipheth: check that DPE points past NCM header (git-fixes).
  * usbnet: ipheth: fix DPE OoB read (git-fixes).
  * usbnet: ipheth: fix possible overflow in DPE length check (git-fixes).
  * usbnet: ipheth: refactor NCM datagram loop (git-fixes).
  * usbnet: ipheth: use static NDP16 location in URB (git-fixes).
  * vfio/pci: Lock external INTx masking ops (bsc#1222803).
  * virtio-mem: check if the config changed before fake offlining memory (git-
    fixes).
  * virtio-mem: convert most offline_and_remove_memory() errors to -EBUSY (git-
    fixes).
  * virtio-mem: keep retrying on offline_and_remove_memory() errors in Sub Block
    Mode (SBM) (git-fixes).
  * virtio-mem: remove unsafe unplug in Big Block Mode (BBM) (git-fixes).
  * vsock/virtio: cancel close work in the destructor (git-fixes)
  * vsock: Keep the binding until socket destruction (git-fixes)
  * vsock: reset socket state when de-assigning the transport (git-fixes)
  * wifi: ath11k: Fix unexpected return buffer manager error for WCN6750/WCN6855
    (git-fixes).
  * wifi: ath11k: cleanup struct ath11k_mon_data (git-fixes).
  * wifi: ath12k: fix tx power, max reg power update to firmware (git-fixes).
  * wifi: brcmfmac: add missing header include for brcmf_dbg (git-fixes).
  * wifi: cfg80211: adjust allocation of colocated AP data (git-fixes).
  * wifi: iwlwifi: fw: read STEP table from correct UEFI var (git-fixes).
  * wifi: mac80211: Fix common size calculation for ML element (git-fixes).
  * wifi: mac80211: do not flush non-uploaded STAs (git-fixes).
  * wifi: mac80211: fix tid removal during mesh forwarding (git-fixes).
  * wifi: mac80211: prohibit deactivating all links (git-fixes).
  * wifi: mt76: connac: move mt7615_mcu_del_wtbl_all to connac (stable-fixes).
  * wifi: mt76: mt76u_vendor_request: Do not print error messages when -EPROTO
    (git-fixes).
  * wifi: mt76: mt7915: Fix mesh scan on MT7916 DBDC (git-fixes).
  * wifi: mt76: mt7915: add module param to select 5 GHz or 6 GHz on MT7916
    (git-fixes).
  * wifi: mt76: mt7915: firmware restart on devices with a second pcie link
    (git-fixes).
  * wifi: mt76: mt7915: fix omac index assignment after hardware reset (git-
    fixes).
  * wifi: mt76: mt7915: fix overflows seen when writing limit attributes (git-
    fixes).
  * wifi: mt76: mt7915: fix register mapping (git-fixes).
  * wifi: mt76: mt7915: improve hardware restart reliability (stable-fixes).
  * wifi: mt76: mt7921: fix using incorrect group cipher after disconnection
    (git-fixes).
  * wifi: mt76: mt7925: fix off by one in mt7925_load_clc() (git-fixes).
  * wifi: mt76: mt7996: add max mpdu len capability (git-fixes).
  * wifi: mt76: mt7996: fix HE Phy capability (git-fixes).
  * wifi: mt76: mt7996: fix definition of tx descriptor (git-fixes).
  * wifi: mt76: mt7996: fix incorrect indexing of MIB FW event (git-fixes).
  * wifi: mt76: mt7996: fix ldpc setting (git-fixes).
  * wifi: mt76: mt7996: fix overflows seen when writing limit attributes (git-
    fixes).
  * wifi: mt76: mt7996: fix register mapping (git-fixes).
  * wifi: mt76: mt7996: fix rx filter setting for bfee functionality (git-
    fixes).
  * wifi: mt76: mt7996: fix the capability of reception of EHT MU PPDU (git-
    fixes).
  * wifi: rtlwifi: destroy workqueue at rtl_deinit_core (git-fixes).
  * wifi: rtlwifi: do not complete firmware loading needlessly (git-fixes).
  * wifi: rtlwifi: fix init_sw_vars leak when probe fails (git-fixes).
  * wifi: rtlwifi: fix memory leaks and invalid access at probe error path (git-
    fixes).
  * wifi: rtlwifi: pci: wait for firmware loading before releasing memory (git-
    fixes).
  * wifi: rtlwifi: remove unused check_buddy_priv (git-fixes).
  * wifi: rtlwifi: rtl8192se: rise completion of firmware loading as last step
    (git-fixes).
  * wifi: rtlwifi: rtl8821ae: Fix media status report (git-fixes).
  * wifi: rtlwifi: rtl8821ae: phy: restore removed code to fix infinite loop
    (git-fixes).
  * wifi: rtlwifi: usb: fix workqueue leak when probe fails (git-fixes).
  * wifi: rtlwifi: wait for firmware loading before releasing memory (git-
    fixes).
  * wifi: rtw89: mcc: consider time limits not divisible by 1024 (git-fixes).
  * wifi: wcn36xx: fix channel survey memory allocation size (git-fixes).
  * wifi: wlcore: fix unbalanced pm_runtime calls (git-fixes).
  * workqueue: Add rcu lock check at the end of work item execution
    (bsc#1236732).
  * xfs: Add error handling for xfs_reflink_cancel_cow_range (git-fixes).
  * xfs: Propagate errors from xfs_reflink_cancel_cow_range in
    xfs_dax_write_iomap_end (git-fixes).

## Special Instructions and Notes:

  * Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * Confidential Computing Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Confidential-Computing-15-SP6-2025-564=1

## Package List:

  * Confidential Computing Module 15-SP6 (nosrc x86_64)
    * kernel-coco-6.4.0-15061.15.coco15sp6.1
    * kernel-coco_debug-6.4.0-15061.15.coco15sp6.1
  * Confidential Computing Module 15-SP6 (x86_64)
    * kernel-coco-debuginfo-6.4.0-15061.15.coco15sp6.1
    * kernel-coco_debug-debugsource-6.4.0-15061.15.coco15sp6.1
    * kernel-coco_debug-devel-6.4.0-15061.15.coco15sp6.1
    * reiserfs-kmp-coco-debuginfo-6.4.0-15061.15.coco15sp6.1
    * kernel-coco-vdso-debuginfo-6.4.0-15061.15.coco15sp6.1
    * kernel-coco-devel-6.4.0-15061.15.coco15sp6.1
    * reiserfs-kmp-coco-6.4.0-15061.15.coco15sp6.1
    * kernel-syms-coco-6.4.0-15061.15.coco15sp6.1
    * kernel-coco_debug-devel-debuginfo-6.4.0-15061.15.coco15sp6.1
    * kernel-coco-debugsource-6.4.0-15061.15.coco15sp6.1
    * kernel-coco_debug-debuginfo-6.4.0-15061.15.coco15sp6.1
  * Confidential Computing Module 15-SP6 (noarch)
    * kernel-devel-coco-6.4.0-15061.15.coco15sp6.1
    * kernel-source-coco-6.4.0-15061.15.coco15sp6.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-40980.html
  * https://www.suse.com/security/cve/CVE-2024-46858.html
  * https://www.suse.com/security/cve/CVE-2024-49948.html
  * https://www.suse.com/security/cve/CVE-2024-49978.html
  * https://www.suse.com/security/cve/CVE-2024-50142.html
  * https://www.suse.com/security/cve/CVE-2024-50251.html
  * https://www.suse.com/security/cve/CVE-2024-50258.html
  * https://www.suse.com/security/cve/CVE-2024-50304.html
  * https://www.suse.com/security/cve/CVE-2024-53123.html
  * https://www.suse.com/security/cve/CVE-2024-53187.html
  * https://www.suse.com/security/cve/CVE-2024-53203.html
  * https://www.suse.com/security/cve/CVE-2024-56592.html
  * https://www.suse.com/security/cve/CVE-2024-56600.html
  * https://www.suse.com/security/cve/CVE-2024-56601.html
  * https://www.suse.com/security/cve/CVE-2024-56608.html
  * https://www.suse.com/security/cve/CVE-2024-56610.html
  * https://www.suse.com/security/cve/CVE-2024-56633.html
  * https://www.suse.com/security/cve/CVE-2024-56650.html
  * https://www.suse.com/security/cve/CVE-2024-56658.html
  * https://www.suse.com/security/cve/CVE-2024-56665.html
  * https://www.suse.com/security/cve/CVE-2024-56679.html
  * https://www.suse.com/security/cve/CVE-2024-56693.html
  * https://www.suse.com/security/cve/CVE-2024-56707.html
  * https://www.suse.com/security/cve/CVE-2024-56715.html
  * https://www.suse.com/security/cve/CVE-2024-56725.html
  * https://www.suse.com/security/cve/CVE-2024-56726.html
  * https://www.suse.com/security/cve/CVE-2024-56727.html
  * https://www.suse.com/security/cve/CVE-2024-56728.html
  * https://www.suse.com/security/cve/CVE-2024-56763.html
  * https://www.suse.com/security/cve/CVE-2024-57802.html
  * https://www.suse.com/security/cve/CVE-2024-57882.html
  * https://www.suse.com/security/cve/CVE-2024-57884.html
  * https://www.suse.com/security/cve/CVE-2024-57917.html
  * https://www.suse.com/security/cve/CVE-2024-57931.html
  * https://www.suse.com/security/cve/CVE-2024-57938.html
  * https://www.suse.com/security/cve/CVE-2024-57946.html
  * https://www.suse.com/security/cve/CVE-2025-21652.html
  * https://www.suse.com/security/cve/CVE-2025-21653.html
  * https://www.suse.com/security/cve/CVE-2025-21655.html
  * https://www.suse.com/security/cve/CVE-2025-21663.html
  * https://www.suse.com/security/cve/CVE-2025-21664.html
  * https://www.suse.com/security/cve/CVE-2025-21665.html
  * https://www.suse.com/security/cve/CVE-2025-21666.html
  * https://www.suse.com/security/cve/CVE-2025-21667.html
  * https://www.suse.com/security/cve/CVE-2025-21668.html
  * https://www.suse.com/security/cve/CVE-2025-21669.html
  * https://www.suse.com/security/cve/CVE-2025-21670.html
  * https://www.suse.com/security/cve/CVE-2025-21673.html
  * https://www.suse.com/security/cve/CVE-2025-21674.html
  * https://www.suse.com/security/cve/CVE-2025-21675.html
  * https://www.suse.com/security/cve/CVE-2025-21676.html
  * https://www.suse.com/security/cve/CVE-2025-21678.html
  * https://www.suse.com/security/cve/CVE-2025-21681.html
  * https://www.suse.com/security/cve/CVE-2025-21682.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1215199
  * https://bugzilla.suse.com/show_bug.cgi?id=1222803
  * https://bugzilla.suse.com/show_bug.cgi?id=1224049
  * https://bugzilla.suse.com/show_bug.cgi?id=1226980
  * https://bugzilla.suse.com/show_bug.cgi?id=1227937
  * https://bugzilla.suse.com/show_bug.cgi?id=1231088
  * https://bugzilla.suse.com/show_bug.cgi?id=1232101
  * https://bugzilla.suse.com/show_bug.cgi?id=1232161
  * https://bugzilla.suse.com/show_bug.cgi?id=1233028
  * https://bugzilla.suse.com/show_bug.cgi?id=1233221
  * https://bugzilla.suse.com/show_bug.cgi?id=1233248
  * https://bugzilla.suse.com/show_bug.cgi?id=1233522
  * https://bugzilla.suse.com/show_bug.cgi?id=1233778
  * https://bugzilla.suse.com/show_bug.cgi?id=1234070
  * https://bugzilla.suse.com/show_bug.cgi?id=1234683
  * https://bugzilla.suse.com/show_bug.cgi?id=1234693
  * https://bugzilla.suse.com/show_bug.cgi?id=1234947
  * https://bugzilla.suse.com/show_bug.cgi?id=1235001
  * https://bugzilla.suse.com/show_bug.cgi?id=1235217
  * https://bugzilla.suse.com/show_bug.cgi?id=1235230
  * https://bugzilla.suse.com/show_bug.cgi?id=1235244
  * https://bugzilla.suse.com/show_bug.cgi?id=1235390
  * https://bugzilla.suse.com/show_bug.cgi?id=1235418
  * https://bugzilla.suse.com/show_bug.cgi?id=1235430
  * https://bugzilla.suse.com/show_bug.cgi?id=1235441
  * https://bugzilla.suse.com/show_bug.cgi?id=1235485
  * https://bugzilla.suse.com/show_bug.cgi?id=1235487
  * https://bugzilla.suse.com/show_bug.cgi?id=1235489
  * https://bugzilla.suse.com/show_bug.cgi?id=1235498
  * https://bugzilla.suse.com/show_bug.cgi?id=1235545
  * https://bugzilla.suse.com/show_bug.cgi?id=1235578
  * https://bugzilla.suse.com/show_bug.cgi?id=1235582
  * https://bugzilla.suse.com/show_bug.cgi?id=1235583
  * https://bugzilla.suse.com/show_bug.cgi?id=1235612
  * https://bugzilla.suse.com/show_bug.cgi?id=1235638
  * https://bugzilla.suse.com/show_bug.cgi?id=1235656
  * https://bugzilla.suse.com/show_bug.cgi?id=1235686
  * https://bugzilla.suse.com/show_bug.cgi?id=1235865
  * https://bugzilla.suse.com/show_bug.cgi?id=1235874
  * https://bugzilla.suse.com/show_bug.cgi?id=1235914
  * https://bugzilla.suse.com/show_bug.cgi?id=1235941
  * https://bugzilla.suse.com/show_bug.cgi?id=1235948
  * https://bugzilla.suse.com/show_bug.cgi?id=1236127
  * https://bugzilla.suse.com/show_bug.cgi?id=1236160
  * https://bugzilla.suse.com/show_bug.cgi?id=1236161
  * https://bugzilla.suse.com/show_bug.cgi?id=1236163
  * https://bugzilla.suse.com/show_bug.cgi?id=1236182
  * https://bugzilla.suse.com/show_bug.cgi?id=1236192
  * https://bugzilla.suse.com/show_bug.cgi?id=1236245
  * https://bugzilla.suse.com/show_bug.cgi?id=1236247
  * https://bugzilla.suse.com/show_bug.cgi?id=1236260
  * https://bugzilla.suse.com/show_bug.cgi?id=1236262
  * https://bugzilla.suse.com/show_bug.cgi?id=1236628
  * https://bugzilla.suse.com/show_bug.cgi?id=1236680
  * https://bugzilla.suse.com/show_bug.cgi?id=1236681
  * https://bugzilla.suse.com/show_bug.cgi?id=1236682
  * https://bugzilla.suse.com/show_bug.cgi?id=1236683
  * https://bugzilla.suse.com/show_bug.cgi?id=1236684
  * https://bugzilla.suse.com/show_bug.cgi?id=1236685
  * https://bugzilla.suse.com/show_bug.cgi?id=1236688
  * https://bugzilla.suse.com/show_bug.cgi?id=1236689
  * https://bugzilla.suse.com/show_bug.cgi?id=1236694
  * https://bugzilla.suse.com/show_bug.cgi?id=1236696
  * https://bugzilla.suse.com/show_bug.cgi?id=1236698
  * https://bugzilla.suse.com/show_bug.cgi?id=1236702
  * https://bugzilla.suse.com/show_bug.cgi?id=1236703
  * https://bugzilla.suse.com/show_bug.cgi?id=1236732
  * https://bugzilla.suse.com/show_bug.cgi?id=1236733
  * https://bugzilla.suse.com/show_bug.cgi?id=1236757
  * https://bugzilla.suse.com/show_bug.cgi?id=1236758
  * https://bugzilla.suse.com/show_bug.cgi?id=1236759
  * https://bugzilla.suse.com/show_bug.cgi?id=1236760
  * https://bugzilla.suse.com/show_bug.cgi?id=1236761
  * https://jira.suse.com/browse/PED-12094
  * https://jira.suse.com/browse/PED-7242

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250217/19fac000/attachment.htm>

From null at suse.de  Tue Feb 18 08:30:07 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 18 Feb 2025 08:30:07 -0000
Subject: SUSE-SU-2025:0569-1: moderate: Security update for ucode-intel
Message-ID: <173986740759.21560.15031011624824152980@smelt2.prg2.suse.org>



# Security update for ucode-intel

Announcement ID: SUSE-SU-2025:0569-1  
Release Date: 2025-02-18T06:43:36Z  
Rating: moderate  
References:

  * bsc#1237096

  
Cross-References:

  * CVE-2024-31068
  * CVE-2024-36293
  * CVE-2024-37020
  * CVE-2024-39355

  
CVSS scores:

  * CVE-2024-31068 ( SUSE ):  5.6
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-31068 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H
  * CVE-2024-31068 ( NVD ):  5.6
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2024-31068 ( NVD ):  5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H
  * CVE-2024-36293 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-36293 ( SUSE ):  6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
  * CVE-2024-36293 ( NVD ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2024-36293 ( NVD ):  6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
  * CVE-2024-37020 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-37020 ( SUSE ):  3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L
  * CVE-2024-37020 ( NVD ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2024-37020 ( NVD ):  3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L
  * CVE-2024-37020 ( NVD ):  3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L
  * CVE-2024-39355 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-39355 ( SUSE ):  6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
  * CVE-2024-39355 ( NVD ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2024-39355 ( NVD ):  6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves four vulnerabilities can now be installed.

## Description:

This update for ucode-intel fixes the following issues:

  * Intel CPU Microcode was updated to the 20250211 release (bsc#1237096)

  * CVE-2024-31068: Improper Finite State Machines (FSMs) in Hardware Logic for
    some Intel Processors may allow privileged user to potentially enable denial
    of service via local access.

  * CVE-2024-36293: A potential security vulnerability in some Intel Software
    Guard Extensions (Intel SGX) Platforms may allow denial of service. Intel is
    releasing microcode updates to mitigate this potential vulnerability.
  * CVE-2024-39355: A potential security vulnerability in some 13th and 14th
    Generation Intel Core Processors may allow denial of service. Intel is
    releasing microcode and UEFI reference code updates to mitigate this
    potential vulnerability.
  * CVE-2024-37020: A potential security vulnerability in the Intel Data
    Streaming Accelerator (Intel DSA) for some Intel Xeon Processors may allow
    denial of service. Intel is releasing software updates to mitigate this
    potential vulnerability.

New Platforms | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:--------- |
SRF-SP | C0 | 06-af-03/01 | | 03000330 | Xeon 6700-Series Processors with
E-Cores ### Updated Platforms | Processor | Stepping | F-M-S/PI | Old Ver | New
Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:--------- |
ADL | C0 | 06-97-02/07 | 00000037 | 00000038 | Core Gen12 | ADL | H0 |
06-97-05/07 | 00000037 | 00000038 | Core Gen12 | ADL | L0 | 06-9a-03/80 |
00000435 | 00000436 | Core Gen12 | ADL | R0 | 06-9a-04/80 | 00000435 | 00000436
| Core Gen12 | ADL-N | N0 | 06-be-00/19 | 0000001a | 0000001c | Core
i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E | AZB | A0/R0 |
06-9a-04/40 | 00000007 | 00000009 | Intel(R) Atom(R) C1100 | CFL-H | R0 |
06-9e-0d/22 | 00000100 | 00000102 | Core Gen9 Mobile | CFL-H/S/E3 | U0 |
06-9e-0a/22 | 000000f8 | 000000fa | Core Gen8 Desktop, Mobile, Xeon E | EMR-SP |
A0 | 06-cf-01/87 | 21000283 | 21000291 | Xeon Scalable Gen5 | EMR-SP | A1 |
06-cf-02/87 | 21000283 | 21000291 | Xeon Scalable Gen5 | ICL-D | B0 |
06-6c-01/10 | 010002b0 | 010002c0 | Xeon D-17xx, D-27xx | ICX-SP | Dx/M1 |
06-6a-06/87 | 0d0003e7 | 0d0003f5 | Xeon Scalable Gen3 | RPL-E/HX/S | B0 |
06-b7-01/32 | 0000012b | 0000012c | Core Gen13/Gen14 | RPL-H/P/PX 6+8 | J0 |
06-ba-02/e0 | 00004123 | 00004124 | Core Gen13 | RPL-HX/S | C0 | 06-bf-02/07 |
00000037 | 00000038 | Core Gen13/Gen14 | RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00004123
| 00004124 | Core Gen13 | RPL-S | H0 | 06-bf-05/07 | 00000037 | 00000038 | Core
Gen13/Gen14 | RKL-S | B0 | 06-a7-01/02 | 00000062 | 00000063 | Core Gen11 | SPR-
HBM | Bx | 06-8f-08/10 | 2c000390 | 2c0003e0 | Xeon Max | SPR-SP | E4/S2 |
06-8f-07/87 | 2b000603 | 2b000620 | Xeon Scalable Gen4 | SPR-SP | E5/S3 |
06-8f-08/87 | 2b000603 | 2b000620 | Xeon Scalable Gen4 | TWL | N0 | 06-be-00/19
| 0000001a | 0000001c | Core i3-N305/N300, N50/N97/N100/N200, Atom
x7211E/x7213E/x7425E ### New Disclosures Updated in Prior Releases | Processor |
Stepping | F-M-S/PI | Old Ver | New Ver | Products
|:---------------|:---------|:------------|:---------|:---------|:--------- |
CFL-H/S | P0 | 06-9e-0c/22 | 000000f6 | 000000f8 | Core Gen9

## Special Instructions and Notes:

  * Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-569=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-569=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * ucode-intel-debugsource-20250211-149.2
    * ucode-intel-20250211-149.2
    * ucode-intel-debuginfo-20250211-149.2
  * SUSE Linux Enterprise Server 12 SP5 LTSS (x86_64)
    * ucode-intel-debugsource-20250211-149.2
    * ucode-intel-20250211-149.2
    * ucode-intel-debuginfo-20250211-149.2

## References:

  * https://www.suse.com/security/cve/CVE-2024-31068.html
  * https://www.suse.com/security/cve/CVE-2024-36293.html
  * https://www.suse.com/security/cve/CVE-2024-37020.html
  * https://www.suse.com/security/cve/CVE-2024-39355.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237096

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250218/359d0a90/attachment.htm>

From null at suse.de  Tue Feb 18 08:30:08 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 18 Feb 2025 08:30:08 -0000
Subject: SUSE-RU-2025:0568-1: moderate: Recommended update for
 release-notes-sles
Message-ID: <173986740834.21560.4849290355777315464@smelt2.prg2.suse.org>



# Recommended update for release-notes-sles

Announcement ID: SUSE-RU-2025:0568-1  
Release Date:  
Rating: moderate  
References:

  * bsc#1233970
  * bsc#933411

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that has two fixes can now be installed.

## Description:

This update for release-notes-sles fixes the following issues:

  * Version update v12.5.20250211 (bsc#933411).
  * Fixed lifecycle information with proper version.
  * Improveed wording (bsc#1233970).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-568=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-568=1

  * SUSE Linux Enterprise High Performance Computing 12 SP5  
    zypper in -t patch SUSE-SLE-SERVER-INSTALLER-12-SP5-2025-568=1

  * SUSE Linux Enterprise Server 12 SP5  
    zypper in -t patch SUSE-SLE-SERVER-INSTALLER-12-SP5-2025-568=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch)
    * release-notes-sles-12.5.20250211-3.52.4
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch)
    * release-notes-sles-12.5.20250211-3.52.4
  * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch)
    * release-notes-sles-12.5.20250211-3.52.4
  * SUSE Linux Enterprise Server 12 SP5 (noarch)
    * release-notes-sles-12.5.20250211-3.52.4

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1233970
  * https://bugzilla.suse.com/show_bug.cgi?id=933411

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250218/7459f350/attachment.htm>

From null at suse.de  Tue Feb 18 12:30:04 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 18 Feb 2025 12:30:04 -0000
Subject: SUSE-RU-2025:0575-1: moderate: Recommended update for
 gtk4-branding-SLE
Message-ID: <173988180437.21560.12372361530784724991@smelt2.prg2.suse.org>



# Recommended update for gtk4-branding-SLE

Announcement ID: SUSE-RU-2025:0575-1  
Release Date: 2025-02-18T11:47:43Z  
Rating: moderate  
References:

  * bsc#1237092

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that has one fix can now be installed.

## Description:

This update for gtk4-branding-SLE fixes the following issues:

  * fixed for SP6 with newer gtk4.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-575=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-575=1

## Package List:

  * openSUSE Leap 15.6 (noarch)
    * gtk4-branding-SLE-15.0-150600.8.2.1
  * Basesystem Module 15-SP6 (noarch)
    * gtk4-branding-SLE-15.0-150600.8.2.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1237092

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250218/2d9070a1/attachment.htm>

From null at suse.de  Tue Feb 18 12:30:09 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 18 Feb 2025 12:30:09 -0000
Subject: SUSE-SU-2025:0574-1: important: Security update for emacs
Message-ID: <173988180957.21560.15283868266458544035@smelt2.prg2.suse.org>



# Security update for emacs

Announcement ID: SUSE-SU-2025:0574-1  
Release Date: 2025-02-18T09:36:24Z  
Rating: important  
References:

  * bsc#1237091

  
Cross-References:

  * CVE-2025-1244

  
CVSS scores:

  * CVE-2025-1244 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-1244 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1244 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for emacs fixes the following issues:

  * CVE-2025-1244: improper handling of custom "man" URI schemes allow for shell
    command injections. (bsc#1237091)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-574=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-574=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * emacs-nox-24.3-25.23.1
    * emacs-x11-24.3-25.23.1
    * emacs-debuginfo-24.3-25.23.1
    * etags-debuginfo-24.3-25.23.1
    * emacs-24.3-25.23.1
    * emacs-nox-debuginfo-24.3-25.23.1
    * etags-24.3-25.23.1
    * emacs-x11-debuginfo-24.3-25.23.1
    * emacs-debugsource-24.3-25.23.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch)
    * emacs-el-24.3-25.23.1
    * emacs-info-24.3-25.23.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * emacs-nox-24.3-25.23.1
    * emacs-x11-24.3-25.23.1
    * emacs-debuginfo-24.3-25.23.1
    * etags-debuginfo-24.3-25.23.1
    * emacs-24.3-25.23.1
    * emacs-nox-debuginfo-24.3-25.23.1
    * etags-24.3-25.23.1
    * emacs-x11-debuginfo-24.3-25.23.1
    * emacs-debugsource-24.3-25.23.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch)
    * emacs-el-24.3-25.23.1
    * emacs-info-24.3-25.23.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-1244.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237091

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250218/fb8ecbcf/attachment.htm>

From null at suse.de  Tue Feb 18 12:30:12 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 18 Feb 2025 12:30:12 -0000
Subject: SUSE-RU-2025:0573-1: moderate: Recommended update for yast2-sap-ha
Message-ID: <173988181296.21560.10854259823951545684@smelt2.prg2.suse.org>



# Recommended update for yast2-sap-ha

Announcement ID: SUSE-RU-2025:0573-1  
Release Date: 2025-02-18T08:56:10Z  
Rating: moderate  
References:

  * bsc#1235773

  
Affected Products:

  * openSUSE Leap 15.3
  * SAP Applications Module 15-SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3

  
  
An update that has one fix can now be installed.

## Description:

This update for yast2-sap-ha fixes the following issues:

  * Version update v4.3.1
  * yast sap_ha check if HDB is running on primary (bsc#1235773).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-573=1

  * SAP Applications Module 15-SP3  
    zypper in -t patch SUSE-SLE-Module-SAP-Applications-15-SP3-2025-573=1

## Package List:

  * openSUSE Leap 15.3 (noarch)
    * yast2-sap-ha-4.3.1-150300.10.11.1
  * SAP Applications Module 15-SP3 (noarch)
    * yast2-sap-ha-4.3.1-150300.10.11.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1235773

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250218/35726253/attachment.htm>

From null at suse.de  Tue Feb 18 12:30:16 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 18 Feb 2025 12:30:16 -0000
Subject: SUSE-RU-2025:0572-1: moderate: Recommended update for yast2-sap-ha
Message-ID: <173988181605.21560.18247695886317696579@smelt2.prg2.suse.org>



# Recommended update for yast2-sap-ha

Announcement ID: SUSE-RU-2025:0572-1  
Release Date: 2025-02-18T08:50:39Z  
Rating: moderate  
References:

  * bsc#1235773

  
Affected Products:

  * openSUSE Leap 15.4
  * SAP Applications Module 15-SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4

  
  
An update that has one fix can now be installed.

## Description:

This update for yast2-sap-ha fixes the following issues:

  * Version update v4.4.11.
  * yast sap_ha check if HDB is running on primary (bsc#1235773).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-572=1

  * SAP Applications Module 15-SP4  
    zypper in -t patch SUSE-SLE-Module-SAP-Applications-15-SP4-2025-572=1

## Package List:

  * openSUSE Leap 15.4 (noarch)
    * yast2-sap-ha-4.4.11-150400.13.20.2
  * SAP Applications Module 15-SP4 (noarch)
    * yast2-sap-ha-4.4.11-150400.13.20.2

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1235773

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250218/ed4bfd77/attachment.htm>

From null at suse.de  Tue Feb 18 12:30:20 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 18 Feb 2025 12:30:20 -0000
Subject: SUSE-RU-2025:0571-1: moderate: Recommended update for yast2-sap-ha
Message-ID: <173988182008.21560.6976380069323796354@smelt2.prg2.suse.org>



# Recommended update for yast2-sap-ha

Announcement ID: SUSE-RU-2025:0571-1  
Release Date: 2025-02-18T08:44:37Z  
Rating: moderate  
References:

  * bsc#1232807

  
Affected Products:

  * openSUSE Leap 15.6
  * SAP Applications Module 15-SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that has one fix can now be installed.

## Description:

This update for yast2-sap-ha fixes the following issue:

  * Adapt yast-sap-ha to new SAPHanaSR-angi (bsc#1232807).
  * Version update 4.6.4

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-571=1 SUSE-2025-571=1

  * SAP Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-SAP-Applications-15-SP6-2025-571=1

## Package List:

  * openSUSE Leap 15.6 (noarch)
    * yast2-sap-ha-4.6.4-150600.3.7.1
  * SAP Applications Module 15-SP6 (noarch)
    * yast2-sap-ha-4.6.4-150600.3.7.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1232807

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250218/b0c3bdd4/attachment.htm>

From null at suse.de  Tue Feb 18 12:30:22 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 18 Feb 2025 12:30:22 -0000
Subject: SUSE-RU-2025:0570-1: moderate: Recommended update for yast2-sap-ha
Message-ID: <173988182262.21560.11313746232013357034@smelt2.prg2.suse.org>



# Recommended update for yast2-sap-ha

Announcement ID: SUSE-RU-2025:0570-1  
Release Date: 2025-02-18T08:42:01Z  
Rating: moderate  
References:

  * bsc#1232807
  * bsc#1235773

  
Affected Products:

  * openSUSE Leap 15.5
  * SAP Applications Module 15-SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5

  
  
An update that has two fixes can now be installed.

## Description:

This update for yast2-sap-ha fixes the following issues:

  * Version update 4.5.13
  * yast sap_ha check if HDB is running on primary (bsc#1235773).
  * yast-sap-ha does not support SAPHanaSR-angi (bsc#1232807).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-570=1

  * SAP Applications Module 15-SP5  
    zypper in -t patch SUSE-SLE-Module-SAP-Applications-15-SP5-2025-570=1

## Package List:

  * openSUSE Leap 15.5 (noarch)
    * yast2-sap-ha-4.5.13-150500.3.16.3
  * SAP Applications Module 15-SP5 (noarch)
    * yast2-sap-ha-4.5.13-150500.3.16.3

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1232807
  * https://bugzilla.suse.com/show_bug.cgi?id=1235773

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250218/cf69e578/attachment.htm>

From null at suse.de  Tue Feb 18 16:30:05 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 18 Feb 2025 16:30:05 -0000
Subject: SUSE-RU-2025:0584-1: moderate: Recommended update for 389-ds
Message-ID: <173989620540.21560.2216444153860473222@smelt2.prg2.suse.org>



# Recommended update for 389-ds

Announcement ID: SUSE-RU-2025:0584-1  
Release Date: 2025-02-18T15:11:53Z  
Rating: moderate  
References:

  * bsc#1230852

  
Affected Products:

  * openSUSE Leap 15.6
  * Server Applications Module 15-SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that has one fix can now be installed.

## Description:

This update for 389-ds fixes the following issues:

  * persist extracted key path for ldap_ssl_client_init over repeat invocations
    (bsc#1230852).
  * Version update v2.2.10~git55.6a75e944:

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-584=1 SUSE-2025-584=1

  * Server Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-584=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * 389-ds-devel-2.2.10~git55.6a75e944-150600.8.13.2
    * 389-ds-2.2.10~git55.6a75e944-150600.8.13.2
    * libsvrcore0-debuginfo-2.2.10~git55.6a75e944-150600.8.13.2
    * libsvrcore0-2.2.10~git55.6a75e944-150600.8.13.2
    * lib389-2.2.10~git55.6a75e944-150600.8.13.2
    * 389-ds-snmp-debuginfo-2.2.10~git55.6a75e944-150600.8.13.2
    * 389-ds-debugsource-2.2.10~git55.6a75e944-150600.8.13.2
    * 389-ds-snmp-2.2.10~git55.6a75e944-150600.8.13.2
    * 389-ds-debuginfo-2.2.10~git55.6a75e944-150600.8.13.2
  * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * 389-ds-devel-2.2.10~git55.6a75e944-150600.8.13.2
    * 389-ds-2.2.10~git55.6a75e944-150600.8.13.2
    * libsvrcore0-debuginfo-2.2.10~git55.6a75e944-150600.8.13.2
    * libsvrcore0-2.2.10~git55.6a75e944-150600.8.13.2
    * lib389-2.2.10~git55.6a75e944-150600.8.13.2
    * 389-ds-debugsource-2.2.10~git55.6a75e944-150600.8.13.2
    * 389-ds-debuginfo-2.2.10~git55.6a75e944-150600.8.13.2

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1230852

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250218/106a1052/attachment.htm>

From null at suse.de  Tue Feb 18 16:30:09 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 18 Feb 2025 16:30:09 -0000
Subject: SUSE-SU-2025:0583-1: important: Security update for openvswitch
Message-ID: <173989620931.21560.2935458515054915155@smelt2.prg2.suse.org>



# Security update for openvswitch

Announcement ID: SUSE-SU-2025:0583-1  
Release Date: 2025-02-18T15:02:50Z  
Rating: important  
References:

  * bsc#1236353

  
Cross-References:

  * CVE-2025-0650

  
CVSS scores:

  * CVE-2025-0650 ( SUSE ):  9.2
    CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-0650 ( SUSE ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0650 ( NVD ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.6
  * Server Applications Module 15-SP6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Package Hub 15 15-SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for openvswitch fixes the following issues:

  * CVE-2025-0650: ovn: egress ACLs may be bypassed via specially crafted UDP
    packet (bsc#1236353).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-583=1 openSUSE-SLE-15.6-2025-583=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-583=1

  * Server Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-583=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * openvswitch-debuginfo-3.1.0-150600.33.6.1
    * ovn-vtep-debuginfo-23.03.0-150600.33.6.1
    * ovn-host-debuginfo-23.03.0-150600.33.6.1
    * openvswitch-debugsource-3.1.0-150600.33.6.1
    * openvswitch-ipsec-3.1.0-150600.33.6.1
    * openvswitch-test-debuginfo-3.1.0-150600.33.6.1
    * openvswitch-test-3.1.0-150600.33.6.1
    * openvswitch-vtep-3.1.0-150600.33.6.1
    * ovn-23.03.0-150600.33.6.1
    * openvswitch-devel-3.1.0-150600.33.6.1
    * openvswitch-3.1.0-150600.33.6.1
    * ovn-vtep-23.03.0-150600.33.6.1
    * libopenvswitch-3_1-0-debuginfo-3.1.0-150600.33.6.1
    * python3-ovs-3.1.0-150600.33.6.1
    * ovn-central-23.03.0-150600.33.6.1
    * ovn-debuginfo-23.03.0-150600.33.6.1
    * libopenvswitch-3_1-0-3.1.0-150600.33.6.1
    * ovn-central-debuginfo-23.03.0-150600.33.6.1
    * openvswitch-pki-3.1.0-150600.33.6.1
    * libovn-23_03-0-23.03.0-150600.33.6.1
    * ovn-docker-23.03.0-150600.33.6.1
    * openvswitch-vtep-debuginfo-3.1.0-150600.33.6.1
    * libovn-23_03-0-debuginfo-23.03.0-150600.33.6.1
    * ovn-host-23.03.0-150600.33.6.1
    * ovn-devel-23.03.0-150600.33.6.1
  * openSUSE Leap 15.6 (noarch)
    * openvswitch-doc-3.1.0-150600.33.6.1
    * ovn-doc-23.03.0-150600.33.6.1
  * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64)
    * python3-ovs-3.1.0-150600.33.6.1
    * openvswitch-debuginfo-3.1.0-150600.33.6.1
    * openvswitch-debugsource-3.1.0-150600.33.6.1
  * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * openvswitch-debuginfo-3.1.0-150600.33.6.1
    * ovn-vtep-debuginfo-23.03.0-150600.33.6.1
    * ovn-host-debuginfo-23.03.0-150600.33.6.1
    * openvswitch-debugsource-3.1.0-150600.33.6.1
    * openvswitch-ipsec-3.1.0-150600.33.6.1
    * openvswitch-test-debuginfo-3.1.0-150600.33.6.1
    * openvswitch-test-3.1.0-150600.33.6.1
    * openvswitch-vtep-3.1.0-150600.33.6.1
    * ovn-23.03.0-150600.33.6.1
    * openvswitch-devel-3.1.0-150600.33.6.1
    * openvswitch-3.1.0-150600.33.6.1
    * ovn-vtep-23.03.0-150600.33.6.1
    * libopenvswitch-3_1-0-debuginfo-3.1.0-150600.33.6.1
    * python3-ovs-3.1.0-150600.33.6.1
    * ovn-central-23.03.0-150600.33.6.1
    * ovn-debuginfo-23.03.0-150600.33.6.1
    * libopenvswitch-3_1-0-3.1.0-150600.33.6.1
    * ovn-central-debuginfo-23.03.0-150600.33.6.1
    * openvswitch-pki-3.1.0-150600.33.6.1
    * libovn-23_03-0-23.03.0-150600.33.6.1
    * ovn-docker-23.03.0-150600.33.6.1
    * openvswitch-vtep-debuginfo-3.1.0-150600.33.6.1
    * libovn-23_03-0-debuginfo-23.03.0-150600.33.6.1
    * ovn-host-23.03.0-150600.33.6.1
    * ovn-devel-23.03.0-150600.33.6.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-0650.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236353

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250218/dfbc2815/attachment.htm>

From null at suse.de  Tue Feb 18 16:30:11 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 18 Feb 2025 16:30:11 -0000
Subject: SUSE-SU-2025:0582-1: low: Security update for glibc
Message-ID: <173989621191.21560.11020426771844047665@smelt2.prg2.suse.org>



# Security update for glibc

Announcement ID: SUSE-SU-2025:0582-1  
Release Date: 2025-02-18T14:55:38Z  
Rating: low  
References:

  * bsc#1236282

  
Cross-References:

  * CVE-2025-0395

  
CVSS scores:

  * CVE-2025-0395 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-0395 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
  * CVE-2025-0395 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * Development Tools Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for glibc fixes the following issues:

  * CVE-2025-0395: Fix underallocation of abort_msg_s struct (bsc#1236282)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-582=1 SUSE-2025-582=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-582=1

  * Development Tools Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-582=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586 i686)
    * glibc-locale-base-debuginfo-2.38-150600.14.23.1
    * glibc-devel-debuginfo-2.38-150600.14.23.1
    * glibc-profile-2.38-150600.14.23.1
    * glibc-debugsource-2.38-150600.14.23.1
    * libnsl1-2.38-150600.14.23.1
    * libnsl1-debuginfo-2.38-150600.14.23.1
    * glibc-debuginfo-2.38-150600.14.23.1
    * glibc-locale-base-2.38-150600.14.23.1
    * glibc-devel-2.38-150600.14.23.1
    * glibc-devel-static-2.38-150600.14.23.1
    * glibc-locale-2.38-150600.14.23.1
    * glibc-2.38-150600.14.23.1
  * openSUSE Leap 15.6 (x86_64)
    * glibc-utils-32bit-debuginfo-2.38-150600.14.23.1
    * glibc-devel-32bit-2.38-150600.14.23.1
    * glibc-32bit-debuginfo-2.38-150600.14.23.1
    * libnsl1-32bit-2.38-150600.14.23.1
    * libnsl1-32bit-debuginfo-2.38-150600.14.23.1
    * glibc-locale-base-32bit-2.38-150600.14.23.1
    * glibc-locale-base-32bit-debuginfo-2.38-150600.14.23.1
    * glibc-profile-32bit-2.38-150600.14.23.1
    * glibc-devel-32bit-debuginfo-2.38-150600.14.23.1
    * glibc-32bit-2.38-150600.14.23.1
    * glibc-devel-static-32bit-2.38-150600.14.23.1
    * glibc-utils-32bit-2.38-150600.14.23.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * glibc-utils-debuginfo-2.38-150600.14.23.1
    * nscd-debuginfo-2.38-150600.14.23.1
    * nscd-2.38-150600.14.23.1
    * glibc-extra-2.38-150600.14.23.1
    * glibc-utils-2.38-150600.14.23.1
    * glibc-extra-debuginfo-2.38-150600.14.23.1
    * glibc-utils-src-debugsource-2.38-150600.14.23.1
  * openSUSE Leap 15.6 (noarch)
    * glibc-lang-2.38-150600.14.23.1
    * glibc-info-2.38-150600.14.23.1
    * glibc-i18ndata-2.38-150600.14.23.1
    * glibc-html-2.38-150600.14.23.1
  * openSUSE Leap 15.6 (aarch64_ilp32)
    * glibc-devel-static-64bit-2.38-150600.14.23.1
    * glibc-utils-64bit-debuginfo-2.38-150600.14.23.1
    * glibc-64bit-debuginfo-2.38-150600.14.23.1
    * libnsl1-64bit-debuginfo-2.38-150600.14.23.1
    * glibc-locale-base-64bit-debuginfo-2.38-150600.14.23.1
    * glibc-profile-64bit-2.38-150600.14.23.1
    * glibc-utils-64bit-2.38-150600.14.23.1
    * glibc-locale-base-64bit-2.38-150600.14.23.1
    * glibc-devel-64bit-2.38-150600.14.23.1
    * glibc-64bit-2.38-150600.14.23.1
    * libnsl1-64bit-2.38-150600.14.23.1
    * glibc-devel-64bit-debuginfo-2.38-150600.14.23.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * glibc-locale-base-debuginfo-2.38-150600.14.23.1
    * nscd-debuginfo-2.38-150600.14.23.1
    * glibc-devel-debuginfo-2.38-150600.14.23.1
    * glibc-profile-2.38-150600.14.23.1
    * glibc-debugsource-2.38-150600.14.23.1
    * nscd-2.38-150600.14.23.1
    * glibc-extra-2.38-150600.14.23.1
    * libnsl1-2.38-150600.14.23.1
    * libnsl1-debuginfo-2.38-150600.14.23.1
    * glibc-debuginfo-2.38-150600.14.23.1
    * glibc-locale-base-2.38-150600.14.23.1
    * glibc-extra-debuginfo-2.38-150600.14.23.1
    * glibc-devel-2.38-150600.14.23.1
    * glibc-locale-2.38-150600.14.23.1
    * glibc-2.38-150600.14.23.1
  * Basesystem Module 15-SP6 (noarch)
    * glibc-lang-2.38-150600.14.23.1
    * glibc-i18ndata-2.38-150600.14.23.1
    * glibc-info-2.38-150600.14.23.1
  * Basesystem Module 15-SP6 (x86_64)
    * glibc-32bit-debuginfo-2.38-150600.14.23.1
    * libnsl1-32bit-2.38-150600.14.23.1
    * libnsl1-32bit-debuginfo-2.38-150600.14.23.1
    * glibc-locale-base-32bit-2.38-150600.14.23.1
    * glibc-locale-base-32bit-debuginfo-2.38-150600.14.23.1
    * glibc-32bit-2.38-150600.14.23.1
  * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * glibc-utils-debuginfo-2.38-150600.14.23.1
    * glibc-debugsource-2.38-150600.14.23.1
    * glibc-debuginfo-2.38-150600.14.23.1
    * glibc-utils-2.38-150600.14.23.1
    * glibc-devel-static-2.38-150600.14.23.1
    * glibc-utils-src-debugsource-2.38-150600.14.23.1
  * Development Tools Module 15-SP6 (x86_64)
    * glibc-devel-32bit-2.38-150600.14.23.1
    * glibc-32bit-debuginfo-2.38-150600.14.23.1
    * glibc-devel-32bit-debuginfo-2.38-150600.14.23.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-0395.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236282

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250218/c4771549/attachment.htm>

From null at suse.de  Tue Feb 18 16:30:14 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 18 Feb 2025 16:30:14 -0000
Subject: SUSE-SU-2025:0581-1: moderate: Security update for buildah
Message-ID: <173989621418.21560.9733020546525232014@smelt2.prg2.suse.org>



# Security update for buildah

Announcement ID: SUSE-SU-2025:0581-1  
Release Date: 2025-02-18T14:54:18Z  
Rating: moderate  
References:

  * bsc#1236531

  
Cross-References:

  * CVE-2023-45288

  
CVSS scores:

  * CVE-2023-45288 ( SUSE ):  6.9
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2023-45288 ( SUSE ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

  
Affected Products:

  * Containers Module 15-SP6
  * openSUSE Leap 15.5
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for buildah fixes the following issues:

  * CVE-2023-45288: possible excessive CPU consumption due to no limit being set
    on the number of CONTINUATION frames read for an HTTP/2 request in
    golang.org/x/net/http2. (bsc#1236531)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-581=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-581=1

  * Containers Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-581=1

## Package List:

  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
    * buildah-1.35.5-150500.3.28.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * buildah-1.35.5-150500.3.28.1
  * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * buildah-1.35.5-150500.3.28.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-45288.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236531

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250218/a5dc509d/attachment.htm>

From null at suse.de  Tue Feb 18 16:30:16 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 18 Feb 2025 16:30:16 -0000
Subject: SUSE-SU-2025:0580-1: important: Security update for
 google-osconfig-agent
Message-ID: <173989621657.21560.15641518982740792204@smelt2.prg2.suse.org>



# Security update for google-osconfig-agent

Announcement ID: SUSE-SU-2025:0580-1  
Release Date: 2025-02-18T14:52:44Z  
Rating: important  
References:

  * bsc#1236560

  
Cross-References:

  * CVE-2024-45339

  
CVSS scores:

  * CVE-2024-45339 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-45339 ( SUSE ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
  * CVE-2024-45339 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

  
Affected Products:

  * Public Cloud Module 12
  * SUSE Linux Enterprise High Performance Computing 12 SP2
  * SUSE Linux Enterprise High Performance Computing 12 SP3
  * SUSE Linux Enterprise High Performance Computing 12 SP4
  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12
  * SUSE Linux Enterprise Server 12 SP1
  * SUSE Linux Enterprise Server 12 SP2
  * SUSE Linux Enterprise Server 12 SP3
  * SUSE Linux Enterprise Server 12 SP4
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server for SAP Applications 12
  * SUSE Linux Enterprise Server for SAP Applications 12 SP1
  * SUSE Linux Enterprise Server for SAP Applications 12 SP2
  * SUSE Linux Enterprise Server for SAP Applications 12 SP3
  * SUSE Linux Enterprise Server for SAP Applications 12 SP4
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for google-osconfig-agent fixes the following issues:

  * CVE-2024-45339: github.com/golang/glog: a privileged process' log file path
    can be easily predicted and used to overwrite other sensitive files in a
    system. (bsc#1236560)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * Public Cloud Module 12  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2025-580=1

## Package List:

  * Public Cloud Module 12 (aarch64 ppc64le s390x x86_64)
    * google-osconfig-agent-20250115.01-1.35.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-45339.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236560

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250218/4c222949/attachment.htm>

From null at suse.de  Tue Feb 18 16:30:19 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 18 Feb 2025 16:30:19 -0000
Subject: SUSE-SU-2025:0579-1: moderate: Security update for podman
Message-ID: <173989621932.21560.5414616787126168330@smelt2.prg2.suse.org>



# Security update for podman

Announcement ID: SUSE-SU-2025:0579-1  
Release Date: 2025-02-18T13:00:27Z  
Rating: moderate  
References:

  * bsc#1227052
  * bsc#1236507

  
Cross-References:

  * CVE-2023-45288
  * CVE-2024-6104

  
CVSS scores:

  * CVE-2023-45288 ( SUSE ):  6.9
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2023-45288 ( SUSE ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-6104 ( SUSE ):  6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
  * CVE-2024-6104 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for podman fixes the following issues:

  * CVE-2024-6104: possible sensitive data exposure due to hashicorp/go-
    retryablehttp not sanitizing URLs when writing them to log files.
    (bsc#1227052)
  * CVE-2023-45288: possible excessive CPU consumption due to no limit being set
    on the number of CONTINUATION frames read for an HTTP/2 request in
    golang.org/x/net/http2. (bsc#1236507)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-579=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-579=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-579=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-579=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-579=1

## Package List:

  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * podmansh-4.9.5-150400.4.38.1
    * podman-remote-debuginfo-4.9.5-150400.4.38.1
    * podman-debuginfo-4.9.5-150400.4.38.1
    * podman-4.9.5-150400.4.38.1
    * podman-remote-4.9.5-150400.4.38.1
  * openSUSE Leap 15.4 (noarch)
    * podman-docker-4.9.5-150400.4.38.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * podman-4.9.5-150400.4.38.1
    * podman-remote-4.9.5-150400.4.38.1
    * podman-remote-debuginfo-4.9.5-150400.4.38.1
    * podman-debuginfo-4.9.5-150400.4.38.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * podman-4.9.5-150400.4.38.1
    * podman-remote-4.9.5-150400.4.38.1
    * podman-remote-debuginfo-4.9.5-150400.4.38.1
    * podman-debuginfo-4.9.5-150400.4.38.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * podman-4.9.5-150400.4.38.1
    * podman-remote-4.9.5-150400.4.38.1
    * podman-remote-debuginfo-4.9.5-150400.4.38.1
    * podman-debuginfo-4.9.5-150400.4.38.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * podman-4.9.5-150400.4.38.1
    * podman-remote-4.9.5-150400.4.38.1
    * podman-remote-debuginfo-4.9.5-150400.4.38.1
    * podman-debuginfo-4.9.5-150400.4.38.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-45288.html
  * https://www.suse.com/security/cve/CVE-2024-6104.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1227052
  * https://bugzilla.suse.com/show_bug.cgi?id=1236507

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250218/97243721/attachment.htm>

From null at suse.de  Tue Feb 18 16:30:24 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 18 Feb 2025 16:30:24 -0000
Subject: SUSE-SU-2025:0578-1: important: Security update for openvswitch
Message-ID: <173989622441.21560.9687596010179967623@smelt2.prg2.suse.org>



# Security update for openvswitch

Announcement ID: SUSE-SU-2025:0578-1  
Release Date: 2025-02-18T12:53:28Z  
Rating: important  
References:

  * bsc#1236353

  
Cross-References:

  * CVE-2025-0650

  
CVSS scores:

  * CVE-2025-0650 ( SUSE ):  9.2
    CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-0650 ( SUSE ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0650 ( NVD ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for openvswitch fixes the following issues:

  * CVE-2025-0650: ovn: egress ACLs may be bypassed via specially crafted UDP
    packet (bsc#1236353).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-578=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-578=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-578=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-578=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-578=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-578=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-578=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-578=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-578=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-578=1

## Package List:

  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * libovn-20_06-0-20.06.2-150400.24.26.1
    * openvswitch-debugsource-2.14.2-150400.24.26.1
    * ovn-central-20.06.2-150400.24.26.1
    * ovn-host-debuginfo-20.06.2-150400.24.26.1
    * ovn-devel-20.06.2-150400.24.26.1
    * ovn-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-devel-2.14.2-150400.24.26.1
    * ovn-vtep-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-ipsec-2.14.2-150400.24.26.1
    * openvswitch-vtep-debuginfo-2.14.2-150400.24.26.1
    * ovn-vtep-20.06.2-150400.24.26.1
    * libovn-20_06-0-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-pki-2.14.2-150400.24.26.1
    * ovn-host-20.06.2-150400.24.26.1
    * libopenvswitch-2_14-0-2.14.2-150400.24.26.1
    * python3-ovs-2.14.2-150400.24.26.1
    * openvswitch-2.14.2-150400.24.26.1
    * openvswitch-test-debuginfo-2.14.2-150400.24.26.1
    * ovn-central-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-test-2.14.2-150400.24.26.1
    * openvswitch-vtep-2.14.2-150400.24.26.1
    * libopenvswitch-2_14-0-debuginfo-2.14.2-150400.24.26.1
    * ovn-20.06.2-150400.24.26.1
    * openvswitch-debuginfo-2.14.2-150400.24.26.1
    * ovn-docker-20.06.2-150400.24.26.1
  * openSUSE Leap 15.4 (noarch)
    * ovn-doc-20.06.2-150400.24.26.1
    * openvswitch-doc-2.14.2-150400.24.26.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * libovn-20_06-0-20.06.2-150400.24.26.1
    * openvswitch-debugsource-2.14.2-150400.24.26.1
    * ovn-central-20.06.2-150400.24.26.1
    * ovn-host-debuginfo-20.06.2-150400.24.26.1
    * ovn-devel-20.06.2-150400.24.26.1
    * ovn-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-devel-2.14.2-150400.24.26.1
    * ovn-vtep-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-ipsec-2.14.2-150400.24.26.1
    * openvswitch-vtep-debuginfo-2.14.2-150400.24.26.1
    * ovn-vtep-20.06.2-150400.24.26.1
    * libovn-20_06-0-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-pki-2.14.2-150400.24.26.1
    * ovn-host-20.06.2-150400.24.26.1
    * libopenvswitch-2_14-0-2.14.2-150400.24.26.1
    * python3-ovs-2.14.2-150400.24.26.1
    * openvswitch-2.14.2-150400.24.26.1
    * openvswitch-test-debuginfo-2.14.2-150400.24.26.1
    * ovn-central-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-test-2.14.2-150400.24.26.1
    * openvswitch-vtep-2.14.2-150400.24.26.1
    * libopenvswitch-2_14-0-debuginfo-2.14.2-150400.24.26.1
    * ovn-20.06.2-150400.24.26.1
    * openvswitch-debuginfo-2.14.2-150400.24.26.1
    * ovn-docker-20.06.2-150400.24.26.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * libovn-20_06-0-20.06.2-150400.24.26.1
    * openvswitch-debugsource-2.14.2-150400.24.26.1
    * ovn-central-20.06.2-150400.24.26.1
    * ovn-host-debuginfo-20.06.2-150400.24.26.1
    * ovn-devel-20.06.2-150400.24.26.1
    * ovn-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-devel-2.14.2-150400.24.26.1
    * ovn-vtep-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-ipsec-2.14.2-150400.24.26.1
    * openvswitch-vtep-debuginfo-2.14.2-150400.24.26.1
    * ovn-vtep-20.06.2-150400.24.26.1
    * libovn-20_06-0-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-pki-2.14.2-150400.24.26.1
    * ovn-host-20.06.2-150400.24.26.1
    * libopenvswitch-2_14-0-2.14.2-150400.24.26.1
    * python3-ovs-2.14.2-150400.24.26.1
    * openvswitch-2.14.2-150400.24.26.1
    * openvswitch-test-debuginfo-2.14.2-150400.24.26.1
    * ovn-central-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-test-2.14.2-150400.24.26.1
    * openvswitch-vtep-2.14.2-150400.24.26.1
    * libopenvswitch-2_14-0-debuginfo-2.14.2-150400.24.26.1
    * ovn-20.06.2-150400.24.26.1
    * openvswitch-debuginfo-2.14.2-150400.24.26.1
    * ovn-docker-20.06.2-150400.24.26.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * libovn-20_06-0-20.06.2-150400.24.26.1
    * openvswitch-debugsource-2.14.2-150400.24.26.1
    * ovn-central-20.06.2-150400.24.26.1
    * ovn-host-debuginfo-20.06.2-150400.24.26.1
    * ovn-devel-20.06.2-150400.24.26.1
    * ovn-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-devel-2.14.2-150400.24.26.1
    * ovn-vtep-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-ipsec-2.14.2-150400.24.26.1
    * openvswitch-vtep-debuginfo-2.14.2-150400.24.26.1
    * ovn-vtep-20.06.2-150400.24.26.1
    * libovn-20_06-0-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-pki-2.14.2-150400.24.26.1
    * ovn-host-20.06.2-150400.24.26.1
    * libopenvswitch-2_14-0-2.14.2-150400.24.26.1
    * python3-ovs-2.14.2-150400.24.26.1
    * openvswitch-2.14.2-150400.24.26.1
    * openvswitch-test-debuginfo-2.14.2-150400.24.26.1
    * ovn-central-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-test-2.14.2-150400.24.26.1
    * openvswitch-vtep-2.14.2-150400.24.26.1
    * libopenvswitch-2_14-0-debuginfo-2.14.2-150400.24.26.1
    * ovn-20.06.2-150400.24.26.1
    * openvswitch-debuginfo-2.14.2-150400.24.26.1
    * ovn-docker-20.06.2-150400.24.26.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * libovn-20_06-0-20.06.2-150400.24.26.1
    * openvswitch-debugsource-2.14.2-150400.24.26.1
    * ovn-central-20.06.2-150400.24.26.1
    * ovn-host-debuginfo-20.06.2-150400.24.26.1
    * ovn-devel-20.06.2-150400.24.26.1
    * ovn-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-devel-2.14.2-150400.24.26.1
    * ovn-vtep-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-ipsec-2.14.2-150400.24.26.1
    * openvswitch-vtep-debuginfo-2.14.2-150400.24.26.1
    * ovn-vtep-20.06.2-150400.24.26.1
    * libovn-20_06-0-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-pki-2.14.2-150400.24.26.1
    * ovn-host-20.06.2-150400.24.26.1
    * libopenvswitch-2_14-0-2.14.2-150400.24.26.1
    * python3-ovs-2.14.2-150400.24.26.1
    * openvswitch-2.14.2-150400.24.26.1
    * openvswitch-test-debuginfo-2.14.2-150400.24.26.1
    * ovn-central-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-test-2.14.2-150400.24.26.1
    * openvswitch-vtep-2.14.2-150400.24.26.1
    * libopenvswitch-2_14-0-debuginfo-2.14.2-150400.24.26.1
    * ovn-20.06.2-150400.24.26.1
    * openvswitch-debuginfo-2.14.2-150400.24.26.1
    * ovn-docker-20.06.2-150400.24.26.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * libovn-20_06-0-20.06.2-150400.24.26.1
    * openvswitch-debugsource-2.14.2-150400.24.26.1
    * ovn-central-20.06.2-150400.24.26.1
    * ovn-host-debuginfo-20.06.2-150400.24.26.1
    * ovn-devel-20.06.2-150400.24.26.1
    * ovn-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-devel-2.14.2-150400.24.26.1
    * ovn-vtep-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-ipsec-2.14.2-150400.24.26.1
    * openvswitch-vtep-debuginfo-2.14.2-150400.24.26.1
    * ovn-vtep-20.06.2-150400.24.26.1
    * libovn-20_06-0-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-pki-2.14.2-150400.24.26.1
    * ovn-host-20.06.2-150400.24.26.1
    * libopenvswitch-2_14-0-2.14.2-150400.24.26.1
    * python3-ovs-2.14.2-150400.24.26.1
    * openvswitch-2.14.2-150400.24.26.1
    * openvswitch-test-debuginfo-2.14.2-150400.24.26.1
    * ovn-central-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-test-2.14.2-150400.24.26.1
    * openvswitch-vtep-2.14.2-150400.24.26.1
    * libopenvswitch-2_14-0-debuginfo-2.14.2-150400.24.26.1
    * ovn-20.06.2-150400.24.26.1
    * openvswitch-debuginfo-2.14.2-150400.24.26.1
    * ovn-docker-20.06.2-150400.24.26.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * libovn-20_06-0-20.06.2-150400.24.26.1
    * openvswitch-debugsource-2.14.2-150400.24.26.1
    * ovn-central-20.06.2-150400.24.26.1
    * ovn-host-debuginfo-20.06.2-150400.24.26.1
    * ovn-devel-20.06.2-150400.24.26.1
    * ovn-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-devel-2.14.2-150400.24.26.1
    * ovn-vtep-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-ipsec-2.14.2-150400.24.26.1
    * openvswitch-vtep-debuginfo-2.14.2-150400.24.26.1
    * ovn-vtep-20.06.2-150400.24.26.1
    * libovn-20_06-0-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-pki-2.14.2-150400.24.26.1
    * ovn-host-20.06.2-150400.24.26.1
    * libopenvswitch-2_14-0-2.14.2-150400.24.26.1
    * python3-ovs-2.14.2-150400.24.26.1
    * openvswitch-2.14.2-150400.24.26.1
    * openvswitch-test-debuginfo-2.14.2-150400.24.26.1
    * ovn-central-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-test-2.14.2-150400.24.26.1
    * openvswitch-vtep-2.14.2-150400.24.26.1
    * libopenvswitch-2_14-0-debuginfo-2.14.2-150400.24.26.1
    * ovn-20.06.2-150400.24.26.1
    * openvswitch-debuginfo-2.14.2-150400.24.26.1
    * ovn-docker-20.06.2-150400.24.26.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * libovn-20_06-0-20.06.2-150400.24.26.1
    * openvswitch-debugsource-2.14.2-150400.24.26.1
    * ovn-central-20.06.2-150400.24.26.1
    * ovn-host-debuginfo-20.06.2-150400.24.26.1
    * ovn-devel-20.06.2-150400.24.26.1
    * ovn-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-devel-2.14.2-150400.24.26.1
    * ovn-vtep-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-ipsec-2.14.2-150400.24.26.1
    * openvswitch-vtep-debuginfo-2.14.2-150400.24.26.1
    * ovn-vtep-20.06.2-150400.24.26.1
    * libovn-20_06-0-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-pki-2.14.2-150400.24.26.1
    * ovn-host-20.06.2-150400.24.26.1
    * libopenvswitch-2_14-0-2.14.2-150400.24.26.1
    * python3-ovs-2.14.2-150400.24.26.1
    * openvswitch-2.14.2-150400.24.26.1
    * openvswitch-test-debuginfo-2.14.2-150400.24.26.1
    * ovn-central-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-test-2.14.2-150400.24.26.1
    * openvswitch-vtep-2.14.2-150400.24.26.1
    * libopenvswitch-2_14-0-debuginfo-2.14.2-150400.24.26.1
    * ovn-20.06.2-150400.24.26.1
    * openvswitch-debuginfo-2.14.2-150400.24.26.1
    * ovn-docker-20.06.2-150400.24.26.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * libovn-20_06-0-20.06.2-150400.24.26.1
    * openvswitch-debugsource-2.14.2-150400.24.26.1
    * ovn-central-20.06.2-150400.24.26.1
    * ovn-host-debuginfo-20.06.2-150400.24.26.1
    * ovn-devel-20.06.2-150400.24.26.1
    * ovn-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-devel-2.14.2-150400.24.26.1
    * ovn-vtep-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-ipsec-2.14.2-150400.24.26.1
    * openvswitch-vtep-debuginfo-2.14.2-150400.24.26.1
    * ovn-vtep-20.06.2-150400.24.26.1
    * libovn-20_06-0-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-pki-2.14.2-150400.24.26.1
    * ovn-host-20.06.2-150400.24.26.1
    * libopenvswitch-2_14-0-2.14.2-150400.24.26.1
    * python3-ovs-2.14.2-150400.24.26.1
    * openvswitch-2.14.2-150400.24.26.1
    * openvswitch-test-debuginfo-2.14.2-150400.24.26.1
    * ovn-central-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-test-2.14.2-150400.24.26.1
    * openvswitch-vtep-2.14.2-150400.24.26.1
    * libopenvswitch-2_14-0-debuginfo-2.14.2-150400.24.26.1
    * ovn-20.06.2-150400.24.26.1
    * openvswitch-debuginfo-2.14.2-150400.24.26.1
    * ovn-docker-20.06.2-150400.24.26.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * libovn-20_06-0-20.06.2-150400.24.26.1
    * openvswitch-debugsource-2.14.2-150400.24.26.1
    * ovn-central-20.06.2-150400.24.26.1
    * ovn-host-debuginfo-20.06.2-150400.24.26.1
    * ovn-devel-20.06.2-150400.24.26.1
    * ovn-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-devel-2.14.2-150400.24.26.1
    * ovn-vtep-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-ipsec-2.14.2-150400.24.26.1
    * openvswitch-vtep-debuginfo-2.14.2-150400.24.26.1
    * ovn-vtep-20.06.2-150400.24.26.1
    * libovn-20_06-0-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-pki-2.14.2-150400.24.26.1
    * ovn-host-20.06.2-150400.24.26.1
    * libopenvswitch-2_14-0-2.14.2-150400.24.26.1
    * python3-ovs-2.14.2-150400.24.26.1
    * openvswitch-2.14.2-150400.24.26.1
    * openvswitch-test-debuginfo-2.14.2-150400.24.26.1
    * ovn-central-debuginfo-20.06.2-150400.24.26.1
    * openvswitch-test-2.14.2-150400.24.26.1
    * openvswitch-vtep-2.14.2-150400.24.26.1
    * libopenvswitch-2_14-0-debuginfo-2.14.2-150400.24.26.1
    * ovn-20.06.2-150400.24.26.1
    * openvswitch-debuginfo-2.14.2-150400.24.26.1
    * ovn-docker-20.06.2-150400.24.26.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-0650.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236353

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250218/c2d31ec6/attachment.htm>

From null at suse.de  Tue Feb 18 16:31:45 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 18 Feb 2025 16:31:45 -0000
Subject: SUSE-SU-2025:0577-1: important: Security update for the Linux Kernel
Message-ID: <173989630565.21560.2516527079481145386@smelt2.prg2.suse.org>



# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2025:0577-1  
Release Date: 2025-02-18T12:51:54Z  
Rating: important  
References:

  * bsc#1194869
  * bsc#1216813
  * bsc#1223384
  * bsc#1225736
  * bsc#1226848
  * bsc#1226980
  * bsc#1228537
  * bsc#1228592
  * bsc#1230341
  * bsc#1230432
  * bsc#1230527
  * bsc#1230697
  * bsc#1231088
  * bsc#1231847
  * bsc#1232914
  * bsc#1233028
  * bsc#1233055
  * bsc#1233097
  * bsc#1233103
  * bsc#1233112
  * bsc#1233464
  * bsc#1233488
  * bsc#1233642
  * bsc#1233778
  * bsc#1234024
  * bsc#1234025
  * bsc#1234078
  * bsc#1234087
  * bsc#1234153
  * bsc#1234155
  * bsc#1234223
  * bsc#1234381
  * bsc#1234683
  * bsc#1234690
  * bsc#1234825
  * bsc#1234829
  * bsc#1234832
  * bsc#1234884
  * bsc#1234889
  * bsc#1234896
  * bsc#1234899
  * bsc#1234900
  * bsc#1234905
  * bsc#1234909
  * bsc#1234916
  * bsc#1234918
  * bsc#1234922
  * bsc#1234930
  * bsc#1234931
  * bsc#1234934
  * bsc#1234962
  * bsc#1234999
  * bsc#1235002
  * bsc#1235009
  * bsc#1235011
  * bsc#1235053
  * bsc#1235057
  * bsc#1235059
  * bsc#1235100
  * bsc#1235122
  * bsc#1235123
  * bsc#1235133
  * bsc#1235134
  * bsc#1235217
  * bsc#1235222
  * bsc#1235230
  * bsc#1235249
  * bsc#1235410
  * bsc#1235430
  * bsc#1235433
  * bsc#1235441
  * bsc#1235451
  * bsc#1235458
  * bsc#1235466
  * bsc#1235473
  * bsc#1235480
  * bsc#1235491
  * bsc#1235495
  * bsc#1235496
  * bsc#1235521
  * bsc#1235557
  * bsc#1235563
  * bsc#1235570
  * bsc#1235584
  * bsc#1235611
  * bsc#1235635
  * bsc#1235641
  * bsc#1235643
  * bsc#1235645
  * bsc#1235647
  * bsc#1235723
  * bsc#1235739
  * bsc#1235747
  * bsc#1235759
  * bsc#1235764
  * bsc#1235768
  * bsc#1235806
  * bsc#1235812
  * bsc#1235814
  * bsc#1235818
  * bsc#1235842
  * bsc#1235920
  * bsc#1235969
  * bsc#1236628

  
Cross-References:

  * CVE-2024-26758
  * CVE-2024-26943
  * CVE-2024-36898
  * CVE-2024-38599
  * CVE-2024-41047
  * CVE-2024-45019
  * CVE-2024-46858
  * CVE-2024-50051
  * CVE-2024-50136
  * CVE-2024-50142
  * CVE-2024-50151
  * CVE-2024-50195
  * CVE-2024-50199
  * CVE-2024-50210
  * CVE-2024-50275
  * CVE-2024-50299
  * CVE-2024-53095
  * CVE-2024-53103
  * CVE-2024-53104
  * CVE-2024-53112
  * CVE-2024-53121
  * CVE-2024-53127
  * CVE-2024-53129
  * CVE-2024-53138
  * CVE-2024-53141
  * CVE-2024-53144
  * CVE-2024-53148
  * CVE-2024-53151
  * CVE-2024-53166
  * CVE-2024-53169
  * CVE-2024-53171
  * CVE-2024-53174
  * CVE-2024-53177
  * CVE-2024-53208
  * CVE-2024-53209
  * CVE-2024-53215
  * CVE-2024-53217
  * CVE-2024-53224
  * CVE-2024-53227
  * CVE-2024-53229
  * CVE-2024-53690
  * CVE-2024-54680
  * CVE-2024-55916
  * CVE-2024-56531
  * CVE-2024-56532
  * CVE-2024-56533
  * CVE-2024-56557
  * CVE-2024-56558
  * CVE-2024-56562
  * CVE-2024-56567
  * CVE-2024-56588
  * CVE-2024-56595
  * CVE-2024-56596
  * CVE-2024-56597
  * CVE-2024-56600
  * CVE-2024-56601
  * CVE-2024-56602
  * CVE-2024-56623
  * CVE-2024-56629
  * CVE-2024-56631
  * CVE-2024-56642
  * CVE-2024-56644
  * CVE-2024-56645
  * CVE-2024-56648
  * CVE-2024-56650
  * CVE-2024-56658
  * CVE-2024-56661
  * CVE-2024-56664
  * CVE-2024-56678
  * CVE-2024-56681
  * CVE-2024-56698
  * CVE-2024-56701
  * CVE-2024-56704
  * CVE-2024-56722
  * CVE-2024-56739
  * CVE-2024-56745
  * CVE-2024-56747
  * CVE-2024-56754
  * CVE-2024-56756
  * CVE-2024-56759
  * CVE-2024-56765
  * CVE-2024-56776
  * CVE-2024-56777
  * CVE-2024-56778
  * CVE-2024-57791
  * CVE-2024-57792
  * CVE-2024-57793
  * CVE-2024-57798
  * CVE-2024-57849
  * CVE-2024-57850
  * CVE-2024-57876
  * CVE-2024-57893
  * CVE-2024-57897
  * CVE-2024-8805

  
CVSS scores:

  * CVE-2024-26758 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-26758 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-26943 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-36898 ( SUSE ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
  * CVE-2024-38599 ( SUSE ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
  * CVE-2024-41047 ( SUSE ):  0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N
  * CVE-2024-45019 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-45019 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-46858 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-46858 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50051 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-50051 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50051 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50051 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50136 ( SUSE ):  0.0
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-50136 ( SUSE ):  0.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
  * CVE-2024-50136 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50142 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-50142 ( SUSE ):  6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
  * CVE-2024-50142 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50151 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-50151 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2024-50151 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50195 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50195 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50199 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50210 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-50210 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50210 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50275 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50275 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50299 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-50299 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53095 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53095 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53103 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53103 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53112 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53112 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53112 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53121 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53121 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53127 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53129 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53129 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53138 ( SUSE ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
  * CVE-2024-53138 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53141 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53141 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53141 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53144 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53148 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53148 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53151 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53151 ( SUSE ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-53151 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53166 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53166 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53166 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53166 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53169 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53169 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53171 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53171 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53171 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53171 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53174 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53174 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53174 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53177 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53177 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53177 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53208 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53208 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53208 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53209 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53209 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-53215 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53215 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53215 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53217 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53217 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53217 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53224 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53224 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53224 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53227 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53227 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53227 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53227 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53229 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53229 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53690 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53690 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54680 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-54680 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54680 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54680 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-55916 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-55916 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-55916 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56531 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56531 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56532 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56532 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56533 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56533 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56557 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56557 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56558 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56558 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56558 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56562 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56562 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56567 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56567 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56567 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56588 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56588 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56588 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56595 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56595 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56595 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56596 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56596 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56596 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56597 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56597 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-56600 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56600 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56601 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56602 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56602 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56602 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56602 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56623 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56623 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56623 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56629 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56629 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56629 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56631 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56631 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56631 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56631 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56642 ( SUSE ):  7.5
    CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56642 ( SUSE ):  7.1 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56642 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56642 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56644 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56644 ( SUSE ):  2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56645 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56645 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56648 ( SUSE ):  8.6
    CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56648 ( SUSE ):  8.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56648 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56650 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56650 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56650 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-56658 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56658 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56658 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56661 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56661 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56661 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56664 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56664 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56664 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56678 ( SUSE ):  8.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56678 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56678 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56681 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56681 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
  * CVE-2024-56698 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56698 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56698 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56701 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56701 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56704 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56704 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56704 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56722 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56722 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56722 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56739 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56739 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56739 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56745 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56745 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56745 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56747 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-56747 ( SUSE ):  2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-56747 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56754 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56754 ( SUSE ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-56754 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56756 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56756 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
  * CVE-2024-56756 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56759 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56759 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56765 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56765 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56765 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56765 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56776 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56776 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56776 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56777 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56777 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56777 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56778 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56778 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56778 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57791 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57791 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57792 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57792 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57793 ( SUSE ):  6.2
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:H
  * CVE-2024-57793 ( SUSE ):  8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:H
  * CVE-2024-57798 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57798 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57798 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57849 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57849 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57850 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57850 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57876 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57876 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57893 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57893 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57897 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57897 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-8805 ( SUSE ):  8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-8805 ( NVD ):  8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-8805 ( NVD ):  8.8 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.5
  * SUSE Linux Enterprise High Availability Extension 15 SP5
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Live Patching 15-SP5
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP5
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5

  
  
An update that solves 94 vulnerabilities and has 10 security fixes can now be
installed.

## Description:

The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security
bugfixes.

The following security bugs were fixed:

  * CVE-2024-36898: gpiolib: cdev: fix uninitialised kfifo (bsc#1225736).
  * CVE-2024-46858: mptcp: pm: Fix uaf in __timer_delete_sync (bsc#1231088).
  * CVE-2024-50142: xfrm: validate new SA's prefixlen using SA family when
    sel.family is unset (bsc#1233028).
  * CVE-2024-50151: smb: client: fix OOBs when building SMB2_IOCTL request
    (bsc#1233055).
  * CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unuse_vma (bsc#1233112).
  * CVE-2024-50299: sctp: properly validate chunk size in sctp_sf_ootb()
    (bsc#1233488).
  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1234025).
  * CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt
    (bsc#1234381).
  * CVE-2024-53166: block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234884).
  * CVE-2024-53177: smb: prevent use-after-free due to open_cached_dir error
    paths (bsc#1234896).
  * CVE-2024-53209: bnxt_en: Fix receive ring space parameters when XDP is
    active (bsc#1235002).
  * CVE-2024-53227: scsi: bfa: Fix use-after-free in bfad_im_module_exit()
    (bsc#1235011).
  * CVE-2024-56588: scsi: hisi_sas: Create all dump files during debugfs
    initialization (bsc#1235123).
  * CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in
    inet6_create() (bsc#1235217).
  * CVE-2024-56601: net: inet: do not leave a dangling sk pointer in
    inet_create() (bsc#1235230).
  * CVE-2024-56602: net: ieee802154: do not leave a dangling sk pointer in
    ieee802154_create() (bsc#1235521).
  * CVE-2024-56623: scsi: qla2xxx: Fix use after free on unload (bsc#1235466).
  * CVE-2024-56631: scsi: sg: Fix slab-use-after-free read in sg_release()
    (bsc#1235480).
  * CVE-2024-56642: tipc: Fix use-after-free of kernel socket in
    cleanup_bearer() (bsc#1235433).
  * CVE-2024-56645: can: j1939: j1939_session_new(): fix skb reference counting
    (bsc#1235134).
  * CVE-2024-56648: net: hsr: avoid potential out-of-bound access in
    fill_frame_info() (bsc#1235451).
  * CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check()
    (bsc#1235430).
  * CVE-2024-56658: net: defer final 'struct net' free in netns dismantle
    (bsc#1235441).
  * CVE-2024-56664: bpf, sockmap: Fix race between element replace and close()
    (bsc#1235249).
  * CVE-2024-56704: 9p/xen: fix release of IRQ (bsc#1235584).
  * CVE-2024-56747: scsi: qedi: Fix a possible memory leak in
    qedi_alloc_and_init_sb() (bsc#1234934).
  * CVE-2024-56759: btrfs: fix use-after-free when COWing tree bock and tracing
    is enabled (bsc#1235645).
  * CVE-2024-57791: net/smc: check return value of sock_recvmsg when draining
    clc data (bsc#1235759).
  * CVE-2024-57792: power: supply: gpio-charger: Fix set charge current limits
    (bsc#1235764).
  * CVE-2024-57793: virt: tdx-guest: Just leak decrypted memory on unrecoverable
    errors (bsc#1235768).
  * CVE-2024-57798: drm/dp_mst: Ensure mst_primary pointer is valid in
    drm_dp_mst_handle_up_req() (bsc#1235818).
  * CVE-2024-57849: s390/cpum_sf: Handle CPU hotplug remove during sampling
    (bsc#1235814).
  * CVE-2024-57876: drm/dp_mst: Fix resetting msg rx state after topology
    removal (bsc#1235806).
  * CVE-2024-57893: ALSA: seq: oss: Fix races at processing SysEx messages
    (bsc#1235920).
  * CVE-2024-57897: drm/amdkfd: Correct the migration DMA map direction
    (bsc#1235969).

The following non-security bugs were fixed:

  * NFS: Adjust the amount of readahead performed by NFS readdir (bsc#1231847).
  * NFS: Do not flush the readdir cache in nfs_dentry_iput() (bsc#1231847).
  * NFS: Improve heuristic for readdirplus (bsc#1231847).
  * NFS: Trigger the "ls -l" readdir heuristic sooner (bsc#1231847).
  * VFS: use system_unbound_wq for delayed_mntput (bsc#1234683).
  * ceph: improve error handling and short/overflow-read logic in
    __ceph_sync_read() (bsc#1228592).
  * ibmvnic: Free any outstanding tx skbs during scrq reset (bsc#1226980).
  * netfilter: nf_tables: validate family when identifying table via handle
    (bsc#1233778).
  * powerpc/pseries/vas: Add close() callback in vas_vm_ops struct
    (bsc#1234825).
  * tipc: fix NULL deref in cleanup_bearer() (bsc#1235433).
  * x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0
    (git-fixes).

## Special Instructions and Notes:

  * Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-577=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-577=1

  * SUSE Linux Enterprise Live Patching 15-SP5  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-577=1

  * SUSE Linux Enterprise High Availability Extension 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HA-15-SP5-2025-577=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-577=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-577=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-577=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-577=1

## Package List:

  * openSUSE Leap 15.5 (noarch nosrc)
    * kernel-docs-5.14.21-150500.55.94.1
  * openSUSE Leap 15.5 (noarch)
    * kernel-macros-5.14.21-150500.55.94.1
    * kernel-source-5.14.21-150500.55.94.1
    * kernel-source-vanilla-5.14.21-150500.55.94.1
    * kernel-devel-5.14.21-150500.55.94.1
    * kernel-docs-html-5.14.21-150500.55.94.1
  * openSUSE Leap 15.5 (nosrc ppc64le x86_64)
    * kernel-debug-5.14.21-150500.55.94.1
  * openSUSE Leap 15.5 (ppc64le x86_64)
    * kernel-debug-devel-debuginfo-5.14.21-150500.55.94.1
    * kernel-debug-debugsource-5.14.21-150500.55.94.1
    * kernel-debug-devel-5.14.21-150500.55.94.1
    * kernel-debug-debuginfo-5.14.21-150500.55.94.1
  * openSUSE Leap 15.5 (x86_64)
    * kernel-default-vdso-5.14.21-150500.55.94.1
    * kernel-kvmsmall-vdso-5.14.21-150500.55.94.1
    * kernel-kvmsmall-vdso-debuginfo-5.14.21-150500.55.94.1
    * kernel-debug-vdso-5.14.21-150500.55.94.1
    * kernel-default-vdso-debuginfo-5.14.21-150500.55.94.1
    * kernel-debug-vdso-debuginfo-5.14.21-150500.55.94.1
  * openSUSE Leap 15.5 (aarch64 ppc64le x86_64)
    * kernel-kvmsmall-devel-5.14.21-150500.55.94.1
    * kernel-kvmsmall-devel-debuginfo-5.14.21-150500.55.94.1
    * kernel-kvmsmall-debuginfo-5.14.21-150500.55.94.1
    * kernel-kvmsmall-debugsource-5.14.21-150500.55.94.1
    * kernel-default-base-rebuild-5.14.21-150500.55.94.1.150500.6.43.1
    * kernel-default-base-5.14.21-150500.55.94.1.150500.6.43.1
  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
    * kernel-default-devel-5.14.21-150500.55.94.1
    * kernel-syms-5.14.21-150500.55.94.1
    * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.94.1
    * reiserfs-kmp-default-5.14.21-150500.55.94.1
    * kselftests-kmp-default-5.14.21-150500.55.94.1
    * kernel-default-debugsource-5.14.21-150500.55.94.1
    * kernel-default-livepatch-5.14.21-150500.55.94.1
    * gfs2-kmp-default-debuginfo-5.14.21-150500.55.94.1
    * kernel-obs-build-5.14.21-150500.55.94.1
    * kernel-obs-build-debugsource-5.14.21-150500.55.94.1
    * dlm-kmp-default-debuginfo-5.14.21-150500.55.94.1
    * kernel-default-debuginfo-5.14.21-150500.55.94.1
    * ocfs2-kmp-default-5.14.21-150500.55.94.1
    * kernel-default-devel-debuginfo-5.14.21-150500.55.94.1
    * kernel-obs-qa-5.14.21-150500.55.94.1
    * kernel-default-optional-5.14.21-150500.55.94.1
    * kselftests-kmp-default-debuginfo-5.14.21-150500.55.94.1
    * kernel-default-optional-debuginfo-5.14.21-150500.55.94.1
    * dlm-kmp-default-5.14.21-150500.55.94.1
    * kernel-default-extra-5.14.21-150500.55.94.1
    * cluster-md-kmp-default-5.14.21-150500.55.94.1
    * gfs2-kmp-default-5.14.21-150500.55.94.1
    * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.94.1
    * kernel-default-extra-debuginfo-5.14.21-150500.55.94.1
    * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.94.1
  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 nosrc)
    * kernel-default-5.14.21-150500.55.94.1
  * openSUSE Leap 15.5 (ppc64le s390x x86_64)
    * kernel-default-livepatch-devel-5.14.21-150500.55.94.1
    * kernel-livepatch-5_14_21-150500_55_94-default-1-150500.11.3.1
    * kernel-livepatch-5_14_21-150500_55_94-default-debuginfo-1-150500.11.3.1
    * kernel-livepatch-SLE15-SP5_Update_23-debugsource-1-150500.11.3.1
  * openSUSE Leap 15.5 (aarch64 nosrc ppc64le x86_64)
    * kernel-kvmsmall-5.14.21-150500.55.94.1
  * openSUSE Leap 15.5 (nosrc s390x)
    * kernel-zfcpdump-5.14.21-150500.55.94.1
  * openSUSE Leap 15.5 (s390x)
    * kernel-zfcpdump-debuginfo-5.14.21-150500.55.94.1
    * kernel-zfcpdump-debugsource-5.14.21-150500.55.94.1
  * openSUSE Leap 15.5 (nosrc)
    * dtb-aarch64-5.14.21-150500.55.94.1
  * openSUSE Leap 15.5 (aarch64)
    * dtb-altera-5.14.21-150500.55.94.1
    * dtb-cavium-5.14.21-150500.55.94.1
    * dtb-rockchip-5.14.21-150500.55.94.1
    * dtb-socionext-5.14.21-150500.55.94.1
    * dtb-nvidia-5.14.21-150500.55.94.1
    * ocfs2-kmp-64kb-5.14.21-150500.55.94.1
    * ocfs2-kmp-64kb-debuginfo-5.14.21-150500.55.94.1
    * dtb-allwinner-5.14.21-150500.55.94.1
    * dtb-arm-5.14.21-150500.55.94.1
    * kernel-64kb-debuginfo-5.14.21-150500.55.94.1
    * dlm-kmp-64kb-debuginfo-5.14.21-150500.55.94.1
    * cluster-md-kmp-64kb-5.14.21-150500.55.94.1
    * cluster-md-kmp-64kb-debuginfo-5.14.21-150500.55.94.1
    * dtb-marvell-5.14.21-150500.55.94.1
    * kernel-64kb-optional-5.14.21-150500.55.94.1
    * dtb-sprd-5.14.21-150500.55.94.1
    * gfs2-kmp-64kb-5.14.21-150500.55.94.1
    * dtb-hisilicon-5.14.21-150500.55.94.1
    * dlm-kmp-64kb-5.14.21-150500.55.94.1
    * kernel-64kb-devel-5.14.21-150500.55.94.1
    * dtb-amd-5.14.21-150500.55.94.1
    * dtb-qcom-5.14.21-150500.55.94.1
    * kernel-64kb-optional-debuginfo-5.14.21-150500.55.94.1
    * dtb-lg-5.14.21-150500.55.94.1
    * kselftests-kmp-64kb-5.14.21-150500.55.94.1
    * gfs2-kmp-64kb-debuginfo-5.14.21-150500.55.94.1
    * dtb-renesas-5.14.21-150500.55.94.1
    * dtb-broadcom-5.14.21-150500.55.94.1
    * dtb-amlogic-5.14.21-150500.55.94.1
    * kernel-64kb-extra-5.14.21-150500.55.94.1
    * reiserfs-kmp-64kb-debuginfo-5.14.21-150500.55.94.1
    * kselftests-kmp-64kb-debuginfo-5.14.21-150500.55.94.1
    * dtb-amazon-5.14.21-150500.55.94.1
    * kernel-64kb-devel-debuginfo-5.14.21-150500.55.94.1
    * reiserfs-kmp-64kb-5.14.21-150500.55.94.1
    * dtb-mediatek-5.14.21-150500.55.94.1
    * dtb-exynos-5.14.21-150500.55.94.1
    * dtb-apm-5.14.21-150500.55.94.1
    * dtb-xilinx-5.14.21-150500.55.94.1
    * dtb-freescale-5.14.21-150500.55.94.1
    * kernel-64kb-extra-debuginfo-5.14.21-150500.55.94.1
    * kernel-64kb-debugsource-5.14.21-150500.55.94.1
    * dtb-apple-5.14.21-150500.55.94.1
  * openSUSE Leap 15.5 (aarch64 nosrc)
    * kernel-64kb-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64 nosrc)
    * kernel-default-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 x86_64)
    * kernel-default-base-5.14.21-150500.55.94.1.150500.6.43.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * kernel-default-debuginfo-5.14.21-150500.55.94.1
    * kernel-default-debugsource-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise Live Patching 15-SP5 (nosrc)
    * kernel-default-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64)
    * kernel-default-livepatch-devel-5.14.21-150500.55.94.1
    * kernel-default-livepatch-5.14.21-150500.55.94.1
    * kernel-livepatch-5_14_21-150500_55_94-default-debuginfo-1-150500.11.3.1
    * kernel-default-debuginfo-5.14.21-150500.55.94.1
    * kernel-livepatch-5_14_21-150500_55_94-default-1-150500.11.3.1
    * kernel-default-debugsource-5.14.21-150500.55.94.1
    * kernel-livepatch-SLE15-SP5_Update_23-debugsource-1-150500.11.3.1
  * SUSE Linux Enterprise High Availability Extension 15 SP5 (aarch64 ppc64le
    s390x x86_64)
    * gfs2-kmp-default-debuginfo-5.14.21-150500.55.94.1
    * dlm-kmp-default-5.14.21-150500.55.94.1
    * cluster-md-kmp-default-5.14.21-150500.55.94.1
    * gfs2-kmp-default-5.14.21-150500.55.94.1
    * dlm-kmp-default-debuginfo-5.14.21-150500.55.94.1
    * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.94.1
    * kernel-default-debuginfo-5.14.21-150500.55.94.1
    * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.94.1
    * kernel-default-debugsource-5.14.21-150500.55.94.1
    * ocfs2-kmp-default-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise High Availability Extension 15 SP5 (nosrc)
    * kernel-default-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    nosrc)
    * kernel-64kb-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64)
    * kernel-64kb-devel-5.14.21-150500.55.94.1
    * kernel-64kb-devel-debuginfo-5.14.21-150500.55.94.1
    * kernel-64kb-debuginfo-5.14.21-150500.55.94.1
    * kernel-64kb-debugsource-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 nosrc
    x86_64)
    * kernel-default-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * kernel-default-devel-5.14.21-150500.55.94.1
    * kernel-syms-5.14.21-150500.55.94.1
    * kernel-default-devel-debuginfo-5.14.21-150500.55.94.1
    * kernel-obs-build-5.14.21-150500.55.94.1
    * kernel-obs-build-debugsource-5.14.21-150500.55.94.1
    * kernel-default-debuginfo-5.14.21-150500.55.94.1
    * kernel-default-debugsource-5.14.21-150500.55.94.1
    * kernel-default-base-5.14.21-150500.55.94.1.150500.6.43.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * kernel-devel-5.14.21-150500.55.94.1
    * kernel-macros-5.14.21-150500.55.94.1
    * kernel-source-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch nosrc)
    * kernel-docs-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 nosrc)
    * kernel-64kb-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64)
    * kernel-64kb-devel-5.14.21-150500.55.94.1
    * kernel-64kb-devel-debuginfo-5.14.21-150500.55.94.1
    * kernel-64kb-debuginfo-5.14.21-150500.55.94.1
    * kernel-64kb-debugsource-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 nosrc
    x86_64)
    * kernel-default-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * kernel-default-devel-5.14.21-150500.55.94.1
    * kernel-syms-5.14.21-150500.55.94.1
    * kernel-default-devel-debuginfo-5.14.21-150500.55.94.1
    * kernel-obs-build-5.14.21-150500.55.94.1
    * kernel-obs-build-debugsource-5.14.21-150500.55.94.1
    * kernel-default-debuginfo-5.14.21-150500.55.94.1
    * kernel-default-debugsource-5.14.21-150500.55.94.1
    * kernel-default-base-5.14.21-150500.55.94.1.150500.6.43.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * kernel-devel-5.14.21-150500.55.94.1
    * kernel-macros-5.14.21-150500.55.94.1
    * kernel-source-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch nosrc)
    * kernel-docs-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 nosrc)
    * kernel-64kb-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64)
    * kernel-64kb-devel-5.14.21-150500.55.94.1
    * kernel-64kb-devel-debuginfo-5.14.21-150500.55.94.1
    * kernel-64kb-debuginfo-5.14.21-150500.55.94.1
    * kernel-64kb-debugsource-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64
    nosrc)
    * kernel-default-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le x86_64)
    * kernel-default-base-5.14.21-150500.55.94.1.150500.6.43.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * kernel-default-devel-5.14.21-150500.55.94.1
    * kernel-syms-5.14.21-150500.55.94.1
    * kernel-default-devel-debuginfo-5.14.21-150500.55.94.1
    * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.94.1
    * kernel-obs-build-5.14.21-150500.55.94.1
    * kernel-obs-build-debugsource-5.14.21-150500.55.94.1
    * reiserfs-kmp-default-5.14.21-150500.55.94.1
    * kernel-default-debuginfo-5.14.21-150500.55.94.1
    * kernel-default-debugsource-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * kernel-devel-5.14.21-150500.55.94.1
    * kernel-macros-5.14.21-150500.55.94.1
    * kernel-source-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch nosrc)
    * kernel-docs-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (nosrc s390x)
    * kernel-zfcpdump-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (s390x)
    * kernel-zfcpdump-debuginfo-5.14.21-150500.55.94.1
    * kernel-zfcpdump-debugsource-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (nosrc ppc64le
    x86_64)
    * kernel-default-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * kernel-default-devel-5.14.21-150500.55.94.1
    * kernel-syms-5.14.21-150500.55.94.1
    * kernel-default-devel-debuginfo-5.14.21-150500.55.94.1
    * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.94.1
    * kernel-obs-build-5.14.21-150500.55.94.1
    * kernel-obs-build-debugsource-5.14.21-150500.55.94.1
    * reiserfs-kmp-default-5.14.21-150500.55.94.1
    * kernel-default-debuginfo-5.14.21-150500.55.94.1
    * kernel-default-debugsource-5.14.21-150500.55.94.1
    * kernel-default-base-5.14.21-150500.55.94.1.150500.6.43.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * kernel-devel-5.14.21-150500.55.94.1
    * kernel-macros-5.14.21-150500.55.94.1
    * kernel-source-5.14.21-150500.55.94.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch nosrc)
    * kernel-docs-5.14.21-150500.55.94.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-26758.html
  * https://www.suse.com/security/cve/CVE-2024-26943.html
  * https://www.suse.com/security/cve/CVE-2024-36898.html
  * https://www.suse.com/security/cve/CVE-2024-38599.html
  * https://www.suse.com/security/cve/CVE-2024-41047.html
  * https://www.suse.com/security/cve/CVE-2024-45019.html
  * https://www.suse.com/security/cve/CVE-2024-46858.html
  * https://www.suse.com/security/cve/CVE-2024-50051.html
  * https://www.suse.com/security/cve/CVE-2024-50136.html
  * https://www.suse.com/security/cve/CVE-2024-50142.html
  * https://www.suse.com/security/cve/CVE-2024-50151.html
  * https://www.suse.com/security/cve/CVE-2024-50195.html
  * https://www.suse.com/security/cve/CVE-2024-50199.html
  * https://www.suse.com/security/cve/CVE-2024-50210.html
  * https://www.suse.com/security/cve/CVE-2024-50275.html
  * https://www.suse.com/security/cve/CVE-2024-50299.html
  * https://www.suse.com/security/cve/CVE-2024-53095.html
  * https://www.suse.com/security/cve/CVE-2024-53103.html
  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://www.suse.com/security/cve/CVE-2024-53112.html
  * https://www.suse.com/security/cve/CVE-2024-53121.html
  * https://www.suse.com/security/cve/CVE-2024-53127.html
  * https://www.suse.com/security/cve/CVE-2024-53129.html
  * https://www.suse.com/security/cve/CVE-2024-53138.html
  * https://www.suse.com/security/cve/CVE-2024-53141.html
  * https://www.suse.com/security/cve/CVE-2024-53144.html
  * https://www.suse.com/security/cve/CVE-2024-53148.html
  * https://www.suse.com/security/cve/CVE-2024-53151.html
  * https://www.suse.com/security/cve/CVE-2024-53166.html
  * https://www.suse.com/security/cve/CVE-2024-53169.html
  * https://www.suse.com/security/cve/CVE-2024-53171.html
  * https://www.suse.com/security/cve/CVE-2024-53174.html
  * https://www.suse.com/security/cve/CVE-2024-53177.html
  * https://www.suse.com/security/cve/CVE-2024-53208.html
  * https://www.suse.com/security/cve/CVE-2024-53209.html
  * https://www.suse.com/security/cve/CVE-2024-53215.html
  * https://www.suse.com/security/cve/CVE-2024-53217.html
  * https://www.suse.com/security/cve/CVE-2024-53224.html
  * https://www.suse.com/security/cve/CVE-2024-53227.html
  * https://www.suse.com/security/cve/CVE-2024-53229.html
  * https://www.suse.com/security/cve/CVE-2024-53690.html
  * https://www.suse.com/security/cve/CVE-2024-54680.html
  * https://www.suse.com/security/cve/CVE-2024-55916.html
  * https://www.suse.com/security/cve/CVE-2024-56531.html
  * https://www.suse.com/security/cve/CVE-2024-56532.html
  * https://www.suse.com/security/cve/CVE-2024-56533.html
  * https://www.suse.com/security/cve/CVE-2024-56557.html
  * https://www.suse.com/security/cve/CVE-2024-56558.html
  * https://www.suse.com/security/cve/CVE-2024-56562.html
  * https://www.suse.com/security/cve/CVE-2024-56567.html
  * https://www.suse.com/security/cve/CVE-2024-56588.html
  * https://www.suse.com/security/cve/CVE-2024-56595.html
  * https://www.suse.com/security/cve/CVE-2024-56596.html
  * https://www.suse.com/security/cve/CVE-2024-56597.html
  * https://www.suse.com/security/cve/CVE-2024-56600.html
  * https://www.suse.com/security/cve/CVE-2024-56601.html
  * https://www.suse.com/security/cve/CVE-2024-56602.html
  * https://www.suse.com/security/cve/CVE-2024-56623.html
  * https://www.suse.com/security/cve/CVE-2024-56629.html
  * https://www.suse.com/security/cve/CVE-2024-56631.html
  * https://www.suse.com/security/cve/CVE-2024-56642.html
  * https://www.suse.com/security/cve/CVE-2024-56644.html
  * https://www.suse.com/security/cve/CVE-2024-56645.html
  * https://www.suse.com/security/cve/CVE-2024-56648.html
  * https://www.suse.com/security/cve/CVE-2024-56650.html
  * https://www.suse.com/security/cve/CVE-2024-56658.html
  * https://www.suse.com/security/cve/CVE-2024-56661.html
  * https://www.suse.com/security/cve/CVE-2024-56664.html
  * https://www.suse.com/security/cve/CVE-2024-56678.html
  * https://www.suse.com/security/cve/CVE-2024-56681.html
  * https://www.suse.com/security/cve/CVE-2024-56698.html
  * https://www.suse.com/security/cve/CVE-2024-56701.html
  * https://www.suse.com/security/cve/CVE-2024-56704.html
  * https://www.suse.com/security/cve/CVE-2024-56722.html
  * https://www.suse.com/security/cve/CVE-2024-56739.html
  * https://www.suse.com/security/cve/CVE-2024-56745.html
  * https://www.suse.com/security/cve/CVE-2024-56747.html
  * https://www.suse.com/security/cve/CVE-2024-56754.html
  * https://www.suse.com/security/cve/CVE-2024-56756.html
  * https://www.suse.com/security/cve/CVE-2024-56759.html
  * https://www.suse.com/security/cve/CVE-2024-56765.html
  * https://www.suse.com/security/cve/CVE-2024-56776.html
  * https://www.suse.com/security/cve/CVE-2024-56777.html
  * https://www.suse.com/security/cve/CVE-2024-56778.html
  * https://www.suse.com/security/cve/CVE-2024-57791.html
  * https://www.suse.com/security/cve/CVE-2024-57792.html
  * https://www.suse.com/security/cve/CVE-2024-57793.html
  * https://www.suse.com/security/cve/CVE-2024-57798.html
  * https://www.suse.com/security/cve/CVE-2024-57849.html
  * https://www.suse.com/security/cve/CVE-2024-57850.html
  * https://www.suse.com/security/cve/CVE-2024-57876.html
  * https://www.suse.com/security/cve/CVE-2024-57893.html
  * https://www.suse.com/security/cve/CVE-2024-57897.html
  * https://www.suse.com/security/cve/CVE-2024-8805.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1194869
  * https://bugzilla.suse.com/show_bug.cgi?id=1216813
  * https://bugzilla.suse.com/show_bug.cgi?id=1223384
  * https://bugzilla.suse.com/show_bug.cgi?id=1225736
  * https://bugzilla.suse.com/show_bug.cgi?id=1226848
  * https://bugzilla.suse.com/show_bug.cgi?id=1226980
  * https://bugzilla.suse.com/show_bug.cgi?id=1228537
  * https://bugzilla.suse.com/show_bug.cgi?id=1228592
  * https://bugzilla.suse.com/show_bug.cgi?id=1230341
  * https://bugzilla.suse.com/show_bug.cgi?id=1230432
  * https://bugzilla.suse.com/show_bug.cgi?id=1230527
  * https://bugzilla.suse.com/show_bug.cgi?id=1230697
  * https://bugzilla.suse.com/show_bug.cgi?id=1231088
  * https://bugzilla.suse.com/show_bug.cgi?id=1231847
  * https://bugzilla.suse.com/show_bug.cgi?id=1232914
  * https://bugzilla.suse.com/show_bug.cgi?id=1233028
  * https://bugzilla.suse.com/show_bug.cgi?id=1233055
  * https://bugzilla.suse.com/show_bug.cgi?id=1233097
  * https://bugzilla.suse.com/show_bug.cgi?id=1233103
  * https://bugzilla.suse.com/show_bug.cgi?id=1233112
  * https://bugzilla.suse.com/show_bug.cgi?id=1233464
  * https://bugzilla.suse.com/show_bug.cgi?id=1233488
  * https://bugzilla.suse.com/show_bug.cgi?id=1233642
  * https://bugzilla.suse.com/show_bug.cgi?id=1233778
  * https://bugzilla.suse.com/show_bug.cgi?id=1234024
  * https://bugzilla.suse.com/show_bug.cgi?id=1234025
  * https://bugzilla.suse.com/show_bug.cgi?id=1234078
  * https://bugzilla.suse.com/show_bug.cgi?id=1234087
  * https://bugzilla.suse.com/show_bug.cgi?id=1234153
  * https://bugzilla.suse.com/show_bug.cgi?id=1234155
  * https://bugzilla.suse.com/show_bug.cgi?id=1234223
  * https://bugzilla.suse.com/show_bug.cgi?id=1234381
  * https://bugzilla.suse.com/show_bug.cgi?id=1234683
  * https://bugzilla.suse.com/show_bug.cgi?id=1234690
  * https://bugzilla.suse.com/show_bug.cgi?id=1234825
  * https://bugzilla.suse.com/show_bug.cgi?id=1234829
  * https://bugzilla.suse.com/show_bug.cgi?id=1234832
  * https://bugzilla.suse.com/show_bug.cgi?id=1234884
  * https://bugzilla.suse.com/show_bug.cgi?id=1234889
  * https://bugzilla.suse.com/show_bug.cgi?id=1234896
  * https://bugzilla.suse.com/show_bug.cgi?id=1234899
  * https://bugzilla.suse.com/show_bug.cgi?id=1234900
  * https://bugzilla.suse.com/show_bug.cgi?id=1234905
  * https://bugzilla.suse.com/show_bug.cgi?id=1234909
  * https://bugzilla.suse.com/show_bug.cgi?id=1234916
  * https://bugzilla.suse.com/show_bug.cgi?id=1234918
  * https://bugzilla.suse.com/show_bug.cgi?id=1234922
  * https://bugzilla.suse.com/show_bug.cgi?id=1234930
  * https://bugzilla.suse.com/show_bug.cgi?id=1234931
  * https://bugzilla.suse.com/show_bug.cgi?id=1234934
  * https://bugzilla.suse.com/show_bug.cgi?id=1234962
  * https://bugzilla.suse.com/show_bug.cgi?id=1234999
  * https://bugzilla.suse.com/show_bug.cgi?id=1235002
  * https://bugzilla.suse.com/show_bug.cgi?id=1235009
  * https://bugzilla.suse.com/show_bug.cgi?id=1235011
  * https://bugzilla.suse.com/show_bug.cgi?id=1235053
  * https://bugzilla.suse.com/show_bug.cgi?id=1235057
  * https://bugzilla.suse.com/show_bug.cgi?id=1235059
  * https://bugzilla.suse.com/show_bug.cgi?id=1235100
  * https://bugzilla.suse.com/show_bug.cgi?id=1235122
  * https://bugzilla.suse.com/show_bug.cgi?id=1235123
  * https://bugzilla.suse.com/show_bug.cgi?id=1235133
  * https://bugzilla.suse.com/show_bug.cgi?id=1235134
  * https://bugzilla.suse.com/show_bug.cgi?id=1235217
  * https://bugzilla.suse.com/show_bug.cgi?id=1235222
  * https://bugzilla.suse.com/show_bug.cgi?id=1235230
  * https://bugzilla.suse.com/show_bug.cgi?id=1235249
  * https://bugzilla.suse.com/show_bug.cgi?id=1235410
  * https://bugzilla.suse.com/show_bug.cgi?id=1235430
  * https://bugzilla.suse.com/show_bug.cgi?id=1235433
  * https://bugzilla.suse.com/show_bug.cgi?id=1235441
  * https://bugzilla.suse.com/show_bug.cgi?id=1235451
  * https://bugzilla.suse.com/show_bug.cgi?id=1235458
  * https://bugzilla.suse.com/show_bug.cgi?id=1235466
  * https://bugzilla.suse.com/show_bug.cgi?id=1235473
  * https://bugzilla.suse.com/show_bug.cgi?id=1235480
  * https://bugzilla.suse.com/show_bug.cgi?id=1235491
  * https://bugzilla.suse.com/show_bug.cgi?id=1235495
  * https://bugzilla.suse.com/show_bug.cgi?id=1235496
  * https://bugzilla.suse.com/show_bug.cgi?id=1235521
  * https://bugzilla.suse.com/show_bug.cgi?id=1235557
  * https://bugzilla.suse.com/show_bug.cgi?id=1235563
  * https://bugzilla.suse.com/show_bug.cgi?id=1235570
  * https://bugzilla.suse.com/show_bug.cgi?id=1235584
  * https://bugzilla.suse.com/show_bug.cgi?id=1235611
  * https://bugzilla.suse.com/show_bug.cgi?id=1235635
  * https://bugzilla.suse.com/show_bug.cgi?id=1235641
  * https://bugzilla.suse.com/show_bug.cgi?id=1235643
  * https://bugzilla.suse.com/show_bug.cgi?id=1235645
  * https://bugzilla.suse.com/show_bug.cgi?id=1235647
  * https://bugzilla.suse.com/show_bug.cgi?id=1235723
  * https://bugzilla.suse.com/show_bug.cgi?id=1235739
  * https://bugzilla.suse.com/show_bug.cgi?id=1235747
  * https://bugzilla.suse.com/show_bug.cgi?id=1235759
  * https://bugzilla.suse.com/show_bug.cgi?id=1235764
  * https://bugzilla.suse.com/show_bug.cgi?id=1235768
  * https://bugzilla.suse.com/show_bug.cgi?id=1235806
  * https://bugzilla.suse.com/show_bug.cgi?id=1235812
  * https://bugzilla.suse.com/show_bug.cgi?id=1235814
  * https://bugzilla.suse.com/show_bug.cgi?id=1235818
  * https://bugzilla.suse.com/show_bug.cgi?id=1235842
  * https://bugzilla.suse.com/show_bug.cgi?id=1235920
  * https://bugzilla.suse.com/show_bug.cgi?id=1235969
  * https://bugzilla.suse.com/show_bug.cgi?id=1236628

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250218/73f114ff/attachment.htm>

From null at suse.de  Tue Feb 18 16:32:08 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 18 Feb 2025 16:32:08 -0000
Subject: SUSE-SU-2025:0576-1: important: Security update for the Linux Kernel
Message-ID: <173989632886.21560.10830709761110026722@smelt2.prg2.suse.org>



# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2025:0576-1  
Release Date: 2025-02-18T12:50:33Z  
Rating: important  
References:

  * bsc#1230697
  * bsc#1231847
  * bsc#1233112
  * bsc#1233642
  * bsc#1234025
  * bsc#1234690
  * bsc#1234884
  * bsc#1234896
  * bsc#1234931
  * bsc#1235134
  * bsc#1235217
  * bsc#1235230
  * bsc#1235249
  * bsc#1235430
  * bsc#1235433
  * bsc#1235441
  * bsc#1235451
  * bsc#1235466
  * bsc#1235480
  * bsc#1235521
  * bsc#1235584
  * bsc#1235645
  * bsc#1235723
  * bsc#1235759
  * bsc#1235764
  * bsc#1235814
  * bsc#1235818
  * bsc#1235920
  * bsc#1235969
  * bsc#1236628

  
Cross-References:

  * CVE-2024-50199
  * CVE-2024-53095
  * CVE-2024-53104
  * CVE-2024-53144
  * CVE-2024-53166
  * CVE-2024-53177
  * CVE-2024-54680
  * CVE-2024-56600
  * CVE-2024-56601
  * CVE-2024-56602
  * CVE-2024-56623
  * CVE-2024-56631
  * CVE-2024-56642
  * CVE-2024-56645
  * CVE-2024-56648
  * CVE-2024-56650
  * CVE-2024-56658
  * CVE-2024-56661
  * CVE-2024-56664
  * CVE-2024-56704
  * CVE-2024-56759
  * CVE-2024-57791
  * CVE-2024-57792
  * CVE-2024-57798
  * CVE-2024-57849
  * CVE-2024-57893
  * CVE-2024-57897
  * CVE-2024-8805

  
CVSS scores:

  * CVE-2024-50199 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53095 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53095 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53144 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53166 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53166 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53166 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53166 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53177 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53177 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53177 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-54680 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-54680 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54680 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54680 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56600 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56601 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56602 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56602 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56602 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56602 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56623 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56623 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56623 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56631 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56631 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56631 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56631 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56642 ( SUSE ):  7.5
    CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56642 ( SUSE ):  7.1 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56642 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56642 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56645 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56645 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56648 ( SUSE ):  8.6
    CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56648 ( SUSE ):  8.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56648 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56650 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56650 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56650 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-56658 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56658 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56658 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56661 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56661 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56661 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56664 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56664 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56664 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56704 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56704 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56704 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56759 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57791 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57791 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57792 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57792 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57798 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57798 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57798 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57849 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57849 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57893 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57893 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57897 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57897 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-8805 ( SUSE ):  8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-8805 ( NVD ):  8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-8805 ( NVD ):  8.8 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise High Availability Extension 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise Live Patching 15-SP4
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Real Time 15 SP4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves 28 vulnerabilities and has two security fixes can now be
installed.

## Description:

The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security
bugfixes.

The following security bugs were fixed:

  * CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unuse_vma (bsc#1233112).
  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1234025).
  * CVE-2024-53166: block, bfq: fix bfqq uaf in bfq_limit_depth() (bsc#1234884).
  * CVE-2024-53177: smb: prevent use-after-free due to open_cached_dir error
    paths (bsc#1234896).
  * CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in
    inet6_create() (bsc#1235217).
  * CVE-2024-56601: net: inet: do not leave a dangling sk pointer in
    inet_create() (bsc#1235230).
  * CVE-2024-56602: net: ieee802154: do not leave a dangling sk pointer in
    ieee802154_create() (bsc#1235521).
  * CVE-2024-56623: scsi: qla2xxx: Fix use after free on unload (bsc#1235466).
  * CVE-2024-56631: scsi: sg: Fix slab-use-after-free read in sg_release()
    (bsc#1235480).
  * CVE-2024-56642: tipc: Fix use-after-free of kernel socket in
    cleanup_bearer() (bsc#1235433).
  * CVE-2024-56645: can: j1939: j1939_session_new(): fix skb reference counting
    (bsc#1235134).
  * CVE-2024-56648: net: hsr: avoid potential out-of-bound access in
    fill_frame_info() (bsc#1235451).
  * CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check()
    (bsc#1235430).
  * CVE-2024-56658: net: defer final 'struct net' free in netns dismantle
    (bsc#1235441).
  * CVE-2024-56664: bpf, sockmap: Fix race between element replace and close()
    (bsc#1235249).
  * CVE-2024-56704: 9p/xen: fix release of IRQ (bsc#1235584).
  * CVE-2024-56759: btrfs: fix use-after-free when COWing tree bock and tracing
    is enabled (bsc#1235645).
  * CVE-2024-57791: net/smc: check return value of sock_recvmsg when draining
    clc data (bsc#1235759).
  * CVE-2024-57792: power: supply: gpio-charger: Fix set charge current limits
    (bsc#1235764).
  * CVE-2024-57798: drm/dp_mst: Ensure mst_primary pointer is valid in
    drm_dp_mst_handle_up_req() (bsc#1235818).
  * CVE-2024-57849: s390/cpum_sf: Handle CPU hotplug remove during sampling
    (bsc#1235814).
  * CVE-2024-57893: ALSA: seq: oss: Fix races at processing SysEx messages
    (bsc#1235920).
  * CVE-2024-57897: drm/amdkfd: Correct the migration DMA map direction
    (bsc#1235969).

The following non-security bugs were fixed:

  * NFS: Adjust the amount of readahead performed by NFS readdir (bsc#1231847).
  * NFS: Do not flush the readdir cache in nfs_dentry_iput() (bsc#1231847).
  * NFS: Improve heuristic for readdirplus (bsc#1231847).
  * NFS: Trigger the "ls -l" readdir heuristic sooner (bsc#1231847).
  * tipc: fix NULL deref in cleanup_bearer() (bsc#1235433).
  * x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0
    (git-fixes).

## Special Instructions and Notes:

  * Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-576=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-576=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-576=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-576=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-576=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-576=1

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-576=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-576=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-576=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-576=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-576=1

  * SUSE Linux Enterprise Live Patching 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-576=1  
Please note that this is the initial kernel livepatch without fixes itself, this
package is later updated by separate standalone kernel livepatch updates.

  * SUSE Linux Enterprise High Availability Extension 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2025-576=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-576=1

## Package List:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc)
    * kernel-64kb-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64)
    * kernel-64kb-devel-5.14.21-150400.24.150.1
    * kernel-64kb-debuginfo-5.14.21-150400.24.150.1
    * kernel-64kb-debugsource-5.14.21-150400.24.150.1
    * kernel-64kb-devel-debuginfo-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc
    x86_64)
    * kernel-default-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-debugsource-5.14.21-150400.24.150.1
    * reiserfs-kmp-default-5.14.21-150400.24.150.1
    * kernel-obs-build-5.14.21-150400.24.150.1
    * kernel-obs-build-debugsource-5.14.21-150400.24.150.1
    * kernel-default-devel-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-base-5.14.21-150400.24.150.1.150400.24.74.1
    * kernel-default-devel-5.14.21-150400.24.150.1
    * kernel-syms-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * kernel-source-5.14.21-150400.24.150.1
    * kernel-devel-5.14.21-150400.24.150.1
    * kernel-macros-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch nosrc)
    * kernel-docs-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 nosrc)
    * kernel-64kb-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64)
    * kernel-64kb-devel-5.14.21-150400.24.150.1
    * kernel-64kb-debuginfo-5.14.21-150400.24.150.1
    * kernel-64kb-debugsource-5.14.21-150400.24.150.1
    * kernel-64kb-devel-debuginfo-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64
    nosrc)
    * kernel-default-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le x86_64)
    * kernel-default-base-5.14.21-150400.24.150.1.150400.24.74.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-debugsource-5.14.21-150400.24.150.1
    * reiserfs-kmp-default-5.14.21-150400.24.150.1
    * kernel-obs-build-5.14.21-150400.24.150.1
    * kernel-obs-build-debugsource-5.14.21-150400.24.150.1
    * kernel-default-devel-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-devel-5.14.21-150400.24.150.1
    * kernel-syms-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * kernel-source-5.14.21-150400.24.150.1
    * kernel-devel-5.14.21-150400.24.150.1
    * kernel-macros-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch nosrc)
    * kernel-docs-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (nosrc s390x)
    * kernel-zfcpdump-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (s390x)
    * kernel-zfcpdump-debugsource-5.14.21-150400.24.150.1
    * kernel-zfcpdump-debuginfo-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (nosrc ppc64le
    x86_64)
    * kernel-default-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-debugsource-5.14.21-150400.24.150.1
    * reiserfs-kmp-default-5.14.21-150400.24.150.1
    * kernel-obs-build-5.14.21-150400.24.150.1
    * kernel-obs-build-debugsource-5.14.21-150400.24.150.1
    * kernel-default-devel-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-base-5.14.21-150400.24.150.1.150400.24.74.1
    * kernel-default-devel-5.14.21-150400.24.150.1
    * kernel-syms-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * kernel-source-5.14.21-150400.24.150.1
    * kernel-devel-5.14.21-150400.24.150.1
    * kernel-macros-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch nosrc)
    * kernel-docs-5.14.21-150400.24.150.1
  * SUSE Manager Proxy 4.3 (nosrc x86_64)
    * kernel-default-5.14.21-150400.24.150.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * kernel-default-debugsource-5.14.21-150400.24.150.1
    * kernel-default-devel-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-base-5.14.21-150400.24.150.1.150400.24.74.1
    * kernel-default-devel-5.14.21-150400.24.150.1
    * kernel-syms-5.14.21-150400.24.150.1
  * SUSE Manager Proxy 4.3 (noarch)
    * kernel-source-5.14.21-150400.24.150.1
    * kernel-devel-5.14.21-150400.24.150.1
    * kernel-macros-5.14.21-150400.24.150.1
  * SUSE Manager Retail Branch Server 4.3 (nosrc x86_64)
    * kernel-default-5.14.21-150400.24.150.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * kernel-default-debugsource-5.14.21-150400.24.150.1
    * kernel-default-devel-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-base-5.14.21-150400.24.150.1.150400.24.74.1
    * kernel-default-devel-5.14.21-150400.24.150.1
  * SUSE Manager Retail Branch Server 4.3 (noarch)
    * kernel-devel-5.14.21-150400.24.150.1
    * kernel-macros-5.14.21-150400.24.150.1
  * SUSE Manager Server 4.3 (nosrc ppc64le s390x x86_64)
    * kernel-default-5.14.21-150400.24.150.1
  * SUSE Manager Server 4.3 (ppc64le x86_64)
    * kernel-default-base-5.14.21-150400.24.150.1.150400.24.74.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * kernel-default-debugsource-5.14.21-150400.24.150.1
    * kernel-default-devel-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-devel-5.14.21-150400.24.150.1
    * kernel-syms-5.14.21-150400.24.150.1
  * SUSE Manager Server 4.3 (noarch)
    * kernel-source-5.14.21-150400.24.150.1
    * kernel-devel-5.14.21-150400.24.150.1
    * kernel-macros-5.14.21-150400.24.150.1
  * SUSE Manager Server 4.3 (nosrc s390x)
    * kernel-zfcpdump-5.14.21-150400.24.150.1
  * SUSE Manager Server 4.3 (s390x)
    * kernel-zfcpdump-debugsource-5.14.21-150400.24.150.1
    * kernel-zfcpdump-debuginfo-5.14.21-150400.24.150.1
  * openSUSE Leap 15.4 (noarch nosrc)
    * kernel-docs-5.14.21-150400.24.150.1
  * openSUSE Leap 15.4 (noarch)
    * kernel-source-vanilla-5.14.21-150400.24.150.1
    * kernel-source-5.14.21-150400.24.150.1
    * kernel-macros-5.14.21-150400.24.150.1
    * kernel-devel-5.14.21-150400.24.150.1
    * kernel-docs-html-5.14.21-150400.24.150.1
  * openSUSE Leap 15.4 (nosrc ppc64le x86_64)
    * kernel-debug-5.14.21-150400.24.150.1
  * openSUSE Leap 15.4 (ppc64le x86_64)
    * kernel-debug-debugsource-5.14.21-150400.24.150.1
    * kernel-debug-devel-debuginfo-5.14.21-150400.24.150.1
    * kernel-debug-debuginfo-5.14.21-150400.24.150.1
    * kernel-debug-devel-5.14.21-150400.24.150.1
  * openSUSE Leap 15.4 (aarch64 ppc64le x86_64)
    * kernel-kvmsmall-debuginfo-5.14.21-150400.24.150.1
    * kernel-kvmsmall-devel-5.14.21-150400.24.150.1
    * kernel-kvmsmall-devel-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-base-5.14.21-150400.24.150.1.150400.24.74.1
    * kernel-kvmsmall-debugsource-5.14.21-150400.24.150.1
    * kernel-default-base-rebuild-5.14.21-150400.24.150.1.150400.24.74.1
  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
    * kernel-default-extra-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-debugsource-5.14.21-150400.24.150.1
    * reiserfs-kmp-default-5.14.21-150400.24.150.1
    * kernel-default-livepatch-5.14.21-150400.24.150.1
    * dlm-kmp-default-debuginfo-5.14.21-150400.24.150.1
    * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.150.1
    * kselftests-kmp-default-debuginfo-5.14.21-150400.24.150.1
    * cluster-md-kmp-default-debuginfo-5.14.21-150400.24.150.1
    * kselftests-kmp-default-5.14.21-150400.24.150.1
    * kernel-default-optional-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-debuginfo-5.14.21-150400.24.150.1
    * kernel-syms-5.14.21-150400.24.150.1
    * gfs2-kmp-default-5.14.21-150400.24.150.1
    * ocfs2-kmp-default-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-devel-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-extra-5.14.21-150400.24.150.1
    * gfs2-kmp-default-debuginfo-5.14.21-150400.24.150.1
    * kernel-obs-qa-5.14.21-150400.24.150.1
    * kernel-obs-build-5.14.21-150400.24.150.1
    * cluster-md-kmp-default-5.14.21-150400.24.150.1
    * kernel-obs-build-debugsource-5.14.21-150400.24.150.1
    * dlm-kmp-default-5.14.21-150400.24.150.1
    * ocfs2-kmp-default-5.14.21-150400.24.150.1
    * kernel-default-devel-5.14.21-150400.24.150.1
    * kernel-default-optional-5.14.21-150400.24.150.1
  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 nosrc)
    * kernel-default-5.14.21-150400.24.150.1
  * openSUSE Leap 15.4 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP4_Update_36-debugsource-1-150400.9.3.1
    * kernel-livepatch-5_14_21-150400_24_150-default-debuginfo-1-150400.9.3.1
    * kernel-default-livepatch-devel-5.14.21-150400.24.150.1
    * kernel-livepatch-5_14_21-150400_24_150-default-1-150400.9.3.1
  * openSUSE Leap 15.4 (aarch64 nosrc ppc64le x86_64)
    * kernel-kvmsmall-5.14.21-150400.24.150.1
  * openSUSE Leap 15.4 (nosrc s390x)
    * kernel-zfcpdump-5.14.21-150400.24.150.1
  * openSUSE Leap 15.4 (s390x)
    * kernel-zfcpdump-debugsource-5.14.21-150400.24.150.1
    * kernel-zfcpdump-debuginfo-5.14.21-150400.24.150.1
  * openSUSE Leap 15.4 (nosrc)
    * dtb-aarch64-5.14.21-150400.24.150.1
  * openSUSE Leap 15.4 (aarch64)
    * gfs2-kmp-64kb-debuginfo-5.14.21-150400.24.150.1
    * dtb-altera-5.14.21-150400.24.150.1
    * dtb-nvidia-5.14.21-150400.24.150.1
    * dtb-rockchip-5.14.21-150400.24.150.1
    * kernel-64kb-devel-5.14.21-150400.24.150.1
    * dtb-cavium-5.14.21-150400.24.150.1
    * reiserfs-kmp-64kb-debuginfo-5.14.21-150400.24.150.1
    * gfs2-kmp-64kb-5.14.21-150400.24.150.1
    * dtb-apple-5.14.21-150400.24.150.1
    * ocfs2-kmp-64kb-5.14.21-150400.24.150.1
    * kselftests-kmp-64kb-5.14.21-150400.24.150.1
    * kernel-64kb-devel-debuginfo-5.14.21-150400.24.150.1
    * dtb-amd-5.14.21-150400.24.150.1
    * dtb-apm-5.14.21-150400.24.150.1
    * dtb-allwinner-5.14.21-150400.24.150.1
    * dtb-amlogic-5.14.21-150400.24.150.1
    * reiserfs-kmp-64kb-5.14.21-150400.24.150.1
    * dtb-qcom-5.14.21-150400.24.150.1
    * dtb-exynos-5.14.21-150400.24.150.1
    * dtb-freescale-5.14.21-150400.24.150.1
    * kernel-64kb-optional-debuginfo-5.14.21-150400.24.150.1
    * dtb-socionext-5.14.21-150400.24.150.1
    * dtb-marvell-5.14.21-150400.24.150.1
    * dtb-xilinx-5.14.21-150400.24.150.1
    * dtb-mediatek-5.14.21-150400.24.150.1
    * dtb-sprd-5.14.21-150400.24.150.1
    * dtb-hisilicon-5.14.21-150400.24.150.1
    * kernel-64kb-debugsource-5.14.21-150400.24.150.1
    * ocfs2-kmp-64kb-debuginfo-5.14.21-150400.24.150.1
    * dtb-renesas-5.14.21-150400.24.150.1
    * dlm-kmp-64kb-debuginfo-5.14.21-150400.24.150.1
    * kselftests-kmp-64kb-debuginfo-5.14.21-150400.24.150.1
    * dtb-amazon-5.14.21-150400.24.150.1
    * dtb-broadcom-5.14.21-150400.24.150.1
    * cluster-md-kmp-64kb-5.14.21-150400.24.150.1
    * cluster-md-kmp-64kb-debuginfo-5.14.21-150400.24.150.1
    * kernel-64kb-debuginfo-5.14.21-150400.24.150.1
    * kernel-64kb-optional-5.14.21-150400.24.150.1
    * dtb-arm-5.14.21-150400.24.150.1
    * dtb-lg-5.14.21-150400.24.150.1
    * kernel-64kb-extra-debuginfo-5.14.21-150400.24.150.1
    * dlm-kmp-64kb-5.14.21-150400.24.150.1
    * kernel-64kb-extra-5.14.21-150400.24.150.1
  * openSUSE Leap 15.4 (aarch64 nosrc)
    * kernel-64kb-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 nosrc s390x x86_64)
    * kernel-default-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 x86_64)
    * kernel-default-base-5.14.21-150400.24.150.1.150400.24.74.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * kernel-default-debugsource-5.14.21-150400.24.150.1
    * kernel-default-debuginfo-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 nosrc s390x x86_64)
    * kernel-default-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 x86_64)
    * kernel-default-base-5.14.21-150400.24.150.1.150400.24.74.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * kernel-default-debugsource-5.14.21-150400.24.150.1
    * kernel-default-debuginfo-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 nosrc s390x x86_64)
    * kernel-default-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64)
    * kernel-default-base-5.14.21-150400.24.150.1.150400.24.74.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * kernel-default-debugsource-5.14.21-150400.24.150.1
    * kernel-default-debuginfo-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 nosrc s390x x86_64)
    * kernel-default-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64)
    * kernel-default-base-5.14.21-150400.24.150.1.150400.24.74.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * kernel-default-debugsource-5.14.21-150400.24.150.1
    * kernel-default-debuginfo-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Live Patching 15-SP4 (nosrc)
    * kernel-default-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
    * kernel-default-debugsource-5.14.21-150400.24.150.1
    * kernel-livepatch-SLE15-SP4_Update_36-debugsource-1-150400.9.3.1
    * kernel-livepatch-5_14_21-150400_24_150-default-1-150400.9.3.1
    * kernel-default-livepatch-5.14.21-150400.24.150.1
    * kernel-default-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-livepatch-devel-5.14.21-150400.24.150.1
    * kernel-livepatch-5_14_21-150400_24_150-default-debuginfo-1-150400.9.3.1
  * SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le
    s390x x86_64)
    * gfs2-kmp-default-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-debugsource-5.14.21-150400.24.150.1
    * gfs2-kmp-default-5.14.21-150400.24.150.1
    * cluster-md-kmp-default-5.14.21-150400.24.150.1
    * ocfs2-kmp-default-debuginfo-5.14.21-150400.24.150.1
    * cluster-md-kmp-default-debuginfo-5.14.21-150400.24.150.1
    * dlm-kmp-default-5.14.21-150400.24.150.1
    * dlm-kmp-default-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-debuginfo-5.14.21-150400.24.150.1
    * ocfs2-kmp-default-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise High Availability Extension 15 SP4 (nosrc)
    * kernel-default-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    nosrc)
    * kernel-64kb-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64)
    * kernel-64kb-devel-5.14.21-150400.24.150.1
    * kernel-64kb-debuginfo-5.14.21-150400.24.150.1
    * kernel-64kb-debugsource-5.14.21-150400.24.150.1
    * kernel-64kb-devel-debuginfo-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 nosrc
    x86_64)
    * kernel-default-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-debugsource-5.14.21-150400.24.150.1
    * reiserfs-kmp-default-5.14.21-150400.24.150.1
    * kernel-obs-build-5.14.21-150400.24.150.1
    * kernel-obs-build-debugsource-5.14.21-150400.24.150.1
    * kernel-default-devel-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-debuginfo-5.14.21-150400.24.150.1
    * kernel-default-base-5.14.21-150400.24.150.1.150400.24.74.1
    * kernel-default-devel-5.14.21-150400.24.150.1
    * kernel-syms-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * kernel-source-5.14.21-150400.24.150.1
    * kernel-devel-5.14.21-150400.24.150.1
    * kernel-macros-5.14.21-150400.24.150.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch nosrc)
    * kernel-docs-5.14.21-150400.24.150.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-50199.html
  * https://www.suse.com/security/cve/CVE-2024-53095.html
  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://www.suse.com/security/cve/CVE-2024-53144.html
  * https://www.suse.com/security/cve/CVE-2024-53166.html
  * https://www.suse.com/security/cve/CVE-2024-53177.html
  * https://www.suse.com/security/cve/CVE-2024-54680.html
  * https://www.suse.com/security/cve/CVE-2024-56600.html
  * https://www.suse.com/security/cve/CVE-2024-56601.html
  * https://www.suse.com/security/cve/CVE-2024-56602.html
  * https://www.suse.com/security/cve/CVE-2024-56623.html
  * https://www.suse.com/security/cve/CVE-2024-56631.html
  * https://www.suse.com/security/cve/CVE-2024-56642.html
  * https://www.suse.com/security/cve/CVE-2024-56645.html
  * https://www.suse.com/security/cve/CVE-2024-56648.html
  * https://www.suse.com/security/cve/CVE-2024-56650.html
  * https://www.suse.com/security/cve/CVE-2024-56658.html
  * https://www.suse.com/security/cve/CVE-2024-56661.html
  * https://www.suse.com/security/cve/CVE-2024-56664.html
  * https://www.suse.com/security/cve/CVE-2024-56704.html
  * https://www.suse.com/security/cve/CVE-2024-56759.html
  * https://www.suse.com/security/cve/CVE-2024-57791.html
  * https://www.suse.com/security/cve/CVE-2024-57792.html
  * https://www.suse.com/security/cve/CVE-2024-57798.html
  * https://www.suse.com/security/cve/CVE-2024-57849.html
  * https://www.suse.com/security/cve/CVE-2024-57893.html
  * https://www.suse.com/security/cve/CVE-2024-57897.html
  * https://www.suse.com/security/cve/CVE-2024-8805.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1230697
  * https://bugzilla.suse.com/show_bug.cgi?id=1231847
  * https://bugzilla.suse.com/show_bug.cgi?id=1233112
  * https://bugzilla.suse.com/show_bug.cgi?id=1233642
  * https://bugzilla.suse.com/show_bug.cgi?id=1234025
  * https://bugzilla.suse.com/show_bug.cgi?id=1234690
  * https://bugzilla.suse.com/show_bug.cgi?id=1234884
  * https://bugzilla.suse.com/show_bug.cgi?id=1234896
  * https://bugzilla.suse.com/show_bug.cgi?id=1234931
  * https://bugzilla.suse.com/show_bug.cgi?id=1235134
  * https://bugzilla.suse.com/show_bug.cgi?id=1235217
  * https://bugzilla.suse.com/show_bug.cgi?id=1235230
  * https://bugzilla.suse.com/show_bug.cgi?id=1235249
  * https://bugzilla.suse.com/show_bug.cgi?id=1235430
  * https://bugzilla.suse.com/show_bug.cgi?id=1235433
  * https://bugzilla.suse.com/show_bug.cgi?id=1235441
  * https://bugzilla.suse.com/show_bug.cgi?id=1235451
  * https://bugzilla.suse.com/show_bug.cgi?id=1235466
  * https://bugzilla.suse.com/show_bug.cgi?id=1235480
  * https://bugzilla.suse.com/show_bug.cgi?id=1235521
  * https://bugzilla.suse.com/show_bug.cgi?id=1235584
  * https://bugzilla.suse.com/show_bug.cgi?id=1235645
  * https://bugzilla.suse.com/show_bug.cgi?id=1235723
  * https://bugzilla.suse.com/show_bug.cgi?id=1235759
  * https://bugzilla.suse.com/show_bug.cgi?id=1235764
  * https://bugzilla.suse.com/show_bug.cgi?id=1235814
  * https://bugzilla.suse.com/show_bug.cgi?id=1235818
  * https://bugzilla.suse.com/show_bug.cgi?id=1235920
  * https://bugzilla.suse.com/show_bug.cgi?id=1235969
  * https://bugzilla.suse.com/show_bug.cgi?id=1236628

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250218/d4235a4c/attachment.htm>

From null at suse.de  Tue Feb 18 20:30:04 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 18 Feb 2025 20:30:04 -0000
Subject: SUSE-SU-2025:0585-1: moderate: Security update for openssh
Message-ID: <173991060466.3353.6610561162122459623@smelt2.prg2.suse.org>



# Security update for openssh

Announcement ID: SUSE-SU-2025:0585-1  
Release Date: 2025-02-18T16:42:30Z  
Rating: moderate  
References:

  * bsc#1237040
  * bsc#1237041

  
Cross-References:

  * CVE-2025-26465
  * CVE-2025-26466

  
CVSS scores:

  * CVE-2025-26465 ( SUSE ):  6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
  * CVE-2025-26466 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-26466 ( SUSE ):  5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * Desktop Applications Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for openssh fixes the following issues:

  * CVE-2025-26465: Fixed MitM attack against OpenSSH's VerifyHostKeyDNS-enabled
    client (bsc#1237040).
  * CVE-2025-26466: Fixed DoS attack against OpenSSH's client and server
    (bsc#1237041).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-585=1 openSUSE-SLE-15.6-2025-585=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-585=1

  * Desktop Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-585=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * openssh-debugsource-9.6p1-150600.6.15.2
    * openssh-debuginfo-9.6p1-150600.6.15.2
    * openssh-askpass-gnome-debuginfo-9.6p1-150600.6.15.1
    * openssh-common-9.6p1-150600.6.15.2
    * openssh-9.6p1-150600.6.15.2
    * openssh-cavs-9.6p1-150600.6.15.2
    * openssh-clients-9.6p1-150600.6.15.2
    * openssh-common-debuginfo-9.6p1-150600.6.15.2
    * openssh-fips-9.6p1-150600.6.15.2
    * openssh-askpass-gnome-9.6p1-150600.6.15.1
    * openssh-helpers-debuginfo-9.6p1-150600.6.15.2
    * openssh-server-config-disallow-rootlogin-9.6p1-150600.6.15.2
    * openssh-server-9.6p1-150600.6.15.2
    * openssh-helpers-9.6p1-150600.6.15.2
    * openssh-server-debuginfo-9.6p1-150600.6.15.2
    * openssh-cavs-debuginfo-9.6p1-150600.6.15.2
    * openssh-clients-debuginfo-9.6p1-150600.6.15.2
    * openssh-askpass-gnome-debugsource-9.6p1-150600.6.15.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * openssh-debugsource-9.6p1-150600.6.15.2
    * openssh-debuginfo-9.6p1-150600.6.15.2
    * openssh-common-9.6p1-150600.6.15.2
    * openssh-9.6p1-150600.6.15.2
    * openssh-server-debuginfo-9.6p1-150600.6.15.2
    * openssh-clients-9.6p1-150600.6.15.2
    * openssh-common-debuginfo-9.6p1-150600.6.15.2
    * openssh-fips-9.6p1-150600.6.15.2
    * openssh-helpers-debuginfo-9.6p1-150600.6.15.2
    * openssh-server-config-disallow-rootlogin-9.6p1-150600.6.15.2
    * openssh-server-9.6p1-150600.6.15.2
    * openssh-helpers-9.6p1-150600.6.15.2
    * openssh-clients-debuginfo-9.6p1-150600.6.15.2
  * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * openssh-askpass-gnome-debuginfo-9.6p1-150600.6.15.1
    * openssh-askpass-gnome-9.6p1-150600.6.15.1
    * openssh-askpass-gnome-debugsource-9.6p1-150600.6.15.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-26465.html
  * https://www.suse.com/security/cve/CVE-2025-26466.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237040
  * https://bugzilla.suse.com/show_bug.cgi?id=1237041

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250218/69556a32/attachment.htm>

From null at suse.de  Wed Feb 19 08:30:21 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 19 Feb 2025 08:30:21 -0000
Subject: SUSE-SU-2025:0588-1: important: Security update for grub2
Message-ID: <173995382148.19016.6395323275726719610@smelt2.prg2.suse.org>



# Security update for grub2

Announcement ID: SUSE-SU-2025:0588-1  
Release Date: 2025-02-19T07:30:54Z  
Rating: important  
References:

  * bsc#1233606
  * bsc#1233608
  * bsc#1233609
  * bsc#1233610
  * bsc#1233612
  * bsc#1233613
  * bsc#1233614
  * bsc#1233615
  * bsc#1233616
  * bsc#1233617
  * bsc#1234958
  * bsc#1236316
  * bsc#1236317
  * bsc#1237002
  * bsc#1237006
  * bsc#1237008
  * bsc#1237009
  * bsc#1237010
  * bsc#1237011
  * bsc#1237012
  * bsc#1237013
  * bsc#1237014

  
Cross-References:

  * CVE-2024-45774
  * CVE-2024-45775
  * CVE-2024-45776
  * CVE-2024-45777
  * CVE-2024-45778
  * CVE-2024-45779
  * CVE-2024-45780
  * CVE-2024-45781
  * CVE-2024-45782
  * CVE-2024-45783
  * CVE-2024-56737
  * CVE-2025-0622
  * CVE-2025-0624
  * CVE-2025-0677
  * CVE-2025-0678
  * CVE-2025-0684
  * CVE-2025-0685
  * CVE-2025-0686
  * CVE-2025-0689
  * CVE-2025-0690
  * CVE-2025-1118
  * CVE-2025-1125

  
CVSS scores:

  * CVE-2024-45774 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45774 ( NVD ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45775 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45775 ( NVD ):  5.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H
  * CVE-2024-45776 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45776 ( NVD ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45777 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45778 ( SUSE ):  3.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L
  * CVE-2024-45779 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45780 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45781 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45781 ( NVD ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45782 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45783 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45783 ( NVD ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56737 ( SUSE ):  8.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56737 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-56737 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-0622 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0622 ( NVD ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0624 ( SUSE ):  7.6 CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
  * CVE-2025-0677 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0677 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0678 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0678 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0684 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0685 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0685 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0686 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0686 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0689 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0689 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0690 ( SUSE ):  7.3
    CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0690 ( SUSE ):  6.1 CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1118 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-1118 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
  * CVE-2025-1125 ( SUSE ):  8.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-1125 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Manager Proxy 4.3
  * SUSE Manager Proxy 4.3 Module
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3
  * SUSE Manager Server 4.3 Module

  
  
An update that solves 22 vulnerabilities can now be installed.

## Description:

This update for grub2 fixes the following issues:

  * CVE-2024-45781: Fixed strcpy overflow in ufs. (bsc#1233617)
  * CVE-2024-56737: Fixed a heap-based buffer overflow in hfs. (bsc#1234958)
  * CVE-2024-45782: Fixed strcpy overflow in hfs. (bsc#1233615)
  * CVE-2024-45780: Fixed an overflow in tar/cpio. (bsc#1233614)
  * CVE-2024-45783: Fixed a refcount overflow in hfsplus. (bsc#1233616)
  * CVE-2024-45774: Fixed a heap overflow in JPEG parser. (bsc#1233609)
  * CVE-2024-45775: Fixed a missing NULL check in extcmd parser. (bsc#1233610)
  * CVE-2024-45776: Fixed an overflow in .MO file handling. (bsc#1233612)
  * CVE-2024-45777: Fixed an integer overflow in gettext. (bsc#1233613)
  * CVE-2024-45778: Fixed bfs filesystem by removing it from lockdown capable
    modules. (bsc#1233606)
  * CVE-2024-45779: Fixed a heap overflow in bfs. (bsc#1233608)
  * CVE-2025-0624: Fixed an out-of-bounds write during the network boot process.
    (bsc#1236316)
  * CVE-2025-0622: Fixed a use-after-free when handling hooks during module
    unload in command/gpg . (bsc#1236317)
  * CVE-2025-0690: Fixed an integer overflow that may lead to an out-of-bounds
    write through the read command. (bsc#1237012)
  * CVE-2025-1118: Fixed an issue where the dump command was not being blocked
    when grub was in lockdown mode. (bsc#1237013)
  * CVE-2025-0677: Fixed an integer overflow that may lead to an out-of-bounds
    write when handling symlinks in ufs. (bsc#1237002)
  * CVE-2025-0684: Fixed an integer overflow that may lead to an out-of-bounds
    write when handling symlinks in reiserfs. (bsc#1237008)
  * CVE-2025-0685: Fixed an integer overflow that may lead to an out-of-bounds
    write when handling symlinks in jfs. (bsc#1237009)
  * CVE-2025-0686: Fixed an integer overflow that may lead to an out-of-bounds
    write when handling symlinks in romfs. (bsc#1237010)
  * CVE-2025-0689: Fixed a heap-based buffer overflow in udf that may lead to
    arbitrary code execution. (bsc#1237011)
  * CVE-2025-1125: Fixed an integer overflow that may lead to an out-of-bounds
    write in hfs. (bsc#1237014)
  * CVE-2025-0678: Fixed an integer overflow that may lead to an out-of-bounds
    write in squash4. (bsc#1237006)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-588=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-588=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-588=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-588=1

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-588=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-588=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-588=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-588=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-588=1

  * SUSE Manager Proxy 4.3 Module  
    zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.3-2025-588=1

  * SUSE Manager Server 4.3 Module  
    zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2025-588=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-588=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-588=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-588=1

## Package List:

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * grub2-debuginfo-2.06-150400.11.55.2
    * grub2-2.06-150400.11.55.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * grub2-x86_64-efi-2.06-150400.11.55.2
    * grub2-systemd-sleep-plugin-2.06-150400.11.55.2
    * grub2-powerpc-ieee1275-2.06-150400.11.55.2
    * grub2-x86_64-xen-2.06-150400.11.55.2
    * grub2-i386-pc-2.06-150400.11.55.2
    * grub2-snapper-plugin-2.06-150400.11.55.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
    * grub2-debugsource-2.06-150400.11.55.2
  * SUSE Manager Proxy 4.3 (x86_64)
    * grub2-debuginfo-2.06-150400.11.55.2
    * grub2-debugsource-2.06-150400.11.55.2
    * grub2-2.06-150400.11.55.2
  * SUSE Manager Proxy 4.3 (noarch)
    * grub2-x86_64-efi-2.06-150400.11.55.2
    * grub2-systemd-sleep-plugin-2.06-150400.11.55.2
    * grub2-x86_64-xen-2.06-150400.11.55.2
    * grub2-i386-pc-2.06-150400.11.55.2
    * grub2-snapper-plugin-2.06-150400.11.55.2
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * grub2-debuginfo-2.06-150400.11.55.2
    * grub2-debugsource-2.06-150400.11.55.2
    * grub2-2.06-150400.11.55.2
  * SUSE Manager Retail Branch Server 4.3 (noarch)
    * grub2-x86_64-efi-2.06-150400.11.55.2
    * grub2-systemd-sleep-plugin-2.06-150400.11.55.2
    * grub2-x86_64-xen-2.06-150400.11.55.2
    * grub2-i386-pc-2.06-150400.11.55.2
    * grub2-snapper-plugin-2.06-150400.11.55.2
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * grub2-debuginfo-2.06-150400.11.55.2
    * grub2-2.06-150400.11.55.2
  * SUSE Manager Server 4.3 (noarch)
    * grub2-x86_64-efi-2.06-150400.11.55.2
    * grub2-systemd-sleep-plugin-2.06-150400.11.55.2
    * grub2-powerpc-ieee1275-2.06-150400.11.55.2
    * grub2-x86_64-xen-2.06-150400.11.55.2
    * grub2-i386-pc-2.06-150400.11.55.2
    * grub2-snapper-plugin-2.06-150400.11.55.2
  * SUSE Manager Server 4.3 (s390x x86_64)
    * grub2-debugsource-2.06-150400.11.55.2
  * SUSE Manager Server 4.3 (s390x)
    * grub2-s390x-emu-2.06-150400.11.55.2
  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * grub2-debuginfo-2.06-150400.11.55.2
    * grub2-2.06-150400.11.55.2
    * grub2-branding-upstream-2.06-150400.11.55.2
  * openSUSE Leap 15.4 (aarch64 s390x x86_64 i586)
    * grub2-debugsource-2.06-150400.11.55.2
  * openSUSE Leap 15.4 (noarch)
    * grub2-i386-pc-extras-2.06-150400.11.55.2
    * grub2-powerpc-ieee1275-2.06-150400.11.55.2
    * grub2-i386-efi-extras-2.06-150400.11.55.2
    * grub2-i386-efi-2.06-150400.11.55.2
    * grub2-powerpc-ieee1275-extras-2.06-150400.11.55.2
    * grub2-x86_64-xen-extras-2.06-150400.11.55.2
    * grub2-arm64-efi-debug-2.06-150400.11.55.2
    * grub2-systemd-sleep-plugin-2.06-150400.11.55.2
    * grub2-x86_64-efi-debug-2.06-150400.11.55.2
    * grub2-i386-pc-debug-2.06-150400.11.55.2
    * grub2-snapper-plugin-2.06-150400.11.55.2
    * grub2-i386-xen-extras-2.06-150400.11.55.2
    * grub2-i386-xen-2.06-150400.11.55.2
    * grub2-arm64-efi-extras-2.06-150400.11.55.2
    * grub2-i386-efi-debug-2.06-150400.11.55.2
    * grub2-i386-pc-2.06-150400.11.55.2
    * grub2-x86_64-efi-2.06-150400.11.55.2
    * grub2-arm64-efi-2.06-150400.11.55.2
    * grub2-powerpc-ieee1275-debug-2.06-150400.11.55.2
    * grub2-x86_64-xen-2.06-150400.11.55.2
    * grub2-x86_64-efi-extras-2.06-150400.11.55.2
    * grub2-s390x-emu-extras-2.06-150400.11.55.2
  * openSUSE Leap 15.4 (s390x)
    * grub2-s390x-emu-debug-2.06-150400.11.55.2
    * grub2-s390x-emu-2.06-150400.11.55.2
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * grub2-debuginfo-2.06-150400.11.55.2
    * grub2-debugsource-2.06-150400.11.55.2
    * grub2-2.06-150400.11.55.2
  * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch)
    * grub2-x86_64-efi-2.06-150400.11.55.2
    * grub2-arm64-efi-2.06-150400.11.55.2
    * grub2-x86_64-xen-2.06-150400.11.55.2
    * grub2-i386-pc-2.06-150400.11.55.2
    * grub2-snapper-plugin-2.06-150400.11.55.2
  * SUSE Linux Enterprise Micro for Rancher 5.3 (s390x)
    * grub2-s390x-emu-2.06-150400.11.55.2
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * grub2-debuginfo-2.06-150400.11.55.2
    * grub2-debugsource-2.06-150400.11.55.2
    * grub2-2.06-150400.11.55.2
  * SUSE Linux Enterprise Micro 5.3 (noarch)
    * grub2-x86_64-efi-2.06-150400.11.55.2
    * grub2-arm64-efi-2.06-150400.11.55.2
    * grub2-x86_64-xen-2.06-150400.11.55.2
    * grub2-i386-pc-2.06-150400.11.55.2
    * grub2-snapper-plugin-2.06-150400.11.55.2
  * SUSE Linux Enterprise Micro 5.3 (s390x)
    * grub2-s390x-emu-2.06-150400.11.55.2
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * grub2-debuginfo-2.06-150400.11.55.2
    * grub2-debugsource-2.06-150400.11.55.2
    * grub2-2.06-150400.11.55.2
  * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch)
    * grub2-x86_64-efi-2.06-150400.11.55.2
    * grub2-arm64-efi-2.06-150400.11.55.2
    * grub2-x86_64-xen-2.06-150400.11.55.2
    * grub2-i386-pc-2.06-150400.11.55.2
    * grub2-snapper-plugin-2.06-150400.11.55.2
  * SUSE Linux Enterprise Micro for Rancher 5.4 (s390x)
    * grub2-s390x-emu-2.06-150400.11.55.2
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * grub2-debuginfo-2.06-150400.11.55.2
    * grub2-debugsource-2.06-150400.11.55.2
    * grub2-2.06-150400.11.55.2
  * SUSE Linux Enterprise Micro 5.4 (noarch)
    * grub2-x86_64-efi-2.06-150400.11.55.2
    * grub2-arm64-efi-2.06-150400.11.55.2
    * grub2-x86_64-xen-2.06-150400.11.55.2
    * grub2-i386-pc-2.06-150400.11.55.2
    * grub2-snapper-plugin-2.06-150400.11.55.2
  * SUSE Linux Enterprise Micro 5.4 (s390x)
    * grub2-s390x-emu-2.06-150400.11.55.2
  * SUSE Manager Proxy 4.3 Module (noarch)
    * grub2-arm64-efi-2.06-150400.11.55.2
  * SUSE Manager Server 4.3 Module (noarch)
    * grub2-powerpc-ieee1275-2.06-150400.11.55.2
    * grub2-arm64-efi-2.06-150400.11.55.2
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * grub2-debuginfo-2.06-150400.11.55.2
    * grub2-debugsource-2.06-150400.11.55.2
    * grub2-2.06-150400.11.55.2
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * grub2-x86_64-efi-2.06-150400.11.55.2
    * grub2-systemd-sleep-plugin-2.06-150400.11.55.2
    * grub2-arm64-efi-2.06-150400.11.55.2
    * grub2-x86_64-xen-2.06-150400.11.55.2
    * grub2-i386-pc-2.06-150400.11.55.2
    * grub2-snapper-plugin-2.06-150400.11.55.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * grub2-debuginfo-2.06-150400.11.55.2
    * grub2-debugsource-2.06-150400.11.55.2
    * grub2-2.06-150400.11.55.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * grub2-x86_64-efi-2.06-150400.11.55.2
    * grub2-systemd-sleep-plugin-2.06-150400.11.55.2
    * grub2-arm64-efi-2.06-150400.11.55.2
    * grub2-x86_64-xen-2.06-150400.11.55.2
    * grub2-i386-pc-2.06-150400.11.55.2
    * grub2-snapper-plugin-2.06-150400.11.55.2
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * grub2-debuginfo-2.06-150400.11.55.2
    * grub2-2.06-150400.11.55.2
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * grub2-x86_64-efi-2.06-150400.11.55.2
    * grub2-systemd-sleep-plugin-2.06-150400.11.55.2
    * grub2-powerpc-ieee1275-2.06-150400.11.55.2
    * grub2-arm64-efi-2.06-150400.11.55.2
    * grub2-x86_64-xen-2.06-150400.11.55.2
    * grub2-i386-pc-2.06-150400.11.55.2
    * grub2-snapper-plugin-2.06-150400.11.55.2
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 s390x x86_64)
    * grub2-debugsource-2.06-150400.11.55.2
  * SUSE Linux Enterprise Server 15 SP4 LTSS (s390x)
    * grub2-s390x-emu-2.06-150400.11.55.2

## References:

  * https://www.suse.com/security/cve/CVE-2024-45774.html
  * https://www.suse.com/security/cve/CVE-2024-45775.html
  * https://www.suse.com/security/cve/CVE-2024-45776.html
  * https://www.suse.com/security/cve/CVE-2024-45777.html
  * https://www.suse.com/security/cve/CVE-2024-45778.html
  * https://www.suse.com/security/cve/CVE-2024-45779.html
  * https://www.suse.com/security/cve/CVE-2024-45780.html
  * https://www.suse.com/security/cve/CVE-2024-45781.html
  * https://www.suse.com/security/cve/CVE-2024-45782.html
  * https://www.suse.com/security/cve/CVE-2024-45783.html
  * https://www.suse.com/security/cve/CVE-2024-56737.html
  * https://www.suse.com/security/cve/CVE-2025-0622.html
  * https://www.suse.com/security/cve/CVE-2025-0624.html
  * https://www.suse.com/security/cve/CVE-2025-0677.html
  * https://www.suse.com/security/cve/CVE-2025-0678.html
  * https://www.suse.com/security/cve/CVE-2025-0684.html
  * https://www.suse.com/security/cve/CVE-2025-0685.html
  * https://www.suse.com/security/cve/CVE-2025-0686.html
  * https://www.suse.com/security/cve/CVE-2025-0689.html
  * https://www.suse.com/security/cve/CVE-2025-0690.html
  * https://www.suse.com/security/cve/CVE-2025-1118.html
  * https://www.suse.com/security/cve/CVE-2025-1125.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1233606
  * https://bugzilla.suse.com/show_bug.cgi?id=1233608
  * https://bugzilla.suse.com/show_bug.cgi?id=1233609
  * https://bugzilla.suse.com/show_bug.cgi?id=1233610
  * https://bugzilla.suse.com/show_bug.cgi?id=1233612
  * https://bugzilla.suse.com/show_bug.cgi?id=1233613
  * https://bugzilla.suse.com/show_bug.cgi?id=1233614
  * https://bugzilla.suse.com/show_bug.cgi?id=1233615
  * https://bugzilla.suse.com/show_bug.cgi?id=1233616
  * https://bugzilla.suse.com/show_bug.cgi?id=1233617
  * https://bugzilla.suse.com/show_bug.cgi?id=1234958
  * https://bugzilla.suse.com/show_bug.cgi?id=1236316
  * https://bugzilla.suse.com/show_bug.cgi?id=1236317
  * https://bugzilla.suse.com/show_bug.cgi?id=1237002
  * https://bugzilla.suse.com/show_bug.cgi?id=1237006
  * https://bugzilla.suse.com/show_bug.cgi?id=1237008
  * https://bugzilla.suse.com/show_bug.cgi?id=1237009
  * https://bugzilla.suse.com/show_bug.cgi?id=1237010
  * https://bugzilla.suse.com/show_bug.cgi?id=1237011
  * https://bugzilla.suse.com/show_bug.cgi?id=1237012
  * https://bugzilla.suse.com/show_bug.cgi?id=1237013
  * https://bugzilla.suse.com/show_bug.cgi?id=1237014

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250219/f59ab9cb/attachment.htm>

From null at suse.de  Wed Feb 19 08:30:43 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 19 Feb 2025 08:30:43 -0000
Subject: SUSE-SU-2025:0587-1: important: Security update for grub2
Message-ID: <173995384320.19016.8213608280379398775@smelt2.prg2.suse.org>



# Security update for grub2

Announcement ID: SUSE-SU-2025:0587-1  
Release Date: 2025-02-19T07:29:36Z  
Rating: important  
References:

  * bsc#1233606
  * bsc#1233608
  * bsc#1233609
  * bsc#1233610
  * bsc#1233612
  * bsc#1233613
  * bsc#1233614
  * bsc#1233615
  * bsc#1233616
  * bsc#1233617
  * bsc#1234958
  * bsc#1236316
  * bsc#1236317
  * bsc#1237002
  * bsc#1237006
  * bsc#1237008
  * bsc#1237009
  * bsc#1237010
  * bsc#1237011
  * bsc#1237012
  * bsc#1237013
  * bsc#1237014

  
Cross-References:

  * CVE-2024-45774
  * CVE-2024-45775
  * CVE-2024-45776
  * CVE-2024-45777
  * CVE-2024-45778
  * CVE-2024-45779
  * CVE-2024-45780
  * CVE-2024-45781
  * CVE-2024-45782
  * CVE-2024-45783
  * CVE-2024-56737
  * CVE-2025-0622
  * CVE-2025-0624
  * CVE-2025-0677
  * CVE-2025-0678
  * CVE-2025-0684
  * CVE-2025-0685
  * CVE-2025-0686
  * CVE-2025-0689
  * CVE-2025-0690
  * CVE-2025-1118
  * CVE-2025-1125

  
CVSS scores:

  * CVE-2024-45774 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45774 ( NVD ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45775 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45775 ( NVD ):  5.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H
  * CVE-2024-45776 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45776 ( NVD ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45777 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45778 ( SUSE ):  3.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L
  * CVE-2024-45779 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45780 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45781 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45781 ( NVD ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45782 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45783 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45783 ( NVD ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56737 ( SUSE ):  8.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56737 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-56737 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-0622 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0622 ( NVD ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0624 ( SUSE ):  7.6 CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
  * CVE-2025-0677 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0677 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0678 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0678 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0684 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0685 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0685 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0686 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0686 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0689 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0689 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0690 ( SUSE ):  7.3
    CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0690 ( SUSE ):  6.1 CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1118 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-1118 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
  * CVE-2025-1125 ( SUSE ):  8.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-1125 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.5
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5

  
  
An update that solves 22 vulnerabilities can now be installed.

## Description:

This update for grub2 fixes the following issues:

  * CVE-2024-45781: Fixed strcpy overflow in ufs. (bsc#1233617)
  * CVE-2024-56737: Fixed a heap-based buffer overflow in hfs. (bsc#1234958)
  * CVE-2024-45782: Fixed strcpy overflow in hfs. (bsc#1233615)
  * CVE-2024-45780: Fixed an overflow in tar/cpio. (bsc#1233614)
  * CVE-2024-45783: Fixed a refcount overflow in hfsplus. (bsc#1233616)
  * CVE-2024-45774: Fixed a heap overflow in JPEG parser. (bsc#1233609)
  * CVE-2024-45775: Fixed a missing NULL check in extcmd parser. (bsc#1233610)
  * CVE-2024-45776: Fixed an overflow in .MO file handling. (bsc#1233612)
  * CVE-2024-45777: Fixed an integer overflow in gettext. (bsc#1233613)
  * CVE-2024-45778: Fixed bfs filesystem by removing it from lockdown capable
    modules. (bsc#1233606)
  * CVE-2024-45779: Fixed a heap overflow in bfs. (bsc#1233608)
  * CVE-2025-0624: Fixed an out-of-bounds write during the network boot process.
    (bsc#1236316)
  * CVE-2025-0622: Fixed a use-after-free when handling hooks during module
    unload in command/gpg . (bsc#1236317)
  * CVE-2025-0690: Fixed an integer overflow that may lead to an out-of-bounds
    write through the read command. (bsc#1237012)
  * CVE-2025-1118: Fixed an issue where the dump command was not being blocked
    when grub was in lockdown mode. (bsc#1237013)
  * CVE-2025-0677: Fixed an integer overflow that may lead to an out-of-bounds
    write when handling symlinks in ufs. (bsc#1237002)
  * CVE-2025-0684: Fixed an integer overflow that may lead to an out-of-bounds
    write when handling symlinks in reiserfs. (bsc#1237008)
  * CVE-2025-0685: Fixed an integer overflow that may lead to an out-of-bounds
    write when handling symlinks in jfs. (bsc#1237009)
  * CVE-2025-0686: Fixed an integer overflow that may lead to an out-of-bounds
    write when handling symlinks in romfs. (bsc#1237010)
  * CVE-2025-0689: Fixed a heap-based buffer overflow in udf that may lead to
    arbitrary code execution. (bsc#1237011)
  * CVE-2025-1125: Fixed an integer overflow that may lead to an out-of-bounds
    write in hfs. (bsc#1237014)
  * CVE-2025-0678: Fixed an integer overflow that may lead to an out-of-bounds
    write in squash4. (bsc#1237006)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-587=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-587=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-587=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-587=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-587=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-587=1

## Package List:

  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
    * grub2-debuginfo-2.06-150500.29.43.2
    * grub2-2.06-150500.29.43.2
    * grub2-branding-upstream-2.06-150500.29.43.2
  * openSUSE Leap 15.5 (aarch64 s390x x86_64 i586)
    * grub2-debugsource-2.06-150500.29.43.2
  * openSUSE Leap 15.5 (noarch)
    * grub2-i386-efi-extras-2.06-150500.29.43.2
    * grub2-arm64-efi-2.06-150500.29.43.2
    * grub2-i386-xen-extras-2.06-150500.29.43.2
    * grub2-systemd-sleep-plugin-2.06-150500.29.43.2
    * grub2-powerpc-ieee1275-2.06-150500.29.43.2
    * grub2-arm64-efi-debug-2.06-150500.29.43.2
    * grub2-x86_64-efi-extras-2.06-150500.29.43.2
    * grub2-s390x-emu-extras-2.06-150500.29.43.2
    * grub2-i386-pc-2.06-150500.29.43.2
    * grub2-i386-xen-2.06-150500.29.43.2
    * grub2-powerpc-ieee1275-extras-2.06-150500.29.43.2
    * grub2-x86_64-xen-2.06-150500.29.43.2
    * grub2-i386-xen-debug-2.06-150500.29.43.2
    * grub2-x86_64-xen-extras-2.06-150500.29.43.2
    * grub2-x86_64-xen-debug-2.06-150500.29.43.2
    * grub2-i386-efi-debug-2.06-150500.29.43.2
    * grub2-powerpc-ieee1275-debug-2.06-150500.29.43.2
    * grub2-i386-pc-debug-2.06-150500.29.43.2
    * grub2-i386-efi-2.06-150500.29.43.2
    * grub2-arm64-efi-extras-2.06-150500.29.43.2
    * grub2-snapper-plugin-2.06-150500.29.43.2
    * grub2-x86_64-efi-debug-2.06-150500.29.43.2
    * grub2-i386-pc-extras-2.06-150500.29.43.2
    * grub2-x86_64-efi-2.06-150500.29.43.2
  * openSUSE Leap 15.5 (s390x)
    * grub2-s390x-emu-debug-2.06-150500.29.43.2
    * grub2-s390x-emu-2.06-150500.29.43.2
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * grub2-debuginfo-2.06-150500.29.43.2
    * grub2-2.06-150500.29.43.2
  * SUSE Linux Enterprise Micro 5.5 (noarch)
    * grub2-snapper-plugin-2.06-150500.29.43.2
    * grub2-i386-pc-2.06-150500.29.43.2
    * grub2-arm64-efi-2.06-150500.29.43.2
    * grub2-powerpc-ieee1275-2.06-150500.29.43.2
    * grub2-x86_64-xen-2.06-150500.29.43.2
    * grub2-x86_64-efi-2.06-150500.29.43.2
  * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64)
    * grub2-debugsource-2.06-150500.29.43.2
  * SUSE Linux Enterprise Micro 5.5 (s390x)
    * grub2-s390x-emu-2.06-150500.29.43.2
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * grub2-debuginfo-2.06-150500.29.43.2
    * grub2-2.06-150500.29.43.2
    * grub2-debugsource-2.06-150500.29.43.2
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * grub2-snapper-plugin-2.06-150500.29.43.2
    * grub2-i386-pc-2.06-150500.29.43.2
    * grub2-arm64-efi-2.06-150500.29.43.2
    * grub2-systemd-sleep-plugin-2.06-150500.29.43.2
    * grub2-x86_64-xen-2.06-150500.29.43.2
    * grub2-x86_64-efi-2.06-150500.29.43.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * grub2-debuginfo-2.06-150500.29.43.2
    * grub2-2.06-150500.29.43.2
    * grub2-debugsource-2.06-150500.29.43.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * grub2-snapper-plugin-2.06-150500.29.43.2
    * grub2-i386-pc-2.06-150500.29.43.2
    * grub2-arm64-efi-2.06-150500.29.43.2
    * grub2-systemd-sleep-plugin-2.06-150500.29.43.2
    * grub2-x86_64-xen-2.06-150500.29.43.2
    * grub2-x86_64-efi-2.06-150500.29.43.2
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * grub2-debuginfo-2.06-150500.29.43.2
    * grub2-2.06-150500.29.43.2
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * grub2-snapper-plugin-2.06-150500.29.43.2
    * grub2-i386-pc-2.06-150500.29.43.2
    * grub2-arm64-efi-2.06-150500.29.43.2
    * grub2-systemd-sleep-plugin-2.06-150500.29.43.2
    * grub2-powerpc-ieee1275-2.06-150500.29.43.2
    * grub2-x86_64-xen-2.06-150500.29.43.2
    * grub2-x86_64-efi-2.06-150500.29.43.2
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 s390x x86_64)
    * grub2-debugsource-2.06-150500.29.43.2
  * SUSE Linux Enterprise Server 15 SP5 LTSS (s390x)
    * grub2-s390x-emu-2.06-150500.29.43.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * grub2-debuginfo-2.06-150500.29.43.2
    * grub2-2.06-150500.29.43.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * grub2-snapper-plugin-2.06-150500.29.43.2
    * grub2-i386-pc-2.06-150500.29.43.2
    * grub2-systemd-sleep-plugin-2.06-150500.29.43.2
    * grub2-powerpc-ieee1275-2.06-150500.29.43.2
    * grub2-x86_64-xen-2.06-150500.29.43.2
    * grub2-x86_64-efi-2.06-150500.29.43.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64)
    * grub2-debugsource-2.06-150500.29.43.2

## References:

  * https://www.suse.com/security/cve/CVE-2024-45774.html
  * https://www.suse.com/security/cve/CVE-2024-45775.html
  * https://www.suse.com/security/cve/CVE-2024-45776.html
  * https://www.suse.com/security/cve/CVE-2024-45777.html
  * https://www.suse.com/security/cve/CVE-2024-45778.html
  * https://www.suse.com/security/cve/CVE-2024-45779.html
  * https://www.suse.com/security/cve/CVE-2024-45780.html
  * https://www.suse.com/security/cve/CVE-2024-45781.html
  * https://www.suse.com/security/cve/CVE-2024-45782.html
  * https://www.suse.com/security/cve/CVE-2024-45783.html
  * https://www.suse.com/security/cve/CVE-2024-56737.html
  * https://www.suse.com/security/cve/CVE-2025-0622.html
  * https://www.suse.com/security/cve/CVE-2025-0624.html
  * https://www.suse.com/security/cve/CVE-2025-0677.html
  * https://www.suse.com/security/cve/CVE-2025-0678.html
  * https://www.suse.com/security/cve/CVE-2025-0684.html
  * https://www.suse.com/security/cve/CVE-2025-0685.html
  * https://www.suse.com/security/cve/CVE-2025-0686.html
  * https://www.suse.com/security/cve/CVE-2025-0689.html
  * https://www.suse.com/security/cve/CVE-2025-0690.html
  * https://www.suse.com/security/cve/CVE-2025-1118.html
  * https://www.suse.com/security/cve/CVE-2025-1125.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1233606
  * https://bugzilla.suse.com/show_bug.cgi?id=1233608
  * https://bugzilla.suse.com/show_bug.cgi?id=1233609
  * https://bugzilla.suse.com/show_bug.cgi?id=1233610
  * https://bugzilla.suse.com/show_bug.cgi?id=1233612
  * https://bugzilla.suse.com/show_bug.cgi?id=1233613
  * https://bugzilla.suse.com/show_bug.cgi?id=1233614
  * https://bugzilla.suse.com/show_bug.cgi?id=1233615
  * https://bugzilla.suse.com/show_bug.cgi?id=1233616
  * https://bugzilla.suse.com/show_bug.cgi?id=1233617
  * https://bugzilla.suse.com/show_bug.cgi?id=1234958
  * https://bugzilla.suse.com/show_bug.cgi?id=1236316
  * https://bugzilla.suse.com/show_bug.cgi?id=1236317
  * https://bugzilla.suse.com/show_bug.cgi?id=1237002
  * https://bugzilla.suse.com/show_bug.cgi?id=1237006
  * https://bugzilla.suse.com/show_bug.cgi?id=1237008
  * https://bugzilla.suse.com/show_bug.cgi?id=1237009
  * https://bugzilla.suse.com/show_bug.cgi?id=1237010
  * https://bugzilla.suse.com/show_bug.cgi?id=1237011
  * https://bugzilla.suse.com/show_bug.cgi?id=1237012
  * https://bugzilla.suse.com/show_bug.cgi?id=1237013
  * https://bugzilla.suse.com/show_bug.cgi?id=1237014

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250219/07a1e9fe/attachment.htm>

From null at suse.de  Wed Feb 19 08:31:02 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 19 Feb 2025 08:31:02 -0000
Subject: SUSE-SU-2025:0586-1: important: Security update for grub2
Message-ID: <173995386292.19016.15562988037944576300@smelt2.prg2.suse.org>



# Security update for grub2

Announcement ID: SUSE-SU-2025:0586-1  
Release Date: 2025-02-19T07:29:02Z  
Rating: important  
References:

  * bsc#1229163
  * bsc#1229164
  * bsc#1233606
  * bsc#1233608
  * bsc#1233609
  * bsc#1233610
  * bsc#1233612
  * bsc#1233613
  * bsc#1233614
  * bsc#1233615
  * bsc#1233616
  * bsc#1233617
  * bsc#1234958
  * bsc#1236316
  * bsc#1236317
  * bsc#1237002
  * bsc#1237006
  * bsc#1237008
  * bsc#1237009
  * bsc#1237010
  * bsc#1237011
  * bsc#1237012
  * bsc#1237013
  * bsc#1237014

  
Cross-References:

  * CVE-2024-45774
  * CVE-2024-45775
  * CVE-2024-45776
  * CVE-2024-45777
  * CVE-2024-45778
  * CVE-2024-45779
  * CVE-2024-45780
  * CVE-2024-45781
  * CVE-2024-45782
  * CVE-2024-45783
  * CVE-2024-49504
  * CVE-2024-56737
  * CVE-2025-0622
  * CVE-2025-0624
  * CVE-2025-0677
  * CVE-2025-0678
  * CVE-2025-0684
  * CVE-2025-0685
  * CVE-2025-0686
  * CVE-2025-0689
  * CVE-2025-0690
  * CVE-2025-1118
  * CVE-2025-1125

  
CVSS scores:

  * CVE-2024-45774 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45774 ( NVD ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45775 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45775 ( NVD ):  5.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H
  * CVE-2024-45776 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45776 ( NVD ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45777 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45778 ( SUSE ):  3.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L
  * CVE-2024-45779 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45780 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45781 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45781 ( NVD ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45782 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45783 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45783 ( NVD ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49504 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-49504 ( SUSE ):  6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-49504 ( NVD ):  7.0
    CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2024-56737 ( SUSE ):  8.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56737 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-56737 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-0622 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0622 ( NVD ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0624 ( SUSE ):  7.6 CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
  * CVE-2025-0677 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0677 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0678 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0678 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0684 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0685 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0685 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0686 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0686 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0689 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0689 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0690 ( SUSE ):  7.3
    CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0690 ( SUSE ):  6.1 CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1118 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-1118 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
  * CVE-2025-1125 ( SUSE ):  8.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-1125 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * Server Applications Module 15-SP6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves 23 vulnerabilities and has one security fix can now be
installed.

## Description:

This update for grub2 fixes the following issues:

  * CVE-2024-45781: Fixed strcpy overflow in ufs. (bsc#1233617)
  * CVE-2024-56737: Fixed a heap-based buffer overflow in hfs. (bsc#1234958)
  * CVE-2024-45782: Fixed strcpy overflow in hfs. (bsc#1233615)
  * CVE-2024-45780: Fixed an overflow in tar/cpio. (bsc#1233614)
  * CVE-2024-45783: Fixed a refcount overflow in hfsplus. (bsc#1233616)
  * CVE-2024-45774: Fixed a heap overflow in JPEG parser. (bsc#1233609)
  * CVE-2024-45775: Fixed a missing NULL check in extcmd parser. (bsc#1233610)
  * CVE-2024-45776: Fixed an overflow in .MO file handling. (bsc#1233612)
  * CVE-2024-45777: Fixed an integer overflow in gettext. (bsc#1233613)
  * CVE-2024-45778: Fixed bfs filesystem by removing it from lockdown capable
    modules. (bsc#1233606)
  * CVE-2024-45779: Fixed a heap overflow in bfs. (bsc#1233608)
  * CVE-2024-49504: Fixed an issue that can bypass TPM-bound disk encryption on
    SL(E)M encrypted Images. (bsc#1229164)
  * CVE-2025-0624: Fixed an out-of-bounds write during the network boot process.
    (bsc#1236316)
  * CVE-2025-0622: Fixed a use-after-free when handling hooks during module
    unload in command/gpg . (bsc#1236317)
  * CVE-2025-0690: Fixed an integer overflow that may lead to an out-of-bounds
    write through the read command. (bsc#1237012)
  * CVE-2025-1118: Fixed an issue where the dump command was not being blocked
    when grub was in lockdown mode. (bsc#1237013)
  * CVE-2025-0677: Fixed an integer overflow that may lead to an out-of-bounds
    write when handling symlinks in ufs. (bsc#1237002)
  * CVE-2025-0684: Fixed an integer overflow that may lead to an out-of-bounds
    write when handling symlinks in reiserfs. (bsc#1237008)
  * CVE-2025-0685: Fixed an integer overflow that may lead to an out-of-bounds
    write when handling symlinks in jfs. (bsc#1237009)
  * CVE-2025-0686: Fixed an integer overflow that may lead to an out-of-bounds
    write when handling symlinks in romfs. (bsc#1237010)
  * CVE-2025-0689: Fixed a heap-based buffer overflow in udf that may lead to
    arbitrary code execution. (bsc#1237011)
  * CVE-2025-1125: Fixed an integer overflow that may lead to an out-of-bounds
    write in hfs. (bsc#1237014)
  * CVE-2025-0678: Fixed an integer overflow that may lead to an out-of-bounds
    write in squash4. (bsc#1237006)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-586=1

  * Server Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-586=1

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-586=1 openSUSE-SLE-15.6-2025-586=1

## Package List:

  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * grub2-debuginfo-2.12-150600.8.18.2
    * grub2-2.12-150600.8.18.2
  * Basesystem Module 15-SP6 (noarch)
    * grub2-powerpc-ieee1275-2.12-150600.8.18.2
    * grub2-systemd-sleep-plugin-2.12-150600.8.18.2
    * grub2-x86_64-efi-2.12-150600.8.18.2
    * grub2-snapper-plugin-2.12-150600.8.18.2
    * grub2-i386-pc-2.12-150600.8.18.2
    * grub2-arm64-efi-2.12-150600.8.18.2
  * Basesystem Module 15-SP6 (aarch64 s390x x86_64)
    * grub2-debugsource-2.12-150600.8.18.2
  * Basesystem Module 15-SP6 (s390x)
    * grub2-s390x-emu-2.12-150600.8.18.2
  * Server Applications Module 15-SP6 (noarch)
    * grub2-x86_64-xen-2.12-150600.8.18.2
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * grub2-branding-upstream-2.12-150600.8.18.2
    * grub2-debuginfo-2.12-150600.8.18.2
    * grub2-2.12-150600.8.18.2
  * openSUSE Leap 15.6 (aarch64 s390x x86_64 i586)
    * grub2-debugsource-2.12-150600.8.18.2
  * openSUSE Leap 15.6 (noarch)
    * grub2-powerpc-ieee1275-2.12-150600.8.18.2
    * grub2-x86_64-efi-extras-2.12-150600.8.18.2
    * grub2-i386-pc-extras-2.12-150600.8.18.2
    * grub2-x86_64-xen-debug-2.12-150600.8.18.2
    * grub2-i386-efi-extras-2.12-150600.8.18.2
    * grub2-arm64-efi-2.12-150600.8.18.2
    * grub2-i386-pc-debug-2.12-150600.8.18.2
    * grub2-x86_64-xen-2.12-150600.8.18.2
    * grub2-i386-efi-debug-2.12-150600.8.18.2
    * grub2-snapper-plugin-2.12-150600.8.18.2
    * grub2-s390x-emu-extras-2.12-150600.8.18.2
    * grub2-i386-xen-debug-2.12-150600.8.18.2
    * grub2-powerpc-ieee1275-debug-2.12-150600.8.18.2
    * grub2-systemd-sleep-plugin-2.12-150600.8.18.2
    * grub2-i386-pc-2.12-150600.8.18.2
    * grub2-arm64-efi-debug-2.12-150600.8.18.2
    * grub2-i386-xen-2.12-150600.8.18.2
    * grub2-arm64-efi-extras-2.12-150600.8.18.2
    * grub2-x86_64-efi-debug-2.12-150600.8.18.2
    * grub2-x86_64-xen-extras-2.12-150600.8.18.2
    * grub2-powerpc-ieee1275-extras-2.12-150600.8.18.2
    * grub2-x86_64-efi-2.12-150600.8.18.2
    * grub2-i386-efi-2.12-150600.8.18.2
    * grub2-i386-xen-extras-2.12-150600.8.18.2
  * openSUSE Leap 15.6 (s390x)
    * grub2-s390x-emu-debug-2.12-150600.8.18.2
    * grub2-s390x-emu-2.12-150600.8.18.2

## References:

  * https://www.suse.com/security/cve/CVE-2024-45774.html
  * https://www.suse.com/security/cve/CVE-2024-45775.html
  * https://www.suse.com/security/cve/CVE-2024-45776.html
  * https://www.suse.com/security/cve/CVE-2024-45777.html
  * https://www.suse.com/security/cve/CVE-2024-45778.html
  * https://www.suse.com/security/cve/CVE-2024-45779.html
  * https://www.suse.com/security/cve/CVE-2024-45780.html
  * https://www.suse.com/security/cve/CVE-2024-45781.html
  * https://www.suse.com/security/cve/CVE-2024-45782.html
  * https://www.suse.com/security/cve/CVE-2024-45783.html
  * https://www.suse.com/security/cve/CVE-2024-49504.html
  * https://www.suse.com/security/cve/CVE-2024-56737.html
  * https://www.suse.com/security/cve/CVE-2025-0622.html
  * https://www.suse.com/security/cve/CVE-2025-0624.html
  * https://www.suse.com/security/cve/CVE-2025-0677.html
  * https://www.suse.com/security/cve/CVE-2025-0678.html
  * https://www.suse.com/security/cve/CVE-2025-0684.html
  * https://www.suse.com/security/cve/CVE-2025-0685.html
  * https://www.suse.com/security/cve/CVE-2025-0686.html
  * https://www.suse.com/security/cve/CVE-2025-0689.html
  * https://www.suse.com/security/cve/CVE-2025-0690.html
  * https://www.suse.com/security/cve/CVE-2025-1118.html
  * https://www.suse.com/security/cve/CVE-2025-1125.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1229163
  * https://bugzilla.suse.com/show_bug.cgi?id=1229164
  * https://bugzilla.suse.com/show_bug.cgi?id=1233606
  * https://bugzilla.suse.com/show_bug.cgi?id=1233608
  * https://bugzilla.suse.com/show_bug.cgi?id=1233609
  * https://bugzilla.suse.com/show_bug.cgi?id=1233610
  * https://bugzilla.suse.com/show_bug.cgi?id=1233612
  * https://bugzilla.suse.com/show_bug.cgi?id=1233613
  * https://bugzilla.suse.com/show_bug.cgi?id=1233614
  * https://bugzilla.suse.com/show_bug.cgi?id=1233615
  * https://bugzilla.suse.com/show_bug.cgi?id=1233616
  * https://bugzilla.suse.com/show_bug.cgi?id=1233617
  * https://bugzilla.suse.com/show_bug.cgi?id=1234958
  * https://bugzilla.suse.com/show_bug.cgi?id=1236316
  * https://bugzilla.suse.com/show_bug.cgi?id=1236317
  * https://bugzilla.suse.com/show_bug.cgi?id=1237002
  * https://bugzilla.suse.com/show_bug.cgi?id=1237006
  * https://bugzilla.suse.com/show_bug.cgi?id=1237008
  * https://bugzilla.suse.com/show_bug.cgi?id=1237009
  * https://bugzilla.suse.com/show_bug.cgi?id=1237010
  * https://bugzilla.suse.com/show_bug.cgi?id=1237011
  * https://bugzilla.suse.com/show_bug.cgi?id=1237012
  * https://bugzilla.suse.com/show_bug.cgi?id=1237013
  * https://bugzilla.suse.com/show_bug.cgi?id=1237014

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250219/50ac8769/attachment.htm>

From null at suse.de  Wed Feb 19 12:30:05 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 19 Feb 2025 12:30:05 -0000
Subject: SUSE-SU-2025:0591-1: moderate: Security update for ucode-intel
Message-ID: <173996820544.27275.4573658268782297183@smelt2.prg2.suse.org>



# Security update for ucode-intel

Announcement ID: SUSE-SU-2025:0591-1  
Release Date: 2025-02-19T10:35:47Z  
Rating: moderate  
References:

  * bsc#1237096

  
Cross-References:

  * CVE-2024-31068
  * CVE-2024-36293
  * CVE-2024-37020
  * CVE-2024-39355

  
CVSS scores:

  * CVE-2024-31068 ( SUSE ):  5.6
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-31068 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H
  * CVE-2024-31068 ( NVD ):  5.6
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2024-31068 ( NVD ):  5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H
  * CVE-2024-36293 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-36293 ( SUSE ):  6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
  * CVE-2024-36293 ( NVD ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2024-36293 ( NVD ):  6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
  * CVE-2024-37020 ( SUSE ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-37020 ( SUSE ):  3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L
  * CVE-2024-37020 ( NVD ):  4.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2024-37020 ( NVD ):  3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L
  * CVE-2024-37020 ( NVD ):  3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L
  * CVE-2024-39355 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-39355 ( SUSE ):  6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
  * CVE-2024-39355 ( NVD ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2024-39355 ( NVD ):  6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Micro for Rancher 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves four vulnerabilities can now be installed.

## Description:

This update for ucode-intel fixes the following issues:

  * Intel CPU Microcode was updated to the 20250211 release (bsc#1237096)

  * CVE-2024-31068: Improper Finite State Machines (FSMs) in Hardware Logic for
    some Intel Processors may allow privileged user to potentially enable denial
    of service via local access.

  * CVE-2024-36293: A potential security vulnerability in some Intel Software
    Guard Extensions (Intel SGX) Platforms may allow denial of service. Intel is
    releasing microcode updates to mitigate this potential vulnerability.
  * CVE-2024-39355: A potential security vulnerability in some 13th and 14th
    Generation Intel Core Processors may allow denial of service. Intel is
    releasing microcode and UEFI reference code updates to mitigate this
    potential vulnerability.
  * CVE-2024-37020: A potential security vulnerability in the Intel Data
    Streaming Accelerator (Intel DSA) for some Intel Xeon Processors may allow
    denial of service. Intel is releasing software updates to mitigate this
    potential vulnerability.

  * New Platforms | Processor | Stepping | F-M-S/PI | Old Ver | New Ver |
    Products
    |:---------------|:---------|:------------|:---------|:---------|:---------
    | SRF-SP | C0 | 06-af-03/01 | | 03000330 | Xeon 6700-Series Processors with
    E-Cores ### Updated Platforms | Processor | Stepping | F-M-S/PI | Old Ver |
    New Ver | Products
    |:---------------|:---------|:------------|:---------|:---------|:---------
    | ADL | C0 | 06-97-02/07 | 00000037 | 00000038 | Core Gen12 | ADL | H0 |
    06-97-05/07 | 00000037 | 00000038 | Core Gen12 | ADL | L0 | 06-9a-03/80 |
    00000435 | 00000436 | Core Gen12 | ADL | R0 | 06-9a-04/80 | 00000435 |
    00000436 | Core Gen12 | ADL-N | N0 | 06-be-00/19 | 0000001a | 0000001c |
    Core i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E | AZB |
    A0/R0 | 06-9a-04/40 | 00000007 | 00000009 | Intel(R) Atom(R) C1100 | CFL-H |
    R0 | 06-9e-0d/22 | 00000100 | 00000102 | Core Gen9 Mobile | CFL-H/S/E3 | U0
    | 06-9e-0a/22 | 000000f8 | 000000fa | Core Gen8 Desktop, Mobile, Xeon E |
    EMR-SP | A0 | 06-cf-01/87 | 21000283 | 21000291 | Xeon Scalable Gen5 | EMR-
    SP | A1 | 06-cf-02/87 | 21000283 | 21000291 | Xeon Scalable Gen5 | ICL-D |
    B0 | 06-6c-01/10 | 010002b0 | 010002c0 | Xeon D-17xx, D-27xx | ICX-SP |
    Dx/M1 | 06-6a-06/87 | 0d0003e7 | 0d0003f5 | Xeon Scalable Gen3 | RPL-E/HX/S
    | B0 | 06-b7-01/32 | 0000012b | 0000012c | Core Gen13/Gen14 | RPL-H/P/PX 6+8
    | J0 | 06-ba-02/e0 | 00004123 | 00004124 | Core Gen13 | RPL-HX/S | C0 |
    06-bf-02/07 | 00000037 | 00000038 | Core Gen13/Gen14 | RPL-U 2+8 | Q0 |
    06-ba-03/e0 | 00004123 | 00004124 | Core Gen13 | RPL-S | H0 | 06-bf-05/07 |
    00000037 | 00000038 | Core Gen13/Gen14 | RKL-S | B0 | 06-a7-01/02 | 00000062
    | 00000063 | Core Gen11 | SPR-HBM | Bx | 06-8f-08/10 | 2c000390 | 2c0003e0 |
    Xeon Max | SPR-SP | E4/S2 | 06-8f-07/87 | 2b000603 | 2b000620 | Xeon
    Scalable Gen4 | SPR-SP | E5/S3 | 06-8f-08/87 | 2b000603 | 2b000620 | Xeon
    Scalable Gen4 | TWL | N0 | 06-be-00/19 | 0000001a | 0000001c | Core
    i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E ### New
    Disclosures Updated in Prior Releases | Processor | Stepping | F-M-S/PI |
    Old Ver | New Ver | Products
    |:---------------|:---------|:------------|:---------|:---------|:---------
    | CFL-H/S | P0 | 06-9e-0c/22 | 000000f6 | 000000f8 | Core Gen9

## Special Instructions and Notes:

  * Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-591=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-591=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-591=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-591=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-591=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-591=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-591=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-591=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-591=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-591=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-591=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-591=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-591=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-591=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-591=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-591=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-591=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-591=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-591=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-591=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-591=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-591=1

  * SUSE Linux Enterprise Micro 5.1  
    zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-591=1

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-591=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-591=1

## Package List:

  * openSUSE Leap 15.6 (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Linux Enterprise Micro 5.3 (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Linux Enterprise Micro 5.4 (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Linux Enterprise Micro 5.5 (x86_64)
    * ucode-intel-20250211-150200.53.1
  * Basesystem Module 15-SP6 (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Manager Server 4.3 (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Enterprise Storage 7.1 (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Linux Enterprise Micro 5.1 (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Linux Enterprise Micro 5.2 (x86_64)
    * ucode-intel-20250211-150200.53.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64)
    * ucode-intel-20250211-150200.53.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-31068.html
  * https://www.suse.com/security/cve/CVE-2024-36293.html
  * https://www.suse.com/security/cve/CVE-2024-37020.html
  * https://www.suse.com/security/cve/CVE-2024-39355.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237096

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250219/e3c253c3/attachment.htm>

From null at suse.de  Wed Feb 19 12:30:10 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 19 Feb 2025 12:30:10 -0000
Subject: SUSE-SU-2025:0590-1: important: Security update for netty,
 netty-tcnative
Message-ID: <173996821056.27275.16997991521239740860@smelt2.prg2.suse.org>



# Security update for netty, netty-tcnative

Announcement ID: SUSE-SU-2025:0590-1  
Release Date: 2025-02-19T10:34:42Z  
Rating: important  
References:

  * bsc#1237037
  * bsc#1237038

  
Cross-References:

  * CVE-2025-24970
  * CVE-2025-25193

  
CVSS scores:

  * CVE-2025-24970 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-24970 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-25193 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2025-25193 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * Development Tools Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Package Hub 15 15-SP6

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for netty, netty-tcnative fixes the following issues:

  * CVE-2025-24970: incorrect validation of packets by SslHandler can lead to a
    native crash. (bsc#1237037)
  * CVE-2025-25193: unsafe reading of environment files can lead to an
    application crash. (bsc#1237038)

Update to netty version 4.1.118 and netty-tcnative version 2.0.70 Final.

Other fixes:

  * Fix recycling in CodecOutputList.
  * StreamBufferingEncoder: do not send header frame with priority by default.
  * Notify event loop termination future of unexpected exceptions.
  * Fix AccessControlException in GlobalEventExecutor.
  * AdaptivePoolingAllocator: round chunk sizes up and reduce chunk release
    frequency.
  * Support BouncyCastle FIPS for reading PEM files.
  * Dns: correctly encode DnsPtrRecord.
  * Provide Brotli settings without com.aayushatharva.brotli4j dependency.
  * Make DefaultResourceLeak more resilient against OOM.
  * OpenSslSession: add support to defensively check for peer certs.
  * SslHandler: ensure buffers are never leaked when wrap(...) produces
    SSLException.
  * Correcly handle comments appended to nameserver declarations.
  * PcapWriteHandler: apply fixes so that the handler can append to an existing
    PCAP file when writing the global header.
  * PcapWriteHandler: allow output of PCAP files larger than 2GB.
  * Fix bugs in BoundedInputStream.
  * Fix HTTP header validation bug.
  * AdaptivePoolingAllocator: fix possible race condition in method
    offerToQueue(...).
  * AdaptivePoolingAllocator: make sure the sentinel object
    Magazine.MAGAZINE_FREED not be replaced.
  * Only try to use Zstd and Brotli if the native libs can be loaded.
  * Bump BlockHound version to 1.0.10.RELEASE.
  * Add details to TooLongFrameException message.
  * AdaptivePoolingAllocator: correctly reuse chunks.
  * AdaptivePoolingAllocator: don't fail when we run on a host with 1 core.
  * AdaptivePoolingAllocator: correctly re-use central queue chunks and avoid
    OOM issue.
  * Fix several memory management (leaks and missing checks) issues.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-590=1

  * Development Tools Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-590=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-590=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-590=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-590=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-590=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-590=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-590=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-590=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-590=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-590=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-590=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-590=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-590=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-590=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * netty-4.1.118-150200.4.29.2
    * netty-tcnative-2.0.70-150200.3.25.1
  * openSUSE Leap 15.6 (noarch)
    * netty-javadoc-4.1.118-150200.4.29.2
    * netty-tcnative-javadoc-2.0.70-150200.3.25.1
  * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * netty-tcnative-2.0.70-150200.3.25.1
  * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64)
    * netty-4.1.118-150200.4.29.2
  * SUSE Package Hub 15 15-SP6 (noarch)
    * netty-javadoc-4.1.118-150200.4.29.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * netty-tcnative-2.0.70-150200.3.25.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * netty-tcnative-2.0.70-150200.3.25.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * netty-tcnative-2.0.70-150200.3.25.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * netty-tcnative-2.0.70-150200.3.25.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * netty-tcnative-2.0.70-150200.3.25.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * netty-tcnative-2.0.70-150200.3.25.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * netty-tcnative-2.0.70-150200.3.25.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * netty-tcnative-2.0.70-150200.3.25.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * netty-tcnative-2.0.70-150200.3.25.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * netty-tcnative-2.0.70-150200.3.25.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * netty-tcnative-2.0.70-150200.3.25.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * netty-tcnative-2.0.70-150200.3.25.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-24970.html
  * https://www.suse.com/security/cve/CVE-2025-25193.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237037
  * https://bugzilla.suse.com/show_bug.cgi?id=1237038

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250219/300897be/attachment.htm>

From null at suse.de  Wed Feb 19 12:30:14 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 19 Feb 2025 12:30:14 -0000
Subject: SUSE-SU-2025:0589-1: important: Security update for emacs
Message-ID: <173996821434.27275.14997949050733257542@smelt2.prg2.suse.org>



# Security update for emacs

Announcement ID: SUSE-SU-2025:0589-1  
Release Date: 2025-02-19T10:31:31Z  
Rating: important  
References:

  * bsc#1237091

  
Cross-References:

  * CVE-2025-1244

  
CVSS scores:

  * CVE-2025-1244 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-1244 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1244 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for emacs fixes the following issues:

  * CVE-2025-1244: improper handling of custom "man" URI schemes allow for shell
    command injections. (bsc#1237091)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-589=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-589=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-589=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-589=1

## Package List:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * etags-debuginfo-25.3-150000.3.25.3
    * emacs-debugsource-25.3-150000.3.25.3
    * emacs-x11-debuginfo-25.3-150000.3.25.3
    * emacs-nox-debuginfo-25.3-150000.3.25.3
    * emacs-nox-25.3-150000.3.25.3
    * emacs-25.3-150000.3.25.3
    * etags-25.3-150000.3.25.3
    * emacs-debuginfo-25.3-150000.3.25.3
    * emacs-x11-25.3-150000.3.25.3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * emacs-info-25.3-150000.3.25.3
    * emacs-el-25.3-150000.3.25.3
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * etags-debuginfo-25.3-150000.3.25.3
    * emacs-debugsource-25.3-150000.3.25.3
    * emacs-x11-debuginfo-25.3-150000.3.25.3
    * emacs-nox-debuginfo-25.3-150000.3.25.3
    * emacs-nox-25.3-150000.3.25.3
    * emacs-25.3-150000.3.25.3
    * etags-25.3-150000.3.25.3
    * emacs-debuginfo-25.3-150000.3.25.3
    * emacs-x11-25.3-150000.3.25.3
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * emacs-info-25.3-150000.3.25.3
    * emacs-el-25.3-150000.3.25.3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * etags-debuginfo-25.3-150000.3.25.3
    * emacs-debugsource-25.3-150000.3.25.3
    * emacs-x11-debuginfo-25.3-150000.3.25.3
    * emacs-nox-debuginfo-25.3-150000.3.25.3
    * emacs-nox-25.3-150000.3.25.3
    * emacs-25.3-150000.3.25.3
    * etags-25.3-150000.3.25.3
    * emacs-debuginfo-25.3-150000.3.25.3
    * emacs-x11-25.3-150000.3.25.3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * emacs-info-25.3-150000.3.25.3
    * emacs-el-25.3-150000.3.25.3
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * etags-debuginfo-25.3-150000.3.25.3
    * emacs-debugsource-25.3-150000.3.25.3
    * emacs-x11-debuginfo-25.3-150000.3.25.3
    * emacs-nox-debuginfo-25.3-150000.3.25.3
    * emacs-nox-25.3-150000.3.25.3
    * emacs-25.3-150000.3.25.3
    * etags-25.3-150000.3.25.3
    * emacs-debuginfo-25.3-150000.3.25.3
    * emacs-x11-25.3-150000.3.25.3
  * SUSE Enterprise Storage 7.1 (noarch)
    * emacs-info-25.3-150000.3.25.3
    * emacs-el-25.3-150000.3.25.3

## References:

  * https://www.suse.com/security/cve/CVE-2025-1244.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237091

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250219/f9e89be5/attachment.htm>

From null at suse.de  Fri Feb 21 10:05:48 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 10:05:48 -0000
Subject: SUSE-SU-2025:0607-1: important: Security update for grub2
Message-ID: <174013234846.12478.4206601964008880942@smelt2.prg2.suse.org>



# Security update for grub2

Announcement ID: SUSE-SU-2025:0607-1  
Release Date: 2025-02-20T21:42:19Z  
Rating: important  
References:

  * bsc#1233606
  * bsc#1233608
  * bsc#1233609
  * bsc#1233610
  * bsc#1233612
  * bsc#1233613
  * bsc#1233614
  * bsc#1233615
  * bsc#1233616
  * bsc#1233617
  * bsc#1234958
  * bsc#1236316
  * bsc#1236317
  * bsc#1237002
  * bsc#1237006
  * bsc#1237008
  * bsc#1237009
  * bsc#1237010
  * bsc#1237011
  * bsc#1237012
  * bsc#1237013
  * bsc#1237014

  
Cross-References:

  * CVE-2024-45774
  * CVE-2024-45775
  * CVE-2024-45776
  * CVE-2024-45777
  * CVE-2024-45778
  * CVE-2024-45779
  * CVE-2024-45780
  * CVE-2024-45781
  * CVE-2024-45782
  * CVE-2024-45783
  * CVE-2024-56737
  * CVE-2025-0622
  * CVE-2025-0624
  * CVE-2025-0677
  * CVE-2025-0678
  * CVE-2025-0684
  * CVE-2025-0685
  * CVE-2025-0686
  * CVE-2025-0689
  * CVE-2025-0690
  * CVE-2025-1118
  * CVE-2025-1125

  
CVSS scores:

  * CVE-2024-45774 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45774 ( NVD ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45775 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45775 ( NVD ):  5.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H
  * CVE-2024-45776 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45776 ( NVD ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45777 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45777 ( NVD ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45778 ( SUSE ):  3.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L
  * CVE-2024-45779 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45780 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45781 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45781 ( NVD ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45782 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45783 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45783 ( NVD ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56737 ( SUSE ):  8.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56737 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-56737 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-0622 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0622 ( NVD ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0624 ( SUSE ):  7.6 CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
  * CVE-2025-0624 ( NVD ):  7.6 CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
  * CVE-2025-0677 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0677 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0677 ( NVD ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0678 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0678 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0684 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0685 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0685 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0686 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0686 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0689 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0689 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0690 ( SUSE ):  7.3
    CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0690 ( SUSE ):  6.1 CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1118 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-1118 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
  * CVE-2025-1118 ( NVD ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
  * CVE-2025-1125 ( SUSE ):  8.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-1125 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.3
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.2
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3

  
  
An update that solves 22 vulnerabilities can now be installed.

## Description:

This update for grub2 fixes the following issues:

  * CVE-2024-45781: Fixed strcpy overflow in ufs. (bsc#1233617)
  * CVE-2024-56737: Fixed a heap-based buffer overflow in hfs. (bsc#1234958)
  * CVE-2024-45782: Fixed strcpy overflow in hfs. (bsc#1233615)
  * CVE-2024-45780: Fixed an overflow in tar/cpio. (bsc#1233614)
  * CVE-2024-45783: Fixed a refcount overflow in hfsplus. (bsc#1233616)
  * CVE-2024-45774: Fixed a heap overflow in JPEG parser. (bsc#1233609)
  * CVE-2024-45775: Fixed a missing NULL check in extcmd parser. (bsc#1233610)
  * CVE-2024-45776: Fixed an overflow in .MO file handling. (bsc#1233612)
  * CVE-2024-45777: Fixed an integer overflow in gettext. (bsc#1233613)
  * CVE-2024-45778: Fixed bfs filesystem by removing it from lockdown capable
    modules. (bsc#1233606)
  * CVE-2024-45779: Fixed a heap overflow in bfs. (bsc#1233608)
  * CVE-2025-0624: Fixed an out-of-bounds write during the network boot process.
    (bsc#1236316)
  * CVE-2025-0622: Fixed a use-after-free when handling hooks during module
    unload in command/gpg . (bsc#1236317)
  * CVE-2025-0690: Fixed an integer overflow that may lead to an out-of-bounds
    write through the read command. (bsc#1237012)
  * CVE-2025-1118: Fixed an issue where the dump command was not being blocked
    when grub was in lockdown mode. (bsc#1237013)
  * CVE-2025-0677: Fixed an integer overflow that may lead to an out-of-bounds
    write when handling symlinks in ufs. (bsc#1237002)
  * CVE-2025-0684: Fixed an integer overflow that may lead to an out-of-bounds
    write when handling symlinks in reiserfs. (bsc#1237008)
  * CVE-2025-0685: Fixed an integer overflow that may lead to an out-of-bounds
    write when handling symlinks in jfs. (bsc#1237009)
  * CVE-2025-0686: Fixed an integer overflow that may lead to an out-of-bounds
    write when handling symlinks in romfs. (bsc#1237010)
  * CVE-2025-0689: Fixed a heap-based buffer overflow in udf that may lead to
    arbitrary code execution. (bsc#1237011)
  * CVE-2025-1125: Fixed an integer overflow that may lead to an out-of-bounds
    write in hfs. (bsc#1237014)
  * CVE-2025-0678: Fixed an integer overflow that may lead to an out-of-bounds
    write in squash4. (bsc#1237006)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-607=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-607=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-607=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-607=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-607=1

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-607=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-607=1

## Package List:

  * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
    * grub2-branding-upstream-2.04-150300.22.52.3
    * grub2-2.04-150300.22.52.3
    * grub2-debuginfo-2.04-150300.22.52.3
  * openSUSE Leap 15.3 (aarch64 s390x x86_64 i586)
    * grub2-debugsource-2.04-150300.22.52.3
  * openSUSE Leap 15.3 (noarch)
    * grub2-arm64-efi-2.04-150300.22.52.3
    * grub2-powerpc-ieee1275-extras-2.04-150300.22.52.3
    * grub2-x86_64-efi-2.04-150300.22.52.3
    * grub2-i386-xen-2.04-150300.22.52.3
    * grub2-x86_64-efi-extras-2.04-150300.22.52.3
    * grub2-i386-efi-2.04-150300.22.52.3
    * grub2-arm64-efi-extras-2.04-150300.22.52.3
    * grub2-i386-pc-extras-2.04-150300.22.52.3
    * grub2-i386-pc-2.04-150300.22.52.3
    * grub2-i386-pc-debug-2.04-150300.22.52.3
    * grub2-x86_64-xen-extras-2.04-150300.22.52.3
    * grub2-i386-xen-extras-2.04-150300.22.52.3
    * grub2-x86_64-efi-debug-2.04-150300.22.52.3
    * grub2-s390x-emu-extras-2.04-150300.22.52.3
    * grub2-i386-efi-debug-2.04-150300.22.52.3
    * grub2-arm64-efi-debug-2.04-150300.22.52.3
    * grub2-powerpc-ieee1275-2.04-150300.22.52.3
    * grub2-powerpc-ieee1275-debug-2.04-150300.22.52.3
    * grub2-snapper-plugin-2.04-150300.22.52.3
    * grub2-i386-efi-extras-2.04-150300.22.52.3
    * grub2-systemd-sleep-plugin-2.04-150300.22.52.3
    * grub2-x86_64-xen-2.04-150300.22.52.3
  * openSUSE Leap 15.3 (s390x)
    * grub2-s390x-emu-2.04-150300.22.52.3
    * grub2-s390x-emu-debug-2.04-150300.22.52.3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * grub2-debugsource-2.04-150300.22.52.3
    * grub2-2.04-150300.22.52.3
    * grub2-debuginfo-2.04-150300.22.52.3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * grub2-arm64-efi-2.04-150300.22.52.3
    * grub2-powerpc-ieee1275-2.04-150300.22.52.3
    * grub2-snapper-plugin-2.04-150300.22.52.3
    * grub2-i386-pc-2.04-150300.22.52.3
    * grub2-x86_64-efi-2.04-150300.22.52.3
    * grub2-systemd-sleep-plugin-2.04-150300.22.52.3
    * grub2-x86_64-xen-2.04-150300.22.52.3
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * grub2-2.04-150300.22.52.3
    * grub2-debuginfo-2.04-150300.22.52.3
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * grub2-arm64-efi-2.04-150300.22.52.3
    * grub2-powerpc-ieee1275-2.04-150300.22.52.3
    * grub2-snapper-plugin-2.04-150300.22.52.3
    * grub2-i386-pc-2.04-150300.22.52.3
    * grub2-x86_64-efi-2.04-150300.22.52.3
    * grub2-systemd-sleep-plugin-2.04-150300.22.52.3
    * grub2-x86_64-xen-2.04-150300.22.52.3
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 s390x x86_64)
    * grub2-debugsource-2.04-150300.22.52.3
  * SUSE Linux Enterprise Server 15 SP3 LTSS (s390x)
    * grub2-s390x-emu-2.04-150300.22.52.3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * grub2-2.04-150300.22.52.3
    * grub2-debuginfo-2.04-150300.22.52.3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * grub2-arm64-efi-2.04-150300.22.52.3
    * grub2-powerpc-ieee1275-2.04-150300.22.52.3
    * grub2-snapper-plugin-2.04-150300.22.52.3
    * grub2-i386-pc-2.04-150300.22.52.3
    * grub2-x86_64-efi-2.04-150300.22.52.3
    * grub2-systemd-sleep-plugin-2.04-150300.22.52.3
    * grub2-x86_64-xen-2.04-150300.22.52.3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64)
    * grub2-debugsource-2.04-150300.22.52.3
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * grub2-debugsource-2.04-150300.22.52.3
    * grub2-2.04-150300.22.52.3
    * grub2-debuginfo-2.04-150300.22.52.3
  * SUSE Enterprise Storage 7.1 (noarch)
    * grub2-arm64-efi-2.04-150300.22.52.3
    * grub2-powerpc-ieee1275-2.04-150300.22.52.3
    * grub2-snapper-plugin-2.04-150300.22.52.3
    * grub2-i386-pc-2.04-150300.22.52.3
    * grub2-x86_64-efi-2.04-150300.22.52.3
    * grub2-systemd-sleep-plugin-2.04-150300.22.52.3
    * grub2-x86_64-xen-2.04-150300.22.52.3
  * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
    * grub2-debugsource-2.04-150300.22.52.3
    * grub2-2.04-150300.22.52.3
    * grub2-debuginfo-2.04-150300.22.52.3
  * SUSE Linux Enterprise Micro 5.2 (noarch)
    * grub2-arm64-efi-2.04-150300.22.52.3
    * grub2-snapper-plugin-2.04-150300.22.52.3
    * grub2-i386-pc-2.04-150300.22.52.3
    * grub2-x86_64-efi-2.04-150300.22.52.3
    * grub2-x86_64-xen-2.04-150300.22.52.3
  * SUSE Linux Enterprise Micro 5.2 (s390x)
    * grub2-s390x-emu-2.04-150300.22.52.3
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
    * grub2-debugsource-2.04-150300.22.52.3
    * grub2-2.04-150300.22.52.3
    * grub2-debuginfo-2.04-150300.22.52.3
  * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch)
    * grub2-arm64-efi-2.04-150300.22.52.3
    * grub2-snapper-plugin-2.04-150300.22.52.3
    * grub2-i386-pc-2.04-150300.22.52.3
    * grub2-x86_64-efi-2.04-150300.22.52.3
    * grub2-x86_64-xen-2.04-150300.22.52.3
  * SUSE Linux Enterprise Micro for Rancher 5.2 (s390x)
    * grub2-s390x-emu-2.04-150300.22.52.3

## References:

  * https://www.suse.com/security/cve/CVE-2024-45774.html
  * https://www.suse.com/security/cve/CVE-2024-45775.html
  * https://www.suse.com/security/cve/CVE-2024-45776.html
  * https://www.suse.com/security/cve/CVE-2024-45777.html
  * https://www.suse.com/security/cve/CVE-2024-45778.html
  * https://www.suse.com/security/cve/CVE-2024-45779.html
  * https://www.suse.com/security/cve/CVE-2024-45780.html
  * https://www.suse.com/security/cve/CVE-2024-45781.html
  * https://www.suse.com/security/cve/CVE-2024-45782.html
  * https://www.suse.com/security/cve/CVE-2024-45783.html
  * https://www.suse.com/security/cve/CVE-2024-56737.html
  * https://www.suse.com/security/cve/CVE-2025-0622.html
  * https://www.suse.com/security/cve/CVE-2025-0624.html
  * https://www.suse.com/security/cve/CVE-2025-0677.html
  * https://www.suse.com/security/cve/CVE-2025-0678.html
  * https://www.suse.com/security/cve/CVE-2025-0684.html
  * https://www.suse.com/security/cve/CVE-2025-0685.html
  * https://www.suse.com/security/cve/CVE-2025-0686.html
  * https://www.suse.com/security/cve/CVE-2025-0689.html
  * https://www.suse.com/security/cve/CVE-2025-0690.html
  * https://www.suse.com/security/cve/CVE-2025-1118.html
  * https://www.suse.com/security/cve/CVE-2025-1125.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1233606
  * https://bugzilla.suse.com/show_bug.cgi?id=1233608
  * https://bugzilla.suse.com/show_bug.cgi?id=1233609
  * https://bugzilla.suse.com/show_bug.cgi?id=1233610
  * https://bugzilla.suse.com/show_bug.cgi?id=1233612
  * https://bugzilla.suse.com/show_bug.cgi?id=1233613
  * https://bugzilla.suse.com/show_bug.cgi?id=1233614
  * https://bugzilla.suse.com/show_bug.cgi?id=1233615
  * https://bugzilla.suse.com/show_bug.cgi?id=1233616
  * https://bugzilla.suse.com/show_bug.cgi?id=1233617
  * https://bugzilla.suse.com/show_bug.cgi?id=1234958
  * https://bugzilla.suse.com/show_bug.cgi?id=1236316
  * https://bugzilla.suse.com/show_bug.cgi?id=1236317
  * https://bugzilla.suse.com/show_bug.cgi?id=1237002
  * https://bugzilla.suse.com/show_bug.cgi?id=1237006
  * https://bugzilla.suse.com/show_bug.cgi?id=1237008
  * https://bugzilla.suse.com/show_bug.cgi?id=1237009
  * https://bugzilla.suse.com/show_bug.cgi?id=1237010
  * https://bugzilla.suse.com/show_bug.cgi?id=1237011
  * https://bugzilla.suse.com/show_bug.cgi?id=1237012
  * https://bugzilla.suse.com/show_bug.cgi?id=1237013
  * https://bugzilla.suse.com/show_bug.cgi?id=1237014

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/158dc301/attachment.htm>

From null at suse.de  Fri Feb 21 10:05:51 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 10:05:51 -0000
Subject: SUSE-SU-2025:0606-1: important: Security update for postgresql13
Message-ID: <174013235122.12478.6912821308572397883@smelt2.prg2.suse.org>



# Security update for postgresql13

Announcement ID: SUSE-SU-2025:0606-1  
Release Date: 2025-02-20T16:21:35Z  
Rating: important  
References:

  * bsc#1237093

  
Cross-References:

  * CVE-2025-1094

  
CVSS scores:

  * CVE-2025-1094 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-1094 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1094 ( NVD ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for postgresql13 fixes the following issues:

Upgrade to 13.20:

  * CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-
    encoded input strings (bsc#1237093).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-606=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-606=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * postgresql13-plperl-13.20-3.60.1
    * postgresql13-server-debuginfo-13.20-3.60.1
    * postgresql13-contrib-debuginfo-13.20-3.60.1
    * postgresql13-contrib-13.20-3.60.1
    * postgresql13-plpython-debuginfo-13.20-3.60.1
    * postgresql13-plperl-debuginfo-13.20-3.60.1
    * postgresql13-pltcl-13.20-3.60.1
    * postgresql13-devel-13.20-3.60.1
    * postgresql13-plpython-13.20-3.60.1
    * postgresql13-debugsource-13.20-3.60.1
    * postgresql13-devel-debuginfo-13.20-3.60.1
    * postgresql13-debuginfo-13.20-3.60.1
    * postgresql13-pltcl-debuginfo-13.20-3.60.1
    * postgresql13-server-13.20-3.60.1
    * postgresql13-13.20-3.60.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch)
    * postgresql13-docs-13.20-3.60.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (ppc64le s390x x86_64)
    * postgresql13-server-devel-debuginfo-13.20-3.60.1
    * postgresql13-server-devel-13.20-3.60.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * postgresql13-plperl-13.20-3.60.1
    * postgresql13-server-debuginfo-13.20-3.60.1
    * postgresql13-contrib-debuginfo-13.20-3.60.1
    * postgresql13-contrib-13.20-3.60.1
    * postgresql13-plpython-debuginfo-13.20-3.60.1
    * postgresql13-server-devel-13.20-3.60.1
    * postgresql13-server-devel-debuginfo-13.20-3.60.1
    * postgresql13-plperl-debuginfo-13.20-3.60.1
    * postgresql13-pltcl-13.20-3.60.1
    * postgresql13-devel-13.20-3.60.1
    * postgresql13-plpython-13.20-3.60.1
    * postgresql13-debugsource-13.20-3.60.1
    * postgresql13-devel-debuginfo-13.20-3.60.1
    * postgresql13-debuginfo-13.20-3.60.1
    * postgresql13-pltcl-debuginfo-13.20-3.60.1
    * postgresql13-server-13.20-3.60.1
    * postgresql13-13.20-3.60.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch)
    * postgresql13-docs-13.20-3.60.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-1094.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237093

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/ae835ce9/attachment.htm>

From null at suse.de  Fri Feb 21 10:05:55 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 10:05:55 -0000
Subject: SUSE-SU-2025:0605-1: moderate: Security update for openssh
Message-ID: <174013235512.12478.15588464188781415238@smelt2.prg2.suse.org>



# Security update for openssh

Announcement ID: SUSE-SU-2025:0605-1  
Release Date: 2025-02-20T14:43:40Z  
Rating: moderate  
References:

  * bsc#1237040

  
Cross-References:

  * CVE-2025-26465

  
CVSS scores:

  * CVE-2025-26465 ( SUSE ):  6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
  * CVE-2025-26465 ( NVD ):  6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

  
Affected Products:

  * openSUSE Leap 15.3
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Micro for Rancher 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for openssh fixes the following issues:

  * CVE-2025-26465: Fixed MitM attack against OpenSSH's VerifyHostKeyDNS-enabled
    client (bsc#1237040).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-605=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-605=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-605=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-605=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-605=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-605=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-605=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-605=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-605=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-605=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-605=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-605=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-605=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-605=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-605=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-605=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-605=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-605=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-605=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-605=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-605=1

  * SUSE Linux Enterprise Micro 5.1  
    zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-605=1

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-605=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-605=1

## Package List:

  * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-cavs-debuginfo-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debuginfo-8.4p1-150300.3.42.1
    * openssh-helpers-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-cavs-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debugsource-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-helpers-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debuginfo-8.4p1-150300.3.42.1
    * openssh-helpers-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debugsource-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-helpers-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debuginfo-8.4p1-150300.3.42.1
    * openssh-helpers-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debugsource-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-helpers-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debuginfo-8.4p1-150300.3.42.1
    * openssh-helpers-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debugsource-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-helpers-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debuginfo-8.4p1-150300.3.42.1
    * openssh-helpers-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debugsource-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-helpers-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debuginfo-8.4p1-150300.3.42.1
    * openssh-helpers-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debugsource-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-helpers-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debuginfo-8.4p1-150300.3.42.1
    * openssh-helpers-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debugsource-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-helpers-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debuginfo-8.4p1-150300.3.42.1
    * openssh-helpers-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debugsource-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-helpers-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debuginfo-8.4p1-150300.3.42.1
    * openssh-helpers-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debugsource-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-helpers-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debuginfo-8.4p1-150300.3.42.1
    * openssh-helpers-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debugsource-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-helpers-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debuginfo-8.4p1-150300.3.42.1
    * openssh-helpers-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debugsource-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-helpers-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debuginfo-8.4p1-150300.3.42.1
    * openssh-helpers-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debugsource-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-helpers-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-helpers-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-helpers-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-helpers-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-helpers-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-helpers-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-helpers-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debuginfo-8.4p1-150300.3.42.1
    * openssh-helpers-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-debugsource-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-askpass-gnome-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-helpers-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
    * openssh-debugsource-8.4p1-150300.3.42.1
    * openssh-common-debuginfo-8.4p1-150300.3.42.1
    * openssh-server-debuginfo-8.4p1-150300.3.42.1
    * openssh-fips-8.4p1-150300.3.42.1
    * openssh-debuginfo-8.4p1-150300.3.42.1
    * openssh-clients-debuginfo-8.4p1-150300.3.42.1
    * openssh-8.4p1-150300.3.42.1
    * openssh-common-8.4p1-150300.3.42.1
    * openssh-server-8.4p1-150300.3.42.1
    * openssh-clients-8.4p1-150300.3.42.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-26465.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237040

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/2d350032/attachment.htm>

From null at suse.de  Fri Feb 21 10:06:11 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 10:06:11 -0000
Subject: SUSE-SU-2025:0517-2: important: Security update for the Linux Kernel
Message-ID: <174013237101.12478.5242992823561730884@smelt2.prg2.suse.org>



# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2025:0517-2  
Release Date: 2025-02-20T12:33:01Z  
Rating: important  
References:

  * bsc#1215420
  * bsc#1224763
  * bsc#1231847
  * bsc#1233112
  * bsc#1234025
  * bsc#1235217
  * bsc#1235230
  * bsc#1235249
  * bsc#1235430
  * bsc#1235441
  * bsc#1235466
  * bsc#1235645
  * bsc#1235759
  * bsc#1235814
  * bsc#1235818
  * bsc#1235920
  * bsc#1236104

  
Cross-References:

  * CVE-2023-4244
  * CVE-2023-52923
  * CVE-2024-35863
  * CVE-2024-50199
  * CVE-2024-53104
  * CVE-2024-56600
  * CVE-2024-56601
  * CVE-2024-56623
  * CVE-2024-56650
  * CVE-2024-56658
  * CVE-2024-56664
  * CVE-2024-56759
  * CVE-2024-57791
  * CVE-2024-57798
  * CVE-2024-57849
  * CVE-2024-57893

  
CVSS scores:

  * CVE-2023-4244 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-4244 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-4244 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-52923 ( SUSE ):  5.7
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2023-52923 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-35863 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-35863 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-50199 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56600 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56601 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56623 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56623 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56623 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56650 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56650 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56650 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-56658 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56658 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56658 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56664 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56664 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56664 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56759 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57791 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57791 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-57798 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57798 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57798 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57849 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57849 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57893 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57893 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.3
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Availability Extension 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise Live Patching 15-SP3
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.2
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 Business Critical Linux
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Manager Proxy 4.2
  * SUSE Manager Retail Branch Server 4.2
  * SUSE Manager Server 4.2

  
  
An update that solves 16 vulnerabilities and has one security fix can now be
installed.

## Description:

The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security
bugfixes.

NOTE: This update was retracted due to a regression in NFS.

The following security bugs were fixed:

  * CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break()
    (bsc#1224763).
  * CVE-2024-50199: mm/swapfile: skip HugeTLB pages for unuse_vma (bsc#1233112).
  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1234025).
  * CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in
    inet6_create() (bsc#1235217).
  * CVE-2024-56601: net: inet: do not leave a dangling sk pointer in
    inet_create() (bsc#1235230).
  * CVE-2024-56623: scsi: qla2xxx: Fix use after free on unload (bsc#1235466).
  * CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check()
    (bsc#1235430).
  * CVE-2024-56658: net: defer final 'struct net' free in netns dismantle
    (bsc#1235441).
  * CVE-2024-56664: bpf, sockmap: Fix race between element replace and close()
    (bsc#1235249).
  * CVE-2024-56759: btrfs: fix use-after-free when COWing tree bock and tracing
    is enabled (bsc#1235645).
  * CVE-2024-57791: net/smc: check return value of sock_recvmsg when draining
    clc data (bsc#1235759).
  * CVE-2024-57798: drm/dp_mst: Ensure mst_primary pointer is valid in
    drm_dp_mst_handle_up_req() (bsc#1235818).
  * CVE-2024-57849: s390/cpum_sf: Handle CPU hotplug remove during sampling
    (bsc#1235814).
  * CVE-2024-57893: ALSA: seq: oss: Fix races at processing SysEx messages
    (bsc#1235920).

The following non-security bugs were fixed:

  * NFS: Adjust the amount of readahead performed by NFS readdir (bsc#1231847).
  * NFS: Do not flush the readdir cache in nfs_dentry_iput() (bsc#1231847).
  * NFS: Improve heuristic for readdirplus (bsc#1231847).
  * NFS: Reduce readdir stack usage (bsc#1231847).
  * NFS: Trigger the "ls -l" readdir heuristic sooner (bsc#1231847).
  * NFS: Use kmemdup_nul() in nfs_readdir_make_qstr() (bsc#1231847).

## Special Instructions and Notes:

  * Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro 5.1  
    zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-517=1

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-517=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-517=1

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-517=1

  * SUSE Linux Enterprise Live Patching 15-SP3  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-517=1

  * SUSE Linux Enterprise High Availability Extension 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2025-517=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-517=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-517=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-517=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-517=1

## Package List:

  * SUSE Linux Enterprise Micro 5.1 (aarch64 nosrc s390x x86_64)
    * kernel-default-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
    * kernel-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-base-5.3.18-150300.59.191.1.150300.18.113.1
    * kernel-default-debugsource-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Micro 5.2 (aarch64 nosrc s390x x86_64)
    * kernel-default-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Micro 5.2 (aarch64 x86_64)
    * kernel-default-base-5.3.18-150300.59.191.1.150300.18.113.1
  * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
    * kernel-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-debugsource-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 nosrc s390x x86_64)
    * kernel-default-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 x86_64)
    * kernel-default-base-5.3.18-150300.59.191.1.150300.18.113.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
    * kernel-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-debugsource-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (noarch nosrc)
    * kernel-docs-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (noarch)
    * kernel-macros-5.3.18-150300.59.191.1
    * kernel-source-5.3.18-150300.59.191.1
    * kernel-docs-html-5.3.18-150300.59.191.1
    * kernel-source-vanilla-5.3.18-150300.59.191.1
    * kernel-devel-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (nosrc ppc64le x86_64)
    * kernel-debug-5.3.18-150300.59.191.1
    * kernel-kvmsmall-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (ppc64le x86_64)
    * kernel-debug-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-debug-debugsource-5.3.18-150300.59.191.1
    * kernel-kvmsmall-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-kvmsmall-devel-5.3.18-150300.59.191.1
    * kernel-kvmsmall-debugsource-5.3.18-150300.59.191.1
    * kernel-debug-devel-5.3.18-150300.59.191.1
    * kernel-debug-debuginfo-5.3.18-150300.59.191.1
    * kernel-kvmsmall-debuginfo-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64)
    * kernel-default-optional-5.3.18-150300.59.191.1
    * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * cluster-md-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-livepatch-5.3.18-150300.59.191.1
    * kernel-default-optional-debuginfo-5.3.18-150300.59.191.1
    * kernel-syms-5.3.18-150300.59.191.1
    * kernel-obs-build-5.3.18-150300.59.191.1
    * ocfs2-kmp-default-5.3.18-150300.59.191.1
    * gfs2-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-devel-5.3.18-150300.59.191.1
    * kernel-obs-qa-5.3.18-150300.59.191.1
    * kernel-default-base-5.3.18-150300.59.191.1.150300.18.113.1
    * gfs2-kmp-default-5.3.18-150300.59.191.1
    * dlm-kmp-default-5.3.18-150300.59.191.1
    * kselftests-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * ocfs2-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-base-rebuild-5.3.18-150300.59.191.1.150300.18.113.1
    * kernel-default-extra-debuginfo-5.3.18-150300.59.191.1
    * reiserfs-kmp-default-5.3.18-150300.59.191.1
    * kernel-default-debugsource-5.3.18-150300.59.191.1
    * kernel-default-extra-5.3.18-150300.59.191.1
    * dlm-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * cluster-md-kmp-default-5.3.18-150300.59.191.1
    * kselftests-kmp-default-5.3.18-150300.59.191.1
    * kernel-obs-build-debugsource-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 nosrc)
    * kernel-default-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (ppc64le s390x x86_64)
    * kernel-default-livepatch-devel-5.3.18-150300.59.191.1
    * kernel-livepatch-5_3_18-150300_59_191-default-debuginfo-1-150300.7.3.1
    * kernel-livepatch-SLE15-SP3_Update_53-debugsource-1-150300.7.3.1
    * kernel-livepatch-5_3_18-150300_59_191-default-1-150300.7.3.1
  * openSUSE Leap 15.3 (x86_64)
    * kernel-livepatch-5_3_18-150300_59_191-preempt-1-150300.7.3.1
    * kernel-livepatch-5_3_18-150300_59_191-preempt-debuginfo-1-150300.7.3.1
  * openSUSE Leap 15.3 (aarch64 x86_64)
    * cluster-md-kmp-preempt-5.3.18-150300.59.191.1
    * dlm-kmp-preempt-5.3.18-150300.59.191.1
    * reiserfs-kmp-preempt-5.3.18-150300.59.191.1
    * kselftests-kmp-preempt-debuginfo-5.3.18-150300.59.191.1
    * kernel-preempt-optional-debuginfo-5.3.18-150300.59.191.1
    * dlm-kmp-preempt-debuginfo-5.3.18-150300.59.191.1
    * cluster-md-kmp-preempt-debuginfo-5.3.18-150300.59.191.1
    * kernel-preempt-debugsource-5.3.18-150300.59.191.1
    * kernel-preempt-devel-debuginfo-5.3.18-150300.59.191.1
    * kselftests-kmp-preempt-5.3.18-150300.59.191.1
    * gfs2-kmp-preempt-5.3.18-150300.59.191.1
    * kernel-preempt-extra-debuginfo-5.3.18-150300.59.191.1
    * gfs2-kmp-preempt-debuginfo-5.3.18-150300.59.191.1
    * kernel-preempt-optional-5.3.18-150300.59.191.1
    * ocfs2-kmp-preempt-debuginfo-5.3.18-150300.59.191.1
    * ocfs2-kmp-preempt-5.3.18-150300.59.191.1
    * reiserfs-kmp-preempt-debuginfo-5.3.18-150300.59.191.1
    * kernel-preempt-debuginfo-5.3.18-150300.59.191.1
    * kernel-preempt-extra-5.3.18-150300.59.191.1
    * kernel-preempt-devel-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (aarch64 nosrc x86_64)
    * kernel-preempt-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (nosrc s390x)
    * kernel-zfcpdump-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (s390x)
    * kernel-zfcpdump-debuginfo-5.3.18-150300.59.191.1
    * kernel-zfcpdump-debugsource-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (nosrc)
    * dtb-aarch64-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (aarch64)
    * dtb-lg-5.3.18-150300.59.191.1
    * dtb-hisilicon-5.3.18-150300.59.191.1
    * dtb-rockchip-5.3.18-150300.59.191.1
    * dtb-cavium-5.3.18-150300.59.191.1
    * reiserfs-kmp-64kb-debuginfo-5.3.18-150300.59.191.1
    * kernel-64kb-extra-5.3.18-150300.59.191.1
    * cluster-md-kmp-64kb-debuginfo-5.3.18-150300.59.191.1
    * dtb-arm-5.3.18-150300.59.191.1
    * dtb-allwinner-5.3.18-150300.59.191.1
    * dtb-mediatek-5.3.18-150300.59.191.1
    * dtb-amd-5.3.18-150300.59.191.1
    * dtb-nvidia-5.3.18-150300.59.191.1
    * kernel-64kb-debuginfo-5.3.18-150300.59.191.1
    * reiserfs-kmp-64kb-5.3.18-150300.59.191.1
    * dtb-exynos-5.3.18-150300.59.191.1
    * ocfs2-kmp-64kb-5.3.18-150300.59.191.1
    * dtb-freescale-5.3.18-150300.59.191.1
    * dtb-sprd-5.3.18-150300.59.191.1
    * dtb-zte-5.3.18-150300.59.191.1
    * kselftests-kmp-64kb-debuginfo-5.3.18-150300.59.191.1
    * dtb-xilinx-5.3.18-150300.59.191.1
    * dtb-broadcom-5.3.18-150300.59.191.1
    * kernel-64kb-devel-debuginfo-5.3.18-150300.59.191.1
    * dlm-kmp-64kb-5.3.18-150300.59.191.1
    * dlm-kmp-64kb-debuginfo-5.3.18-150300.59.191.1
    * dtb-altera-5.3.18-150300.59.191.1
    * kernel-64kb-optional-5.3.18-150300.59.191.1
    * dtb-socionext-5.3.18-150300.59.191.1
    * dtb-amlogic-5.3.18-150300.59.191.1
    * dtb-apm-5.3.18-150300.59.191.1
    * dtb-al-5.3.18-150300.59.191.1
    * kernel-64kb-extra-debuginfo-5.3.18-150300.59.191.1
    * gfs2-kmp-64kb-debuginfo-5.3.18-150300.59.191.1
    * kernel-64kb-optional-debuginfo-5.3.18-150300.59.191.1
    * dtb-qcom-5.3.18-150300.59.191.1
    * kernel-64kb-devel-5.3.18-150300.59.191.1
    * dtb-marvell-5.3.18-150300.59.191.1
    * kselftests-kmp-64kb-5.3.18-150300.59.191.1
    * cluster-md-kmp-64kb-5.3.18-150300.59.191.1
    * gfs2-kmp-64kb-5.3.18-150300.59.191.1
    * kernel-64kb-debugsource-5.3.18-150300.59.191.1
    * ocfs2-kmp-64kb-debuginfo-5.3.18-150300.59.191.1
    * dtb-renesas-5.3.18-150300.59.191.1
  * openSUSE Leap 15.3 (aarch64 nosrc)
    * kernel-64kb-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Live Patching 15-SP3 (nosrc)
    * kernel-default-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64)
    * kernel-livepatch-5_3_18-150300_59_191-default-1-150300.7.3.1
    * kernel-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-livepatch-devel-5.3.18-150300.59.191.1
    * kernel-default-debugsource-5.3.18-150300.59.191.1
    * kernel-default-livepatch-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise High Availability Extension 15 SP3 (aarch64 ppc64le
    s390x x86_64)
    * ocfs2-kmp-default-5.3.18-150300.59.191.1
    * ocfs2-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * gfs2-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * cluster-md-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * dlm-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-debuginfo-5.3.18-150300.59.191.1
    * cluster-md-kmp-default-5.3.18-150300.59.191.1
    * kernel-default-debugsource-5.3.18-150300.59.191.1
    * gfs2-kmp-default-5.3.18-150300.59.191.1
    * dlm-kmp-default-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise High Availability Extension 15 SP3 (nosrc)
    * kernel-default-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 nosrc)
    * kernel-64kb-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64)
    * kernel-64kb-devel-5.3.18-150300.59.191.1
    * kernel-64kb-debugsource-5.3.18-150300.59.191.1
    * kernel-64kb-debuginfo-5.3.18-150300.59.191.1
    * kernel-64kb-devel-debuginfo-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 nosrc
    x86_64)
    * kernel-default-5.3.18-150300.59.191.1
    * kernel-preempt-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-preempt-debugsource-5.3.18-150300.59.191.1
    * kernel-preempt-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-devel-5.3.18-150300.59.191.1
    * reiserfs-kmp-default-5.3.18-150300.59.191.1
    * kernel-default-debugsource-5.3.18-150300.59.191.1
    * kernel-default-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-preempt-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-base-5.3.18-150300.59.191.1.150300.18.113.1
    * kernel-obs-build-debugsource-5.3.18-150300.59.191.1
    * kernel-syms-5.3.18-150300.59.191.1
    * kernel-obs-build-5.3.18-150300.59.191.1
    * kernel-preempt-devel-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * kernel-devel-5.3.18-150300.59.191.1
    * kernel-source-5.3.18-150300.59.191.1
    * kernel-macros-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch nosrc)
    * kernel-docs-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 nosrc)
    * kernel-64kb-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64)
    * kernel-64kb-devel-5.3.18-150300.59.191.1
    * kernel-64kb-debugsource-5.3.18-150300.59.191.1
    * kernel-64kb-debuginfo-5.3.18-150300.59.191.1
    * kernel-64kb-devel-debuginfo-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64
    nosrc)
    * kernel-default-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-devel-5.3.18-150300.59.191.1
    * reiserfs-kmp-default-5.3.18-150300.59.191.1
    * kernel-default-debugsource-5.3.18-150300.59.191.1
    * kernel-default-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-base-5.3.18-150300.59.191.1.150300.18.113.1
    * kernel-obs-build-debugsource-5.3.18-150300.59.191.1
    * kernel-syms-5.3.18-150300.59.191.1
    * kernel-obs-build-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * kernel-devel-5.3.18-150300.59.191.1
    * kernel-source-5.3.18-150300.59.191.1
    * kernel-macros-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch nosrc)
    * kernel-docs-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 nosrc x86_64)
    * kernel-preempt-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 x86_64)
    * kernel-preempt-debugsource-5.3.18-150300.59.191.1
    * kernel-preempt-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-preempt-debuginfo-5.3.18-150300.59.191.1
    * kernel-preempt-devel-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (nosrc s390x)
    * kernel-zfcpdump-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (s390x)
    * kernel-zfcpdump-debuginfo-5.3.18-150300.59.191.1
    * kernel-zfcpdump-debugsource-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc ppc64le
    x86_64)
    * kernel-default-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-devel-5.3.18-150300.59.191.1
    * reiserfs-kmp-default-5.3.18-150300.59.191.1
    * kernel-default-debugsource-5.3.18-150300.59.191.1
    * kernel-default-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-base-5.3.18-150300.59.191.1.150300.18.113.1
    * kernel-obs-build-debugsource-5.3.18-150300.59.191.1
    * kernel-syms-5.3.18-150300.59.191.1
    * kernel-obs-build-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * kernel-devel-5.3.18-150300.59.191.1
    * kernel-source-5.3.18-150300.59.191.1
    * kernel-macros-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch nosrc)
    * kernel-docs-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc x86_64)
    * kernel-preempt-5.3.18-150300.59.191.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64)
    * kernel-preempt-debugsource-5.3.18-150300.59.191.1
    * kernel-preempt-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-preempt-debuginfo-5.3.18-150300.59.191.1
    * kernel-preempt-devel-5.3.18-150300.59.191.1
  * SUSE Enterprise Storage 7.1 (aarch64 nosrc)
    * kernel-64kb-5.3.18-150300.59.191.1
  * SUSE Enterprise Storage 7.1 (aarch64)
    * kernel-64kb-devel-5.3.18-150300.59.191.1
    * kernel-64kb-debugsource-5.3.18-150300.59.191.1
    * kernel-64kb-debuginfo-5.3.18-150300.59.191.1
    * kernel-64kb-devel-debuginfo-5.3.18-150300.59.191.1
  * SUSE Enterprise Storage 7.1 (aarch64 nosrc x86_64)
    * kernel-default-5.3.18-150300.59.191.1
    * kernel-preempt-5.3.18-150300.59.191.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-debuginfo-5.3.18-150300.59.191.1
    * kernel-preempt-debugsource-5.3.18-150300.59.191.1
    * kernel-preempt-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-devel-5.3.18-150300.59.191.1
    * reiserfs-kmp-default-5.3.18-150300.59.191.1
    * kernel-default-debugsource-5.3.18-150300.59.191.1
    * kernel-default-devel-debuginfo-5.3.18-150300.59.191.1
    * kernel-preempt-debuginfo-5.3.18-150300.59.191.1
    * kernel-default-base-5.3.18-150300.59.191.1.150300.18.113.1
    * kernel-obs-build-debugsource-5.3.18-150300.59.191.1
    * kernel-syms-5.3.18-150300.59.191.1
    * kernel-obs-build-5.3.18-150300.59.191.1
    * kernel-preempt-devel-5.3.18-150300.59.191.1
  * SUSE Enterprise Storage 7.1 (noarch)
    * kernel-devel-5.3.18-150300.59.191.1
    * kernel-source-5.3.18-150300.59.191.1
    * kernel-macros-5.3.18-150300.59.191.1
  * SUSE Enterprise Storage 7.1 (noarch nosrc)
    * kernel-docs-5.3.18-150300.59.191.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-4244.html
  * https://www.suse.com/security/cve/CVE-2023-52923.html
  * https://www.suse.com/security/cve/CVE-2024-35863.html
  * https://www.suse.com/security/cve/CVE-2024-50199.html
  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://www.suse.com/security/cve/CVE-2024-56600.html
  * https://www.suse.com/security/cve/CVE-2024-56601.html
  * https://www.suse.com/security/cve/CVE-2024-56623.html
  * https://www.suse.com/security/cve/CVE-2024-56650.html
  * https://www.suse.com/security/cve/CVE-2024-56658.html
  * https://www.suse.com/security/cve/CVE-2024-56664.html
  * https://www.suse.com/security/cve/CVE-2024-56759.html
  * https://www.suse.com/security/cve/CVE-2024-57791.html
  * https://www.suse.com/security/cve/CVE-2024-57798.html
  * https://www.suse.com/security/cve/CVE-2024-57849.html
  * https://www.suse.com/security/cve/CVE-2024-57893.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1215420
  * https://bugzilla.suse.com/show_bug.cgi?id=1224763
  * https://bugzilla.suse.com/show_bug.cgi?id=1231847
  * https://bugzilla.suse.com/show_bug.cgi?id=1233112
  * https://bugzilla.suse.com/show_bug.cgi?id=1234025
  * https://bugzilla.suse.com/show_bug.cgi?id=1235217
  * https://bugzilla.suse.com/show_bug.cgi?id=1235230
  * https://bugzilla.suse.com/show_bug.cgi?id=1235249
  * https://bugzilla.suse.com/show_bug.cgi?id=1235430
  * https://bugzilla.suse.com/show_bug.cgi?id=1235441
  * https://bugzilla.suse.com/show_bug.cgi?id=1235466
  * https://bugzilla.suse.com/show_bug.cgi?id=1235645
  * https://bugzilla.suse.com/show_bug.cgi?id=1235759
  * https://bugzilla.suse.com/show_bug.cgi?id=1235814
  * https://bugzilla.suse.com/show_bug.cgi?id=1235818
  * https://bugzilla.suse.com/show_bug.cgi?id=1235920
  * https://bugzilla.suse.com/show_bug.cgi?id=1236104

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/13c820b0/attachment.htm>

From null at suse.de  Fri Feb 21 10:06:24 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 10:06:24 -0000
Subject: SUSE-SU-2025:0603-1: important: Security update for the Linux Kernel
Message-ID: <174013238401.12478.16356185532504098610@smelt2.prg2.suse.org>



# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2025:0603-1  
Release Date: 2025-02-20T10:34:39Z  
Rating: important  
References:

  * bsc#1224763
  * bsc#1234025
  * bsc#1234853
  * bsc#1234891
  * bsc#1234963
  * bsc#1235054
  * bsc#1235061
  * bsc#1235073
  * bsc#1235217
  * bsc#1235230
  * bsc#1235430
  * bsc#1235645
  * bsc#1235812
  * bsc#1235920

  
Cross-References:

  * CVE-2024-35863
  * CVE-2024-53104
  * CVE-2024-53173
  * CVE-2024-53239
  * CVE-2024-56539
  * CVE-2024-56548
  * CVE-2024-56600
  * CVE-2024-56601
  * CVE-2024-56605
  * CVE-2024-56650
  * CVE-2024-56759
  * CVE-2024-57850
  * CVE-2024-57893

  
CVSS scores:

  * CVE-2024-35863 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-35863 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53173 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53173 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53173 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53173 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53239 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-53239 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53239 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53239 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56539 ( SUSE ):  8.6
    CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56539 ( SUSE ):  8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-56548 ( SUSE ):  8.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56548 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56600 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56601 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56605 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56605 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56605 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56605 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56650 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56650 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56650 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  * CVE-2024-56759 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56759 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-56759 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57850 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57850 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-57893 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-57893 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Linux Enterprise Server 11 SP4
  * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE

  
  
An update that solves 13 vulnerabilities and has one security fix can now be
installed.

## Description:

The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security
bugfixes.

The following security bugs were fixed:

  * CVE-2024-35863: smb: client: fix potential UAF in is_valid_oplock_break()
    (bsc#1224763).
  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1234025).
  * CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in
    inet6_create() (bsc#1235217).
  * CVE-2024-56601: net: inet: do not leave a dangling sk pointer in
    inet_create() (bsc#1235230).
  * CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check()
    (bsc#1235430).
  * CVE-2024-56759: btrfs: fix use-after-free when COWing tree bock and tracing
    is enabled (bsc#1235645).
  * CVE-2024-57850: jffs2: Prevent rtime decompress memory corruption
    (bsc#1235812).
  * CVE-2024-57893: ALSA: seq: oss: Fix races at processing SysEx messages
    (bsc#1235920).

## Special Instructions and Notes:

  * Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE  
    zypper in -t patch SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2025-603=1

  * SUSE Linux Enterprise Server 11 SP4  
    zypper in -t patch SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2025-603=1

## Package List:

  * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE (nosrc x86_64)
    * kernel-xen-3.0.101-108.177.1
    * kernel-default-3.0.101-108.177.1
    * kernel-ec2-3.0.101-108.177.1
    * kernel-trace-3.0.101-108.177.1
  * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE (x86_64)
    * kernel-default-devel-3.0.101-108.177.1
    * kernel-xen-base-3.0.101-108.177.1
    * kernel-syms-3.0.101-108.177.1
    * kernel-ec2-devel-3.0.101-108.177.1
    * kernel-trace-devel-3.0.101-108.177.1
    * kernel-default-base-3.0.101-108.177.1
    * kernel-xen-devel-3.0.101-108.177.1
    * kernel-source-3.0.101-108.177.1
    * kernel-ec2-base-3.0.101-108.177.1
    * kernel-trace-base-3.0.101-108.177.1
  * SUSE Linux Enterprise Server 11 SP4 (nosrc x86_64)
    * kernel-xen-3.0.101-108.177.1
    * kernel-default-3.0.101-108.177.1
    * kernel-ec2-3.0.101-108.177.1
    * kernel-trace-3.0.101-108.177.1
  * SUSE Linux Enterprise Server 11 SP4 (x86_64)
    * kernel-default-devel-3.0.101-108.177.1
    * kernel-xen-base-3.0.101-108.177.1
    * kernel-syms-3.0.101-108.177.1
    * kernel-ec2-devel-3.0.101-108.177.1
    * kernel-trace-devel-3.0.101-108.177.1
    * kernel-default-base-3.0.101-108.177.1
    * kernel-xen-devel-3.0.101-108.177.1
    * kernel-source-3.0.101-108.177.1
    * kernel-ec2-base-3.0.101-108.177.1
    * kernel-trace-base-3.0.101-108.177.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-35863.html
  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://www.suse.com/security/cve/CVE-2024-53173.html
  * https://www.suse.com/security/cve/CVE-2024-53239.html
  * https://www.suse.com/security/cve/CVE-2024-56539.html
  * https://www.suse.com/security/cve/CVE-2024-56548.html
  * https://www.suse.com/security/cve/CVE-2024-56600.html
  * https://www.suse.com/security/cve/CVE-2024-56601.html
  * https://www.suse.com/security/cve/CVE-2024-56605.html
  * https://www.suse.com/security/cve/CVE-2024-56650.html
  * https://www.suse.com/security/cve/CVE-2024-56759.html
  * https://www.suse.com/security/cve/CVE-2024-57850.html
  * https://www.suse.com/security/cve/CVE-2024-57893.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1224763
  * https://bugzilla.suse.com/show_bug.cgi?id=1234025
  * https://bugzilla.suse.com/show_bug.cgi?id=1234853
  * https://bugzilla.suse.com/show_bug.cgi?id=1234891
  * https://bugzilla.suse.com/show_bug.cgi?id=1234963
  * https://bugzilla.suse.com/show_bug.cgi?id=1235054
  * https://bugzilla.suse.com/show_bug.cgi?id=1235061
  * https://bugzilla.suse.com/show_bug.cgi?id=1235073
  * https://bugzilla.suse.com/show_bug.cgi?id=1235217
  * https://bugzilla.suse.com/show_bug.cgi?id=1235230
  * https://bugzilla.suse.com/show_bug.cgi?id=1235430
  * https://bugzilla.suse.com/show_bug.cgi?id=1235645
  * https://bugzilla.suse.com/show_bug.cgi?id=1235812
  * https://bugzilla.suse.com/show_bug.cgi?id=1235920

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/7b5c84fd/attachment.htm>

From null at suse.de  Fri Feb 21 10:06:28 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 10:06:28 -0000
Subject: SUSE-SU-2025:0602-1: important: Security update for helm
Message-ID: <174013238825.12478.1780657501223225461@smelt2.prg2.suse.org>



# Security update for helm

Announcement ID: SUSE-SU-2025:0602-1  
Release Date: 2025-02-20T09:16:12Z  
Rating: important  
References:

  * bsc#1234482
  * bsc#1235318

  
Cross-References:

  * CVE-2024-45337
  * CVE-2024-45338

  
CVSS scores:

  * CVE-2024-45337 ( SUSE ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45337 ( NVD ):  9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
  * CVE-2024-45338 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-45338 ( SUSE ):  5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-45338 ( NVD ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

  
Affected Products:

  * Containers Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Package Hub 15 15-SP6

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for helm fixes the following issues:

Update to version 3.17.1:

  * CVE-2024-45338: Fixed denial of service due to non-linear parsing of case-
    insensitive content (bsc#1235318).
  * CVE-2024-45337: Fixed misuse of ServerConfig.PublicKeyCallback to prevent
    authorization bypass in golang.org/x/crypto (bsc#1234482).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-602=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-602=1

  * Containers Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-602=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-602=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-602=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-602=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-602=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-602=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-602=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-602=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-602=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-602=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-602=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-602=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-602=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-602=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * helm-3.17.1-150000.1.41.1
    * helm-debuginfo-3.17.1-150000.1.41.1
  * openSUSE Leap 15.6 (noarch)
    * helm-bash-completion-3.17.1-150000.1.41.1
    * helm-fish-completion-3.17.1-150000.1.41.1
    * helm-zsh-completion-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * helm-3.17.1-150000.1.41.1
    * helm-debuginfo-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise Micro 5.5 (noarch)
    * helm-bash-completion-3.17.1-150000.1.41.1
  * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * helm-3.17.1-150000.1.41.1
    * helm-debuginfo-3.17.1-150000.1.41.1
  * Containers Module 15-SP6 (noarch)
    * helm-bash-completion-3.17.1-150000.1.41.1
    * helm-zsh-completion-3.17.1-150000.1.41.1
  * SUSE Package Hub 15 15-SP6 (noarch)
    * helm-fish-completion-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * helm-3.17.1-150000.1.41.1
    * helm-debuginfo-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * helm-bash-completion-3.17.1-150000.1.41.1
    * helm-zsh-completion-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * helm-3.17.1-150000.1.41.1
    * helm-debuginfo-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * helm-bash-completion-3.17.1-150000.1.41.1
    * helm-zsh-completion-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * helm-3.17.1-150000.1.41.1
    * helm-debuginfo-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * helm-bash-completion-3.17.1-150000.1.41.1
    * helm-zsh-completion-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * helm-3.17.1-150000.1.41.1
    * helm-debuginfo-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * helm-bash-completion-3.17.1-150000.1.41.1
    * helm-zsh-completion-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * helm-3.17.1-150000.1.41.1
    * helm-debuginfo-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * helm-bash-completion-3.17.1-150000.1.41.1
    * helm-zsh-completion-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * helm-3.17.1-150000.1.41.1
    * helm-debuginfo-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * helm-bash-completion-3.17.1-150000.1.41.1
    * helm-zsh-completion-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * helm-3.17.1-150000.1.41.1
    * helm-debuginfo-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * helm-bash-completion-3.17.1-150000.1.41.1
    * helm-zsh-completion-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * helm-3.17.1-150000.1.41.1
    * helm-debuginfo-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * helm-bash-completion-3.17.1-150000.1.41.1
    * helm-zsh-completion-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * helm-3.17.1-150000.1.41.1
    * helm-debuginfo-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * helm-bash-completion-3.17.1-150000.1.41.1
    * helm-zsh-completion-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * helm-3.17.1-150000.1.41.1
    * helm-debuginfo-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * helm-bash-completion-3.17.1-150000.1.41.1
    * helm-zsh-completion-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * helm-3.17.1-150000.1.41.1
    * helm-debuginfo-3.17.1-150000.1.41.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * helm-bash-completion-3.17.1-150000.1.41.1
    * helm-zsh-completion-3.17.1-150000.1.41.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * helm-3.17.1-150000.1.41.1
    * helm-debuginfo-3.17.1-150000.1.41.1
  * SUSE Enterprise Storage 7.1 (noarch)
    * helm-bash-completion-3.17.1-150000.1.41.1
    * helm-zsh-completion-3.17.1-150000.1.41.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-45337.html
  * https://www.suse.com/security/cve/CVE-2024-45338.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1234482
  * https://bugzilla.suse.com/show_bug.cgi?id=1235318

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/a1ebfbb4/attachment.htm>

From null at suse.de  Fri Feb 21 10:06:31 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 10:06:31 -0000
Subject: SUSE-SU-2025:0601-1: important: Security update for brise
Message-ID: <174013239129.12478.161043392062937678@smelt2.prg2.suse.org>



# Security update for brise

Announcement ID: SUSE-SU-2025:0601-1  
Release Date: 2025-02-20T09:14:15Z  
Rating: important  
References:

  * bsc#1234597
  * bsc#1235573

  
Cross-References:

  * CVE-2024-45337
  * CVE-2025-21613

  
CVSS scores:

  * CVE-2024-45337 ( SUSE ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45337 ( NVD ):  9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
  * CVE-2025-21613 ( SUSE ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-21613 ( NVD ):  9.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Clear
  * CVE-2025-21613 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * Desktop Applications Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for brise fixes the following issues:

  * CVE-2025-21613: Fixed argument injection via the URL field (bsc#1235573).
  * CVE-2024-45337: Fixed authorization bypass in golang.org/x/crypto via the
    ServerConfig.PublicKeyCallback callback (bsc#1234597).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-601=1 SUSE-2025-601=1

  * Desktop Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-601=1

## Package List:

  * openSUSE Leap 15.6 (noarch)
    * rime-schema-soutzoe-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-emoji-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-bopomofo-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-wugniu-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-luna-pinyin-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-wubi-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-stenotype-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-pinyin-simp-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-terra-pinyin-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-cantonese-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-default-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-quick-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-custom-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-essay-simp-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-essay-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-ipa-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-scj-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-all-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-double-pinyin-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-array-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-combo-pinyin-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-middle-chinese-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-prelude-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-cangjie-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-stroke-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-extra-20230603+git.5fdd2d6-150600.3.8.1
  * Desktop Applications Module 15-SP6 (noarch)
    * rime-schema-soutzoe-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-emoji-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-bopomofo-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-wugniu-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-luna-pinyin-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-wubi-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-stenotype-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-pinyin-simp-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-terra-pinyin-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-cantonese-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-default-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-quick-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-custom-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-essay-simp-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-essay-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-ipa-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-scj-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-all-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-double-pinyin-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-array-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-combo-pinyin-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-middle-chinese-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-prelude-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-cangjie-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-stroke-20230603+git.5fdd2d6-150600.3.8.1
    * rime-schema-extra-20230603+git.5fdd2d6-150600.3.8.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-45337.html
  * https://www.suse.com/security/cve/CVE-2025-21613.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1234597
  * https://bugzilla.suse.com/show_bug.cgi?id=1235573

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/2d383d76/attachment.htm>

From null at suse.de  Fri Feb 21 10:06:37 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 10:06:37 -0000
Subject: SUSE-RU-2025:0600-1: moderate: Recommended update for
 obs-service-format_spec_file
Message-ID: <174013239712.12478.13010003974864307896@smelt2.prg2.suse.org>



# Recommended update for obs-service-format_spec_file

Announcement ID: SUSE-RU-2025:0600-1  
Release Date: 2025-02-19T16:34:27Z  
Rating: moderate  
References:

  * bsc#1194504
  * bsc#1237188
  * bsc#624980

  
Affected Products:

  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Package Hub 15 15-SP6

  
  
An update that has three fixes can now be installed.

## Description:

This update for obs-service-format_spec_file fixes the following issues:

Update to version 20240121: (bsc#1237188)

  * update licenses
  * Fix formatting of overlong tags
  * set header_name to the spec file name
  * Sync licenses with SPDX spec

Update to version 20230712:

  * Sync SPDX licenses
  * Sync SPDX licenses

Update to version 20230522:

  * Sync SPDX licenses
  * Add needspubkeyforbuild

Update to version 20221113:

  * licences_exceptions.txt: rename to licenses_exceptions.txt
  * Fetch updated licenses
  * Add test case for bsc#1194504

  * do not enter empty license line if not found (eg in include file)
    (bsc#624980)

  * fix empty line handling (multiple subsequent empty lines) lines in a
    package, for example in if-constructs)
  * cleanup prepare_spec, drop Needed.pm

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-600=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-600=1

## Package List:

  * openSUSE Leap 15.6 (noarch)
    * obs-service-format_spec_file-20240121-150000.3.14.1
  * SUSE Package Hub 15 15-SP6 (noarch)
    * obs-service-format_spec_file-20240121-150000.3.14.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1194504
  * https://bugzilla.suse.com/show_bug.cgi?id=1237188
  * https://bugzilla.suse.com/show_bug.cgi?id=624980

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/043b4aae/attachment.htm>

From null at suse.de  Fri Feb 21 10:06:41 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 10:06:41 -0000
Subject: SUSE-SU-2025:0599-1: important: Security update for emacs
Message-ID: <174013240153.12478.7697469295764232681@smelt2.prg2.suse.org>



# Security update for emacs

Announcement ID: SUSE-SU-2025:0599-1  
Release Date: 2025-02-19T16:09:36Z  
Rating: important  
References:

  * bsc#1237091

  
Cross-References:

  * CVE-2025-1244

  
CVSS scores:

  * CVE-2025-1244 ( SUSE ):  7.7
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-1244 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1244 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * Desktop Applications Module 15-SP6
  * openSUSE Leap 15.4
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for emacs fixes the following issues:

  * CVE-2025-1244: improper handling of custom "man" URI schemes allow for shell
    command injections. (bsc#1237091)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-599=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-599=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-599=1

  * Desktop Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-599=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-599=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-599=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-599=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-599=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-599=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-599=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-599=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-599=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-599=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-599=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-599=1

## Package List:

  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * emacs-nox-debuginfo-27.2-150400.3.23.2
    * emacs-x11-27.2-150400.3.23.2
    * emacs-debugsource-27.2-150400.3.23.2
    * etags-27.2-150400.3.23.2
    * emacs-x11-debuginfo-27.2-150400.3.23.2
    * emacs-debuginfo-27.2-150400.3.23.2
    * etags-debuginfo-27.2-150400.3.23.2
    * emacs-27.2-150400.3.23.2
    * emacs-nox-27.2-150400.3.23.2
  * openSUSE Leap 15.4 (noarch)
    * emacs-el-27.2-150400.3.23.2
    * emacs-info-27.2-150400.3.23.2
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * emacs-nox-debuginfo-27.2-150400.3.23.2
    * emacs-x11-27.2-150400.3.23.2
    * emacs-debugsource-27.2-150400.3.23.2
    * etags-27.2-150400.3.23.2
    * emacs-x11-debuginfo-27.2-150400.3.23.2
    * emacs-debuginfo-27.2-150400.3.23.2
    * etags-debuginfo-27.2-150400.3.23.2
    * emacs-27.2-150400.3.23.2
    * emacs-nox-27.2-150400.3.23.2
  * openSUSE Leap 15.6 (noarch)
    * emacs-el-27.2-150400.3.23.2
    * emacs-info-27.2-150400.3.23.2
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * emacs-nox-debuginfo-27.2-150400.3.23.2
    * emacs-debugsource-27.2-150400.3.23.2
    * etags-27.2-150400.3.23.2
    * emacs-debuginfo-27.2-150400.3.23.2
    * etags-debuginfo-27.2-150400.3.23.2
    * emacs-27.2-150400.3.23.2
    * emacs-nox-27.2-150400.3.23.2
  * Basesystem Module 15-SP6 (noarch)
    * emacs-el-27.2-150400.3.23.2
    * emacs-info-27.2-150400.3.23.2
  * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * emacs-x11-27.2-150400.3.23.2
    * emacs-x11-debuginfo-27.2-150400.3.23.2
    * emacs-debugsource-27.2-150400.3.23.2
    * emacs-debuginfo-27.2-150400.3.23.2
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * emacs-nox-debuginfo-27.2-150400.3.23.2
    * emacs-x11-27.2-150400.3.23.2
    * emacs-debugsource-27.2-150400.3.23.2
    * etags-27.2-150400.3.23.2
    * emacs-x11-debuginfo-27.2-150400.3.23.2
    * emacs-debuginfo-27.2-150400.3.23.2
    * etags-debuginfo-27.2-150400.3.23.2
    * emacs-27.2-150400.3.23.2
    * emacs-nox-27.2-150400.3.23.2
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * emacs-el-27.2-150400.3.23.2
    * emacs-info-27.2-150400.3.23.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * emacs-nox-debuginfo-27.2-150400.3.23.2
    * emacs-x11-27.2-150400.3.23.2
    * emacs-debugsource-27.2-150400.3.23.2
    * etags-27.2-150400.3.23.2
    * emacs-x11-debuginfo-27.2-150400.3.23.2
    * emacs-debuginfo-27.2-150400.3.23.2
    * etags-debuginfo-27.2-150400.3.23.2
    * emacs-27.2-150400.3.23.2
    * emacs-nox-27.2-150400.3.23.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * emacs-el-27.2-150400.3.23.2
    * emacs-info-27.2-150400.3.23.2
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * emacs-nox-debuginfo-27.2-150400.3.23.2
    * emacs-x11-27.2-150400.3.23.2
    * emacs-debugsource-27.2-150400.3.23.2
    * etags-27.2-150400.3.23.2
    * emacs-x11-debuginfo-27.2-150400.3.23.2
    * emacs-debuginfo-27.2-150400.3.23.2
    * etags-debuginfo-27.2-150400.3.23.2
    * emacs-27.2-150400.3.23.2
    * emacs-nox-27.2-150400.3.23.2
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * emacs-el-27.2-150400.3.23.2
    * emacs-info-27.2-150400.3.23.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * emacs-nox-debuginfo-27.2-150400.3.23.2
    * emacs-x11-27.2-150400.3.23.2
    * emacs-debugsource-27.2-150400.3.23.2
    * etags-27.2-150400.3.23.2
    * emacs-x11-debuginfo-27.2-150400.3.23.2
    * emacs-debuginfo-27.2-150400.3.23.2
    * etags-debuginfo-27.2-150400.3.23.2
    * emacs-27.2-150400.3.23.2
    * emacs-nox-27.2-150400.3.23.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * emacs-el-27.2-150400.3.23.2
    * emacs-info-27.2-150400.3.23.2
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * emacs-nox-debuginfo-27.2-150400.3.23.2
    * emacs-x11-27.2-150400.3.23.2
    * emacs-debugsource-27.2-150400.3.23.2
    * etags-27.2-150400.3.23.2
    * emacs-x11-debuginfo-27.2-150400.3.23.2
    * emacs-debuginfo-27.2-150400.3.23.2
    * etags-debuginfo-27.2-150400.3.23.2
    * emacs-27.2-150400.3.23.2
    * emacs-nox-27.2-150400.3.23.2
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * emacs-el-27.2-150400.3.23.2
    * emacs-info-27.2-150400.3.23.2
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * emacs-nox-debuginfo-27.2-150400.3.23.2
    * emacs-x11-27.2-150400.3.23.2
    * emacs-debugsource-27.2-150400.3.23.2
    * etags-27.2-150400.3.23.2
    * emacs-x11-debuginfo-27.2-150400.3.23.2
    * emacs-debuginfo-27.2-150400.3.23.2
    * etags-debuginfo-27.2-150400.3.23.2
    * emacs-27.2-150400.3.23.2
    * emacs-nox-27.2-150400.3.23.2
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * emacs-el-27.2-150400.3.23.2
    * emacs-info-27.2-150400.3.23.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * emacs-nox-debuginfo-27.2-150400.3.23.2
    * emacs-x11-27.2-150400.3.23.2
    * emacs-debugsource-27.2-150400.3.23.2
    * etags-27.2-150400.3.23.2
    * emacs-x11-debuginfo-27.2-150400.3.23.2
    * emacs-debuginfo-27.2-150400.3.23.2
    * etags-debuginfo-27.2-150400.3.23.2
    * emacs-27.2-150400.3.23.2
    * emacs-nox-27.2-150400.3.23.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * emacs-el-27.2-150400.3.23.2
    * emacs-info-27.2-150400.3.23.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * emacs-nox-debuginfo-27.2-150400.3.23.2
    * emacs-x11-27.2-150400.3.23.2
    * emacs-debugsource-27.2-150400.3.23.2
    * etags-27.2-150400.3.23.2
    * emacs-x11-debuginfo-27.2-150400.3.23.2
    * emacs-debuginfo-27.2-150400.3.23.2
    * etags-debuginfo-27.2-150400.3.23.2
    * emacs-27.2-150400.3.23.2
    * emacs-nox-27.2-150400.3.23.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * emacs-el-27.2-150400.3.23.2
    * emacs-info-27.2-150400.3.23.2
  * SUSE Manager Proxy 4.3 (x86_64)
    * emacs-nox-debuginfo-27.2-150400.3.23.2
    * emacs-debugsource-27.2-150400.3.23.2
    * etags-27.2-150400.3.23.2
    * emacs-debuginfo-27.2-150400.3.23.2
    * etags-debuginfo-27.2-150400.3.23.2
    * emacs-27.2-150400.3.23.2
    * emacs-nox-27.2-150400.3.23.2
  * SUSE Manager Proxy 4.3 (noarch)
    * emacs-el-27.2-150400.3.23.2
    * emacs-info-27.2-150400.3.23.2
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * emacs-nox-debuginfo-27.2-150400.3.23.2
    * emacs-debugsource-27.2-150400.3.23.2
    * etags-27.2-150400.3.23.2
    * emacs-debuginfo-27.2-150400.3.23.2
    * etags-debuginfo-27.2-150400.3.23.2
    * emacs-27.2-150400.3.23.2
    * emacs-nox-27.2-150400.3.23.2
  * SUSE Manager Retail Branch Server 4.3 (noarch)
    * emacs-el-27.2-150400.3.23.2
    * emacs-info-27.2-150400.3.23.2
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * emacs-nox-debuginfo-27.2-150400.3.23.2
    * emacs-debugsource-27.2-150400.3.23.2
    * etags-27.2-150400.3.23.2
    * emacs-debuginfo-27.2-150400.3.23.2
    * etags-debuginfo-27.2-150400.3.23.2
    * emacs-27.2-150400.3.23.2
    * emacs-nox-27.2-150400.3.23.2
  * SUSE Manager Server 4.3 (noarch)
    * emacs-el-27.2-150400.3.23.2
    * emacs-info-27.2-150400.3.23.2

## References:

  * https://www.suse.com/security/cve/CVE-2025-1244.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237091

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/7c68e638/attachment.htm>

From null at suse.de  Fri Feb 21 10:06:45 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 10:06:45 -0000
Subject: SUSE-RU-2025:0598-1: moderate: Recommended update for kernel-firmware
Message-ID: <174013240581.12478.6645804843885884072@smelt2.prg2.suse.org>



# Recommended update for kernel-firmware

Announcement ID: SUSE-RU-2025:0598-1  
Release Date: 2025-02-19T13:07:21Z  
Rating: moderate  
References:

  * bsc#1236196

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that has one fix can now be installed.

## Description:

This update for kernel-firmware fixes the following issues:

  * Version upgrade 20250122
  * amdgpu: revert DMCUB 3.1.4 firmware (bsc#1236196)
  * firmware update for various devices: amdgpu, amlogic, mediatek MT7925, qcom,
    iwlwifi, rtw89, cirrus, rtl_bt
  * Add missing license entries

## Special Instructions and Notes:

  * Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-598=1 openSUSE-SLE-15.6-2025-598=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-598=1

## Package List:

  * openSUSE Leap 15.6 (noarch)
    * kernel-firmware-sound-20250122-150600.3.12.3
    * kernel-firmware-serial-20250122-150600.3.12.3
    * kernel-firmware-iwlwifi-20250122-150600.3.12.3
    * kernel-firmware-intel-20250122-150600.3.12.3
    * kernel-firmware-ti-20250122-150600.3.12.3
    * kernel-firmware-mediatek-20250122-150600.3.12.3
    * kernel-firmware-20250122-150600.3.12.3
    * kernel-firmware-amdgpu-20250122-150600.3.12.3
    * kernel-firmware-dpaa2-20250122-150600.3.12.3
    * kernel-firmware-liquidio-20250122-150600.3.12.3
    * kernel-firmware-realtek-20250122-150600.3.12.3
    * kernel-firmware-ath11k-20250122-150600.3.12.3
    * kernel-firmware-network-20250122-150600.3.12.3
    * ucode-amd-20250122-150600.3.12.3
    * kernel-firmware-marvell-20250122-150600.3.12.3
    * kernel-firmware-nvidia-20250122-150600.3.12.3
    * kernel-firmware-usb-network-20250122-150600.3.12.3
    * kernel-firmware-mellanox-20250122-150600.3.12.3
    * kernel-firmware-ath10k-20250122-150600.3.12.3
    * kernel-firmware-ath12k-20250122-150600.3.12.3
    * kernel-firmware-atheros-20250122-150600.3.12.3
    * kernel-firmware-platform-20250122-150600.3.12.3
    * kernel-firmware-i915-20250122-150600.3.12.3
    * kernel-firmware-brcm-20250122-150600.3.12.3
    * kernel-firmware-prestera-20250122-150600.3.12.3
    * kernel-firmware-qcom-20250122-150600.3.12.3
    * kernel-firmware-media-20250122-150600.3.12.3
    * kernel-firmware-mwifiex-20250122-150600.3.12.3
    * kernel-firmware-bnx2-20250122-150600.3.12.3
    * kernel-firmware-radeon-20250122-150600.3.12.3
    * kernel-firmware-bluetooth-20250122-150600.3.12.3
    * kernel-firmware-nfp-20250122-150600.3.12.3
    * kernel-firmware-all-20250122-150600.3.12.3
    * kernel-firmware-chelsio-20250122-150600.3.12.3
    * kernel-firmware-ueagle-20250122-150600.3.12.3
    * kernel-firmware-qlogic-20250122-150600.3.12.3
  * Basesystem Module 15-SP6 (noarch)
    * kernel-firmware-sound-20250122-150600.3.12.3
    * kernel-firmware-serial-20250122-150600.3.12.3
    * kernel-firmware-iwlwifi-20250122-150600.3.12.3
    * kernel-firmware-intel-20250122-150600.3.12.3
    * kernel-firmware-ti-20250122-150600.3.12.3
    * kernel-firmware-mediatek-20250122-150600.3.12.3
    * kernel-firmware-amdgpu-20250122-150600.3.12.3
    * kernel-firmware-dpaa2-20250122-150600.3.12.3
    * kernel-firmware-liquidio-20250122-150600.3.12.3
    * kernel-firmware-realtek-20250122-150600.3.12.3
    * kernel-firmware-ath11k-20250122-150600.3.12.3
    * kernel-firmware-network-20250122-150600.3.12.3
    * ucode-amd-20250122-150600.3.12.3
    * kernel-firmware-marvell-20250122-150600.3.12.3
    * kernel-firmware-nvidia-20250122-150600.3.12.3
    * kernel-firmware-usb-network-20250122-150600.3.12.3
    * kernel-firmware-mellanox-20250122-150600.3.12.3
    * kernel-firmware-ath10k-20250122-150600.3.12.3
    * kernel-firmware-ath12k-20250122-150600.3.12.3
    * kernel-firmware-atheros-20250122-150600.3.12.3
    * kernel-firmware-platform-20250122-150600.3.12.3
    * kernel-firmware-i915-20250122-150600.3.12.3
    * kernel-firmware-brcm-20250122-150600.3.12.3
    * kernel-firmware-prestera-20250122-150600.3.12.3
    * kernel-firmware-qcom-20250122-150600.3.12.3
    * kernel-firmware-media-20250122-150600.3.12.3
    * kernel-firmware-mwifiex-20250122-150600.3.12.3
    * kernel-firmware-bnx2-20250122-150600.3.12.3
    * kernel-firmware-radeon-20250122-150600.3.12.3
    * kernel-firmware-bluetooth-20250122-150600.3.12.3
    * kernel-firmware-nfp-20250122-150600.3.12.3
    * kernel-firmware-all-20250122-150600.3.12.3
    * kernel-firmware-chelsio-20250122-150600.3.12.3
    * kernel-firmware-ueagle-20250122-150600.3.12.3
    * kernel-firmware-qlogic-20250122-150600.3.12.3

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1236196

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/7008939e/attachment.htm>

From null at suse.de  Fri Feb 21 10:06:47 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 10:06:47 -0000
Subject: SUSE-RU-2025:0597-1: moderate: Recommended update for netavark
Message-ID: <174013240788.12478.5783439686019591453@smelt2.prg2.suse.org>



# Recommended update for netavark

Announcement ID: SUSE-RU-2025:0597-1  
Release Date: 2025-02-19T13:02:16Z  
Rating: moderate  
References:

  * bsc#1236567

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4

  
  
An update that has one fix can now be installed.

## Description:

This update for netavark, aardvark-dns fixes the following issues:

  * Update netavark to version 1.12.2

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-597=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-597=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-597=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-597=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-597=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-597=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-597=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-597=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-597=1

## Package List:

  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * netavark-1.12.2-150400.9.13.1
    * aardvark-dns-1.12.2-150400.9.11.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * netavark-1.12.2-150400.9.13.1
    * aardvark-dns-1.12.2-150400.9.11.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * netavark-1.12.2-150400.9.13.1
    * aardvark-dns-1.12.2-150400.9.11.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * netavark-1.12.2-150400.9.13.1
    * aardvark-dns-1.12.2-150400.9.11.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * netavark-1.12.2-150400.9.13.1
    * aardvark-dns-1.12.2-150400.9.11.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * netavark-1.12.2-150400.9.13.1
    * aardvark-dns-1.12.2-150400.9.11.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * netavark-1.12.2-150400.9.13.1
    * aardvark-dns-1.12.2-150400.9.11.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * netavark-1.12.2-150400.9.13.1
    * aardvark-dns-1.12.2-150400.9.11.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * netavark-1.12.2-150400.9.13.1
    * aardvark-dns-1.12.2-150400.9.11.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1236567

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/d361eece/attachment.htm>

From null at suse.de  Fri Feb 21 10:06:52 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 10:06:52 -0000
Subject: SUSE-RU-2025:0596-1: moderate: Recommended update for netavark
Message-ID: <174013241298.12478.3780211384856820924@smelt2.prg2.suse.org>



# Recommended update for netavark

Announcement ID: SUSE-RU-2025:0596-1  
Release Date: 2025-02-19T13:01:18Z  
Rating: moderate  
References:

  * bsc#1236567

  
Affected Products:

  * Containers Module 15-SP6
  * openSUSE Leap 15.5
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that has one fix can now be installed.

## Description:

This update for netavark, aardvark-dns fixes the following issues:

  * Update to version 1.12.2

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-596=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-596=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-596=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-596=1

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-596=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-596=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-596=1

  * Containers Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-596=1

## Package List:

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * netavark-1.12.2-150500.3.11.1
    * aardvark-dns-1.12.2-150500.3.9.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * netavark-1.12.2-150500.3.11.1
    * aardvark-dns-1.12.2-150500.3.9.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * netavark-1.12.2-150500.3.11.1
    * aardvark-dns-1.12.2-150500.3.9.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * netavark-1.12.2-150500.3.11.1
    * aardvark-dns-1.12.2-150500.3.9.1
  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
    * netavark-1.12.2-150500.3.11.1
    * aardvark-dns-1.12.2-150500.3.9.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * netavark-1.12.2-150500.3.11.1
    * aardvark-dns-1.12.2-150500.3.9.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * netavark-1.12.2-150500.3.11.1
    * aardvark-dns-1.12.2-150500.3.9.1
  * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * netavark-1.12.2-150500.3.11.1
    * aardvark-dns-1.12.2-150500.3.9.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1236567

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/7fd26b92/attachment.htm>

From null at suse.de  Fri Feb 21 10:06:56 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 10:06:56 -0000
Subject: SUSE-RU-2025:0595-1: moderate: Recommended update for netavark
Message-ID: <174013241617.12478.9036084588969815062@smelt2.prg2.suse.org>



# Recommended update for netavark

Announcement ID: SUSE-RU-2025:0595-1  
Release Date: 2025-02-19T13:00:43Z  
Rating: moderate  
References:

  * bsc#1236567

  
Affected Products:

  * openSUSE Leap 15.3
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.2
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3

  
  
An update that has one fix can now be installed.

## Description:

This update for netavark, aardvark-dns fixes the following issues:

  * Update to version 1.12.2

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-595=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-595=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-595=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-595=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-595=1

  * SUSE Linux Enterprise Micro 5.1  
    zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-595=1

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-595=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-595=1

## Package List:

  * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
    * aardvark-dns-1.12.2-150300.7.11.1
    * netavark-1.12.2-150300.7.14.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * aardvark-dns-1.12.2-150300.7.11.1
    * netavark-1.12.2-150300.7.14.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * aardvark-dns-1.12.2-150300.7.11.1
    * netavark-1.12.2-150300.7.14.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * aardvark-dns-1.12.2-150300.7.11.1
    * netavark-1.12.2-150300.7.14.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * aardvark-dns-1.12.2-150300.7.11.1
    * netavark-1.12.2-150300.7.14.1
  * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
    * aardvark-dns-1.12.2-150300.7.11.1
    * netavark-1.12.2-150300.7.14.1
  * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
    * aardvark-dns-1.12.2-150300.7.11.1
    * netavark-1.12.2-150300.7.14.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
    * aardvark-dns-1.12.2-150300.7.11.1
    * netavark-1.12.2-150300.7.14.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1236567

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/7f0f2d9d/attachment.htm>

From null at suse.de  Fri Feb 21 10:07:00 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 10:07:00 -0000
Subject: SUSE-RU-2025:0594-1: moderate: Recommended update for ppc64-diag
Message-ID: <174013242032.12478.183500637750920736@smelt2.prg2.suse.org>



# Recommended update for ppc64-diag

Announcement ID: SUSE-RU-2025:0594-1  
Release Date: 2025-02-19T13:00:13Z  
Rating: moderate  
References:

  * bsc#1234980
  * jsc#PED-9918

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that contains one feature and has one fix can now be installed.

## Description:

This update for ppc64-diag fixes the following issues:

  * Add support for Power11 in diag_nvme (bsc#1234980)
  * Version 2.6.10 (jsc#PED-9918).
  * Add support for multiple platform dumps
  * Add support for light path diagnostics for rtas events
  * Enable correct display of model and system-id for IPS Power systems
  * Fix call home feature for nvmf devices
  * Fix crash in rtas_errd due to invalid -f option values
  * Fix build warnings with GCC-15
  * Migrate from cron to systemd timers.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-594=1 openSUSE-SLE-15.6-2025-594=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-594=1

## Package List:

  * openSUSE Leap 15.6 (ppc64le)
    * ppc64-diag-debuginfo-2.7.10-150600.6.3.1
    * ppc64-diag-debugsource-2.7.10-150600.6.3.1
    * ppc64-diag-2.7.10-150600.6.3.1
  * Basesystem Module 15-SP6 (ppc64le)
    * ppc64-diag-debuginfo-2.7.10-150600.6.3.1
    * ppc64-diag-debugsource-2.7.10-150600.6.3.1
    * ppc64-diag-2.7.10-150600.6.3.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1234980
  * https://jira.suse.com/browse/PED-9918

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/4ae855a4/attachment.htm>

From null at suse.de  Fri Feb 21 10:07:05 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 10:07:05 -0000
Subject: SUSE-RU-2025:0593-1: important: Recommended update for yast2-cluster
Message-ID: <174013242538.12478.11157144911976552491@smelt2.prg2.suse.org>



# Recommended update for yast2-cluster

Announcement ID: SUSE-RU-2025:0593-1  
Release Date: 2025-02-19T12:06:03Z  
Rating: important  
References:

  * bsc#1208913
  * bsc#1209602
  * bsc#1219773
  * bsc#1236903

  
Affected Products:

  * openSUSE Leap 15.6
  * SUSE Linux Enterprise High Availability Extension 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that has four fixes can now be installed.

## Description:

This update for yast2-cluster fixes the following issues:

  * Fix a typo for sctp in cluster.firewalld.xml (bsc#1236903)
  * Update HA related ports (bsc#1219773)
  * Bugs in yast2-cluster write (bsc#1209602)
  * Bump YaST package versions (bsc#1208913)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-593=1 SUSE-2025-593=1

  * SUSE Linux Enterprise High Availability Extension 15 SP6  
    zypper in -t patch SUSE-SLE-Product-HA-15-SP6-2025-593=1

## Package List:

  * openSUSE Leap 15.6 (noarch)
    * yast2-cluster-4.6.4-150600.3.3.1
  * SUSE Linux Enterprise High Availability Extension 15 SP6 (noarch)
    * yast2-cluster-4.6.4-150600.3.3.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1208913
  * https://bugzilla.suse.com/show_bug.cgi?id=1209602
  * https://bugzilla.suse.com/show_bug.cgi?id=1219773
  * https://bugzilla.suse.com/show_bug.cgi?id=1236903

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/baaaae2f/attachment.htm>

From null at suse.de  Fri Feb 21 10:07:08 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 10:07:08 -0000
Subject: SUSE-RU-2025:0592-1: important: Recommended update for yast2-cluster
Message-ID: <174013242812.12478.11999963707055277115@smelt2.prg2.suse.org>



# Recommended update for yast2-cluster

Announcement ID: SUSE-RU-2025:0592-1  
Release Date: 2025-02-19T12:05:26Z  
Rating: important  
References:

  * bsc#1219773
  * bsc#1236903

  
Affected Products:

  * openSUSE Leap 15.5
  * SUSE Linux Enterprise High Availability Extension 15 SP5
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5

  
  
An update that has two fixes can now be installed.

## Description:

This update for yast2-cluster fixes the following issues:

  * Fix a typo for sctp in cluster.firewalld.xml (bsc#1236903)
  * Update HA related ports (bsc#1219773)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-592=1

  * SUSE Linux Enterprise High Availability Extension 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HA-15-SP5-2025-592=1

## Package List:

  * openSUSE Leap 15.5 (noarch)
    * yast2-cluster-4.5.4-150500.3.3.1
  * SUSE Linux Enterprise High Availability Extension 15 SP5 (noarch)
    * yast2-cluster-4.5.4-150500.3.3.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1219773
  * https://bugzilla.suse.com/show_bug.cgi?id=1236903

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/fd578470/attachment.htm>

From null at suse.de  Fri Feb 21 12:30:08 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 12:30:08 -0000
Subject: SUSE-RU-2025:0628-1: moderate: Recommended update for crmsh
Message-ID: <174014100845.8028.2534097113887295952@smelt2.prg2.suse.org>



# Recommended update for crmsh

Announcement ID: SUSE-RU-2025:0628-1  
Release Date: 2025-02-21T11:39:07Z  
Rating: moderate  
References:

  * bsc#1229419
  * bsc#1235930
  * bsc#1236220

  
Affected Products:

  * openSUSE Leap 15.6
  * SUSE Linux Enterprise High Availability Extension 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that has three fixes can now be installed.

## Description:

This update for crmsh fixes the following issues:

  * Version update 4.6.1+20250218.34cf2a4:
  * Fix: Check if mounted.ocfs2 command exists before using it (bsc#1236220).
  * Fix: Check corosync.service status before querying quorum status
    (bsc#1235930).
  * Fix: Local joining node should be included when merging known_hosts
    (bsc#1229419).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-628=1 openSUSE-SLE-15.6-2025-628=1

  * SUSE Linux Enterprise High Availability Extension 15 SP6  
    zypper in -t patch SUSE-SLE-Product-HA-15-SP6-2025-628=1

## Package List:

  * openSUSE Leap 15.6 (noarch)
    * crmsh-4.6.1+20250218.34cf2a4-150600.3.23.2
    * crmsh-scripts-4.6.1+20250218.34cf2a4-150600.3.23.2
    * crmsh-test-4.6.1+20250218.34cf2a4-150600.3.23.2
  * SUSE Linux Enterprise High Availability Extension 15 SP6 (noarch)
    * crmsh-4.6.1+20250218.34cf2a4-150600.3.23.2
    * crmsh-scripts-4.6.1+20250218.34cf2a4-150600.3.23.2

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1229419
  * https://bugzilla.suse.com/show_bug.cgi?id=1235930
  * https://bugzilla.suse.com/show_bug.cgi?id=1236220

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/76cfbc46/attachment.htm>

From null at suse.de  Fri Feb 21 12:30:12 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 12:30:12 -0000
Subject: SUSE-FU-2025:0627-1: low: Feature update for opencv,
 python-python-gnupg, python-pytzdata
Message-ID: <174014101277.8028.4692947406229243990@smelt2.prg2.suse.org>



# Feature update for opencv, python-python-gnupg, python-pytzdata

Announcement ID: SUSE-FU-2025:0627-1  
Release Date: 2025-02-21T11:37:15Z  
Rating: low  
References:

  * bsc#1232804
  * bsc#1232805

  
Affected Products:

  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Linux Enterprise Workstation Extension 15 SP6
  * SUSE Package Hub 15 15-SP6

  
  
An update that has two fixes can now be installed.

## Description:

This update for opencv, python-python-gnupg, python-pytzdata fixes the following
issues:

  * Add missing dependencies to Packagehub 15-SP6 (bsc#1232805, bsc#1232804)
    * python311-pytzdata
    * python311-python-gnupg
    * libopencv409
    * libopencv_aruco409
    * libopencv_face409
    * libopencv_gapi409
    * libopencv_highgui409
    * libopencv_imgcodecs409
    * libopencv_objdetect409
    * libopencv_optflow409
    * libopencv_superres409
    * libopencv_videoio409
    * libopencv_videostab409
    * libopencv_ximgproc409
    * opencv

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-627=1 SUSE-2025-627=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-627=1

  * SUSE Linux Enterprise Workstation Extension 15 SP6  
    zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2025-627=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * libopencv_videostab409-4.9.0-150600.3.4.1
    * libopencv_gapi409-4.9.0-150600.3.4.1
    * libopencv_videostab409-debuginfo-4.9.0-150600.3.4.1
    * libopencv_superres409-4.9.0-150600.3.4.1
    * libopencv409-debuginfo-4.9.0-150600.3.4.1
    * libopencv_face409-debuginfo-4.9.0-150600.3.4.1
    * libopencv_optflow409-4.9.0-150600.3.4.1
    * libopencv_objdetect409-debuginfo-4.9.0-150600.3.4.1
    * libopencv_highgui409-4.9.0-150600.3.4.1
    * libopencv_objdetect409-4.9.0-150600.3.4.1
    * libopencv_gapi409-debuginfo-4.9.0-150600.3.4.1
    * libopencv409-4.9.0-150600.3.4.1
    * opencv-devel-4.9.0-150600.3.4.1
    * libopencv_imgcodecs409-4.9.0-150600.3.4.1
    * libopencv_ximgproc409-4.9.0-150600.3.4.1
    * libopencv_ximgproc409-debuginfo-4.9.0-150600.3.4.1
    * libopencv_aruco409-4.9.0-150600.3.4.1
    * libopencv_superres409-debuginfo-4.9.0-150600.3.4.1
    * libopencv_highgui409-debuginfo-4.9.0-150600.3.4.1
    * python311-opencv-debuginfo-4.9.0-150600.3.4.1
    * opencv-4.9.0-150600.3.4.1
    * python3-opencv-debuginfo-4.9.0-150600.3.4.1
    * libopencv_imgcodecs409-debuginfo-4.9.0-150600.3.4.1
    * python311-opencv-4.9.0-150600.3.4.1
    * python3-opencv-4.9.0-150600.3.4.1
    * libopencv_videoio409-4.9.0-150600.3.4.1
    * libopencv_aruco409-debuginfo-4.9.0-150600.3.4.1
    * libopencv_optflow409-debuginfo-4.9.0-150600.3.4.1
    * opencv-debugsource-4.9.0-150600.3.4.1
    * libopencv_face409-4.9.0-150600.3.4.1
    * opencv-debuginfo-4.9.0-150600.3.4.1
    * libopencv_videoio409-debuginfo-4.9.0-150600.3.4.1
  * openSUSE Leap 15.6 (noarch)
    * opencv4-cascades-data-4.9.0-150600.3.4.1
    * python311-python-gnupg-0.5.2-150600.3.2.1
    * opencv-doc-4.9.0-150600.3.4.1
    * python311-pytzdata-2020.1-150600.3.2.1
  * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x)
    * libopencv_objdetect409-4.9.0-150600.3.4.1
    * libopencv_videostab409-4.9.0-150600.3.4.1
    * libopencv_gapi409-4.9.0-150600.3.4.1
    * opencv-4.9.0-150600.3.4.1
    * libopencv_videoio409-4.9.0-150600.3.4.1
    * libopencv409-4.9.0-150600.3.4.1
    * libopencv_face409-4.9.0-150600.3.4.1
    * libopencv_imgcodecs409-4.9.0-150600.3.4.1
    * libopencv_ximgproc409-4.9.0-150600.3.4.1
    * libopencv_superres409-4.9.0-150600.3.4.1
    * libopencv_optflow409-4.9.0-150600.3.4.1
    * libopencv_aruco409-4.9.0-150600.3.4.1
    * libopencv_highgui409-4.9.0-150600.3.4.1
  * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64)
    * opencv-debugsource-4.9.0-150600.3.4.1
    * python3-opencv-debuginfo-4.9.0-150600.3.4.1
    * opencv-debuginfo-4.9.0-150600.3.4.1
    * python311-opencv-4.9.0-150600.3.4.1
    * python3-opencv-4.9.0-150600.3.4.1
  * SUSE Package Hub 15 15-SP6 (noarch)
    * python311-python-gnupg-0.5.2-150600.3.2.1
    * python311-pytzdata-2020.1-150600.3.2.1
  * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64)
    * libopencv_videostab409-4.9.0-150600.3.4.1
    * libopencv_gapi409-4.9.0-150600.3.4.1
    * libopencv_videostab409-debuginfo-4.9.0-150600.3.4.1
    * libopencv_superres409-4.9.0-150600.3.4.1
    * libopencv409-debuginfo-4.9.0-150600.3.4.1
    * libopencv_face409-debuginfo-4.9.0-150600.3.4.1
    * libopencv_optflow409-4.9.0-150600.3.4.1
    * libopencv_objdetect409-debuginfo-4.9.0-150600.3.4.1
    * libopencv_highgui409-4.9.0-150600.3.4.1
    * libopencv_objdetect409-4.9.0-150600.3.4.1
    * libopencv_gapi409-debuginfo-4.9.0-150600.3.4.1
    * libopencv409-4.9.0-150600.3.4.1
    * opencv-devel-4.9.0-150600.3.4.1
    * libopencv_imgcodecs409-4.9.0-150600.3.4.1
    * libopencv_ximgproc409-4.9.0-150600.3.4.1
    * libopencv_ximgproc409-debuginfo-4.9.0-150600.3.4.1
    * libopencv_aruco409-4.9.0-150600.3.4.1
    * libopencv_superres409-debuginfo-4.9.0-150600.3.4.1
    * libopencv_highgui409-debuginfo-4.9.0-150600.3.4.1
    * opencv-4.9.0-150600.3.4.1
    * libopencv_imgcodecs409-debuginfo-4.9.0-150600.3.4.1
    * libopencv_videoio409-4.9.0-150600.3.4.1
    * libopencv_aruco409-debuginfo-4.9.0-150600.3.4.1
    * libopencv_optflow409-debuginfo-4.9.0-150600.3.4.1
    * opencv-debugsource-4.9.0-150600.3.4.1
    * libopencv_face409-4.9.0-150600.3.4.1
    * opencv-debuginfo-4.9.0-150600.3.4.1
    * libopencv_videoio409-debuginfo-4.9.0-150600.3.4.1
  * SUSE Linux Enterprise Workstation Extension 15 SP6 (noarch)
    * opencv4-cascades-data-4.9.0-150600.3.4.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1232804
  * https://bugzilla.suse.com/show_bug.cgi?id=1232805

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/9f772bcf/attachment.htm>

From null at suse.de  Fri Feb 21 12:30:14 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 12:30:14 -0000
Subject: SUSE-RU-2025:0626-1: moderate: Recommended update for crypto-policies
Message-ID: <174014101480.8028.8522915438141948745@smelt2.prg2.suse.org>



# Recommended update for crypto-policies

Announcement ID: SUSE-RU-2025:0626-1  
Release Date: 2025-02-21T11:18:13Z  
Rating: moderate  
References:

  * bsc#1236858

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that has one fix can now be installed.

## Description:

This update for crypto-policies fixes the following issue:

  * Remove dangling symlink for the libreswan config (bsc#1236858).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-626=1 openSUSE-SLE-15.6-2025-626=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-626=1

## Package List:

  * openSUSE Leap 15.6 (noarch)
    * crypto-policies-scripts-20230920.570ea89-150600.3.6.5
    * crypto-policies-20230920.570ea89-150600.3.6.5
  * Basesystem Module 15-SP6 (noarch)
    * crypto-policies-scripts-20230920.570ea89-150600.3.6.5
    * crypto-policies-20230920.570ea89-150600.3.6.5

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1236858

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/e15145ce/attachment.htm>

From null at suse.de  Fri Feb 21 12:30:18 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 12:30:18 -0000
Subject: SUSE-RU-2025:0625-1: moderate: Recommended update for tcsh
Message-ID: <174014101833.8028.1666133137454264616@smelt2.prg2.suse.org>



# Recommended update for tcsh

Announcement ID: SUSE-RU-2025:0625-1  
Release Date: 2025-02-21T11:08:57Z  
Rating: moderate  
References:

  * bsc#1170527

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that has one fix can now be installed.

## Description:

This update for tcsh fixes the following issues:

  * Do not interfere Meta with Carriage Return (bsc#1170527).
  * Key-binding: support also other variants of terminals like xterm-256color.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-625=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-625=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-625=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-625=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-625=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-625=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-625=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-625=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-625=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-625=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-625=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-625=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-625=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-625=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-625=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-625=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-625=1

## Package List:

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * tcsh-6.20.00-150000.4.18.2
    * tcsh-debuginfo-6.20.00-150000.4.18.2
    * tcsh-debugsource-6.20.00-150000.4.18.2
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * tcsh-lang-6.20.00-150000.4.18.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * tcsh-6.20.00-150000.4.18.2
    * tcsh-debuginfo-6.20.00-150000.4.18.2
    * tcsh-debugsource-6.20.00-150000.4.18.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * tcsh-lang-6.20.00-150000.4.18.2
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * tcsh-6.20.00-150000.4.18.2
    * tcsh-debuginfo-6.20.00-150000.4.18.2
    * tcsh-debugsource-6.20.00-150000.4.18.2
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * tcsh-lang-6.20.00-150000.4.18.2
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * tcsh-6.20.00-150000.4.18.2
    * tcsh-debuginfo-6.20.00-150000.4.18.2
    * tcsh-debugsource-6.20.00-150000.4.18.2
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * tcsh-lang-6.20.00-150000.4.18.2
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * tcsh-6.20.00-150000.4.18.2
    * tcsh-debuginfo-6.20.00-150000.4.18.2
    * tcsh-debugsource-6.20.00-150000.4.18.2
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * tcsh-lang-6.20.00-150000.4.18.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * tcsh-6.20.00-150000.4.18.2
    * tcsh-debuginfo-6.20.00-150000.4.18.2
    * tcsh-debugsource-6.20.00-150000.4.18.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * tcsh-lang-6.20.00-150000.4.18.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * tcsh-6.20.00-150000.4.18.2
    * tcsh-debuginfo-6.20.00-150000.4.18.2
    * tcsh-debugsource-6.20.00-150000.4.18.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * tcsh-lang-6.20.00-150000.4.18.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * tcsh-6.20.00-150000.4.18.2
    * tcsh-debuginfo-6.20.00-150000.4.18.2
    * tcsh-debugsource-6.20.00-150000.4.18.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * tcsh-lang-6.20.00-150000.4.18.2
  * SUSE Manager Proxy 4.3 (x86_64)
    * tcsh-6.20.00-150000.4.18.2
    * tcsh-debuginfo-6.20.00-150000.4.18.2
    * tcsh-debugsource-6.20.00-150000.4.18.2
  * SUSE Manager Proxy 4.3 (noarch)
    * tcsh-lang-6.20.00-150000.4.18.2
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * tcsh-6.20.00-150000.4.18.2
    * tcsh-debuginfo-6.20.00-150000.4.18.2
    * tcsh-debugsource-6.20.00-150000.4.18.2
  * SUSE Manager Retail Branch Server 4.3 (noarch)
    * tcsh-lang-6.20.00-150000.4.18.2
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * tcsh-6.20.00-150000.4.18.2
    * tcsh-debuginfo-6.20.00-150000.4.18.2
    * tcsh-debugsource-6.20.00-150000.4.18.2
  * SUSE Manager Server 4.3 (noarch)
    * tcsh-lang-6.20.00-150000.4.18.2
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * tcsh-6.20.00-150000.4.18.2
    * tcsh-debuginfo-6.20.00-150000.4.18.2
    * tcsh-debugsource-6.20.00-150000.4.18.2
  * SUSE Enterprise Storage 7.1 (noarch)
    * tcsh-lang-6.20.00-150000.4.18.2
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * tcsh-6.20.00-150000.4.18.2
    * tcsh-debuginfo-6.20.00-150000.4.18.2
    * tcsh-debugsource-6.20.00-150000.4.18.2
  * openSUSE Leap 15.6 (noarch)
    * tcsh-lang-6.20.00-150000.4.18.2
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * tcsh-6.20.00-150000.4.18.2
    * tcsh-debuginfo-6.20.00-150000.4.18.2
    * tcsh-debugsource-6.20.00-150000.4.18.2
  * Basesystem Module 15-SP6 (noarch)
    * tcsh-lang-6.20.00-150000.4.18.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * tcsh-6.20.00-150000.4.18.2
    * tcsh-debuginfo-6.20.00-150000.4.18.2
    * tcsh-debugsource-6.20.00-150000.4.18.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * tcsh-lang-6.20.00-150000.4.18.2
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * tcsh-6.20.00-150000.4.18.2
    * tcsh-debuginfo-6.20.00-150000.4.18.2
    * tcsh-debugsource-6.20.00-150000.4.18.2
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * tcsh-lang-6.20.00-150000.4.18.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * tcsh-6.20.00-150000.4.18.2
    * tcsh-debuginfo-6.20.00-150000.4.18.2
    * tcsh-debugsource-6.20.00-150000.4.18.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * tcsh-lang-6.20.00-150000.4.18.2

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1170527

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/7604edaa/attachment.htm>

From null at suse.de  Fri Feb 21 12:30:23 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 12:30:23 -0000
Subject: SUSE-SU-2025:0624-1: important: Security update for grafana
Message-ID: <174014102341.8028.2106241424167610625@smelt2.prg2.suse.org>



# Security update for grafana

Announcement ID: SUSE-SU-2025:0624-1  
Release Date: 2025-02-21T11:00:27Z  
Rating: important  
References:

  * bsc#1235206
  * bsc#1235574
  * bsc#1236559
  * bsc#1236734

  
Cross-References:

  * CVE-2024-11741
  * CVE-2024-28180
  * CVE-2024-45339
  * CVE-2025-21613

  
CVSS scores:

  * CVE-2024-11741 ( SUSE ):  2.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-11741 ( SUSE ):  3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-11741 ( NVD ):  4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-28180 ( SUSE ):  2.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-28180 ( SUSE ):  4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-28180 ( NVD ):  4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-45339 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-45339 ( SUSE ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
  * CVE-2024-45339 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
  * CVE-2025-21613 ( SUSE ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-21613 ( NVD ):  9.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Clear
  * CVE-2025-21613 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.3
  * openSUSE Leap 15.4
  * openSUSE Leap 15.5
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15
  * SUSE Linux Enterprise Desktop 15 SP1
  * SUSE Linux Enterprise Desktop 15 SP2
  * SUSE Linux Enterprise Desktop 15 SP3
  * SUSE Linux Enterprise Desktop 15 SP4
  * SUSE Linux Enterprise Desktop 15 SP5
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15
  * SUSE Linux Enterprise High Performance Computing 15 SP1
  * SUSE Linux Enterprise High Performance Computing 15 SP2
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise Real Time 15 SP1
  * SUSE Linux Enterprise Real Time 15 SP2
  * SUSE Linux Enterprise Real Time 15 SP3
  * SUSE Linux Enterprise Real Time 15 SP4
  * SUSE Linux Enterprise Real Time 15 SP5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15
  * SUSE Linux Enterprise Server 15 SP1
  * SUSE Linux Enterprise Server 15 SP2
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15
  * SUSE Linux Enterprise Server for SAP Applications 15 SP1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Manager Client Tools for SLE 15

  
  
An update that solves four vulnerabilities can now be installed.

## Description:

This update for grafana fixes the following issues:

grafana was updated from version 10.4.13 to 10.4.15:

  * Security issues fixed:
    * CVE-2024-45339: Fixed vulnerability when creating log files (bsc#1236559)
    * CVE-2024-11741: Fixed the Grafana Alerting VictorOps integration (bsc#1236734)
    * CVE-2025-21613: Removed vulnerable library github.com/go-git/go-git/v5 (bsc#1235574)
    * CVE-2024-28180: Fixed improper handling of highly compressed data (bsc#1235206)
  * Other bugs fixed and changes:
    * Alerting: Do not fetch Orgs if the user is authenticated by apikey/sa or render key
    * Added provisioning directories
    * Use /bin/bash in wrapper scripts

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Manager Client Tools for SLE 15  
    zypper in -t patch SUSE-SLE-Manager-Tools-15-2025-624=1

## Package List:

  * SUSE Manager Client Tools for SLE 15 (aarch64 ppc64le s390x x86_64)
    * grafana-debuginfo-10.4.15-150000.1.71.1
    * grafana-10.4.15-150000.1.71.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-11741.html
  * https://www.suse.com/security/cve/CVE-2024-28180.html
  * https://www.suse.com/security/cve/CVE-2024-45339.html
  * https://www.suse.com/security/cve/CVE-2025-21613.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1235206
  * https://bugzilla.suse.com/show_bug.cgi?id=1235574
  * https://bugzilla.suse.com/show_bug.cgi?id=1236559
  * https://bugzilla.suse.com/show_bug.cgi?id=1236734

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/f841fc8c/attachment-0001.htm>

From null at suse.de  Fri Feb 21 12:30:27 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 12:30:27 -0000
Subject: SUSE-SU-2025:0623-1: important: Security update for grafana
Message-ID: <174014102769.8028.3016104499802328101@smelt2.prg2.suse.org>



# Security update for grafana

Announcement ID: SUSE-SU-2025:0623-1  
Release Date: 2025-02-21T11:00:15Z  
Rating: important  
References:

  * bsc#1235206
  * bsc#1235574
  * bsc#1236559
  * bsc#1236734

  
Cross-References:

  * CVE-2024-11741
  * CVE-2024-28180
  * CVE-2024-45339
  * CVE-2025-21613

  
CVSS scores:

  * CVE-2024-11741 ( SUSE ):  2.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-11741 ( SUSE ):  3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-11741 ( NVD ):  4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-28180 ( SUSE ):  2.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-28180 ( SUSE ):  4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-28180 ( NVD ):  4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-45339 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-45339 ( SUSE ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
  * CVE-2024-45339 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
  * CVE-2025-21613 ( SUSE ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-21613 ( NVD ):  9.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Clear
  * CVE-2025-21613 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Package Hub 15 15-SP6

  
  
An update that solves four vulnerabilities can now be installed.

## Description:

This update for grafana fixes the following issues:

grafana was updated from version 10.4.13 to 10.4.15:

  * Security issues fixed:
    * CVE-2024-45339: Fixed vulnerability when creating log files (bsc#1236559)
    * CVE-2024-11741: Fixed the Grafana Alerting VictorOps integration (bsc#1236734)
    * CVE-2025-21613: Removed vulnerable library github.com/go-git/go-git/v5 (bsc#1235574)
    * CVE-2024-28180: Fixed improper handling of highly compressed data (bsc#1235206)
  * Other bugs fixed and changes:
    * Alerting: Do not fetch Orgs if the user is authenticated by apikey/sa or render key
    * Added provisioning directories
    * Use /bin/bash in wrapper scripts

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-623=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-623=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * grafana-debuginfo-10.4.15-150200.3.64.1
    * grafana-10.4.15-150200.3.64.1
  * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64)
    * grafana-debuginfo-10.4.15-150200.3.64.1
    * grafana-10.4.15-150200.3.64.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-11741.html
  * https://www.suse.com/security/cve/CVE-2024-28180.html
  * https://www.suse.com/security/cve/CVE-2024-45339.html
  * https://www.suse.com/security/cve/CVE-2025-21613.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1235206
  * https://bugzilla.suse.com/show_bug.cgi?id=1235574
  * https://bugzilla.suse.com/show_bug.cgi?id=1236559
  * https://bugzilla.suse.com/show_bug.cgi?id=1236734

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/074a3e1d/attachment.htm>

From null at suse.de  Fri Feb 21 12:30:32 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 12:30:32 -0000
Subject: SUSE-SU-2025:0622-1: important: Security update for grafana
Message-ID: <174014103281.8028.2688280731391695407@smelt2.prg2.suse.org>



# Security update for grafana

Announcement ID: SUSE-SU-2025:0622-1  
Release Date: 2025-02-21T10:59:57Z  
Rating: important  
References:

  * bsc#1235206
  * bsc#1235574
  * bsc#1236559
  * bsc#1236734

  
Cross-References:

  * CVE-2024-11741
  * CVE-2024-28180
  * CVE-2024-45339
  * CVE-2025-21613

  
CVSS scores:

  * CVE-2024-11741 ( SUSE ):  2.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-11741 ( SUSE ):  3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-11741 ( NVD ):  4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2024-28180 ( SUSE ):  2.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-28180 ( SUSE ):  4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-28180 ( NVD ):  4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-45339 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-45339 ( SUSE ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
  * CVE-2024-45339 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
  * CVE-2025-21613 ( SUSE ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-21613 ( NVD ):  9.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Clear
  * CVE-2025-21613 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Linux Enterprise Desktop 12
  * SUSE Linux Enterprise Desktop 12 SP1
  * SUSE Linux Enterprise Desktop 12 SP2
  * SUSE Linux Enterprise Desktop 12 SP3
  * SUSE Linux Enterprise Desktop 12 SP4
  * SUSE Linux Enterprise High Performance Computing 12 SP2
  * SUSE Linux Enterprise High Performance Computing 12 SP3
  * SUSE Linux Enterprise High Performance Computing 12 SP4
  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12
  * SUSE Linux Enterprise Server 12 SP1
  * SUSE Linux Enterprise Server 12 SP2
  * SUSE Linux Enterprise Server 12 SP3
  * SUSE Linux Enterprise Server 12 SP4
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server for SAP Applications 12
  * SUSE Linux Enterprise Server for SAP Applications 12 SP1
  * SUSE Linux Enterprise Server for SAP Applications 12 SP2
  * SUSE Linux Enterprise Server for SAP Applications 12 SP3
  * SUSE Linux Enterprise Server for SAP Applications 12 SP4
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5
  * SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2
  * SUSE Manager Client Tools for SLE 12

  
  
An update that solves four vulnerabilities can now be installed.

## Description:

This update for grafana fixes the following issues:

grafana was updated from version 10.4.13 to 10.4.15:

  * Security issues fixed:
    * CVE-2024-45339: Fixed vulnerability when creating log files (bsc#1236559)
    * CVE-2024-11741: Fixed the Grafana Alerting VictorOps integration (bsc#1236734)
    * CVE-2025-21613: Removed vulnerable library github.com/go-git/go-git/v5 (bsc#1235574)
    * CVE-2024-28180: Fixed improper handling of highly compressed data (bsc#1235206)
  * Other bugs fixed and changes:
    * Alerting: Do not fetch Orgs if the user is authenticated by apikey/sa or render key
    * Added provisioning directories
    * Use /bin/bash in wrapper scripts

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Manager Client Tools for SLE 12  
    zypper in -t patch SUSE-SLE-Manager-Tools-12-2025-622=1

## Package List:

  * SUSE Manager Client Tools for SLE 12 (aarch64 ppc64le s390x x86_64)
    * grafana-10.4.15-1.71.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-11741.html
  * https://www.suse.com/security/cve/CVE-2024-28180.html
  * https://www.suse.com/security/cve/CVE-2024-45339.html
  * https://www.suse.com/security/cve/CVE-2025-21613.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1235206
  * https://bugzilla.suse.com/show_bug.cgi?id=1235574
  * https://bugzilla.suse.com/show_bug.cgi?id=1236559
  * https://bugzilla.suse.com/show_bug.cgi?id=1236734

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/ff256300/attachment.htm>

From null at suse.de  Fri Feb 21 12:30:38 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 12:30:38 -0000
Subject: SUSE-RU-2025:0621-1: moderate: Recommended update for btrfsmaintenance
Message-ID: <174014103819.8028.17044577096568830789@smelt2.prg2.suse.org>



# Recommended update for btrfsmaintenance

Announcement ID: SUSE-RU-2025:0621-1  
Release Date: 2025-02-21T10:55:34Z  
Rating: moderate  
References:

  * bsc#1233068

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Micro for Rancher 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that has one fix can now be installed.

## Description:

This update for btrfsmaintenance fixes the following issue:

  * reset cron OnCalendar for generated drop-in files (bsc#1233068).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-621=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-621=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-621=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-621=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-621=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-621=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-621=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-621=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-621=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-621=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-621=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-621=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-621=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-621=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-621=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-621=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-621=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-621=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-621=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-621=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-621=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-621=1

  * SUSE Linux Enterprise Micro 5.1  
    zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-621=1

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-621=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-621=1

## Package List:

  * openSUSE Leap 15.6 (noarch)
    * btrfsmaintenance-0.4.2-150100.3.6.2
  * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch)
    * btrfsmaintenance-0.4.2-150100.3.6.2
  * SUSE Linux Enterprise Micro 5.3 (noarch)
    * btrfsmaintenance-0.4.2-150100.3.6.2
  * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch)
    * btrfsmaintenance-0.4.2-150100.3.6.2
  * SUSE Linux Enterprise Micro 5.4 (noarch)
    * btrfsmaintenance-0.4.2-150100.3.6.2
  * SUSE Linux Enterprise Micro 5.5 (noarch)
    * btrfsmaintenance-0.4.2-150100.3.6.2
  * Basesystem Module 15-SP6 (noarch)
    * btrfsmaintenance-0.4.2-150100.3.6.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * btrfsmaintenance-0.4.2-150100.3.6.2
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * btrfsmaintenance-0.4.2-150100.3.6.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * btrfsmaintenance-0.4.2-150100.3.6.2
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * btrfsmaintenance-0.4.2-150100.3.6.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * btrfsmaintenance-0.4.2-150100.3.6.2
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * btrfsmaintenance-0.4.2-150100.3.6.2
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * btrfsmaintenance-0.4.2-150100.3.6.2
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * btrfsmaintenance-0.4.2-150100.3.6.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * btrfsmaintenance-0.4.2-150100.3.6.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * btrfsmaintenance-0.4.2-150100.3.6.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * btrfsmaintenance-0.4.2-150100.3.6.2
  * SUSE Manager Proxy 4.3 (noarch)
    * btrfsmaintenance-0.4.2-150100.3.6.2
  * SUSE Manager Retail Branch Server 4.3 (noarch)
    * btrfsmaintenance-0.4.2-150100.3.6.2
  * SUSE Manager Server 4.3 (noarch)
    * btrfsmaintenance-0.4.2-150100.3.6.2
  * SUSE Enterprise Storage 7.1 (noarch)
    * btrfsmaintenance-0.4.2-150100.3.6.2
  * SUSE Linux Enterprise Micro 5.1 (noarch)
    * btrfsmaintenance-0.4.2-150100.3.6.2
  * SUSE Linux Enterprise Micro 5.2 (noarch)
    * btrfsmaintenance-0.4.2-150100.3.6.2
  * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch)
    * btrfsmaintenance-0.4.2-150100.3.6.2

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1233068

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/15dfbc4b/attachment.htm>

From null at suse.de  Fri Feb 21 12:30:42 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 12:30:42 -0000
Subject: SUSE-RU-2025:0620-1: moderate: Recommended update for libpulp
Message-ID: <174014104243.8028.13298975762435591231@smelt2.prg2.suse.org>



# Recommended update for libpulp

Announcement ID: SUSE-RU-2025:0620-1  
Release Date: 2025-02-21T10:48:39Z  
Rating: moderate  
References:

  * bsc#1221763
  * bsc#1228879
  * bsc#1231727
  * jsc#PED-10952
  * jsc#PED-11850

  
Affected Products:

  * openSUSE Leap 15.4
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise Live Patching 15-SP4
  * SUSE Linux Enterprise Live Patching 15-SP5
  * SUSE Linux Enterprise Live Patching 15-SP6
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP4
  * SUSE Linux Enterprise Real Time 15 SP5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that contains two features and has three fixes can now be installed.

## Description:

This update for libpulp fixes the following issues:

  * Version update libpulp-0.3.10
  * Fix livepatching on Debian systems.
  * Improve error message when ptrace_scope is active.
  * Various fixes in ppc64le architecture (jsc#PED-11850, jsc#PED-10952).
  * Disable build on ppc64le until gcc-13 pfe patch reaches SP7.
  * Fix failing tests and glibc livepatching failures when libpulp is loaded
    system-wide.
  * Force compilation with gcc-13 for SP7 and Tumbleweed (jsc#PED-10952).
  * Cleanup /var/livepatches on boot time.
  * Add timestamps on each message.
  * Update rpm-helper script for SLE Micro (bsc#1228879).
  * Update userspace-livepatch for SLE Micro (bsc#1228879).
  * Add SELinux policy for /var/livepatches (bsc#1228879).
  * Update rpm-helper script for SLE Micro.
  * Fix livepatch of malloc (bsc#1231727).
  * Update .spec license to match libpulp's license (bsc#1221763).
  * Disabled ptrace_scope through aaa_base-enable-ptrace package (bsc#1221763).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Live Patching 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-620=1

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-620=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-620=1

  * SUSE Linux Enterprise Live Patching 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-620=1

  * SUSE Linux Enterprise Live Patching 15-SP5  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-620=1

## Package List:

  * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64)
    * libpulp0-0.3.10-150400.3.29.2
    * libpulp-tools-debuginfo-0.3.10-150400.3.29.2
    * libpulp-debugsource-0.3.10-150400.3.29.2
    * libpulp0-debuginfo-0.3.10-150400.3.29.2
    * libpulp-tools-0.3.10-150400.3.29.2
    * libpulp-debuginfo-0.3.10-150400.3.29.2
  * openSUSE Leap 15.4 (x86_64)
    * libpulp0-0.3.10-150400.3.29.2
    * libpulp-tools-debuginfo-0.3.10-150400.3.29.2
    * libpulp-debugsource-0.3.10-150400.3.29.2
    * libpulp0-debuginfo-0.3.10-150400.3.29.2
    * libpulp-tools-0.3.10-150400.3.29.2
    * libpulp-debuginfo-0.3.10-150400.3.29.2
  * openSUSE Leap 15.6 (x86_64)
    * libpulp0-0.3.10-150400.3.29.2
    * libpulp-tools-debuginfo-0.3.10-150400.3.29.2
    * libpulp-debugsource-0.3.10-150400.3.29.2
    * libpulp0-debuginfo-0.3.10-150400.3.29.2
    * libpulp-tools-0.3.10-150400.3.29.2
    * libpulp-debuginfo-0.3.10-150400.3.29.2
  * SUSE Linux Enterprise Live Patching 15-SP4 (x86_64)
    * libpulp0-0.3.10-150400.3.29.2
    * libpulp-tools-debuginfo-0.3.10-150400.3.29.2
    * libpulp-debugsource-0.3.10-150400.3.29.2
    * libpulp0-debuginfo-0.3.10-150400.3.29.2
    * libpulp-tools-0.3.10-150400.3.29.2
    * libpulp-debuginfo-0.3.10-150400.3.29.2
  * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64)
    * libpulp0-0.3.10-150400.3.29.2
    * libpulp-tools-debuginfo-0.3.10-150400.3.29.2
    * libpulp-debugsource-0.3.10-150400.3.29.2
    * libpulp0-debuginfo-0.3.10-150400.3.29.2
    * libpulp-tools-0.3.10-150400.3.29.2
    * libpulp-debuginfo-0.3.10-150400.3.29.2

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1221763
  * https://bugzilla.suse.com/show_bug.cgi?id=1228879
  * https://bugzilla.suse.com/show_bug.cgi?id=1231727
  * https://jira.suse.com/browse/PED-10952
  * https://jira.suse.com/browse/PED-11850

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/f4b09b1b/attachment.htm>

From null at suse.de  Fri Feb 21 12:30:46 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 12:30:46 -0000
Subject: SUSE-SU-2025:0619-1: important: Security update for postgresql13
Message-ID: <174014104639.8028.8157963551937875132@smelt2.prg2.suse.org>



# Security update for postgresql13

Announcement ID: SUSE-SU-2025:0619-1  
Release Date: 2025-02-21T10:47:52Z  
Rating: important  
References:

  * bsc#1237093

  
Cross-References:

  * CVE-2025-1094

  
CVSS scores:

  * CVE-2025-1094 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-1094 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1094 ( NVD ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * Galera for Ericsson 15 SP5
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for postgresql13 fixes the following issues:

Upgrade to 13.20:

  * CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-
    encoded input strings (bsc#1237093).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-619=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-619=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-619=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-619=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-619=1

  * Galera for Ericsson 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-ERICSSON-2025-619=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-619=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-619=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-619=1

## Package List:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * postgresql13-server-13.20-150200.5.69.1
    * postgresql13-devel-debuginfo-13.20-150200.5.69.1
    * postgresql13-plperl-debuginfo-13.20-150200.5.69.1
    * postgresql13-debugsource-13.20-150200.5.69.1
    * postgresql13-devel-13.20-150200.5.69.1
    * postgresql13-plperl-13.20-150200.5.69.1
    * postgresql13-plpython-debuginfo-13.20-150200.5.69.1
    * postgresql13-contrib-13.20-150200.5.69.1
    * postgresql13-debuginfo-13.20-150200.5.69.1
    * postgresql13-server-devel-debuginfo-13.20-150200.5.69.1
    * postgresql13-plpython-13.20-150200.5.69.1
    * postgresql13-pltcl-13.20-150200.5.69.1
    * postgresql13-server-debuginfo-13.20-150200.5.69.1
    * postgresql13-server-devel-13.20-150200.5.69.1
    * postgresql13-contrib-debuginfo-13.20-150200.5.69.1
    * postgresql13-13.20-150200.5.69.1
    * postgresql13-pltcl-debuginfo-13.20-150200.5.69.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * postgresql13-docs-13.20-150200.5.69.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * postgresql13-server-13.20-150200.5.69.1
    * postgresql13-llvmjit-debuginfo-13.20-150200.5.69.1
    * postgresql13-devel-debuginfo-13.20-150200.5.69.1
    * postgresql13-plperl-debuginfo-13.20-150200.5.69.1
    * postgresql13-debugsource-13.20-150200.5.69.1
    * postgresql13-devel-13.20-150200.5.69.1
    * postgresql13-llvmjit-13.20-150200.5.69.1
    * postgresql13-plperl-13.20-150200.5.69.1
    * postgresql13-plpython-debuginfo-13.20-150200.5.69.1
    * postgresql13-contrib-13.20-150200.5.69.1
    * postgresql13-debuginfo-13.20-150200.5.69.1
    * postgresql13-server-devel-debuginfo-13.20-150200.5.69.1
    * postgresql13-plpython-13.20-150200.5.69.1
    * postgresql13-pltcl-13.20-150200.5.69.1
    * postgresql13-server-debuginfo-13.20-150200.5.69.1
    * postgresql13-server-devel-13.20-150200.5.69.1
    * postgresql13-contrib-debuginfo-13.20-150200.5.69.1
    * postgresql13-llvmjit-devel-13.20-150200.5.69.1
    * postgresql13-13.20-150200.5.69.1
    * postgresql13-pltcl-debuginfo-13.20-150200.5.69.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * postgresql13-docs-13.20-150200.5.69.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * postgresql13-server-13.20-150200.5.69.1
    * postgresql13-llvmjit-debuginfo-13.20-150200.5.69.1
    * postgresql13-devel-debuginfo-13.20-150200.5.69.1
    * postgresql13-plperl-debuginfo-13.20-150200.5.69.1
    * postgresql13-debugsource-13.20-150200.5.69.1
    * postgresql13-devel-13.20-150200.5.69.1
    * postgresql13-llvmjit-13.20-150200.5.69.1
    * postgresql13-plperl-13.20-150200.5.69.1
    * postgresql13-plpython-debuginfo-13.20-150200.5.69.1
    * postgresql13-contrib-13.20-150200.5.69.1
    * postgresql13-debuginfo-13.20-150200.5.69.1
    * postgresql13-server-devel-debuginfo-13.20-150200.5.69.1
    * postgresql13-plpython-13.20-150200.5.69.1
    * postgresql13-pltcl-13.20-150200.5.69.1
    * postgresql13-server-debuginfo-13.20-150200.5.69.1
    * postgresql13-server-devel-13.20-150200.5.69.1
    * postgresql13-contrib-debuginfo-13.20-150200.5.69.1
    * postgresql13-llvmjit-devel-13.20-150200.5.69.1
    * postgresql13-13.20-150200.5.69.1
    * postgresql13-pltcl-debuginfo-13.20-150200.5.69.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * postgresql13-docs-13.20-150200.5.69.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * postgresql13-server-13.20-150200.5.69.1
    * postgresql13-devel-debuginfo-13.20-150200.5.69.1
    * postgresql13-plperl-debuginfo-13.20-150200.5.69.1
    * postgresql13-debugsource-13.20-150200.5.69.1
    * postgresql13-devel-13.20-150200.5.69.1
    * postgresql13-plperl-13.20-150200.5.69.1
    * postgresql13-plpython-debuginfo-13.20-150200.5.69.1
    * postgresql13-contrib-13.20-150200.5.69.1
    * postgresql13-debuginfo-13.20-150200.5.69.1
    * postgresql13-server-devel-debuginfo-13.20-150200.5.69.1
    * postgresql13-plpython-13.20-150200.5.69.1
    * postgresql13-pltcl-13.20-150200.5.69.1
    * postgresql13-server-debuginfo-13.20-150200.5.69.1
    * postgresql13-server-devel-13.20-150200.5.69.1
    * postgresql13-contrib-debuginfo-13.20-150200.5.69.1
    * postgresql13-13.20-150200.5.69.1
    * postgresql13-pltcl-debuginfo-13.20-150200.5.69.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * postgresql13-docs-13.20-150200.5.69.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * postgresql13-server-13.20-150200.5.69.1
    * postgresql13-llvmjit-debuginfo-13.20-150200.5.69.1
    * postgresql13-devel-debuginfo-13.20-150200.5.69.1
    * postgresql13-plperl-debuginfo-13.20-150200.5.69.1
    * postgresql13-debugsource-13.20-150200.5.69.1
    * postgresql13-devel-13.20-150200.5.69.1
    * postgresql13-llvmjit-13.20-150200.5.69.1
    * postgresql13-plperl-13.20-150200.5.69.1
    * postgresql13-plpython-debuginfo-13.20-150200.5.69.1
    * postgresql13-contrib-13.20-150200.5.69.1
    * postgresql13-debuginfo-13.20-150200.5.69.1
    * postgresql13-server-devel-debuginfo-13.20-150200.5.69.1
    * postgresql13-plpython-13.20-150200.5.69.1
    * postgresql13-pltcl-13.20-150200.5.69.1
    * postgresql13-server-debuginfo-13.20-150200.5.69.1
    * postgresql13-server-devel-13.20-150200.5.69.1
    * postgresql13-contrib-debuginfo-13.20-150200.5.69.1
    * postgresql13-llvmjit-devel-13.20-150200.5.69.1
    * postgresql13-13.20-150200.5.69.1
    * postgresql13-pltcl-debuginfo-13.20-150200.5.69.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * postgresql13-docs-13.20-150200.5.69.1
  * Galera for Ericsson 15 SP5 (x86_64)
    * postgresql13-server-13.20-150200.5.69.1
    * postgresql13-devel-debuginfo-13.20-150200.5.69.1
    * postgresql13-plperl-debuginfo-13.20-150200.5.69.1
    * postgresql13-debugsource-13.20-150200.5.69.1
    * postgresql13-devel-13.20-150200.5.69.1
    * postgresql13-plperl-13.20-150200.5.69.1
    * postgresql13-plpython-debuginfo-13.20-150200.5.69.1
    * postgresql13-contrib-13.20-150200.5.69.1
    * postgresql13-debuginfo-13.20-150200.5.69.1
    * postgresql13-server-devel-debuginfo-13.20-150200.5.69.1
    * postgresql13-plpython-13.20-150200.5.69.1
    * postgresql13-pltcl-13.20-150200.5.69.1
    * postgresql13-server-debuginfo-13.20-150200.5.69.1
    * postgresql13-server-devel-13.20-150200.5.69.1
    * postgresql13-contrib-debuginfo-13.20-150200.5.69.1
    * postgresql13-13.20-150200.5.69.1
    * postgresql13-pltcl-debuginfo-13.20-150200.5.69.1
  * Galera for Ericsson 15 SP5 (noarch)
    * postgresql13-docs-13.20-150200.5.69.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * postgresql13-server-13.20-150200.5.69.1
    * postgresql13-devel-debuginfo-13.20-150200.5.69.1
    * postgresql13-plperl-debuginfo-13.20-150200.5.69.1
    * postgresql13-debugsource-13.20-150200.5.69.1
    * postgresql13-devel-13.20-150200.5.69.1
    * postgresql13-plperl-13.20-150200.5.69.1
    * postgresql13-plpython-debuginfo-13.20-150200.5.69.1
    * postgresql13-contrib-13.20-150200.5.69.1
    * postgresql13-debuginfo-13.20-150200.5.69.1
    * postgresql13-server-devel-debuginfo-13.20-150200.5.69.1
    * postgresql13-plpython-13.20-150200.5.69.1
    * postgresql13-pltcl-13.20-150200.5.69.1
    * postgresql13-server-debuginfo-13.20-150200.5.69.1
    * postgresql13-server-devel-13.20-150200.5.69.1
    * postgresql13-contrib-debuginfo-13.20-150200.5.69.1
    * postgresql13-13.20-150200.5.69.1
    * postgresql13-pltcl-debuginfo-13.20-150200.5.69.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * postgresql13-docs-13.20-150200.5.69.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * postgresql13-server-13.20-150200.5.69.1
    * postgresql13-llvmjit-debuginfo-13.20-150200.5.69.1
    * postgresql13-devel-debuginfo-13.20-150200.5.69.1
    * postgresql13-plperl-debuginfo-13.20-150200.5.69.1
    * postgresql13-debugsource-13.20-150200.5.69.1
    * postgresql13-devel-13.20-150200.5.69.1
    * postgresql13-llvmjit-13.20-150200.5.69.1
    * postgresql13-plperl-13.20-150200.5.69.1
    * postgresql13-plpython-debuginfo-13.20-150200.5.69.1
    * postgresql13-contrib-13.20-150200.5.69.1
    * postgresql13-debuginfo-13.20-150200.5.69.1
    * postgresql13-server-devel-debuginfo-13.20-150200.5.69.1
    * postgresql13-plpython-13.20-150200.5.69.1
    * postgresql13-pltcl-13.20-150200.5.69.1
    * postgresql13-server-debuginfo-13.20-150200.5.69.1
    * postgresql13-server-devel-13.20-150200.5.69.1
    * postgresql13-contrib-debuginfo-13.20-150200.5.69.1
    * postgresql13-llvmjit-devel-13.20-150200.5.69.1
    * postgresql13-13.20-150200.5.69.1
    * postgresql13-pltcl-debuginfo-13.20-150200.5.69.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * postgresql13-docs-13.20-150200.5.69.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * postgresql13-server-13.20-150200.5.69.1
    * postgresql13-devel-debuginfo-13.20-150200.5.69.1
    * postgresql13-plperl-debuginfo-13.20-150200.5.69.1
    * postgresql13-debugsource-13.20-150200.5.69.1
    * postgresql13-devel-13.20-150200.5.69.1
    * postgresql13-plperl-13.20-150200.5.69.1
    * postgresql13-plpython-debuginfo-13.20-150200.5.69.1
    * postgresql13-contrib-13.20-150200.5.69.1
    * postgresql13-debuginfo-13.20-150200.5.69.1
    * postgresql13-server-devel-debuginfo-13.20-150200.5.69.1
    * postgresql13-plpython-13.20-150200.5.69.1
    * postgresql13-pltcl-13.20-150200.5.69.1
    * postgresql13-server-debuginfo-13.20-150200.5.69.1
    * postgresql13-server-devel-13.20-150200.5.69.1
    * postgresql13-contrib-debuginfo-13.20-150200.5.69.1
    * postgresql13-13.20-150200.5.69.1
    * postgresql13-pltcl-debuginfo-13.20-150200.5.69.1
  * SUSE Enterprise Storage 7.1 (noarch)
    * postgresql13-docs-13.20-150200.5.69.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-1094.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237093

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/f445f607/attachment.htm>

From null at suse.de  Fri Feb 21 12:30:49 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 12:30:49 -0000
Subject: SUSE-SU-2025:0618-1: important: Security update for postgresql17
Message-ID: <174014104904.8028.13850201540487718715@smelt2.prg2.suse.org>



# Security update for postgresql17

Announcement ID: SUSE-SU-2025:0618-1  
Release Date: 2025-02-21T10:45:02Z  
Rating: important  
References:

  * bsc#1237093

  
Cross-References:

  * CVE-2025-1094

  
CVSS scores:

  * CVE-2025-1094 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-1094 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1094 ( NVD ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for postgresql17 fixes the following issues:

Upgrade to 17.4:

  * CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-
    encoded input strings (bsc#1237093).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-618=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-618=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-618=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-618=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-618=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-618=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-618=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-618=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-618=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-618=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-618=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-618=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-618=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-618=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-618=1

## Package List:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * libpq5-17.4-150200.5.10.1
    * libpq5-debuginfo-17.4-150200.5.10.1
    * libecpg6-17.4-150200.5.10.1
    * libecpg6-debuginfo-17.4-150200.5.10.1
    * postgresql17-debugsource-17.4-150200.5.10.1
    * postgresql17-debuginfo-17.4-150200.5.10.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * libpq5-17.4-150200.5.10.1
    * libpq5-debuginfo-17.4-150200.5.10.1
    * libecpg6-17.4-150200.5.10.1
    * libecpg6-debuginfo-17.4-150200.5.10.1
    * postgresql17-debugsource-17.4-150200.5.10.1
    * postgresql17-debuginfo-17.4-150200.5.10.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
    * libpq5-32bit-17.4-150200.5.10.1
    * libpq5-32bit-debuginfo-17.4-150200.5.10.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * libpq5-17.4-150200.5.10.1
    * libpq5-debuginfo-17.4-150200.5.10.1
    * libecpg6-17.4-150200.5.10.1
    * libecpg6-debuginfo-17.4-150200.5.10.1
    * postgresql17-debugsource-17.4-150200.5.10.1
    * postgresql17-debuginfo-17.4-150200.5.10.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
    * libpq5-32bit-17.4-150200.5.10.1
    * libpq5-32bit-debuginfo-17.4-150200.5.10.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * postgresql17-server-17.4-150200.5.10.1
    * postgresql17-debugsource-17.4-150200.5.10.1
    * postgresql17-server-debuginfo-17.4-150200.5.10.1
    * postgresql17-debuginfo-17.4-150200.5.10.1
    * postgresql17-server-devel-17.4-150200.5.10.1
    * postgresql17-devel-debuginfo-17.4-150200.5.10.1
    * postgresql17-devel-17.4-150200.5.10.1
    * postgresql17-17.4-150200.5.10.1
    * postgresql17-plpython-17.4-150200.5.10.1
    * libpq5-17.4-150200.5.10.1
    * postgresql17-contrib-17.4-150200.5.10.1
    * postgresql17-contrib-debuginfo-17.4-150200.5.10.1
    * postgresql17-pltcl-17.4-150200.5.10.1
    * libecpg6-debuginfo-17.4-150200.5.10.1
    * libpq5-debuginfo-17.4-150200.5.10.1
    * postgresql17-pltcl-debuginfo-17.4-150200.5.10.1
    * postgresql17-plperl-17.4-150200.5.10.1
    * postgresql17-plpython-debuginfo-17.4-150200.5.10.1
    * libecpg6-17.4-150200.5.10.1
    * postgresql17-plperl-debuginfo-17.4-150200.5.10.1
    * postgresql17-server-devel-debuginfo-17.4-150200.5.10.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * postgresql17-docs-17.4-150200.5.10.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64)
    * libpq5-32bit-17.4-150200.5.10.1
    * libpq5-32bit-debuginfo-17.4-150200.5.10.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * postgresql17-server-17.4-150200.5.10.1
    * postgresql17-debugsource-17.4-150200.5.10.1
    * postgresql17-server-debuginfo-17.4-150200.5.10.1
    * postgresql17-debuginfo-17.4-150200.5.10.1
    * postgresql17-server-devel-17.4-150200.5.10.1
    * postgresql17-devel-debuginfo-17.4-150200.5.10.1
    * postgresql17-devel-17.4-150200.5.10.1
    * postgresql17-17.4-150200.5.10.1
    * postgresql17-plpython-17.4-150200.5.10.1
    * libpq5-17.4-150200.5.10.1
    * postgresql17-contrib-17.4-150200.5.10.1
    * postgresql17-contrib-debuginfo-17.4-150200.5.10.1
    * postgresql17-pltcl-17.4-150200.5.10.1
    * libecpg6-debuginfo-17.4-150200.5.10.1
    * libpq5-debuginfo-17.4-150200.5.10.1
    * postgresql17-pltcl-debuginfo-17.4-150200.5.10.1
    * postgresql17-plperl-17.4-150200.5.10.1
    * postgresql17-plpython-debuginfo-17.4-150200.5.10.1
    * libecpg6-17.4-150200.5.10.1
    * postgresql17-plperl-debuginfo-17.4-150200.5.10.1
    * postgresql17-server-devel-debuginfo-17.4-150200.5.10.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * postgresql17-docs-17.4-150200.5.10.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64)
    * libpq5-32bit-17.4-150200.5.10.1
    * libpq5-32bit-debuginfo-17.4-150200.5.10.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * libpq5-17.4-150200.5.10.1
    * libpq5-debuginfo-17.4-150200.5.10.1
    * libecpg6-17.4-150200.5.10.1
    * libecpg6-debuginfo-17.4-150200.5.10.1
    * postgresql17-debugsource-17.4-150200.5.10.1
    * postgresql17-debuginfo-17.4-150200.5.10.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * libpq5-17.4-150200.5.10.1
    * libpq5-debuginfo-17.4-150200.5.10.1
    * libecpg6-17.4-150200.5.10.1
    * libecpg6-debuginfo-17.4-150200.5.10.1
    * postgresql17-debugsource-17.4-150200.5.10.1
    * postgresql17-debuginfo-17.4-150200.5.10.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64)
    * libpq5-32bit-17.4-150200.5.10.1
    * libpq5-32bit-debuginfo-17.4-150200.5.10.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * postgresql17-server-17.4-150200.5.10.1
    * postgresql17-debugsource-17.4-150200.5.10.1
    * postgresql17-server-debuginfo-17.4-150200.5.10.1
    * postgresql17-debuginfo-17.4-150200.5.10.1
    * postgresql17-server-devel-17.4-150200.5.10.1
    * postgresql17-devel-debuginfo-17.4-150200.5.10.1
    * postgresql17-devel-17.4-150200.5.10.1
    * postgresql17-17.4-150200.5.10.1
    * postgresql17-plpython-17.4-150200.5.10.1
    * libpq5-17.4-150200.5.10.1
    * postgresql17-contrib-17.4-150200.5.10.1
    * postgresql17-contrib-debuginfo-17.4-150200.5.10.1
    * postgresql17-pltcl-17.4-150200.5.10.1
    * libecpg6-debuginfo-17.4-150200.5.10.1
    * libpq5-debuginfo-17.4-150200.5.10.1
    * postgresql17-pltcl-debuginfo-17.4-150200.5.10.1
    * postgresql17-plperl-17.4-150200.5.10.1
    * postgresql17-plpython-debuginfo-17.4-150200.5.10.1
    * libecpg6-17.4-150200.5.10.1
    * postgresql17-plperl-debuginfo-17.4-150200.5.10.1
    * postgresql17-server-devel-debuginfo-17.4-150200.5.10.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * postgresql17-docs-17.4-150200.5.10.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64)
    * libpq5-32bit-17.4-150200.5.10.1
    * libpq5-32bit-debuginfo-17.4-150200.5.10.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * libpq5-17.4-150200.5.10.1
    * libpq5-debuginfo-17.4-150200.5.10.1
    * libecpg6-17.4-150200.5.10.1
    * libecpg6-debuginfo-17.4-150200.5.10.1
    * postgresql17-debugsource-17.4-150200.5.10.1
    * postgresql17-debuginfo-17.4-150200.5.10.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * libpq5-17.4-150200.5.10.1
    * libpq5-debuginfo-17.4-150200.5.10.1
    * libecpg6-17.4-150200.5.10.1
    * libecpg6-debuginfo-17.4-150200.5.10.1
    * postgresql17-debugsource-17.4-150200.5.10.1
    * postgresql17-debuginfo-17.4-150200.5.10.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
    * libpq5-32bit-17.4-150200.5.10.1
    * libpq5-32bit-debuginfo-17.4-150200.5.10.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * postgresql17-server-17.4-150200.5.10.1
    * postgresql17-debugsource-17.4-150200.5.10.1
    * postgresql17-server-debuginfo-17.4-150200.5.10.1
    * postgresql17-debuginfo-17.4-150200.5.10.1
    * postgresql17-server-devel-17.4-150200.5.10.1
    * postgresql17-devel-debuginfo-17.4-150200.5.10.1
    * postgresql17-devel-17.4-150200.5.10.1
    * postgresql17-17.4-150200.5.10.1
    * postgresql17-plpython-17.4-150200.5.10.1
    * libpq5-17.4-150200.5.10.1
    * postgresql17-contrib-17.4-150200.5.10.1
    * postgresql17-contrib-debuginfo-17.4-150200.5.10.1
    * postgresql17-pltcl-17.4-150200.5.10.1
    * libecpg6-debuginfo-17.4-150200.5.10.1
    * libpq5-debuginfo-17.4-150200.5.10.1
    * postgresql17-pltcl-debuginfo-17.4-150200.5.10.1
    * postgresql17-plperl-17.4-150200.5.10.1
    * postgresql17-plpython-debuginfo-17.4-150200.5.10.1
    * libecpg6-17.4-150200.5.10.1
    * postgresql17-plperl-debuginfo-17.4-150200.5.10.1
    * postgresql17-server-devel-debuginfo-17.4-150200.5.10.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * postgresql17-docs-17.4-150200.5.10.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64)
    * libpq5-32bit-17.4-150200.5.10.1
    * libpq5-32bit-debuginfo-17.4-150200.5.10.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * libpq5-32bit-17.4-150200.5.10.1
    * libpq5-17.4-150200.5.10.1
    * libpq5-debuginfo-17.4-150200.5.10.1
    * libpq5-32bit-debuginfo-17.4-150200.5.10.1
    * libecpg6-17.4-150200.5.10.1
    * libecpg6-debuginfo-17.4-150200.5.10.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * libpq5-32bit-17.4-150200.5.10.1
    * libpq5-17.4-150200.5.10.1
    * libpq5-debuginfo-17.4-150200.5.10.1
    * libpq5-32bit-debuginfo-17.4-150200.5.10.1
    * libecpg6-17.4-150200.5.10.1
    * libecpg6-debuginfo-17.4-150200.5.10.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * libecpg6-17.4-150200.5.10.1
    * libpq5-17.4-150200.5.10.1
    * libpq5-debuginfo-17.4-150200.5.10.1
    * libecpg6-debuginfo-17.4-150200.5.10.1
  * SUSE Manager Server 4.3 (s390x)
    * postgresql17-pltcl-debuginfo-17.4-150200.5.10.1
    * postgresql17-plpython-17.4-150200.5.10.1
    * postgresql17-server-devel-17.4-150200.5.10.1
    * postgresql17-plperl-17.4-150200.5.10.1
    * postgresql17-devel-17.4-150200.5.10.1
    * postgresql17-plpython-debuginfo-17.4-150200.5.10.1
    * postgresql17-server-debuginfo-17.4-150200.5.10.1
    * postgresql17-server-17.4-150200.5.10.1
    * postgresql17-contrib-17.4-150200.5.10.1
    * postgresql17-contrib-debuginfo-17.4-150200.5.10.1
    * postgresql17-plperl-debuginfo-17.4-150200.5.10.1
    * postgresql17-devel-debuginfo-17.4-150200.5.10.1
    * postgresql17-server-devel-debuginfo-17.4-150200.5.10.1
    * postgresql17-debugsource-17.4-150200.5.10.1
    * postgresql17-pltcl-17.4-150200.5.10.1
    * postgresql17-17.4-150200.5.10.1
    * postgresql17-debuginfo-17.4-150200.5.10.1
  * SUSE Manager Server 4.3 (noarch)
    * postgresql17-docs-17.4-150200.5.10.1
  * SUSE Manager Server 4.3 (x86_64)
    * libpq5-32bit-17.4-150200.5.10.1
    * libpq5-32bit-debuginfo-17.4-150200.5.10.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * libpq5-17.4-150200.5.10.1
    * libpq5-debuginfo-17.4-150200.5.10.1
    * libecpg6-17.4-150200.5.10.1
    * libecpg6-debuginfo-17.4-150200.5.10.1
    * postgresql17-debugsource-17.4-150200.5.10.1
    * postgresql17-debuginfo-17.4-150200.5.10.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-1094.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237093

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/5af89af3/attachment.htm>

From null at suse.de  Fri Feb 21 12:30:51 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 12:30:51 -0000
Subject: SUSE-RU-2025:0617-1: moderate: Recommended update for clamav
Message-ID: <174014105140.8028.16759892946432131890@smelt2.prg2.suse.org>



# Recommended update for clamav

Announcement ID: SUSE-RU-2025:0617-1  
Release Date: 2025-02-21T10:43:07Z  
Rating: moderate  
References:

  * bsc#1236949

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that has one fix can now be installed.

## Description:

This update for clamav fixes the following issue:

  * Fix location of license files (bsc#1236949).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-617=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-617=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * clamav-milter-debuginfo-1.4.2-3.39.4
    * libclamav12-debuginfo-1.4.2-3.39.4
    * clamav-devel-1.4.2-3.39.4
    * libfreshclam3-1.4.2-3.39.4
    * clamav-1.4.2-3.39.4
    * libclammspack0-debuginfo-1.4.2-3.39.4
    * clamav-milter-1.4.2-3.39.4
    * libfreshclam3-debuginfo-1.4.2-3.39.4
    * libclammspack0-1.4.2-3.39.4
    * clamav-debuginfo-1.4.2-3.39.4
    * libclamav12-1.4.2-3.39.4
    * clamav-debugsource-1.4.2-3.39.4
  * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch)
    * clamav-docs-html-1.4.2-3.39.4
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * clamav-milter-debuginfo-1.4.2-3.39.4
    * libclamav12-debuginfo-1.4.2-3.39.4
    * clamav-devel-1.4.2-3.39.4
    * libfreshclam3-1.4.2-3.39.4
    * clamav-1.4.2-3.39.4
    * libclammspack0-debuginfo-1.4.2-3.39.4
    * clamav-milter-1.4.2-3.39.4
    * libfreshclam3-debuginfo-1.4.2-3.39.4
    * libclammspack0-1.4.2-3.39.4
    * clamav-debuginfo-1.4.2-3.39.4
    * libclamav12-1.4.2-3.39.4
    * clamav-debugsource-1.4.2-3.39.4
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch)
    * clamav-docs-html-1.4.2-3.39.4

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1236949

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/1021db29/attachment.htm>

From null at suse.de  Fri Feb 21 12:30:56 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 12:30:56 -0000
Subject: SUSE-SU-2025:0616-1: important: Security update for postgresql17
Message-ID: <174014105655.8028.14557871810725672763@smelt2.prg2.suse.org>



# Security update for postgresql17

Announcement ID: SUSE-SU-2025:0616-1  
Release Date: 2025-02-21T10:42:50Z  
Rating: important  
References:

  * bsc#1237093

  
Cross-References:

  * CVE-2025-1094

  
CVSS scores:

  * CVE-2025-1094 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-1094 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1094 ( NVD ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * Server Applications Module 15-SP6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Package Hub 15 15-SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for postgresql17 fixes the following issues:

Upgrade to 17.4:

  * CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-
    encoded input strings (bsc#1237093).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-616=1

  * Server Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-616=1

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-616=1 openSUSE-SLE-15.6-2025-616=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-616=1

## Package List:

  * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64)
    * postgresql17-llvmjit-debuginfo-17.4-150600.13.10.1
    * postgresql17-debugsource-17.4-150600.13.10.1
    * postgresql17-llvmjit-devel-17.4-150600.13.10.1
    * postgresql17-debuginfo-17.4-150600.13.10.1
    * postgresql17-llvmjit-17.4-150600.13.10.1
    * postgresql17-test-17.4-150600.13.10.1
  * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * postgresql17-plperl-17.4-150600.13.10.1
    * postgresql17-debugsource-17.4-150600.13.10.1
    * postgresql17-server-devel-debuginfo-17.4-150600.13.10.1
    * postgresql17-plperl-debuginfo-17.4-150600.13.10.1
    * postgresql17-pltcl-debuginfo-17.4-150600.13.10.1
    * postgresql17-server-debuginfo-17.4-150600.13.10.1
    * libecpg6-debuginfo-17.4-150600.13.10.1
    * postgresql17-plpython-17.4-150600.13.10.1
    * postgresql17-plpython-debuginfo-17.4-150600.13.10.1
    * postgresql17-server-17.4-150600.13.10.1
    * postgresql17-server-devel-17.4-150600.13.10.1
    * postgresql17-debuginfo-17.4-150600.13.10.1
    * postgresql17-contrib-17.4-150600.13.10.1
    * postgresql17-devel-17.4-150600.13.10.1
    * libecpg6-17.4-150600.13.10.1
    * postgresql17-contrib-debuginfo-17.4-150600.13.10.1
    * postgresql17-pltcl-17.4-150600.13.10.1
    * postgresql17-devel-debuginfo-17.4-150600.13.10.1
  * Server Applications Module 15-SP6 (noarch)
    * postgresql17-docs-17.4-150600.13.10.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * postgresql17-llvmjit-debuginfo-17.4-150600.13.10.1
    * postgresql17-devel-mini-debuginfo-17.4-150600.13.10.1
    * postgresql17-server-devel-debuginfo-17.4-150600.13.10.1
    * libpq5-17.4-150600.13.10.1
    * libecpg6-debuginfo-17.4-150600.13.10.1
    * postgresql17-server-17.4-150600.13.10.1
    * postgresql17-test-17.4-150600.13.10.1
    * postgresql17-mini-debugsource-17.4-150600.13.10.1
    * postgresql17-contrib-17.4-150600.13.10.1
    * postgresql17-plperl-17.4-150600.13.10.1
    * postgresql17-17.4-150600.13.10.1
    * libecpg6-17.4-150600.13.10.1
    * postgresql17-server-debuginfo-17.4-150600.13.10.1
    * libpq5-debuginfo-17.4-150600.13.10.1
    * postgresql17-debuginfo-17.4-150600.13.10.1
    * postgresql17-devel-17.4-150600.13.10.1
    * postgresql17-contrib-debuginfo-17.4-150600.13.10.1
    * postgresql17-devel-debuginfo-17.4-150600.13.10.1
    * postgresql17-debugsource-17.4-150600.13.10.1
    * postgresql17-plperl-debuginfo-17.4-150600.13.10.1
    * postgresql17-pltcl-debuginfo-17.4-150600.13.10.1
    * postgresql17-devel-mini-17.4-150600.13.10.1
    * postgresql17-plpython-17.4-150600.13.10.1
    * postgresql17-plpython-debuginfo-17.4-150600.13.10.1
    * postgresql17-server-devel-17.4-150600.13.10.1
    * postgresql17-llvmjit-devel-17.4-150600.13.10.1
    * postgresql17-llvmjit-17.4-150600.13.10.1
    * postgresql17-pltcl-17.4-150600.13.10.1
  * openSUSE Leap 15.6 (x86_64)
    * libecpg6-32bit-debuginfo-17.4-150600.13.10.1
    * libpq5-32bit-17.4-150600.13.10.1
    * libecpg6-32bit-17.4-150600.13.10.1
    * libpq5-32bit-debuginfo-17.4-150600.13.10.1
  * openSUSE Leap 15.6 (noarch)
    * postgresql17-docs-17.4-150600.13.10.1
  * openSUSE Leap 15.6 (aarch64_ilp32)
    * libpq5-64bit-17.4-150600.13.10.1
    * libecpg6-64bit-17.4-150600.13.10.1
    * libecpg6-64bit-debuginfo-17.4-150600.13.10.1
    * libpq5-64bit-debuginfo-17.4-150600.13.10.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * postgresql17-debugsource-17.4-150600.13.10.1
    * libpq5-17.4-150600.13.10.1
    * libpq5-debuginfo-17.4-150600.13.10.1
    * postgresql17-debuginfo-17.4-150600.13.10.1
    * postgresql17-17.4-150600.13.10.1
  * Basesystem Module 15-SP6 (x86_64)
    * libpq5-32bit-17.4-150600.13.10.1
    * libpq5-32bit-debuginfo-17.4-150600.13.10.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-1094.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237093

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/bb4793a9/attachment.htm>

From null at suse.de  Fri Feb 21 12:30:59 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 12:30:59 -0000
Subject: SUSE-SU-2025:0615-1: important: Security update for postgresql14
Message-ID: <174014105922.8028.5090203008216514718@smelt2.prg2.suse.org>



# Security update for postgresql14

Announcement ID: SUSE-SU-2025:0615-1  
Release Date: 2025-02-21T10:41:24Z  
Rating: important  
References:

  * bsc#1237093

  
Cross-References:

  * CVE-2025-1094

  
CVSS scores:

  * CVE-2025-1094 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-1094 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1094 ( NVD ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for postgresql14 fixes the following issues:

Upgrade to 14.17:

  * CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-
    encoded input strings (bsc#1237093).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-615=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-615=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * postgresql14-devel-14.17-3.54.1
    * postgresql14-devel-debuginfo-14.17-3.54.1
    * postgresql14-plpython-14.17-3.54.1
    * postgresql14-debugsource-14.17-3.54.1
    * postgresql14-14.17-3.54.1
    * postgresql14-plpython-debuginfo-14.17-3.54.1
    * postgresql14-pltcl-14.17-3.54.1
    * postgresql14-contrib-debuginfo-14.17-3.54.1
    * postgresql14-plperl-debuginfo-14.17-3.54.1
    * postgresql14-debuginfo-14.17-3.54.1
    * postgresql14-pltcl-debuginfo-14.17-3.54.1
    * postgresql14-server-14.17-3.54.1
    * postgresql14-plperl-14.17-3.54.1
    * postgresql14-server-debuginfo-14.17-3.54.1
    * postgresql14-contrib-14.17-3.54.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch)
    * postgresql14-docs-14.17-3.54.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (ppc64le s390x x86_64)
    * postgresql14-server-devel-debuginfo-14.17-3.54.1
    * postgresql14-server-devel-14.17-3.54.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * postgresql14-devel-14.17-3.54.1
    * postgresql14-devel-debuginfo-14.17-3.54.1
    * postgresql14-plpython-14.17-3.54.1
    * postgresql14-server-devel-debuginfo-14.17-3.54.1
    * postgresql14-debugsource-14.17-3.54.1
    * postgresql14-14.17-3.54.1
    * postgresql14-plpython-debuginfo-14.17-3.54.1
    * postgresql14-pltcl-14.17-3.54.1
    * postgresql14-contrib-debuginfo-14.17-3.54.1
    * postgresql14-plperl-debuginfo-14.17-3.54.1
    * postgresql14-debuginfo-14.17-3.54.1
    * postgresql14-pltcl-debuginfo-14.17-3.54.1
    * postgresql14-server-14.17-3.54.1
    * postgresql14-plperl-14.17-3.54.1
    * postgresql14-server-devel-14.17-3.54.1
    * postgresql14-server-debuginfo-14.17-3.54.1
    * postgresql14-contrib-14.17-3.54.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch)
    * postgresql14-docs-14.17-3.54.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-1094.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237093

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/f9eb38c8/attachment.htm>

From null at suse.de  Fri Feb 21 12:31:01 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 12:31:01 -0000
Subject: SUSE-SU-2025:0614-1: important: Security update for postgresql15
Message-ID: <174014106147.8028.11889016131851965185@smelt2.prg2.suse.org>



# Security update for postgresql15

Announcement ID: SUSE-SU-2025:0614-1  
Release Date: 2025-02-21T10:40:27Z  
Rating: important  
References:

  * bsc#1237093

  
Cross-References:

  * CVE-2025-1094

  
CVSS scores:

  * CVE-2025-1094 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-1094 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1094 ( NVD ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * Legacy Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for postgresql15 fixes the following issues:

Upgrade to 15.12:

  * CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-
    encoded input strings (bsc#1237093).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-614=1 openSUSE-SLE-15.6-2025-614=1

  * Legacy Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2025-614=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * postgresql15-15.12-150600.16.14.1
    * postgresql15-devel-15.12-150600.16.14.1
    * postgresql15-llvmjit-devel-15.12-150600.16.14.1
    * postgresql15-server-15.12-150600.16.14.1
    * postgresql15-llvmjit-15.12-150600.16.14.1
    * postgresql15-pltcl-debuginfo-15.12-150600.16.14.1
    * postgresql15-test-15.12-150600.16.14.1
    * postgresql15-server-debuginfo-15.12-150600.16.14.1
    * postgresql15-devel-debuginfo-15.12-150600.16.14.1
    * postgresql15-debugsource-15.12-150600.16.14.1
    * postgresql15-plperl-15.12-150600.16.14.1
    * postgresql15-llvmjit-debuginfo-15.12-150600.16.14.1
    * postgresql15-plperl-debuginfo-15.12-150600.16.14.1
    * postgresql15-contrib-15.12-150600.16.14.1
    * postgresql15-pltcl-15.12-150600.16.14.1
    * postgresql15-server-devel-15.12-150600.16.14.1
    * postgresql15-plpython-15.12-150600.16.14.1
    * postgresql15-server-devel-debuginfo-15.12-150600.16.14.1
    * postgresql15-contrib-debuginfo-15.12-150600.16.14.1
    * postgresql15-plpython-debuginfo-15.12-150600.16.14.1
    * postgresql15-debuginfo-15.12-150600.16.14.1
  * openSUSE Leap 15.6 (noarch)
    * postgresql15-docs-15.12-150600.16.14.1
  * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * postgresql15-15.12-150600.16.14.1
    * postgresql15-devel-debuginfo-15.12-150600.16.14.1
    * postgresql15-debugsource-15.12-150600.16.14.1
    * postgresql15-plperl-15.12-150600.16.14.1
    * postgresql15-devel-15.12-150600.16.14.1
    * postgresql15-pltcl-15.12-150600.16.14.1
    * postgresql15-server-devel-15.12-150600.16.14.1
    * postgresql15-contrib-debuginfo-15.12-150600.16.14.1
    * postgresql15-server-15.12-150600.16.14.1
    * postgresql15-plperl-debuginfo-15.12-150600.16.14.1
    * postgresql15-plpython-debuginfo-15.12-150600.16.14.1
    * postgresql15-plpython-15.12-150600.16.14.1
    * postgresql15-debuginfo-15.12-150600.16.14.1
    * postgresql15-pltcl-debuginfo-15.12-150600.16.14.1
    * postgresql15-server-devel-debuginfo-15.12-150600.16.14.1
    * postgresql15-contrib-15.12-150600.16.14.1
    * postgresql15-server-debuginfo-15.12-150600.16.14.1
  * Legacy Module 15-SP6 (noarch)
    * postgresql15-docs-15.12-150600.16.14.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-1094.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237093

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/58b0a195/attachment.htm>

From null at suse.de  Fri Feb 21 12:31:06 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 12:31:06 -0000
Subject: SUSE-SU-2025:0613-1: moderate: Security update for openssl-1_1
Message-ID: <174014106652.8028.1710957894748969843@smelt2.prg2.suse.org>



# Security update for openssl-1_1

Announcement ID: SUSE-SU-2025:0613-1  
Release Date: 2025-02-21T10:38:08Z  
Rating: moderate  
References:

  * bsc#1236136
  * bsc#1236771

  
Cross-References:

  * CVE-2024-13176

  
CVSS scores:

  * CVE-2024-13176 ( SUSE ):  6.0
    CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-13176 ( SUSE ):  5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2024-13176 ( NVD ):  4.1 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

  
Affected Products:

  * Basesystem Module 15-SP6
  * Development Tools Module 15-SP6
  * Legacy Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for openssl-1_1 fixes the following issues:

  * CVE-2024-13176: Fixed timing side-channel in the ECDSA signature computation
    (bsc#1236136).

Other bugfixes:

  * Non approved PBKDF parameters wrongly resulting as approved (bsc#1236771).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-613=1 openSUSE-SLE-15.6-2025-613=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-613=1

  * Development Tools Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-613=1

  * Legacy Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2025-613=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * libopenssl1_1-1.1.1w-150600.5.12.2
    * libopenssl1_1-debuginfo-1.1.1w-150600.5.12.2
    * openssl-1_1-1.1.1w-150600.5.12.2
    * openssl-1_1-debuginfo-1.1.1w-150600.5.12.2
    * openssl-1_1-debugsource-1.1.1w-150600.5.12.2
    * libopenssl-1_1-devel-1.1.1w-150600.5.12.2
  * openSUSE Leap 15.6 (x86_64)
    * libopenssl1_1-32bit-debuginfo-1.1.1w-150600.5.12.2
    * libopenssl1_1-32bit-1.1.1w-150600.5.12.2
    * libopenssl-1_1-devel-32bit-1.1.1w-150600.5.12.2
  * openSUSE Leap 15.6 (noarch)
    * openssl-1_1-doc-1.1.1w-150600.5.12.2
  * openSUSE Leap 15.6 (aarch64_ilp32)
    * libopenssl1_1-64bit-debuginfo-1.1.1w-150600.5.12.2
    * libopenssl1_1-64bit-1.1.1w-150600.5.12.2
    * libopenssl-1_1-devel-64bit-1.1.1w-150600.5.12.2
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * libopenssl1_1-debuginfo-1.1.1w-150600.5.12.2
    * libopenssl1_1-1.1.1w-150600.5.12.2
    * openssl-1_1-debuginfo-1.1.1w-150600.5.12.2
    * openssl-1_1-debugsource-1.1.1w-150600.5.12.2
  * Basesystem Module 15-SP6 (x86_64)
    * libopenssl1_1-32bit-debuginfo-1.1.1w-150600.5.12.2
    * libopenssl1_1-32bit-1.1.1w-150600.5.12.2
  * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * openssl-1_1-debuginfo-1.1.1w-150600.5.12.2
    * openssl-1_1-debugsource-1.1.1w-150600.5.12.2
    * libopenssl-1_1-devel-1.1.1w-150600.5.12.2
  * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * openssl-1_1-debugsource-1.1.1w-150600.5.12.2
    * openssl-1_1-debuginfo-1.1.1w-150600.5.12.2
    * openssl-1_1-1.1.1w-150600.5.12.2

## References:

  * https://www.suse.com/security/cve/CVE-2024-13176.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236136
  * https://bugzilla.suse.com/show_bug.cgi?id=1236771

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/8c81dc14/attachment.htm>

From null at suse.de  Fri Feb 21 12:31:10 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 12:31:10 -0000
Subject: SUSE-RU-2025:0612-1: moderate: Recommended update for clamav
Message-ID: <174014107017.8028.14978481750944357570@smelt2.prg2.suse.org>



# Recommended update for clamav

Announcement ID: SUSE-RU-2025:0612-1  
Release Date: 2025-02-21T10:37:43Z  
Rating: moderate  
References:

  * bsc#1236949

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that has one fix can now be installed.

## Description:

This update for clamav fixes the following issue:

  * Fix location of license files (bsc#1236949).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-612=1 openSUSE-SLE-15.6-2025-612=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-612=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * libclammspack0-debuginfo-1.4.2-150600.18.9.3
    * clamav-debugsource-1.4.2-150600.18.9.3
    * clamav-milter-debuginfo-1.4.2-150600.18.9.3
    * clamav-debuginfo-1.4.2-150600.18.9.3
    * libclamav12-1.4.2-150600.18.9.3
    * clamav-milter-1.4.2-150600.18.9.3
    * libclamav12-debuginfo-1.4.2-150600.18.9.3
    * libfreshclam3-1.4.2-150600.18.9.3
    * clamav-devel-1.4.2-150600.18.9.3
    * libfreshclam3-debuginfo-1.4.2-150600.18.9.3
    * libclammspack0-1.4.2-150600.18.9.3
    * clamav-1.4.2-150600.18.9.3
  * openSUSE Leap 15.6 (noarch)
    * clamav-docs-html-1.4.2-150600.18.9.3
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * libclammspack0-debuginfo-1.4.2-150600.18.9.3
    * clamav-debugsource-1.4.2-150600.18.9.3
    * clamav-milter-debuginfo-1.4.2-150600.18.9.3
    * clamav-debuginfo-1.4.2-150600.18.9.3
    * libclamav12-1.4.2-150600.18.9.3
    * clamav-milter-1.4.2-150600.18.9.3
    * libclamav12-debuginfo-1.4.2-150600.18.9.3
    * libfreshclam3-1.4.2-150600.18.9.3
    * clamav-devel-1.4.2-150600.18.9.3
    * libfreshclam3-debuginfo-1.4.2-150600.18.9.3
    * libclammspack0-1.4.2-150600.18.9.3
    * clamav-1.4.2-150600.18.9.3
  * Basesystem Module 15-SP6 (noarch)
    * clamav-docs-html-1.4.2-150600.18.9.3

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1236949

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/baab338d/attachment.htm>

From null at suse.de  Fri Feb 21 12:31:12 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 12:31:12 -0000
Subject: SUSE-SU-2025:0611-1: important: Security update for
 google-osconfig-agent
Message-ID: <174014107292.8028.4296146802921704693@smelt2.prg2.suse.org>



# Security update for google-osconfig-agent

Announcement ID: SUSE-SU-2025:0611-1  
Release Date: 2025-02-21T10:37:16Z  
Rating: important  
References:

  * bsc#1236560

  
Cross-References:

  * CVE-2024-45339

  
CVSS scores:

  * CVE-2024-45339 ( SUSE ):  6.9
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-45339 ( SUSE ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
  * CVE-2024-45339 ( NVD ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

  
Affected Products:

  * openSUSE Leap 15.6
  * Public Cloud Module 15-SP3
  * Public Cloud Module 15-SP4
  * Public Cloud Module 15-SP5
  * Public Cloud Module 15-SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Manager Proxy 4.2
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.2
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.2
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for google-osconfig-agent fixes the following issues:

  * CVE-2024-45339: github.com/golang/glog: a privileged process' log file path
    can be easily predicted and used to overwrite other sensitive files in a
    system. (bsc#1236560)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-611=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-611=1

  * Public Cloud Module 15-SP3  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2025-611=1

  * Public Cloud Module 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-611=1

  * Public Cloud Module 15-SP5  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2025-611=1

  * Public Cloud Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-611=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * google-osconfig-agent-20250115.01-150000.1.44.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * google-osconfig-agent-20250115.01-150000.1.44.1
  * Public Cloud Module 15-SP3 (aarch64 ppc64le s390x x86_64)
    * google-osconfig-agent-20250115.01-150000.1.44.1
  * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64)
    * google-osconfig-agent-20250115.01-150000.1.44.1
  * Public Cloud Module 15-SP5 (aarch64 ppc64le s390x x86_64)
    * google-osconfig-agent-20250115.01-150000.1.44.1
  * Public Cloud Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * google-osconfig-agent-20250115.01-150000.1.44.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-45339.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236560

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/9d5732e2/attachment.htm>

From null at suse.de  Fri Feb 21 12:31:16 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 12:31:16 -0000
Subject: SUSE-RU-2025:0610-1: moderate: Recommended update for clamav
Message-ID: <174014107615.8028.467149434765048962@smelt2.prg2.suse.org>



# Recommended update for clamav

Announcement ID: SUSE-RU-2025:0610-1  
Release Date: 2025-02-21T10:35:08Z  
Rating: moderate  
References:

  * bsc#1236949

  
Affected Products:

  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that has one fix can now be installed.

## Description:

This update for clamav fixes the following issue:

  * Fix location of license files (bsc#1236949).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-610=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-610=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-610=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-610=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-610=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-610=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-610=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-610=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-610=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-610=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-610=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-610=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-610=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-610=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-610=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-610=1

## Package List:

  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * clamav-1.4.2-150200.8.6.2
    * libclamav12-debuginfo-1.4.2-150200.8.6.2
    * libfreshclam3-1.4.2-150200.8.6.2
    * clamav-milter-1.4.2-150200.8.6.2
    * libclammspack0-1.4.2-150200.8.6.2
    * libclammspack0-debuginfo-1.4.2-150200.8.6.2
    * clamav-debuginfo-1.4.2-150200.8.6.2
    * libclamav12-1.4.2-150200.8.6.2
    * clamav-devel-1.4.2-150200.8.6.2
    * clamav-milter-debuginfo-1.4.2-150200.8.6.2
    * clamav-debugsource-1.4.2-150200.8.6.2
    * libfreshclam3-debuginfo-1.4.2-150200.8.6.2
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * clamav-docs-html-1.4.2-150200.8.6.2
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * clamav-1.4.2-150200.8.6.2
    * libclamav12-debuginfo-1.4.2-150200.8.6.2
    * libfreshclam3-1.4.2-150200.8.6.2
    * clamav-milter-1.4.2-150200.8.6.2
    * libclammspack0-1.4.2-150200.8.6.2
    * libclammspack0-debuginfo-1.4.2-150200.8.6.2
    * clamav-debuginfo-1.4.2-150200.8.6.2
    * libclamav12-1.4.2-150200.8.6.2
    * clamav-devel-1.4.2-150200.8.6.2
    * clamav-milter-debuginfo-1.4.2-150200.8.6.2
    * clamav-debugsource-1.4.2-150200.8.6.2
    * libfreshclam3-debuginfo-1.4.2-150200.8.6.2
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * clamav-docs-html-1.4.2-150200.8.6.2
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * clamav-1.4.2-150200.8.6.2
    * libclamav12-debuginfo-1.4.2-150200.8.6.2
    * libfreshclam3-1.4.2-150200.8.6.2
    * clamav-milter-1.4.2-150200.8.6.2
    * libclammspack0-1.4.2-150200.8.6.2
    * libclammspack0-debuginfo-1.4.2-150200.8.6.2
    * clamav-debuginfo-1.4.2-150200.8.6.2
    * libclamav12-1.4.2-150200.8.6.2
    * clamav-devel-1.4.2-150200.8.6.2
    * clamav-milter-debuginfo-1.4.2-150200.8.6.2
    * clamav-debugsource-1.4.2-150200.8.6.2
    * libfreshclam3-debuginfo-1.4.2-150200.8.6.2
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * clamav-docs-html-1.4.2-150200.8.6.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * clamav-1.4.2-150200.8.6.2
    * libclamav12-debuginfo-1.4.2-150200.8.6.2
    * libfreshclam3-1.4.2-150200.8.6.2
    * clamav-milter-1.4.2-150200.8.6.2
    * libclammspack0-1.4.2-150200.8.6.2
    * libclammspack0-debuginfo-1.4.2-150200.8.6.2
    * clamav-debuginfo-1.4.2-150200.8.6.2
    * libclamav12-1.4.2-150200.8.6.2
    * clamav-devel-1.4.2-150200.8.6.2
    * clamav-milter-debuginfo-1.4.2-150200.8.6.2
    * clamav-debugsource-1.4.2-150200.8.6.2
    * libfreshclam3-debuginfo-1.4.2-150200.8.6.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * clamav-docs-html-1.4.2-150200.8.6.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * clamav-1.4.2-150200.8.6.2
    * libclamav12-debuginfo-1.4.2-150200.8.6.2
    * libfreshclam3-1.4.2-150200.8.6.2
    * clamav-milter-1.4.2-150200.8.6.2
    * libclammspack0-1.4.2-150200.8.6.2
    * libclammspack0-debuginfo-1.4.2-150200.8.6.2
    * clamav-debuginfo-1.4.2-150200.8.6.2
    * libclamav12-1.4.2-150200.8.6.2
    * clamav-devel-1.4.2-150200.8.6.2
    * clamav-milter-debuginfo-1.4.2-150200.8.6.2
    * clamav-debugsource-1.4.2-150200.8.6.2
    * libfreshclam3-debuginfo-1.4.2-150200.8.6.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * clamav-docs-html-1.4.2-150200.8.6.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * clamav-1.4.2-150200.8.6.2
    * libclamav12-debuginfo-1.4.2-150200.8.6.2
    * libfreshclam3-1.4.2-150200.8.6.2
    * clamav-milter-1.4.2-150200.8.6.2
    * libclammspack0-1.4.2-150200.8.6.2
    * libclammspack0-debuginfo-1.4.2-150200.8.6.2
    * clamav-debuginfo-1.4.2-150200.8.6.2
    * libclamav12-1.4.2-150200.8.6.2
    * clamav-devel-1.4.2-150200.8.6.2
    * clamav-milter-debuginfo-1.4.2-150200.8.6.2
    * clamav-debugsource-1.4.2-150200.8.6.2
    * libfreshclam3-debuginfo-1.4.2-150200.8.6.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * clamav-docs-html-1.4.2-150200.8.6.2
  * SUSE Manager Proxy 4.3 (x86_64)
    * clamav-1.4.2-150200.8.6.2
    * libclamav12-debuginfo-1.4.2-150200.8.6.2
    * libfreshclam3-1.4.2-150200.8.6.2
    * clamav-milter-1.4.2-150200.8.6.2
    * libclammspack0-1.4.2-150200.8.6.2
    * libclammspack0-debuginfo-1.4.2-150200.8.6.2
    * clamav-debuginfo-1.4.2-150200.8.6.2
    * libclamav12-1.4.2-150200.8.6.2
    * clamav-devel-1.4.2-150200.8.6.2
    * clamav-milter-debuginfo-1.4.2-150200.8.6.2
    * clamav-debugsource-1.4.2-150200.8.6.2
    * libfreshclam3-debuginfo-1.4.2-150200.8.6.2
  * SUSE Manager Proxy 4.3 (noarch)
    * clamav-docs-html-1.4.2-150200.8.6.2
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * clamav-1.4.2-150200.8.6.2
    * libclamav12-debuginfo-1.4.2-150200.8.6.2
    * libfreshclam3-1.4.2-150200.8.6.2
    * clamav-milter-1.4.2-150200.8.6.2
    * libclammspack0-1.4.2-150200.8.6.2
    * libclammspack0-debuginfo-1.4.2-150200.8.6.2
    * clamav-debuginfo-1.4.2-150200.8.6.2
    * libclamav12-1.4.2-150200.8.6.2
    * clamav-devel-1.4.2-150200.8.6.2
    * clamav-milter-debuginfo-1.4.2-150200.8.6.2
    * clamav-debugsource-1.4.2-150200.8.6.2
    * libfreshclam3-debuginfo-1.4.2-150200.8.6.2
  * SUSE Manager Retail Branch Server 4.3 (noarch)
    * clamav-docs-html-1.4.2-150200.8.6.2
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * clamav-1.4.2-150200.8.6.2
    * libclamav12-debuginfo-1.4.2-150200.8.6.2
    * libfreshclam3-1.4.2-150200.8.6.2
    * clamav-milter-1.4.2-150200.8.6.2
    * libclammspack0-1.4.2-150200.8.6.2
    * libclammspack0-debuginfo-1.4.2-150200.8.6.2
    * clamav-debuginfo-1.4.2-150200.8.6.2
    * libclamav12-1.4.2-150200.8.6.2
    * clamav-devel-1.4.2-150200.8.6.2
    * clamav-milter-debuginfo-1.4.2-150200.8.6.2
    * clamav-debugsource-1.4.2-150200.8.6.2
    * libfreshclam3-debuginfo-1.4.2-150200.8.6.2
  * SUSE Manager Server 4.3 (noarch)
    * clamav-docs-html-1.4.2-150200.8.6.2
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * clamav-1.4.2-150200.8.6.2
    * libclamav12-debuginfo-1.4.2-150200.8.6.2
    * libfreshclam3-1.4.2-150200.8.6.2
    * clamav-milter-1.4.2-150200.8.6.2
    * libclammspack0-1.4.2-150200.8.6.2
    * libclammspack0-debuginfo-1.4.2-150200.8.6.2
    * clamav-debuginfo-1.4.2-150200.8.6.2
    * libclamav12-1.4.2-150200.8.6.2
    * clamav-devel-1.4.2-150200.8.6.2
    * clamav-milter-debuginfo-1.4.2-150200.8.6.2
    * clamav-debugsource-1.4.2-150200.8.6.2
    * libfreshclam3-debuginfo-1.4.2-150200.8.6.2
  * SUSE Enterprise Storage 7.1 (noarch)
    * clamav-docs-html-1.4.2-150200.8.6.2
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * clamav-1.4.2-150200.8.6.2
    * libclamav12-debuginfo-1.4.2-150200.8.6.2
    * libfreshclam3-1.4.2-150200.8.6.2
    * libclammspack0-1.4.2-150200.8.6.2
    * libclammspack0-debuginfo-1.4.2-150200.8.6.2
    * clamav-debuginfo-1.4.2-150200.8.6.2
    * libclamav12-1.4.2-150200.8.6.2
    * clamav-debugsource-1.4.2-150200.8.6.2
    * libfreshclam3-debuginfo-1.4.2-150200.8.6.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * clamav-1.4.2-150200.8.6.2
    * libclamav12-debuginfo-1.4.2-150200.8.6.2
    * libfreshclam3-1.4.2-150200.8.6.2
    * clamav-milter-1.4.2-150200.8.6.2
    * libclammspack0-1.4.2-150200.8.6.2
    * libclammspack0-debuginfo-1.4.2-150200.8.6.2
    * clamav-debuginfo-1.4.2-150200.8.6.2
    * libclamav12-1.4.2-150200.8.6.2
    * clamav-devel-1.4.2-150200.8.6.2
    * clamav-milter-debuginfo-1.4.2-150200.8.6.2
    * clamav-debugsource-1.4.2-150200.8.6.2
    * libfreshclam3-debuginfo-1.4.2-150200.8.6.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * clamav-docs-html-1.4.2-150200.8.6.2
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * clamav-1.4.2-150200.8.6.2
    * libclamav12-debuginfo-1.4.2-150200.8.6.2
    * libfreshclam3-1.4.2-150200.8.6.2
    * clamav-milter-1.4.2-150200.8.6.2
    * libclammspack0-1.4.2-150200.8.6.2
    * libclammspack0-debuginfo-1.4.2-150200.8.6.2
    * clamav-debuginfo-1.4.2-150200.8.6.2
    * libclamav12-1.4.2-150200.8.6.2
    * clamav-devel-1.4.2-150200.8.6.2
    * clamav-milter-debuginfo-1.4.2-150200.8.6.2
    * clamav-debugsource-1.4.2-150200.8.6.2
    * libfreshclam3-debuginfo-1.4.2-150200.8.6.2
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * clamav-docs-html-1.4.2-150200.8.6.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * clamav-1.4.2-150200.8.6.2
    * libclamav12-debuginfo-1.4.2-150200.8.6.2
    * libfreshclam3-1.4.2-150200.8.6.2
    * clamav-milter-1.4.2-150200.8.6.2
    * libclammspack0-1.4.2-150200.8.6.2
    * libclammspack0-debuginfo-1.4.2-150200.8.6.2
    * clamav-debuginfo-1.4.2-150200.8.6.2
    * libclamav12-1.4.2-150200.8.6.2
    * clamav-devel-1.4.2-150200.8.6.2
    * clamav-milter-debuginfo-1.4.2-150200.8.6.2
    * clamav-debugsource-1.4.2-150200.8.6.2
    * libfreshclam3-debuginfo-1.4.2-150200.8.6.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * clamav-docs-html-1.4.2-150200.8.6.2
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * clamav-1.4.2-150200.8.6.2
    * libclamav12-debuginfo-1.4.2-150200.8.6.2
    * libfreshclam3-1.4.2-150200.8.6.2
    * clamav-milter-1.4.2-150200.8.6.2
    * libclammspack0-1.4.2-150200.8.6.2
    * libclammspack0-debuginfo-1.4.2-150200.8.6.2
    * clamav-debuginfo-1.4.2-150200.8.6.2
    * libclamav12-1.4.2-150200.8.6.2
    * clamav-devel-1.4.2-150200.8.6.2
    * clamav-milter-debuginfo-1.4.2-150200.8.6.2
    * clamav-debugsource-1.4.2-150200.8.6.2
    * libfreshclam3-debuginfo-1.4.2-150200.8.6.2
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * clamav-docs-html-1.4.2-150200.8.6.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * clamav-1.4.2-150200.8.6.2
    * libclamav12-debuginfo-1.4.2-150200.8.6.2
    * libfreshclam3-1.4.2-150200.8.6.2
    * clamav-milter-1.4.2-150200.8.6.2
    * libclammspack0-1.4.2-150200.8.6.2
    * libclammspack0-debuginfo-1.4.2-150200.8.6.2
    * clamav-debuginfo-1.4.2-150200.8.6.2
    * libclamav12-1.4.2-150200.8.6.2
    * clamav-devel-1.4.2-150200.8.6.2
    * clamav-milter-debuginfo-1.4.2-150200.8.6.2
    * clamav-debugsource-1.4.2-150200.8.6.2
    * libfreshclam3-debuginfo-1.4.2-150200.8.6.2
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * clamav-docs-html-1.4.2-150200.8.6.2

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1236949

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/a51671d4/attachment.htm>

From null at suse.de  Fri Feb 21 12:31:20 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 12:31:20 -0000
Subject: SUSE-SU-2025:0609-1: important: Security update for ovmf
Message-ID: <174014108020.8028.16605529320116586788@smelt2.prg2.suse.org>



# Security update for ovmf

Announcement ID: SUSE-SU-2025:0609-1  
Release Date: 2025-02-21T10:33:48Z  
Rating: important  
References:

  * bsc#1237084

  
Affected Products:

  * openSUSE Leap 15.5
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5

  
  
An update that has one security fix can now be installed.

## Description:

This update for ovmf fixes the following issues:

  * PXE boot is failing due to patches applied to fix CVE-2023-45236 and
    CVE-2023-45237 (bsc#1237084).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-609=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-609=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-609=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-609=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-609=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-609=1

## Package List:

  * openSUSE Leap 15.5 (aarch64 x86_64)
    * ovmf-tools-202208-150500.6.9.1
    * ovmf-202208-150500.6.9.1
  * openSUSE Leap 15.5 (noarch)
    * qemu-uefi-aarch32-202208-150500.6.9.1
    * qemu-ovmf-ia32-202208-150500.6.9.1
    * qemu-uefi-aarch64-202208-150500.6.9.1
    * qemu-ovmf-x86_64-202208-150500.6.9.1
  * openSUSE Leap 15.5 (x86_64)
    * qemu-ovmf-x86_64-debug-202208-150500.6.9.1
  * SUSE Linux Enterprise Micro 5.5 (noarch)
    * qemu-uefi-aarch64-202208-150500.6.9.1
    * qemu-ovmf-x86_64-202208-150500.6.9.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * ovmf-tools-202208-150500.6.9.1
    * ovmf-202208-150500.6.9.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * qemu-uefi-aarch64-202208-150500.6.9.1
    * qemu-ovmf-x86_64-202208-150500.6.9.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * ovmf-tools-202208-150500.6.9.1
    * ovmf-202208-150500.6.9.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * qemu-uefi-aarch64-202208-150500.6.9.1
    * qemu-ovmf-x86_64-202208-150500.6.9.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 x86_64)
    * ovmf-tools-202208-150500.6.9.1
    * ovmf-202208-150500.6.9.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * qemu-uefi-aarch64-202208-150500.6.9.1
    * qemu-ovmf-x86_64-202208-150500.6.9.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64)
    * ovmf-tools-202208-150500.6.9.1
    * ovmf-202208-150500.6.9.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * qemu-ovmf-x86_64-202208-150500.6.9.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1237084

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/746f5beb/attachment.htm>

From null at suse.de  Fri Feb 21 12:31:22 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 12:31:22 -0000
Subject: SUSE-SU-2025:0608-1: important: Security update for ovmf
Message-ID: <174014108277.8028.3096137877093068443@smelt2.prg2.suse.org>



# Security update for ovmf

Announcement ID: SUSE-SU-2025:0608-1  
Release Date: 2025-02-21T10:31:21Z  
Rating: important  
References:

  * bsc#1237084

  
Affected Products:

  * openSUSE Leap 15.6
  * Server Applications Module 15-SP6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Package Hub 15 15-SP6

  
  
An update that has one security fix can now be installed.

## Description:

This update for ovmf fixes the following issues:

  * PXE boot is failing due to patches applied to fix CVE-2023-45236 and
    CVE-2023-45237 (bsc#1237084).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-608=1 openSUSE-SLE-15.6-2025-608=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-608=1

  * Server Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-608=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 x86_64)
    * ovmf-tools-202308-150600.5.14.1
    * ovmf-202308-150600.5.14.1
  * openSUSE Leap 15.6 (noarch)
    * qemu-uefi-aarch64-202308-150600.5.14.1
    * qemu-ovmf-x86_64-202308-150600.5.14.1
    * qemu-uefi-aarch32-202308-150600.5.14.1
    * qemu-ovmf-ia32-202308-150600.5.14.1
  * openSUSE Leap 15.6 (x86_64)
    * qemu-ovmf-x86_64-debug-202308-150600.5.14.1
  * SUSE Package Hub 15 15-SP6 (noarch)
    * qemu-uefi-aarch64-202308-150600.5.14.1
    * qemu-ovmf-x86_64-202308-150600.5.14.1
    * qemu-uefi-aarch32-202308-150600.5.14.1
  * SUSE Package Hub 15 15-SP6 (x86_64)
    * qemu-ovmf-x86_64-debug-202308-150600.5.14.1
  * Server Applications Module 15-SP6 (aarch64 x86_64)
    * ovmf-tools-202308-150600.5.14.1
    * ovmf-202308-150600.5.14.1
  * Server Applications Module 15-SP6 (noarch)
    * qemu-ovmf-x86_64-202308-150600.5.14.1
    * qemu-uefi-aarch64-202308-150600.5.14.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1237084

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/ad557445/attachment.htm>

From null at suse.de  Fri Feb 21 16:30:04 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 16:30:04 -0000
Subject: SUSE-SU-2025:0638-1: important: Security update for webkit2gtk3
Message-ID: <174015540478.5950.3358085648636919486@smelt2.prg2.suse.org>



# Security update for webkit2gtk3

Announcement ID: SUSE-SU-2025:0638-1  
Release Date: 2025-02-21T15:38:48Z  
Rating: important  
References:

  * bsc#1236946

  
Cross-References:

  * CVE-2024-27856
  * CVE-2024-54543
  * CVE-2024-54658
  * CVE-2025-24143
  * CVE-2025-24150
  * CVE-2025-24158
  * CVE-2025-24162

  
CVSS scores:

  * CVE-2024-27856 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-27856 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-27856 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-54543 ( SUSE ):  7.2
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-54543 ( SUSE ):  8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
  * CVE-2024-54543 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-54543 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-54658 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-54658 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2024-54658 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2025-24143 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-24143 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
  * CVE-2025-24143 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
  * CVE-2025-24143 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
  * CVE-2025-24150 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-24150 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-24150 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-24150 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-24158 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-24158 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2025-24158 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2025-24162 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-24162 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2025-24162 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves seven vulnerabilities can now be installed.

## Description:

This update for webkit2gtk3 fixes the following issues:

Update to version 2.46.6 (bsc#1236946):

  * CVE-2025-24143: A maliciously crafted webpage may be able to fingerprint the
    user.
  * CVE-2025-24150: Copying a URL from Web Inspector may lead to command
    injection.
  * CVE-2025-24158: Processing web content may lead to a denial-of-service.
  * CVE-2025-24162: Processing maliciously crafted web content may lead to an
    unexpected process crash.

Already fixed in previous releases:

  * CVE-2024-54543: Processing maliciously crafted web content may lead to
    memory corruption.
  * CVE-2024-27856: Processing a file may lead to unexpected app termination or
    arbitrary code execution.
  * CVE-2024-54658: Processing web content may lead to a denial-of-service.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-638=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-638=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-638=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-638=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-638=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-638=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-638=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-638=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-638=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-638=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-638=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-638=1

## Package List:

  * openSUSE Leap 15.4 (noarch)
    * WebKitGTK-4.1-lang-2.46.6-150400.4.106.1
    * WebKitGTK-6.0-lang-2.46.6-150400.4.106.1
    * WebKitGTK-4.0-lang-2.46.6-150400.4.106.1
  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKitWebProcessExtension-6_0-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-4_1-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-6_0-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.106.1
    * libwebkitgtk-6_0-4-debuginfo-2.46.6-150400.4.106.1
    * webkitgtk-6_0-injected-bundles-2.46.6-150400.4.106.1
    * webkit-jsc-4.1-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-minibrowser-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-6_0-1-2.46.6-150400.4.106.1
    * webkit-jsc-4-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_1-0-debuginfo-2.46.6-150400.4.106.1
    * webkit-jsc-6.0-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-minibrowser-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2-4_0-2.46.6-150400.4.106.1
    * webkit-jsc-4.1-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150400.4.106.1
    * webkit-jsc-4-debuginfo-2.46.6-150400.4.106.1
    * webkit2gtk3-minibrowser-2.46.6-150400.4.106.1
    * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * webkitgtk-6_0-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * webkit2gtk3-devel-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2-4_1-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_1-0-2.46.6-150400.4.106.1
    * webkit2gtk3-debugsource-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.106.1
    * webkit2gtk4-debugsource-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-debugsource-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150400.4.106.1
    * webkit2gtk4-minibrowser-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-2.46.6-150400.4.106.1
    * libwebkitgtk-6_0-4-2.46.6-150400.4.106.1
    * webkit2gtk4-minibrowser-debuginfo-2.46.6-150400.4.106.1
    * webkit2gtk-4_1-injected-bundles-2.46.6-150400.4.106.1
    * webkit-jsc-6.0-debuginfo-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-devel-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit-6_0-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.106.1
    * webkit2gtk3-minibrowser-debuginfo-2.46.6-150400.4.106.1
    * webkit2gtk4-devel-2.46.6-150400.4.106.1
  * openSUSE Leap 15.4 (x86_64)
    * libwebkit2gtk-4_1-0-32bit-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-32bit-debuginfo-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-32bit-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-32bit-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_1-0-32bit-debuginfo-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-32bit-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-32bit-debuginfo-2.46.6-150400.4.106.1
  * openSUSE Leap 15.4 (aarch64_ilp32)
    * libjavascriptcoregtk-4_0-18-64bit-debuginfo-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-64bit-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_1-0-64bit-debuginfo-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-64bit-debuginfo-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-64bit-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-64bit-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-64bit-debuginfo-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_1-0-64bit-2.46.6-150400.4.106.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * WebKitGTK-4.1-lang-2.46.6-150400.4.106.1
    * WebKitGTK-6.0-lang-2.46.6-150400.4.106.1
    * WebKitGTK-4.0-lang-2.46.6-150400.4.106.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-4_1-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.106.1
    * libwebkitgtk-6_0-4-debuginfo-2.46.6-150400.4.106.1
    * webkitgtk-6_0-injected-bundles-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-6_0-1-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_1-0-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2-4_0-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150400.4.106.1
    * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2-4_1-2.46.6-150400.4.106.1
    * webkit2gtk3-devel-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_1-0-2.46.6-150400.4.106.1
    * webkit2gtk3-debugsource-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.106.1
    * webkit2gtk4-debugsource-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-debugsource-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-2.46.6-150400.4.106.1
    * libwebkitgtk-6_0-4-2.46.6-150400.4.106.1
    * webkit2gtk-4_1-injected-bundles-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-devel-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.106.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * WebKitGTK-4.1-lang-2.46.6-150400.4.106.1
    * WebKitGTK-6.0-lang-2.46.6-150400.4.106.1
    * WebKitGTK-4.0-lang-2.46.6-150400.4.106.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-4_1-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.106.1
    * libwebkitgtk-6_0-4-debuginfo-2.46.6-150400.4.106.1
    * webkitgtk-6_0-injected-bundles-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-6_0-1-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_1-0-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2-4_0-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150400.4.106.1
    * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2-4_1-2.46.6-150400.4.106.1
    * webkit2gtk3-devel-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_1-0-2.46.6-150400.4.106.1
    * webkit2gtk3-debugsource-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.106.1
    * webkit2gtk4-debugsource-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-debugsource-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-2.46.6-150400.4.106.1
    * libwebkitgtk-6_0-4-2.46.6-150400.4.106.1
    * webkit2gtk-4_1-injected-bundles-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-devel-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.106.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * WebKitGTK-4.1-lang-2.46.6-150400.4.106.1
    * WebKitGTK-6.0-lang-2.46.6-150400.4.106.1
    * WebKitGTK-4.0-lang-2.46.6-150400.4.106.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-4_1-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.106.1
    * libwebkitgtk-6_0-4-debuginfo-2.46.6-150400.4.106.1
    * webkitgtk-6_0-injected-bundles-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-6_0-1-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_1-0-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2-4_0-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150400.4.106.1
    * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2-4_1-2.46.6-150400.4.106.1
    * webkit2gtk3-devel-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_1-0-2.46.6-150400.4.106.1
    * webkit2gtk3-debugsource-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.106.1
    * webkit2gtk4-debugsource-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-debugsource-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-2.46.6-150400.4.106.1
    * libwebkitgtk-6_0-4-2.46.6-150400.4.106.1
    * webkit2gtk-4_1-injected-bundles-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-devel-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.106.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * WebKitGTK-4.1-lang-2.46.6-150400.4.106.1
    * WebKitGTK-6.0-lang-2.46.6-150400.4.106.1
    * WebKitGTK-4.0-lang-2.46.6-150400.4.106.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-4_1-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.106.1
    * libwebkitgtk-6_0-4-debuginfo-2.46.6-150400.4.106.1
    * webkitgtk-6_0-injected-bundles-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-6_0-1-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_1-0-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2-4_0-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150400.4.106.1
    * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2-4_1-2.46.6-150400.4.106.1
    * webkit2gtk3-devel-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_1-0-2.46.6-150400.4.106.1
    * webkit2gtk3-debugsource-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.106.1
    * webkit2gtk4-debugsource-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-debugsource-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-2.46.6-150400.4.106.1
    * libwebkitgtk-6_0-4-2.46.6-150400.4.106.1
    * webkit2gtk-4_1-injected-bundles-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-devel-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.106.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * WebKitGTK-4.1-lang-2.46.6-150400.4.106.1
    * WebKitGTK-6.0-lang-2.46.6-150400.4.106.1
    * WebKitGTK-4.0-lang-2.46.6-150400.4.106.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-4_1-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.106.1
    * libwebkitgtk-6_0-4-debuginfo-2.46.6-150400.4.106.1
    * webkitgtk-6_0-injected-bundles-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-6_0-1-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_1-0-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2-4_0-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150400.4.106.1
    * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2-4_1-2.46.6-150400.4.106.1
    * webkit2gtk3-devel-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_1-0-2.46.6-150400.4.106.1
    * webkit2gtk3-debugsource-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.106.1
    * webkit2gtk4-debugsource-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-debugsource-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-2.46.6-150400.4.106.1
    * libwebkitgtk-6_0-4-2.46.6-150400.4.106.1
    * webkit2gtk-4_1-injected-bundles-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-devel-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.106.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * WebKitGTK-4.1-lang-2.46.6-150400.4.106.1
    * WebKitGTK-6.0-lang-2.46.6-150400.4.106.1
    * WebKitGTK-4.0-lang-2.46.6-150400.4.106.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-4_1-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.106.1
    * libwebkitgtk-6_0-4-debuginfo-2.46.6-150400.4.106.1
    * webkitgtk-6_0-injected-bundles-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-6_0-1-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_1-0-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2-4_0-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150400.4.106.1
    * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2-4_1-2.46.6-150400.4.106.1
    * webkit2gtk3-devel-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_1-0-2.46.6-150400.4.106.1
    * webkit2gtk3-debugsource-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.106.1
    * webkit2gtk4-debugsource-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-debugsource-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-2.46.6-150400.4.106.1
    * libwebkitgtk-6_0-4-2.46.6-150400.4.106.1
    * webkit2gtk-4_1-injected-bundles-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-devel-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.106.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * WebKitGTK-4.1-lang-2.46.6-150400.4.106.1
    * WebKitGTK-6.0-lang-2.46.6-150400.4.106.1
    * WebKitGTK-4.0-lang-2.46.6-150400.4.106.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-4_1-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.106.1
    * libwebkitgtk-6_0-4-debuginfo-2.46.6-150400.4.106.1
    * webkitgtk-6_0-injected-bundles-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-6_0-1-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_1-0-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2-4_0-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150400.4.106.1
    * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2-4_1-2.46.6-150400.4.106.1
    * webkit2gtk3-devel-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_1-0-2.46.6-150400.4.106.1
    * webkit2gtk3-debugsource-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.106.1
    * webkit2gtk4-debugsource-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-debugsource-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-2.46.6-150400.4.106.1
    * libwebkitgtk-6_0-4-2.46.6-150400.4.106.1
    * webkit2gtk-4_1-injected-bundles-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-devel-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.106.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * WebKitGTK-4.1-lang-2.46.6-150400.4.106.1
    * WebKitGTK-6.0-lang-2.46.6-150400.4.106.1
    * WebKitGTK-4.0-lang-2.46.6-150400.4.106.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-4_1-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.106.1
    * libwebkitgtk-6_0-4-debuginfo-2.46.6-150400.4.106.1
    * webkitgtk-6_0-injected-bundles-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-6_0-1-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_1-0-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2-4_0-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150400.4.106.1
    * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2-4_1-2.46.6-150400.4.106.1
    * webkit2gtk3-devel-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_1-0-2.46.6-150400.4.106.1
    * webkit2gtk3-debugsource-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.106.1
    * webkit2gtk4-debugsource-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-debugsource-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-2.46.6-150400.4.106.1
    * libwebkitgtk-6_0-4-2.46.6-150400.4.106.1
    * webkit2gtk-4_1-injected-bundles-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-devel-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.106.1
  * SUSE Manager Proxy 4.3 (noarch)
    * WebKitGTK-4.0-lang-2.46.6-150400.4.106.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2-4_0-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-devel-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-debugsource-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-2.46.6-150400.4.106.1
  * SUSE Manager Retail Branch Server 4.3 (noarch)
    * WebKitGTK-4.0-lang-2.46.6-150400.4.106.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2-4_0-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-devel-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-debugsource-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-2.46.6-150400.4.106.1
  * SUSE Manager Server 4.3 (noarch)
    * WebKitGTK-4.0-lang-2.46.6-150400.4.106.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2-4_0-2.46.6-150400.4.106.1
    * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-devel-2.46.6-150400.4.106.1
    * webkit2gtk-4_0-injected-bundles-2.46.6-150400.4.106.1
    * libjavascriptcoregtk-4_0-18-2.46.6-150400.4.106.1
    * webkit2gtk3-soup2-debugsource-2.46.6-150400.4.106.1
    * typelib-1_0-JavaScriptCore-4_0-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150400.4.106.1
    * libwebkit2gtk-4_0-37-2.46.6-150400.4.106.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-27856.html
  * https://www.suse.com/security/cve/CVE-2024-54543.html
  * https://www.suse.com/security/cve/CVE-2024-54658.html
  * https://www.suse.com/security/cve/CVE-2025-24143.html
  * https://www.suse.com/security/cve/CVE-2025-24150.html
  * https://www.suse.com/security/cve/CVE-2025-24158.html
  * https://www.suse.com/security/cve/CVE-2025-24162.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236946

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/b445034e/attachment.htm>

From null at suse.de  Fri Feb 21 16:30:08 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 16:30:08 -0000
Subject: SUSE-SU-2025:0637-1: important: Security update for postgresql16
Message-ID: <174015540876.5950.9449244915452643771@smelt2.prg2.suse.org>



# Security update for postgresql16

Announcement ID: SUSE-SU-2025:0637-1  
Release Date: 2025-02-21T14:16:28Z  
Rating: important  
References:

  * bsc#1237093

  
Cross-References:

  * CVE-2025-1094

  
CVSS scores:

  * CVE-2025-1094 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-1094 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1094 ( NVD ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for postgresql16 fixes the following issues:

Upgrade to 16.8:

  * CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-
    encoded input strings (bsc#1237093).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-637=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-637=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * postgresql16-debuginfo-16.8-3.26.1
    * postgresql16-plperl-debuginfo-16.8-3.26.1
    * postgresql16-devel-debuginfo-16.8-3.26.1
    * postgresql16-server-devel-16.8-3.26.1
    * postgresql16-plpython-16.8-3.26.1
    * postgresql16-contrib-debuginfo-16.8-3.26.1
    * postgresql16-devel-16.8-3.26.1
    * postgresql16-16.8-3.26.1
    * postgresql16-server-16.8-3.26.1
    * postgresql16-pltcl-16.8-3.26.1
    * postgresql16-plperl-16.8-3.26.1
    * postgresql16-contrib-16.8-3.26.1
    * postgresql16-server-devel-debuginfo-16.8-3.26.1
    * postgresql16-pltcl-debuginfo-16.8-3.26.1
    * postgresql16-server-debuginfo-16.8-3.26.1
    * postgresql16-debugsource-16.8-3.26.1
    * postgresql16-plpython-debuginfo-16.8-3.26.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch)
    * postgresql16-docs-16.8-3.26.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * postgresql16-debuginfo-16.8-3.26.1
    * postgresql16-plperl-debuginfo-16.8-3.26.1
    * postgresql16-devel-debuginfo-16.8-3.26.1
    * postgresql16-server-devel-16.8-3.26.1
    * postgresql16-plpython-16.8-3.26.1
    * postgresql16-contrib-debuginfo-16.8-3.26.1
    * postgresql16-devel-16.8-3.26.1
    * postgresql16-16.8-3.26.1
    * postgresql16-server-16.8-3.26.1
    * postgresql16-pltcl-16.8-3.26.1
    * postgresql16-plperl-16.8-3.26.1
    * postgresql16-contrib-16.8-3.26.1
    * postgresql16-server-devel-debuginfo-16.8-3.26.1
    * postgresql16-pltcl-debuginfo-16.8-3.26.1
    * postgresql16-server-debuginfo-16.8-3.26.1
    * postgresql16-debugsource-16.8-3.26.1
    * postgresql16-plpython-debuginfo-16.8-3.26.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch)
    * postgresql16-docs-16.8-3.26.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-1094.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237093

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/3f0249a3/attachment.htm>

From null at suse.de  Fri Feb 21 16:30:11 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 16:30:11 -0000
Subject: SUSE-SU-2025:0636-1: important: Security update for postgresql16
Message-ID: <174015541101.5950.5079582146694168675@smelt2.prg2.suse.org>



# Security update for postgresql16

Announcement ID: SUSE-SU-2025:0636-1  
Release Date: 2025-02-21T14:16:02Z  
Rating: important  
References:

  * bsc#1237093

  
Cross-References:

  * CVE-2025-1094

  
CVSS scores:

  * CVE-2025-1094 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-1094 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1094 ( NVD ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for postgresql16 fixes the following issues:

Upgrade to 16.8:

  * CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-
    encoded input strings (bsc#1237093).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-636=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-636=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-636=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-636=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-636=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-636=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-636=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-636=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-636=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-636=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-636=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-636=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-636=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-636=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-636=1

## Package List:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * postgresql16-debuginfo-16.8-150200.5.26.1
    * postgresql16-debugsource-16.8-150200.5.26.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * postgresql16-devel-16.8-150200.5.26.1
    * postgresql16-plpython-16.8-150200.5.26.1
    * postgresql16-plperl-16.8-150200.5.26.1
    * postgresql16-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-16.8-150200.5.26.1
    * postgresql16-contrib-debuginfo-16.8-150200.5.26.1
    * postgresql16-plpython-debuginfo-16.8-150200.5.26.1
    * postgresql16-debuginfo-16.8-150200.5.26.1
    * postgresql16-pltcl-debuginfo-16.8-150200.5.26.1
    * postgresql16-plperl-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-devel-16.8-150200.5.26.1
    * postgresql16-contrib-16.8-150200.5.26.1
    * postgresql16-server-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-16.8-150200.5.26.1
    * postgresql16-debugsource-16.8-150200.5.26.1
    * postgresql16-pltcl-16.8-150200.5.26.1
    * postgresql16-server-debuginfo-16.8-150200.5.26.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * postgresql16-docs-16.8-150200.5.26.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * postgresql16-devel-16.8-150200.5.26.1
    * postgresql16-plpython-16.8-150200.5.26.1
    * postgresql16-plperl-16.8-150200.5.26.1
    * postgresql16-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-16.8-150200.5.26.1
    * postgresql16-contrib-debuginfo-16.8-150200.5.26.1
    * postgresql16-plpython-debuginfo-16.8-150200.5.26.1
    * postgresql16-debuginfo-16.8-150200.5.26.1
    * postgresql16-pltcl-debuginfo-16.8-150200.5.26.1
    * postgresql16-plperl-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-devel-16.8-150200.5.26.1
    * postgresql16-contrib-16.8-150200.5.26.1
    * postgresql16-server-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-16.8-150200.5.26.1
    * postgresql16-debugsource-16.8-150200.5.26.1
    * postgresql16-pltcl-16.8-150200.5.26.1
    * postgresql16-server-debuginfo-16.8-150200.5.26.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * postgresql16-docs-16.8-150200.5.26.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * postgresql16-devel-16.8-150200.5.26.1
    * postgresql16-plpython-16.8-150200.5.26.1
    * postgresql16-plperl-16.8-150200.5.26.1
    * postgresql16-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-16.8-150200.5.26.1
    * postgresql16-contrib-debuginfo-16.8-150200.5.26.1
    * postgresql16-plpython-debuginfo-16.8-150200.5.26.1
    * postgresql16-debuginfo-16.8-150200.5.26.1
    * postgresql16-pltcl-debuginfo-16.8-150200.5.26.1
    * postgresql16-plperl-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-devel-16.8-150200.5.26.1
    * postgresql16-contrib-16.8-150200.5.26.1
    * postgresql16-server-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-16.8-150200.5.26.1
    * postgresql16-debugsource-16.8-150200.5.26.1
    * postgresql16-pltcl-16.8-150200.5.26.1
    * postgresql16-server-debuginfo-16.8-150200.5.26.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * postgresql16-docs-16.8-150200.5.26.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * postgresql16-devel-16.8-150200.5.26.1
    * postgresql16-plpython-16.8-150200.5.26.1
    * postgresql16-plperl-16.8-150200.5.26.1
    * postgresql16-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-16.8-150200.5.26.1
    * postgresql16-contrib-debuginfo-16.8-150200.5.26.1
    * postgresql16-plpython-debuginfo-16.8-150200.5.26.1
    * postgresql16-debuginfo-16.8-150200.5.26.1
    * postgresql16-pltcl-debuginfo-16.8-150200.5.26.1
    * postgresql16-plperl-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-devel-16.8-150200.5.26.1
    * postgresql16-contrib-16.8-150200.5.26.1
    * postgresql16-server-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-16.8-150200.5.26.1
    * postgresql16-debugsource-16.8-150200.5.26.1
    * postgresql16-pltcl-16.8-150200.5.26.1
    * postgresql16-server-debuginfo-16.8-150200.5.26.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * postgresql16-docs-16.8-150200.5.26.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * postgresql16-debuginfo-16.8-150200.5.26.1
    * postgresql16-debugsource-16.8-150200.5.26.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * postgresql16-devel-16.8-150200.5.26.1
    * postgresql16-plpython-16.8-150200.5.26.1
    * postgresql16-plperl-16.8-150200.5.26.1
    * postgresql16-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-16.8-150200.5.26.1
    * postgresql16-contrib-debuginfo-16.8-150200.5.26.1
    * postgresql16-plpython-debuginfo-16.8-150200.5.26.1
    * postgresql16-debuginfo-16.8-150200.5.26.1
    * postgresql16-pltcl-debuginfo-16.8-150200.5.26.1
    * postgresql16-plperl-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-devel-16.8-150200.5.26.1
    * postgresql16-contrib-16.8-150200.5.26.1
    * postgresql16-server-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-16.8-150200.5.26.1
    * postgresql16-debugsource-16.8-150200.5.26.1
    * postgresql16-pltcl-16.8-150200.5.26.1
    * postgresql16-server-debuginfo-16.8-150200.5.26.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * postgresql16-docs-16.8-150200.5.26.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * postgresql16-devel-16.8-150200.5.26.1
    * postgresql16-plpython-16.8-150200.5.26.1
    * postgresql16-plperl-16.8-150200.5.26.1
    * postgresql16-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-16.8-150200.5.26.1
    * postgresql16-contrib-debuginfo-16.8-150200.5.26.1
    * postgresql16-plpython-debuginfo-16.8-150200.5.26.1
    * postgresql16-debuginfo-16.8-150200.5.26.1
    * postgresql16-pltcl-debuginfo-16.8-150200.5.26.1
    * postgresql16-plperl-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-devel-16.8-150200.5.26.1
    * postgresql16-contrib-16.8-150200.5.26.1
    * postgresql16-server-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-16.8-150200.5.26.1
    * postgresql16-debugsource-16.8-150200.5.26.1
    * postgresql16-pltcl-16.8-150200.5.26.1
    * postgresql16-server-debuginfo-16.8-150200.5.26.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * postgresql16-docs-16.8-150200.5.26.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * postgresql16-debuginfo-16.8-150200.5.26.1
    * postgresql16-debugsource-16.8-150200.5.26.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * postgresql16-devel-16.8-150200.5.26.1
    * postgresql16-plpython-16.8-150200.5.26.1
    * postgresql16-plperl-16.8-150200.5.26.1
    * postgresql16-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-16.8-150200.5.26.1
    * postgresql16-contrib-debuginfo-16.8-150200.5.26.1
    * postgresql16-plpython-debuginfo-16.8-150200.5.26.1
    * postgresql16-debuginfo-16.8-150200.5.26.1
    * postgresql16-pltcl-debuginfo-16.8-150200.5.26.1
    * postgresql16-plperl-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-devel-16.8-150200.5.26.1
    * postgresql16-contrib-16.8-150200.5.26.1
    * postgresql16-server-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-16.8-150200.5.26.1
    * postgresql16-debugsource-16.8-150200.5.26.1
    * postgresql16-pltcl-16.8-150200.5.26.1
    * postgresql16-server-debuginfo-16.8-150200.5.26.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * postgresql16-docs-16.8-150200.5.26.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * postgresql16-devel-16.8-150200.5.26.1
    * postgresql16-plpython-16.8-150200.5.26.1
    * postgresql16-plperl-16.8-150200.5.26.1
    * postgresql16-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-16.8-150200.5.26.1
    * postgresql16-contrib-debuginfo-16.8-150200.5.26.1
    * postgresql16-plpython-debuginfo-16.8-150200.5.26.1
    * postgresql16-debuginfo-16.8-150200.5.26.1
    * postgresql16-pltcl-debuginfo-16.8-150200.5.26.1
    * postgresql16-plperl-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-devel-16.8-150200.5.26.1
    * postgresql16-contrib-16.8-150200.5.26.1
    * postgresql16-server-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-16.8-150200.5.26.1
    * postgresql16-debugsource-16.8-150200.5.26.1
    * postgresql16-pltcl-16.8-150200.5.26.1
    * postgresql16-server-debuginfo-16.8-150200.5.26.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * postgresql16-docs-16.8-150200.5.26.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * postgresql16-devel-16.8-150200.5.26.1
    * postgresql16-plpython-16.8-150200.5.26.1
    * postgresql16-plperl-16.8-150200.5.26.1
    * postgresql16-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-16.8-150200.5.26.1
    * postgresql16-contrib-debuginfo-16.8-150200.5.26.1
    * postgresql16-plpython-debuginfo-16.8-150200.5.26.1
    * postgresql16-debuginfo-16.8-150200.5.26.1
    * postgresql16-pltcl-debuginfo-16.8-150200.5.26.1
    * postgresql16-plperl-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-devel-16.8-150200.5.26.1
    * postgresql16-contrib-16.8-150200.5.26.1
    * postgresql16-server-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-16.8-150200.5.26.1
    * postgresql16-debugsource-16.8-150200.5.26.1
    * postgresql16-pltcl-16.8-150200.5.26.1
    * postgresql16-server-debuginfo-16.8-150200.5.26.1
  * SUSE Manager Proxy 4.3 (noarch)
    * postgresql16-docs-16.8-150200.5.26.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * postgresql16-devel-16.8-150200.5.26.1
    * postgresql16-plpython-16.8-150200.5.26.1
    * postgresql16-plperl-16.8-150200.5.26.1
    * postgresql16-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-16.8-150200.5.26.1
    * postgresql16-contrib-debuginfo-16.8-150200.5.26.1
    * postgresql16-plpython-debuginfo-16.8-150200.5.26.1
    * postgresql16-debuginfo-16.8-150200.5.26.1
    * postgresql16-pltcl-debuginfo-16.8-150200.5.26.1
    * postgresql16-plperl-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-devel-16.8-150200.5.26.1
    * postgresql16-contrib-16.8-150200.5.26.1
    * postgresql16-server-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-16.8-150200.5.26.1
    * postgresql16-debugsource-16.8-150200.5.26.1
    * postgresql16-pltcl-16.8-150200.5.26.1
    * postgresql16-server-debuginfo-16.8-150200.5.26.1
  * SUSE Manager Retail Branch Server 4.3 (noarch)
    * postgresql16-docs-16.8-150200.5.26.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * postgresql16-devel-16.8-150200.5.26.1
    * postgresql16-plpython-16.8-150200.5.26.1
    * postgresql16-plperl-16.8-150200.5.26.1
    * postgresql16-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-16.8-150200.5.26.1
    * postgresql16-contrib-debuginfo-16.8-150200.5.26.1
    * postgresql16-plpython-debuginfo-16.8-150200.5.26.1
    * postgresql16-debuginfo-16.8-150200.5.26.1
    * postgresql16-pltcl-debuginfo-16.8-150200.5.26.1
    * postgresql16-plperl-debuginfo-16.8-150200.5.26.1
    * postgresql16-server-devel-16.8-150200.5.26.1
    * postgresql16-contrib-16.8-150200.5.26.1
    * postgresql16-server-devel-debuginfo-16.8-150200.5.26.1
    * postgresql16-16.8-150200.5.26.1
    * postgresql16-debugsource-16.8-150200.5.26.1
    * postgresql16-pltcl-16.8-150200.5.26.1
    * postgresql16-server-debuginfo-16.8-150200.5.26.1
  * SUSE Manager Server 4.3 (noarch)
    * postgresql16-docs-16.8-150200.5.26.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * postgresql16-debuginfo-16.8-150200.5.26.1
    * postgresql16-debugsource-16.8-150200.5.26.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-1094.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237093

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/a993785f/attachment.htm>

From null at suse.de  Fri Feb 21 16:30:14 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 16:30:14 -0000
Subject: SUSE-SU-2025:0635-1: important: Security update for postgresql16
Message-ID: <174015541470.5950.7346631977777515061@smelt2.prg2.suse.org>



# Security update for postgresql16

Announcement ID: SUSE-SU-2025:0635-1  
Release Date: 2025-02-21T14:13:33Z  
Rating: important  
References:

  * bsc#1237093

  
Cross-References:

  * CVE-2025-1094

  
CVSS scores:

  * CVE-2025-1094 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-1094 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1094 ( NVD ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * Server Applications Module 15-SP6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Package Hub 15 15-SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for postgresql16 fixes the following issues:

Upgrade to 16.8:

  * CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-
    encoded input strings (bsc#1237093).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-635=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-635=1

  * Server Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-635=1

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-635=1 openSUSE-SLE-15.6-2025-635=1

## Package List:

  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * postgresql16-16.8-150600.16.15.1
    * postgresql16-debugsource-16.8-150600.16.15.1
    * postgresql16-debuginfo-16.8-150600.16.15.1
  * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64)
    * postgresql16-debuginfo-16.8-150600.16.15.1
    * postgresql16-debugsource-16.8-150600.16.15.1
    * postgresql16-test-16.8-150600.16.15.1
    * postgresql16-llvmjit-16.8-150600.16.15.1
    * postgresql16-llvmjit-debuginfo-16.8-150600.16.15.1
  * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * postgresql16-debuginfo-16.8-150600.16.15.1
    * postgresql16-debugsource-16.8-150600.16.15.1
    * postgresql16-contrib-16.8-150600.16.15.1
    * postgresql16-pltcl-debuginfo-16.8-150600.16.15.1
    * postgresql16-server-devel-debuginfo-16.8-150600.16.15.1
    * postgresql16-plperl-16.8-150600.16.15.1
    * postgresql16-plpython-16.8-150600.16.15.1
    * postgresql16-server-debuginfo-16.8-150600.16.15.1
    * postgresql16-server-devel-16.8-150600.16.15.1
    * postgresql16-server-16.8-150600.16.15.1
    * postgresql16-plpython-debuginfo-16.8-150600.16.15.1
    * postgresql16-plperl-debuginfo-16.8-150600.16.15.1
    * postgresql16-devel-16.8-150600.16.15.1
    * postgresql16-pltcl-16.8-150600.16.15.1
    * postgresql16-contrib-debuginfo-16.8-150600.16.15.1
    * postgresql16-devel-debuginfo-16.8-150600.16.15.1
  * Server Applications Module 15-SP6 (noarch)
    * postgresql16-docs-16.8-150600.16.15.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * postgresql16-debuginfo-16.8-150600.16.15.1
    * postgresql16-server-16.8-150600.16.15.1
    * postgresql16-devel-16.8-150600.16.15.1
    * postgresql16-pltcl-16.8-150600.16.15.1
    * postgresql16-llvmjit-devel-16.8-150600.16.15.1
    * postgresql16-server-debuginfo-16.8-150600.16.15.1
    * postgresql16-server-devel-16.8-150600.16.15.1
    * postgresql16-plperl-debuginfo-16.8-150600.16.15.1
    * postgresql16-devel-debuginfo-16.8-150600.16.15.1
    * postgresql16-contrib-16.8-150600.16.15.1
    * postgresql16-16.8-150600.16.15.1
    * postgresql16-llvmjit-16.8-150600.16.15.1
    * postgresql16-plperl-16.8-150600.16.15.1
    * postgresql16-plpython-debuginfo-16.8-150600.16.15.1
    * postgresql16-contrib-debuginfo-16.8-150600.16.15.1
    * postgresql16-debugsource-16.8-150600.16.15.1
    * postgresql16-test-16.8-150600.16.15.1
    * postgresql16-server-devel-debuginfo-16.8-150600.16.15.1
    * postgresql16-pltcl-debuginfo-16.8-150600.16.15.1
    * postgresql16-plpython-16.8-150600.16.15.1
    * postgresql16-llvmjit-debuginfo-16.8-150600.16.15.1
  * openSUSE Leap 15.6 (noarch)
    * postgresql16-docs-16.8-150600.16.15.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-1094.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237093

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/9f23c24d/attachment.htm>

From null at suse.de  Fri Feb 21 16:30:17 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 16:30:17 -0000
Subject: SUSE-SU-2025:0634-1: important: Security update for postgresql15
Message-ID: <174015541721.5950.14442787850164776686@smelt2.prg2.suse.org>



# Security update for postgresql15

Announcement ID: SUSE-SU-2025:0634-1  
Release Date: 2025-02-21T14:12:51Z  
Rating: important  
References:

  * bsc#1237093

  
Cross-References:

  * CVE-2025-1094

  
CVSS scores:

  * CVE-2025-1094 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-1094 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1094 ( NVD ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for postgresql15 fixes the following issues:

Upgrade to 15.12:

  * CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-
    encoded input strings (bsc#1237093).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-634=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-634=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * postgresql15-server-devel-15.12-3.38.1
    * postgresql15-server-debuginfo-15.12-3.38.1
    * postgresql15-pltcl-debuginfo-15.12-3.38.1
    * postgresql15-plperl-debuginfo-15.12-3.38.1
    * postgresql15-debugsource-15.12-3.38.1
    * postgresql15-plpython-15.12-3.38.1
    * postgresql15-debuginfo-15.12-3.38.1
    * postgresql15-plpython-debuginfo-15.12-3.38.1
    * postgresql15-server-devel-debuginfo-15.12-3.38.1
    * postgresql15-server-15.12-3.38.1
    * postgresql15-pltcl-15.12-3.38.1
    * postgresql15-15.12-3.38.1
    * postgresql15-contrib-debuginfo-15.12-3.38.1
    * postgresql15-devel-15.12-3.38.1
    * postgresql15-contrib-15.12-3.38.1
    * postgresql15-plperl-15.12-3.38.1
    * postgresql15-devel-debuginfo-15.12-3.38.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch)
    * postgresql15-docs-15.12-3.38.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * postgresql15-server-devel-15.12-3.38.1
    * postgresql15-server-debuginfo-15.12-3.38.1
    * postgresql15-pltcl-debuginfo-15.12-3.38.1
    * postgresql15-plperl-debuginfo-15.12-3.38.1
    * postgresql15-debugsource-15.12-3.38.1
    * postgresql15-plpython-15.12-3.38.1
    * postgresql15-debuginfo-15.12-3.38.1
    * postgresql15-plpython-debuginfo-15.12-3.38.1
    * postgresql15-server-devel-debuginfo-15.12-3.38.1
    * postgresql15-server-15.12-3.38.1
    * postgresql15-pltcl-15.12-3.38.1
    * postgresql15-15.12-3.38.1
    * postgresql15-contrib-debuginfo-15.12-3.38.1
    * postgresql15-devel-15.12-3.38.1
    * postgresql15-contrib-15.12-3.38.1
    * postgresql15-plperl-15.12-3.38.1
    * postgresql15-devel-debuginfo-15.12-3.38.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch)
    * postgresql15-docs-15.12-3.38.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-1094.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237093

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/48938abb/attachment.htm>

From null at suse.de  Fri Feb 21 16:30:19 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 16:30:19 -0000
Subject: SUSE-SU-2025:0633-1: important: Security update for postgresql15
Message-ID: <174015541967.5950.11143112571217332444@smelt2.prg2.suse.org>



# Security update for postgresql15

Announcement ID: SUSE-SU-2025:0633-1  
Release Date: 2025-02-21T14:12:15Z  
Rating: important  
References:

  * bsc#1237093

  
Cross-References:

  * CVE-2025-1094

  
CVSS scores:

  * CVE-2025-1094 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-1094 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1094 ( NVD ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for postgresql15 fixes the following issues:

Upgrade to 15.12:

  * CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-
    encoded input strings (bsc#1237093).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-633=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-633=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-633=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-633=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-633=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-633=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-633=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-633=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-633=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-633=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-633=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-633=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-633=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-633=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-633=1

## Package List:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * postgresql15-plpython-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-debuginfo-15.12-150200.5.38.1
    * postgresql15-contrib-debuginfo-15.12-150200.5.38.1
    * postgresql15-plpython-15.12-150200.5.38.1
    * postgresql15-contrib-15.12-150200.5.38.1
    * postgresql15-server-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-debugsource-15.12-150200.5.38.1
    * postgresql15-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-15.12-150200.5.38.1
    * postgresql15-debuginfo-15.12-150200.5.38.1
    * postgresql15-devel-15.12-150200.5.38.1
    * postgresql15-server-15.12-150200.5.38.1
    * postgresql15-server-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-15.12-150200.5.38.1
    * postgresql15-15.12-150200.5.38.1
    * postgresql15-server-devel-15.12-150200.5.38.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * postgresql15-docs-15.12-150200.5.38.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * postgresql15-plpython-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-debuginfo-15.12-150200.5.38.1
    * postgresql15-contrib-debuginfo-15.12-150200.5.38.1
    * postgresql15-plpython-15.12-150200.5.38.1
    * postgresql15-contrib-15.12-150200.5.38.1
    * postgresql15-server-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-debugsource-15.12-150200.5.38.1
    * postgresql15-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-15.12-150200.5.38.1
    * postgresql15-debuginfo-15.12-150200.5.38.1
    * postgresql15-devel-15.12-150200.5.38.1
    * postgresql15-server-15.12-150200.5.38.1
    * postgresql15-server-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-15.12-150200.5.38.1
    * postgresql15-15.12-150200.5.38.1
    * postgresql15-server-devel-15.12-150200.5.38.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * postgresql15-docs-15.12-150200.5.38.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * postgresql15-plpython-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-debuginfo-15.12-150200.5.38.1
    * postgresql15-contrib-debuginfo-15.12-150200.5.38.1
    * postgresql15-plpython-15.12-150200.5.38.1
    * postgresql15-contrib-15.12-150200.5.38.1
    * postgresql15-server-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-debugsource-15.12-150200.5.38.1
    * postgresql15-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-15.12-150200.5.38.1
    * postgresql15-debuginfo-15.12-150200.5.38.1
    * postgresql15-devel-15.12-150200.5.38.1
    * postgresql15-server-15.12-150200.5.38.1
    * postgresql15-server-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-15.12-150200.5.38.1
    * postgresql15-15.12-150200.5.38.1
    * postgresql15-server-devel-15.12-150200.5.38.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * postgresql15-docs-15.12-150200.5.38.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * postgresql15-plpython-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-debuginfo-15.12-150200.5.38.1
    * postgresql15-contrib-debuginfo-15.12-150200.5.38.1
    * postgresql15-plpython-15.12-150200.5.38.1
    * postgresql15-contrib-15.12-150200.5.38.1
    * postgresql15-server-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-debugsource-15.12-150200.5.38.1
    * postgresql15-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-15.12-150200.5.38.1
    * postgresql15-debuginfo-15.12-150200.5.38.1
    * postgresql15-devel-15.12-150200.5.38.1
    * postgresql15-server-15.12-150200.5.38.1
    * postgresql15-server-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-15.12-150200.5.38.1
    * postgresql15-15.12-150200.5.38.1
    * postgresql15-server-devel-15.12-150200.5.38.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * postgresql15-docs-15.12-150200.5.38.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * postgresql15-plpython-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-debuginfo-15.12-150200.5.38.1
    * postgresql15-contrib-debuginfo-15.12-150200.5.38.1
    * postgresql15-plpython-15.12-150200.5.38.1
    * postgresql15-contrib-15.12-150200.5.38.1
    * postgresql15-server-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-debugsource-15.12-150200.5.38.1
    * postgresql15-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-15.12-150200.5.38.1
    * postgresql15-debuginfo-15.12-150200.5.38.1
    * postgresql15-devel-15.12-150200.5.38.1
    * postgresql15-server-15.12-150200.5.38.1
    * postgresql15-server-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-15.12-150200.5.38.1
    * postgresql15-15.12-150200.5.38.1
    * postgresql15-server-devel-15.12-150200.5.38.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * postgresql15-docs-15.12-150200.5.38.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * postgresql15-plpython-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-debuginfo-15.12-150200.5.38.1
    * postgresql15-contrib-debuginfo-15.12-150200.5.38.1
    * postgresql15-plpython-15.12-150200.5.38.1
    * postgresql15-contrib-15.12-150200.5.38.1
    * postgresql15-server-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-debugsource-15.12-150200.5.38.1
    * postgresql15-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-15.12-150200.5.38.1
    * postgresql15-debuginfo-15.12-150200.5.38.1
    * postgresql15-devel-15.12-150200.5.38.1
    * postgresql15-server-15.12-150200.5.38.1
    * postgresql15-server-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-15.12-150200.5.38.1
    * postgresql15-15.12-150200.5.38.1
    * postgresql15-server-devel-15.12-150200.5.38.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * postgresql15-docs-15.12-150200.5.38.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * postgresql15-plpython-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-debuginfo-15.12-150200.5.38.1
    * postgresql15-contrib-debuginfo-15.12-150200.5.38.1
    * postgresql15-plpython-15.12-150200.5.38.1
    * postgresql15-contrib-15.12-150200.5.38.1
    * postgresql15-server-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-debugsource-15.12-150200.5.38.1
    * postgresql15-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-15.12-150200.5.38.1
    * postgresql15-debuginfo-15.12-150200.5.38.1
    * postgresql15-devel-15.12-150200.5.38.1
    * postgresql15-server-15.12-150200.5.38.1
    * postgresql15-server-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-15.12-150200.5.38.1
    * postgresql15-15.12-150200.5.38.1
    * postgresql15-server-devel-15.12-150200.5.38.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * postgresql15-docs-15.12-150200.5.38.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * postgresql15-plpython-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-debuginfo-15.12-150200.5.38.1
    * postgresql15-contrib-debuginfo-15.12-150200.5.38.1
    * postgresql15-plpython-15.12-150200.5.38.1
    * postgresql15-contrib-15.12-150200.5.38.1
    * postgresql15-server-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-debugsource-15.12-150200.5.38.1
    * postgresql15-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-15.12-150200.5.38.1
    * postgresql15-debuginfo-15.12-150200.5.38.1
    * postgresql15-devel-15.12-150200.5.38.1
    * postgresql15-server-15.12-150200.5.38.1
    * postgresql15-server-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-15.12-150200.5.38.1
    * postgresql15-15.12-150200.5.38.1
    * postgresql15-server-devel-15.12-150200.5.38.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * postgresql15-docs-15.12-150200.5.38.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * postgresql15-plpython-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-debuginfo-15.12-150200.5.38.1
    * postgresql15-contrib-debuginfo-15.12-150200.5.38.1
    * postgresql15-plpython-15.12-150200.5.38.1
    * postgresql15-contrib-15.12-150200.5.38.1
    * postgresql15-server-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-debugsource-15.12-150200.5.38.1
    * postgresql15-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-15.12-150200.5.38.1
    * postgresql15-debuginfo-15.12-150200.5.38.1
    * postgresql15-devel-15.12-150200.5.38.1
    * postgresql15-server-15.12-150200.5.38.1
    * postgresql15-server-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-15.12-150200.5.38.1
    * postgresql15-15.12-150200.5.38.1
    * postgresql15-server-devel-15.12-150200.5.38.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * postgresql15-docs-15.12-150200.5.38.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * postgresql15-plpython-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-debuginfo-15.12-150200.5.38.1
    * postgresql15-contrib-debuginfo-15.12-150200.5.38.1
    * postgresql15-plpython-15.12-150200.5.38.1
    * postgresql15-contrib-15.12-150200.5.38.1
    * postgresql15-server-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-debugsource-15.12-150200.5.38.1
    * postgresql15-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-15.12-150200.5.38.1
    * postgresql15-debuginfo-15.12-150200.5.38.1
    * postgresql15-devel-15.12-150200.5.38.1
    * postgresql15-server-15.12-150200.5.38.1
    * postgresql15-server-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-15.12-150200.5.38.1
    * postgresql15-15.12-150200.5.38.1
    * postgresql15-server-devel-15.12-150200.5.38.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * postgresql15-docs-15.12-150200.5.38.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * postgresql15-plpython-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-debuginfo-15.12-150200.5.38.1
    * postgresql15-contrib-debuginfo-15.12-150200.5.38.1
    * postgresql15-plpython-15.12-150200.5.38.1
    * postgresql15-contrib-15.12-150200.5.38.1
    * postgresql15-server-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-debugsource-15.12-150200.5.38.1
    * postgresql15-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-15.12-150200.5.38.1
    * postgresql15-debuginfo-15.12-150200.5.38.1
    * postgresql15-devel-15.12-150200.5.38.1
    * postgresql15-server-15.12-150200.5.38.1
    * postgresql15-server-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-15.12-150200.5.38.1
    * postgresql15-15.12-150200.5.38.1
    * postgresql15-server-devel-15.12-150200.5.38.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * postgresql15-docs-15.12-150200.5.38.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * postgresql15-plpython-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-debuginfo-15.12-150200.5.38.1
    * postgresql15-contrib-debuginfo-15.12-150200.5.38.1
    * postgresql15-plpython-15.12-150200.5.38.1
    * postgresql15-contrib-15.12-150200.5.38.1
    * postgresql15-server-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-debugsource-15.12-150200.5.38.1
    * postgresql15-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-15.12-150200.5.38.1
    * postgresql15-debuginfo-15.12-150200.5.38.1
    * postgresql15-devel-15.12-150200.5.38.1
    * postgresql15-server-15.12-150200.5.38.1
    * postgresql15-server-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-15.12-150200.5.38.1
    * postgresql15-15.12-150200.5.38.1
    * postgresql15-server-devel-15.12-150200.5.38.1
  * SUSE Manager Proxy 4.3 (noarch)
    * postgresql15-docs-15.12-150200.5.38.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * postgresql15-plpython-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-debuginfo-15.12-150200.5.38.1
    * postgresql15-contrib-debuginfo-15.12-150200.5.38.1
    * postgresql15-plpython-15.12-150200.5.38.1
    * postgresql15-contrib-15.12-150200.5.38.1
    * postgresql15-server-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-debugsource-15.12-150200.5.38.1
    * postgresql15-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-15.12-150200.5.38.1
    * postgresql15-debuginfo-15.12-150200.5.38.1
    * postgresql15-devel-15.12-150200.5.38.1
    * postgresql15-server-15.12-150200.5.38.1
    * postgresql15-server-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-15.12-150200.5.38.1
    * postgresql15-15.12-150200.5.38.1
    * postgresql15-server-devel-15.12-150200.5.38.1
  * SUSE Manager Retail Branch Server 4.3 (noarch)
    * postgresql15-docs-15.12-150200.5.38.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * postgresql15-plpython-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-debuginfo-15.12-150200.5.38.1
    * postgresql15-contrib-debuginfo-15.12-150200.5.38.1
    * postgresql15-plpython-15.12-150200.5.38.1
    * postgresql15-contrib-15.12-150200.5.38.1
    * postgresql15-server-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-debugsource-15.12-150200.5.38.1
    * postgresql15-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-15.12-150200.5.38.1
    * postgresql15-debuginfo-15.12-150200.5.38.1
    * postgresql15-devel-15.12-150200.5.38.1
    * postgresql15-server-15.12-150200.5.38.1
    * postgresql15-server-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-15.12-150200.5.38.1
    * postgresql15-15.12-150200.5.38.1
    * postgresql15-server-devel-15.12-150200.5.38.1
  * SUSE Manager Server 4.3 (noarch)
    * postgresql15-docs-15.12-150200.5.38.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * postgresql15-plpython-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-debuginfo-15.12-150200.5.38.1
    * postgresql15-contrib-debuginfo-15.12-150200.5.38.1
    * postgresql15-plpython-15.12-150200.5.38.1
    * postgresql15-contrib-15.12-150200.5.38.1
    * postgresql15-server-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-debugsource-15.12-150200.5.38.1
    * postgresql15-devel-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-debuginfo-15.12-150200.5.38.1
    * postgresql15-pltcl-15.12-150200.5.38.1
    * postgresql15-debuginfo-15.12-150200.5.38.1
    * postgresql15-devel-15.12-150200.5.38.1
    * postgresql15-server-15.12-150200.5.38.1
    * postgresql15-server-debuginfo-15.12-150200.5.38.1
    * postgresql15-plperl-15.12-150200.5.38.1
    * postgresql15-15.12-150200.5.38.1
    * postgresql15-server-devel-15.12-150200.5.38.1
  * SUSE Enterprise Storage 7.1 (noarch)
    * postgresql15-docs-15.12-150200.5.38.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-1094.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237093

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/613f04f7/attachment.htm>

From null at suse.de  Fri Feb 21 16:30:22 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 16:30:22 -0000
Subject: SUSE-SU-2025:0632-1: important: Security update for postgresql14
Message-ID: <174015542235.5950.9546405800047177806@smelt2.prg2.suse.org>



# Security update for postgresql14

Announcement ID: SUSE-SU-2025:0632-1  
Release Date: 2025-02-21T14:11:05Z  
Rating: important  
References:

  * bsc#1237093

  
Cross-References:

  * CVE-2025-1094

  
CVSS scores:

  * CVE-2025-1094 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-1094 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1094 ( NVD ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for postgresql14 fixes the following issues:

Upgrade to 14.17:

  * CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-
    encoded input strings (bsc#1237093).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-632=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-632=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-632=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-632=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-632=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-632=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-632=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-632=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-632=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-632=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-632=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-632=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-632=1

## Package List:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * postgresql14-plperl-14.17-150200.5.55.1
    * postgresql14-server-devel-14.17-150200.5.55.1
    * postgresql14-pltcl-14.17-150200.5.55.1
    * postgresql14-server-14.17-150200.5.55.1
    * postgresql14-plperl-debuginfo-14.17-150200.5.55.1
    * postgresql14-plpython-14.17-150200.5.55.1
    * postgresql14-debuginfo-14.17-150200.5.55.1
    * postgresql14-server-debuginfo-14.17-150200.5.55.1
    * postgresql14-14.17-150200.5.55.1
    * postgresql14-server-devel-debuginfo-14.17-150200.5.55.1
    * postgresql14-devel-14.17-150200.5.55.1
    * postgresql14-plpython-debuginfo-14.17-150200.5.55.1
    * postgresql14-pltcl-debuginfo-14.17-150200.5.55.1
    * postgresql14-contrib-14.17-150200.5.55.1
    * postgresql14-contrib-debuginfo-14.17-150200.5.55.1
    * postgresql14-debugsource-14.17-150200.5.55.1
    * postgresql14-devel-debuginfo-14.17-150200.5.55.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * postgresql14-docs-14.17-150200.5.55.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * postgresql14-plperl-14.17-150200.5.55.1
    * postgresql14-server-devel-14.17-150200.5.55.1
    * postgresql14-pltcl-14.17-150200.5.55.1
    * postgresql14-server-14.17-150200.5.55.1
    * postgresql14-plperl-debuginfo-14.17-150200.5.55.1
    * postgresql14-plpython-14.17-150200.5.55.1
    * postgresql14-debuginfo-14.17-150200.5.55.1
    * postgresql14-server-debuginfo-14.17-150200.5.55.1
    * postgresql14-14.17-150200.5.55.1
    * postgresql14-server-devel-debuginfo-14.17-150200.5.55.1
    * postgresql14-devel-14.17-150200.5.55.1
    * postgresql14-plpython-debuginfo-14.17-150200.5.55.1
    * postgresql14-pltcl-debuginfo-14.17-150200.5.55.1
    * postgresql14-contrib-14.17-150200.5.55.1
    * postgresql14-contrib-debuginfo-14.17-150200.5.55.1
    * postgresql14-debugsource-14.17-150200.5.55.1
    * postgresql14-devel-debuginfo-14.17-150200.5.55.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * postgresql14-docs-14.17-150200.5.55.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * postgresql14-plperl-14.17-150200.5.55.1
    * postgresql14-server-devel-14.17-150200.5.55.1
    * postgresql14-pltcl-14.17-150200.5.55.1
    * postgresql14-server-14.17-150200.5.55.1
    * postgresql14-plperl-debuginfo-14.17-150200.5.55.1
    * postgresql14-plpython-14.17-150200.5.55.1
    * postgresql14-debuginfo-14.17-150200.5.55.1
    * postgresql14-server-debuginfo-14.17-150200.5.55.1
    * postgresql14-14.17-150200.5.55.1
    * postgresql14-server-devel-debuginfo-14.17-150200.5.55.1
    * postgresql14-devel-14.17-150200.5.55.1
    * postgresql14-plpython-debuginfo-14.17-150200.5.55.1
    * postgresql14-pltcl-debuginfo-14.17-150200.5.55.1
    * postgresql14-contrib-14.17-150200.5.55.1
    * postgresql14-contrib-debuginfo-14.17-150200.5.55.1
    * postgresql14-debugsource-14.17-150200.5.55.1
    * postgresql14-devel-debuginfo-14.17-150200.5.55.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * postgresql14-docs-14.17-150200.5.55.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * postgresql14-plperl-14.17-150200.5.55.1
    * postgresql14-server-devel-14.17-150200.5.55.1
    * postgresql14-pltcl-14.17-150200.5.55.1
    * postgresql14-server-14.17-150200.5.55.1
    * postgresql14-plperl-debuginfo-14.17-150200.5.55.1
    * postgresql14-plpython-14.17-150200.5.55.1
    * postgresql14-debuginfo-14.17-150200.5.55.1
    * postgresql14-server-debuginfo-14.17-150200.5.55.1
    * postgresql14-14.17-150200.5.55.1
    * postgresql14-server-devel-debuginfo-14.17-150200.5.55.1
    * postgresql14-devel-14.17-150200.5.55.1
    * postgresql14-plpython-debuginfo-14.17-150200.5.55.1
    * postgresql14-pltcl-debuginfo-14.17-150200.5.55.1
    * postgresql14-contrib-14.17-150200.5.55.1
    * postgresql14-contrib-debuginfo-14.17-150200.5.55.1
    * postgresql14-debugsource-14.17-150200.5.55.1
    * postgresql14-devel-debuginfo-14.17-150200.5.55.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * postgresql14-docs-14.17-150200.5.55.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * postgresql14-plperl-14.17-150200.5.55.1
    * postgresql14-server-devel-14.17-150200.5.55.1
    * postgresql14-pltcl-14.17-150200.5.55.1
    * postgresql14-server-14.17-150200.5.55.1
    * postgresql14-plperl-debuginfo-14.17-150200.5.55.1
    * postgresql14-plpython-14.17-150200.5.55.1
    * postgresql14-debuginfo-14.17-150200.5.55.1
    * postgresql14-server-debuginfo-14.17-150200.5.55.1
    * postgresql14-14.17-150200.5.55.1
    * postgresql14-server-devel-debuginfo-14.17-150200.5.55.1
    * postgresql14-devel-14.17-150200.5.55.1
    * postgresql14-plpython-debuginfo-14.17-150200.5.55.1
    * postgresql14-pltcl-debuginfo-14.17-150200.5.55.1
    * postgresql14-contrib-14.17-150200.5.55.1
    * postgresql14-contrib-debuginfo-14.17-150200.5.55.1
    * postgresql14-debugsource-14.17-150200.5.55.1
    * postgresql14-devel-debuginfo-14.17-150200.5.55.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * postgresql14-docs-14.17-150200.5.55.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * postgresql14-llvmjit-14.17-150200.5.55.1
    * postgresql14-plperl-14.17-150200.5.55.1
    * postgresql14-server-devel-14.17-150200.5.55.1
    * postgresql14-pltcl-14.17-150200.5.55.1
    * postgresql14-server-14.17-150200.5.55.1
    * postgresql14-plperl-debuginfo-14.17-150200.5.55.1
    * postgresql14-plpython-14.17-150200.5.55.1
    * postgresql14-debuginfo-14.17-150200.5.55.1
    * postgresql14-server-debuginfo-14.17-150200.5.55.1
    * postgresql14-14.17-150200.5.55.1
    * postgresql14-server-devel-debuginfo-14.17-150200.5.55.1
    * postgresql14-devel-14.17-150200.5.55.1
    * postgresql14-plpython-debuginfo-14.17-150200.5.55.1
    * postgresql14-llvmjit-devel-14.17-150200.5.55.1
    * postgresql14-pltcl-debuginfo-14.17-150200.5.55.1
    * postgresql14-contrib-14.17-150200.5.55.1
    * postgresql14-contrib-debuginfo-14.17-150200.5.55.1
    * postgresql14-debugsource-14.17-150200.5.55.1
    * postgresql14-llvmjit-debuginfo-14.17-150200.5.55.1
    * postgresql14-devel-debuginfo-14.17-150200.5.55.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * postgresql14-docs-14.17-150200.5.55.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * postgresql14-plperl-14.17-150200.5.55.1
    * postgresql14-server-devel-14.17-150200.5.55.1
    * postgresql14-pltcl-14.17-150200.5.55.1
    * postgresql14-server-14.17-150200.5.55.1
    * postgresql14-plperl-debuginfo-14.17-150200.5.55.1
    * postgresql14-plpython-14.17-150200.5.55.1
    * postgresql14-debuginfo-14.17-150200.5.55.1
    * postgresql14-server-debuginfo-14.17-150200.5.55.1
    * postgresql14-14.17-150200.5.55.1
    * postgresql14-server-devel-debuginfo-14.17-150200.5.55.1
    * postgresql14-devel-14.17-150200.5.55.1
    * postgresql14-plpython-debuginfo-14.17-150200.5.55.1
    * postgresql14-pltcl-debuginfo-14.17-150200.5.55.1
    * postgresql14-contrib-14.17-150200.5.55.1
    * postgresql14-contrib-debuginfo-14.17-150200.5.55.1
    * postgresql14-debugsource-14.17-150200.5.55.1
    * postgresql14-devel-debuginfo-14.17-150200.5.55.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * postgresql14-docs-14.17-150200.5.55.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * postgresql14-plperl-14.17-150200.5.55.1
    * postgresql14-server-devel-14.17-150200.5.55.1
    * postgresql14-pltcl-14.17-150200.5.55.1
    * postgresql14-server-14.17-150200.5.55.1
    * postgresql14-plperl-debuginfo-14.17-150200.5.55.1
    * postgresql14-plpython-14.17-150200.5.55.1
    * postgresql14-debuginfo-14.17-150200.5.55.1
    * postgresql14-server-debuginfo-14.17-150200.5.55.1
    * postgresql14-14.17-150200.5.55.1
    * postgresql14-server-devel-debuginfo-14.17-150200.5.55.1
    * postgresql14-devel-14.17-150200.5.55.1
    * postgresql14-plpython-debuginfo-14.17-150200.5.55.1
    * postgresql14-pltcl-debuginfo-14.17-150200.5.55.1
    * postgresql14-contrib-14.17-150200.5.55.1
    * postgresql14-contrib-debuginfo-14.17-150200.5.55.1
    * postgresql14-debugsource-14.17-150200.5.55.1
    * postgresql14-devel-debuginfo-14.17-150200.5.55.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * postgresql14-docs-14.17-150200.5.55.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * postgresql14-llvmjit-14.17-150200.5.55.1
    * postgresql14-plperl-14.17-150200.5.55.1
    * postgresql14-server-devel-14.17-150200.5.55.1
    * postgresql14-pltcl-14.17-150200.5.55.1
    * postgresql14-server-14.17-150200.5.55.1
    * postgresql14-plperl-debuginfo-14.17-150200.5.55.1
    * postgresql14-plpython-14.17-150200.5.55.1
    * postgresql14-debuginfo-14.17-150200.5.55.1
    * postgresql14-server-debuginfo-14.17-150200.5.55.1
    * postgresql14-14.17-150200.5.55.1
    * postgresql14-server-devel-debuginfo-14.17-150200.5.55.1
    * postgresql14-devel-14.17-150200.5.55.1
    * postgresql14-plpython-debuginfo-14.17-150200.5.55.1
    * postgresql14-llvmjit-devel-14.17-150200.5.55.1
    * postgresql14-pltcl-debuginfo-14.17-150200.5.55.1
    * postgresql14-contrib-14.17-150200.5.55.1
    * postgresql14-contrib-debuginfo-14.17-150200.5.55.1
    * postgresql14-debugsource-14.17-150200.5.55.1
    * postgresql14-llvmjit-debuginfo-14.17-150200.5.55.1
    * postgresql14-devel-debuginfo-14.17-150200.5.55.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * postgresql14-docs-14.17-150200.5.55.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * postgresql14-plperl-14.17-150200.5.55.1
    * postgresql14-server-devel-14.17-150200.5.55.1
    * postgresql14-pltcl-14.17-150200.5.55.1
    * postgresql14-server-14.17-150200.5.55.1
    * postgresql14-plperl-debuginfo-14.17-150200.5.55.1
    * postgresql14-plpython-14.17-150200.5.55.1
    * postgresql14-debuginfo-14.17-150200.5.55.1
    * postgresql14-server-debuginfo-14.17-150200.5.55.1
    * postgresql14-14.17-150200.5.55.1
    * postgresql14-server-devel-debuginfo-14.17-150200.5.55.1
    * postgresql14-devel-14.17-150200.5.55.1
    * postgresql14-plpython-debuginfo-14.17-150200.5.55.1
    * postgresql14-pltcl-debuginfo-14.17-150200.5.55.1
    * postgresql14-contrib-14.17-150200.5.55.1
    * postgresql14-contrib-debuginfo-14.17-150200.5.55.1
    * postgresql14-debugsource-14.17-150200.5.55.1
    * postgresql14-devel-debuginfo-14.17-150200.5.55.1
  * SUSE Manager Proxy 4.3 (noarch)
    * postgresql14-docs-14.17-150200.5.55.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * postgresql14-plperl-14.17-150200.5.55.1
    * postgresql14-server-devel-14.17-150200.5.55.1
    * postgresql14-pltcl-14.17-150200.5.55.1
    * postgresql14-server-14.17-150200.5.55.1
    * postgresql14-plperl-debuginfo-14.17-150200.5.55.1
    * postgresql14-plpython-14.17-150200.5.55.1
    * postgresql14-debuginfo-14.17-150200.5.55.1
    * postgresql14-server-debuginfo-14.17-150200.5.55.1
    * postgresql14-14.17-150200.5.55.1
    * postgresql14-server-devel-debuginfo-14.17-150200.5.55.1
    * postgresql14-devel-14.17-150200.5.55.1
    * postgresql14-plpython-debuginfo-14.17-150200.5.55.1
    * postgresql14-pltcl-debuginfo-14.17-150200.5.55.1
    * postgresql14-contrib-14.17-150200.5.55.1
    * postgresql14-contrib-debuginfo-14.17-150200.5.55.1
    * postgresql14-debugsource-14.17-150200.5.55.1
    * postgresql14-devel-debuginfo-14.17-150200.5.55.1
  * SUSE Manager Retail Branch Server 4.3 (noarch)
    * postgresql14-docs-14.17-150200.5.55.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * postgresql14-plperl-14.17-150200.5.55.1
    * postgresql14-server-devel-14.17-150200.5.55.1
    * postgresql14-pltcl-14.17-150200.5.55.1
    * postgresql14-server-14.17-150200.5.55.1
    * postgresql14-plperl-debuginfo-14.17-150200.5.55.1
    * postgresql14-plpython-14.17-150200.5.55.1
    * postgresql14-debuginfo-14.17-150200.5.55.1
    * postgresql14-server-debuginfo-14.17-150200.5.55.1
    * postgresql14-14.17-150200.5.55.1
    * postgresql14-server-devel-debuginfo-14.17-150200.5.55.1
    * postgresql14-devel-14.17-150200.5.55.1
    * postgresql14-plpython-debuginfo-14.17-150200.5.55.1
    * postgresql14-pltcl-debuginfo-14.17-150200.5.55.1
    * postgresql14-contrib-14.17-150200.5.55.1
    * postgresql14-contrib-debuginfo-14.17-150200.5.55.1
    * postgresql14-debugsource-14.17-150200.5.55.1
    * postgresql14-devel-debuginfo-14.17-150200.5.55.1
  * SUSE Manager Server 4.3 (noarch)
    * postgresql14-docs-14.17-150200.5.55.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * postgresql14-plperl-14.17-150200.5.55.1
    * postgresql14-server-devel-14.17-150200.5.55.1
    * postgresql14-pltcl-14.17-150200.5.55.1
    * postgresql14-server-14.17-150200.5.55.1
    * postgresql14-plperl-debuginfo-14.17-150200.5.55.1
    * postgresql14-plpython-14.17-150200.5.55.1
    * postgresql14-debuginfo-14.17-150200.5.55.1
    * postgresql14-server-debuginfo-14.17-150200.5.55.1
    * postgresql14-14.17-150200.5.55.1
    * postgresql14-server-devel-debuginfo-14.17-150200.5.55.1
    * postgresql14-devel-14.17-150200.5.55.1
    * postgresql14-plpython-debuginfo-14.17-150200.5.55.1
    * postgresql14-pltcl-debuginfo-14.17-150200.5.55.1
    * postgresql14-contrib-14.17-150200.5.55.1
    * postgresql14-contrib-debuginfo-14.17-150200.5.55.1
    * postgresql14-debugsource-14.17-150200.5.55.1
    * postgresql14-devel-debuginfo-14.17-150200.5.55.1
  * SUSE Enterprise Storage 7.1 (noarch)
    * postgresql14-docs-14.17-150200.5.55.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-1094.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237093

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/6d67e390/attachment.htm>

From null at suse.de  Fri Feb 21 16:30:25 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 16:30:25 -0000
Subject: SUSE-SU-2025:0631-1: important: Security update for postgresql14
Message-ID: <174015542581.5950.14421151319816082829@smelt2.prg2.suse.org>



# Security update for postgresql14

Announcement ID: SUSE-SU-2025:0631-1  
Release Date: 2025-02-21T14:09:14Z  
Rating: important  
References:

  * bsc#1237093

  
Cross-References:

  * CVE-2025-1094

  
CVSS scores:

  * CVE-2025-1094 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-1094 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1094 ( NVD ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * Legacy Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Package Hub 15 15-SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for postgresql14 fixes the following issues:

Upgrade to 14.17:

  * CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-
    encoded input strings (bsc#1237093).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-631=1 openSUSE-SLE-15.6-2025-631=1

  * Legacy Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2025-631=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-631=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * postgresql14-plperl-debuginfo-14.17-150600.16.14.1
    * postgresql14-devel-debuginfo-14.17-150600.16.14.1
    * postgresql14-server-debuginfo-14.17-150600.16.14.1
    * postgresql14-contrib-14.17-150600.16.14.1
    * postgresql14-14.17-150600.16.14.1
    * postgresql14-pltcl-14.17-150600.16.14.1
    * postgresql14-llvmjit-devel-14.17-150600.16.14.1
    * postgresql14-plpython-debuginfo-14.17-150600.16.14.1
    * postgresql14-server-14.17-150600.16.14.1
    * postgresql14-plpython-14.17-150600.16.14.1
    * postgresql14-contrib-debuginfo-14.17-150600.16.14.1
    * postgresql14-plperl-14.17-150600.16.14.1
    * postgresql14-devel-14.17-150600.16.14.1
    * postgresql14-server-devel-14.17-150600.16.14.1
    * postgresql14-debuginfo-14.17-150600.16.14.1
    * postgresql14-server-devel-debuginfo-14.17-150600.16.14.1
    * postgresql14-llvmjit-debuginfo-14.17-150600.16.14.1
    * postgresql14-llvmjit-14.17-150600.16.14.1
    * postgresql14-debugsource-14.17-150600.16.14.1
    * postgresql14-test-14.17-150600.16.14.1
    * postgresql14-pltcl-debuginfo-14.17-150600.16.14.1
  * openSUSE Leap 15.6 (noarch)
    * postgresql14-docs-14.17-150600.16.14.1
  * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * postgresql14-plpython-debuginfo-14.17-150600.16.14.1
    * postgresql14-plperl-debuginfo-14.17-150600.16.14.1
    * postgresql14-devel-debuginfo-14.17-150600.16.14.1
    * postgresql14-server-devel-14.17-150600.16.14.1
    * postgresql14-server-14.17-150600.16.14.1
    * postgresql14-server-debuginfo-14.17-150600.16.14.1
    * postgresql14-debuginfo-14.17-150600.16.14.1
    * postgresql14-debugsource-14.17-150600.16.14.1
    * postgresql14-server-devel-debuginfo-14.17-150600.16.14.1
    * postgresql14-contrib-14.17-150600.16.14.1
    * postgresql14-plpython-14.17-150600.16.14.1
    * postgresql14-14.17-150600.16.14.1
    * postgresql14-pltcl-14.17-150600.16.14.1
    * postgresql14-pltcl-debuginfo-14.17-150600.16.14.1
    * postgresql14-contrib-debuginfo-14.17-150600.16.14.1
    * postgresql14-plperl-14.17-150600.16.14.1
    * postgresql14-devel-14.17-150600.16.14.1
  * Legacy Module 15-SP6 (noarch)
    * postgresql14-docs-14.17-150600.16.14.1
  * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64)
    * postgresql14-llvmjit-14.17-150600.16.14.1
    * postgresql14-debuginfo-14.17-150600.16.14.1
    * postgresql14-debugsource-14.17-150600.16.14.1
    * postgresql14-test-14.17-150600.16.14.1
    * postgresql14-llvmjit-debuginfo-14.17-150600.16.14.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-1094.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237093

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/b2bc22ad/attachment.htm>

From null at suse.de  Fri Feb 21 16:30:28 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 16:30:28 -0000
Subject: SUSE-RU-2025:0630-1: moderate: Recommended update for
 nvidia-open-driver-G06-signed
Message-ID: <174015542836.5950.2731078012467786922@smelt2.prg2.suse.org>



# Recommended update for nvidia-open-driver-G06-signed

Announcement ID: SUSE-RU-2025:0630-1  
Release Date: 2025-02-21T12:55:35Z  
Rating: moderate  
References:

  * bsc#1237308

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * Public Cloud Module 15-SP6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that has one fix can now be installed.

## Description:

This update for nvidia-open-driver-G06-signed fixes the following issues:

  * In the module install path revert the order of the 'updates' subdirectory
    and the package name and version. This satisfies the kmp dependency checker
    (bsc#1237308).
  * Add a directory identifying the KMP and its version to the module install
    path - i.e.:
    * "$kernel_version"/nvidia-open-driver-G06-signed/"$version"/updates instead of: "$kernel_version"/updates
    * This avoids conflicts when a new version is built against the same kernel release.
  * Add a directory identifying the KMP and its version to the module install
    path - i.e.:
    * "$kernel_version"/nvidia-open-driver-G06-signed/"$version"/updates instead of: "$kernel_version"/updates This avoids conflicts when a new version is built against the same kernel release.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-630=1 openSUSE-SLE-15.6-2025-630=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-630=1

  * Public Cloud Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-630=1

## Package List:

  * openSUSE Leap 15.6 (x86_64)
    * nvidia-open-driver-G06-signed-cuda-kmp-azure-570.86.15_k6.4.0_150600.6-150600.3.37.2
    * nvidia-open-driver-G06-signed-kmp-azure-570.86.16_k6.4.0_150600.6-150600.3.37.2
    * nvidia-open-driver-G06-signed-azure-devel-570.86.16-150600.3.37.2
    * nvidia-open-driver-G06-signed-kmp-azure-debuginfo-570.86.16_k6.4.0_150600.6-150600.3.37.2
    * nvidia-open-driver-G06-signed-cuda-azure-devel-570.86.15-150600.3.37.2
    * nvidia-open-driver-G06-signed-cuda-kmp-azure-debuginfo-570.86.15_k6.4.0_150600.6-150600.3.37.2
  * openSUSE Leap 15.6 (aarch64 x86_64)
    * nv-prefer-signed-open-driver-570.86.15-150600.3.37.2
    * nvidia-open-driver-G06-signed-cuda-kmp-default-570.86.15_k6.4.0_150600.21-150600.3.37.2
    * nvidia-open-driver-G06-signed-cuda-default-devel-570.86.15-150600.3.37.2
    * nvidia-open-driver-G06-signed-default-devel-570.86.16-150600.3.37.2
    * nvidia-open-driver-G06-signed-cuda-debugsource-570.86.15-150600.3.37.2
    * kernel-firmware-nvidia-gspx-G06-cuda-570.86.15-150600.3.37.2
    * nvidia-open-driver-G06-signed-debugsource-570.86.16-150600.3.37.2
    * nvidia-open-driver-G06-signed-kmp-default-570.86.16_k6.4.0_150600.21-150600.3.37.2
    * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-570.86.15_k6.4.0_150600.21-150600.3.37.2
    * nvidia-open-driver-G06-signed-kmp-default-debuginfo-570.86.16_k6.4.0_150600.21-150600.3.37.2
  * openSUSE Leap 15.6 (aarch64)
    * nvidia-open-driver-G06-signed-cuda-kmp-64kb-debuginfo-570.86.15_k6.4.0_150600.21-150600.3.37.2
    * nvidia-open-driver-G06-signed-kmp-64kb-570.86.16_k6.4.0_150600.21-150600.3.37.2
    * nvidia-open-driver-G06-signed-64kb-devel-570.86.16-150600.3.37.2
    * nvidia-open-driver-G06-signed-cuda-64kb-devel-570.86.15-150600.3.37.2
    * nvidia-open-driver-G06-signed-kmp-64kb-debuginfo-570.86.16_k6.4.0_150600.21-150600.3.37.2
    * nvidia-open-driver-G06-signed-cuda-kmp-64kb-570.86.15_k6.4.0_150600.21-150600.3.37.2
  * Basesystem Module 15-SP6 (aarch64 x86_64)
    * nv-prefer-signed-open-driver-570.86.15-150600.3.37.2
    * nvidia-open-driver-G06-signed-cuda-kmp-default-570.86.15_k6.4.0_150600.21-150600.3.37.2
    * nvidia-open-driver-G06-signed-cuda-default-devel-570.86.15-150600.3.37.2
    * nvidia-open-driver-G06-signed-cuda-debugsource-570.86.15-150600.3.37.2
    * nvidia-open-driver-G06-signed-default-devel-570.86.16-150600.3.37.2
    * kernel-firmware-nvidia-gspx-G06-cuda-570.86.15-150600.3.37.2
    * nvidia-open-driver-G06-signed-debugsource-570.86.16-150600.3.37.2
    * nvidia-open-driver-G06-signed-kmp-default-570.86.16_k6.4.0_150600.21-150600.3.37.2
    * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-570.86.15_k6.4.0_150600.21-150600.3.37.2
    * nvidia-open-driver-G06-signed-kmp-default-debuginfo-570.86.16_k6.4.0_150600.21-150600.3.37.2
  * Basesystem Module 15-SP6 (aarch64)
    * nvidia-open-driver-G06-signed-cuda-kmp-64kb-debuginfo-570.86.15_k6.4.0_150600.21-150600.3.37.2
    * nvidia-open-driver-G06-signed-kmp-64kb-570.86.16_k6.4.0_150600.21-150600.3.37.2
    * nvidia-open-driver-G06-signed-64kb-devel-570.86.16-150600.3.37.2
    * nvidia-open-driver-G06-signed-cuda-64kb-devel-570.86.15-150600.3.37.2
    * nvidia-open-driver-G06-signed-kmp-64kb-debuginfo-570.86.16_k6.4.0_150600.21-150600.3.37.2
    * nvidia-open-driver-G06-signed-cuda-kmp-64kb-570.86.15_k6.4.0_150600.21-150600.3.37.2
  * Public Cloud Module 15-SP6 (x86_64)
    * nvidia-open-driver-G06-signed-cuda-kmp-azure-570.86.15_k6.4.0_150600.6-150600.3.37.2
    * nvidia-open-driver-G06-signed-kmp-azure-570.86.16_k6.4.0_150600.6-150600.3.37.2
    * nvidia-open-driver-G06-signed-azure-devel-570.86.16-150600.3.37.2
    * nvidia-open-driver-G06-signed-kmp-azure-debuginfo-570.86.16_k6.4.0_150600.6-150600.3.37.2
    * nvidia-open-driver-G06-signed-cuda-azure-devel-570.86.15-150600.3.37.2
    * nvidia-open-driver-G06-signed-cuda-kmp-azure-debuginfo-570.86.15_k6.4.0_150600.6-150600.3.37.2

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1237308

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/5f2655f5/attachment.htm>

From null at suse.de  Fri Feb 21 16:30:44 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 16:30:44 -0000
Subject: SUSE-SU-2025:0629-1: important: Security update for grub2
Message-ID: <174015544483.5950.14543158494673408963@smelt2.prg2.suse.org>



# Security update for grub2

Announcement ID: SUSE-SU-2025:0629-1  
Release Date: 2025-02-21T12:55:16Z  
Rating: important  
References:

  * bsc#1233606
  * bsc#1233608
  * bsc#1233609
  * bsc#1233610
  * bsc#1233612
  * bsc#1233613
  * bsc#1233614
  * bsc#1233615
  * bsc#1233616
  * bsc#1233617
  * bsc#1234958
  * bsc#1236316
  * bsc#1236317
  * bsc#1237002
  * bsc#1237006
  * bsc#1237008
  * bsc#1237009
  * bsc#1237010
  * bsc#1237011
  * bsc#1237012
  * bsc#1237013
  * bsc#1237014

  
Cross-References:

  * CVE-2024-45774
  * CVE-2024-45775
  * CVE-2024-45776
  * CVE-2024-45777
  * CVE-2024-45778
  * CVE-2024-45779
  * CVE-2024-45780
  * CVE-2024-45781
  * CVE-2024-45782
  * CVE-2024-45783
  * CVE-2024-56737
  * CVE-2025-0622
  * CVE-2025-0624
  * CVE-2025-0677
  * CVE-2025-0678
  * CVE-2025-0684
  * CVE-2025-0685
  * CVE-2025-0686
  * CVE-2025-0689
  * CVE-2025-0690
  * CVE-2025-1118
  * CVE-2025-1125

  
CVSS scores:

  * CVE-2024-45774 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45774 ( NVD ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45775 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45775 ( NVD ):  5.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H
  * CVE-2024-45776 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45776 ( NVD ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45777 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45777 ( NVD ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45778 ( SUSE ):  3.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L
  * CVE-2024-45779 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45780 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45781 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45781 ( NVD ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45782 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45783 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-45783 ( NVD ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-56737 ( SUSE ):  8.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56737 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-56737 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-0622 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0622 ( NVD ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0624 ( SUSE ):  7.6 CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
  * CVE-2025-0624 ( NVD ):  7.6 CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
  * CVE-2025-0677 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0677 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0677 ( NVD ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0678 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0678 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0684 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0685 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0685 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0686 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0686 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0689 ( SUSE ):  8.9
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0689 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0690 ( SUSE ):  7.3
    CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-0690 ( SUSE ):  6.1 CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1118 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-1118 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
  * CVE-2025-1118 ( NVD ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
  * CVE-2025-1125 ( SUSE ):  8.7
    CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
  * CVE-2025-1125 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves 22 vulnerabilities can now be installed.

## Description:

This update for grub2 fixes the following issues:

  * CVE-2024-45781: Fixed strcpy overflow in ufs. (bsc#1233617)
  * CVE-2024-56737: Fixed a heap-based buffer overflow in hfs. (bsc#1234958)
  * CVE-2024-45782: Fixed strcpy overflow in hfs. (bsc#1233615)
  * CVE-2024-45780: Fixed an overflow in tar/cpio. (bsc#1233614)
  * CVE-2024-45783: Fixed a refcount overflow in hfsplus. (bsc#1233616)
  * CVE-2024-45774: Fixed a heap overflow in JPEG parser. (bsc#1233609)
  * CVE-2024-45775: Fixed a missing NULL check in extcmd parser. (bsc#1233610)
  * CVE-2024-45776: Fixed an overflow in .MO file handling. (bsc#1233612)
  * CVE-2024-45777: Fixed an integer overflow in gettext. (bsc#1233613)
  * CVE-2024-45778: Fixed bfs filesystem by removing it from lockdown capable
    modules. (bsc#1233606)
  * CVE-2024-45779: Fixed a heap overflow in bfs. (bsc#1233608)
  * CVE-2025-0624: Fixed an out-of-bounds write during the network boot process.
    (bsc#1236316)
  * CVE-2025-0622: Fixed a use-after-free when handling hooks during module
    unload in command/gpg . (bsc#1236317)
  * CVE-2025-0690: Fixed an integer overflow that may lead to an out-of-bounds
    write through the read command. (bsc#1237012)
  * CVE-2025-1118: Fixed an issue where the dump command was not being blocked
    when grub was in lockdown mode. (bsc#1237013)
  * CVE-2025-0677: Fixed an integer overflow that may lead to an out-of-bounds
    write when handling symlinks in ufs. (bsc#1237002)
  * CVE-2025-0684: Fixed an integer overflow that may lead to an out-of-bounds
    write when handling symlinks in reiserfs. (bsc#1237008)
  * CVE-2025-0685: Fixed an integer overflow that may lead to an out-of-bounds
    write when handling symlinks in jfs. (bsc#1237009)
  * CVE-2025-0686: Fixed an integer overflow that may lead to an out-of-bounds
    write when handling symlinks in romfs. (bsc#1237010)
  * CVE-2025-0689: Fixed a heap-based buffer overflow in udf that may lead to
    arbitrary code execution. (bsc#1237011)
  * CVE-2025-1125: Fixed an integer overflow that may lead to an out-of-bounds
    write in hfs. (bsc#1237014)
  * CVE-2025-0678: Fixed an integer overflow that may lead to an out-of-bounds
    write in squash4. (bsc#1237006)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-629=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-629=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * grub2-debuginfo-2.02-181.2
    * grub2-2.02-181.2
  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64)
    * grub2-arm64-efi-2.02-181.2
  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 s390x x86_64)
    * grub2-debugsource-2.02-181.2
  * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch)
    * grub2-systemd-sleep-plugin-2.02-181.2
    * grub2-x86_64-xen-2.02-181.2
    * grub2-snapper-plugin-2.02-181.2
  * SUSE Linux Enterprise Server 12 SP5 LTSS (ppc64le)
    * grub2-powerpc-ieee1275-2.02-181.2
  * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x)
    * grub2-s390x-emu-2.02-181.2
  * SUSE Linux Enterprise Server 12 SP5 LTSS (x86_64)
    * grub2-x86_64-efi-2.02-181.2
    * grub2-i386-pc-2.02-181.2
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * grub2-2.02-181.2
    * grub2-debugsource-2.02-181.2
    * grub2-debuginfo-2.02-181.2
    * grub2-x86_64-efi-2.02-181.2
    * grub2-i386-pc-2.02-181.2
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch)
    * grub2-systemd-sleep-plugin-2.02-181.2
    * grub2-x86_64-xen-2.02-181.2
    * grub2-snapper-plugin-2.02-181.2

## References:

  * https://www.suse.com/security/cve/CVE-2024-45774.html
  * https://www.suse.com/security/cve/CVE-2024-45775.html
  * https://www.suse.com/security/cve/CVE-2024-45776.html
  * https://www.suse.com/security/cve/CVE-2024-45777.html
  * https://www.suse.com/security/cve/CVE-2024-45778.html
  * https://www.suse.com/security/cve/CVE-2024-45779.html
  * https://www.suse.com/security/cve/CVE-2024-45780.html
  * https://www.suse.com/security/cve/CVE-2024-45781.html
  * https://www.suse.com/security/cve/CVE-2024-45782.html
  * https://www.suse.com/security/cve/CVE-2024-45783.html
  * https://www.suse.com/security/cve/CVE-2024-56737.html
  * https://www.suse.com/security/cve/CVE-2025-0622.html
  * https://www.suse.com/security/cve/CVE-2025-0624.html
  * https://www.suse.com/security/cve/CVE-2025-0677.html
  * https://www.suse.com/security/cve/CVE-2025-0678.html
  * https://www.suse.com/security/cve/CVE-2025-0684.html
  * https://www.suse.com/security/cve/CVE-2025-0685.html
  * https://www.suse.com/security/cve/CVE-2025-0686.html
  * https://www.suse.com/security/cve/CVE-2025-0689.html
  * https://www.suse.com/security/cve/CVE-2025-0690.html
  * https://www.suse.com/security/cve/CVE-2025-1118.html
  * https://www.suse.com/security/cve/CVE-2025-1125.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1233606
  * https://bugzilla.suse.com/show_bug.cgi?id=1233608
  * https://bugzilla.suse.com/show_bug.cgi?id=1233609
  * https://bugzilla.suse.com/show_bug.cgi?id=1233610
  * https://bugzilla.suse.com/show_bug.cgi?id=1233612
  * https://bugzilla.suse.com/show_bug.cgi?id=1233613
  * https://bugzilla.suse.com/show_bug.cgi?id=1233614
  * https://bugzilla.suse.com/show_bug.cgi?id=1233615
  * https://bugzilla.suse.com/show_bug.cgi?id=1233616
  * https://bugzilla.suse.com/show_bug.cgi?id=1233617
  * https://bugzilla.suse.com/show_bug.cgi?id=1234958
  * https://bugzilla.suse.com/show_bug.cgi?id=1236316
  * https://bugzilla.suse.com/show_bug.cgi?id=1236317
  * https://bugzilla.suse.com/show_bug.cgi?id=1237002
  * https://bugzilla.suse.com/show_bug.cgi?id=1237006
  * https://bugzilla.suse.com/show_bug.cgi?id=1237008
  * https://bugzilla.suse.com/show_bug.cgi?id=1237009
  * https://bugzilla.suse.com/show_bug.cgi?id=1237010
  * https://bugzilla.suse.com/show_bug.cgi?id=1237011
  * https://bugzilla.suse.com/show_bug.cgi?id=1237012
  * https://bugzilla.suse.com/show_bug.cgi?id=1237013
  * https://bugzilla.suse.com/show_bug.cgi?id=1237014

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/e2d95131/attachment.htm>

From null at suse.de  Fri Feb 21 20:30:04 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 21 Feb 2025 20:30:04 -0000
Subject: SUSE-SU-2025:0639-1: important: Security update for webkit2gtk3
Message-ID: <174016980451.8692.2283468672353658810@smelt2.prg2.suse.org>



# Security update for webkit2gtk3

Announcement ID: SUSE-SU-2025:0639-1  
Release Date: 2025-02-21T18:56:56Z  
Rating: important  
References:

  * bsc#1236946

  
Cross-References:

  * CVE-2024-27856
  * CVE-2024-54543
  * CVE-2024-54658
  * CVE-2025-24143
  * CVE-2025-24150
  * CVE-2025-24158
  * CVE-2025-24162

  
CVSS scores:

  * CVE-2024-27856 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-27856 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-27856 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-54543 ( SUSE ):  7.2
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-54543 ( SUSE ):  8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
  * CVE-2024-54543 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-54543 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-54658 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-54658 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2024-54658 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2025-24143 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-24143 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
  * CVE-2025-24143 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
  * CVE-2025-24143 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
  * CVE-2025-24150 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-24150 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-24150 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-24150 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-24158 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-24158 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2025-24158 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2025-24162 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-24162 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2025-24162 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves seven vulnerabilities can now be installed.

## Description:

This update for webkit2gtk3 fixes the following issues:

Update to version 2.46.6 (bsc#1236946):

  * CVE-2025-24143: A maliciously crafted webpage may be able to fingerprint the
    user.
  * CVE-2025-24150: Copying a URL from Web Inspector may lead to command
    injection.
  * CVE-2025-24158: Processing web content may lead to a denial-of-service.
  * CVE-2025-24162: Processing maliciously crafted web content may lead to an
    unexpected process crash.

Already fixed in previous releases:

  * CVE-2024-54543: Processing maliciously crafted web content may lead to
    memory corruption.
  * CVE-2024-27856: Processing a file may lead to unexpected app termination or
    arbitrary code execution.
  * CVE-2024-54658: Processing web content may lead to a denial-of-service.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-639=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-639=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-4.28.1
    * webkit2gtk-4_0-injected-bundles-2.46.6-4.28.1
    * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-4.28.1
    * libjavascriptcoregtk-4_0-18-2.46.6-4.28.1
    * typelib-1_0-JavaScriptCore-4_0-2.46.6-4.28.1
    * webkit2gtk3-devel-2.46.6-4.28.1
    * libwebkit2gtk-4_0-37-2.46.6-4.28.1
    * libwebkit2gtk-4_0-37-debuginfo-2.46.6-4.28.1
    * webkit2gtk3-debugsource-2.46.6-4.28.1
    * typelib-1_0-WebKit2-4_0-2.46.6-4.28.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch)
    * libwebkit2gtk3-lang-2.46.6-4.28.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (ppc64le s390x x86_64)
    * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-4.28.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-4.28.1
    * webkit2gtk-4_0-injected-bundles-2.46.6-4.28.1
    * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-4.28.1
    * libjavascriptcoregtk-4_0-18-2.46.6-4.28.1
    * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-4.28.1
    * typelib-1_0-JavaScriptCore-4_0-2.46.6-4.28.1
    * webkit2gtk3-devel-2.46.6-4.28.1
    * libwebkit2gtk-4_0-37-2.46.6-4.28.1
    * libwebkit2gtk-4_0-37-debuginfo-2.46.6-4.28.1
    * webkit2gtk3-debugsource-2.46.6-4.28.1
    * typelib-1_0-WebKit2-4_0-2.46.6-4.28.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch)
    * libwebkit2gtk3-lang-2.46.6-4.28.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-27856.html
  * https://www.suse.com/security/cve/CVE-2024-54543.html
  * https://www.suse.com/security/cve/CVE-2024-54658.html
  * https://www.suse.com/security/cve/CVE-2025-24143.html
  * https://www.suse.com/security/cve/CVE-2025-24150.html
  * https://www.suse.com/security/cve/CVE-2025-24158.html
  * https://www.suse.com/security/cve/CVE-2025-24162.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236946

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250221/02e57e2c/attachment.htm>

From null at suse.de  Mon Feb 24 08:30:11 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 24 Feb 2025 08:30:11 -0000
Subject: SUSE-SU-2025:0656-1: important: Security update for the Linux Kernel
 (Live Patch 15 for SLE 15 SP5)
Message-ID: <174038581195.8028.9175546659419045716@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP5)

Announcement ID: SUSE-SU-2025:0656-1  
Release Date: 2025-02-22T20:04:03Z  
Rating: important  
References:

  * bsc#1227371
  * bsc#1228585
  * bsc#1236783

  
Cross-References:

  * CVE-2024-36974
  * CVE-2024-40956
  * CVE-2024-53104

  
CVSS scores:

  * CVE-2024-36974 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-40956 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-40956 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.5
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise Live Patching 15-SP5
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP5
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5

  
  
An update that solves three vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 5.14.21-150500_55_68 fixes several issues.

The following security issues were fixed:

  * CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in
    irq_process_work_list (bsc#1228585).
  * CVE-2024-36974: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP
    (bsc#1227371).
  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-656=1 SUSE-2025-654=1

  * SUSE Linux Enterprise Live Patching 15-SP5  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-656=1 SUSE-SLE-
Module-Live-Patching-15-SP5-2025-654=1

## Package List:

  * openSUSE Leap 15.5 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP5_Update_14-debugsource-11-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_68-default-debuginfo-10-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_65-default-debuginfo-11-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_65-default-11-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_15-debugsource-10-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_68-default-10-150500.2.1
  * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP5_Update_14-debugsource-11-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_68-default-debuginfo-10-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_65-default-debuginfo-11-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_65-default-11-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_15-debugsource-10-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_68-default-10-150500.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-36974.html
  * https://www.suse.com/security/cve/CVE-2024-40956.html
  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1227371
  * https://bugzilla.suse.com/show_bug.cgi?id=1228585
  * https://bugzilla.suse.com/show_bug.cgi?id=1236783

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250224/e294361a/attachment.htm>

From null at suse.de  Mon Feb 24 08:30:18 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 24 Feb 2025 08:30:18 -0000
Subject: SUSE-SU-2025:0652-1: important: Security update for the Linux Kernel
 (Live Patch 12 for SLE 15 SP5)
Message-ID: <174038581889.8028.15687312984733210422@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP5)

Announcement ID: SUSE-SU-2025:0652-1  
Release Date: 2025-02-22T21:33:30Z  
Rating: important  
References:

  * bsc#1227320
  * bsc#1227371
  * bsc#1228585
  * bsc#1236783

  
Cross-References:

  * CVE-2024-35789
  * CVE-2024-36974
  * CVE-2024-40956
  * CVE-2024-53104

  
CVSS scores:

  * CVE-2024-35789 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-36974 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-40956 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-40956 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.3
  * openSUSE Leap 15.5
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise Live Patching 15-SP3
  * SUSE Linux Enterprise Live Patching 15-SP5
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP5
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5

  
  
An update that solves four vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 5.14.21-150500_55_59 fixes several issues.

The following security issues were fixed:

  * CVE-2024-35789: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN
    changes (bsc#1227320).
  * CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in
    irq_process_work_list (bsc#1228585).
  * CVE-2024-36974: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP
    (bsc#1227371).
  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-652=1

  * SUSE Linux Enterprise Live Patching 15-SP3  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-652=1

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-657=1

  * SUSE Linux Enterprise Live Patching 15-SP5  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-657=1

## Package List:

  * openSUSE Leap 15.3 (ppc64le s390x x86_64)
    * kernel-livepatch-5_3_18-150300_59_150-default-17-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_150-default-debuginfo-17-150300.2.1
    * kernel-livepatch-SLE15-SP3_Update_41-debugsource-17-150300.2.1
  * openSUSE Leap 15.3 (x86_64)
    * kernel-livepatch-5_3_18-150300_59_150-preempt-17-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_150-preempt-debuginfo-17-150300.2.1
  * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64)
    * kernel-livepatch-5_3_18-150300_59_150-default-17-150300.2.1
  * openSUSE Leap 15.5 (ppc64le s390x x86_64)
    * kernel-livepatch-5_14_21-150500_55_59-default-13-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_12-debugsource-13-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_59-default-debuginfo-13-150500.2.1
  * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64)
    * kernel-livepatch-5_14_21-150500_55_59-default-13-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_12-debugsource-13-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_59-default-debuginfo-13-150500.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-35789.html
  * https://www.suse.com/security/cve/CVE-2024-36974.html
  * https://www.suse.com/security/cve/CVE-2024-40956.html
  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1227320
  * https://bugzilla.suse.com/show_bug.cgi?id=1227371
  * https://bugzilla.suse.com/show_bug.cgi?id=1228585
  * https://bugzilla.suse.com/show_bug.cgi?id=1236783

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250224/691d5582/attachment.htm>

From null at suse.de  Mon Feb 24 08:30:25 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 24 Feb 2025 08:30:25 -0000
Subject: SUSE-SU-2025:0645-1: important: Security update for the Linux Kernel
 (Live Patch 56 for SLE 12 SP5)
Message-ID: <174038582537.8028.3467389798151803211@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 56 for SLE 12 SP5)

Announcement ID: SUSE-SU-2025:0645-1  
Release Date: 2025-02-22T05:33:42Z  
Rating: important  
References:

  * bsc#1227320
  * bsc#1227700
  * bsc#1236783

  
Cross-References:

  * CVE-2021-47511
  * CVE-2024-35789
  * CVE-2024-53104

  
CVSS scores:

  * CVE-2021-47511 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2021-47511 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-35789 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Live Patching 12-SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves three vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 4.12.14-122_216 fixes several issues.

The following security issues were fixed:

  * CVE-2024-35789: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN
    changes (bsc#1227320).
  * CVE-2021-47511: ALSA: pcm: oss: fix negative period/buffer sizes
    (bsc#1227700).
  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Live Patching 12-SP5  
    zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-645=1 SUSE-SLE-Live-
Patching-12-SP5-2025-651=1

## Package List:

  * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64)
    * kgraft-patch-4_12_14-122_201-default-13-2.1
    * kgraft-patch-4_12_14-122_216-default-11-2.1

## References:

  * https://www.suse.com/security/cve/CVE-2021-47511.html
  * https://www.suse.com/security/cve/CVE-2024-35789.html
  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1227320
  * https://bugzilla.suse.com/show_bug.cgi?id=1227700
  * https://bugzilla.suse.com/show_bug.cgi?id=1236783

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250224/77209da3/attachment.htm>

From null at suse.de  Mon Feb 24 08:30:30 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 24 Feb 2025 08:30:30 -0000
Subject: SUSE-SU-2025:0643-1: important: Security update for the Linux Kernel
 RT (Live Patch 0 for SLE 15 SP6)
Message-ID: <174038583060.8028.15550821687941733300@smelt2.prg2.suse.org>



# Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6)

Announcement ID: SUSE-SU-2025:0643-1  
Release Date: 2025-02-21T21:35:01Z  
Rating: important  
References:

  * bsc#1227320
  * bsc#1228585
  * bsc#1236783

  
Cross-References:

  * CVE-2024-35789
  * CVE-2024-40956
  * CVE-2024-53104

  
CVSS scores:

  * CVE-2024-35789 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-40956 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-40956 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Linux Enterprise Live Patching 15-SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves three vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 6.4.0-150600_8 fixes several issues.

The following security issues were fixed:

  * CVE-2024-35789: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN
    changes (bsc#1227320).
  * CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in
    irq_process_work_list (bsc#1228585).
  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Live Patching 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-643=1

## Package List:

  * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64)
    * kernel-livepatch-SLE15-SP6-RT_Update_0-debugsource-10-150600.3.1
    * kernel-livepatch-6_4_0-150600_8-rt-debuginfo-10-150600.3.1
    * kernel-livepatch-6_4_0-150600_8-rt-10-150600.3.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-35789.html
  * https://www.suse.com/security/cve/CVE-2024-40956.html
  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1227320
  * https://bugzilla.suse.com/show_bug.cgi?id=1228585
  * https://bugzilla.suse.com/show_bug.cgi?id=1236783

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250224/e675c850/attachment.htm>

From null at suse.de  Mon Feb 24 08:30:33 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 24 Feb 2025 08:30:33 -0000
Subject: SUSE-SU-2025:0650-1: important: Security update for the Linux Kernel
 RT (Live Patch 5 for SLE 15 SP6)
Message-ID: <174038583328.8028.4451618785126897153@smelt2.prg2.suse.org>



# Security update for the Linux Kernel RT (Live Patch 5 for SLE 15 SP6)

Announcement ID: SUSE-SU-2025:0650-1  
Release Date: 2025-02-22T22:03:56Z  
Rating: important  
References:

  * bsc#1236783

  
Cross-References:

  * CVE-2024-53104

  
CVSS scores:

  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.3
  * openSUSE Leap 15.5
  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise Live Patching 12-SP5
  * SUSE Linux Enterprise Live Patching 15-SP3
  * SUSE Linux Enterprise Live Patching 15-SP5
  * SUSE Linux Enterprise Live Patching 15-SP6
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for the Linux Kernel 6.4.0-150600_10_17 fixes one issue.

The following security issue was fixed:

  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Live Patching 12-SP5  
    zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-650=1 SUSE-SLE-Live-
Patching-12-SP5-2025-649=1 SUSE-SLE-Live-Patching-12-SP5-2025-646=1 SUSE-SLE-
Live-Patching-12-SP5-2025-647=1 SUSE-SLE-Live-Patching-12-SP5-2025-648=1

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-653=1

  * SUSE Linux Enterprise Live Patching 15-SP3  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-653=1

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-658=1

  * SUSE Linux Enterprise Live Patching 15-SP5  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-658=1

  * SUSE Linux Enterprise Live Patching 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-640=1 SUSE-SLE-
Module-Live-Patching-15-SP6-2025-641=1 SUSE-SLE-Module-Live-
Patching-15-SP6-2025-642=1 SUSE-SLE-Module-Live-Patching-15-SP6-2025-644=1

## Package List:

  * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64)
    * kgraft-patch-4_12_14-122_219-default-8-2.1
    * kgraft-patch-4_12_14-122_222-default-6-2.1
    * kgraft-patch-4_12_14-122_231-default-4-2.1
    * kgraft-patch-4_12_14-122_225-default-5-2.1
    * kgraft-patch-4_12_14-122_228-default-4-2.1
  * openSUSE Leap 15.3 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP3_Update_49-debugsource-4-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_179-default-debuginfo-4-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_179-default-4-150300.2.1
  * openSUSE Leap 15.3 (x86_64)
    * kernel-livepatch-5_3_18-150300_59_179-preempt-debuginfo-4-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_179-preempt-4-150300.2.1
  * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP3_Update_49-debugsource-4-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_179-default-debuginfo-4-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_179-default-4-150300.2.1
  * openSUSE Leap 15.5 (ppc64le s390x x86_64)
    * kernel-livepatch-5_14_21-150500_55_73-default-debuginfo-5-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_73-default-5-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_17-debugsource-5-150500.2.1
  * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64)
    * kernel-livepatch-5_14_21-150500_55_73-default-debuginfo-5-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_73-default-5-150500.2.1
  * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le x86_64)
    * kernel-livepatch-SLE15-SP5_Update_17-debugsource-5-150500.2.1
  * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64)
    * kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource-9-150600.2.1
    * kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo-9-150600.2.1
    * kernel-livepatch-6_4_0-150600_10_17-rt-3-150600.2.1
    * kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource-5-150600.2.1
    * kernel-livepatch-6_4_0-150600_10_5-rt-9-150600.2.1
    * kernel-livepatch-6_4_0-150600_10_14-rt-debuginfo-4-150600.2.1
    * kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource-3-150600.2.1
    * kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo-3-150600.2.1
    * kernel-livepatch-6_4_0-150600_10_14-rt-4-150600.2.1
    * kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo-5-150600.2.1
    * kernel-livepatch-SLE15-SP6-RT_Update_4-debugsource-4-150600.2.1
    * kernel-livepatch-6_4_0-150600_10_8-rt-5-150600.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236783

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250224/1e318ea0/attachment.htm>

From null at suse.de  Mon Feb 24 08:30:38 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 24 Feb 2025 08:30:38 -0000
Subject: SUSE-FU-2025:0661-1: moderate: Feature update for slurm and pdsh
Message-ID: <174038583870.8028.11737466561685158477@smelt2.prg2.suse.org>



# Feature update for slurm and pdsh

Announcement ID: SUSE-FU-2025:0661-1  
Release Date: 2025-02-24T02:11:30Z  
Rating: moderate  
References:

  * bsc#1236156
  * bsc#1236722
  * bsc#1236726
  * bsc#1236928
  * bsc#1236929

  
Cross-References:

  * CVE-2024-42511
  * CVE-2024-48936

  
CVSS scores:

  * CVE-2024-48936 ( NVD ):  5.0 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

  
Affected Products:

  * HPC Module 12
  * SUSE Linux Enterprise High Performance Computing 12 SP2
  * SUSE Linux Enterprise High Performance Computing 12 SP3
  * SUSE Linux Enterprise High Performance Computing 12 SP4
  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP2
  * SUSE Linux Enterprise Server 12 SP3
  * SUSE Linux Enterprise Server 12 SP4
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server for SAP Applications 12 SP2
  * SUSE Linux Enterprise Server for SAP Applications 12 SP3
  * SUSE Linux Enterprise Server for SAP Applications 12 SP4
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves two vulnerabilities and has three fixes can now be
installed.

## Description:

This update for slurm and pdsh fixes the following issues:

slurm was updated to version 24.11.1 using package slurm_24_11:

  * Security issues fixed:
  * CVE-2024-48936: Fixed authentication handling in stepmgr that could permit
    an attacker to execute processes under other users' jobs (bsc#1236722)
  * CVE-2024-42511: Fixed vulnerability with switch plugins where a user could
    override the isolation between Slingshot VNIs or IMEX channels (bsc#1236726)

  * Important remarks:

  * Slurm can be upgraded from version 23.02, 23.11 or 24.05 to version 24.11
    without loss of jobs or other state information. Upgrading directly from an
    earlier version of Slurm will result in loss of state information.
  * If using the `slurmdbd` (Slurm DataBase Daemon) you must update this first.
  * The 24.11 `slurmdbd` will work with Slurm daemons of version 23.02 and
    above. You will not need to update all clusters at the same time, but it is
    very important to update `slurmdbd` first and having it running before
    updating any other clusters making use of it.
  * If using a backup DBD you must start the primary first to do any database
    conversion, the backup will not start until this has happened.
  * All SPANK plugins must be recompiled when upgrading from any Slurm version
    prior to 24.11.

  * Highlights of changes:

  * Fixed issues related to the modified startup handling for slurmdbd: moved
    PID file to `/run/slurmdbd` (bsc#1236928)
  * Create slurm-owned log file on behalf of slurmdbd (bsc#1236929)
  * Added report AccountUtilizationByQOS to sreport.
  * `AccountUtilizationByUser` is able to be filtered by QOS.
  * Added autodetected gpus to the output of `slurmd -C`
  * Added ability to submit jobs with multiple QOS. These are sorted by priority
    highest being the first.
  * Removed the instant on feature from `switch/hpe_slingshot`.
  * `slurmctld` : Changed incoming RPC handling to dedicated thread pool with
    asynchronous handling of I/O that can be configured via `conmgr_*` entries
    under `SlurmctldParameters` in `slurm.conf`.

  * Configuration File Changes (see appropriate man page for details)

  * Added `SchedulerParameters=bf_allow_magnetic_slot` option. It allows jobs in
    magnetic reservations to be planned by backfill scheduler.
  * Added `TopologyParam=TopoMaxSizeUnroll=#` to allow
    `--nodes=&lt;min&gt;-&lt;max&gt;` for `topology/block`.
  * Added `DataParserParameters` `slurm.conf` parameter to allow setting default
    value for CLI `--json` and `--yaml` arguments.
  * Hardware collectives in `switch/hpe_slingshot` now requires
    `enable_stepmgr`.
  * Added connection related parameters to `slurm.conf` under
    `SlurmctldParameters`:  
`conmgr_max_connections`: Defaults to 150 connections.  
`conmgr_threads`: Defaults to 64 threads for slurmctld.  
`conmgr_use_poll`: Defaults is to use epoll in Linux.  
`conmgr_connect_timeout`: Defaults to `MessageTimeout`.  
`conmgr_read_timeout`: Defaults to `MessageTimeout`.  
`conmgr_wait_write_delay`: Defaults to `MessageTimeout`.  
`conmgr_write_timeout`: Defaults to MessageTimeout.

  * Added `SlurmctldParamters=ignore_constraint_validation` to ignore
    `constraint/feature` validation at submission.
  * Added `SchedulerParameters=bf_topopt_enable` option to enable experimental
    hook to control backfill.

  * Command Changes (see man pages for details):

  * Remove srun `--cpu-bind=rank`.
  * Add `&quot;%b&quot;` as a file name pattern for the array task id modulo 10.
  * `sacct` : Respect `--noheader` for `--batch-script` and `--env-vars`.
  * Add `sacctmgr ping` command to query status of `slurmdbd`.
  * `sbcast` : Add `--nodelist` option to specify where files are transmitted to
  * `sbcast` : Add `--no-allocation` option to transmit files to nodes outside
    of a job allocation.
  * `slurmdbd` : Add `-u` option. This is used to determine if restarting the
    DBD will result in database conversion.
  * Remove `salloc --get-user-env`.
  * `scontrol` : Add `--json`/`--yaml` support to `listpids`.
  * `scontrol` : Add `liststeps`.
  * `scontrol` : Add `listjobs`.
  * `scontrol show topo` : Show aggregated block sizes when using
    topology/block.

  * API Changes:

  * Remove `burst_buffer/lua` call `slurm.job_info_to_string()`.
  * `job_submit/lua` : Add `assoc_qos` attribute to `job_desc` to display all
    potential QOS's for a job's association.
  * `job_submit/lua` : Add `slurm.get_qos_priority()` function to retrieve the
    given QOS's priority.

  * SLURMRESTD Changes:

  * Removed fields deprecated in the Slurm-23.11 release from v0.0.42 endpoints.
  * Removed v0.0.39 plugins.
  * Set `data_parser/v0.0.42+prefer_refs` flag to default.
  * Add `data_parser/v0.0.42+minimize_refs` flag to inline single referenced
    schemas in the OpenAPI schema to get default behavior of
    `data_parser/v0.0.41`.
  * Rename v0.0.42 `JOB_INFO` field `minimum_switches` to `required_switches` to
    reflect the actual behavior.
  * Rename v0.0.42 `ACCOUNT_CONDITION` field `assocation` to `association`
    (typo).
  * Tag `slurmdb/v0.0.42/jobs pid` field deprecated.

  * For details on the changes in this version update, consult Slurm 24.11
    changelog

pdsh was updated from version 2.34 to 2.35:

  * IMPORTANT NOTE: pdsh version 2.35 is not compatible with Slurm versions
    below 20.11
  * Key changes of version 2.35:
  * Added `-d` option to log errors
  * build: use LDADD instead of LDFLAGS for libcommon.la
  * dsbak: fixed handling of empty input lines
  * ssh: fixed sshcmd_signal on macos
  * Other changes:
  * Fixed version test for munge build (bsc#1236156)
  * Dropped Slurm support for s390x and i586: Slurm no longer builds for s390x
    or 32bit
  * Implementation of package `pdsh-slurm_24_11` compatible with Slurm 24.11

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * HPC Module 12  
    zypper in -t patch SUSE-SLE-Module-HPC-12-2025-661=1

## Package List:

  * HPC Module 12 (aarch64 x86_64)
    * slurm_24_11-torque-24.11.1-3.5.3
    * pdsh-slurm_23_02-debuginfo-2.35-7.44.1
    * slurm_24_11-24.11.1-3.5.3
    * slurm_24_11-slurmdbd-24.11.1-3.5.3
    * pdsh_slurm_24_11-debugsource-2.35-7.44.4
    * pdsh-genders-2.35-7.44.1
    * libpmi0_24_11-24.11.1-3.5.3
    * pdsh_slurm_20_11-debugsource-2.35-7.44.1
    * pdsh-machines-debuginfo-2.35-7.44.1
    * slurm_24_11-auth-none-debuginfo-24.11.1-3.5.3
    * pdsh-dshgroup-2.35-7.44.1
    * pdsh_slurm_23_02-debugsource-2.35-7.44.1
    * perl-slurm_24_11-debuginfo-24.11.1-3.5.3
    * pdsh-debuginfo-2.35-7.44.1
    * slurm_24_11-sql-24.11.1-3.5.3
    * pdsh-slurm_22_05-debuginfo-2.35-7.44.1
    * libslurm42-24.11.1-3.5.3
    * slurm_24_11-pam_slurm-debuginfo-24.11.1-3.5.3
    * slurm_24_11-slurmdbd-debuginfo-24.11.1-3.5.3
    * pdsh-genders-debuginfo-2.35-7.44.1
    * libslurm42-debuginfo-24.11.1-3.5.3
    * slurm_24_11-cray-24.11.1-3.5.3
    * pdsh-slurm_23_02-2.35-7.44.1
    * slurm_24_11-auth-none-24.11.1-3.5.3
    * pdsh-slurm_22_05-2.35-7.44.1
    * slurm_24_11-pam_slurm-24.11.1-3.5.3
    * slurm_24_11-node-debuginfo-24.11.1-3.5.3
    * slurm_24_11-devel-24.11.1-3.5.3
    * pdsh-slurm_20_11-2.35-7.44.1
    * libnss_slurm2_24_11-24.11.1-3.5.3
    * pdsh-debugsource-2.35-7.44.1
    * slurm_24_11-sql-debuginfo-24.11.1-3.5.3
    * slurm_24_11-sview-24.11.1-3.5.3
    * slurm_24_11-torque-debuginfo-24.11.1-3.5.3
    * slurm_24_11-lua-debuginfo-24.11.1-3.5.3
    * pdsh-2.35-7.44.1
    * pdsh-machines-2.35-7.44.1
    * pdsh-netgroup-2.35-7.44.1
    * slurm_24_11-lua-24.11.1-3.5.3
    * slurm_24_11-node-24.11.1-3.5.3
    * libnss_slurm2_24_11-debuginfo-24.11.1-3.5.3
    * perl-slurm_24_11-24.11.1-3.5.3
    * libpmi0_24_11-debuginfo-24.11.1-3.5.3
    * slurm_24_11-plugins-24.11.1-3.5.3
    * slurm_24_11-plugins-debuginfo-24.11.1-3.5.3
    * pdsh-dshgroup-debuginfo-2.35-7.44.1
    * pdsh-slurm_24_11-2.35-7.44.4
    * pdsh-slurm_20_11-debuginfo-2.35-7.44.1
    * slurm_24_11-sview-debuginfo-24.11.1-3.5.3
    * pdsh-netgroup-debuginfo-2.35-7.44.1
    * pdsh_slurm_22_05-debugsource-2.35-7.44.1
    * pdsh-slurm_24_11-debuginfo-2.35-7.44.4
    * slurm_24_11-debuginfo-24.11.1-3.5.3
    * slurm_24_11-munge-24.11.1-3.5.3
    * slurm_24_11-munge-debuginfo-24.11.1-3.5.3
  * HPC Module 12 (noarch)
    * slurm_24_11-config-24.11.1-3.5.3
    * slurm_24_11-webdoc-24.11.1-3.5.3
    * slurm_24_11-doc-24.11.1-3.5.3
    * slurm_24_11-config-man-24.11.1-3.5.3

## References:

  * https://www.suse.com/security/cve/CVE-2024-42511.html
  * https://www.suse.com/security/cve/CVE-2024-48936.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236156
  * https://bugzilla.suse.com/show_bug.cgi?id=1236722
  * https://bugzilla.suse.com/show_bug.cgi?id=1236726
  * https://bugzilla.suse.com/show_bug.cgi?id=1236928
  * https://bugzilla.suse.com/show_bug.cgi?id=1236929

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250224/1f653acb/attachment.htm>

From null at suse.de  Mon Feb 24 08:30:43 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 24 Feb 2025 08:30:43 -0000
Subject: SUSE-FU-2025:0660-1: moderate: Feature update for slurm and pdsh
Message-ID: <174038584339.8028.14226282695717594522@smelt2.prg2.suse.org>



# Feature update for slurm and pdsh

Announcement ID: SUSE-FU-2025:0660-1  
Release Date: 2025-02-24T02:10:50Z  
Rating: moderate  
References:

  * bsc#1236722
  * bsc#1236726
  * bsc#1236928
  * bsc#1236929

  
Cross-References:

  * CVE-2024-42511
  * CVE-2024-48936

  
CVSS scores:

  * CVE-2024-48936 ( NVD ):  5.0 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

  
Affected Products:

  * HPC Module 15-SP6
  * openSUSE Leap 15.3
  * openSUSE Leap 15.5
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Package Hub 15 15-SP6

  
  
An update that solves two vulnerabilities and has two fixes can now be
installed.

## Description:

This update for slurm and pdsh fixes the following issues:

slurm was updated to version 24.11.1 using package slurm_24_11:

  * Security issues fixed:
  * CVE-2024-48936: Fixed authentication handling in stepmgr that could permit
    an attacker to execute processes under other users' jobs (bsc#1236722)
  * CVE-2024-42511: Fixed vulnerability with switch plugins where a user could
    override the isolation between Slingshot VNIs or IMEX channels (bsc#1236726)

  * Important remarks:

  * Slurm can be upgraded from version 23.02, 23.11 or 24.05 to version 24.11
    without loss of jobs or other state information. Upgrading directly from an
    earlier version of Slurm will result in loss of state information.
  * If using the `slurmdbd` (Slurm DataBase Daemon) you must update this first.
  * The 24.11 `slurmdbd` will work with Slurm daemons of version 23.02 and
    above. You will not need to update all clusters at the same time, but it is
    very important to update `slurmdbd` first and having it running before
    updating any other clusters making use of it.
  * If using a backup DBD you must start the primary first to do any database
    conversion, the backup will not start until this has happened.
  * All SPANK plugins must be recompiled when upgrading from any Slurm version
    prior to 24.11.

  * Highlights of changes:

  * Fixed issues related to the modified startup handling for slurmdbd: moved
    PID file to `/run/slurmdbd` (bsc#1236928)
  * Create slurm-owned log file on behalf of slurmdbd (bsc#1236929)
  * Added report AccountUtilizationByQOS to sreport.
  * `AccountUtilizationByUser` is able to be filtered by QOS.
  * Added autodetected gpus to the output of `slurmd -C`
  * Added ability to submit jobs with multiple QOS. These are sorted by priority
    highest being the first.
  * Removed the instant on feature from `switch/hpe_slingshot`.
  * `slurmctld` : Changed incoming RPC handling to dedicated thread pool with
    asynchronous handling of I/O that can be configured via `conmgr_*` entries
    under `SlurmctldParameters` in `slurm.conf`.

  * Configuration File Changes (see appropriate man page for details)

  * Added `SchedulerParameters=bf_allow_magnetic_slot` option. It allows jobs in
    magnetic reservations to be planned by backfill scheduler.
  * Added `TopologyParam=TopoMaxSizeUnroll=#` to allow
    `--nodes=&lt;min&gt;-&lt;max&gt;` for `topology/block`.
  * Added `DataParserParameters` `slurm.conf` parameter to allow setting default
    value for CLI `--json` and `--yaml` arguments.
  * Hardware collectives in `switch/hpe_slingshot` now requires
    `enable_stepmgr`.
  * Added connection related parameters to `slurm.conf` under
    `SlurmctldParameters`:  
`conmgr_max_connections`: Defaults to 150 connections.  
`conmgr_threads`: Defaults to 64 threads for slurmctld.  
`conmgr_use_poll`: Defaults is to use epoll in Linux.  
`conmgr_connect_timeout`: Defaults to `MessageTimeout`.  
`conmgr_read_timeout`: Defaults to `MessageTimeout`.  
`conmgr_wait_write_delay`: Defaults to `MessageTimeout`.  
`conmgr_write_timeout`: Defaults to MessageTimeout.

  * Added `SlurmctldParamters=ignore_constraint_validation` to ignore
    `constraint/feature` validation at submission.
  * Added `SchedulerParameters=bf_topopt_enable` option to enable experimental
    hook to control backfill.

  * Command Changes (see man pages for details):

  * Remove srun `--cpu-bind=rank`.
  * Add `&quot;%b&quot;` as a file name pattern for the array task id modulo 10.
  * `sacct` : Respect `--noheader` for `--batch-script` and `--env-vars`.
  * Add `sacctmgr ping` command to query status of `slurmdbd`.
  * `sbcast` : Add `--nodelist` option to specify where files are transmitted to
  * `sbcast` : Add `--no-allocation` option to transmit files to nodes outside
    of a job allocation.
  * `slurmdbd` : Add `-u` option. This is used to determine if restarting the
    DBD will result in database conversion.
  * Remove `salloc --get-user-env`.
  * `scontrol` : Add `--json`/`--yaml` support to `listpids`.
  * `scontrol` : Add `liststeps`.
  * `scontrol` : Add `listjobs`.
  * `scontrol show topo` : Show aggregated block sizes when using
    topology/block.

  * API Changes:

  * Remove `burst_buffer/lua` call `slurm.job_info_to_string()`.
  * `job_submit/lua` : Add `assoc_qos` attribute to `job_desc` to display all
    potential QOS's for a job's association.
  * `job_submit/lua` : Add `slurm.get_qos_priority()` function to retrieve the
    given QOS's priority.

  * SLURMRESTD Changes:

  * Removed fields deprecated in the Slurm-23.11 release from v0.0.42 endpoints.
  * Removed v0.0.39 plugins.
  * Set `data_parser/v0.0.42+prefer_refs` flag to default.
  * Add `data_parser/v0.0.42+minimize_refs` flag to inline single referenced
    schemas in the OpenAPI schema to get default behavior of
    `data_parser/v0.0.41`.
  * Rename v0.0.42 `JOB_INFO` field `minimum_switches` to `required_switches` to
    reflect the actual behavior.
  * Rename v0.0.42 `ACCOUNT_CONDITION` field `assocation` to `association`
    (typo).
  * Tag `slurmdb/v0.0.42/jobs pid` field deprecated.

  * For details on the changes in this version update, consult Slurm 24.11
    changelog

pdsh:

  * Fix version test for munge build (bsc#1236156)
  * Dropped Slurm support for s390x and i586: Slurm no longer builds for s390x
    or 32bit
  * Implementation of package `pdsh-slurm_24_11` compatible with Slurm 24.11

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-660=1

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-660=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-660=1

  * HPC Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-HPC-15-SP6-2025-660=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-660=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-660=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-660=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-660=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-660=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-660=1

## Package List:

  * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
    * pdsh-netgroup-debuginfo-2.35-150300.54.3
    * pdsh-dshgroup-debuginfo-2.35-150300.54.3
    * pdsh-machines-debuginfo-2.35-150300.54.3
    * pdsh-debugsource-2.35-150300.54.3
    * pdsh-machines-2.35-150300.54.3
    * pdsh-netgroup-2.35-150300.54.3
    * pdsh-genders-2.35-150300.54.3
    * pdsh-genders-debuginfo-2.35-150300.54.3
    * pdsh-debuginfo-2.35-150300.54.3
    * pdsh-2.35-150300.54.3
    * pdsh-dshgroup-2.35-150300.54.3
  * openSUSE Leap 15.3 (aarch64 ppc64le x86_64)
    * pdsh-slurm_23_02-debuginfo-2.35-150300.54.3
    * pdsh-slurm_23_02-2.35-150300.54.3
    * pdsh-slurm_24_11-debuginfo-2.35-150300.54.2
    * pdsh_slurm_24_11-debugsource-2.35-150300.54.2
    * pdsh_slurm_22_05-debugsource-2.35-150300.54.3
    * pdsh-slurm-debuginfo-2.35-150300.54.3
    * pdsh_slurm_23_02-debugsource-2.35-150300.54.3
    * pdsh-slurm_22_05-2.35-150300.54.3
    * pdsh-slurm_24_11-2.35-150300.54.2
    * pdsh-slurm_22_05-debuginfo-2.35-150300.54.3
    * pdsh-slurm-2.35-150300.54.3
  * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64)
    * slurm_24_11-pam_slurm-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-node-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-cray-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-hdf5-24.11.1-150300.7.5.1
    * libpmi0_24_11-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-node-24.11.1-150300.7.5.1
    * slurm_24_11-auth-none-debuginfo-24.11.1-150300.7.5.1
    * libslurm42-24.11.1-150300.7.5.1
    * slurm_24_11-rest-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-testsuite-24.11.1-150300.7.5.1
    * slurm_24_11-torque-24.11.1-150300.7.5.1
    * slurm_24_11-rest-24.11.1-150300.7.5.1
    * perl-slurm_24_11-24.11.1-150300.7.5.1
    * libpmi0_24_11-24.11.1-150300.7.5.1
    * slurm_24_11-munge-24.11.1-150300.7.5.1
    * slurm_24_11-cray-24.11.1-150300.7.5.1
    * slurm_24_11-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-plugins-24.11.1-150300.7.5.1
    * libslurm42-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-sql-24.11.1-150300.7.5.1
    * slurm_24_11-pam_slurm-24.11.1-150300.7.5.1
    * slurm_24_11-torque-debuginfo-24.11.1-150300.7.5.1
    * perl-slurm_24_11-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-lua-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-24.11.1-150300.7.5.1
    * slurm_24_11-devel-24.11.1-150300.7.5.1
    * slurm_24_11-slurmdbd-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-munge-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-plugins-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-sql-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-auth-none-24.11.1-150300.7.5.1
    * slurm_24_11-lua-24.11.1-150300.7.5.1
    * slurm_24_11-slurmdbd-24.11.1-150300.7.5.1
    * slurm_24_11-sview-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-debugsource-24.11.1-150300.7.5.1
    * slurm_24_11-hdf5-debuginfo-24.11.1-150300.7.5.1
    * libnss_slurm2_24_11-24.11.1-150300.7.5.1
    * slurm_24_11-sview-24.11.1-150300.7.5.1
    * libnss_slurm2_24_11-debuginfo-24.11.1-150300.7.5.1
  * openSUSE Leap 15.3 (noarch)
    * slurm_24_11-config-man-24.11.1-150300.7.5.1
    * slurm_24_11-openlava-24.11.1-150300.7.5.1
    * slurm_24_11-seff-24.11.1-150300.7.5.1
    * slurm_24_11-sjstat-24.11.1-150300.7.5.1
    * slurm_24_11-webdoc-24.11.1-150300.7.5.1
    * slurm_24_11-config-24.11.1-150300.7.5.1
    * slurm_24_11-doc-24.11.1-150300.7.5.1
  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
    * pdsh-debuginfo-2.35-150500.46.6.3
    * pdsh-debugsource-2.35-150500.46.6.3
    * pdsh-genders-debuginfo-2.35-150500.46.6.3
    * pdsh-dshgroup-debuginfo-2.35-150500.46.6.3
    * pdsh-netgroup-debuginfo-2.35-150500.46.6.3
    * pdsh-machines-2.35-150500.46.6.3
    * pdsh-netgroup-2.35-150500.46.6.3
    * pdsh-dshgroup-2.35-150500.46.6.3
    * pdsh-2.35-150500.46.6.3
    * pdsh-machines-debuginfo-2.35-150500.46.6.3
    * pdsh-genders-2.35-150500.46.6.3
  * openSUSE Leap 15.5 (aarch64 ppc64le x86_64)
    * pdsh-slurm_24_11-2.35-150500.46.6.2
    * pdsh-slurm-debuginfo-2.35-150500.46.6.3
    * pdsh_slurm_24_11-debugsource-2.35-150500.46.6.2
    * pdsh-slurm_24_11-debuginfo-2.35-150500.46.6.2
    * pdsh-slurm-2.35-150500.46.6.3
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * slurm_24_11-pam_slurm-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-node-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-cray-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-hdf5-24.11.1-150300.7.5.1
    * pdsh-dshgroup-debuginfo-2.35-150500.46.6.3
    * libpmi0_24_11-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-node-24.11.1-150300.7.5.1
    * pdsh-debuginfo-2.35-150500.46.6.3
    * pdsh-genders-debuginfo-2.35-150500.46.6.3
    * slurm_24_11-auth-none-debuginfo-24.11.1-150300.7.5.1
    * libslurm42-24.11.1-150300.7.5.1
    * slurm_24_11-rest-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-testsuite-24.11.1-150300.7.5.1
    * pdsh-dshgroup-2.35-150500.46.6.3
    * slurm_24_11-torque-24.11.1-150300.7.5.1
    * slurm_24_11-rest-24.11.1-150300.7.5.1
    * perl-slurm_24_11-24.11.1-150300.7.5.1
    * libpmi0_24_11-24.11.1-150300.7.5.1
    * slurm_24_11-munge-24.11.1-150300.7.5.1
    * slurm_24_11-hdf5-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-cray-24.11.1-150300.7.5.1
    * slurm_24_11-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-plugins-24.11.1-150300.7.5.1
    * libslurm42-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-sql-24.11.1-150300.7.5.1
    * slurm_24_11-pam_slurm-24.11.1-150300.7.5.1
    * pdsh-netgroup-debuginfo-2.35-150500.46.6.3
    * pdsh-machines-2.35-150500.46.6.3
    * slurm_24_11-torque-debuginfo-24.11.1-150300.7.5.1
    * perl-slurm_24_11-debuginfo-24.11.1-150300.7.5.1
    * pdsh-2.35-150500.46.6.3
    * slurm_24_11-lua-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-24.11.1-150300.7.5.1
    * slurm_24_11-devel-24.11.1-150300.7.5.1
    * slurm_24_11-slurmdbd-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-munge-debuginfo-24.11.1-150300.7.5.1
    * pdsh-debugsource-2.35-150500.46.6.3
    * slurm_24_11-plugins-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-sql-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-auth-none-24.11.1-150300.7.5.1
    * slurm_24_11-lua-24.11.1-150300.7.5.1
    * slurm_24_11-slurmdbd-24.11.1-150300.7.5.1
    * slurm_24_11-sview-debuginfo-24.11.1-150300.7.5.1
    * pdsh-netgroup-2.35-150500.46.6.3
    * slurm_24_11-debugsource-24.11.1-150300.7.5.1
    * pdsh-machines-debuginfo-2.35-150500.46.6.3
    * libnss_slurm2_24_11-24.11.1-150300.7.5.1
    * pdsh-genders-2.35-150500.46.6.3
    * slurm_24_11-sview-24.11.1-150300.7.5.1
    * libnss_slurm2_24_11-debuginfo-24.11.1-150300.7.5.1
  * openSUSE Leap 15.6 (aarch64 ppc64le x86_64)
    * pdsh-slurm_23_02-debuginfo-2.35-150300.54.3
    * pdsh-slurm_23_02-2.35-150300.54.3
    * pdsh-slurm_24_11-2.35-150500.46.6.2
    * pdsh_slurm_22_05-debugsource-2.35-150300.54.3
    * pdsh_slurm_23_02-debugsource-2.35-150300.54.3
    * pdsh_slurm_24_11-debugsource-2.35-150500.46.6.2
    * pdsh-slurm_22_05-2.35-150300.54.3
    * pdsh-slurm_24_11-debuginfo-2.35-150500.46.6.2
    * pdsh-slurm_22_05-debuginfo-2.35-150300.54.3
  * openSUSE Leap 15.6 (noarch)
    * slurm_24_11-config-man-24.11.1-150300.7.5.1
    * slurm_24_11-openlava-24.11.1-150300.7.5.1
    * slurm_24_11-seff-24.11.1-150300.7.5.1
    * slurm_24_11-sjstat-24.11.1-150300.7.5.1
    * slurm_24_11-webdoc-24.11.1-150300.7.5.1
    * slurm_24_11-config-24.11.1-150300.7.5.1
    * slurm_24_11-doc-24.11.1-150300.7.5.1
  * HPC Module 15-SP6 (aarch64 x86_64)
    * slurm_24_11-pam_slurm-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-node-debuginfo-24.11.1-150300.7.5.1
    * pdsh-slurm_24_11-2.35-150500.46.6.2
    * pdsh-dshgroup-debuginfo-2.35-150500.46.6.3
    * pdsh-slurm_24_11-debuginfo-2.35-150500.46.6.2
    * libpmi0_24_11-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-node-24.11.1-150300.7.5.1
    * pdsh-debuginfo-2.35-150500.46.6.3
    * pdsh-genders-debuginfo-2.35-150500.46.6.3
    * slurm_24_11-auth-none-debuginfo-24.11.1-150300.7.5.1
    * libslurm42-24.11.1-150300.7.5.1
    * slurm_24_11-rest-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-torque-24.11.1-150300.7.5.1
    * pdsh-dshgroup-2.35-150500.46.6.3
    * slurm_24_11-rest-24.11.1-150300.7.5.1
    * perl-slurm_24_11-24.11.1-150300.7.5.1
    * libpmi0_24_11-24.11.1-150300.7.5.1
    * slurm_24_11-munge-24.11.1-150300.7.5.1
    * slurm_24_11-hdf5-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-cray-24.11.1-150300.7.5.1
    * slurm_24_11-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-plugins-24.11.1-150300.7.5.1
    * libslurm42-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-sql-24.11.1-150300.7.5.1
    * slurm_24_11-pam_slurm-24.11.1-150300.7.5.1
    * pdsh_slurm_24_11-debugsource-2.35-150500.46.6.2
    * pdsh-netgroup-debuginfo-2.35-150500.46.6.3
    * pdsh-machines-2.35-150500.46.6.3
    * slurm_24_11-torque-debuginfo-24.11.1-150300.7.5.1
    * perl-slurm_24_11-debuginfo-24.11.1-150300.7.5.1
    * pdsh-2.35-150500.46.6.3
    * slurm_24_11-lua-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-24.11.1-150300.7.5.1
    * slurm_24_11-devel-24.11.1-150300.7.5.1
    * slurm_24_11-slurmdbd-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-munge-debuginfo-24.11.1-150300.7.5.1
    * pdsh-debugsource-2.35-150500.46.6.3
    * slurm_24_11-plugins-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-sql-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-auth-none-24.11.1-150300.7.5.1
    * slurm_24_11-lua-24.11.1-150300.7.5.1
    * slurm_24_11-slurmdbd-24.11.1-150300.7.5.1
    * slurm_24_11-sview-debuginfo-24.11.1-150300.7.5.1
    * pdsh-netgroup-2.35-150500.46.6.3
    * pdsh-machines-debuginfo-2.35-150500.46.6.3
    * libnss_slurm2_24_11-24.11.1-150300.7.5.1
    * pdsh-genders-2.35-150500.46.6.3
    * slurm_24_11-sview-24.11.1-150300.7.5.1
    * libnss_slurm2_24_11-debuginfo-24.11.1-150300.7.5.1
  * HPC Module 15-SP6 (noarch)
    * slurm_24_11-config-man-24.11.1-150300.7.5.1
    * slurm_24_11-webdoc-24.11.1-150300.7.5.1
    * slurm_24_11-config-24.11.1-150300.7.5.1
    * slurm_24_11-doc-24.11.1-150300.7.5.1
  * SUSE Package Hub 15 15-SP6 (ppc64le s390x)
    * pdsh-debuginfo-2.35-150500.46.6.3
    * pdsh-debugsource-2.35-150500.46.6.3
    * pdsh-genders-debuginfo-2.35-150500.46.6.3
    * pdsh-dshgroup-debuginfo-2.35-150500.46.6.3
    * pdsh-netgroup-debuginfo-2.35-150500.46.6.3
    * pdsh-machines-2.35-150500.46.6.3
    * pdsh-netgroup-2.35-150500.46.6.3
    * pdsh-dshgroup-2.35-150500.46.6.3
    * pdsh-2.35-150500.46.6.3
    * pdsh-machines-debuginfo-2.35-150500.46.6.3
    * pdsh-genders-2.35-150500.46.6.3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * pdsh-slurm_23_02-2.35-150300.54.3
    * slurm_24_11-pam_slurm-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-node-debuginfo-24.11.1-150300.7.5.1
    * pdsh-debugsource-2.35-150300.54.3
    * libpmi0_24_11-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-node-24.11.1-150300.7.5.1
    * pdsh-slurm-2.35-150300.54.3
    * pdsh-slurm_24_11-debuginfo-2.35-150300.54.2
    * slurm_24_11-auth-none-debuginfo-24.11.1-150300.7.5.1
    * libslurm42-24.11.1-150300.7.5.1
    * pdsh-machines-2.35-150300.54.3
    * pdsh-netgroup-2.35-150300.54.3
    * slurm_24_11-rest-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-torque-24.11.1-150300.7.5.1
    * slurm_24_11-rest-24.11.1-150300.7.5.1
    * perl-slurm_24_11-24.11.1-150300.7.5.1
    * pdsh-slurm_24_11-2.35-150300.54.2
    * libpmi0_24_11-24.11.1-150300.7.5.1
    * pdsh-2.35-150300.54.3
    * slurm_24_11-munge-24.11.1-150300.7.5.1
    * slurm_24_11-cray-24.11.1-150300.7.5.1
    * pdsh-slurm_23_02-debuginfo-2.35-150300.54.3
    * pdsh-dshgroup-debuginfo-2.35-150300.54.3
    * slurm_24_11-debuginfo-24.11.1-150300.7.5.1
    * libslurm42-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-plugins-24.11.1-150300.7.5.1
    * slurm_24_11-sql-24.11.1-150300.7.5.1
    * slurm_24_11-pam_slurm-24.11.1-150300.7.5.1
    * slurm_24_11-torque-debuginfo-24.11.1-150300.7.5.1
    * perl-slurm_24_11-debuginfo-24.11.1-150300.7.5.1
    * pdsh-debuginfo-2.35-150300.54.3
    * slurm_24_11-lua-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-24.11.1-150300.7.5.1
    * pdsh-dshgroup-2.35-150300.54.3
    * slurm_24_11-devel-24.11.1-150300.7.5.1
    * slurm_24_11-slurmdbd-debuginfo-24.11.1-150300.7.5.1
    * pdsh-netgroup-debuginfo-2.35-150300.54.3
    * slurm_24_11-munge-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-plugins-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-sql-debuginfo-24.11.1-150300.7.5.1
    * pdsh-machines-debuginfo-2.35-150300.54.3
    * slurm_24_11-auth-none-24.11.1-150300.7.5.1
    * pdsh_slurm_22_05-debugsource-2.35-150300.54.3
    * pdsh-slurm-debuginfo-2.35-150300.54.3
    * slurm_24_11-lua-24.11.1-150300.7.5.1
    * slurm_24_11-slurmdbd-24.11.1-150300.7.5.1
    * slurm_24_11-sview-debuginfo-24.11.1-150300.7.5.1
    * pdsh-genders-2.35-150300.54.3
    * pdsh-genders-debuginfo-2.35-150300.54.3
    * pdsh-slurm_22_05-2.35-150300.54.3
    * slurm_24_11-hdf5-debuginfo-24.11.1-150300.7.5.1
    * libnss_slurm2_24_11-24.11.1-150300.7.5.1
    * pdsh-slurm_22_05-debuginfo-2.35-150300.54.3
    * slurm_24_11-sview-24.11.1-150300.7.5.1
    * libnss_slurm2_24_11-debuginfo-24.11.1-150300.7.5.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * slurm_24_11-config-man-24.11.1-150300.7.5.1
    * slurm_24_11-webdoc-24.11.1-150300.7.5.1
    * slurm_24_11-config-24.11.1-150300.7.5.1
    * slurm_24_11-doc-24.11.1-150300.7.5.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * pdsh-slurm_23_02-2.35-150300.54.3
    * slurm_24_11-pam_slurm-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-node-debuginfo-24.11.1-150300.7.5.1
    * pdsh-debugsource-2.35-150300.54.3
    * libpmi0_24_11-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-node-24.11.1-150300.7.5.1
    * pdsh-slurm-2.35-150300.54.3
    * pdsh-slurm_24_11-debuginfo-2.35-150300.54.2
    * slurm_24_11-auth-none-debuginfo-24.11.1-150300.7.5.1
    * libslurm42-24.11.1-150300.7.5.1
    * pdsh-machines-2.35-150300.54.3
    * pdsh-netgroup-2.35-150300.54.3
    * slurm_24_11-rest-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-torque-24.11.1-150300.7.5.1
    * slurm_24_11-rest-24.11.1-150300.7.5.1
    * perl-slurm_24_11-24.11.1-150300.7.5.1
    * pdsh-slurm_24_11-2.35-150300.54.2
    * libpmi0_24_11-24.11.1-150300.7.5.1
    * pdsh-2.35-150300.54.3
    * slurm_24_11-munge-24.11.1-150300.7.5.1
    * slurm_24_11-cray-24.11.1-150300.7.5.1
    * pdsh-slurm_23_02-debuginfo-2.35-150300.54.3
    * pdsh-dshgroup-debuginfo-2.35-150300.54.3
    * slurm_24_11-debuginfo-24.11.1-150300.7.5.1
    * libslurm42-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-plugins-24.11.1-150300.7.5.1
    * slurm_24_11-sql-24.11.1-150300.7.5.1
    * slurm_24_11-pam_slurm-24.11.1-150300.7.5.1
    * slurm_24_11-torque-debuginfo-24.11.1-150300.7.5.1
    * perl-slurm_24_11-debuginfo-24.11.1-150300.7.5.1
    * pdsh-debuginfo-2.35-150300.54.3
    * slurm_24_11-lua-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-24.11.1-150300.7.5.1
    * pdsh-dshgroup-2.35-150300.54.3
    * slurm_24_11-devel-24.11.1-150300.7.5.1
    * slurm_24_11-slurmdbd-debuginfo-24.11.1-150300.7.5.1
    * pdsh-netgroup-debuginfo-2.35-150300.54.3
    * slurm_24_11-munge-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-plugins-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-sql-debuginfo-24.11.1-150300.7.5.1
    * pdsh-machines-debuginfo-2.35-150300.54.3
    * slurm_24_11-auth-none-24.11.1-150300.7.5.1
    * pdsh_slurm_22_05-debugsource-2.35-150300.54.3
    * pdsh-slurm-debuginfo-2.35-150300.54.3
    * slurm_24_11-lua-24.11.1-150300.7.5.1
    * slurm_24_11-slurmdbd-24.11.1-150300.7.5.1
    * slurm_24_11-sview-debuginfo-24.11.1-150300.7.5.1
    * pdsh-genders-2.35-150300.54.3
    * pdsh-genders-debuginfo-2.35-150300.54.3
    * pdsh-slurm_22_05-2.35-150300.54.3
    * slurm_24_11-hdf5-debuginfo-24.11.1-150300.7.5.1
    * libnss_slurm2_24_11-24.11.1-150300.7.5.1
    * pdsh-slurm_22_05-debuginfo-2.35-150300.54.3
    * slurm_24_11-sview-24.11.1-150300.7.5.1
    * libnss_slurm2_24_11-debuginfo-24.11.1-150300.7.5.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * slurm_24_11-config-man-24.11.1-150300.7.5.1
    * slurm_24_11-webdoc-24.11.1-150300.7.5.1
    * slurm_24_11-config-24.11.1-150300.7.5.1
    * slurm_24_11-doc-24.11.1-150300.7.5.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * pdsh-slurm_23_02-2.35-150300.54.3
    * slurm_24_11-pam_slurm-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-node-debuginfo-24.11.1-150300.7.5.1
    * pdsh-debugsource-2.35-150300.54.3
    * libpmi0_24_11-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-node-24.11.1-150300.7.5.1
    * pdsh-slurm-2.35-150300.54.3
    * pdsh-slurm_24_11-debuginfo-2.35-150300.54.2
    * slurm_24_11-auth-none-debuginfo-24.11.1-150300.7.5.1
    * libslurm42-24.11.1-150300.7.5.1
    * pdsh-machines-2.35-150300.54.3
    * pdsh-netgroup-2.35-150300.54.3
    * slurm_24_11-rest-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-torque-24.11.1-150300.7.5.1
    * slurm_24_11-rest-24.11.1-150300.7.5.1
    * perl-slurm_24_11-24.11.1-150300.7.5.1
    * pdsh-slurm_24_11-2.35-150300.54.2
    * libpmi0_24_11-24.11.1-150300.7.5.1
    * pdsh-2.35-150300.54.3
    * slurm_24_11-munge-24.11.1-150300.7.5.1
    * slurm_24_11-cray-24.11.1-150300.7.5.1
    * pdsh-slurm_23_02-debuginfo-2.35-150300.54.3
    * pdsh-dshgroup-debuginfo-2.35-150300.54.3
    * slurm_24_11-debuginfo-24.11.1-150300.7.5.1
    * libslurm42-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-plugins-24.11.1-150300.7.5.1
    * slurm_24_11-sql-24.11.1-150300.7.5.1
    * slurm_24_11-pam_slurm-24.11.1-150300.7.5.1
    * slurm_24_11-torque-debuginfo-24.11.1-150300.7.5.1
    * perl-slurm_24_11-debuginfo-24.11.1-150300.7.5.1
    * pdsh-debuginfo-2.35-150300.54.3
    * slurm_24_11-lua-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-24.11.1-150300.7.5.1
    * pdsh-dshgroup-2.35-150300.54.3
    * slurm_24_11-devel-24.11.1-150300.7.5.1
    * slurm_24_11-slurmdbd-debuginfo-24.11.1-150300.7.5.1
    * pdsh-netgroup-debuginfo-2.35-150300.54.3
    * slurm_24_11-munge-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-plugins-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-sql-debuginfo-24.11.1-150300.7.5.1
    * pdsh-machines-debuginfo-2.35-150300.54.3
    * slurm_24_11-auth-none-24.11.1-150300.7.5.1
    * pdsh_slurm_22_05-debugsource-2.35-150300.54.3
    * pdsh-slurm-debuginfo-2.35-150300.54.3
    * slurm_24_11-lua-24.11.1-150300.7.5.1
    * slurm_24_11-slurmdbd-24.11.1-150300.7.5.1
    * slurm_24_11-sview-debuginfo-24.11.1-150300.7.5.1
    * pdsh-genders-2.35-150300.54.3
    * pdsh-genders-debuginfo-2.35-150300.54.3
    * pdsh-slurm_22_05-2.35-150300.54.3
    * slurm_24_11-hdf5-debuginfo-24.11.1-150300.7.5.1
    * libnss_slurm2_24_11-24.11.1-150300.7.5.1
    * pdsh-slurm_22_05-debuginfo-2.35-150300.54.3
    * slurm_24_11-sview-24.11.1-150300.7.5.1
    * libnss_slurm2_24_11-debuginfo-24.11.1-150300.7.5.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * slurm_24_11-config-man-24.11.1-150300.7.5.1
    * slurm_24_11-webdoc-24.11.1-150300.7.5.1
    * slurm_24_11-config-24.11.1-150300.7.5.1
    * slurm_24_11-doc-24.11.1-150300.7.5.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * slurm_24_11-pam_slurm-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-node-debuginfo-24.11.1-150300.7.5.1
    * pdsh-slurm_24_11-2.35-150500.46.6.2
    * pdsh-dshgroup-debuginfo-2.35-150500.46.6.3
    * pdsh-slurm_24_11-debuginfo-2.35-150500.46.6.2
    * libpmi0_24_11-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-node-24.11.1-150300.7.5.1
    * pdsh-debuginfo-2.35-150500.46.6.3
    * pdsh-genders-debuginfo-2.35-150500.46.6.3
    * slurm_24_11-auth-none-debuginfo-24.11.1-150300.7.5.1
    * libslurm42-24.11.1-150300.7.5.1
    * slurm_24_11-rest-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-torque-24.11.1-150300.7.5.1
    * pdsh-dshgroup-2.35-150500.46.6.3
    * slurm_24_11-rest-24.11.1-150300.7.5.1
    * perl-slurm_24_11-24.11.1-150300.7.5.1
    * libpmi0_24_11-24.11.1-150300.7.5.1
    * slurm_24_11-munge-24.11.1-150300.7.5.1
    * slurm_24_11-hdf5-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-cray-24.11.1-150300.7.5.1
    * slurm_24_11-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-plugins-24.11.1-150300.7.5.1
    * libslurm42-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-sql-24.11.1-150300.7.5.1
    * slurm_24_11-pam_slurm-24.11.1-150300.7.5.1
    * pdsh_slurm_24_11-debugsource-2.35-150500.46.6.2
    * pdsh-netgroup-debuginfo-2.35-150500.46.6.3
    * pdsh-machines-2.35-150500.46.6.3
    * slurm_24_11-torque-debuginfo-24.11.1-150300.7.5.1
    * perl-slurm_24_11-debuginfo-24.11.1-150300.7.5.1
    * pdsh-2.35-150500.46.6.3
    * slurm_24_11-lua-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-24.11.1-150300.7.5.1
    * slurm_24_11-devel-24.11.1-150300.7.5.1
    * slurm_24_11-slurmdbd-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-munge-debuginfo-24.11.1-150300.7.5.1
    * pdsh-debugsource-2.35-150500.46.6.3
    * slurm_24_11-plugins-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-sql-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-auth-none-24.11.1-150300.7.5.1
    * slurm_24_11-lua-24.11.1-150300.7.5.1
    * slurm_24_11-slurmdbd-24.11.1-150300.7.5.1
    * slurm_24_11-sview-debuginfo-24.11.1-150300.7.5.1
    * pdsh-netgroup-2.35-150500.46.6.3
    * pdsh-machines-debuginfo-2.35-150500.46.6.3
    * libnss_slurm2_24_11-24.11.1-150300.7.5.1
    * pdsh-genders-2.35-150500.46.6.3
    * slurm_24_11-sview-24.11.1-150300.7.5.1
    * libnss_slurm2_24_11-debuginfo-24.11.1-150300.7.5.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * slurm_24_11-config-man-24.11.1-150300.7.5.1
    * slurm_24_11-webdoc-24.11.1-150300.7.5.1
    * slurm_24_11-config-24.11.1-150300.7.5.1
    * slurm_24_11-doc-24.11.1-150300.7.5.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * slurm_24_11-pam_slurm-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-node-debuginfo-24.11.1-150300.7.5.1
    * pdsh-slurm_24_11-2.35-150500.46.6.2
    * pdsh-dshgroup-debuginfo-2.35-150500.46.6.3
    * pdsh-slurm_24_11-debuginfo-2.35-150500.46.6.2
    * libpmi0_24_11-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-node-24.11.1-150300.7.5.1
    * pdsh-debuginfo-2.35-150500.46.6.3
    * pdsh-genders-debuginfo-2.35-150500.46.6.3
    * slurm_24_11-auth-none-debuginfo-24.11.1-150300.7.5.1
    * libslurm42-24.11.1-150300.7.5.1
    * slurm_24_11-rest-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-torque-24.11.1-150300.7.5.1
    * pdsh-dshgroup-2.35-150500.46.6.3
    * slurm_24_11-rest-24.11.1-150300.7.5.1
    * perl-slurm_24_11-24.11.1-150300.7.5.1
    * libpmi0_24_11-24.11.1-150300.7.5.1
    * slurm_24_11-munge-24.11.1-150300.7.5.1
    * slurm_24_11-hdf5-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-cray-24.11.1-150300.7.5.1
    * slurm_24_11-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-plugins-24.11.1-150300.7.5.1
    * libslurm42-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-sql-24.11.1-150300.7.5.1
    * slurm_24_11-pam_slurm-24.11.1-150300.7.5.1
    * pdsh_slurm_24_11-debugsource-2.35-150500.46.6.2
    * pdsh-netgroup-debuginfo-2.35-150500.46.6.3
    * pdsh-machines-2.35-150500.46.6.3
    * slurm_24_11-torque-debuginfo-24.11.1-150300.7.5.1
    * perl-slurm_24_11-debuginfo-24.11.1-150300.7.5.1
    * pdsh-2.35-150500.46.6.3
    * slurm_24_11-lua-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-24.11.1-150300.7.5.1
    * slurm_24_11-devel-24.11.1-150300.7.5.1
    * slurm_24_11-slurmdbd-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-munge-debuginfo-24.11.1-150300.7.5.1
    * pdsh-debugsource-2.35-150500.46.6.3
    * slurm_24_11-plugins-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-sql-debuginfo-24.11.1-150300.7.5.1
    * slurm_24_11-auth-none-24.11.1-150300.7.5.1
    * slurm_24_11-lua-24.11.1-150300.7.5.1
    * slurm_24_11-slurmdbd-24.11.1-150300.7.5.1
    * slurm_24_11-sview-debuginfo-24.11.1-150300.7.5.1
    * pdsh-netgroup-2.35-150500.46.6.3
    * pdsh-machines-debuginfo-2.35-150500.46.6.3
    * libnss_slurm2_24_11-24.11.1-150300.7.5.1
    * pdsh-genders-2.35-150500.46.6.3
    * slurm_24_11-sview-24.11.1-150300.7.5.1
    * libnss_slurm2_24_11-debuginfo-24.11.1-150300.7.5.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * slurm_24_11-config-man-24.11.1-150300.7.5.1
    * slurm_24_11-webdoc-24.11.1-150300.7.5.1
    * slurm_24_11-config-24.11.1-150300.7.5.1
    * slurm_24_11-doc-24.11.1-150300.7.5.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-42511.html
  * https://www.suse.com/security/cve/CVE-2024-48936.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236722
  * https://bugzilla.suse.com/show_bug.cgi?id=1236726
  * https://bugzilla.suse.com/show_bug.cgi?id=1236928
  * https://bugzilla.suse.com/show_bug.cgi?id=1236929

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250224/e18ae481/attachment.htm>

From null at suse.de  Mon Feb 24 08:30:49 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 24 Feb 2025 08:30:49 -0000
Subject: SUSE-SU-2025:0659-1: moderate: Security update for openssh
Message-ID: <174038584908.8028.18359500765167755696@smelt2.prg2.suse.org>



# Security update for openssh

Announcement ID: SUSE-SU-2025:0659-1  
Release Date: 2025-02-23T12:03:56Z  
Rating: moderate  
References:

  * bsc#1220110
  * bsc#1225637
  * bsc#1237040

  
Cross-References:

  * CVE-2025-26465

  
CVSS scores:

  * CVE-2025-26465 ( SUSE ):  6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
  * CVE-2025-26465 ( NVD ):  6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability and has two security fixes can now be
installed.

## Description:

This update for openssh fixes the following issues:

  * CVE-2025-26465: Fixed a MitM attack against OpenSSH's VerifyHostKeyDNS-
    enabled client (bsc#1237040).

  * Add a s390 specific ioctl for ECC hardware support (bsc#1225637):

  * for migration to openssh 8.4: write active/enabled switch over files only if
    not yet present (bsc#1220110)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-659=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-659=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * openssh-fips-7.2p2-81.26.1
    * openssh-7.2p2-81.26.1
    * openssh-askpass-gnome-debuginfo-7.2p2-81.26.1
    * openssh-debugsource-7.2p2-81.26.1
    * openssh-debuginfo-7.2p2-81.26.1
    * openssh-helpers-debuginfo-7.2p2-81.26.1
    * openssh-helpers-7.2p2-81.26.1
    * openssh-askpass-gnome-7.2p2-81.26.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * openssh-fips-7.2p2-81.26.1
    * openssh-7.2p2-81.26.1
    * openssh-askpass-gnome-debuginfo-7.2p2-81.26.1
    * openssh-debugsource-7.2p2-81.26.1
    * openssh-debuginfo-7.2p2-81.26.1
    * openssh-helpers-debuginfo-7.2p2-81.26.1
    * openssh-helpers-7.2p2-81.26.1
    * openssh-askpass-gnome-7.2p2-81.26.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-26465.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1220110
  * https://bugzilla.suse.com/show_bug.cgi?id=1225637
  * https://bugzilla.suse.com/show_bug.cgi?id=1237040

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250224/14ec53d8/attachment.htm>

From null at suse.de  Mon Feb 24 08:30:51 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 24 Feb 2025 08:30:51 -0000
Subject: SUSE-SU-2025:0655-1: important: Security update for postgresql17
Message-ID: <174038585180.8028.11484527216504850009@smelt2.prg2.suse.org>



# Security update for postgresql17

Announcement ID: SUSE-SU-2025:0655-1  
Release Date: 2025-02-22T19:33:32Z  
Rating: important  
References:

  * bsc#1237093

  
Cross-References:

  * CVE-2025-1094

  
CVSS scores:

  * CVE-2025-1094 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-1094 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1094 ( NVD ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for postgresql17 fixes the following issues:

Upgrade to 17.4:

  * CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-
    encoded input strings (bsc#1237093).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-655=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-655=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * libecpg6-debuginfo-17.4-3.10.1
    * libpq5-17.4-3.10.1
    * libecpg6-17.4-3.10.1
    * libpq5-debuginfo-17.4-3.10.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64)
    * libpq5-debuginfo-32bit-17.4-3.10.1
    * libecpg6-32bit-17.4-3.10.1
    * libecpg6-debuginfo-32bit-17.4-3.10.1
    * libpq5-32bit-17.4-3.10.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * libecpg6-debuginfo-32bit-17.4-3.10.1
    * libpq5-debuginfo-17.4-3.10.1
    * libpq5-debuginfo-32bit-17.4-3.10.1
    * libecpg6-17.4-3.10.1
    * libpq5-32bit-17.4-3.10.1
    * libpq5-17.4-3.10.1
    * libecpg6-debuginfo-17.4-3.10.1
    * libecpg6-32bit-17.4-3.10.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-1094.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237093

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250224/69f4af31/attachment.htm>

From null at suse.de  Mon Feb 24 12:30:06 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 24 Feb 2025 12:30:06 -0000
Subject: SUSE-SU-2025:0669-1: important: Security update for the Linux Kernel
 (Live Patch 2 for SLE 15 SP6)
Message-ID: <174040020611.17653.1747474499268693063@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP6)

Announcement ID: SUSE-SU-2025:0669-1  
Release Date: 2025-02-24T09:03:58Z  
Rating: important  
References:

  * bsc#1227371
  * bsc#1236783

  
Cross-References:

  * CVE-2024-36974
  * CVE-2024-53104

  
CVSS scores:

  * CVE-2024-36974 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Live Patching 15-SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 6.4.0-150600_23_14 fixes several issues.

The following security issues were fixed:

  * CVE-2024-36974: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP
    (bsc#1227371).
  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-669=1

  * SUSE Linux Enterprise Live Patching 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-669=1

## Package List:

  * openSUSE Leap 15.6 (ppc64le s390x x86_64)
    * kernel-livepatch-6_4_0-150600_23_14-default-debuginfo-9-150600.2.1
    * kernel-livepatch-SLE15-SP6_Update_2-debugsource-9-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_14-default-9-150600.2.1
  * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64)
    * kernel-livepatch-6_4_0-150600_23_14-default-debuginfo-9-150600.2.1
    * kernel-livepatch-SLE15-SP6_Update_2-debugsource-9-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_14-default-9-150600.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-36974.html
  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1227371
  * https://bugzilla.suse.com/show_bug.cgi?id=1236783

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250224/d54b88a5/attachment.htm>

From null at suse.de  Mon Feb 24 12:30:10 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 24 Feb 2025 12:30:10 -0000
Subject: SUSE-SU-2025:0667-1: important: Security update for the Linux Kernel
 (Live Patch 53 for SLE 12 SP5)
Message-ID: <174040021016.17653.11175927420492716546@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 53 for SLE 12 SP5)

Announcement ID: SUSE-SU-2025:0667-1  
Release Date: 2025-02-24T08:33:25Z  
Rating: important  
References:

  * bsc#1227320
  * bsc#1227700
  * bsc#1236783

  
Cross-References:

  * CVE-2021-47511
  * CVE-2024-35789
  * CVE-2024-53104

  
CVSS scores:

  * CVE-2021-47511 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2021-47511 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-35789 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Live Patching 12-SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves three vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 4.12.14-122_194 fixes several issues.

The following security issues were fixed:

  * CVE-2024-35789: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN
    changes (bsc#1227320).
  * CVE-2021-47511: ALSA: pcm: oss: fix negative period/buffer sizes
    (bsc#1227700).
  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Live Patching 12-SP5  
    zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-667=1

## Package List:

  * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64)
    * kgraft-patch-4_12_14-122_194-default-14-2.1

## References:

  * https://www.suse.com/security/cve/CVE-2021-47511.html
  * https://www.suse.com/security/cve/CVE-2024-35789.html
  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1227320
  * https://bugzilla.suse.com/show_bug.cgi?id=1227700
  * https://bugzilla.suse.com/show_bug.cgi?id=1236783

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250224/30e215ba/attachment.htm>

From null at suse.de  Mon Feb 24 12:30:15 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 24 Feb 2025 12:30:15 -0000
Subject: SUSE-SU-2025:0681-1: important: Security update for the Linux Kernel
 (Live Patch 0 for SLE 15 SP6)
Message-ID: <174040021578.17653.14967717633350377371@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP6)

Announcement ID: SUSE-SU-2025:0681-1  
Release Date: 2025-02-24T11:04:10Z  
Rating: important  
References:

  * bsc#1227320
  * bsc#1227371
  * bsc#1228585
  * bsc#1236783

  
Cross-References:

  * CVE-2024-35789
  * CVE-2024-36974
  * CVE-2024-40956
  * CVE-2024-53104

  
CVSS scores:

  * CVE-2024-35789 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-36974 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-40956 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-40956 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.3
  * openSUSE Leap 15.4
  * openSUSE Leap 15.5
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise Live Patching 15-SP3
  * SUSE Linux Enterprise Live Patching 15-SP4
  * SUSE Linux Enterprise Live Patching 15-SP5
  * SUSE Linux Enterprise Live Patching 15-SP6
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP4
  * SUSE Linux Enterprise Real Time 15 SP5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves four vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 6.4.0-150600_21 fixes several issues.

The following security issues were fixed:

  * CVE-2024-35789: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN
    changes (bsc#1227320).
  * CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in
    irq_process_work_list (bsc#1228585).
  * CVE-2024-36974: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP
    (bsc#1227371).
  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-681=1 SUSE-2025-668=1

  * SUSE Linux Enterprise Live Patching 15-SP3  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-668=1 SUSE-SLE-
Module-Live-Patching-15-SP3-2025-681=1

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-670=1 SUSE-2025-682=1

  * SUSE Linux Enterprise Live Patching 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-670=1 SUSE-SLE-
Module-Live-Patching-15-SP4-2025-682=1

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-663=1 SUSE-2025-683=1

  * SUSE Linux Enterprise Live Patching 15-SP5  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-683=1 SUSE-SLE-
Module-Live-Patching-15-SP5-2025-663=1

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-665=1

  * SUSE Linux Enterprise Live Patching 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-665=1

## Package List:

  * openSUSE Leap 15.3 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP3_Update_43-debugsource-13-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_158-default-debuginfo-13-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_153-default-debuginfo-14-150300.2.1
    * kernel-livepatch-SLE15-SP3_Update_42-debugsource-14-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_153-default-14-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_158-default-13-150300.2.1
  * openSUSE Leap 15.3 (x86_64)
    * kernel-livepatch-5_3_18-150300_59_158-preempt-13-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_153-preempt-14-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_153-preempt-debuginfo-14-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo-13-150300.2.1
  * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64)
    * kernel-livepatch-5_3_18-150300_59_158-default-13-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_153-default-14-150300.2.1
  * openSUSE Leap 15.4 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP4_Update_27-debugsource-10-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_122-default-10-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_122-default-debuginfo-10-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_24-debugsource-13-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_111-default-debuginfo-13-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_111-default-13-150400.2.1
  * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP4_Update_27-debugsource-10-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_122-default-10-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_122-default-debuginfo-10-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_24-debugsource-13-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_111-default-debuginfo-13-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_111-default-13-150400.2.1
  * openSUSE Leap 15.5 (ppc64le s390x x86_64)
    * kernel-livepatch-5_14_21-150500_55_49-default-15-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_52-default-debuginfo-13-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_11-debugsource-13-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_52-default-13-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_10-debugsource-15-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_49-default-debuginfo-15-150500.2.1
  * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64)
    * kernel-livepatch-5_14_21-150500_55_49-default-15-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_52-default-debuginfo-13-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_11-debugsource-13-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_52-default-13-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_10-debugsource-15-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_49-default-debuginfo-15-150500.2.1
  * openSUSE Leap 15.6 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP6_Update_0-debugsource-11-150600.4.25.1
    * kernel-livepatch-6_4_0-150600_21-default-debuginfo-11-150600.4.25.1
    * kernel-livepatch-6_4_0-150600_21-default-11-150600.4.25.1
  * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP6_Update_0-debugsource-11-150600.4.25.1
    * kernel-livepatch-6_4_0-150600_21-default-debuginfo-11-150600.4.25.1
    * kernel-livepatch-6_4_0-150600_21-default-11-150600.4.25.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-35789.html
  * https://www.suse.com/security/cve/CVE-2024-36974.html
  * https://www.suse.com/security/cve/CVE-2024-40956.html
  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1227320
  * https://bugzilla.suse.com/show_bug.cgi?id=1227371
  * https://bugzilla.suse.com/show_bug.cgi?id=1228585
  * https://bugzilla.suse.com/show_bug.cgi?id=1236783

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250224/854a079c/attachment.htm>

From null at suse.de  Mon Feb 24 12:30:19 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 24 Feb 2025 12:30:19 -0000
Subject: SUSE-SU-2025:0662-1: important: Security update for the Linux Kernel
 (Live Patch 4 for SLE 15 SP6)
Message-ID: <174040021937.17653.13711636927380187995@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP6)

Announcement ID: SUSE-SU-2025:0662-1  
Release Date: 2025-02-24T11:33:43Z  
Rating: important  
References:

  * bsc#1236783

  
Cross-References:

  * CVE-2024-53104

  
CVSS scores:

  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * openSUSE Leap 15.5
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise Live Patching 12-SP5
  * SUSE Linux Enterprise Live Patching 15-SP4
  * SUSE Linux Enterprise Live Patching 15-SP5
  * SUSE Linux Enterprise Live Patching 15-SP6
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP4
  * SUSE Linux Enterprise Real Time 15 SP5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for the Linux Kernel 6.4.0-150600_23_22 fixes one issue.

The following security issue was fixed:

  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Live Patching 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-684=1 SUSE-SLE-
Module-Live-Patching-15-SP6-2025-666=1 SUSE-SLE-Module-Live-
Patching-15-SP6-2025-673=1

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-666=1 SUSE-2025-673=1

  * SUSE Linux Enterprise Live Patching 12-SP5  
    zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-662=1

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-686=1 SUSE-2025-671=1 SUSE-2025-685=1

  * SUSE Linux Enterprise Live Patching 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-686=1 SUSE-SLE-
Module-Live-Patching-15-SP4-2025-671=1 SUSE-SLE-Module-Live-
Patching-15-SP4-2025-685=1

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-664=1 SUSE-2025-672=1

  * SUSE Linux Enterprise Live Patching 15-SP5  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-664=1 SUSE-SLE-
Module-Live-Patching-15-SP5-2025-672=1

## Package List:

  * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64)
    * kernel-livepatch-6_4_0-150600_10_11-rt-debuginfo-5-150600.2.1
    * kernel-livepatch-6_4_0-150600_10_11-rt-5-150600.2.1
    * kernel-livepatch-SLE15-SP6-RT_Update_3-debugsource-5-150600.2.1
  * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP6_Update_4-debugsource-5-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_17-default-9-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_17-default-debuginfo-9-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_22-default-5-150600.2.1
    * kernel-livepatch-SLE15-SP6_Update_3-debugsource-9-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_22-default-debuginfo-5-150600.2.1
  * openSUSE Leap 15.6 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP6_Update_4-debugsource-5-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_17-default-9-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_17-default-debuginfo-9-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_22-default-5-150600.2.1
    * kernel-livepatch-SLE15-SP6_Update_3-debugsource-9-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_22-default-debuginfo-5-150600.2.1
  * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64)
    * kgraft-patch-4_12_14-122_234-default-4-2.1
  * openSUSE Leap 15.4 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP4_Update_29-debugsource-5-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_141-default-debuginfo-3-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_141-default-3-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_136-default-4-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_128-default-debuginfo-5-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_128-default-5-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_32-debugsource-4-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_136-default-debuginfo-4-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_33-debugsource-3-150400.2.1
  * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP4_Update_29-debugsource-5-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_141-default-debuginfo-3-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_141-default-3-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_136-default-4-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_128-default-debuginfo-5-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_128-default-5-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_32-debugsource-4-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_136-default-debuginfo-4-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_33-debugsource-3-150400.2.1
  * openSUSE Leap 15.5 (ppc64le s390x x86_64)
    * kernel-livepatch-5_14_21-150500_55_80-default-debuginfo-4-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_80-default-4-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_83-default-debuginfo-4-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_20-debugsource-4-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_19-debugsource-4-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_83-default-4-150500.2.1
  * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64)
    * kernel-livepatch-5_14_21-150500_55_80-default-debuginfo-4-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_80-default-4-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_83-default-debuginfo-4-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_20-debugsource-4-150500.2.1
    * kernel-livepatch-SLE15-SP5_Update_19-debugsource-4-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_83-default-4-150500.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236783

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250224/54af4120/attachment.htm>

From null at suse.de  Mon Feb 24 12:30:25 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 24 Feb 2025 12:30:25 -0000
Subject: SUSE-RU-2025:0680-1: important: Recommended update for libzypp, zypper
Message-ID: <174040022521.17653.829008132745192772@smelt2.prg2.suse.org>



# Recommended update for libzypp, zypper

Announcement ID: SUSE-RU-2025:0680-1  
Release Date: 2025-02-24T11:01:30Z  
Rating: important  
References:

  * bsc#1228434
  * bsc#1236384
  * bsc#1236820
  * bsc#1236939
  * bsc#1236983

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that has five fixes can now be installed.

## Description:

This update for libzypp, zypper fixes the following issues:

  * Don't issue deprecated warnings if -DNDEBUG is set (bsc#1236983)
  * Drop zypp-CheckAccessDeleted in favor of 'zypper ps'
  * Fix Repoverification plugin not being executed
  * Refresh: Fetch the master index file before key and signature (bsc#1236820)
  * Deprecate RepoReports we do not trigger
  * Let zypper dup fail in case of (temporarily) unaccessible repos
    (bsc#1228434, bsc#1236939)
  * New system-architecture command (bsc#1236384)
  * Change versioncmp command to return exit code according to the comparison
    result

## Special Instructions and Notes:

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-680=1 openSUSE-SLE-15.6-2025-680=1

  * SUSE Linux Enterprise High Performance Computing 15 SP6  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP6-2025-680=1

  * SUSE Linux Enterprise Server 15 SP6  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP6-2025-680=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP6  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP6-2025-680=1

  * SUSE Linux Enterprise Desktop 15 SP6  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP6-2025-680=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-680=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * zypper-debuginfo-1.14.84-150600.10.25.2
    * libzypp-17.36.1-150600.3.47.2
    * libzypp-debuginfo-17.36.1-150600.3.47.2
    * libzypp-devel-17.36.1-150600.3.47.2
    * zypper-debugsource-1.14.84-150600.10.25.2
    * libzypp-debugsource-17.36.1-150600.3.47.2
    * zypper-1.14.84-150600.10.25.2
    * libzypp-devel-doc-17.36.1-150600.3.47.2
  * openSUSE Leap 15.6 (noarch)
    * zypper-aptitude-1.14.84-150600.10.25.2
    * zypper-log-1.14.84-150600.10.25.2
    * zypper-needs-restarting-1.14.84-150600.10.25.2
  * SUSE Linux Enterprise High Performance Computing 15 SP6 (aarch64 x86_64)
    * libzypp-17.36.1-150600.3.47.2
  * SUSE Linux Enterprise Server 15 SP6 (aarch64 ppc64le s390x x86_64)
    * libzypp-17.36.1-150600.3.47.2
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64)
    * libzypp-17.36.1-150600.3.47.2
  * SUSE Linux Enterprise Desktop 15 SP6 (x86_64)
    * libzypp-17.36.1-150600.3.47.2
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * zypper-debuginfo-1.14.84-150600.10.25.2
    * libzypp-17.36.1-150600.3.47.2
    * libzypp-debuginfo-17.36.1-150600.3.47.2
    * libzypp-devel-17.36.1-150600.3.47.2
    * zypper-debugsource-1.14.84-150600.10.25.2
    * libzypp-debugsource-17.36.1-150600.3.47.2
    * zypper-1.14.84-150600.10.25.2
  * Basesystem Module 15-SP6 (noarch)
    * zypper-log-1.14.84-150600.10.25.2
    * zypper-needs-restarting-1.14.84-150600.10.25.2

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1228434
  * https://bugzilla.suse.com/show_bug.cgi?id=1236384
  * https://bugzilla.suse.com/show_bug.cgi?id=1236820
  * https://bugzilla.suse.com/show_bug.cgi?id=1236939
  * https://bugzilla.suse.com/show_bug.cgi?id=1236983

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250224/cd9300a2/attachment.htm>

From null at suse.de  Mon Feb 24 12:30:29 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 24 Feb 2025 12:30:29 -0000
Subject: SUSE-RU-2025:0679-1: important: Recommended update for libzypp, zypper
Message-ID: <174040022971.17653.6152397612474164827@smelt2.prg2.suse.org>



# Recommended update for libzypp, zypper

Announcement ID: SUSE-RU-2025:0679-1  
Release Date: 2025-02-24T11:01:04Z  
Rating: important  
References:

  * bsc#1228434
  * bsc#1236384
  * bsc#1236820
  * bsc#1236939
  * bsc#1236983

  
Affected Products:

  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.2
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3

  
  
An update that has five fixes can now be installed.

## Description:

This update for libzypp, zypper fixes the following issues:

  * Don't issue deprecated warnings if -DNDEBUG is set (bsc#1236983)
  * Drop zypp-CheckAccessDeleted in favor of 'zypper ps'
  * Fix Repoverification plugin not being executed
  * Refresh: Fetch the master index file before key and signature (bsc#1236820)
  * Deprecate RepoReports we do not trigger
  * Let zypper dup fail in case of (temporarily) unaccessible repos
    (bsc#1228434, bsc#1236939)
  * New system-architecture command (bsc#1236384)
  * Change versioncmp command to return exit code according to the comparison
    result

## Special Instructions and Notes:

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 15 SP3  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP3-2025-679=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-679=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-679=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-679=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-679=1

  * SUSE Linux Enterprise Micro 5.1  
    zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-679=1

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-679=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-679=1

## Package List:

  * SUSE Linux Enterprise Server 15 SP3 (aarch64 ppc64le s390x x86_64)
    * libzypp-17.36.1-150200.147.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * libzypp-devel-17.36.1-150200.147.1
    * zypper-debuginfo-1.14.84-150200.105.1
    * libzypp-debuginfo-17.36.1-150200.147.1
    * libzypp-17.36.1-150200.147.1
    * zypper-debugsource-1.14.84-150200.105.1
    * zypper-1.14.84-150200.105.1
    * libzypp-debugsource-17.36.1-150200.147.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * zypper-log-1.14.84-150200.105.1
    * zypper-needs-restarting-1.14.84-150200.105.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * libzypp-devel-17.36.1-150200.147.1
    * zypper-debuginfo-1.14.84-150200.105.1
    * libzypp-debuginfo-17.36.1-150200.147.1
    * libzypp-17.36.1-150200.147.1
    * zypper-debugsource-1.14.84-150200.105.1
    * zypper-1.14.84-150200.105.1
    * libzypp-debugsource-17.36.1-150200.147.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * zypper-log-1.14.84-150200.105.1
    * zypper-needs-restarting-1.14.84-150200.105.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * libzypp-devel-17.36.1-150200.147.1
    * zypper-debuginfo-1.14.84-150200.105.1
    * libzypp-debuginfo-17.36.1-150200.147.1
    * libzypp-17.36.1-150200.147.1
    * zypper-debugsource-1.14.84-150200.105.1
    * zypper-1.14.84-150200.105.1
    * libzypp-debugsource-17.36.1-150200.147.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * zypper-log-1.14.84-150200.105.1
    * zypper-needs-restarting-1.14.84-150200.105.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * libzypp-devel-17.36.1-150200.147.1
    * zypper-debuginfo-1.14.84-150200.105.1
    * libzypp-debuginfo-17.36.1-150200.147.1
    * libzypp-17.36.1-150200.147.1
    * zypper-debugsource-1.14.84-150200.105.1
    * zypper-1.14.84-150200.105.1
    * libzypp-debugsource-17.36.1-150200.147.1
  * SUSE Enterprise Storage 7.1 (noarch)
    * zypper-log-1.14.84-150200.105.1
    * zypper-needs-restarting-1.14.84-150200.105.1
  * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
    * zypper-debuginfo-1.14.84-150200.105.1
    * libzypp-debuginfo-17.36.1-150200.147.1
    * libzypp-17.36.1-150200.147.1
    * zypper-debugsource-1.14.84-150200.105.1
    * zypper-1.14.84-150200.105.1
    * libzypp-debugsource-17.36.1-150200.147.1
  * SUSE Linux Enterprise Micro 5.1 (noarch)
    * zypper-needs-restarting-1.14.84-150200.105.1
  * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
    * zypper-debuginfo-1.14.84-150200.105.1
    * libzypp-debuginfo-17.36.1-150200.147.1
    * libzypp-17.36.1-150200.147.1
    * zypper-debugsource-1.14.84-150200.105.1
    * zypper-1.14.84-150200.105.1
    * libzypp-debugsource-17.36.1-150200.147.1
  * SUSE Linux Enterprise Micro 5.2 (noarch)
    * zypper-needs-restarting-1.14.84-150200.105.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
    * zypper-debuginfo-1.14.84-150200.105.1
    * libzypp-debuginfo-17.36.1-150200.147.1
    * libzypp-17.36.1-150200.147.1
    * zypper-debugsource-1.14.84-150200.105.1
    * zypper-1.14.84-150200.105.1
    * libzypp-debugsource-17.36.1-150200.147.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch)
    * zypper-needs-restarting-1.14.84-150200.105.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1228434
  * https://bugzilla.suse.com/show_bug.cgi?id=1236384
  * https://bugzilla.suse.com/show_bug.cgi?id=1236820
  * https://bugzilla.suse.com/show_bug.cgi?id=1236939
  * https://bugzilla.suse.com/show_bug.cgi?id=1236983

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250224/cf874436/attachment.htm>

From null at suse.de  Mon Feb 24 12:30:34 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 24 Feb 2025 12:30:34 -0000
Subject: SUSE-RU-2025:0678-1: important: Recommended update for libzypp, zypper
Message-ID: <174040023425.17653.15078230606369407678@smelt2.prg2.suse.org>



# Recommended update for libzypp, zypper

Announcement ID: SUSE-RU-2025:0678-1  
Release Date: 2025-02-24T11:00:23Z  
Rating: important  
References:

  * bsc#1228434
  * bsc#1236384
  * bsc#1236820
  * bsc#1236939
  * bsc#1236983

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise Desktop 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that has five fixes can now be installed.

## Description:

This update for libzypp, zypper fixes the following issues:

  * Don't issue deprecated warnings if -DNDEBUG is set (bsc#1236983)
  * Drop zypp-CheckAccessDeleted in favor of 'zypper ps'
  * Fix Repoverification plugin not being executed
  * Refresh: Fetch the master index file before key and signature (bsc#1236820)
  * Deprecate RepoReports we do not trigger
  * Let zypper dup fail in case of (temporarily) unaccessible repos
    (bsc#1228434, bsc#1236939)
  * New system-architecture command (bsc#1236384)
  * Change versioncmp command to return exit code according to the comparison
    result

## Special Instructions and Notes:

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise High Performance Computing 15 SP4  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2025-678=1

  * SUSE Linux Enterprise Server 15 SP4  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2025-678=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2025-678=1 SUSE-SLE-Product-SUSE-
Manager-Server-4.3-2025-678=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2025-678=1 SUSE-SLE-Product-
SLES_SAP-15-SP4-2025-678=1

  * SUSE Linux Enterprise Desktop 15 SP4  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2025-678=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2025-678=1 SUSE-SLE-Product-SUSE-
Manager-Retail-Branch-Server-4.3-2025-678=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2025-678=1 SUSE-SLE-Product-SUSE-
Manager-Proxy-4.3-2025-678=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-678=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-678=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-678=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-678=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-678=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-678=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-678=1

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-678=1

## Package List:

  * SUSE Linux Enterprise High Performance Computing 15 SP4 (aarch64 x86_64)
    * libzypp-17.36.1-150400.3.113.1
  * SUSE Linux Enterprise Server 15 SP4 (aarch64 ppc64le s390x x86_64)
    * libzypp-17.36.1-150400.3.113.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * libzypp-debugsource-17.36.1-150400.3.113.1
    * zypper-debuginfo-1.14.84-150400.3.76.1
    * libzypp-17.36.1-150400.3.113.1
    * zypper-1.14.84-150400.3.76.1
    * libzypp-devel-17.36.1-150400.3.113.1
    * libzypp-debuginfo-17.36.1-150400.3.113.1
    * zypper-debugsource-1.14.84-150400.3.76.1
  * SUSE Manager Server 4.3 (noarch)
    * zypper-needs-restarting-1.14.84-150400.3.76.1
    * zypper-log-1.14.84-150400.3.76.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * libzypp-debugsource-17.36.1-150400.3.113.1
    * zypper-debuginfo-1.14.84-150400.3.76.1
    * libzypp-17.36.1-150400.3.113.1
    * zypper-1.14.84-150400.3.76.1
    * libzypp-devel-17.36.1-150400.3.113.1
    * libzypp-debuginfo-17.36.1-150400.3.113.1
    * zypper-debugsource-1.14.84-150400.3.76.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * zypper-needs-restarting-1.14.84-150400.3.76.1
    * zypper-log-1.14.84-150400.3.76.1
  * SUSE Linux Enterprise Desktop 15 SP4 (x86_64)
    * libzypp-17.36.1-150400.3.113.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * libzypp-debugsource-17.36.1-150400.3.113.1
    * zypper-debuginfo-1.14.84-150400.3.76.1
    * libzypp-17.36.1-150400.3.113.1
    * zypper-1.14.84-150400.3.76.1
    * libzypp-devel-17.36.1-150400.3.113.1
    * libzypp-debuginfo-17.36.1-150400.3.113.1
    * zypper-debugsource-1.14.84-150400.3.76.1
  * SUSE Manager Retail Branch Server 4.3 (noarch)
    * zypper-needs-restarting-1.14.84-150400.3.76.1
    * zypper-log-1.14.84-150400.3.76.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * libzypp-debugsource-17.36.1-150400.3.113.1
    * zypper-debuginfo-1.14.84-150400.3.76.1
    * libzypp-17.36.1-150400.3.113.1
    * zypper-1.14.84-150400.3.76.1
    * libzypp-devel-17.36.1-150400.3.113.1
    * libzypp-debuginfo-17.36.1-150400.3.113.1
    * zypper-debugsource-1.14.84-150400.3.76.1
  * SUSE Manager Proxy 4.3 (noarch)
    * zypper-needs-restarting-1.14.84-150400.3.76.1
    * zypper-log-1.14.84-150400.3.76.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * libzypp-debugsource-17.36.1-150400.3.113.1
    * zypper-debuginfo-1.14.84-150400.3.76.1
    * libzypp-17.36.1-150400.3.113.1
    * zypper-1.14.84-150400.3.76.1
    * libzypp-debuginfo-17.36.1-150400.3.113.1
    * zypper-debugsource-1.14.84-150400.3.76.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch)
    * zypper-needs-restarting-1.14.84-150400.3.76.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * libzypp-debugsource-17.36.1-150400.3.113.1
    * zypper-debuginfo-1.14.84-150400.3.76.1
    * libzypp-17.36.1-150400.3.113.1
    * zypper-1.14.84-150400.3.76.1
    * libzypp-debuginfo-17.36.1-150400.3.113.1
    * zypper-debugsource-1.14.84-150400.3.76.1
  * SUSE Linux Enterprise Micro 5.3 (noarch)
    * zypper-needs-restarting-1.14.84-150400.3.76.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * libzypp-debugsource-17.36.1-150400.3.113.1
    * zypper-debuginfo-1.14.84-150400.3.76.1
    * libzypp-17.36.1-150400.3.113.1
    * zypper-1.14.84-150400.3.76.1
    * libzypp-debuginfo-17.36.1-150400.3.113.1
    * zypper-debugsource-1.14.84-150400.3.76.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch)
    * zypper-needs-restarting-1.14.84-150400.3.76.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * libzypp-debugsource-17.36.1-150400.3.113.1
    * zypper-debuginfo-1.14.84-150400.3.76.1
    * libzypp-17.36.1-150400.3.113.1
    * zypper-1.14.84-150400.3.76.1
    * libzypp-debuginfo-17.36.1-150400.3.113.1
    * zypper-debugsource-1.14.84-150400.3.76.1
  * SUSE Linux Enterprise Micro 5.4 (noarch)
    * zypper-needs-restarting-1.14.84-150400.3.76.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * libzypp-debugsource-17.36.1-150400.3.113.1
    * zypper-debuginfo-1.14.84-150400.3.76.1
    * libzypp-17.36.1-150400.3.113.1
    * zypper-1.14.84-150400.3.76.1
    * libzypp-devel-17.36.1-150400.3.113.1
    * libzypp-debuginfo-17.36.1-150400.3.113.1
    * zypper-debugsource-1.14.84-150400.3.76.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * zypper-needs-restarting-1.14.84-150400.3.76.1
    * zypper-log-1.14.84-150400.3.76.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * libzypp-debugsource-17.36.1-150400.3.113.1
    * zypper-debuginfo-1.14.84-150400.3.76.1
    * libzypp-17.36.1-150400.3.113.1
    * zypper-1.14.84-150400.3.76.1
    * libzypp-devel-17.36.1-150400.3.113.1
    * libzypp-debuginfo-17.36.1-150400.3.113.1
    * zypper-debugsource-1.14.84-150400.3.76.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * zypper-needs-restarting-1.14.84-150400.3.76.1
    * zypper-log-1.14.84-150400.3.76.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * libzypp-debugsource-17.36.1-150400.3.113.1
    * zypper-debuginfo-1.14.84-150400.3.76.1
    * libzypp-17.36.1-150400.3.113.1
    * zypper-1.14.84-150400.3.76.1
    * libzypp-devel-17.36.1-150400.3.113.1
    * libzypp-debuginfo-17.36.1-150400.3.113.1
    * zypper-debugsource-1.14.84-150400.3.76.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * zypper-needs-restarting-1.14.84-150400.3.76.1
    * zypper-log-1.14.84-150400.3.76.1
  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * libzypp-debugsource-17.36.1-150400.3.113.1
    * zypper-debuginfo-1.14.84-150400.3.76.1
    * libzypp-17.36.1-150400.3.113.1
    * zypper-1.14.84-150400.3.76.1
    * libzypp-devel-doc-17.36.1-150400.3.113.1
    * libzypp-devel-17.36.1-150400.3.113.1
    * libzypp-debuginfo-17.36.1-150400.3.113.1
    * zypper-debugsource-1.14.84-150400.3.76.1
  * openSUSE Leap 15.4 (noarch)
    * zypper-aptitude-1.14.84-150400.3.76.1
    * zypper-needs-restarting-1.14.84-150400.3.76.1
    * zypper-log-1.14.84-150400.3.76.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1228434
  * https://bugzilla.suse.com/show_bug.cgi?id=1236384
  * https://bugzilla.suse.com/show_bug.cgi?id=1236820
  * https://bugzilla.suse.com/show_bug.cgi?id=1236939
  * https://bugzilla.suse.com/show_bug.cgi?id=1236983

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250224/674905c8/attachment.htm>

From null at suse.de  Mon Feb 24 12:30:39 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 24 Feb 2025 12:30:39 -0000
Subject: SUSE-RU-2025:0677-1: important: Recommended update for libzypp, zypper
Message-ID: <174040023900.17653.16329600485201589656@smelt2.prg2.suse.org>



# Recommended update for libzypp, zypper

Announcement ID: SUSE-RU-2025:0677-1  
Release Date: 2025-02-24T10:59:19Z  
Rating: important  
References:

  * bsc#1228434
  * bsc#1236384
  * bsc#1236820
  * bsc#1236939
  * bsc#1236983

  
Affected Products:

  * openSUSE Leap 15.5
  * SUSE Linux Enterprise Desktop 15 SP5
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5

  
  
An update that has five fixes can now be installed.

## Description:

This update for libzypp, zypper fixes the following issues:

  * Don't issue deprecated warnings if -DNDEBUG is set (bsc#1236983)
  * Drop zypp-CheckAccessDeleted in favor of 'zypper ps'
  * Fix Repoverification plugin not being executed
  * Refresh: Fetch the master index file before key and signature (bsc#1236820)
  * Deprecate RepoReports we do not trigger
  * Let zypper dup fail in case of (temporarily) unaccessible repos
    (bsc#1228434, bsc#1236939)
  * New system-architecture command (bsc#1236384)
  * Change versioncmp command to return exit code according to the comparison
    result

## Special Instructions and Notes:

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-677=1

  * SUSE Linux Enterprise High Performance Computing 15 SP5  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2025-677=1

  * SUSE Linux Enterprise Server 15 SP5  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2025-677=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2025-677=1 SUSE-SLE-Product-
SLES_SAP-15-SP5-2025-677=1

  * SUSE Linux Enterprise Desktop 15 SP5  
    zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2025-677=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-677=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-677=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-677=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-677=1

## Package List:

  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
    * libzypp-debugsource-17.36.1-150500.6.39.1
    * libzypp-devel-doc-17.36.1-150500.6.39.1
    * zypper-1.14.84-150500.6.23.1
    * zypper-debuginfo-1.14.84-150500.6.23.1
    * libzypp-debuginfo-17.36.1-150500.6.39.1
    * libzypp-17.36.1-150500.6.39.1
    * zypper-debugsource-1.14.84-150500.6.23.1
    * libzypp-devel-17.36.1-150500.6.39.1
  * openSUSE Leap 15.5 (noarch)
    * zypper-log-1.14.84-150500.6.23.1
    * zypper-aptitude-1.14.84-150500.6.23.1
    * zypper-needs-restarting-1.14.84-150500.6.23.1
  * SUSE Linux Enterprise High Performance Computing 15 SP5 (aarch64 x86_64)
    * libzypp-17.36.1-150500.6.39.1
  * SUSE Linux Enterprise Server 15 SP5 (aarch64 ppc64le s390x x86_64)
    * libzypp-17.36.1-150500.6.39.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * libzypp-debugsource-17.36.1-150500.6.39.1
    * zypper-1.14.84-150500.6.23.1
    * zypper-debuginfo-1.14.84-150500.6.23.1
    * libzypp-debuginfo-17.36.1-150500.6.39.1
    * libzypp-17.36.1-150500.6.39.1
    * zypper-debugsource-1.14.84-150500.6.23.1
    * libzypp-devel-17.36.1-150500.6.39.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * zypper-log-1.14.84-150500.6.23.1
    * zypper-needs-restarting-1.14.84-150500.6.23.1
  * SUSE Linux Enterprise Desktop 15 SP5 (x86_64)
    * libzypp-17.36.1-150500.6.39.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * libzypp-debugsource-17.36.1-150500.6.39.1
    * zypper-1.14.84-150500.6.23.1
    * zypper-debuginfo-1.14.84-150500.6.23.1
    * libzypp-debuginfo-17.36.1-150500.6.39.1
    * libzypp-17.36.1-150500.6.39.1
    * zypper-debugsource-1.14.84-150500.6.23.1
  * SUSE Linux Enterprise Micro 5.5 (noarch)
    * zypper-needs-restarting-1.14.84-150500.6.23.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * libzypp-debugsource-17.36.1-150500.6.39.1
    * zypper-1.14.84-150500.6.23.1
    * zypper-debuginfo-1.14.84-150500.6.23.1
    * libzypp-debuginfo-17.36.1-150500.6.39.1
    * libzypp-17.36.1-150500.6.39.1
    * zypper-debugsource-1.14.84-150500.6.23.1
    * libzypp-devel-17.36.1-150500.6.39.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * zypper-log-1.14.84-150500.6.23.1
    * zypper-needs-restarting-1.14.84-150500.6.23.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * libzypp-debugsource-17.36.1-150500.6.39.1
    * zypper-1.14.84-150500.6.23.1
    * zypper-debuginfo-1.14.84-150500.6.23.1
    * libzypp-debuginfo-17.36.1-150500.6.39.1
    * libzypp-17.36.1-150500.6.39.1
    * zypper-debugsource-1.14.84-150500.6.23.1
    * libzypp-devel-17.36.1-150500.6.39.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * zypper-log-1.14.84-150500.6.23.1
    * zypper-needs-restarting-1.14.84-150500.6.23.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * libzypp-debugsource-17.36.1-150500.6.39.1
    * zypper-1.14.84-150500.6.23.1
    * zypper-debuginfo-1.14.84-150500.6.23.1
    * libzypp-debuginfo-17.36.1-150500.6.39.1
    * libzypp-17.36.1-150500.6.39.1
    * zypper-debugsource-1.14.84-150500.6.23.1
    * libzypp-devel-17.36.1-150500.6.39.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * zypper-log-1.14.84-150500.6.23.1
    * zypper-needs-restarting-1.14.84-150500.6.23.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1228434
  * https://bugzilla.suse.com/show_bug.cgi?id=1236384
  * https://bugzilla.suse.com/show_bug.cgi?id=1236820
  * https://bugzilla.suse.com/show_bug.cgi?id=1236939
  * https://bugzilla.suse.com/show_bug.cgi?id=1236983

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250224/6a5584d5/attachment.htm>

From null at suse.de  Mon Feb 24 12:30:40 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 24 Feb 2025 12:30:40 -0000
Subject: SUSE-RU-2025:0676-1: moderate: Recommended update for go
Message-ID: <174040024099.17653.3150253569051209984@smelt2.prg2.suse.org>



# Recommended update for go

Announcement ID: SUSE-RU-2025:0676-1  
Release Date: 2025-02-24T10:46:33Z  
Rating: moderate  
References:

  * bsc#1237398

  
Affected Products:

  * Development Tools Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that has one fix can now be installed.

## Description:

This update of the go metapackage fixes the following issue:

  * go-race is shipped to the Development Tools module.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-676=1

  * Development Tools Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-676=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * go-doc-1.23-150000.3.40.1
    * go-1.23-150000.3.40.1
    * go-race-1.23-150000.3.40.1
  * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * go-1.23-150000.3.40.1
    * go-race-1.23-150000.3.40.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1237398

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250224/0ce8031b/attachment.htm>

From null at suse.de  Mon Feb 24 12:30:44 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 24 Feb 2025 12:30:44 -0000
Subject: SUSE-SU-2025:0675-1: moderate: Security update for java-1_8_0-ibm
Message-ID: <174040024445.17653.1891823429503610641@smelt2.prg2.suse.org>



# Security update for java-1_8_0-ibm

Announcement ID: SUSE-SU-2025:0675-1  
Release Date: 2025-02-24T10:46:08Z  
Rating: moderate  
References:

  * bsc#1233296
  * bsc#1236278
  * bsc#1236470

  
Cross-References:

  * CVE-2024-10917
  * CVE-2025-21502

  
CVSS scores:

  * CVE-2024-10917 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-10917 ( SUSE ):  3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
  * CVE-2024-10917 ( NVD ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
  * CVE-2024-10917 ( NVD ):  3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
  * CVE-2025-21502 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-21502 ( SUSE ):  4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
  * CVE-2025-21502 ( NVD ):  4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves two vulnerabilities and has one security fix can now be
installed.

## Description:

This update for java-1_8_0-ibm fixes the following issues:

Update to Java 8.0 Service Refresh 8 Fix Pack 40 (bsc#1236470):

  * CVE-2025-21502: unauthenticated attacker can obtain unauthorized read and
    write access to data through the Hotspot component API (bsc#1236278).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-675=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-675=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (nosrc x86_64)
    * java-1_8_0-ibm-1.8.0_sr8.40-30.132.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * java-1_8_0-ibm-alsa-1.8.0_sr8.40-30.132.1
    * java-1_8_0-ibm-devel-1.8.0_sr8.40-30.132.1
    * java-1_8_0-ibm-plugin-1.8.0_sr8.40-30.132.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (nosrc ppc64le s390x x86_64)
    * java-1_8_0-ibm-1.8.0_sr8.40-30.132.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (ppc64le s390x x86_64)
    * java-1_8_0-ibm-devel-1.8.0_sr8.40-30.132.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (x86_64)
    * java-1_8_0-ibm-alsa-1.8.0_sr8.40-30.132.1
    * java-1_8_0-ibm-plugin-1.8.0_sr8.40-30.132.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-10917.html
  * https://www.suse.com/security/cve/CVE-2025-21502.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1233296
  * https://bugzilla.suse.com/show_bug.cgi?id=1236278
  * https://bugzilla.suse.com/show_bug.cgi?id=1236470

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250224/ed997d13/attachment.htm>

From null at suse.de  Mon Feb 24 12:30:47 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 24 Feb 2025 12:30:47 -0000
Subject: SUSE-SU-2025:0674-1: moderate: Security update for java-1_8_0-ibm
Message-ID: <174040024788.17653.2929588157046122327@smelt2.prg2.suse.org>



# Security update for java-1_8_0-ibm

Announcement ID: SUSE-SU-2025:0674-1  
Release Date: 2025-02-24T10:45:43Z  
Rating: moderate  
References:

  * bsc#1233296
  * bsc#1236278
  * bsc#1236470

  
Cross-References:

  * CVE-2024-10917
  * CVE-2025-21502

  
CVSS scores:

  * CVE-2024-10917 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-10917 ( SUSE ):  3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
  * CVE-2024-10917 ( NVD ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
  * CVE-2024-10917 ( NVD ):  3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
  * CVE-2025-21502 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-21502 ( SUSE ):  4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
  * CVE-2025-21502 ( NVD ):  4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

  
Affected Products:

  * Legacy Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves two vulnerabilities and has one security fix can now be
installed.

## Description:

This update for java-1_8_0-ibm fixes the following issues:

Update to Java 8.0 Service Refresh 8 Fix Pack 40 (bsc#1236470):

  * CVE-2025-21502: unauthenticated attacker can obtain unauthorized read and
    write access to data through the Hotspot component API (bsc#1236278).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-674=1

  * Legacy Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2025-674=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-674=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-674=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-674=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-674=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-674=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-674=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-674=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-674=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-674=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-674=1

## Package List:

  * openSUSE Leap 15.6 (nosrc ppc64le s390x x86_64)
    * java-1_8_0-ibm-1.8.0_sr8.40-150000.3.98.1
  * openSUSE Leap 15.6 (x86_64)
    * java-1_8_0-ibm-devel-32bit-1.8.0_sr8.40-150000.3.98.1
    * java-1_8_0-ibm-plugin-1.8.0_sr8.40-150000.3.98.1
    * java-1_8_0-ibm-32bit-1.8.0_sr8.40-150000.3.98.1
    * java-1_8_0-ibm-alsa-1.8.0_sr8.40-150000.3.98.1
  * openSUSE Leap 15.6 (ppc64le s390x x86_64)
    * java-1_8_0-ibm-src-1.8.0_sr8.40-150000.3.98.1
    * java-1_8_0-ibm-demo-1.8.0_sr8.40-150000.3.98.1
    * java-1_8_0-ibm-devel-1.8.0_sr8.40-150000.3.98.1
  * Legacy Module 15-SP6 (nosrc ppc64le s390x x86_64)
    * java-1_8_0-ibm-1.8.0_sr8.40-150000.3.98.1
  * Legacy Module 15-SP6 (ppc64le s390x x86_64)
    * java-1_8_0-ibm-devel-1.8.0_sr8.40-150000.3.98.1
  * Legacy Module 15-SP6 (x86_64)
    * java-1_8_0-ibm-plugin-1.8.0_sr8.40-150000.3.98.1
    * java-1_8_0-ibm-alsa-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (nosrc x86_64)
    * java-1_8_0-ibm-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64)
    * java-1_8_0-ibm-plugin-1.8.0_sr8.40-150000.3.98.1
    * java-1_8_0-ibm-alsa-1.8.0_sr8.40-150000.3.98.1
    * java-1_8_0-ibm-devel-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (nosrc x86_64)
    * java-1_8_0-ibm-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
    * java-1_8_0-ibm-plugin-1.8.0_sr8.40-150000.3.98.1
    * java-1_8_0-ibm-alsa-1.8.0_sr8.40-150000.3.98.1
    * java-1_8_0-ibm-devel-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (nosrc x86_64)
    * java-1_8_0-ibm-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
    * java-1_8_0-ibm-plugin-1.8.0_sr8.40-150000.3.98.1
    * java-1_8_0-ibm-alsa-1.8.0_sr8.40-150000.3.98.1
    * java-1_8_0-ibm-devel-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (nosrc ppc64le s390x x86_64)
    * java-1_8_0-ibm-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (ppc64le s390x x86_64)
    * java-1_8_0-ibm-devel-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (x86_64)
    * java-1_8_0-ibm-plugin-1.8.0_sr8.40-150000.3.98.1
    * java-1_8_0-ibm-alsa-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (nosrc ppc64le s390x x86_64)
    * java-1_8_0-ibm-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (ppc64le s390x x86_64)
    * java-1_8_0-ibm-devel-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64)
    * java-1_8_0-ibm-plugin-1.8.0_sr8.40-150000.3.98.1
    * java-1_8_0-ibm-alsa-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (nosrc ppc64le s390x x86_64)
    * java-1_8_0-ibm-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (ppc64le s390x x86_64)
    * java-1_8_0-ibm-devel-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64)
    * java-1_8_0-ibm-plugin-1.8.0_sr8.40-150000.3.98.1
    * java-1_8_0-ibm-alsa-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc ppc64le
    x86_64)
    * java-1_8_0-ibm-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * java-1_8_0-ibm-devel-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64)
    * java-1_8_0-ibm-plugin-1.8.0_sr8.40-150000.3.98.1
    * java-1_8_0-ibm-alsa-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (nosrc ppc64le
    x86_64)
    * java-1_8_0-ibm-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * java-1_8_0-ibm-devel-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
    * java-1_8_0-ibm-plugin-1.8.0_sr8.40-150000.3.98.1
    * java-1_8_0-ibm-alsa-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (nosrc ppc64le
    x86_64)
    * java-1_8_0-ibm-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * java-1_8_0-ibm-devel-1.8.0_sr8.40-150000.3.98.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64)
    * java-1_8_0-ibm-plugin-1.8.0_sr8.40-150000.3.98.1
    * java-1_8_0-ibm-alsa-1.8.0_sr8.40-150000.3.98.1
  * SUSE Enterprise Storage 7.1 (nosrc x86_64)
    * java-1_8_0-ibm-1.8.0_sr8.40-150000.3.98.1
  * SUSE Enterprise Storage 7.1 (x86_64)
    * java-1_8_0-ibm-plugin-1.8.0_sr8.40-150000.3.98.1
    * java-1_8_0-ibm-alsa-1.8.0_sr8.40-150000.3.98.1
    * java-1_8_0-ibm-devel-1.8.0_sr8.40-150000.3.98.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-10917.html
  * https://www.suse.com/security/cve/CVE-2025-21502.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1233296
  * https://bugzilla.suse.com/show_bug.cgi?id=1236278
  * https://bugzilla.suse.com/show_bug.cgi?id=1236470

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250224/71247330/attachment.htm>

From null at suse.de  Mon Feb 24 16:30:08 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 24 Feb 2025 16:30:08 -0000
Subject: SUSE-SU-2025:0687-1: important: Security update for the Linux Kernel
 (Live Patch 1 for SLE 15 SP6)
Message-ID: <174041460830.32650.4015296394365120927@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP6)

Announcement ID: SUSE-SU-2025:0687-1  
Release Date: 2025-02-24T15:33:20Z  
Rating: important  
References:

  * bsc#1227371
  * bsc#1228585
  * bsc#1236783

  
Cross-References:

  * CVE-2024-36974
  * CVE-2024-40956
  * CVE-2024-53104

  
CVSS scores:

  * CVE-2024-36974 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-40956 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-40956 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise Live Patching 15-SP4
  * SUSE Linux Enterprise Live Patching 15-SP6
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Real Time 15 SP4
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves three vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 6.4.0-150600_23_7 fixes several issues.

The following security issues were fixed:

  * CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in
    irq_process_work_list (bsc#1228585).
  * CVE-2024-36974: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP
    (bsc#1227371).
  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-697=1

  * SUSE Linux Enterprise Live Patching 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-697=1

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-687=1

  * SUSE Linux Enterprise Live Patching 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-687=1

## Package List:

  * openSUSE Leap 15.6 (ppc64le s390x x86_64)
    * kernel-livepatch-6_4_0-150600_23_7-default-debuginfo-9-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_7-default-9-150600.2.1
    * kernel-livepatch-SLE15-SP6_Update_1-debugsource-9-150600.2.1
  * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64)
    * kernel-livepatch-6_4_0-150600_23_7-default-debuginfo-9-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_7-default-9-150600.2.1
    * kernel-livepatch-SLE15-SP6_Update_1-debugsource-9-150600.2.1
  * openSUSE Leap 15.4 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP4_Update_28-debugsource-7-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_125-default-debuginfo-7-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_125-default-7-150400.2.1
  * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP4_Update_28-debugsource-7-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_125-default-debuginfo-7-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_125-default-7-150400.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-36974.html
  * https://www.suse.com/security/cve/CVE-2024-40956.html
  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1227371
  * https://bugzilla.suse.com/show_bug.cgi?id=1228585
  * https://bugzilla.suse.com/show_bug.cgi?id=1236783

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250224/4d65e97d/attachment.htm>

From null at suse.de  Mon Feb 24 16:30:11 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 24 Feb 2025 16:30:11 -0000
Subject: SUSE-RU-2025:0696-1: moderate: Recommended update for yast2-sap-ha
Message-ID: <174041461194.32650.4764655936116064227@smelt2.prg2.suse.org>



# Recommended update for yast2-sap-ha

Announcement ID: SUSE-RU-2025:0696-1  
Release Date: 2025-02-24T15:22:34Z  
Rating: moderate  
References:

  * bsc#1235773

  
Affected Products:

  * openSUSE Leap 15.6
  * SAP Applications Module 15-SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that has one fix can now be installed.

## Description:

This update for yast2-sap-ha fixes the following issues:

  * Version update 4.6.5.
  * yast sap_ha should check if HDB is running on primary (bsc#1235773).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-696=1 openSUSE-SLE-15.6-2025-696=1

  * SAP Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-SAP-Applications-15-SP6-2025-696=1

## Package List:

  * openSUSE Leap 15.6 (noarch)
    * yast2-sap-ha-4.6.5-150600.3.10.2
  * SAP Applications Module 15-SP6 (noarch)
    * yast2-sap-ha-4.6.5-150600.3.10.2

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1235773

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250224/88f5a7eb/attachment.htm>

From null at suse.de  Mon Feb 24 16:30:15 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 24 Feb 2025 16:30:15 -0000
Subject: SUSE-RU-2025:0695-1: moderate: Recommended update for virt-manager
Message-ID: <174041461546.32650.1301096642780485894@smelt2.prg2.suse.org>



# Recommended update for virt-manager

Announcement ID: SUSE-RU-2025:0695-1  
Release Date: 2025-02-24T15:11:48Z  
Rating: moderate  
References:

  * bsc#1236844

  
Affected Products:

  * openSUSE Leap 15.6
  * Server Applications Module 15-SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that has one fix can now be installed.

## Description:

This update for virt-manager fixes the following issue:

  * virt-install dry run reports false-negative runtime error "don't know how to
    create storage" (bsc#1236844).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-695=1 openSUSE-SLE-15.6-2025-695=1

  * Server Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-695=1

## Package List:

  * openSUSE Leap 15.6 (noarch)
    * virt-install-4.1.0-150600.12.6.2
    * virt-manager-common-4.1.0-150600.12.6.2
    * virt-manager-4.1.0-150600.12.6.2
  * Server Applications Module 15-SP6 (noarch)
    * virt-install-4.1.0-150600.12.6.2
    * virt-manager-common-4.1.0-150600.12.6.2
    * virt-manager-4.1.0-150600.12.6.2

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1236844

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250224/a8677ab4/attachment.htm>

From null at suse.de  Mon Feb 24 16:30:18 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 24 Feb 2025 16:30:18 -0000
Subject: SUSE-RU-2025:0694-1: moderate: Recommended update for openssl-ibmca
Message-ID: <174041461806.32650.105957047622477427@smelt2.prg2.suse.org>



# Recommended update for openssl-ibmca

Announcement ID: SUSE-RU-2025:0694-1  
Release Date: 2025-02-24T14:40:32Z  
Rating: moderate  
References:

  * bsc#1237344

  
Affected Products:

  * openSUSE Leap 15.6
  * Server Applications Module 15-SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that has one fix can now be installed.

## Description:

This update for openssl-ibmca fixes the following issue:

  * Applied patch related to ibmca errors (bsc#1237344).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-694=1 openSUSE-SLE-15.6-2025-694=1

  * Server Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-694=1

## Package List:

  * openSUSE Leap 15.6 (s390x)
    * openssl-ibmca-engine-debugsource-2.4.1-150600.6.9.2
    * openssl1_1-ibmca-debugsource-2.4.1-150600.6.9.2
    * openssl-ibmca-engine-2.4.1-150600.6.9.2
    * openssl-ibmca-provider-debuginfo-2.4.1-150600.6.9.2
    * openssl-ibmca-provider-2.4.1-150600.6.9.2
    * openssl-ibmca-provider-debugsource-2.4.1-150600.6.9.2
    * openssl-ibmca-2.4.1-150600.6.9.2
    * openssl1_1-ibmca-2.4.1-150600.6.9.2
    * openssl-ibmca-debuginfo-2.4.1-150600.6.9.2
    * openssl1_1-ibmca-debuginfo-2.4.1-150600.6.9.2
    * openssl-ibmca-debugsource-2.4.1-150600.6.9.2
    * openssl-ibmca-engine-debuginfo-2.4.1-150600.6.9.2
  * Server Applications Module 15-SP6 (s390x)
    * openssl-ibmca-engine-debugsource-2.4.1-150600.6.9.2
    * openssl1_1-ibmca-debugsource-2.4.1-150600.6.9.2
    * openssl-ibmca-engine-2.4.1-150600.6.9.2
    * openssl-ibmca-provider-debuginfo-2.4.1-150600.6.9.2
    * openssl-ibmca-provider-2.4.1-150600.6.9.2
    * openssl-ibmca-provider-debugsource-2.4.1-150600.6.9.2
    * openssl-ibmca-2.4.1-150600.6.9.2
    * openssl1_1-ibmca-2.4.1-150600.6.9.2
    * openssl-ibmca-debuginfo-2.4.1-150600.6.9.2
    * openssl1_1-ibmca-debuginfo-2.4.1-150600.6.9.2
    * openssl-ibmca-debugsource-2.4.1-150600.6.9.2
    * openssl-ibmca-engine-debuginfo-2.4.1-150600.6.9.2

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1237344

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250224/9d84b96f/attachment.htm>

From null at suse.de  Mon Feb 24 16:30:19 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 24 Feb 2025 16:30:19 -0000
Subject: SUSE-RU-2025:0693-1: moderate: Recommended update for
 csp-billing-adapter
Message-ID: <174041461918.32650.3855755748062876721@smelt2.prg2.suse.org>



# Recommended update for csp-billing-adapter

Announcement ID: SUSE-RU-2025:0693-1  
Release Date: 2025-02-24T14:34:13Z  
Rating: moderate  
References:

  
Affected Products:

  * openSUSE Leap 15.4
  * openSUSE Leap 15.6
  * Public Cloud Module 15-SP4
  * Public Cloud Module 15-SP5
  * Public Cloud Module 15-SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that can now be installed.

## Description:

This update for csp-billing-adapter fixes the following issue:

  * Version update 1.2.0.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-693=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-693=1

  * Public Cloud Module 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-693=1

  * Public Cloud Module 15-SP5  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2025-693=1

  * Public Cloud Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-693=1

## Package List:

  * openSUSE Leap 15.4 (noarch)
    * python311-csp-billing-adapter-1.2.0-150400.9.28.2
    * csp-billing-adapter-service-1.2.0-150400.9.28.2
  * openSUSE Leap 15.6 (noarch)
    * csp-billing-adapter-service-1.2.0-150400.9.28.2
  * Public Cloud Module 15-SP4 (noarch)
    * python311-csp-billing-adapter-1.2.0-150400.9.28.2
    * csp-billing-adapter-service-1.2.0-150400.9.28.2
  * Public Cloud Module 15-SP5 (noarch)
    * python311-csp-billing-adapter-1.2.0-150400.9.28.2
    * csp-billing-adapter-service-1.2.0-150400.9.28.2
  * Public Cloud Module 15-SP6 (noarch)
    * python311-csp-billing-adapter-1.2.0-150400.9.28.2
    * csp-billing-adapter-service-1.2.0-150400.9.28.2

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250224/a1fc065a/attachment.htm>

From null at suse.de  Mon Feb 24 16:30:24 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 24 Feb 2025 16:30:24 -0000
Subject: SUSE-SU-2025:0692-1: important: Security update for qemu
Message-ID: <174041462420.32650.17729761836483282217@smelt2.prg2.suse.org>



# Security update for qemu

Announcement ID: SUSE-SU-2025:0692-1  
Release Date: 2025-02-24T14:21:31Z  
Rating: important  
References:

  * bsc#1219722
  * bsc#1219733
  * bsc#1222845
  * bsc#1229007
  * bsc#1230915

  
Cross-References:

  * CVE-2024-3447
  * CVE-2024-7409
  * CVE-2024-8612

  
CVSS scores:

  * CVE-2024-3447 ( SUSE ):  6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
  * CVE-2024-3447 ( NVD ):  6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
  * CVE-2024-7409 ( SUSE ):  8.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-7409 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-7409 ( NVD ):  7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-8612 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-8612 ( SUSE ):  3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
  * CVE-2024-8612 ( NVD ):  3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N

  
Affected Products:

  * openSUSE Leap 15.3
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.2
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3

  
  
An update that solves three vulnerabilities and has two security fixes can now
be installed.

## Description:

This update for qemu fixes the following issues:

  * CVE-2024-8612: Fixed information leak in virtio devices (bsc#1230915).
  * CVE-2024-7409: Fixed denial of service via improper synchronization in QEMU
    NBD Server during socket closure (bsc#1229007).
  * CVE-2024-3447: Fixed heap buffer overflow in sdhci_write_dataport()
    (bsc#1222845).

Other fixes:

  * Fix ipxe build with new binutils (bsc#1219733, bsc#1219722).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-692=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-692=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-692=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-692=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-692=1

  * SUSE Linux Enterprise Micro 5.1  
    zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-692=1

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-692=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-692=1

## Package List:

  * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
    * qemu-ui-curses-5.2.0-150300.135.1
    * qemu-audio-pa-debuginfo-5.2.0-150300.135.1
    * qemu-ivshmem-tools-debuginfo-5.2.0-150300.135.1
    * qemu-block-iscsi-debuginfo-5.2.0-150300.135.1
    * qemu-audio-alsa-debuginfo-5.2.0-150300.135.1
    * qemu-lang-5.2.0-150300.135.1
    * qemu-ui-opengl-debuginfo-5.2.0-150300.135.1
    * qemu-hw-usb-smartcard-debuginfo-5.2.0-150300.135.1
    * qemu-block-dmg-5.2.0-150300.135.1
    * qemu-extra-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-pci-debuginfo-5.2.0-150300.135.1
    * qemu-hw-display-virtio-vga-debuginfo-5.2.0-150300.135.1
    * qemu-block-gluster-5.2.0-150300.135.1
    * qemu-hw-usb-redirect-5.2.0-150300.135.1
    * qemu-arm-debuginfo-5.2.0-150300.135.1
    * qemu-block-dmg-debuginfo-5.2.0-150300.135.1
    * qemu-tools-debuginfo-5.2.0-150300.135.1
    * qemu-vhost-user-gpu-debuginfo-5.2.0-150300.135.1
    * qemu-x86-debuginfo-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-pci-5.2.0-150300.135.1
    * qemu-ui-opengl-5.2.0-150300.135.1
    * qemu-hw-display-qxl-5.2.0-150300.135.1
    * qemu-hw-display-virtio-vga-5.2.0-150300.135.1
    * qemu-chardev-spice-5.2.0-150300.135.1
    * qemu-ivshmem-tools-5.2.0-150300.135.1
    * qemu-ui-spice-core-debuginfo-5.2.0-150300.135.1
    * qemu-hw-display-qxl-debuginfo-5.2.0-150300.135.1
    * qemu-ppc-debuginfo-5.2.0-150300.135.1
    * qemu-linux-user-5.2.0-150300.135.1
    * qemu-audio-alsa-5.2.0-150300.135.1
    * qemu-debugsource-5.2.0-150300.135.1
    * qemu-extra-debuginfo-5.2.0-150300.135.1
    * qemu-hw-usb-smartcard-5.2.0-150300.135.1
    * qemu-chardev-baum-5.2.0-150300.135.1
    * qemu-audio-spice-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-debuginfo-5.2.0-150300.135.1
    * qemu-block-curl-debuginfo-5.2.0-150300.135.1
    * qemu-debuginfo-5.2.0-150300.135.1
    * qemu-guest-agent-debuginfo-5.2.0-150300.135.1
    * qemu-guest-agent-5.2.0-150300.135.1
    * qemu-hw-s390x-virtio-gpu-ccw-debuginfo-5.2.0-150300.135.1
    * qemu-block-ssh-debuginfo-5.2.0-150300.135.1
    * qemu-s390x-5.2.0-150300.135.1
    * qemu-vhost-user-gpu-5.2.0-150300.135.1
    * qemu-ui-gtk-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-5.2.0-150300.135.1
    * qemu-5.2.0-150300.135.1
    * qemu-s390x-debuginfo-5.2.0-150300.135.1
    * qemu-linux-user-debuginfo-5.2.0-150300.135.1
    * qemu-hw-s390x-virtio-gpu-ccw-5.2.0-150300.135.1
    * qemu-block-iscsi-5.2.0-150300.135.1
    * qemu-arm-5.2.0-150300.135.1
    * qemu-audio-spice-debuginfo-5.2.0-150300.135.1
    * qemu-block-curl-5.2.0-150300.135.1
    * qemu-tools-5.2.0-150300.135.1
    * qemu-ui-gtk-debuginfo-5.2.0-150300.135.1
    * qemu-ksm-5.2.0-150300.135.1
    * qemu-ui-spice-app-debuginfo-5.2.0-150300.135.1
    * qemu-hw-usb-redirect-debuginfo-5.2.0-150300.135.1
    * qemu-x86-5.2.0-150300.135.1
    * qemu-ui-curses-debuginfo-5.2.0-150300.135.1
    * qemu-ui-spice-app-5.2.0-150300.135.1
    * qemu-ui-spice-core-5.2.0-150300.135.1
    * qemu-block-gluster-debuginfo-5.2.0-150300.135.1
    * qemu-chardev-spice-debuginfo-5.2.0-150300.135.1
    * qemu-chardev-baum-debuginfo-5.2.0-150300.135.1
    * qemu-testsuite-5.2.0-150300.135.1
    * qemu-linux-user-debugsource-5.2.0-150300.135.1
    * qemu-block-nfs-debuginfo-5.2.0-150300.135.1
    * qemu-block-ssh-5.2.0-150300.135.1
    * qemu-ppc-5.2.0-150300.135.1
    * qemu-audio-pa-5.2.0-150300.135.1
    * qemu-block-nfs-5.2.0-150300.135.1
  * openSUSE Leap 15.3 (s390x x86_64 i586)
    * qemu-kvm-5.2.0-150300.135.1
  * openSUSE Leap 15.3 (noarch)
    * qemu-vgabios-1.14.0_0_g155821a-150300.135.1
    * qemu-seabios-1.14.0_0_g155821a-150300.135.1
    * qemu-ipxe-1.0.0+-150300.135.1
    * qemu-microvm-5.2.0-150300.135.1
    * qemu-sgabios-8-150300.135.1
    * qemu-skiboot-5.2.0-150300.135.1
    * qemu-SLOF-5.2.0-150300.135.1
  * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64)
    * qemu-block-rbd-5.2.0-150300.135.1
    * qemu-block-rbd-debuginfo-5.2.0-150300.135.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * qemu-ui-curses-5.2.0-150300.135.1
    * qemu-block-iscsi-debuginfo-5.2.0-150300.135.1
    * qemu-lang-5.2.0-150300.135.1
    * qemu-ui-opengl-debuginfo-5.2.0-150300.135.1
    * qemu-hw-display-virtio-vga-debuginfo-5.2.0-150300.135.1
    * qemu-hw-usb-redirect-5.2.0-150300.135.1
    * qemu-tools-debuginfo-5.2.0-150300.135.1
    * qemu-ui-opengl-5.2.0-150300.135.1
    * qemu-hw-display-qxl-5.2.0-150300.135.1
    * qemu-hw-display-virtio-vga-5.2.0-150300.135.1
    * qemu-chardev-spice-5.2.0-150300.135.1
    * qemu-ui-spice-core-debuginfo-5.2.0-150300.135.1
    * qemu-hw-display-qxl-debuginfo-5.2.0-150300.135.1
    * qemu-debugsource-5.2.0-150300.135.1
    * qemu-chardev-baum-5.2.0-150300.135.1
    * qemu-block-curl-debuginfo-5.2.0-150300.135.1
    * qemu-debuginfo-5.2.0-150300.135.1
    * qemu-guest-agent-debuginfo-5.2.0-150300.135.1
    * qemu-guest-agent-5.2.0-150300.135.1
    * qemu-block-rbd-5.2.0-150300.135.1
    * qemu-block-ssh-debuginfo-5.2.0-150300.135.1
    * qemu-ui-gtk-5.2.0-150300.135.1
    * qemu-5.2.0-150300.135.1
    * qemu-block-iscsi-5.2.0-150300.135.1
    * qemu-audio-spice-debuginfo-5.2.0-150300.135.1
    * qemu-block-curl-5.2.0-150300.135.1
    * qemu-tools-5.2.0-150300.135.1
    * qemu-ui-gtk-debuginfo-5.2.0-150300.135.1
    * qemu-ksm-5.2.0-150300.135.1
    * qemu-ui-spice-app-debuginfo-5.2.0-150300.135.1
    * qemu-hw-usb-redirect-debuginfo-5.2.0-150300.135.1
    * qemu-ui-curses-debuginfo-5.2.0-150300.135.1
    * qemu-ui-spice-app-5.2.0-150300.135.1
    * qemu-ui-spice-core-5.2.0-150300.135.1
    * qemu-chardev-spice-debuginfo-5.2.0-150300.135.1
    * qemu-chardev-baum-debuginfo-5.2.0-150300.135.1
    * qemu-block-rbd-debuginfo-5.2.0-150300.135.1
    * qemu-block-ssh-5.2.0-150300.135.1
    * qemu-audio-spice-5.2.0-150300.135.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64)
    * qemu-arm-5.2.0-150300.135.1
    * qemu-arm-debuginfo-5.2.0-150300.135.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * qemu-seabios-1.14.0_0_g155821a-150300.135.1
    * qemu-vgabios-1.14.0_0_g155821a-150300.135.1
    * qemu-ipxe-1.0.0+-150300.135.1
    * qemu-sgabios-8-150300.135.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64)
    * qemu-audio-pa-debuginfo-5.2.0-150300.135.1
    * qemu-audio-alsa-debuginfo-5.2.0-150300.135.1
    * qemu-audio-alsa-5.2.0-150300.135.1
    * qemu-kvm-5.2.0-150300.135.1
    * qemu-x86-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-debuginfo-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-pci-debuginfo-5.2.0-150300.135.1
    * qemu-x86-debuginfo-5.2.0-150300.135.1
    * qemu-audio-pa-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-pci-5.2.0-150300.135.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * qemu-ui-curses-5.2.0-150300.135.1
    * qemu-block-iscsi-debuginfo-5.2.0-150300.135.1
    * qemu-lang-5.2.0-150300.135.1
    * qemu-tools-debuginfo-5.2.0-150300.135.1
    * qemu-debugsource-5.2.0-150300.135.1
    * qemu-chardev-baum-5.2.0-150300.135.1
    * qemu-block-curl-debuginfo-5.2.0-150300.135.1
    * qemu-debuginfo-5.2.0-150300.135.1
    * qemu-guest-agent-debuginfo-5.2.0-150300.135.1
    * qemu-guest-agent-5.2.0-150300.135.1
    * qemu-block-rbd-5.2.0-150300.135.1
    * qemu-block-ssh-debuginfo-5.2.0-150300.135.1
    * qemu-5.2.0-150300.135.1
    * qemu-block-iscsi-5.2.0-150300.135.1
    * qemu-block-curl-5.2.0-150300.135.1
    * qemu-tools-5.2.0-150300.135.1
    * qemu-ksm-5.2.0-150300.135.1
    * qemu-ui-curses-debuginfo-5.2.0-150300.135.1
    * qemu-chardev-baum-debuginfo-5.2.0-150300.135.1
    * qemu-block-rbd-debuginfo-5.2.0-150300.135.1
    * qemu-block-ssh-5.2.0-150300.135.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64)
    * qemu-arm-5.2.0-150300.135.1
    * qemu-arm-debuginfo-5.2.0-150300.135.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le x86_64)
    * qemu-hw-display-qxl-5.2.0-150300.135.1
    * qemu-hw-display-virtio-vga-5.2.0-150300.135.1
    * qemu-chardev-spice-5.2.0-150300.135.1
    * qemu-ui-gtk-debuginfo-5.2.0-150300.135.1
    * qemu-ui-spice-core-debuginfo-5.2.0-150300.135.1
    * qemu-hw-display-qxl-debuginfo-5.2.0-150300.135.1
    * qemu-ui-spice-app-debuginfo-5.2.0-150300.135.1
    * qemu-hw-usb-redirect-debuginfo-5.2.0-150300.135.1
    * qemu-ui-opengl-debuginfo-5.2.0-150300.135.1
    * qemu-ui-spice-app-5.2.0-150300.135.1
    * qemu-ui-spice-core-5.2.0-150300.135.1
    * qemu-chardev-spice-debuginfo-5.2.0-150300.135.1
    * qemu-ui-gtk-5.2.0-150300.135.1
    * qemu-audio-spice-5.2.0-150300.135.1
    * qemu-hw-display-virtio-vga-debuginfo-5.2.0-150300.135.1
    * qemu-hw-usb-redirect-5.2.0-150300.135.1
    * qemu-audio-spice-debuginfo-5.2.0-150300.135.1
    * qemu-ui-opengl-5.2.0-150300.135.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * qemu-vgabios-1.14.0_0_g155821a-150300.135.1
    * qemu-seabios-1.14.0_0_g155821a-150300.135.1
    * qemu-ipxe-1.0.0+-150300.135.1
    * qemu-sgabios-8-150300.135.1
    * qemu-skiboot-5.2.0-150300.135.1
    * qemu-SLOF-5.2.0-150300.135.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (ppc64le)
    * qemu-ppc-5.2.0-150300.135.1
    * qemu-ppc-debuginfo-5.2.0-150300.135.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (s390x x86_64)
    * qemu-kvm-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-debuginfo-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-pci-debuginfo-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-pci-5.2.0-150300.135.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (s390x)
    * qemu-hw-s390x-virtio-gpu-ccw-5.2.0-150300.135.1
    * qemu-s390x-5.2.0-150300.135.1
    * qemu-hw-s390x-virtio-gpu-ccw-debuginfo-5.2.0-150300.135.1
    * qemu-s390x-debuginfo-5.2.0-150300.135.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (x86_64)
    * qemu-audio-pa-debuginfo-5.2.0-150300.135.1
    * qemu-audio-alsa-debuginfo-5.2.0-150300.135.1
    * qemu-audio-alsa-5.2.0-150300.135.1
    * qemu-x86-5.2.0-150300.135.1
    * qemu-x86-debuginfo-5.2.0-150300.135.1
    * qemu-audio-pa-5.2.0-150300.135.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * qemu-ui-curses-5.2.0-150300.135.1
    * qemu-block-iscsi-debuginfo-5.2.0-150300.135.1
    * qemu-lang-5.2.0-150300.135.1
    * qemu-ui-opengl-debuginfo-5.2.0-150300.135.1
    * qemu-hw-display-virtio-vga-debuginfo-5.2.0-150300.135.1
    * qemu-hw-usb-redirect-5.2.0-150300.135.1
    * qemu-tools-debuginfo-5.2.0-150300.135.1
    * qemu-ui-opengl-5.2.0-150300.135.1
    * qemu-hw-display-qxl-5.2.0-150300.135.1
    * qemu-hw-display-virtio-vga-5.2.0-150300.135.1
    * qemu-chardev-spice-5.2.0-150300.135.1
    * qemu-ui-spice-core-debuginfo-5.2.0-150300.135.1
    * qemu-hw-display-qxl-debuginfo-5.2.0-150300.135.1
    * qemu-debugsource-5.2.0-150300.135.1
    * qemu-chardev-baum-5.2.0-150300.135.1
    * qemu-block-curl-debuginfo-5.2.0-150300.135.1
    * qemu-debuginfo-5.2.0-150300.135.1
    * qemu-guest-agent-debuginfo-5.2.0-150300.135.1
    * qemu-guest-agent-5.2.0-150300.135.1
    * qemu-block-rbd-5.2.0-150300.135.1
    * qemu-block-ssh-debuginfo-5.2.0-150300.135.1
    * qemu-ui-gtk-5.2.0-150300.135.1
    * qemu-5.2.0-150300.135.1
    * qemu-block-iscsi-5.2.0-150300.135.1
    * qemu-audio-spice-debuginfo-5.2.0-150300.135.1
    * qemu-block-curl-5.2.0-150300.135.1
    * qemu-tools-5.2.0-150300.135.1
    * qemu-ui-gtk-debuginfo-5.2.0-150300.135.1
    * qemu-ksm-5.2.0-150300.135.1
    * qemu-ui-spice-app-debuginfo-5.2.0-150300.135.1
    * qemu-hw-usb-redirect-debuginfo-5.2.0-150300.135.1
    * qemu-ui-curses-debuginfo-5.2.0-150300.135.1
    * qemu-ui-spice-app-5.2.0-150300.135.1
    * qemu-ui-spice-core-5.2.0-150300.135.1
    * qemu-chardev-spice-debuginfo-5.2.0-150300.135.1
    * qemu-chardev-baum-debuginfo-5.2.0-150300.135.1
    * qemu-block-rbd-debuginfo-5.2.0-150300.135.1
    * qemu-block-ssh-5.2.0-150300.135.1
    * qemu-audio-spice-5.2.0-150300.135.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * qemu-vgabios-1.14.0_0_g155821a-150300.135.1
    * qemu-seabios-1.14.0_0_g155821a-150300.135.1
    * qemu-ipxe-1.0.0+-150300.135.1
    * qemu-sgabios-8-150300.135.1
    * qemu-skiboot-5.2.0-150300.135.1
    * qemu-SLOF-5.2.0-150300.135.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le)
    * qemu-ppc-5.2.0-150300.135.1
    * qemu-ppc-debuginfo-5.2.0-150300.135.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64)
    * qemu-audio-pa-debuginfo-5.2.0-150300.135.1
    * qemu-audio-alsa-debuginfo-5.2.0-150300.135.1
    * qemu-audio-alsa-5.2.0-150300.135.1
    * qemu-kvm-5.2.0-150300.135.1
    * qemu-x86-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-debuginfo-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-pci-debuginfo-5.2.0-150300.135.1
    * qemu-x86-debuginfo-5.2.0-150300.135.1
    * qemu-audio-pa-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-pci-5.2.0-150300.135.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * qemu-ui-curses-5.2.0-150300.135.1
    * qemu-block-iscsi-debuginfo-5.2.0-150300.135.1
    * qemu-lang-5.2.0-150300.135.1
    * qemu-ui-opengl-debuginfo-5.2.0-150300.135.1
    * qemu-hw-display-virtio-vga-debuginfo-5.2.0-150300.135.1
    * qemu-hw-usb-redirect-5.2.0-150300.135.1
    * qemu-tools-debuginfo-5.2.0-150300.135.1
    * qemu-ui-opengl-5.2.0-150300.135.1
    * qemu-hw-display-qxl-5.2.0-150300.135.1
    * qemu-hw-display-virtio-vga-5.2.0-150300.135.1
    * qemu-chardev-spice-5.2.0-150300.135.1
    * qemu-ui-spice-core-debuginfo-5.2.0-150300.135.1
    * qemu-hw-display-qxl-debuginfo-5.2.0-150300.135.1
    * qemu-debugsource-5.2.0-150300.135.1
    * qemu-chardev-baum-5.2.0-150300.135.1
    * qemu-block-curl-debuginfo-5.2.0-150300.135.1
    * qemu-debuginfo-5.2.0-150300.135.1
    * qemu-guest-agent-debuginfo-5.2.0-150300.135.1
    * qemu-guest-agent-5.2.0-150300.135.1
    * qemu-block-rbd-5.2.0-150300.135.1
    * qemu-block-ssh-debuginfo-5.2.0-150300.135.1
    * qemu-ui-gtk-5.2.0-150300.135.1
    * qemu-5.2.0-150300.135.1
    * qemu-block-iscsi-5.2.0-150300.135.1
    * qemu-audio-spice-debuginfo-5.2.0-150300.135.1
    * qemu-block-curl-5.2.0-150300.135.1
    * qemu-tools-5.2.0-150300.135.1
    * qemu-ui-gtk-debuginfo-5.2.0-150300.135.1
    * qemu-ksm-5.2.0-150300.135.1
    * qemu-ui-spice-app-debuginfo-5.2.0-150300.135.1
    * qemu-hw-usb-redirect-debuginfo-5.2.0-150300.135.1
    * qemu-ui-curses-debuginfo-5.2.0-150300.135.1
    * qemu-ui-spice-app-5.2.0-150300.135.1
    * qemu-ui-spice-core-5.2.0-150300.135.1
    * qemu-chardev-spice-debuginfo-5.2.0-150300.135.1
    * qemu-chardev-baum-debuginfo-5.2.0-150300.135.1
    * qemu-block-rbd-debuginfo-5.2.0-150300.135.1
    * qemu-block-ssh-5.2.0-150300.135.1
    * qemu-audio-spice-5.2.0-150300.135.1
  * SUSE Enterprise Storage 7.1 (aarch64)
    * qemu-arm-5.2.0-150300.135.1
    * qemu-arm-debuginfo-5.2.0-150300.135.1
  * SUSE Enterprise Storage 7.1 (noarch)
    * qemu-seabios-1.14.0_0_g155821a-150300.135.1
    * qemu-vgabios-1.14.0_0_g155821a-150300.135.1
    * qemu-ipxe-1.0.0+-150300.135.1
    * qemu-sgabios-8-150300.135.1
  * SUSE Enterprise Storage 7.1 (x86_64)
    * qemu-audio-pa-debuginfo-5.2.0-150300.135.1
    * qemu-audio-alsa-debuginfo-5.2.0-150300.135.1
    * qemu-audio-alsa-5.2.0-150300.135.1
    * qemu-kvm-5.2.0-150300.135.1
    * qemu-x86-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-debuginfo-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-pci-debuginfo-5.2.0-150300.135.1
    * qemu-x86-debuginfo-5.2.0-150300.135.1
    * qemu-audio-pa-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-pci-5.2.0-150300.135.1
  * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
    * qemu-tools-5.2.0-150300.135.1
    * qemu-debugsource-5.2.0-150300.135.1
    * qemu-5.2.0-150300.135.1
    * qemu-tools-debuginfo-5.2.0-150300.135.1
    * qemu-debuginfo-5.2.0-150300.135.1
  * SUSE Linux Enterprise Micro 5.1 (aarch64)
    * qemu-arm-5.2.0-150300.135.1
    * qemu-arm-debuginfo-5.2.0-150300.135.1
  * SUSE Linux Enterprise Micro 5.1 (noarch)
    * qemu-seabios-1.14.0_0_g155821a-150300.135.1
    * qemu-vgabios-1.14.0_0_g155821a-150300.135.1
    * qemu-ipxe-1.0.0+-150300.135.1
    * qemu-sgabios-8-150300.135.1
  * SUSE Linux Enterprise Micro 5.1 (s390x)
    * qemu-s390x-debuginfo-5.2.0-150300.135.1
    * qemu-s390x-5.2.0-150300.135.1
  * SUSE Linux Enterprise Micro 5.1 (x86_64)
    * qemu-x86-5.2.0-150300.135.1
    * qemu-x86-debuginfo-5.2.0-150300.135.1
  * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
    * qemu-ui-opengl-debuginfo-5.2.0-150300.135.1
    * qemu-hw-display-virtio-vga-debuginfo-5.2.0-150300.135.1
    * qemu-hw-usb-redirect-5.2.0-150300.135.1
    * qemu-tools-debuginfo-5.2.0-150300.135.1
    * qemu-ui-opengl-5.2.0-150300.135.1
    * qemu-hw-display-qxl-5.2.0-150300.135.1
    * qemu-hw-display-virtio-vga-5.2.0-150300.135.1
    * qemu-chardev-spice-5.2.0-150300.135.1
    * qemu-ui-spice-core-debuginfo-5.2.0-150300.135.1
    * qemu-hw-display-qxl-debuginfo-5.2.0-150300.135.1
    * qemu-debugsource-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-debuginfo-5.2.0-150300.135.1
    * qemu-debuginfo-5.2.0-150300.135.1
    * qemu-guest-agent-debuginfo-5.2.0-150300.135.1
    * qemu-guest-agent-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-5.2.0-150300.135.1
    * qemu-5.2.0-150300.135.1
    * qemu-audio-spice-debuginfo-5.2.0-150300.135.1
    * qemu-tools-5.2.0-150300.135.1
    * qemu-hw-usb-redirect-debuginfo-5.2.0-150300.135.1
    * qemu-ui-spice-core-5.2.0-150300.135.1
    * qemu-chardev-spice-debuginfo-5.2.0-150300.135.1
    * qemu-audio-spice-5.2.0-150300.135.1
  * SUSE Linux Enterprise Micro 5.2 (aarch64)
    * qemu-arm-5.2.0-150300.135.1
    * qemu-arm-debuginfo-5.2.0-150300.135.1
  * SUSE Linux Enterprise Micro 5.2 (noarch)
    * qemu-seabios-1.14.0_0_g155821a-150300.135.1
    * qemu-vgabios-1.14.0_0_g155821a-150300.135.1
    * qemu-ipxe-1.0.0+-150300.135.1
    * qemu-sgabios-8-150300.135.1
  * SUSE Linux Enterprise Micro 5.2 (s390x)
    * qemu-s390x-debuginfo-5.2.0-150300.135.1
    * qemu-s390x-5.2.0-150300.135.1
  * SUSE Linux Enterprise Micro 5.2 (x86_64)
    * qemu-x86-5.2.0-150300.135.1
    * qemu-x86-debuginfo-5.2.0-150300.135.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
    * qemu-ui-opengl-debuginfo-5.2.0-150300.135.1
    * qemu-hw-display-virtio-vga-debuginfo-5.2.0-150300.135.1
    * qemu-hw-usb-redirect-5.2.0-150300.135.1
    * qemu-tools-debuginfo-5.2.0-150300.135.1
    * qemu-ui-opengl-5.2.0-150300.135.1
    * qemu-hw-display-qxl-5.2.0-150300.135.1
    * qemu-hw-display-virtio-vga-5.2.0-150300.135.1
    * qemu-chardev-spice-5.2.0-150300.135.1
    * qemu-ui-spice-core-debuginfo-5.2.0-150300.135.1
    * qemu-hw-display-qxl-debuginfo-5.2.0-150300.135.1
    * qemu-debugsource-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-debuginfo-5.2.0-150300.135.1
    * qemu-debuginfo-5.2.0-150300.135.1
    * qemu-guest-agent-debuginfo-5.2.0-150300.135.1
    * qemu-guest-agent-5.2.0-150300.135.1
    * qemu-hw-display-virtio-gpu-5.2.0-150300.135.1
    * qemu-5.2.0-150300.135.1
    * qemu-audio-spice-debuginfo-5.2.0-150300.135.1
    * qemu-tools-5.2.0-150300.135.1
    * qemu-hw-usb-redirect-debuginfo-5.2.0-150300.135.1
    * qemu-ui-spice-core-5.2.0-150300.135.1
    * qemu-chardev-spice-debuginfo-5.2.0-150300.135.1
    * qemu-audio-spice-5.2.0-150300.135.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64)
    * qemu-arm-5.2.0-150300.135.1
    * qemu-arm-debuginfo-5.2.0-150300.135.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch)
    * qemu-seabios-1.14.0_0_g155821a-150300.135.1
    * qemu-vgabios-1.14.0_0_g155821a-150300.135.1
    * qemu-ipxe-1.0.0+-150300.135.1
    * qemu-sgabios-8-150300.135.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (s390x)
    * qemu-s390x-debuginfo-5.2.0-150300.135.1
    * qemu-s390x-5.2.0-150300.135.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64)
    * qemu-x86-5.2.0-150300.135.1
    * qemu-x86-debuginfo-5.2.0-150300.135.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-3447.html
  * https://www.suse.com/security/cve/CVE-2024-7409.html
  * https://www.suse.com/security/cve/CVE-2024-8612.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1219722
  * https://bugzilla.suse.com/show_bug.cgi?id=1219733
  * https://bugzilla.suse.com/show_bug.cgi?id=1222845
  * https://bugzilla.suse.com/show_bug.cgi?id=1229007
  * https://bugzilla.suse.com/show_bug.cgi?id=1230915

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250224/b4ec95c0/attachment.htm>

From null at suse.de  Mon Feb 24 16:30:28 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 24 Feb 2025 16:30:28 -0000
Subject: SUSE-SU-2025:0691-1: important: Security update for webkit2gtk3
Message-ID: <174041462824.32650.11906044766981384987@smelt2.prg2.suse.org>



# Security update for webkit2gtk3

Announcement ID: SUSE-SU-2025:0691-1  
Release Date: 2025-02-24T13:12:41Z  
Rating: important  
References:

  * bsc#1236946

  
Cross-References:

  * CVE-2024-27856
  * CVE-2024-54543
  * CVE-2024-54658
  * CVE-2025-24143
  * CVE-2025-24150
  * CVE-2025-24158
  * CVE-2025-24162

  
CVSS scores:

  * CVE-2024-27856 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-27856 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-27856 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-54543 ( SUSE ):  7.2
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-54543 ( SUSE ):  8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
  * CVE-2024-54543 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-54543 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-54658 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-54658 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2024-54658 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2025-24143 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-24143 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
  * CVE-2025-24143 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
  * CVE-2025-24143 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
  * CVE-2025-24150 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-24150 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-24150 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-24150 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-24158 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-24158 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2025-24158 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2025-24162 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-24162 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2025-24162 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * Desktop Applications Module 15-SP6
  * Development Tools Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves seven vulnerabilities can now be installed.

## Description:

This update for webkit2gtk3 fixes the following issues:

Update to version 2.46.6 (bsc#1236946):

  * CVE-2025-24143: A maliciously crafted webpage may be able to fingerprint the
    user.
  * CVE-2025-24150: Copying a URL from Web Inspector may lead to command
    injection.
  * CVE-2025-24158: Processing web content may lead to a denial-of-service.
  * CVE-2025-24162: Processing maliciously crafted web content may lead to an
    unexpected process crash.

Already fixed in previous releases:

  * CVE-2024-54543: Processing maliciously crafted web content may lead to
    memory corruption.
  * CVE-2024-27856: Processing a file may lead to unexpected app termination or
    arbitrary code execution.
  * CVE-2024-54658: Processing web content may lead to a denial-of-service.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-691=1 openSUSE-SLE-15.6-2025-691=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-691=1

  * Desktop Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-691=1

  * Development Tools Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-691=1

## Package List:

  * openSUSE Leap 15.6 (noarch)
    * WebKitGTK-6.0-lang-2.46.6-150600.12.27.1
    * WebKitGTK-4.0-lang-2.46.6-150600.12.27.1
    * WebKitGTK-4.1-lang-2.46.6-150600.12.27.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150600.12.27.1
    * webkit2gtk3-minibrowser-2.46.6-150600.12.27.1
    * libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150600.12.27.1
    * webkit2gtk3-debugsource-2.46.6-150600.12.27.1
    * libwebkit2gtk-4_1-0-debuginfo-2.46.6-150600.12.27.1
    * webkit-jsc-6.0-debuginfo-2.46.6-150600.12.27.1
    * webkitgtk-6_0-injected-bundles-debuginfo-2.46.6-150600.12.27.1
    * webkit2gtk3-minibrowser-debuginfo-2.46.6-150600.12.27.1
    * webkit-jsc-4.1-2.46.6-150600.12.27.1
    * libjavascriptcoregtk-4_0-18-2.46.6-150600.12.27.1
    * webkit2gtk-4_1-injected-bundles-2.46.6-150600.12.27.1
    * libwebkitgtk-6_0-4-2.46.6-150600.12.27.1
    * typelib-1_0-WebKit-6_0-2.46.6-150600.12.27.1
    * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150600.12.27.1
    * typelib-1_0-JavaScriptCore-4_0-2.46.6-150600.12.27.1
    * webkit2gtk-4_0-injected-bundles-2.46.6-150600.12.27.1
    * webkit-jsc-4.1-debuginfo-2.46.6-150600.12.27.1
    * libwebkit2gtk-4_0-37-2.46.6-150600.12.27.1
    * typelib-1_0-WebKit2-4_1-2.46.6-150600.12.27.1
    * libjavascriptcoregtk-6_0-1-2.46.6-150600.12.27.1
    * webkit2gtk4-minibrowser-debuginfo-2.46.6-150600.12.27.1
    * typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150600.12.27.1
    * webkit2gtk3-soup2-devel-2.46.6-150600.12.27.1
    * webkit-jsc-6.0-2.46.6-150600.12.27.1
    * webkit2gtk4-debugsource-2.46.6-150600.12.27.1
    * libwebkitgtk-6_0-4-debuginfo-2.46.6-150600.12.27.1
    * webkit-jsc-4-2.46.6-150600.12.27.1
    * webkit2gtk3-soup2-minibrowser-2.46.6-150600.12.27.1
    * webkit2gtk3-soup2-minibrowser-debuginfo-2.46.6-150600.12.27.1
    * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150600.12.27.1
    * webkit2gtk3-devel-2.46.6-150600.12.27.1
    * webkit2gtk4-minibrowser-2.46.6-150600.12.27.1
    * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150600.12.27.1
    * libjavascriptcoregtk-4_1-0-2.46.6-150600.12.27.1
    * libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150600.12.27.1
    * typelib-1_0-WebKitWebProcessExtension-6_0-2.46.6-150600.12.27.1
    * typelib-1_0-WebKit2-4_0-2.46.6-150600.12.27.1
    * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150600.12.27.1
    * webkit2gtk3-soup2-debugsource-2.46.6-150600.12.27.1
    * typelib-1_0-JavaScriptCore-6_0-2.46.6-150600.12.27.1
    * libwebkit2gtk-4_1-0-2.46.6-150600.12.27.1
    * webkitgtk-6_0-injected-bundles-2.46.6-150600.12.27.1
    * webkit-jsc-4-debuginfo-2.46.6-150600.12.27.1
    * typelib-1_0-JavaScriptCore-4_1-2.46.6-150600.12.27.1
    * webkit2gtk4-devel-2.46.6-150600.12.27.1
  * openSUSE Leap 15.6 (x86_64)
    * libwebkit2gtk-4_1-0-32bit-debuginfo-2.46.6-150600.12.27.1
    * libwebkit2gtk-4_0-37-32bit-debuginfo-2.46.6-150600.12.27.1
    * libwebkit2gtk-4_0-37-32bit-2.46.6-150600.12.27.1
    * libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.46.6-150600.12.27.1
    * libjavascriptcoregtk-4_1-0-32bit-2.46.6-150600.12.27.1
    * libjavascriptcoregtk-4_1-0-32bit-debuginfo-2.46.6-150600.12.27.1
    * libwebkit2gtk-4_1-0-32bit-2.46.6-150600.12.27.1
    * libjavascriptcoregtk-4_0-18-32bit-2.46.6-150600.12.27.1
  * openSUSE Leap 15.6 (aarch64_ilp32)
    * libjavascriptcoregtk-4_1-0-64bit-debuginfo-2.46.6-150600.12.27.1
    * libwebkit2gtk-4_0-37-64bit-2.46.6-150600.12.27.1
    * libjavascriptcoregtk-4_0-18-64bit-2.46.6-150600.12.27.1
    * libjavascriptcoregtk-4_0-18-64bit-debuginfo-2.46.6-150600.12.27.1
    * libwebkit2gtk-4_0-37-64bit-debuginfo-2.46.6-150600.12.27.1
    * libjavascriptcoregtk-4_1-0-64bit-2.46.6-150600.12.27.1
    * libwebkit2gtk-4_1-0-64bit-debuginfo-2.46.6-150600.12.27.1
    * libwebkit2gtk-4_1-0-64bit-2.46.6-150600.12.27.1
  * Basesystem Module 15-SP6 (noarch)
    * WebKitGTK-6.0-lang-2.46.6-150600.12.27.1
    * WebKitGTK-4.0-lang-2.46.6-150600.12.27.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * libjavascriptcoregtk-4_0-18-2.46.6-150600.12.27.1
    * libwebkitgtk-6_0-4-2.46.6-150600.12.27.1
    * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150600.12.27.1
    * libwebkitgtk-6_0-4-debuginfo-2.46.6-150600.12.27.1
    * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150600.12.27.1
    * libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150600.12.27.1
    * typelib-1_0-JavaScriptCore-4_0-2.46.6-150600.12.27.1
    * webkit2gtk-4_0-injected-bundles-2.46.6-150600.12.27.1
    * libwebkit2gtk-4_0-37-2.46.6-150600.12.27.1
    * typelib-1_0-WebKit2-4_0-2.46.6-150600.12.27.1
    * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150600.12.27.1
    * webkit2gtk3-soup2-debugsource-2.46.6-150600.12.27.1
    * webkitgtk-6_0-injected-bundles-2.46.6-150600.12.27.1
    * libjavascriptcoregtk-6_0-1-2.46.6-150600.12.27.1
    * webkitgtk-6_0-injected-bundles-debuginfo-2.46.6-150600.12.27.1
    * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150600.12.27.1
    * webkit2gtk3-soup2-devel-2.46.6-150600.12.27.1
    * webkit2gtk4-debugsource-2.46.6-150600.12.27.1
  * Desktop Applications Module 15-SP6 (noarch)
    * WebKitGTK-4.1-lang-2.46.6-150600.12.27.1
  * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150600.12.27.1
    * webkit2gtk-4_1-injected-bundles-2.46.6-150600.12.27.1
    * libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150600.12.27.1
    * libjavascriptcoregtk-4_1-0-2.46.6-150600.12.27.1
    * webkit2gtk3-debugsource-2.46.6-150600.12.27.1
    * libwebkit2gtk-4_1-0-debuginfo-2.46.6-150600.12.27.1
    * typelib-1_0-WebKit2-4_1-2.46.6-150600.12.27.1
    * libwebkit2gtk-4_1-0-2.46.6-150600.12.27.1
    * typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150600.12.27.1
    * webkit2gtk3-devel-2.46.6-150600.12.27.1
    * typelib-1_0-JavaScriptCore-4_1-2.46.6-150600.12.27.1
  * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * typelib-1_0-WebKit-6_0-2.46.6-150600.12.27.1
    * typelib-1_0-WebKitWebProcessExtension-6_0-2.46.6-150600.12.27.1
    * typelib-1_0-JavaScriptCore-6_0-2.46.6-150600.12.27.1
    * webkit2gtk4-devel-2.46.6-150600.12.27.1
    * webkit2gtk4-debugsource-2.46.6-150600.12.27.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-27856.html
  * https://www.suse.com/security/cve/CVE-2024-54543.html
  * https://www.suse.com/security/cve/CVE-2024-54658.html
  * https://www.suse.com/security/cve/CVE-2025-24143.html
  * https://www.suse.com/security/cve/CVE-2025-24150.html
  * https://www.suse.com/security/cve/CVE-2025-24158.html
  * https://www.suse.com/security/cve/CVE-2025-24162.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236946

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250224/fc68d9e0/attachment.htm>

From null at suse.de  Mon Feb 24 16:30:30 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 24 Feb 2025 16:30:30 -0000
Subject: SUSE-SU-2025:0690-1: important: Security update for ovmf
Message-ID: <174041463094.32650.1423965642887221702@smelt2.prg2.suse.org>



# Security update for ovmf

Announcement ID: SUSE-SU-2025:0690-1  
Release Date: 2025-02-24T13:06:15Z  
Rating: important  
References:

  * bsc#1237084

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that has one security fix can now be installed.

## Description:

This update for ovmf fixes the following issues:

  * PXE boot is failing due to patches applied to fix CVE-2023-45236 and
    CVE-2023-45237 (bsc#1237084).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-690=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-690=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-690=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-690=1

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-690=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-690=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-690=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-690=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-690=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-690=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-690=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-690=1

## Package List:

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
    * ovmf-tools-202202-150400.5.18.1
    * ovmf-202202-150400.5.18.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * qemu-ovmf-x86_64-202202-150400.5.18.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * ovmf-tools-202202-150400.5.18.1
    * ovmf-202202-150400.5.18.1
  * SUSE Manager Proxy 4.3 (noarch)
    * qemu-ovmf-x86_64-202202-150400.5.18.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * ovmf-tools-202202-150400.5.18.1
    * ovmf-202202-150400.5.18.1
  * SUSE Manager Retail Branch Server 4.3 (noarch)
    * qemu-ovmf-x86_64-202202-150400.5.18.1
  * SUSE Manager Server 4.3 (x86_64)
    * ovmf-tools-202202-150400.5.18.1
    * ovmf-202202-150400.5.18.1
  * SUSE Manager Server 4.3 (noarch)
    * qemu-ovmf-x86_64-202202-150400.5.18.1
  * openSUSE Leap 15.4 (aarch64 x86_64)
    * ovmf-tools-202202-150400.5.18.1
    * ovmf-202202-150400.5.18.1
  * openSUSE Leap 15.4 (noarch)
    * qemu-ovmf-x86_64-202202-150400.5.18.1
    * qemu-ovmf-ia32-202202-150400.5.18.1
    * qemu-uefi-aarch32-202202-150400.5.18.1
    * qemu-uefi-aarch64-202202-150400.5.18.1
  * openSUSE Leap 15.4 (x86_64)
    * qemu-ovmf-x86_64-debug-202202-150400.5.18.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch)
    * qemu-uefi-aarch64-202202-150400.5.18.1
    * qemu-ovmf-x86_64-202202-150400.5.18.1
  * SUSE Linux Enterprise Micro 5.3 (noarch)
    * qemu-uefi-aarch64-202202-150400.5.18.1
    * qemu-ovmf-x86_64-202202-150400.5.18.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch)
    * qemu-uefi-aarch64-202202-150400.5.18.1
    * qemu-ovmf-x86_64-202202-150400.5.18.1
  * SUSE Linux Enterprise Micro 5.4 (noarch)
    * qemu-uefi-aarch64-202202-150400.5.18.1
    * qemu-ovmf-x86_64-202202-150400.5.18.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * ovmf-tools-202202-150400.5.18.1
    * ovmf-202202-150400.5.18.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * qemu-uefi-aarch64-202202-150400.5.18.1
    * qemu-ovmf-x86_64-202202-150400.5.18.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * ovmf-tools-202202-150400.5.18.1
    * ovmf-202202-150400.5.18.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * qemu-uefi-aarch64-202202-150400.5.18.1
    * qemu-ovmf-x86_64-202202-150400.5.18.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 x86_64)
    * ovmf-tools-202202-150400.5.18.1
    * ovmf-202202-150400.5.18.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * qemu-uefi-aarch64-202202-150400.5.18.1
    * qemu-ovmf-x86_64-202202-150400.5.18.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1237084

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250224/5e7bd32f/attachment.htm>

From null at suse.de  Mon Feb 24 16:30:35 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 24 Feb 2025 16:30:35 -0000
Subject: SUSE-SU-2025:0689-1: moderate: Security update for pam_pkcs11
Message-ID: <174041463597.32650.14615532866513115568@smelt2.prg2.suse.org>



# Security update for pam_pkcs11

Announcement ID: SUSE-SU-2025:0689-1  
Release Date: 2025-02-24T12:57:20Z  
Rating: moderate  
References:

  * bsc#1237058
  * bsc#1237062

  
Cross-References:

  * CVE-2025-24031
  * CVE-2025-24032

  
CVSS scores:

  * CVE-2025-24031 ( SUSE ):  4.6
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-24031 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
  * CVE-2025-24031 ( NVD ):  5.1
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2025-24032 ( SUSE ):  7.5
    CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-24032 ( SUSE ):  6.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
  * CVE-2025-24032 ( NVD ):  9.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:L/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for pam_pkcs11 fixes the following issues:

  * CVE-2025-24032: default value for `cert_policy` (`none`) allows for
    authentication bypass (bsc#1237062).
  * CVE-2025-24031: uninitialized pointer dereference caused by user pressing
    ctrl-c/ctrl-d when asked for PIN leads to crash (bsc#1237058).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-689=1 SUSE-2025-689=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-689=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * pam_pkcs11-debuginfo-0.6.10-150600.16.3.1
    * pam_pkcs11-0.6.10-150600.16.3.1
    * pam_pkcs11-debugsource-0.6.10-150600.16.3.1
  * openSUSE Leap 15.6 (x86_64)
    * pam_pkcs11-32bit-debuginfo-0.6.10-150600.16.3.1
    * pam_pkcs11-32bit-0.6.10-150600.16.3.1
  * openSUSE Leap 15.6 (noarch)
    * pam_pkcs11-devel-doc-0.6.10-150600.16.3.1
  * openSUSE Leap 15.6 (aarch64_ilp32)
    * pam_pkcs11-64bit-0.6.10-150600.16.3.1
    * pam_pkcs11-64bit-debuginfo-0.6.10-150600.16.3.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * pam_pkcs11-debuginfo-0.6.10-150600.16.3.1
    * pam_pkcs11-0.6.10-150600.16.3.1
    * pam_pkcs11-debugsource-0.6.10-150600.16.3.1
  * Basesystem Module 15-SP6 (x86_64)
    * pam_pkcs11-32bit-debuginfo-0.6.10-150600.16.3.1
    * pam_pkcs11-32bit-0.6.10-150600.16.3.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-24031.html
  * https://www.suse.com/security/cve/CVE-2025-24032.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237058
  * https://bugzilla.suse.com/show_bug.cgi?id=1237062

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250224/8bf7fd6f/attachment.htm>

From null at suse.de  Mon Feb 24 16:30:40 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 24 Feb 2025 16:30:40 -0000
Subject: SUSE-SU-2025:0688-1: moderate: Security update for pam_pkcs11
Message-ID: <174041464050.32650.11591338120844537679@smelt2.prg2.suse.org>



# Security update for pam_pkcs11

Announcement ID: SUSE-SU-2025:0688-1  
Release Date: 2025-02-24T12:55:41Z  
Rating: moderate  
References:

  * bsc#1237058
  * bsc#1237062

  
Cross-References:

  * CVE-2025-24031
  * CVE-2025-24032

  
CVSS scores:

  * CVE-2025-24031 ( SUSE ):  4.6
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-24031 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
  * CVE-2025-24031 ( NVD ):  5.1
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2025-24032 ( SUSE ):  7.5
    CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-24032 ( SUSE ):  6.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
  * CVE-2025-24032 ( NVD ):  9.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:L/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

  
Affected Products:

  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for pam_pkcs11 fixes the following issues:

  * CVE-2025-24032: default value for `cert_policy` (`none`) allows for
    authentication bypass (bsc#1237062).
  * CVE-2025-24031: uninitialized pointer dereference caused by user pressing
    ctrl-c/ctrl-d when asked for PIN leads to crash (bsc#1237058).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-688=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * pam_pkcs11-debuginfo-32bit-0.6.8-7.8.1
    * pam_pkcs11-32bit-0.6.8-7.8.1
    * pam_pkcs11-0.6.8-7.8.1
    * pam_pkcs11-debugsource-0.6.8-7.8.1
    * pam_pkcs11-debuginfo-0.6.8-7.8.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-24031.html
  * https://www.suse.com/security/cve/CVE-2025-24032.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237058
  * https://bugzilla.suse.com/show_bug.cgi?id=1237062

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250224/1a8eae94/attachment.htm>

From null at suse.de  Mon Feb 24 20:30:06 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 24 Feb 2025 20:30:06 -0000
Subject: SUSE-SU-2025:0703-1: important: Security update for the Linux Kernel
 (Live Patch 13 for SLE 15 SP5)
Message-ID: <174042900698.17642.6225786762900495993@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP5)

Announcement ID: SUSE-SU-2025:0703-1  
Release Date: 2025-02-24T18:03:39Z  
Rating: important  
References:

  * bsc#1227371
  * bsc#1228585
  * bsc#1236783

  
Cross-References:

  * CVE-2024-36974
  * CVE-2024-40956
  * CVE-2024-53104

  
CVSS scores:

  * CVE-2024-36974 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-40956 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-40956 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.3
  * openSUSE Leap 15.5
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise Live Patching 15-SP3
  * SUSE Linux Enterprise Live Patching 15-SP5
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP5
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5

  
  
An update that solves three vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 5.14.21-150500_55_62 fixes several issues.

The following security issues were fixed:

  * CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in
    irq_process_work_list (bsc#1228585).
  * CVE-2024-36974: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP
    (bsc#1227371).
  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-705=1

  * SUSE Linux Enterprise Live Patching 15-SP5  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-705=1

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-703=1

  * SUSE Linux Enterprise Live Patching 15-SP3  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-703=1

## Package List:

  * openSUSE Leap 15.5 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP5_Update_13-debugsource-11-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_62-default-debuginfo-11-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_62-default-11-150500.2.1
  * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP5_Update_13-debugsource-11-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_62-default-debuginfo-11-150500.2.1
    * kernel-livepatch-5_14_21-150500_55_62-default-11-150500.2.1
  * openSUSE Leap 15.3 (ppc64le s390x x86_64)
    * kernel-livepatch-5_3_18-150300_59_167-default-8-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_167-default-debuginfo-8-150300.2.1
    * kernel-livepatch-SLE15-SP3_Update_46-debugsource-8-150300.2.1
  * openSUSE Leap 15.3 (x86_64)
    * kernel-livepatch-5_3_18-150300_59_167-preempt-debuginfo-8-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_167-preempt-8-150300.2.1
  * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64)
    * kernel-livepatch-5_3_18-150300_59_167-default-8-150300.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-36974.html
  * https://www.suse.com/security/cve/CVE-2024-40956.html
  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1227371
  * https://bugzilla.suse.com/show_bug.cgi?id=1228585
  * https://bugzilla.suse.com/show_bug.cgi?id=1236783

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250224/f3017af5/attachment.htm>

From null at suse.de  Mon Feb 24 20:30:10 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 24 Feb 2025 20:30:10 -0000
Subject: SUSE-SU-2025:0704-1: important: Security update for the Linux Kernel
 (Live Patch 5 for SLE 15 SP6)
Message-ID: <174042901084.17642.7361014594468323444@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP6)

Announcement ID: SUSE-SU-2025:0704-1  
Release Date: 2025-02-24T17:33:33Z  
Rating: important  
References:

  * bsc#1236783

  
Cross-References:

  * CVE-2024-53104

  
CVSS scores:

  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.3
  * openSUSE Leap 15.4
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise Live Patching 15-SP3
  * SUSE Linux Enterprise Live Patching 15-SP4
  * SUSE Linux Enterprise Live Patching 15-SP6
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Real Time 15 SP4
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for the Linux Kernel 6.4.0-150600_23_25 fixes one issue.

The following security issue was fixed:

  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-701=1 SUSE-2025-704=1

  * SUSE Linux Enterprise Live Patching 15-SP3  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-701=1 SUSE-SLE-
Module-Live-Patching-15-SP3-2025-704=1

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-702=1

  * SUSE Linux Enterprise Live Patching 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-702=1

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-700=1

  * SUSE Linux Enterprise Live Patching 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2025-700=1

## Package List:

  * openSUSE Leap 15.3 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP3_Update_47-debugsource-6-150300.2.1
    * kernel-livepatch-SLE15-SP3_Update_50-debugsource-3-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_182-default-3-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_170-default-debuginfo-6-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_182-default-debuginfo-3-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_170-default-6-150300.2.1
  * openSUSE Leap 15.3 (x86_64)
    * kernel-livepatch-5_3_18-150300_59_182-preempt-3-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_170-preempt-6-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_182-preempt-debuginfo-3-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_170-preempt-debuginfo-6-150300.2.1
  * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP3_Update_47-debugsource-6-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_170-default-6-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_170-default-debuginfo-6-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_182-default-3-150300.2.1
  * openSUSE Leap 15.4 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP4_Update_31-debugsource-4-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_133-default-debuginfo-4-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_133-default-4-150400.2.1
  * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP4_Update_31-debugsource-4-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_133-default-debuginfo-4-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_133-default-4-150400.2.1
  * openSUSE Leap 15.6 (ppc64le s390x x86_64)
    * kernel-livepatch-6_4_0-150600_23_25-default-4-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_25-default-debuginfo-4-150600.2.1
    * kernel-livepatch-SLE15-SP6_Update_5-debugsource-4-150600.2.1
  * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64)
    * kernel-livepatch-6_4_0-150600_23_25-default-4-150600.2.1
    * kernel-livepatch-6_4_0-150600_23_25-default-debuginfo-4-150600.2.1
    * kernel-livepatch-SLE15-SP6_Update_5-debugsource-4-150600.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236783

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250224/844ee3fb/attachment.htm>

From null at suse.de  Mon Feb 24 20:30:16 2025
From: null at suse.de (SLE-UPDATES)
Date: Mon, 24 Feb 2025 20:30:16 -0000
Subject: SUSE-SU-2025:0698-1: important: Security update for the Linux Kernel
 (Live Patch 26 for SLE 15 SP4)
Message-ID: <174042901665.17642.6295895184408283032@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP4)

Announcement ID: SUSE-SU-2025:0698-1  
Release Date: 2025-02-24T16:36:00Z  
Rating: important  
References:

  * bsc#1227320
  * bsc#1227371
  * bsc#1228585
  * bsc#1236783

  
Cross-References:

  * CVE-2024-35789
  * CVE-2024-36974
  * CVE-2024-40956
  * CVE-2024-53104

  
CVSS scores:

  * CVE-2024-35789 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-36974 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-40956 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-40956 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise Live Patching 15-SP4
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Real Time 15 SP4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4

  
  
An update that solves four vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 5.14.21-150400_24_119 fixes several issues.

The following security issues were fixed:

  * CVE-2024-35789: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN
    changes (bsc#1227320).
  * CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in
    irq_process_work_list (bsc#1228585).
  * CVE-2024-36974: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP
    (bsc#1227371).
  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-698=1 SUSE-2025-699=1

  * SUSE Linux Enterprise Live Patching 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-698=1 SUSE-SLE-
Module-Live-Patching-15-SP4-2025-699=1

## Package List:

  * openSUSE Leap 15.4 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP4_Update_25-debugsource-13-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_26-debugsource-12-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_119-default-debuginfo-12-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_116-default-13-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_119-default-12-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_116-default-debuginfo-13-150400.2.1
  * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP4_Update_25-debugsource-13-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_26-debugsource-12-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_119-default-debuginfo-12-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_116-default-13-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_119-default-12-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_116-default-debuginfo-13-150400.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-35789.html
  * https://www.suse.com/security/cve/CVE-2024-36974.html
  * https://www.suse.com/security/cve/CVE-2024-40956.html
  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1227320
  * https://bugzilla.suse.com/show_bug.cgi?id=1227371
  * https://bugzilla.suse.com/show_bug.cgi?id=1228585
  * https://bugzilla.suse.com/show_bug.cgi?id=1236783

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250224/ef4d77af/attachment.htm>

From null at suse.de  Tue Feb 25 08:30:07 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 25 Feb 2025 08:30:07 -0000
Subject: SUSE-SU-2025:0707-1: important: Security update for the Linux Kernel
 (Live Patch 48 for SLE 15 SP3)
Message-ID: <174047220760.25351.9508437855017513062@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP3)

Announcement ID: SUSE-SU-2025:0707-1  
Release Date: 2025-02-25T04:03:57Z  
Rating: important  
References:

  * bsc#1236783

  
Cross-References:

  * CVE-2024-53104

  
CVSS scores:

  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.3
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise Live Patching 15-SP3
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for the Linux Kernel 5.3.18-150300_59_174 fixes one issue.

The following security issue was fixed:

  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-707=1

  * SUSE Linux Enterprise Live Patching 15-SP3  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-707=1

## Package List:

  * openSUSE Leap 15.3 (ppc64le s390x x86_64)
    * kernel-livepatch-5_3_18-150300_59_174-default-debuginfo-5-150300.2.1
    * kernel-livepatch-SLE15-SP3_Update_48-debugsource-5-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_174-default-5-150300.2.1
  * openSUSE Leap 15.3 (x86_64)
    * kernel-livepatch-5_3_18-150300_59_174-preempt-5-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_174-preempt-debuginfo-5-150300.2.1
  * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64)
    * kernel-livepatch-5_3_18-150300_59_174-default-5-150300.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236783

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250225/642748dc/attachment.htm>

From null at suse.de  Tue Feb 25 08:30:13 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 25 Feb 2025 08:30:13 -0000
Subject: SUSE-SU-2025:0708-1: important: Security update for the Linux Kernel
 (Live Patch 45 for SLE 15 SP3)
Message-ID: <174047221385.25351.3093027867572320971@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 45 for SLE 15 SP3)

Announcement ID: SUSE-SU-2025:0708-1  
Release Date: 2025-02-25T04:33:32Z  
Rating: important  
References:

  * bsc#1227320
  * bsc#1227371
  * bsc#1228585
  * bsc#1236783

  
Cross-References:

  * CVE-2024-35789
  * CVE-2024-36974
  * CVE-2024-40956
  * CVE-2024-53104

  
CVSS scores:

  * CVE-2024-35789 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-36974 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-40956 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-40956 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.3
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise Live Patching 15-SP3
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3

  
  
An update that solves four vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 5.3.18-150300_59_164 fixes several issues.

The following security issues were fixed:

  * CVE-2024-35789: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN
    changes (bsc#1227320).
  * CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in
    irq_process_work_list (bsc#1228585).
  * CVE-2024-36974: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP
    (bsc#1227371).
  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-708=1 SUSE-2025-706=1

  * SUSE Linux Enterprise Live Patching 15-SP3  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-708=1 SUSE-SLE-
Module-Live-Patching-15-SP3-2025-706=1

## Package List:

  * openSUSE Leap 15.3 (ppc64le s390x x86_64)
    * kernel-livepatch-SLE15-SP3_Update_44-debugsource-12-150300.2.1
    * kernel-livepatch-SLE15-SP3_Update_45-debugsource-9-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_164-default-9-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_161-default-debuginfo-12-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_164-default-debuginfo-9-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_161-default-12-150300.2.1
  * openSUSE Leap 15.3 (x86_64)
    * kernel-livepatch-5_3_18-150300_59_164-preempt-9-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo-12-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_161-preempt-12-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_164-preempt-debuginfo-9-150300.2.1
  * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64)
    * kernel-livepatch-5_3_18-150300_59_161-default-12-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_164-default-9-150300.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-35789.html
  * https://www.suse.com/security/cve/CVE-2024-36974.html
  * https://www.suse.com/security/cve/CVE-2024-40956.html
  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1227320
  * https://bugzilla.suse.com/show_bug.cgi?id=1227371
  * https://bugzilla.suse.com/show_bug.cgi?id=1228585
  * https://bugzilla.suse.com/show_bug.cgi?id=1236783

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250225/19da358d/attachment.htm>

From null at suse.de  Tue Feb 25 12:30:07 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 25 Feb 2025 12:30:07 -0000
Subject: SUSE-SU-2025:0709-1: important: Security update for the Linux Kernel
 (Live Patch 23 for SLE 15 SP4)
Message-ID: <174048660749.17651.2210283298095737875@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP4)

Announcement ID: SUSE-SU-2025:0709-1  
Release Date: 2025-02-25T08:03:43Z  
Rating: important  
References:

  * bsc#1227320
  * bsc#1227371
  * bsc#1228585
  * bsc#1236783

  
Cross-References:

  * CVE-2024-35789
  * CVE-2024-36974
  * CVE-2024-40956
  * CVE-2024-53104

  
CVSS scores:

  * CVE-2024-35789 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-36974 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-40956 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-40956 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise Live Patching 15-SP4
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Real Time 15 SP4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4

  
  
An update that solves four vulnerabilities can now be installed.

## Description:

This update for the Linux Kernel 5.14.21-150400_24_108 fixes several issues.

The following security issues were fixed:

  * CVE-2024-35789: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN
    changes (bsc#1227320).
  * CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in
    irq_process_work_list (bsc#1228585).
  * CVE-2024-36974: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP
    (bsc#1227371).
  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-709=1

  * SUSE Linux Enterprise Live Patching 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-709=1

## Package List:

  * openSUSE Leap 15.4 (ppc64le s390x x86_64)
    * kernel-livepatch-5_14_21-150400_24_108-default-debuginfo-15-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_108-default-15-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_23-debugsource-15-150400.2.1
  * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
    * kernel-livepatch-5_14_21-150400_24_108-default-debuginfo-15-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_108-default-15-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_23-debugsource-15-150400.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-35789.html
  * https://www.suse.com/security/cve/CVE-2024-36974.html
  * https://www.suse.com/security/cve/CVE-2024-40956.html
  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1227320
  * https://bugzilla.suse.com/show_bug.cgi?id=1227371
  * https://bugzilla.suse.com/show_bug.cgi?id=1228585
  * https://bugzilla.suse.com/show_bug.cgi?id=1236783

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250225/f2a5b17a/attachment.htm>

From null at suse.de  Tue Feb 25 12:30:12 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 25 Feb 2025 12:30:12 -0000
Subject: SUSE-SU-2025:0712-1: moderate: Security update for pam_pkcs11
Message-ID: <174048661204.17651.4039479642178747901@smelt2.prg2.suse.org>



# Security update for pam_pkcs11

Announcement ID: SUSE-SU-2025:0712-1  
Release Date: 2025-02-25T10:38:13Z  
Rating: moderate  
References:

  * bsc#1237058
  * bsc#1237062

  
Cross-References:

  * CVE-2025-24031
  * CVE-2025-24032

  
CVSS scores:

  * CVE-2025-24031 ( SUSE ):  4.6
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-24031 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
  * CVE-2025-24031 ( NVD ):  5.1
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2025-24032 ( SUSE ):  7.5
    CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-24032 ( SUSE ):  6.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
  * CVE-2025-24032 ( NVD ):  9.2
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:L/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

  
Affected Products:

  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Micro for Rancher 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for pam_pkcs11 fixes the following issues:

  * CVE-2025-24032: default value for `cert_policy` (`none`) allows for
    authentication bypass (bsc#1237062).
  * CVE-2025-24031: uninitialized pointer dereference caused by user pressing
    ctrl-c/ctrl-d when asked for PIN leads to crash (bsc#1237058).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-712=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-712=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-712=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-712=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-712=1

  * SUSE Linux Enterprise Micro 5.1  
    zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-712=1

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-712=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-712=1

## Package List:

  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * pam_pkcs11-debugsource-0.6.10-150100.3.6.1
    * pam_pkcs11-debuginfo-0.6.10-150100.3.6.1
    * pam_pkcs11-0.6.10-150100.3.6.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * pam_pkcs11-debugsource-0.6.10-150100.3.6.1
    * pam_pkcs11-debuginfo-0.6.10-150100.3.6.1
    * pam_pkcs11-0.6.10-150100.3.6.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * pam_pkcs11-debugsource-0.6.10-150100.3.6.1
    * pam_pkcs11-debuginfo-0.6.10-150100.3.6.1
    * pam_pkcs11-0.6.10-150100.3.6.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * pam_pkcs11-debugsource-0.6.10-150100.3.6.1
    * pam_pkcs11-debuginfo-0.6.10-150100.3.6.1
    * pam_pkcs11-0.6.10-150100.3.6.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * pam_pkcs11-debugsource-0.6.10-150100.3.6.1
    * pam_pkcs11-debuginfo-0.6.10-150100.3.6.1
    * pam_pkcs11-0.6.10-150100.3.6.1
  * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
    * pam_pkcs11-debugsource-0.6.10-150100.3.6.1
    * pam_pkcs11-debuginfo-0.6.10-150100.3.6.1
    * pam_pkcs11-0.6.10-150100.3.6.1
  * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
    * pam_pkcs11-debugsource-0.6.10-150100.3.6.1
    * pam_pkcs11-debuginfo-0.6.10-150100.3.6.1
    * pam_pkcs11-0.6.10-150100.3.6.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
    * pam_pkcs11-debugsource-0.6.10-150100.3.6.1
    * pam_pkcs11-debuginfo-0.6.10-150100.3.6.1
    * pam_pkcs11-0.6.10-150100.3.6.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-24031.html
  * https://www.suse.com/security/cve/CVE-2025-24032.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237058
  * https://bugzilla.suse.com/show_bug.cgi?id=1237062

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250225/ea7c5715/attachment.htm>

From null at suse.de  Tue Feb 25 20:30:03 2025
From: null at suse.de (SLE-UPDATES)
Date: Tue, 25 Feb 2025 20:30:03 -0000
Subject: SUSE-SU-2025:0713-1: important: Security update for the Linux Kernel
 (Live Patch 35 for SLE 15 SP4)
Message-ID: <174051540368.17461.2073745572496625214@smelt2.prg2.suse.org>



# Security update for the Linux Kernel (Live Patch 35 for SLE 15 SP4)

Announcement ID: SUSE-SU-2025:0713-1  
Release Date: 2025-02-25T18:04:29Z  
Rating: important  
References:

  * bsc#1236783

  
Cross-References:

  * CVE-2024-53104

  
CVSS scores:

  * CVE-2024-53104 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-53104 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.3
  * openSUSE Leap 15.4
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise Live Patching 15-SP3
  * SUSE Linux Enterprise Live Patching 15-SP4
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Real Time 15 SP4
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for the Linux Kernel 5.14.21-150400_24_147 fixes one issue.

The following security issue was fixed:

  * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type
    UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Live Patching 15-SP3  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-713=1 SUSE-SLE-
Module-Live-Patching-15-SP3-2025-714=1

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-714=1 SUSE-2025-713=1

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-715=1 SUSE-2025-716=1

  * SUSE Linux Enterprise Live Patching 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-715=1 SUSE-SLE-
Module-Live-Patching-15-SP4-2025-716=1

## Package List:

  * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64)
    * kernel-livepatch-5_3_18-150300_59_188-default-2-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_185-default-2-150300.2.1
  * openSUSE Leap 15.3 (ppc64le s390x x86_64)
    * kernel-livepatch-5_3_18-150300_59_185-default-debuginfo-2-150300.2.1
    * kernel-livepatch-SLE15-SP3_Update_52-debugsource-2-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_188-default-2-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_185-default-2-150300.2.1
    * kernel-livepatch-SLE15-SP3_Update_51-debugsource-2-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_188-default-debuginfo-2-150300.2.1
  * openSUSE Leap 15.3 (x86_64)
    * kernel-livepatch-5_3_18-150300_59_188-preempt-2-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_185-preempt-2-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_188-preempt-debuginfo-2-150300.2.1
    * kernel-livepatch-5_3_18-150300_59_185-preempt-debuginfo-2-150300.2.1
  * openSUSE Leap 15.4 (ppc64le s390x x86_64)
    * kernel-livepatch-5_14_21-150400_24_144-default-2-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_35-debugsource-2-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_144-default-debuginfo-2-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_34-debugsource-2-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_147-default-2-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_147-default-debuginfo-2-150400.2.1
  * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
    * kernel-livepatch-5_14_21-150400_24_144-default-2-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_35-debugsource-2-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_144-default-debuginfo-2-150400.2.1
    * kernel-livepatch-SLE15-SP4_Update_34-debugsource-2-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_147-default-2-150400.2.1
    * kernel-livepatch-5_14_21-150400_24_147-default-debuginfo-2-150400.2.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-53104.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236783

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250225/052eeb60/attachment.htm>

From null at suse.de  Wed Feb 26 08:30:01 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 26 Feb 2025 08:30:01 -0000
Subject: SUSE-SU-2025:0719-1: moderate: Recommended update for Maven
Message-ID: <174055860183.17651.16221400052782325032@smelt2.prg2.suse.org>



# Recommended update for Maven

Announcement ID: SUSE-SU-2025:0719-1  
Release Date: 2025-02-26T07:26:09Z  
Rating: moderate  
References:

  
Cross-References:

  * CVE-2020-13936

  
CVSS scores:

  * CVE-2020-13936 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2020-13936 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * Development Tools Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for Maven fixes the following issues:

maven-dependency-analyzer was updated from version 1.13.2 to 1.15.1:

  * Key changes across versions:
  * Bug fixes and improved support of dynamic types
  * Dependency upgrades (ASM, Maven core, and notably the removal of commons-io)
  * Improved error handling by logging instead of failing
  * Improved dependency usage tracking

maven-dependency-plugin was updated from version 3.6.0 to 3.8.1:

  * Key changes across versions:
  * Dependency upgrades on maven-dependency-analyzer and Doxia
  * Deprecated dependency:sources in favor of dependency:resolve-sources
  * Documentation improvements
  * New dependency analysis goal to check for invalid exclusions
  * New JSON output option for dependency:tree
  * Performance improvements
  * Several bug fixes addressing:
    * The handling of silent parameters
    * The display of the optional flag in the tree
    * The clarity of some error messages

maven-doxia-sitetools was updated from version 1.11.1 to 2.0.0:

  * Key changes across versions:
  * New features:
    * Passing the input filename to the parser
    * Adding a timezone field to the site descriptor
    * Configuring parsers per markup
  * Improvements:
    * Clarifying site descriptor properties
    * Requiring a skin if a site descriptor (site.xml) has been provided
    * Optimization of resource handling
    * Overhauled locale support
    * Refinined menu item display
    * Use of Maven Resolver for artifact resolution
    * Enhanced Velocity context population
    * Automating anchor creation
  * Internal changes:
    * Migration from Plexus to Sisu
    * Upgraded to Java 8
    * Removal of deprecated components and features (such as Maven 1.x support, Google-related properties)
    * Simplified the site model
    * Improved the DocumentRenderer interface/DocumentRenderingContext class API
  * Several bug fixes addressing:
    * The Plexus to Sisu migration
    * Decoration model injection
    * Anchor creation
    * XML character escaping
    * Handling of 0-byte site descriptors

maven-doxia was updated from version 1.12.0 to 2.0.0:

  * Key changes across versions:
  * Improved HTML5 Support:
    * Obsolete attributes and elements were removed
    * CSS styles are now used for styling
    * XHTML5 is now the default HTML implementation, and XHTML(4) is deprecated
  * Improved Markdown Support:
    * A new Markdown sink allows converting content to Markdown. 
    * Support for various Markdown features like blockquotes, footnotes, and metadata has been added
  * General Improvements:
    * Dependencies were updated
    * Doxia was upgraded to Java 8
    * Logging and Doxia ID generation were streamlined
    * Migration from Plexus to Sisu
    * Removed deprecated modules and code
  * Several bug fixes addressing:
    * HTML5 incorrect output such as tables, styling and missing or improperly handled attributes
    * Markdown formatting issues
    * Issues with plexus migration
    * Incorrect generation of unique IDs
    * Incorrect anchor generation for document titles
    * Ignored element classes

maven-invoker-plugin was updated from version 3.2.2 to 3.8.1:

  * Key changes across versions:
  * Commons-lang3 was removed
  * Custom Maven executables, external POM files, and more CLI options are now
    supported
  * Deprecated code was cleaned up
  * Doxia was updated, improving HTML generation and adding Markdown support
  * Groovy was updated, adding support for JDK 19
  * Improved Reporting and Time Handling
  * Enhanced syntax support for invoker properties and Maven options
  * Java 8 is now the minimum supported version
  * Maven 3.6.3 is now the minimum supported version
  * Several dependencies were updated or removed
  * Snapshot update behavior can be controlled
  * Several bug fixes addressing issues with:
    * Dependency resolution
    * Environment variables
    * File handling
    * Report generation
    * Threading

maven-invoker was updated from version 3.1.0 to 3.3.0:

  * Key changes across versions:
  * Added several CLI options.
  * Added support to disable snapshot updates.
  * Added test for inherited environment
  * Custom Maven executables
  * Deprecated code was removed
  * External POM files
  * Fixed issues with builder IDs
  * Improved timeout handling
  * Java 8 is now a requirement
  * Tests were migrated to JUnit 5

maven-javadoc-plugin was updated from version 3.6.0 to 3.11.1:

  * Key changes across versions:
  * Addressed test cleanup and inconsistent default value
  * Automatic release detection for older JDKs
  * Clarified documentation
  * Dependency upgrades of org.codehaus.plexus:plexus-java and Doxia
  * Deprecated the "old" parameter
  * Improvements include handling of Java 12+ links, user settings with invoker,
    and default author value.
  * Simplified integration tests.
  * Upgraded maven-plugin parent
  * Various bug fixes related to:
    * Toolchains issues
    * Empty JAR creation
    * JDK 10 compatibility
    * Reactor build failures
    * Unit test issues
    * Null pointer exception
    * Issues with skipped reports
    * Stale file detection 
    * Log4j dependency dowload
    * Test repository creation

maven-parent was updated from version 40 to 43:

  * Key changes across versions:
  * Potentially breaking changes:
    * Removed dependency on `maven-plugin-annotations` to better support Maven 4 plugins
    * Removed `checkstyle.violation.ignore`
  * Improved Java 21 support
  * Empty Surefire and PMD reports are now skipped
  * Disabled annotation processing by compiler
  * Various code cleanup and project restructuring tasks

maven-plugin-tools was updated from version 3.13.0 to 3.15.1:

  * Key changes across versions:
  * Doxia and Velocity Engine upgrades
  * New report-no-fork goal 'report-no-fork' which will not invoke process-
    classes
  * Deprecation of o.a.m.plugins.annotations.Component
  * Improved Maven 3 and Maven 4 support

maven-reporting-api was updated from version 3.1.1 to 4.0.0:

  * Key changes across versions:
  * API: Allow MavenReportRenderer.render() and MavenReport.canGenerateReport()
    to throw exceptions
  * Require locales to be non-null
  * Improve the MavenReport interface and AbstractMavenReport class
  * Removed unused default-report.xml file

maven-reporting-implementation was updated from version 3.2.0 to 4.0.0:

  * Key changes across versions include:
  * Addressed issues with duplicate calls to canGenerateReport()
  * New features such markup output support, flexible section handling and
    verbatim source rendering
  * Numerous improvements to skinning, rendering, parameter handling, timestamp
    population and logging
  * Upgrade to Java 8

maven-surefire was updated from version 3.2.5 to 3.5.2:

  * Key changes across versions include:
  * Addressed issues with JUnit5 test reporting, serialization, classpath
    handling and compatibility with newer JDKs.
  * Refined handling of system properties, commons-io usage, parallel test
    execution and report generation.
  * Updated Doxia and commons-compress dependencies
  * Improved documentation, including FAQ fixes

plexus-velocity was updated to version 2.1.0:

  * Upgraded Velocity Engine to 2.3
  * Moved to JUnit5

velocity-engine:

  * New package velocity-engine-core implemented at version 2.4

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-719=1

  * Development Tools Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-719=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-719=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-719=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-719=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-719=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-719=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-719=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-719=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-719=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-719=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-719=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-719=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-719=1

## Package List:

  * openSUSE Leap 15.6 (noarch)
    * maven-doxia-module-apt-2.0.0-150200.4.18.11
    * maven-invoker-plugin-3.8.1-150200.3.6.2
    * maven-plugin-tools-ant-3.15.1-150200.3.15.12
    * maven-surefire-javadoc-3.5.2-150200.3.9.20.12
    * maven-plugin-annotations-3.15.1-150200.3.15.12
    * plexus-velocity-2.1.0-150200.3.10.3
    * maven-surefire-provider-junit5-3.5.2-150200.3.9.20.2
    * maven-parent-43-150200.3.8.2
    * maven-reporting-impl-4.0.0-150200.4.9.12
    * maven-failsafe-plugin-bootstrap-3.5.2-150200.3.9.20.12
    * maven-plugin-tools-generators-3.15.1-150200.3.15.12
    * maven-surefire-report-parser-3.5.2-150200.3.9.20.12
    * maven-plugin-tools-beanshell-3.15.1-150200.3.15.12
    * velocity-engine-core-javadoc-2.4-150200.5.3.3
    * maven-plugin-tools-model-3.15.1-150200.3.15.12
    * maven-invoker-plugin-javadoc-3.8.1-150200.3.6.2
    * maven-reporting-impl-javadoc-4.0.0-150200.4.9.12
    * velocity-engine-core-2.4-150200.5.3.3
    * maven-plugin-tools-annotations-3.15.1-150200.3.15.12
    * maven-surefire-provider-junit-3.5.2-150200.3.9.20.12
    * maven-javadoc-plugin-3.11.1-150200.4.21.2
    * maven-dependency-analyzer-javadoc-1.15.1-150200.3.10.3
    * maven-doxia-module-xdoc-2.0.0-150200.4.18.11
    * maven-plugin-plugin-bootstrap-3.15.1-150200.3.15.2
    * maven-doxia-javadoc-2.0.0-150200.4.18.11
    * maven-reporting-api-4.0.0-150200.3.10.12
    * plexus-velocity-javadoc-2.1.0-150200.3.10.3
    * maven-surefire-report-plugin-bootstrap-3.5.2-150200.3.9.20.12
    * maven-plugin-plugin-3.15.1-150200.3.15.2
    * maven-doxia-sitetools-2.0.0-150200.3.18.3
    * maven-doxia-core-2.0.0-150200.4.18.11
    * maven-doxia-test-docs-2.0.0-150200.4.18.11
    * maven-script-beanshell-3.15.1-150200.3.15.12
    * maven-surefire-plugin-bootstrap-3.5.2-150200.3.9.20.12
    * maven-surefire-provider-junit5-javadoc-3.5.2-150200.3.9.20.2
    * maven-dependency-plugin-3.8.1-150200.3.10.2
    * maven-surefire-3.5.2-150200.3.9.20.12
    * maven-invoker-javadoc-3.3.0-150200.3.7.5
    * maven-doxia-sink-api-2.0.0-150200.4.18.11
    * maven-doxia-module-fml-2.0.0-150200.4.18.11
    * maven-plugin-tools-java-3.15.1-150200.3.15.12
    * maven-dependency-analyzer-1.15.1-150200.3.10.3
    * maven-plugin-tools-api-3.15.1-150200.3.15.12
    * maven-plugin-plugin-javadoc-3.15.1-150200.3.15.2
    * maven-surefire-report-plugin-3.5.2-150200.3.9.20.2
    * maven-dependency-plugin-javadoc-3.8.1-150200.3.10.2
    * maven-javadoc-plugin-bootstrap-3.11.1-150200.4.21.2
    * maven-surefire-plugins-javadoc-3.5.2-150200.3.9.20.2
    * maven-doxia-sitetools-javadoc-2.0.0-150200.3.18.3
    * maven-plugin-tools-javadoc-3.15.1-150200.3.15.12
    * maven-failsafe-plugin-3.5.2-150200.3.9.20.2
    * maven-reporting-api-javadoc-4.0.0-150200.3.10.12
    * maven-script-ant-3.15.1-150200.3.15.12
    * maven-surefire-provider-testng-3.5.2-150200.3.9.20.12
    * maven-javadoc-plugin-javadoc-3.11.1-150200.4.21.2
    * maven-doxia-module-xhtml5-2.0.0-150200.4.18.11
    * maven-invoker-3.3.0-150200.3.7.5
    * maven-surefire-plugin-3.5.2-150200.3.9.20.2
  * Development Tools Module 15-SP6 (noarch)
    * maven-surefire-plugin-3.5.2-150200.3.9.20.2
    * maven-surefire-3.5.2-150200.3.9.20.12
    * maven-invoker-3.3.0-150200.3.7.5
    * maven-plugin-annotations-3.15.1-150200.3.15.12
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * maven-doxia-module-apt-2.0.0-150200.4.18.11
    * maven-surefire-provider-junit-3.5.2-150200.3.9.20.12
    * maven-javadoc-plugin-3.11.1-150200.4.21.2
    * maven-plugin-annotations-3.15.1-150200.3.15.12
    * plexus-velocity-2.1.0-150200.3.10.3
    * maven-doxia-module-xdoc-2.0.0-150200.4.18.11
    * maven-surefire-3.5.2-150200.3.9.20.12
    * maven-surefire-plugin-3.5.2-150200.3.9.20.2
    * maven-invoker-3.3.0-150200.3.7.5
    * maven-reporting-api-4.0.0-150200.3.10.12
    * maven-surefire-provider-testng-3.5.2-150200.3.9.20.12
    * velocity-engine-core-2.4-150200.5.3.3
    * maven-doxia-sitetools-2.0.0-150200.3.18.3
    * maven-doxia-module-xhtml5-2.0.0-150200.4.18.11
    * maven-doxia-sink-api-2.0.0-150200.4.18.11
    * maven-doxia-core-2.0.0-150200.4.18.11
    * maven-doxia-module-fml-2.0.0-150200.4.18.11
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * maven-doxia-module-apt-2.0.0-150200.4.18.11
    * maven-surefire-provider-junit-3.5.2-150200.3.9.20.12
    * maven-javadoc-plugin-3.11.1-150200.4.21.2
    * maven-plugin-annotations-3.15.1-150200.3.15.12
    * plexus-velocity-2.1.0-150200.3.10.3
    * maven-doxia-module-xdoc-2.0.0-150200.4.18.11
    * maven-surefire-3.5.2-150200.3.9.20.12
    * maven-surefire-plugin-3.5.2-150200.3.9.20.2
    * maven-invoker-3.3.0-150200.3.7.5
    * maven-reporting-api-4.0.0-150200.3.10.12
    * maven-surefire-provider-testng-3.5.2-150200.3.9.20.12
    * velocity-engine-core-2.4-150200.5.3.3
    * maven-doxia-sitetools-2.0.0-150200.3.18.3
    * maven-doxia-module-xhtml5-2.0.0-150200.4.18.11
    * maven-doxia-sink-api-2.0.0-150200.4.18.11
    * maven-doxia-core-2.0.0-150200.4.18.11
    * maven-doxia-module-fml-2.0.0-150200.4.18.11
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * maven-doxia-module-apt-2.0.0-150200.4.18.11
    * maven-surefire-provider-junit-3.5.2-150200.3.9.20.12
    * maven-javadoc-plugin-3.11.1-150200.4.21.2
    * maven-plugin-annotations-3.15.1-150200.3.15.12
    * plexus-velocity-2.1.0-150200.3.10.3
    * maven-doxia-module-xdoc-2.0.0-150200.4.18.11
    * maven-surefire-3.5.2-150200.3.9.20.12
    * maven-surefire-plugin-3.5.2-150200.3.9.20.2
    * maven-invoker-3.3.0-150200.3.7.5
    * maven-reporting-api-4.0.0-150200.3.10.12
    * maven-surefire-provider-testng-3.5.2-150200.3.9.20.12
    * velocity-engine-core-2.4-150200.5.3.3
    * maven-doxia-sitetools-2.0.0-150200.3.18.3
    * maven-doxia-module-xhtml5-2.0.0-150200.4.18.11
    * maven-doxia-sink-api-2.0.0-150200.4.18.11
    * maven-doxia-core-2.0.0-150200.4.18.11
    * maven-doxia-module-fml-2.0.0-150200.4.18.11
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * maven-doxia-module-apt-2.0.0-150200.4.18.11
    * maven-surefire-provider-junit-3.5.2-150200.3.9.20.12
    * maven-javadoc-plugin-3.11.1-150200.4.21.2
    * maven-plugin-annotations-3.15.1-150200.3.15.12
    * plexus-velocity-2.1.0-150200.3.10.3
    * maven-doxia-module-xdoc-2.0.0-150200.4.18.11
    * maven-surefire-3.5.2-150200.3.9.20.12
    * maven-surefire-plugin-3.5.2-150200.3.9.20.2
    * maven-invoker-3.3.0-150200.3.7.5
    * maven-reporting-api-4.0.0-150200.3.10.12
    * maven-surefire-provider-testng-3.5.2-150200.3.9.20.12
    * velocity-engine-core-2.4-150200.5.3.3
    * maven-doxia-sitetools-2.0.0-150200.3.18.3
    * maven-doxia-module-xhtml5-2.0.0-150200.4.18.11
    * maven-doxia-sink-api-2.0.0-150200.4.18.11
    * maven-doxia-core-2.0.0-150200.4.18.11
    * maven-doxia-module-fml-2.0.0-150200.4.18.11
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * maven-doxia-module-apt-2.0.0-150200.4.18.11
    * maven-surefire-provider-junit-3.5.2-150200.3.9.20.12
    * maven-javadoc-plugin-3.11.1-150200.4.21.2
    * maven-plugin-annotations-3.15.1-150200.3.15.12
    * plexus-velocity-2.1.0-150200.3.10.3
    * maven-doxia-module-xdoc-2.0.0-150200.4.18.11
    * maven-surefire-3.5.2-150200.3.9.20.12
    * maven-surefire-plugin-3.5.2-150200.3.9.20.2
    * maven-invoker-3.3.0-150200.3.7.5
    * maven-reporting-api-4.0.0-150200.3.10.12
    * maven-surefire-provider-testng-3.5.2-150200.3.9.20.12
    * velocity-engine-core-2.4-150200.5.3.3
    * maven-doxia-sitetools-2.0.0-150200.3.18.3
    * maven-doxia-module-xhtml5-2.0.0-150200.4.18.11
    * maven-doxia-sink-api-2.0.0-150200.4.18.11
    * maven-doxia-core-2.0.0-150200.4.18.11
    * maven-doxia-module-fml-2.0.0-150200.4.18.11
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * maven-doxia-module-apt-2.0.0-150200.4.18.11
    * maven-surefire-provider-junit-3.5.2-150200.3.9.20.12
    * maven-javadoc-plugin-3.11.1-150200.4.21.2
    * maven-plugin-annotations-3.15.1-150200.3.15.12
    * plexus-velocity-2.1.0-150200.3.10.3
    * maven-doxia-module-xdoc-2.0.0-150200.4.18.11
    * maven-surefire-3.5.2-150200.3.9.20.12
    * maven-surefire-plugin-3.5.2-150200.3.9.20.2
    * maven-invoker-3.3.0-150200.3.7.5
    * maven-reporting-api-4.0.0-150200.3.10.12
    * maven-surefire-provider-testng-3.5.2-150200.3.9.20.12
    * velocity-engine-core-2.4-150200.5.3.3
    * maven-doxia-sitetools-2.0.0-150200.3.18.3
    * maven-doxia-module-xhtml5-2.0.0-150200.4.18.11
    * maven-doxia-sink-api-2.0.0-150200.4.18.11
    * maven-doxia-core-2.0.0-150200.4.18.11
    * maven-doxia-module-fml-2.0.0-150200.4.18.11
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * maven-doxia-module-apt-2.0.0-150200.4.18.11
    * maven-surefire-provider-junit-3.5.2-150200.3.9.20.12
    * maven-javadoc-plugin-3.11.1-150200.4.21.2
    * maven-plugin-annotations-3.15.1-150200.3.15.12
    * plexus-velocity-2.1.0-150200.3.10.3
    * maven-doxia-module-xdoc-2.0.0-150200.4.18.11
    * maven-surefire-3.5.2-150200.3.9.20.12
    * maven-surefire-plugin-3.5.2-150200.3.9.20.2
    * maven-invoker-3.3.0-150200.3.7.5
    * maven-reporting-api-4.0.0-150200.3.10.12
    * maven-surefire-provider-testng-3.5.2-150200.3.9.20.12
    * velocity-engine-core-2.4-150200.5.3.3
    * maven-doxia-sitetools-2.0.0-150200.3.18.3
    * maven-doxia-module-xhtml5-2.0.0-150200.4.18.11
    * maven-doxia-sink-api-2.0.0-150200.4.18.11
    * maven-doxia-core-2.0.0-150200.4.18.11
    * maven-doxia-module-fml-2.0.0-150200.4.18.11
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * maven-doxia-module-apt-2.0.0-150200.4.18.11
    * maven-surefire-provider-junit-3.5.2-150200.3.9.20.12
    * maven-javadoc-plugin-3.11.1-150200.4.21.2
    * maven-plugin-annotations-3.15.1-150200.3.15.12
    * plexus-velocity-2.1.0-150200.3.10.3
    * maven-doxia-module-xdoc-2.0.0-150200.4.18.11
    * maven-surefire-3.5.2-150200.3.9.20.12
    * maven-surefire-plugin-3.5.2-150200.3.9.20.2
    * maven-invoker-3.3.0-150200.3.7.5
    * maven-reporting-api-4.0.0-150200.3.10.12
    * maven-surefire-provider-testng-3.5.2-150200.3.9.20.12
    * velocity-engine-core-2.4-150200.5.3.3
    * maven-doxia-sitetools-2.0.0-150200.3.18.3
    * maven-doxia-module-xhtml5-2.0.0-150200.4.18.11
    * maven-doxia-sink-api-2.0.0-150200.4.18.11
    * maven-doxia-core-2.0.0-150200.4.18.11
    * maven-doxia-module-fml-2.0.0-150200.4.18.11
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * maven-doxia-module-apt-2.0.0-150200.4.18.11
    * maven-surefire-provider-junit-3.5.2-150200.3.9.20.12
    * maven-javadoc-plugin-3.11.1-150200.4.21.2
    * maven-plugin-annotations-3.15.1-150200.3.15.12
    * plexus-velocity-2.1.0-150200.3.10.3
    * maven-doxia-module-xdoc-2.0.0-150200.4.18.11
    * maven-surefire-3.5.2-150200.3.9.20.12
    * maven-surefire-plugin-3.5.2-150200.3.9.20.2
    * maven-invoker-3.3.0-150200.3.7.5
    * maven-reporting-api-4.0.0-150200.3.10.12
    * maven-surefire-provider-testng-3.5.2-150200.3.9.20.12
    * velocity-engine-core-2.4-150200.5.3.3
    * maven-doxia-sitetools-2.0.0-150200.3.18.3
    * maven-doxia-module-xhtml5-2.0.0-150200.4.18.11
    * maven-doxia-sink-api-2.0.0-150200.4.18.11
    * maven-doxia-core-2.0.0-150200.4.18.11
    * maven-doxia-module-fml-2.0.0-150200.4.18.11
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * maven-doxia-module-apt-2.0.0-150200.4.18.11
    * maven-surefire-provider-junit-3.5.2-150200.3.9.20.12
    * maven-javadoc-plugin-3.11.1-150200.4.21.2
    * maven-plugin-annotations-3.15.1-150200.3.15.12
    * plexus-velocity-2.1.0-150200.3.10.3
    * maven-doxia-module-xdoc-2.0.0-150200.4.18.11
    * maven-surefire-3.5.2-150200.3.9.20.12
    * maven-surefire-plugin-3.5.2-150200.3.9.20.2
    * maven-invoker-3.3.0-150200.3.7.5
    * maven-reporting-api-4.0.0-150200.3.10.12
    * maven-surefire-provider-testng-3.5.2-150200.3.9.20.12
    * velocity-engine-core-2.4-150200.5.3.3
    * maven-doxia-sitetools-2.0.0-150200.3.18.3
    * maven-doxia-module-xhtml5-2.0.0-150200.4.18.11
    * maven-doxia-sink-api-2.0.0-150200.4.18.11
    * maven-doxia-core-2.0.0-150200.4.18.11
    * maven-doxia-module-fml-2.0.0-150200.4.18.11
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * maven-doxia-module-apt-2.0.0-150200.4.18.11
    * maven-surefire-provider-junit-3.5.2-150200.3.9.20.12
    * maven-javadoc-plugin-3.11.1-150200.4.21.2
    * maven-plugin-annotations-3.15.1-150200.3.15.12
    * plexus-velocity-2.1.0-150200.3.10.3
    * maven-doxia-module-xdoc-2.0.0-150200.4.18.11
    * maven-surefire-3.5.2-150200.3.9.20.12
    * maven-surefire-plugin-3.5.2-150200.3.9.20.2
    * maven-invoker-3.3.0-150200.3.7.5
    * maven-reporting-api-4.0.0-150200.3.10.12
    * maven-surefire-provider-testng-3.5.2-150200.3.9.20.12
    * velocity-engine-core-2.4-150200.5.3.3
    * maven-doxia-sitetools-2.0.0-150200.3.18.3
    * maven-doxia-module-xhtml5-2.0.0-150200.4.18.11
    * maven-doxia-sink-api-2.0.0-150200.4.18.11
    * maven-doxia-core-2.0.0-150200.4.18.11
    * maven-doxia-module-fml-2.0.0-150200.4.18.11
  * SUSE Enterprise Storage 7.1 (noarch)
    * maven-doxia-module-apt-2.0.0-150200.4.18.11
    * maven-surefire-provider-junit-3.5.2-150200.3.9.20.12
    * maven-javadoc-plugin-3.11.1-150200.4.21.2
    * maven-plugin-annotations-3.15.1-150200.3.15.12
    * plexus-velocity-2.1.0-150200.3.10.3
    * maven-doxia-module-xdoc-2.0.0-150200.4.18.11
    * maven-surefire-3.5.2-150200.3.9.20.12
    * maven-surefire-plugin-3.5.2-150200.3.9.20.2
    * maven-invoker-3.3.0-150200.3.7.5
    * maven-reporting-api-4.0.0-150200.3.10.12
    * maven-surefire-provider-testng-3.5.2-150200.3.9.20.12
    * velocity-engine-core-2.4-150200.5.3.3
    * maven-doxia-sitetools-2.0.0-150200.3.18.3
    * maven-doxia-module-xhtml5-2.0.0-150200.4.18.11
    * maven-doxia-sink-api-2.0.0-150200.4.18.11
    * maven-doxia-core-2.0.0-150200.4.18.11
    * maven-doxia-module-fml-2.0.0-150200.4.18.11

## References:

  * https://www.suse.com/security/cve/CVE-2020-13936.html

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250226/4625e620/attachment.htm>

From null at suse.de  Wed Feb 26 08:30:03 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 26 Feb 2025 08:30:03 -0000
Subject: SUSE-RU-2025:0718-1: moderate: Recommended update for spack
Message-ID: <174055860381.17651.12878299391640762384@smelt2.prg2.suse.org>



# Recommended update for spack

Announcement ID: SUSE-RU-2025:0718-1  
Release Date: 2025-02-26T05:40:03Z  
Rating: moderate  
References:

  
Affected Products:

  * openSUSE Leap 15.3
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3

  
  
An update that can now be installed.

## Description:

This update for spack fixes the following issues:

  * spack was updated from version 0.23.0 to version 0.23.1:

  * Fixed a correctness issue of `ArchSpec.intersects`.

  * Make extra_attributes order independent in Spec hashing.
  * Fixed issue where system proxy settings were not respected in OCI build
    caches.
  * Fixed an issue where the `--test` concretizer flag was not forwarded
    correctly.
  * Ensure proper UTF-8 encoding/decoding in logging.
  * Fixed issues related `to filter_file`.
  * Fixed an issue related to creating bootstrap source mirrors.
  * Fixed an issue where command line config arguments were not always top
    level.
  * Fixed an incorrect typehint of `concretized()`.
  * Improved mention of next Spack version in warning. Tests: fixed forward
    compatibility with Python 3.13.
  * Docs: encourage use of `--oci-username-variable` and `--oci-password-
    variable`.
  * Docs: ensure Getting Started has bootstrap list output in correct place.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-718=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-718=1

## Package List:

  * openSUSE Leap 15.3 (noarch)
    * spack-man-0.23.1-150300.24.1
    * spack-info-0.23.1-150300.24.1
    * spack-recipes-0.23.1-150300.24.1
    * spack-build-dependencies-0.23.1-150300.24.1
    * spack-0.23.1-150300.24.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * spack-recipes-0.23.1-150300.24.1
    * spack-0.23.1-150300.24.1
    * spack-man-0.23.1-150300.24.1
    * spack-info-0.23.1-150300.24.1

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250226/502de806/attachment.htm>

From null at suse.de  Wed Feb 26 08:30:04 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 26 Feb 2025 08:30:04 -0000
Subject: SUSE-RU-2025:0717-1: moderate: Recommended update for spack
Message-ID: <174055860488.17651.4590740495593610973@smelt2.prg2.suse.org>



# Recommended update for spack

Announcement ID: SUSE-RU-2025:0717-1  
Release Date: 2025-02-26T05:39:09Z  
Rating: moderate  
References:

  
Affected Products:

  * HPC Module 15-SP6
  * openSUSE Leap 15.4
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Server 15 SP6

  
  
An update that can now be installed.

## Description:

This update for spack fixes the following issues:

  * spack was updated from version 0.23.0 to version 0.23.1:

  * Fixed a correctness issue of `ArchSpec.intersects`.

  * Make extra_attributes order independent in Spec hashing.
  * Fixed issue where system proxy settings were not respected in OCI build
    caches.
  * Fixed an issue where the `--test` concretizer flag was not forwarded
    correctly.
  * Ensure proper UTF-8 encoding/decoding in logging.
  * Fixed issues related `to filter_file`.
  * Fixed an issue related to creating bootstrap source mirrors.
  * Fixed an issue where command line config arguments were not always top
    level.
  * Fixed an incorrect typehint of `concretized()`.
  * Improved mention of next Spack version in warning. Tests: fixed forward
    compatibility with Python 3.13.
  * Docs: encourage use of `--oci-username-variable` and `--oci-password-
    variable`.
  * Docs: ensure Getting Started has bootstrap list output in correct place.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-717=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-717=1

  * HPC Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-HPC-15-SP6-2025-717=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-717=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-717=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-717=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-717=1

## Package List:

  * openSUSE Leap 15.4 (noarch)
    * spack-man-0.23.1-150400.24.1
    * spack-0.23.1-150400.24.1
    * spack-build-dependencies-0.23.1-150400.24.1
    * spack-info-0.23.1-150400.24.1
    * spack-recipes-0.23.1-150400.24.1
  * openSUSE Leap 15.6 (noarch)
    * spack-recipes-0.23.1-150400.24.1
    * spack-0.23.1-150400.24.1
    * spack-man-0.23.1-150400.24.1
    * spack-info-0.23.1-150400.24.1
  * HPC Module 15-SP6 (noarch)
    * spack-recipes-0.23.1-150400.24.1
    * spack-0.23.1-150400.24.1
    * spack-man-0.23.1-150400.24.1
    * spack-info-0.23.1-150400.24.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * spack-recipes-0.23.1-150400.24.1
    * spack-0.23.1-150400.24.1
    * spack-man-0.23.1-150400.24.1
    * spack-info-0.23.1-150400.24.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * spack-recipes-0.23.1-150400.24.1
    * spack-0.23.1-150400.24.1
    * spack-man-0.23.1-150400.24.1
    * spack-info-0.23.1-150400.24.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * spack-recipes-0.23.1-150400.24.1
    * spack-0.23.1-150400.24.1
    * spack-man-0.23.1-150400.24.1
    * spack-info-0.23.1-150400.24.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * spack-recipes-0.23.1-150400.24.1
    * spack-0.23.1-150400.24.1
    * spack-man-0.23.1-150400.24.1
    * spack-info-0.23.1-150400.24.1

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250226/52d74ea9/attachment.htm>

From null at suse.de  Wed Feb 26 12:30:02 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 26 Feb 2025 12:30:02 -0000
Subject: SUSE-RU-2025:0721-1: moderate: Recommended update for open-iscsi
Message-ID: <174057300200.17651.18040207134909953321@smelt2.prg2.suse.org>



# Recommended update for open-iscsi

Announcement ID: SUSE-RU-2025:0721-1  
Release Date: 2025-02-26T09:06:17Z  
Rating: moderate  
References:

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4

  
  
An update that can now be installed.

## Description:

This update for open-iscsi fixes the following issues:

  * Moved this patch upstream, so now it's part of the diff file and is no
    longer needed here

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-721=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-721=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-721=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-721=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-721=1

## Package List:

  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * libopeniscsiusr0_2_0-debuginfo-2.1.7-150400.39.14.1
    * open-iscsi-2.1.7-150400.39.14.1
    * open-iscsi-devel-2.1.7-150400.39.14.1
    * open-iscsi-debuginfo-2.1.7-150400.39.14.1
    * iscsiuio-debuginfo-0.7.8.6-150400.39.14.1
    * open-iscsi-debugsource-2.1.7-150400.39.14.1
    * iscsiuio-0.7.8.6-150400.39.14.1
    * libopeniscsiusr0_2_0-2.1.7-150400.39.14.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * libopeniscsiusr0_2_0-debuginfo-2.1.7-150400.39.14.1
    * open-iscsi-2.1.7-150400.39.14.1
    * open-iscsi-debuginfo-2.1.7-150400.39.14.1
    * iscsiuio-debuginfo-0.7.8.6-150400.39.14.1
    * open-iscsi-debugsource-2.1.7-150400.39.14.1
    * iscsiuio-0.7.8.6-150400.39.14.1
    * libopeniscsiusr0_2_0-2.1.7-150400.39.14.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * libopeniscsiusr0_2_0-debuginfo-2.1.7-150400.39.14.1
    * open-iscsi-2.1.7-150400.39.14.1
    * open-iscsi-debuginfo-2.1.7-150400.39.14.1
    * iscsiuio-debuginfo-0.7.8.6-150400.39.14.1
    * open-iscsi-debugsource-2.1.7-150400.39.14.1
    * iscsiuio-0.7.8.6-150400.39.14.1
    * libopeniscsiusr0_2_0-2.1.7-150400.39.14.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * libopeniscsiusr0_2_0-debuginfo-2.1.7-150400.39.14.1
    * open-iscsi-2.1.7-150400.39.14.1
    * open-iscsi-debuginfo-2.1.7-150400.39.14.1
    * iscsiuio-debuginfo-0.7.8.6-150400.39.14.1
    * open-iscsi-debugsource-2.1.7-150400.39.14.1
    * iscsiuio-0.7.8.6-150400.39.14.1
    * libopeniscsiusr0_2_0-2.1.7-150400.39.14.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * libopeniscsiusr0_2_0-debuginfo-2.1.7-150400.39.14.1
    * open-iscsi-2.1.7-150400.39.14.1
    * open-iscsi-debuginfo-2.1.7-150400.39.14.1
    * iscsiuio-debuginfo-0.7.8.6-150400.39.14.1
    * open-iscsi-debugsource-2.1.7-150400.39.14.1
    * iscsiuio-0.7.8.6-150400.39.14.1
    * libopeniscsiusr0_2_0-2.1.7-150400.39.14.1

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250226/04cfe62b/attachment.htm>

From null at suse.de  Wed Feb 26 12:30:09 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 26 Feb 2025 12:30:09 -0000
Subject: SUSE-RU-2025:0720-1: low: Recommended update for dnsmasq
Message-ID: <174057300945.17651.13845845437278320508@smelt2.prg2.suse.org>



# Recommended update for dnsmasq

Announcement ID: SUSE-RU-2025:0720-1  
Release Date: 2025-02-26T09:05:59Z  
Rating: low  
References:

  * bsc#1235517
  * bsc#1235834

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.4
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that has two fixes can now be installed.

## Description:

This update for dnsmasq fixes the following issues:

  * Don't let compile time options change silently (bsc#1235834)
  * Use pkgconfig for libidn2.
  * Disable --nftset for SLE-15-SP3 and older.
  * Reintroduce nogroup for SLE-15-SP3 and older (bsc#1235517)
  * Enable --nftset support

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-720=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-720=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-720=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-720=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-720=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-720=1

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-720=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-720=1

## Package List:

  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * dnsmasq-debuginfo-2.90-150400.16.6.2
    * dnsmasq-2.90-150400.16.6.2
    * dnsmasq-debugsource-2.90-150400.16.6.2
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * dnsmasq-debuginfo-2.90-150400.16.6.2
    * dnsmasq-2.90-150400.16.6.2
    * dnsmasq-debugsource-2.90-150400.16.6.2
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * dnsmasq-debuginfo-2.90-150400.16.6.2
    * dnsmasq-2.90-150400.16.6.2
    * dnsmasq-debugsource-2.90-150400.16.6.2
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * dnsmasq-debuginfo-2.90-150400.16.6.2
    * dnsmasq-2.90-150400.16.6.2
    * dnsmasq-debugsource-2.90-150400.16.6.2
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * dnsmasq-debuginfo-2.90-150400.16.6.2
    * dnsmasq-2.90-150400.16.6.2
    * dnsmasq-debugsource-2.90-150400.16.6.2
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * dnsmasq-debuginfo-2.90-150400.16.6.2
    * dnsmasq-2.90-150400.16.6.2
    * dnsmasq-debugsource-2.90-150400.16.6.2
  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * dnsmasq-utils-debuginfo-2.90-150400.16.6.2
    * dnsmasq-debuginfo-2.90-150400.16.6.2
    * dnsmasq-utils-2.90-150400.16.6.2
    * dnsmasq-2.90-150400.16.6.2
    * dnsmasq-debugsource-2.90-150400.16.6.2
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * dnsmasq-utils-debuginfo-2.90-150400.16.6.2
    * dnsmasq-debuginfo-2.90-150400.16.6.2
    * dnsmasq-utils-2.90-150400.16.6.2
    * dnsmasq-2.90-150400.16.6.2
    * dnsmasq-debugsource-2.90-150400.16.6.2

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1235517
  * https://bugzilla.suse.com/show_bug.cgi?id=1235834

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250226/d8dbf5b3/attachment.htm>

From null at suse.de  Wed Feb 26 16:30:12 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 26 Feb 2025 16:30:12 -0000
Subject: SUSE-SU-2025:0734-1: important: Security update for xorg-x11-server
Message-ID: <174058741274.17461.7100312270823042386@smelt2.prg2.suse.org>



# Security update for xorg-x11-server

Announcement ID: SUSE-SU-2025:0734-1  
Release Date: 2025-02-26T14:32:45Z  
Rating: important  
References:

  * bsc#1237427
  * bsc#1237429
  * bsc#1237430
  * bsc#1237431
  * bsc#1237432
  * bsc#1237433
  * bsc#1237434
  * bsc#1237435

  
Cross-References:

  * CVE-2025-26594
  * CVE-2025-26595
  * CVE-2025-26596
  * CVE-2025-26597
  * CVE-2025-26598
  * CVE-2025-26599
  * CVE-2025-26600
  * CVE-2025-26601

  
CVSS scores:

  * CVE-2025-26594 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L
  * CVE-2025-26594 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
  * CVE-2025-26594 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26595 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26595 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2025-26595 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26596 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26596 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2025-26596 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26597 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26597 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2025-26597 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26598 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-26598 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L
  * CVE-2025-26598 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26599 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-26599 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L
  * CVE-2025-26599 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26600 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-26600 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26601 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-26601 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves eight vulnerabilities can now be installed.

## Description:

This update for xorg-x11-server fixes the following issues:

  * CVE-2025-26594: Use-after-free of the root cursor (bsc#1237427).
  * CVE-2025-26595: Buffer overflow in XkbVModMaskText() (bsc#1237429).
  * CVE-2025-26596: Heap overflow in XkbWriteKeySyms() (bsc#1237430).
  * CVE-2025-26597: Buffer overflow in XkbChangeTypesOfKey() (bsc#1237431).
  * CVE-2025-26598: Out-of-bounds write in CreatePointerBarrierClient()
    (bsc#1237432).
  * CVE-2025-26599: Use of uninitialized pointer in compRedirectWindow()
    (bsc#1237433).
  * CVE-2025-26600: Use-after-free in PlayReleasedEvents() (bsc#1237434).
  * CVE-2025-26601: Use-after-free in SyncInitTrigger() (bsc#1237435).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-734=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-734=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * xorg-x11-server-debugsource-1.19.6-10.80.1
    * xorg-x11-server-extra-debuginfo-1.19.6-10.80.1
    * xorg-x11-server-1.19.6-10.80.1
    * xorg-x11-server-debuginfo-1.19.6-10.80.1
    * xorg-x11-server-extra-1.19.6-10.80.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * xorg-x11-server-debugsource-1.19.6-10.80.1
    * xorg-x11-server-extra-debuginfo-1.19.6-10.80.1
    * xorg-x11-server-1.19.6-10.80.1
    * xorg-x11-server-debuginfo-1.19.6-10.80.1
    * xorg-x11-server-extra-1.19.6-10.80.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-26594.html
  * https://www.suse.com/security/cve/CVE-2025-26595.html
  * https://www.suse.com/security/cve/CVE-2025-26596.html
  * https://www.suse.com/security/cve/CVE-2025-26597.html
  * https://www.suse.com/security/cve/CVE-2025-26598.html
  * https://www.suse.com/security/cve/CVE-2025-26599.html
  * https://www.suse.com/security/cve/CVE-2025-26600.html
  * https://www.suse.com/security/cve/CVE-2025-26601.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237427
  * https://bugzilla.suse.com/show_bug.cgi?id=1237429
  * https://bugzilla.suse.com/show_bug.cgi?id=1237430
  * https://bugzilla.suse.com/show_bug.cgi?id=1237431
  * https://bugzilla.suse.com/show_bug.cgi?id=1237432
  * https://bugzilla.suse.com/show_bug.cgi?id=1237433
  * https://bugzilla.suse.com/show_bug.cgi?id=1237434
  * https://bugzilla.suse.com/show_bug.cgi?id=1237435

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250226/070524ed/attachment.htm>

From null at suse.de  Wed Feb 26 16:30:20 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 26 Feb 2025 16:30:20 -0000
Subject: SUSE-SU-2025:0733-1: important: Security update for xorg-x11-server
Message-ID: <174058742034.17461.17240549448683537933@smelt2.prg2.suse.org>



# Security update for xorg-x11-server

Announcement ID: SUSE-SU-2025:0733-1  
Release Date: 2025-02-26T14:32:07Z  
Rating: important  
References:

  * bsc#1237427
  * bsc#1237429
  * bsc#1237430
  * bsc#1237431
  * bsc#1237432
  * bsc#1237433
  * bsc#1237434
  * bsc#1237435

  
Cross-References:

  * CVE-2025-26594
  * CVE-2025-26595
  * CVE-2025-26596
  * CVE-2025-26597
  * CVE-2025-26598
  * CVE-2025-26599
  * CVE-2025-26600
  * CVE-2025-26601

  
CVSS scores:

  * CVE-2025-26594 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L
  * CVE-2025-26594 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
  * CVE-2025-26594 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26595 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26595 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2025-26595 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26596 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26596 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2025-26596 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26597 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26597 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2025-26597 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26598 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-26598 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L
  * CVE-2025-26598 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26599 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-26599 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L
  * CVE-2025-26599 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26600 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-26600 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26601 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-26601 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Linux Enterprise Workstation Extension 15 SP6

  
  
An update that solves eight vulnerabilities can now be installed.

## Description:

This update for xorg-x11-server fixes the following issues:

  * CVE-2025-26594: Use-after-free of the root cursor (bsc#1237427).
  * CVE-2025-26595: Buffer overflow in XkbVModMaskText() (bsc#1237429).
  * CVE-2025-26596: Heap overflow in XkbWriteKeySyms() (bsc#1237430).
  * CVE-2025-26597: Buffer overflow in XkbChangeTypesOfKey() (bsc#1237431).
  * CVE-2025-26598: Out-of-bounds write in CreatePointerBarrierClient()
    (bsc#1237432).
  * CVE-2025-26599: Use of uninitialized pointer in compRedirectWindow()
    (bsc#1237433).
  * CVE-2025-26600: Use-after-free in PlayReleasedEvents() (bsc#1237434).
  * CVE-2025-26601: Use-after-free in SyncInitTrigger() (bsc#1237435).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-733=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-733=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-733=1

  * SUSE Linux Enterprise Workstation Extension 15 SP6  
    zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2025-733=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-733=1

## Package List:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * xorg-x11-server-extra-1.20.3-150200.22.5.102.1
    * xorg-x11-server-debugsource-1.20.3-150200.22.5.102.1
    * xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.102.1
    * xorg-x11-server-debuginfo-1.20.3-150200.22.5.102.1
    * xorg-x11-server-sdk-1.20.3-150200.22.5.102.1
    * xorg-x11-server-1.20.3-150200.22.5.102.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * xorg-x11-server-extra-1.20.3-150200.22.5.102.1
    * xorg-x11-server-debugsource-1.20.3-150200.22.5.102.1
    * xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.102.1
    * xorg-x11-server-debuginfo-1.20.3-150200.22.5.102.1
    * xorg-x11-server-sdk-1.20.3-150200.22.5.102.1
    * xorg-x11-server-1.20.3-150200.22.5.102.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * xorg-x11-server-extra-1.20.3-150200.22.5.102.1
    * xorg-x11-server-debugsource-1.20.3-150200.22.5.102.1
    * xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.102.1
    * xorg-x11-server-debuginfo-1.20.3-150200.22.5.102.1
    * xorg-x11-server-sdk-1.20.3-150200.22.5.102.1
    * xorg-x11-server-1.20.3-150200.22.5.102.1
  * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64)
    * xorg-x11-server-wayland-debuginfo-1.20.3-150200.22.5.102.1
    * xorg-x11-server-debuginfo-1.20.3-150200.22.5.102.1
    * xorg-x11-server-wayland-1.20.3-150200.22.5.102.1
    * xorg-x11-server-debugsource-1.20.3-150200.22.5.102.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * xorg-x11-server-extra-1.20.3-150200.22.5.102.1
    * xorg-x11-server-debugsource-1.20.3-150200.22.5.102.1
    * xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.102.1
    * xorg-x11-server-debuginfo-1.20.3-150200.22.5.102.1
    * xorg-x11-server-sdk-1.20.3-150200.22.5.102.1
    * xorg-x11-server-1.20.3-150200.22.5.102.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-26594.html
  * https://www.suse.com/security/cve/CVE-2025-26595.html
  * https://www.suse.com/security/cve/CVE-2025-26596.html
  * https://www.suse.com/security/cve/CVE-2025-26597.html
  * https://www.suse.com/security/cve/CVE-2025-26598.html
  * https://www.suse.com/security/cve/CVE-2025-26599.html
  * https://www.suse.com/security/cve/CVE-2025-26600.html
  * https://www.suse.com/security/cve/CVE-2025-26601.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237427
  * https://bugzilla.suse.com/show_bug.cgi?id=1237429
  * https://bugzilla.suse.com/show_bug.cgi?id=1237430
  * https://bugzilla.suse.com/show_bug.cgi?id=1237431
  * https://bugzilla.suse.com/show_bug.cgi?id=1237432
  * https://bugzilla.suse.com/show_bug.cgi?id=1237433
  * https://bugzilla.suse.com/show_bug.cgi?id=1237434
  * https://bugzilla.suse.com/show_bug.cgi?id=1237435

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250226/3288c142/attachment.htm>

From null at suse.de  Wed Feb 26 16:30:26 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 26 Feb 2025 16:30:26 -0000
Subject: SUSE-SU-2025:0732-1: important: Security update for xorg-x11-server
Message-ID: <174058742697.17461.5849923017236841111@smelt2.prg2.suse.org>



# Security update for xorg-x11-server

Announcement ID: SUSE-SU-2025:0732-1  
Release Date: 2025-02-26T14:31:33Z  
Rating: important  
References:

  * bsc#1237427
  * bsc#1237429
  * bsc#1237430
  * bsc#1237431
  * bsc#1237432
  * bsc#1237433
  * bsc#1237434
  * bsc#1237435

  
Cross-References:

  * CVE-2025-26594
  * CVE-2025-26595
  * CVE-2025-26596
  * CVE-2025-26597
  * CVE-2025-26598
  * CVE-2025-26599
  * CVE-2025-26600
  * CVE-2025-26601

  
CVSS scores:

  * CVE-2025-26594 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L
  * CVE-2025-26594 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
  * CVE-2025-26594 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26595 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26595 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2025-26595 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26596 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26596 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2025-26596 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26597 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26597 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2025-26597 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26598 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-26598 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L
  * CVE-2025-26598 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26599 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-26599 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L
  * CVE-2025-26599 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26600 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-26600 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26601 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-26601 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves eight vulnerabilities can now be installed.

## Description:

This update for xorg-x11-server fixes the following issues:

  * CVE-2025-26594: Use-after-free of the root cursor (bsc#1237427).
  * CVE-2025-26595: Buffer overflow in XkbVModMaskText() (bsc#1237429).
  * CVE-2025-26596: Heap overflow in XkbWriteKeySyms() (bsc#1237430).
  * CVE-2025-26597: Buffer overflow in XkbChangeTypesOfKey() (bsc#1237431).
  * CVE-2025-26598: Out-of-bounds write in CreatePointerBarrierClient()
    (bsc#1237432).
  * CVE-2025-26599: Use of uninitialized pointer in compRedirectWindow()
    (bsc#1237433).
  * CVE-2025-26600: Use-after-free in PlayReleasedEvents() (bsc#1237434).
  * CVE-2025-26601: Use-after-free in SyncInitTrigger() (bsc#1237435).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-732=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-732=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-732=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-732=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-732=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-732=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-732=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-732=1

## Package List:

  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * xorg-x11-server-extra-1.20.3-150400.38.54.1
    * xorg-x11-server-1.20.3-150400.38.54.1
    * xorg-x11-server-debuginfo-1.20.3-150400.38.54.1
    * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.54.1
    * xorg-x11-server-sdk-1.20.3-150400.38.54.1
    * xorg-x11-server-debugsource-1.20.3-150400.38.54.1
    * xorg-x11-server-source-1.20.3-150400.38.54.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * xorg-x11-server-extra-1.20.3-150400.38.54.1
    * xorg-x11-server-1.20.3-150400.38.54.1
    * xorg-x11-server-debuginfo-1.20.3-150400.38.54.1
    * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.54.1
    * xorg-x11-server-sdk-1.20.3-150400.38.54.1
    * xorg-x11-server-debugsource-1.20.3-150400.38.54.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * xorg-x11-server-extra-1.20.3-150400.38.54.1
    * xorg-x11-server-1.20.3-150400.38.54.1
    * xorg-x11-server-debuginfo-1.20.3-150400.38.54.1
    * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.54.1
    * xorg-x11-server-sdk-1.20.3-150400.38.54.1
    * xorg-x11-server-debugsource-1.20.3-150400.38.54.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * xorg-x11-server-extra-1.20.3-150400.38.54.1
    * xorg-x11-server-1.20.3-150400.38.54.1
    * xorg-x11-server-debuginfo-1.20.3-150400.38.54.1
    * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.54.1
    * xorg-x11-server-sdk-1.20.3-150400.38.54.1
    * xorg-x11-server-debugsource-1.20.3-150400.38.54.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * xorg-x11-server-extra-1.20.3-150400.38.54.1
    * xorg-x11-server-1.20.3-150400.38.54.1
    * xorg-x11-server-debuginfo-1.20.3-150400.38.54.1
    * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.54.1
    * xorg-x11-server-sdk-1.20.3-150400.38.54.1
    * xorg-x11-server-debugsource-1.20.3-150400.38.54.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * xorg-x11-server-extra-1.20.3-150400.38.54.1
    * xorg-x11-server-1.20.3-150400.38.54.1
    * xorg-x11-server-debuginfo-1.20.3-150400.38.54.1
    * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.54.1
    * xorg-x11-server-debugsource-1.20.3-150400.38.54.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * xorg-x11-server-extra-1.20.3-150400.38.54.1
    * xorg-x11-server-1.20.3-150400.38.54.1
    * xorg-x11-server-debuginfo-1.20.3-150400.38.54.1
    * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.54.1
    * xorg-x11-server-debugsource-1.20.3-150400.38.54.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * xorg-x11-server-extra-1.20.3-150400.38.54.1
    * xorg-x11-server-1.20.3-150400.38.54.1
    * xorg-x11-server-debuginfo-1.20.3-150400.38.54.1
    * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.54.1
    * xorg-x11-server-debugsource-1.20.3-150400.38.54.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-26594.html
  * https://www.suse.com/security/cve/CVE-2025-26595.html
  * https://www.suse.com/security/cve/CVE-2025-26596.html
  * https://www.suse.com/security/cve/CVE-2025-26597.html
  * https://www.suse.com/security/cve/CVE-2025-26598.html
  * https://www.suse.com/security/cve/CVE-2025-26599.html
  * https://www.suse.com/security/cve/CVE-2025-26600.html
  * https://www.suse.com/security/cve/CVE-2025-26601.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237427
  * https://bugzilla.suse.com/show_bug.cgi?id=1237429
  * https://bugzilla.suse.com/show_bug.cgi?id=1237430
  * https://bugzilla.suse.com/show_bug.cgi?id=1237431
  * https://bugzilla.suse.com/show_bug.cgi?id=1237432
  * https://bugzilla.suse.com/show_bug.cgi?id=1237433
  * https://bugzilla.suse.com/show_bug.cgi?id=1237434
  * https://bugzilla.suse.com/show_bug.cgi?id=1237435

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250226/f96f959b/attachment.htm>

From null at suse.de  Wed Feb 26 16:30:34 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 26 Feb 2025 16:30:34 -0000
Subject: SUSE-SU-2025:0731-1: important: Security update for xorg-x11-server
Message-ID: <174058743432.17461.17298180599100728112@smelt2.prg2.suse.org>



# Security update for xorg-x11-server

Announcement ID: SUSE-SU-2025:0731-1  
Release Date: 2025-02-26T14:30:17Z  
Rating: important  
References:

  * bsc#1237427
  * bsc#1237429
  * bsc#1237430
  * bsc#1237431
  * bsc#1237432
  * bsc#1237433
  * bsc#1237434
  * bsc#1237435

  
Cross-References:

  * CVE-2025-26594
  * CVE-2025-26595
  * CVE-2025-26596
  * CVE-2025-26597
  * CVE-2025-26598
  * CVE-2025-26599
  * CVE-2025-26600
  * CVE-2025-26601

  
CVSS scores:

  * CVE-2025-26594 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L
  * CVE-2025-26594 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
  * CVE-2025-26594 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26595 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26595 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2025-26595 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26596 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26596 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2025-26596 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26597 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26597 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2025-26597 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26598 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-26598 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L
  * CVE-2025-26598 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26599 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-26599 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L
  * CVE-2025-26599 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26600 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-26600 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26601 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-26601 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.5
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5

  
  
An update that solves eight vulnerabilities can now be installed.

## Description:

This update for xorg-x11-server fixes the following issues:

  * CVE-2025-26594: Use-after-free of the root cursor (bsc#1237427).
  * CVE-2025-26595: Buffer overflow in XkbVModMaskText() (bsc#1237429).
  * CVE-2025-26596: Heap overflow in XkbWriteKeySyms() (bsc#1237430).
  * CVE-2025-26597: Buffer overflow in XkbChangeTypesOfKey() (bsc#1237431).
  * CVE-2025-26598: Out-of-bounds write in CreatePointerBarrierClient()
    (bsc#1237432).
  * CVE-2025-26599: Use of uninitialized pointer in compRedirectWindow()
    (bsc#1237433).
  * CVE-2025-26600: Use-after-free in PlayReleasedEvents() (bsc#1237434).
  * CVE-2025-26601: Use-after-free in SyncInitTrigger() (bsc#1237435).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-731=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-731=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-731=1

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-731=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-731=1

## Package List:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * xorg-x11-server-Xvfb-debuginfo-21.1.4-150500.7.32.1
    * xorg-x11-server-extra-21.1.4-150500.7.32.1
    * xorg-x11-server-21.1.4-150500.7.32.1
    * xorg-x11-server-debuginfo-21.1.4-150500.7.32.1
    * xorg-x11-server-sdk-21.1.4-150500.7.32.1
    * xorg-x11-server-debugsource-21.1.4-150500.7.32.1
    * xorg-x11-server-extra-debuginfo-21.1.4-150500.7.32.1
    * xorg-x11-server-Xvfb-21.1.4-150500.7.32.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * xorg-x11-server-Xvfb-debuginfo-21.1.4-150500.7.32.1
    * xorg-x11-server-extra-21.1.4-150500.7.32.1
    * xorg-x11-server-21.1.4-150500.7.32.1
    * xorg-x11-server-debuginfo-21.1.4-150500.7.32.1
    * xorg-x11-server-sdk-21.1.4-150500.7.32.1
    * xorg-x11-server-debugsource-21.1.4-150500.7.32.1
    * xorg-x11-server-extra-debuginfo-21.1.4-150500.7.32.1
    * xorg-x11-server-Xvfb-21.1.4-150500.7.32.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * xorg-x11-server-Xvfb-debuginfo-21.1.4-150500.7.32.1
    * xorg-x11-server-extra-21.1.4-150500.7.32.1
    * xorg-x11-server-21.1.4-150500.7.32.1
    * xorg-x11-server-debuginfo-21.1.4-150500.7.32.1
    * xorg-x11-server-sdk-21.1.4-150500.7.32.1
    * xorg-x11-server-debugsource-21.1.4-150500.7.32.1
    * xorg-x11-server-extra-debuginfo-21.1.4-150500.7.32.1
    * xorg-x11-server-Xvfb-21.1.4-150500.7.32.1
  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
    * xorg-x11-server-Xvfb-debuginfo-21.1.4-150500.7.32.1
    * xorg-x11-server-extra-21.1.4-150500.7.32.1
    * xorg-x11-server-source-21.1.4-150500.7.32.1
    * xorg-x11-server-21.1.4-150500.7.32.1
    * xorg-x11-server-debuginfo-21.1.4-150500.7.32.1
    * xorg-x11-server-sdk-21.1.4-150500.7.32.1
    * xorg-x11-server-debugsource-21.1.4-150500.7.32.1
    * xorg-x11-server-extra-debuginfo-21.1.4-150500.7.32.1
    * xorg-x11-server-Xvfb-21.1.4-150500.7.32.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * xorg-x11-server-Xvfb-debuginfo-21.1.4-150500.7.32.1
    * xorg-x11-server-extra-21.1.4-150500.7.32.1
    * xorg-x11-server-21.1.4-150500.7.32.1
    * xorg-x11-server-debuginfo-21.1.4-150500.7.32.1
    * xorg-x11-server-sdk-21.1.4-150500.7.32.1
    * xorg-x11-server-debugsource-21.1.4-150500.7.32.1
    * xorg-x11-server-extra-debuginfo-21.1.4-150500.7.32.1
    * xorg-x11-server-Xvfb-21.1.4-150500.7.32.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-26594.html
  * https://www.suse.com/security/cve/CVE-2025-26595.html
  * https://www.suse.com/security/cve/CVE-2025-26596.html
  * https://www.suse.com/security/cve/CVE-2025-26597.html
  * https://www.suse.com/security/cve/CVE-2025-26598.html
  * https://www.suse.com/security/cve/CVE-2025-26599.html
  * https://www.suse.com/security/cve/CVE-2025-26600.html
  * https://www.suse.com/security/cve/CVE-2025-26601.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237427
  * https://bugzilla.suse.com/show_bug.cgi?id=1237429
  * https://bugzilla.suse.com/show_bug.cgi?id=1237430
  * https://bugzilla.suse.com/show_bug.cgi?id=1237431
  * https://bugzilla.suse.com/show_bug.cgi?id=1237432
  * https://bugzilla.suse.com/show_bug.cgi?id=1237433
  * https://bugzilla.suse.com/show_bug.cgi?id=1237434
  * https://bugzilla.suse.com/show_bug.cgi?id=1237435

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250226/b13b5f77/attachment.htm>

From null at suse.de  Wed Feb 26 16:30:42 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 26 Feb 2025 16:30:42 -0000
Subject: SUSE-SU-2025:0730-1: important: Security update for xorg-x11-server
Message-ID: <174058744266.17461.4173027537346225627@smelt2.prg2.suse.org>



# Security update for xorg-x11-server

Announcement ID: SUSE-SU-2025:0730-1  
Release Date: 2025-02-26T14:29:29Z  
Rating: important  
References:

  * bsc#1237427
  * bsc#1237429
  * bsc#1237430
  * bsc#1237431
  * bsc#1237432
  * bsc#1237433
  * bsc#1237434
  * bsc#1237435

  
Cross-References:

  * CVE-2025-26594
  * CVE-2025-26595
  * CVE-2025-26596
  * CVE-2025-26597
  * CVE-2025-26598
  * CVE-2025-26599
  * CVE-2025-26600
  * CVE-2025-26601

  
CVSS scores:

  * CVE-2025-26594 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L
  * CVE-2025-26594 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
  * CVE-2025-26594 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26595 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26595 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2025-26595 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26596 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26596 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2025-26596 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26597 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26597 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2025-26597 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26598 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-26598 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L
  * CVE-2025-26598 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26599 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-26599 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L
  * CVE-2025-26599 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26600 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-26600 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26601 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-26601 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * Development Tools Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves eight vulnerabilities can now be installed.

## Description:

This update for xorg-x11-server fixes the following issues:

  * CVE-2025-26594: Use-after-free of the root cursor (bsc#1237427).
  * CVE-2025-26595: Buffer overflow in XkbVModMaskText() (bsc#1237429).
  * CVE-2025-26596: Heap overflow in XkbWriteKeySyms() (bsc#1237430).
  * CVE-2025-26597: Buffer overflow in XkbChangeTypesOfKey() (bsc#1237431).
  * CVE-2025-26598: Out-of-bounds write in CreatePointerBarrierClient()
    (bsc#1237432).
  * CVE-2025-26599: Use of uninitialized pointer in compRedirectWindow()
    (bsc#1237433).
  * CVE-2025-26600: Use-after-free in PlayReleasedEvents() (bsc#1237434).
  * CVE-2025-26601: Use-after-free in SyncInitTrigger() (bsc#1237435).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-730=1 openSUSE-SLE-15.6-2025-730=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-730=1

  * Development Tools Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-730=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * xorg-x11-server-extra-debuginfo-21.1.11-150600.5.6.1
    * xorg-x11-server-sdk-21.1.11-150600.5.6.1
    * xorg-x11-server-source-21.1.11-150600.5.6.1
    * xorg-x11-server-Xvfb-21.1.11-150600.5.6.1
    * xorg-x11-server-extra-21.1.11-150600.5.6.1
    * xorg-x11-server-debugsource-21.1.11-150600.5.6.1
    * xorg-x11-server-21.1.11-150600.5.6.1
    * xorg-x11-server-Xvfb-debuginfo-21.1.11-150600.5.6.1
    * xorg-x11-server-debuginfo-21.1.11-150600.5.6.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * xorg-x11-server-extra-debuginfo-21.1.11-150600.5.6.1
    * xorg-x11-server-Xvfb-21.1.11-150600.5.6.1
    * xorg-x11-server-extra-21.1.11-150600.5.6.1
    * xorg-x11-server-debugsource-21.1.11-150600.5.6.1
    * xorg-x11-server-21.1.11-150600.5.6.1
    * xorg-x11-server-Xvfb-debuginfo-21.1.11-150600.5.6.1
    * xorg-x11-server-debuginfo-21.1.11-150600.5.6.1
  * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * xorg-x11-server-debuginfo-21.1.11-150600.5.6.1
    * xorg-x11-server-debugsource-21.1.11-150600.5.6.1
    * xorg-x11-server-sdk-21.1.11-150600.5.6.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-26594.html
  * https://www.suse.com/security/cve/CVE-2025-26595.html
  * https://www.suse.com/security/cve/CVE-2025-26596.html
  * https://www.suse.com/security/cve/CVE-2025-26597.html
  * https://www.suse.com/security/cve/CVE-2025-26598.html
  * https://www.suse.com/security/cve/CVE-2025-26599.html
  * https://www.suse.com/security/cve/CVE-2025-26600.html
  * https://www.suse.com/security/cve/CVE-2025-26601.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237427
  * https://bugzilla.suse.com/show_bug.cgi?id=1237429
  * https://bugzilla.suse.com/show_bug.cgi?id=1237430
  * https://bugzilla.suse.com/show_bug.cgi?id=1237431
  * https://bugzilla.suse.com/show_bug.cgi?id=1237432
  * https://bugzilla.suse.com/show_bug.cgi?id=1237433
  * https://bugzilla.suse.com/show_bug.cgi?id=1237434
  * https://bugzilla.suse.com/show_bug.cgi?id=1237435

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250226/47c8e0c3/attachment.htm>

From null at suse.de  Wed Feb 26 16:30:49 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 26 Feb 2025 16:30:49 -0000
Subject: SUSE-SU-2025:0729-1: important: Security update for xwayland
Message-ID: <174058744927.17461.7312532873459921792@smelt2.prg2.suse.org>



# Security update for xwayland

Announcement ID: SUSE-SU-2025:0729-1  
Release Date: 2025-02-26T14:14:35Z  
Rating: important  
References:

  * bsc#1237427
  * bsc#1237429
  * bsc#1237430
  * bsc#1237431
  * bsc#1237432
  * bsc#1237433
  * bsc#1237434
  * bsc#1237435

  
Cross-References:

  * CVE-2025-26594
  * CVE-2025-26595
  * CVE-2025-26596
  * CVE-2025-26597
  * CVE-2025-26598
  * CVE-2025-26599
  * CVE-2025-26600
  * CVE-2025-26601

  
CVSS scores:

  * CVE-2025-26594 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L
  * CVE-2025-26594 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
  * CVE-2025-26594 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26595 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26595 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2025-26595 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26596 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26596 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2025-26596 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26597 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26597 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2025-26597 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26598 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-26598 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L
  * CVE-2025-26598 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26599 ( SUSE ):  5.8
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-26599 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L
  * CVE-2025-26599 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26600 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-26600 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26600 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26601 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-26601 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-26601 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Linux Enterprise Workstation Extension 15 SP6

  
  
An update that solves eight vulnerabilities can now be installed.

## Description:

This update for xwayland fixes the following issues:

  * CVE-2025-26594: Use-after-free of the root cursor (bsc#1237427).
  * CVE-2025-26595: Buffer overflow in XkbVModMaskText() (bsc#1237429).
  * CVE-2025-26596: Heap overflow in XkbWriteKeySyms() (bsc#1237430).
  * CVE-2025-26597: Buffer overflow in XkbChangeTypesOfKey() (bsc#1237431).
  * CVE-2025-26598: Out-of-bounds write in CreatePointerBarrierClient()
    (bsc#1237432).
  * CVE-2025-26599: Use of uninitialized pointer in compRedirectWindow()
    (bsc#1237433).
  * CVE-2025-26600: Use-after-free in PlayReleasedEvents() (bsc#1237434).
  * CVE-2025-26601: Use-after-free in SyncInitTrigger() (bsc#1237435).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-729=1 SUSE-2025-729=1

  * SUSE Linux Enterprise Workstation Extension 15 SP6  
    zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2025-729=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * xwayland-devel-24.1.1-150600.5.9.1
    * xwayland-24.1.1-150600.5.9.1
    * xwayland-debuginfo-24.1.1-150600.5.9.1
    * xwayland-debugsource-24.1.1-150600.5.9.1
  * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64)
    * xwayland-24.1.1-150600.5.9.1
    * xwayland-debuginfo-24.1.1-150600.5.9.1
    * xwayland-debugsource-24.1.1-150600.5.9.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-26594.html
  * https://www.suse.com/security/cve/CVE-2025-26595.html
  * https://www.suse.com/security/cve/CVE-2025-26596.html
  * https://www.suse.com/security/cve/CVE-2025-26597.html
  * https://www.suse.com/security/cve/CVE-2025-26598.html
  * https://www.suse.com/security/cve/CVE-2025-26599.html
  * https://www.suse.com/security/cve/CVE-2025-26600.html
  * https://www.suse.com/security/cve/CVE-2025-26601.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237427
  * https://bugzilla.suse.com/show_bug.cgi?id=1237429
  * https://bugzilla.suse.com/show_bug.cgi?id=1237430
  * https://bugzilla.suse.com/show_bug.cgi?id=1237431
  * https://bugzilla.suse.com/show_bug.cgi?id=1237432
  * https://bugzilla.suse.com/show_bug.cgi?id=1237433
  * https://bugzilla.suse.com/show_bug.cgi?id=1237434
  * https://bugzilla.suse.com/show_bug.cgi?id=1237435

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250226/e98c2a03/attachment.htm>

From null at suse.de  Wed Feb 26 16:30:51 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 26 Feb 2025 16:30:51 -0000
Subject: SUSE-SU-2025:0728-1: moderate: Security update for gnutls
Message-ID: <174058745172.17461.9853489048566547677@smelt2.prg2.suse.org>



# Security update for gnutls

Announcement ID: SUSE-SU-2025:0728-1  
Release Date: 2025-02-26T14:03:26Z  
Rating: moderate  
References:

  * bsc#1236974

  
Cross-References:

  * CVE-2024-12243

  
CVSS scores:

  * CVE-2024-12243 ( SUSE ):  5.3
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-12243 ( SUSE ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-12243 ( NVD ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

  
Affected Products:

  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for gnutls fixes the following issues:

  * CVE-2024-12243: quadratic complexity of DER input decoding in libtasn1 can
    lead to a DoS (bsc#1236974).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-728=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-728=1

## Package List:

  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * libgnutls30-debuginfo-3.7.3-150400.11.1
    * gnutls-debuginfo-3.7.3-150400.11.1
    * gnutls-3.7.3-150400.11.1
    * gnutls-debugsource-3.7.3-150400.11.1
    * libgnutls30-hmac-3.7.3-150400.11.1
    * libgnutls30-3.7.3-150400.11.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * libgnutls30-debuginfo-3.7.3-150400.11.1
    * gnutls-debuginfo-3.7.3-150400.11.1
    * gnutls-3.7.3-150400.11.1
    * gnutls-debugsource-3.7.3-150400.11.1
    * libgnutls30-hmac-3.7.3-150400.11.1
    * libgnutls30-3.7.3-150400.11.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-12243.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236974

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250226/18bbf2ff/attachment.htm>

From null at suse.de  Wed Feb 26 16:30:54 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 26 Feb 2025 16:30:54 -0000
Subject: SUSE-SU-2025:0727-1: moderate: Security update for gnutls
Message-ID: <174058745423.17461.4321510286701344399@smelt2.prg2.suse.org>



# Security update for gnutls

Announcement ID: SUSE-SU-2025:0727-1  
Release Date: 2025-02-26T14:03:18Z  
Rating: moderate  
References:

  * bsc#1236974

  
Cross-References:

  * CVE-2024-12243

  
CVSS scores:

  * CVE-2024-12243 ( SUSE ):  5.3
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-12243 ( SUSE ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-12243 ( NVD ):  5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

  
Affected Products:

  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.2

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for gnutls fixes the following issues:

  * CVE-2024-12243: quadratic complexity of DER input decoding in libtasn1 can
    lead to a DoS (bsc#1236974).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro 5.1  
    zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-727=1

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-727=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-727=1

## Package List:

  * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
    * libgnutls30-debuginfo-3.6.7-150200.14.34.1
    * libgnutls30-3.6.7-150200.14.34.1
    * gnutls-debuginfo-3.6.7-150200.14.34.1
    * libgnutls30-hmac-3.6.7-150200.14.34.1
    * gnutls-debugsource-3.6.7-150200.14.34.1
  * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
    * libgnutls30-debuginfo-3.6.7-150200.14.34.1
    * libgnutls30-3.6.7-150200.14.34.1
    * gnutls-debuginfo-3.6.7-150200.14.34.1
    * libgnutls30-hmac-3.6.7-150200.14.34.1
    * gnutls-3.6.7-150200.14.34.1
    * gnutls-debugsource-3.6.7-150200.14.34.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
    * libgnutls30-debuginfo-3.6.7-150200.14.34.1
    * libgnutls30-3.6.7-150200.14.34.1
    * gnutls-debuginfo-3.6.7-150200.14.34.1
    * libgnutls30-hmac-3.6.7-150200.14.34.1
    * gnutls-3.6.7-150200.14.34.1
    * gnutls-debugsource-3.6.7-150200.14.34.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-12243.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236974

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250226/2534ff2d/attachment.htm>

From null at suse.de  Wed Feb 26 16:30:56 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 26 Feb 2025 16:30:56 -0000
Subject: SUSE-SU-2025:0726-1: moderate: Security update for socat
Message-ID: <174058745652.17461.13236279606138159204@smelt2.prg2.suse.org>



# Security update for socat

Announcement ID: SUSE-SU-2025:0726-1  
Release Date: 2025-02-26T13:37:01Z  
Rating: moderate  
References:

  * bsc#922903

  
Cross-References:

  * CVE-2015-1379

  
CVSS scores:

  * CVE-2015-1379 ( SUSE ):  4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

  
Affected Products:

  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for socat fixes the following issues:

  * CVE-2015-1379: lack of async-signal-safe signal handlers can lead to crashes
    or freezing of socat processes (bsc#922903).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-726=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * socat-debuginfo-1.7.2.4-4.6.1
    * socat-debugsource-1.7.2.4-4.6.1
    * socat-1.7.2.4-4.6.1

## References:

  * https://www.suse.com/security/cve/CVE-2015-1379.html
  * https://bugzilla.suse.com/show_bug.cgi?id=922903

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250226/57fb44be/attachment.htm>

From null at suse.de  Wed Feb 26 16:30:59 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 26 Feb 2025 16:30:59 -0000
Subject: SUSE-SU-2025:0725-1: important: Security update for procps
Message-ID: <174058745960.17461.16165083992430052256@smelt2.prg2.suse.org>



# Security update for procps

Announcement ID: SUSE-SU-2025:0725-1  
Release Date: 2025-02-26T13:36:47Z  
Rating: important  
References:

  * bsc#1214290
  * bsc#1236842

  
Cross-References:

  * CVE-2023-4016

  
CVSS scores:

  * CVE-2023-4016 ( SUSE ):  2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2023-4016 ( NVD ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for procps fixes the following issues:

  * Integer overflow due to incomplete fix for CVE-2023-4016 can lead to
    segmentation fault in ps command when pid argument has a leading space
    (bsc#1236842, bsc#1214290).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-725=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-725=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * procps-devel-3.3.9-11.33.1
    * libprocps3-debuginfo-3.3.9-11.33.1
    * procps-3.3.9-11.33.1
    * procps-debugsource-3.3.9-11.33.1
    * libprocps3-3.3.9-11.33.1
    * procps-debuginfo-3.3.9-11.33.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * procps-devel-3.3.9-11.33.1
    * libprocps3-debuginfo-3.3.9-11.33.1
    * procps-3.3.9-11.33.1
    * procps-debugsource-3.3.9-11.33.1
    * libprocps3-3.3.9-11.33.1
    * procps-debuginfo-3.3.9-11.33.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-4016.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1214290
  * https://bugzilla.suse.com/show_bug.cgi?id=1236842

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250226/184beab5/attachment.htm>

From null at suse.de  Wed Feb 26 16:31:04 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 26 Feb 2025 16:31:04 -0000
Subject: SUSE-SU-2025:0724-1: moderate: Security update for vim
Message-ID: <174058746478.17461.12157233145057830210@smelt2.prg2.suse.org>



# Security update for vim

Announcement ID: SUSE-SU-2025:0724-1  
Release Date: 2025-02-26T13:30:43Z  
Rating: moderate  
References:

  * bsc#1229685
  * bsc#1229822
  * bsc#1230078
  * bsc#1235695
  * bsc#1236151
  * bsc#1237137

  
Cross-References:

  * CVE-2024-43790
  * CVE-2024-43802
  * CVE-2024-45306
  * CVE-2025-1215
  * CVE-2025-22134
  * CVE-2025-24014

  
CVSS scores:

  * CVE-2024-43790 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L
  * CVE-2024-43790 ( SUSE ):  4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
  * CVE-2024-43802 ( SUSE ):  4.6
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-43802 ( SUSE ):  4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
  * CVE-2024-45306 ( SUSE ):  4.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-45306 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
  * CVE-2024-45306 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2024-45306 ( NVD ):  4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
  * CVE-2025-1215 ( SUSE ):  2.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-1215 ( SUSE ):  2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
  * CVE-2025-1215 ( NVD ):  2.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2025-1215 ( NVD ):  2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
  * CVE-2025-22134 ( SUSE ):  1.0
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-22134 ( SUSE ):  4.2 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L
  * CVE-2025-22134 ( NVD ):  4.2 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L
  * CVE-2025-24014 ( SUSE ):  1.0
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-24014 ( SUSE ):  4.2 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L
  * CVE-2025-24014 ( NVD ):  4.2 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L

  
Affected Products:

  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro for Rancher 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4

  
  
An update that solves six vulnerabilities can now be installed.

## Description:

This update for vim fixes the following issues:

Update to version 9.1.1101:

  * CVE-2024-43790: possible out-of-bounds read when performing a search command
    (bsc#1229685).
  * CVE-2024-43802: heap buffer overflow due to incorrect flushing of the
    typeahead buffer (bsc#1229822).
  * CVE-2024-45306: heap buffer overflow when cursor position is invalid
    (bsc#1230078).
  * CVE-2025-22134: heap buffer overflow when switching to other buffers using
    the :all command with active visual mode (bsc#1235695).
  * CVE-2025-24014: NULL pointer dereference may lead to segmentation fault when
    in silent Ex mode (bsc#1236151).
  * CVE-2025-1215: memory corruption when manipulating the --log argument
    (bsc#1237137).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-724=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-724=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-724=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-724=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-724=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-724=1

  * SUSE Linux Enterprise Micro 5.1  
    zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-724=1

## Package List:

  * SUSE Linux Enterprise Micro 5.2 (noarch)
    * vim-data-common-9.1.1101-150000.5.69.1
  * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
    * vim-debuginfo-9.1.1101-150000.5.69.1
    * vim-small-debuginfo-9.1.1101-150000.5.69.1
    * vim-small-9.1.1101-150000.5.69.1
    * vim-debugsource-9.1.1101-150000.5.69.1
    * xxd-9.1.1101-150000.5.69.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch)
    * vim-data-common-9.1.1101-150000.5.69.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
    * vim-debuginfo-9.1.1101-150000.5.69.1
    * vim-small-debuginfo-9.1.1101-150000.5.69.1
    * vim-small-9.1.1101-150000.5.69.1
    * vim-debugsource-9.1.1101-150000.5.69.1
    * xxd-9.1.1101-150000.5.69.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch)
    * vim-data-common-9.1.1101-150000.5.69.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * vim-debuginfo-9.1.1101-150000.5.69.1
    * vim-small-debuginfo-9.1.1101-150000.5.69.1
    * vim-small-9.1.1101-150000.5.69.1
    * vim-debugsource-9.1.1101-150000.5.69.1
    * xxd-9.1.1101-150000.5.69.1
  * SUSE Linux Enterprise Micro 5.3 (noarch)
    * vim-data-common-9.1.1101-150000.5.69.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * vim-debuginfo-9.1.1101-150000.5.69.1
    * vim-small-debuginfo-9.1.1101-150000.5.69.1
    * vim-small-9.1.1101-150000.5.69.1
    * vim-debugsource-9.1.1101-150000.5.69.1
    * xxd-9.1.1101-150000.5.69.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch)
    * vim-data-common-9.1.1101-150000.5.69.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * vim-debuginfo-9.1.1101-150000.5.69.1
    * vim-small-debuginfo-9.1.1101-150000.5.69.1
    * vim-small-9.1.1101-150000.5.69.1
    * vim-debugsource-9.1.1101-150000.5.69.1
    * xxd-9.1.1101-150000.5.69.1
  * SUSE Linux Enterprise Micro 5.4 (noarch)
    * vim-data-common-9.1.1101-150000.5.69.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * vim-debuginfo-9.1.1101-150000.5.69.1
    * vim-small-debuginfo-9.1.1101-150000.5.69.1
    * vim-small-9.1.1101-150000.5.69.1
    * vim-debugsource-9.1.1101-150000.5.69.1
    * xxd-9.1.1101-150000.5.69.1
  * SUSE Linux Enterprise Micro 5.1 (noarch)
    * vim-data-common-9.1.1101-150000.5.69.1
  * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
    * vim-debuginfo-9.1.1101-150000.5.69.1
    * vim-small-debuginfo-9.1.1101-150000.5.69.1
    * vim-small-9.1.1101-150000.5.69.1
    * vim-debugsource-9.1.1101-150000.5.69.1
    * xxd-9.1.1101-150000.5.69.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-43790.html
  * https://www.suse.com/security/cve/CVE-2024-43802.html
  * https://www.suse.com/security/cve/CVE-2024-45306.html
  * https://www.suse.com/security/cve/CVE-2025-1215.html
  * https://www.suse.com/security/cve/CVE-2025-22134.html
  * https://www.suse.com/security/cve/CVE-2025-24014.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1229685
  * https://bugzilla.suse.com/show_bug.cgi?id=1229822
  * https://bugzilla.suse.com/show_bug.cgi?id=1230078
  * https://bugzilla.suse.com/show_bug.cgi?id=1235695
  * https://bugzilla.suse.com/show_bug.cgi?id=1236151
  * https://bugzilla.suse.com/show_bug.cgi?id=1237137

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250226/d959325e/attachment.htm>

From null at suse.de  Wed Feb 26 16:31:11 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 26 Feb 2025 16:31:11 -0000
Subject: SUSE-SU-2025:0723-1: moderate: Security update for vim
Message-ID: <174058747127.17461.7983068579987075608@smelt2.prg2.suse.org>



# Security update for vim

Announcement ID: SUSE-SU-2025:0723-1  
Release Date: 2025-02-26T13:29:54Z  
Rating: moderate  
References:

  * bsc#1229685
  * bsc#1229822
  * bsc#1230078
  * bsc#1235695
  * bsc#1236151
  * bsc#1237137

  
Cross-References:

  * CVE-2024-43790
  * CVE-2024-43802
  * CVE-2024-45306
  * CVE-2025-1215
  * CVE-2025-22134
  * CVE-2025-24014

  
CVSS scores:

  * CVE-2024-43790 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L
  * CVE-2024-43790 ( SUSE ):  4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
  * CVE-2024-43802 ( SUSE ):  4.6
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-43802 ( SUSE ):  4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
  * CVE-2024-45306 ( SUSE ):  4.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-45306 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
  * CVE-2024-45306 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2024-45306 ( NVD ):  4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
  * CVE-2025-1215 ( SUSE ):  2.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-1215 ( SUSE ):  2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
  * CVE-2025-1215 ( NVD ):  2.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2025-1215 ( NVD ):  2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
  * CVE-2025-22134 ( SUSE ):  1.0
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-22134 ( SUSE ):  4.2 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L
  * CVE-2025-22134 ( NVD ):  4.2 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L
  * CVE-2025-24014 ( SUSE ):  1.0
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-24014 ( SUSE ):  4.2 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L
  * CVE-2025-24014 ( NVD ):  4.2 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L

  
Affected Products:

  * Basesystem Module 15-SP6
  * Desktop Applications Module 15-SP6
  * openSUSE Leap 15.5
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves six vulnerabilities can now be installed.

## Description:

This update for vim fixes the following issues:

Update to version 9.1.1101:

  * CVE-2024-43790: possible out-of-bounds read when performing a search command
    (bsc#1229685).
  * CVE-2024-43802: heap buffer overflow due to incorrect flushing of the
    typeahead buffer (bsc#1229822).
  * CVE-2024-45306: heap buffer overflow when cursor position is invalid
    (bsc#1230078).
  * CVE-2025-22134: heap buffer overflow when switching to other buffers using
    the :all command with active visual mode (bsc#1235695).
  * CVE-2025-24014: NULL pointer dereference may lead to segmentation fault when
    in silent Ex mode (bsc#1236151).
  * CVE-2025-1215: memory corruption when manipulating the --log argument
    (bsc#1237137).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-723=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-723=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-723=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-723=1

  * Desktop Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-723=1

## Package List:

  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
    * vim-9.1.1101-150500.20.21.1
    * vim-small-debuginfo-9.1.1101-150500.20.21.1
    * vim-debuginfo-9.1.1101-150500.20.21.1
    * gvim-debuginfo-9.1.1101-150500.20.21.1
    * gvim-9.1.1101-150500.20.21.1
    * vim-small-9.1.1101-150500.20.21.1
    * vim-debugsource-9.1.1101-150500.20.21.1
  * openSUSE Leap 15.5 (noarch)
    * vim-data-common-9.1.1101-150500.20.21.1
    * vim-data-9.1.1101-150500.20.21.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * vim-9.1.1101-150500.20.21.1
    * vim-small-debuginfo-9.1.1101-150500.20.21.1
    * vim-debuginfo-9.1.1101-150500.20.21.1
    * gvim-debuginfo-9.1.1101-150500.20.21.1
    * gvim-9.1.1101-150500.20.21.1
    * vim-small-9.1.1101-150500.20.21.1
    * vim-debugsource-9.1.1101-150500.20.21.1
  * openSUSE Leap 15.6 (noarch)
    * vim-data-common-9.1.1101-150500.20.21.1
    * vim-data-9.1.1101-150500.20.21.1
  * SUSE Linux Enterprise Micro 5.5 (noarch)
    * vim-data-common-9.1.1101-150500.20.21.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * vim-small-debuginfo-9.1.1101-150500.20.21.1
    * vim-small-9.1.1101-150500.20.21.1
    * vim-debugsource-9.1.1101-150500.20.21.1
    * vim-debuginfo-9.1.1101-150500.20.21.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * vim-9.1.1101-150500.20.21.1
    * vim-small-debuginfo-9.1.1101-150500.20.21.1
    * vim-debuginfo-9.1.1101-150500.20.21.1
    * vim-small-9.1.1101-150500.20.21.1
    * vim-debugsource-9.1.1101-150500.20.21.1
  * Basesystem Module 15-SP6 (noarch)
    * vim-data-common-9.1.1101-150500.20.21.1
    * vim-data-9.1.1101-150500.20.21.1
  * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * vim-debuginfo-9.1.1101-150500.20.21.1
    * gvim-9.1.1101-150500.20.21.1
    * vim-debugsource-9.1.1101-150500.20.21.1
    * gvim-debuginfo-9.1.1101-150500.20.21.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-43790.html
  * https://www.suse.com/security/cve/CVE-2024-43802.html
  * https://www.suse.com/security/cve/CVE-2024-45306.html
  * https://www.suse.com/security/cve/CVE-2025-1215.html
  * https://www.suse.com/security/cve/CVE-2025-22134.html
  * https://www.suse.com/security/cve/CVE-2025-24014.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1229685
  * https://bugzilla.suse.com/show_bug.cgi?id=1229822
  * https://bugzilla.suse.com/show_bug.cgi?id=1230078
  * https://bugzilla.suse.com/show_bug.cgi?id=1235695
  * https://bugzilla.suse.com/show_bug.cgi?id=1236151
  * https://bugzilla.suse.com/show_bug.cgi?id=1237137

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250226/ef5cc373/attachment.htm>

From null at suse.de  Wed Feb 26 16:31:20 2025
From: null at suse.de (SLE-UPDATES)
Date: Wed, 26 Feb 2025 16:31:20 -0000
Subject: SUSE-SU-2025:0722-1: moderate: Security update for vim
Message-ID: <174058748033.17461.2411054955735848237@smelt2.prg2.suse.org>



# Security update for vim

Announcement ID: SUSE-SU-2025:0722-1  
Release Date: 2025-02-26T13:29:24Z  
Rating: moderate  
References:

  * bsc#1229685
  * bsc#1229822
  * bsc#1230078
  * bsc#1235695
  * bsc#1236151
  * bsc#1237137

  
Cross-References:

  * CVE-2024-43790
  * CVE-2024-43802
  * CVE-2024-45306
  * CVE-2025-1215
  * CVE-2025-22134
  * CVE-2025-24014

  
CVSS scores:

  * CVE-2024-43790 ( SUSE ):  2.0
    CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L
  * CVE-2024-43790 ( SUSE ):  4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
  * CVE-2024-43802 ( SUSE ):  4.6
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2024-43802 ( SUSE ):  4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
  * CVE-2024-45306 ( SUSE ):  4.1
    CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-45306 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
  * CVE-2024-45306 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2024-45306 ( NVD ):  4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
  * CVE-2025-1215 ( SUSE ):  2.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-1215 ( SUSE ):  2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
  * CVE-2025-1215 ( NVD ):  2.4
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2025-1215 ( NVD ):  2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
  * CVE-2025-22134 ( SUSE ):  1.0
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-22134 ( SUSE ):  4.2 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L
  * CVE-2025-22134 ( NVD ):  4.2 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L
  * CVE-2025-24014 ( SUSE ):  1.0
    CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-24014 ( SUSE ):  4.2 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L
  * CVE-2025-24014 ( NVD ):  4.2 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L

  
Affected Products:

  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves six vulnerabilities can now be installed.

## Description:

This update for vim fixes the following issues:

Update to version 9.1.1101:

  * CVE-2024-43790: possible out-of-bounds read when performing a search command
    (bsc#1229685).
  * CVE-2024-43802: heap buffer overflow due to incorrect flushing of the
    typeahead buffer (bsc#1229822).
  * CVE-2024-45306: heap buffer overflow when cursor position is invalid
    (bsc#1230078).
  * CVE-2025-22134: heap buffer overflow when switching to other buffers using
    the :all command with active visual mode (bsc#1235695).
  * CVE-2025-24014: NULL pointer dereference may lead to segmentation fault when
    in silent Ex mode (bsc#1236151).
  * CVE-2025-1215: memory corruption when manipulating the --log argument
    (bsc#1237137).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-722=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * vim-debuginfo-9.1.1101-17.41.1
    * gvim-debuginfo-9.1.1101-17.41.1
    * vim-debugsource-9.1.1101-17.41.1
    * gvim-9.1.1101-17.41.1
    * vim-9.1.1101-17.41.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch)
    * vim-data-common-9.1.1101-17.41.1
    * vim-data-9.1.1101-17.41.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-43790.html
  * https://www.suse.com/security/cve/CVE-2024-43802.html
  * https://www.suse.com/security/cve/CVE-2024-45306.html
  * https://www.suse.com/security/cve/CVE-2025-1215.html
  * https://www.suse.com/security/cve/CVE-2025-22134.html
  * https://www.suse.com/security/cve/CVE-2025-24014.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1229685
  * https://bugzilla.suse.com/show_bug.cgi?id=1229822
  * https://bugzilla.suse.com/show_bug.cgi?id=1230078
  * https://bugzilla.suse.com/show_bug.cgi?id=1235695
  * https://bugzilla.suse.com/show_bug.cgi?id=1236151
  * https://bugzilla.suse.com/show_bug.cgi?id=1237137

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250226/e3918846/attachment.htm>

From null at suse.de  Thu Feb 27 15:24:00 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 27 Feb 2025 15:24:00 -0000
Subject: SUSE-SU-2025:0736-1: important: Security update for ruby2.5
Message-ID: <174066984052.31394.598068579475273733@smelt2.prg2.suse.org>



# Security update for ruby2.5

Announcement ID: SUSE-SU-2025:0736-1  
Release Date: 2025-02-26T18:38:59Z  
Rating: important  
References:

  * bsc#1230930
  * bsc#1232440

  
Cross-References:

  * CVE-2024-47220
  * CVE-2024-49761

  
CVSS scores:

  * CVE-2024-47220 ( SUSE ):  8.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-47220 ( SUSE ):  8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
  * CVE-2024-47220 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
  * CVE-2024-49761 ( SUSE ):  5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-49761 ( NVD ):  6.6
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  * CVE-2024-49761 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for ruby2.5 fixes the following issues:

  * CVE-2024-47220: Fixed a HTTP request smuggling attack in WEBrick
    (bsc#1230930)
  * CVE-2024-49761: Fixed a ReDoS vulnerability in ruby rexml (bsc#1232440)

Other fixes:

  * [ruby/uri] Fix quadratic backtracking on invalid relative URI
  * [ruby/time] Make RFC2822 regexp linear
  * [ruby/time] Fix quadratic backtracking on invalid time
  * merge some parts of CGI 0.1.1

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-736=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-736=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-736=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-736=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-736=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-736=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-736=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-736=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-736=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-736=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-736=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-736=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-736=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-736=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-736=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-736=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-736=1

## Package List:

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * ruby2.5-devel-2.5.9-150000.4.36.1
    * libruby2_5-2_5-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-devel-extra-2.5.9-150000.4.36.1
    * ruby2.5-2.5.9-150000.4.36.1
    * ruby2.5-debugsource-2.5.9-150000.4.36.1
    * ruby2.5-debuginfo-2.5.9-150000.4.36.1
    * libruby2_5-2_5-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-2.5.9-150000.4.36.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * ruby2.5-devel-2.5.9-150000.4.36.1
    * libruby2_5-2_5-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-devel-extra-2.5.9-150000.4.36.1
    * ruby2.5-2.5.9-150000.4.36.1
    * ruby2.5-debugsource-2.5.9-150000.4.36.1
    * ruby2.5-debuginfo-2.5.9-150000.4.36.1
    * libruby2_5-2_5-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-2.5.9-150000.4.36.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * ruby2.5-devel-2.5.9-150000.4.36.1
    * libruby2_5-2_5-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-devel-extra-2.5.9-150000.4.36.1
    * ruby2.5-2.5.9-150000.4.36.1
    * ruby2.5-debugsource-2.5.9-150000.4.36.1
    * ruby2.5-debuginfo-2.5.9-150000.4.36.1
    * libruby2_5-2_5-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-2.5.9-150000.4.36.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * ruby2.5-devel-2.5.9-150000.4.36.1
    * libruby2_5-2_5-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-devel-extra-2.5.9-150000.4.36.1
    * ruby2.5-2.5.9-150000.4.36.1
    * ruby2.5-debugsource-2.5.9-150000.4.36.1
    * ruby2.5-debuginfo-2.5.9-150000.4.36.1
    * libruby2_5-2_5-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-2.5.9-150000.4.36.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * ruby2.5-devel-2.5.9-150000.4.36.1
    * libruby2_5-2_5-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-devel-extra-2.5.9-150000.4.36.1
    * ruby2.5-2.5.9-150000.4.36.1
    * ruby2.5-debugsource-2.5.9-150000.4.36.1
    * ruby2.5-debuginfo-2.5.9-150000.4.36.1
    * libruby2_5-2_5-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-2.5.9-150000.4.36.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * ruby2.5-devel-2.5.9-150000.4.36.1
    * libruby2_5-2_5-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-devel-extra-2.5.9-150000.4.36.1
    * ruby2.5-2.5.9-150000.4.36.1
    * ruby2.5-debugsource-2.5.9-150000.4.36.1
    * ruby2.5-debuginfo-2.5.9-150000.4.36.1
    * libruby2_5-2_5-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-2.5.9-150000.4.36.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * ruby2.5-devel-2.5.9-150000.4.36.1
    * libruby2_5-2_5-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-devel-extra-2.5.9-150000.4.36.1
    * ruby2.5-2.5.9-150000.4.36.1
    * ruby2.5-debugsource-2.5.9-150000.4.36.1
    * ruby2.5-debuginfo-2.5.9-150000.4.36.1
    * libruby2_5-2_5-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-2.5.9-150000.4.36.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * ruby2.5-devel-2.5.9-150000.4.36.1
    * ruby2.5-doc-2.5.9-150000.4.36.1
    * libruby2_5-2_5-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-devel-extra-2.5.9-150000.4.36.1
    * ruby2.5-2.5.9-150000.4.36.1
    * ruby2.5-debugsource-2.5.9-150000.4.36.1
    * ruby2.5-debuginfo-2.5.9-150000.4.36.1
    * libruby2_5-2_5-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-2.5.9-150000.4.36.1
  * openSUSE Leap 15.6 (noarch)
    * ruby2.5-doc-ri-2.5.9-150000.4.36.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * ruby2.5-devel-2.5.9-150000.4.36.1
    * libruby2_5-2_5-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-devel-extra-2.5.9-150000.4.36.1
    * ruby2.5-2.5.9-150000.4.36.1
    * ruby2.5-debugsource-2.5.9-150000.4.36.1
    * ruby2.5-debuginfo-2.5.9-150000.4.36.1
    * libruby2_5-2_5-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-2.5.9-150000.4.36.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * ruby2.5-devel-2.5.9-150000.4.36.1
    * libruby2_5-2_5-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-devel-extra-2.5.9-150000.4.36.1
    * ruby2.5-2.5.9-150000.4.36.1
    * ruby2.5-debugsource-2.5.9-150000.4.36.1
    * ruby2.5-debuginfo-2.5.9-150000.4.36.1
    * libruby2_5-2_5-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-2.5.9-150000.4.36.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * ruby2.5-devel-2.5.9-150000.4.36.1
    * libruby2_5-2_5-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-devel-extra-2.5.9-150000.4.36.1
    * ruby2.5-2.5.9-150000.4.36.1
    * ruby2.5-debugsource-2.5.9-150000.4.36.1
    * ruby2.5-debuginfo-2.5.9-150000.4.36.1
    * libruby2_5-2_5-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-2.5.9-150000.4.36.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * ruby2.5-devel-2.5.9-150000.4.36.1
    * libruby2_5-2_5-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-devel-extra-2.5.9-150000.4.36.1
    * ruby2.5-2.5.9-150000.4.36.1
    * ruby2.5-debugsource-2.5.9-150000.4.36.1
    * ruby2.5-debuginfo-2.5.9-150000.4.36.1
    * libruby2_5-2_5-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-2.5.9-150000.4.36.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * ruby2.5-devel-2.5.9-150000.4.36.1
    * libruby2_5-2_5-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-devel-extra-2.5.9-150000.4.36.1
    * ruby2.5-2.5.9-150000.4.36.1
    * ruby2.5-debugsource-2.5.9-150000.4.36.1
    * ruby2.5-debuginfo-2.5.9-150000.4.36.1
    * libruby2_5-2_5-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-2.5.9-150000.4.36.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * ruby2.5-devel-2.5.9-150000.4.36.1
    * libruby2_5-2_5-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-devel-extra-2.5.9-150000.4.36.1
    * ruby2.5-2.5.9-150000.4.36.1
    * ruby2.5-debugsource-2.5.9-150000.4.36.1
    * ruby2.5-debuginfo-2.5.9-150000.4.36.1
    * libruby2_5-2_5-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-2.5.9-150000.4.36.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * ruby2.5-devel-2.5.9-150000.4.36.1
    * libruby2_5-2_5-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-devel-extra-2.5.9-150000.4.36.1
    * ruby2.5-2.5.9-150000.4.36.1
    * ruby2.5-debugsource-2.5.9-150000.4.36.1
    * ruby2.5-debuginfo-2.5.9-150000.4.36.1
    * libruby2_5-2_5-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-2.5.9-150000.4.36.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * ruby2.5-devel-2.5.9-150000.4.36.1
    * libruby2_5-2_5-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-devel-extra-2.5.9-150000.4.36.1
    * ruby2.5-2.5.9-150000.4.36.1
    * ruby2.5-debugsource-2.5.9-150000.4.36.1
    * ruby2.5-debuginfo-2.5.9-150000.4.36.1
    * libruby2_5-2_5-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-2.5.9-150000.4.36.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * ruby2.5-devel-2.5.9-150000.4.36.1
    * libruby2_5-2_5-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-devel-extra-2.5.9-150000.4.36.1
    * ruby2.5-2.5.9-150000.4.36.1
    * ruby2.5-debugsource-2.5.9-150000.4.36.1
    * ruby2.5-debuginfo-2.5.9-150000.4.36.1
    * libruby2_5-2_5-debuginfo-2.5.9-150000.4.36.1
    * ruby2.5-stdlib-2.5.9-150000.4.36.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-47220.html
  * https://www.suse.com/security/cve/CVE-2024-49761.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1230930
  * https://bugzilla.suse.com/show_bug.cgi?id=1232440

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250227/ef84ef26/attachment.htm>

From null at suse.de  Thu Feb 27 15:24:05 2025
From: null at suse.de (SLE-UPDATES)
Date: Thu, 27 Feb 2025 15:24:05 -0000
Subject: SUSE-SU-2025:0735-1: important: Security update for webkit2gtk3
Message-ID: <174066984576.31394.8512269336348039097@smelt2.prg2.suse.org>



# Security update for webkit2gtk3

Announcement ID: SUSE-SU-2025:0735-1  
Release Date: 2025-02-26T18:35:02Z  
Rating: important  
References:

  * bsc#1234851
  * bsc#1236946

  
Cross-References:

  * CVE-2024-27856
  * CVE-2024-54479
  * CVE-2024-54502
  * CVE-2024-54505
  * CVE-2024-54508
  * CVE-2024-54534
  * CVE-2024-54543
  * CVE-2024-54658
  * CVE-2025-24143
  * CVE-2025-24150
  * CVE-2025-24158
  * CVE-2025-24162

  
CVSS scores:

  * CVE-2024-27856 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-27856 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-27856 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-54479 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-54479 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2024-54479 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54479 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54502 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-54502 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2024-54502 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2024-54502 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2024-54505 ( SUSE ):  5.9
    CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-54505 ( SUSE ):  7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H
  * CVE-2024-54505 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2024-54505 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-54508 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-54508 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2024-54508 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54508 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-54534 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-54534 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-54534 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-54534 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-54543 ( SUSE ):  7.2
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-54543 ( SUSE ):  8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
  * CVE-2024-54543 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-54543 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-54658 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-54658 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2024-54658 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2025-24143 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-24143 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
  * CVE-2025-24143 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
  * CVE-2025-24143 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
  * CVE-2025-24150 ( SUSE ):  8.5
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-24150 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-24150 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-24150 ( NVD ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-24158 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-24158 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2025-24158 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2025-24162 ( SUSE ):  7.1
    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-24162 ( SUSE ):  6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2025-24162 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3

  
  
An update that solves 12 vulnerabilities can now be installed.

## Description:

This update for webkit2gtk3 fixes the following issues:

Update to version 2.46.6 (bsc#1236946, bsc#1234851):

  * CVE-2025-24143: A maliciously crafted webpage may be able to fingerprint the
    user.
  * CVE-2025-24150: Copying a URL from Web Inspector may lead to command
    injection.
  * CVE-2025-24158: Processing web content may lead to a denial-of-service.
  * CVE-2025-24162: Processing maliciously crafted web content may lead to an
    unexpected process crash.
  * CVE-2024-54479: Processing maliciously crafted web content may lead to an
    unexpected process crash.
  * CVE-2024-54502: Processing maliciously crafted web content may lead to an
    unexpected process crash.
  * CVE-2024-54505: Processing maliciously crafted web content may lead to
    memory corruption.
  * CVE-2024-54508: Processing maliciously crafted web content may lead to an
    unexpected process crash.
  * CVE-2024-54543: Processing maliciously crafted web content may lead to
    memory corruption.

Already fixed in previous releases:

  * CVE-2024-27856: Processing a file may lead to unexpected app termination or
    arbitrary code execution.
  * CVE-2024-54534: Processing maliciously crafted web content may lead to
    memory corruption.
  * CVE-2024-54658: Processing web content may lead to a denial-of-service.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-735=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-735=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-735=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-735=1

## Package List:

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * libwebkit2gtk-4_0-37-2.46.6-150200.133.1
    * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150200.133.1
    * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150200.133.1
    * webkit2gtk3-debugsource-2.46.6-150200.133.1
    * webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1
    * typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1
    * typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1
    * libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1
    * webkit2gtk3-devel-2.46.6-150200.133.1
    * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150200.133.1
    * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * libwebkit2gtk3-lang-2.46.6-150200.133.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * libwebkit2gtk-4_0-37-2.46.6-150200.133.1
    * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150200.133.1
    * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150200.133.1
    * webkit2gtk3-debugsource-2.46.6-150200.133.1
    * webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1
    * typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1
    * typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1
    * libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1
    * webkit2gtk3-devel-2.46.6-150200.133.1
    * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150200.133.1
    * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * libwebkit2gtk3-lang-2.46.6-150200.133.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * libwebkit2gtk-4_0-37-2.46.6-150200.133.1
    * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150200.133.1
    * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150200.133.1
    * webkit2gtk3-debugsource-2.46.6-150200.133.1
    * webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1
    * typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1
    * typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1
    * libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1
    * webkit2gtk3-devel-2.46.6-150200.133.1
    * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150200.133.1
    * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * libwebkit2gtk3-lang-2.46.6-150200.133.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * libwebkit2gtk-4_0-37-2.46.6-150200.133.1
    * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150200.133.1
    * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150200.133.1
    * webkit2gtk3-debugsource-2.46.6-150200.133.1
    * webkit2gtk-4_0-injected-bundles-2.46.6-150200.133.1
    * typelib-1_0-JavaScriptCore-4_0-2.46.6-150200.133.1
    * typelib-1_0-WebKit2-4_0-2.46.6-150200.133.1
    * libjavascriptcoregtk-4_0-18-2.46.6-150200.133.1
    * webkit2gtk3-devel-2.46.6-150200.133.1
    * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150200.133.1
    * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150200.133.1
  * SUSE Enterprise Storage 7.1 (noarch)
    * libwebkit2gtk3-lang-2.46.6-150200.133.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-27856.html
  * https://www.suse.com/security/cve/CVE-2024-54479.html
  * https://www.suse.com/security/cve/CVE-2024-54502.html
  * https://www.suse.com/security/cve/CVE-2024-54505.html
  * https://www.suse.com/security/cve/CVE-2024-54508.html
  * https://www.suse.com/security/cve/CVE-2024-54534.html
  * https://www.suse.com/security/cve/CVE-2024-54543.html
  * https://www.suse.com/security/cve/CVE-2024-54658.html
  * https://www.suse.com/security/cve/CVE-2025-24143.html
  * https://www.suse.com/security/cve/CVE-2025-24150.html
  * https://www.suse.com/security/cve/CVE-2025-24158.html
  * https://www.suse.com/security/cve/CVE-2025-24162.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1234851
  * https://bugzilla.suse.com/show_bug.cgi?id=1236946

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250227/ea3535d2/attachment.htm>

From null at suse.de  Fri Feb 28 12:30:03 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 28 Feb 2025 12:30:03 -0000
Subject: SUSE-SU-2025:0742-1: important: Security update for openvswitch3
Message-ID: <174074580350.31417.9082699110563525464@smelt2.prg2.suse.org>



# Security update for openvswitch3

Announcement ID: SUSE-SU-2025:0742-1  
Release Date: 2025-02-28T10:17:43Z  
Rating: important  
References:

  * bsc#1236353

  
Cross-References:

  * CVE-2025-0650

  
CVSS scores:

  * CVE-2025-0650 ( SUSE ):  9.2
    CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-0650 ( SUSE ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-0650 ( NVD ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.5
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for openvswitch3 fixes the following issues:

  * CVE-2025-0650: Fixed egress ACLs that may be bypassed via specially crafted
    UDP packet (bsc#1236353).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-742=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-742=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-742=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-742=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-742=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-742=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-742=1

## Package List:

  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
    * libopenvswitch-3_1-0-debuginfo-3.1.0-150500.3.22.1
    * openvswitch3-ipsec-3.1.0-150500.3.22.1
    * openvswitch3-test-3.1.0-150500.3.22.1
    * openvswitch3-pki-3.1.0-150500.3.22.1
    * libopenvswitch-3_1-0-3.1.0-150500.3.22.1
    * ovn3-debuginfo-23.03.0-150500.3.22.1
    * python3-ovs3-3.1.0-150500.3.22.1
    * ovn3-host-23.03.0-150500.3.22.1
    * ovn3-docker-23.03.0-150500.3.22.1
    * openvswitch3-debugsource-3.1.0-150500.3.22.1
    * ovn3-23.03.0-150500.3.22.1
    * openvswitch3-devel-3.1.0-150500.3.22.1
    * libovn-23_03-0-debuginfo-23.03.0-150500.3.22.1
    * ovn3-central-23.03.0-150500.3.22.1
    * ovn3-vtep-23.03.0-150500.3.22.1
    * openvswitch3-test-debuginfo-3.1.0-150500.3.22.1
    * ovn3-devel-23.03.0-150500.3.22.1
    * ovn3-vtep-debuginfo-23.03.0-150500.3.22.1
    * ovn3-host-debuginfo-23.03.0-150500.3.22.1
    * libovn-23_03-0-23.03.0-150500.3.22.1
    * ovn3-central-debuginfo-23.03.0-150500.3.22.1
    * openvswitch3-vtep-3.1.0-150500.3.22.1
    * openvswitch3-3.1.0-150500.3.22.1
    * openvswitch3-debuginfo-3.1.0-150500.3.22.1
    * openvswitch3-vtep-debuginfo-3.1.0-150500.3.22.1
  * openSUSE Leap 15.5 (noarch)
    * openvswitch3-doc-3.1.0-150500.3.22.1
    * ovn3-doc-23.03.0-150500.3.22.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * openvswitch3-ipsec-3.1.0-150500.3.22.1
    * openvswitch3-test-3.1.0-150500.3.22.1
    * openvswitch3-pki-3.1.0-150500.3.22.1
    * ovn3-debuginfo-23.03.0-150500.3.22.1
    * python3-ovs3-3.1.0-150500.3.22.1
    * ovn3-host-23.03.0-150500.3.22.1
    * ovn3-docker-23.03.0-150500.3.22.1
    * openvswitch3-debugsource-3.1.0-150500.3.22.1
    * ovn3-23.03.0-150500.3.22.1
    * openvswitch3-devel-3.1.0-150500.3.22.1
    * ovn3-central-23.03.0-150500.3.22.1
    * ovn3-vtep-23.03.0-150500.3.22.1
    * openvswitch3-test-debuginfo-3.1.0-150500.3.22.1
    * ovn3-devel-23.03.0-150500.3.22.1
    * ovn3-vtep-debuginfo-23.03.0-150500.3.22.1
    * ovn3-host-debuginfo-23.03.0-150500.3.22.1
    * ovn3-central-debuginfo-23.03.0-150500.3.22.1
    * openvswitch3-vtep-3.1.0-150500.3.22.1
    * openvswitch3-3.1.0-150500.3.22.1
    * openvswitch3-debuginfo-3.1.0-150500.3.22.1
    * openvswitch3-vtep-debuginfo-3.1.0-150500.3.22.1
  * openSUSE Leap 15.6 (noarch)
    * openvswitch3-doc-3.1.0-150500.3.22.1
    * ovn3-doc-23.03.0-150500.3.22.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * ovn3-debuginfo-23.03.0-150500.3.22.1
    * python3-ovs3-3.1.0-150500.3.22.1
    * ovn3-vtep-23.03.0-150500.3.22.1
    * openvswitch3-vtep-debuginfo-3.1.0-150500.3.22.1
    * ovn3-central-debuginfo-23.03.0-150500.3.22.1
    * openvswitch3-vtep-3.1.0-150500.3.22.1
    * ovn3-23.03.0-150500.3.22.1
    * ovn3-host-23.03.0-150500.3.22.1
    * libopenvswitch-3_1-0-debuginfo-3.1.0-150500.3.22.1
    * ovn3-docker-23.03.0-150500.3.22.1
    * openvswitch3-debugsource-3.1.0-150500.3.22.1
    * ovn3-vtep-debuginfo-23.03.0-150500.3.22.1
    * openvswitch3-3.1.0-150500.3.22.1
    * ovn3-host-debuginfo-23.03.0-150500.3.22.1
    * openvswitch3-debuginfo-3.1.0-150500.3.22.1
    * libovn-23_03-0-23.03.0-150500.3.22.1
    * libovn-23_03-0-debuginfo-23.03.0-150500.3.22.1
    * libopenvswitch-3_1-0-3.1.0-150500.3.22.1
    * ovn3-central-23.03.0-150500.3.22.1
    * openvswitch3-pki-3.1.0-150500.3.22.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * libopenvswitch-3_1-0-debuginfo-3.1.0-150500.3.22.1
    * openvswitch3-ipsec-3.1.0-150500.3.22.1
    * openvswitch3-test-3.1.0-150500.3.22.1
    * openvswitch3-pki-3.1.0-150500.3.22.1
    * libopenvswitch-3_1-0-3.1.0-150500.3.22.1
    * ovn3-debuginfo-23.03.0-150500.3.22.1
    * python3-ovs3-3.1.0-150500.3.22.1
    * ovn3-host-23.03.0-150500.3.22.1
    * ovn3-docker-23.03.0-150500.3.22.1
    * openvswitch3-debugsource-3.1.0-150500.3.22.1
    * ovn3-23.03.0-150500.3.22.1
    * openvswitch3-devel-3.1.0-150500.3.22.1
    * libovn-23_03-0-debuginfo-23.03.0-150500.3.22.1
    * ovn3-central-23.03.0-150500.3.22.1
    * ovn3-vtep-23.03.0-150500.3.22.1
    * openvswitch3-test-debuginfo-3.1.0-150500.3.22.1
    * ovn3-devel-23.03.0-150500.3.22.1
    * ovn3-vtep-debuginfo-23.03.0-150500.3.22.1
    * ovn3-host-debuginfo-23.03.0-150500.3.22.1
    * libovn-23_03-0-23.03.0-150500.3.22.1
    * ovn3-central-debuginfo-23.03.0-150500.3.22.1
    * openvswitch3-vtep-3.1.0-150500.3.22.1
    * openvswitch3-3.1.0-150500.3.22.1
    * openvswitch3-debuginfo-3.1.0-150500.3.22.1
    * openvswitch3-vtep-debuginfo-3.1.0-150500.3.22.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * libopenvswitch-3_1-0-debuginfo-3.1.0-150500.3.22.1
    * openvswitch3-ipsec-3.1.0-150500.3.22.1
    * openvswitch3-test-3.1.0-150500.3.22.1
    * openvswitch3-pki-3.1.0-150500.3.22.1
    * libopenvswitch-3_1-0-3.1.0-150500.3.22.1
    * ovn3-debuginfo-23.03.0-150500.3.22.1
    * python3-ovs3-3.1.0-150500.3.22.1
    * ovn3-host-23.03.0-150500.3.22.1
    * ovn3-docker-23.03.0-150500.3.22.1
    * openvswitch3-debugsource-3.1.0-150500.3.22.1
    * ovn3-23.03.0-150500.3.22.1
    * openvswitch3-devel-3.1.0-150500.3.22.1
    * libovn-23_03-0-debuginfo-23.03.0-150500.3.22.1
    * ovn3-central-23.03.0-150500.3.22.1
    * ovn3-vtep-23.03.0-150500.3.22.1
    * openvswitch3-test-debuginfo-3.1.0-150500.3.22.1
    * ovn3-devel-23.03.0-150500.3.22.1
    * ovn3-vtep-debuginfo-23.03.0-150500.3.22.1
    * ovn3-host-debuginfo-23.03.0-150500.3.22.1
    * libovn-23_03-0-23.03.0-150500.3.22.1
    * ovn3-central-debuginfo-23.03.0-150500.3.22.1
    * openvswitch3-vtep-3.1.0-150500.3.22.1
    * openvswitch3-3.1.0-150500.3.22.1
    * openvswitch3-debuginfo-3.1.0-150500.3.22.1
    * openvswitch3-vtep-debuginfo-3.1.0-150500.3.22.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * libopenvswitch-3_1-0-debuginfo-3.1.0-150500.3.22.1
    * openvswitch3-ipsec-3.1.0-150500.3.22.1
    * openvswitch3-test-3.1.0-150500.3.22.1
    * openvswitch3-pki-3.1.0-150500.3.22.1
    * libopenvswitch-3_1-0-3.1.0-150500.3.22.1
    * ovn3-debuginfo-23.03.0-150500.3.22.1
    * python3-ovs3-3.1.0-150500.3.22.1
    * ovn3-host-23.03.0-150500.3.22.1
    * ovn3-docker-23.03.0-150500.3.22.1
    * openvswitch3-debugsource-3.1.0-150500.3.22.1
    * ovn3-23.03.0-150500.3.22.1
    * openvswitch3-devel-3.1.0-150500.3.22.1
    * libovn-23_03-0-debuginfo-23.03.0-150500.3.22.1
    * ovn3-central-23.03.0-150500.3.22.1
    * ovn3-vtep-23.03.0-150500.3.22.1
    * openvswitch3-test-debuginfo-3.1.0-150500.3.22.1
    * ovn3-devel-23.03.0-150500.3.22.1
    * ovn3-vtep-debuginfo-23.03.0-150500.3.22.1
    * ovn3-host-debuginfo-23.03.0-150500.3.22.1
    * libovn-23_03-0-23.03.0-150500.3.22.1
    * ovn3-central-debuginfo-23.03.0-150500.3.22.1
    * openvswitch3-vtep-3.1.0-150500.3.22.1
    * openvswitch3-3.1.0-150500.3.22.1
    * openvswitch3-debuginfo-3.1.0-150500.3.22.1
    * openvswitch3-vtep-debuginfo-3.1.0-150500.3.22.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * libopenvswitch-3_1-0-debuginfo-3.1.0-150500.3.22.1
    * openvswitch3-ipsec-3.1.0-150500.3.22.1
    * openvswitch3-test-3.1.0-150500.3.22.1
    * openvswitch3-pki-3.1.0-150500.3.22.1
    * libopenvswitch-3_1-0-3.1.0-150500.3.22.1
    * ovn3-debuginfo-23.03.0-150500.3.22.1
    * python3-ovs3-3.1.0-150500.3.22.1
    * ovn3-host-23.03.0-150500.3.22.1
    * ovn3-docker-23.03.0-150500.3.22.1
    * openvswitch3-debugsource-3.1.0-150500.3.22.1
    * ovn3-23.03.0-150500.3.22.1
    * openvswitch3-devel-3.1.0-150500.3.22.1
    * libovn-23_03-0-debuginfo-23.03.0-150500.3.22.1
    * ovn3-central-23.03.0-150500.3.22.1
    * ovn3-vtep-23.03.0-150500.3.22.1
    * openvswitch3-test-debuginfo-3.1.0-150500.3.22.1
    * ovn3-devel-23.03.0-150500.3.22.1
    * ovn3-vtep-debuginfo-23.03.0-150500.3.22.1
    * ovn3-host-debuginfo-23.03.0-150500.3.22.1
    * libovn-23_03-0-23.03.0-150500.3.22.1
    * ovn3-central-debuginfo-23.03.0-150500.3.22.1
    * openvswitch3-vtep-3.1.0-150500.3.22.1
    * openvswitch3-3.1.0-150500.3.22.1
    * openvswitch3-debuginfo-3.1.0-150500.3.22.1
    * openvswitch3-vtep-debuginfo-3.1.0-150500.3.22.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-0650.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1236353

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250228/248eae02/attachment.htm>

From null at suse.de  Fri Feb 28 12:30:08 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 28 Feb 2025 12:30:08 -0000
Subject: SUSE-SU-2025:0741-1: important: Security update for procps
Message-ID: <174074580857.31417.1511615982551489026@smelt2.prg2.suse.org>



# Security update for procps

Announcement ID: SUSE-SU-2025:0741-1  
Release Date: 2025-02-28T10:17:02Z  
Rating: important  
References:

  * bsc#1214290
  * bsc#1236842

  
Cross-References:

  * CVE-2023-4016

  
CVSS scores:

  * CVE-2023-4016 ( SUSE ):  2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2023-4016 ( NVD ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Micro for Rancher 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for procps fixes the following issues:

  * Integer overflow due to incomplete fix for CVE-2023-4016 can lead to
    segmentation fault in ps command when pid argument has a leading space
    (bsc#1236842, bsc#1214290).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-741=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-741=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-741=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-741=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-741=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-741=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-741=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-741=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-741=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-741=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-741=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-741=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-741=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-741=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-741=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-741=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-741=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-741=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-741=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-741=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-741=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-741=1

  * SUSE Linux Enterprise Micro 5.1  
    zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-741=1

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-741=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-741=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * procps-devel-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * openSUSE Leap 15.6 (noarch)
    * procps-lang-3.3.17-150000.7.42.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * procps-devel-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * procps-devel-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * procps-devel-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * procps-devel-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * procps-devel-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * procps-devel-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * procps-devel-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * procps-devel-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * procps-devel-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * procps-devel-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * procps-devel-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * procps-devel-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * procps-devel-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * procps-devel-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * procps-devel-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * procps-devel-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
    * procps-3.3.17-150000.7.42.1
    * procps-debugsource-3.3.17-150000.7.42.1
    * procps-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-debuginfo-3.3.17-150000.7.42.1
    * libprocps8-3.3.17-150000.7.42.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-4016.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1214290
  * https://bugzilla.suse.com/show_bug.cgi?id=1236842

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250228/cad7f567/attachment.htm>

From null at suse.de  Fri Feb 28 12:30:11 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 28 Feb 2025 12:30:11 -0000
Subject: SUSE-SU-2025:0740-1: moderate: Security update for libX11
Message-ID: <174074581149.31417.9123461514157596559@smelt2.prg2.suse.org>



# Security update for libX11

Announcement ID: SUSE-SU-2025:0740-1  
Release Date: 2025-02-28T10:10:32Z  
Rating: moderate  
References:

  * bsc#1237431

  
Cross-References:

  * CVE-2025-26597

  
CVSS scores:

  * CVE-2025-26597 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26597 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2025-26597 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for libX11 fixes the following issues:

  * CVE-2025-26597: improper resizing of key actions when nGroups is 0 can lead
    to buffer overflows in XkbChangeTypesOfKey() (bsc#1237431).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-740=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-740=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * libX11-xcb1-1.6.2-12.36.1
    * libX11-debugsource-1.6.2-12.36.1
    * libX11-6-debuginfo-1.6.2-12.36.1
    * libX11-devel-1.6.2-12.36.1
    * libX11-xcb1-debuginfo-1.6.2-12.36.1
    * libX11-6-1.6.2-12.36.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch)
    * libX11-data-1.6.2-12.36.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64)
    * libX11-xcb1-debuginfo-32bit-1.6.2-12.36.1
    * libX11-6-32bit-1.6.2-12.36.1
    * libX11-xcb1-32bit-1.6.2-12.36.1
    * libX11-6-debuginfo-32bit-1.6.2-12.36.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * libX11-xcb1-1.6.2-12.36.1
    * libX11-debugsource-1.6.2-12.36.1
    * libX11-6-debuginfo-1.6.2-12.36.1
    * libX11-6-32bit-1.6.2-12.36.1
    * libX11-xcb1-debuginfo-32bit-1.6.2-12.36.1
    * libX11-devel-1.6.2-12.36.1
    * libX11-xcb1-debuginfo-1.6.2-12.36.1
    * libX11-6-1.6.2-12.36.1
    * libX11-xcb1-32bit-1.6.2-12.36.1
    * libX11-6-debuginfo-32bit-1.6.2-12.36.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch)
    * libX11-data-1.6.2-12.36.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-26597.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237431

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250228/f3fcb2f8/attachment.htm>

From null at suse.de  Fri Feb 28 12:30:14 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 28 Feb 2025 12:30:14 -0000
Subject: SUSE-SU-2025:0739-1: moderate: Security update for libX11
Message-ID: <174074581488.31417.15199605527260541608@smelt2.prg2.suse.org>



# Security update for libX11

Announcement ID: SUSE-SU-2025:0739-1  
Release Date: 2025-02-28T10:09:50Z  
Rating: moderate  
References:

  * bsc#1237431

  
Cross-References:

  * CVE-2025-26597

  
CVSS scores:

  * CVE-2025-26597 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26597 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2025-26597 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for libX11 fixes the following issues:

  * CVE-2025-26597: improper resizing of key actions when nGroups is 0 can lead
    to buffer overflows in XkbChangeTypesOfKey() (bsc#1237431).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-739=1 openSUSE-SLE-15.6-2025-739=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-739=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * libX11-xcb1-1.8.7-150600.3.3.1
    * libX11-xcb1-debuginfo-1.8.7-150600.3.3.1
    * libX11-debugsource-1.8.7-150600.3.3.1
    * libX11-6-1.8.7-150600.3.3.1
    * libX11-devel-1.8.7-150600.3.3.1
    * libX11-6-debuginfo-1.8.7-150600.3.3.1
  * openSUSE Leap 15.6 (x86_64)
    * libX11-6-32bit-debuginfo-1.8.7-150600.3.3.1
    * libX11-xcb1-32bit-1.8.7-150600.3.3.1
    * libX11-devel-32bit-1.8.7-150600.3.3.1
    * libX11-6-32bit-1.8.7-150600.3.3.1
    * libX11-xcb1-32bit-debuginfo-1.8.7-150600.3.3.1
  * openSUSE Leap 15.6 (noarch)
    * libX11-data-1.8.7-150600.3.3.1
  * openSUSE Leap 15.6 (aarch64_ilp32)
    * libX11-6-64bit-1.8.7-150600.3.3.1
    * libX11-6-64bit-debuginfo-1.8.7-150600.3.3.1
    * libX11-devel-64bit-1.8.7-150600.3.3.1
    * libX11-xcb1-64bit-1.8.7-150600.3.3.1
    * libX11-xcb1-64bit-debuginfo-1.8.7-150600.3.3.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * libX11-xcb1-1.8.7-150600.3.3.1
    * libX11-xcb1-debuginfo-1.8.7-150600.3.3.1
    * libX11-debugsource-1.8.7-150600.3.3.1
    * libX11-6-1.8.7-150600.3.3.1
    * libX11-devel-1.8.7-150600.3.3.1
    * libX11-6-debuginfo-1.8.7-150600.3.3.1
  * Basesystem Module 15-SP6 (noarch)
    * libX11-data-1.8.7-150600.3.3.1
  * Basesystem Module 15-SP6 (x86_64)
    * libX11-6-32bit-1.8.7-150600.3.3.1
    * libX11-xcb1-32bit-1.8.7-150600.3.3.1
    * libX11-xcb1-32bit-debuginfo-1.8.7-150600.3.3.1
    * libX11-6-32bit-debuginfo-1.8.7-150600.3.3.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-26597.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237431

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250228/5cfef922/attachment.htm>

From null at suse.de  Fri Feb 28 12:30:18 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 28 Feb 2025 12:30:18 -0000
Subject: SUSE-SU-2025:0737-1: important: Security update for postgresql13
Message-ID: <174074581807.31417.1478941352383176161@smelt2.prg2.suse.org>



# Security update for postgresql13

Announcement ID: SUSE-SU-2025:0737-1  
Release Date: 2025-02-28T09:56:56Z  
Rating: important  
References:

  * bsc#1237093

  
Cross-References:

  * CVE-2025-1094

  
CVSS scores:

  * CVE-2025-1094 ( SUSE ):  8.7
    CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-1094 ( SUSE ):  8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2025-1094 ( NVD ):  8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for postgresql13 fixes the following issues:

Upgrade to 13.20:

  * CVE-2025-1094: Harden PQescapeString and allied functions against invalidly-
    encoded input strings (bsc#1237093).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-737=1 SUSE-2025-737=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * postgresql13-plpython-13.20-150600.14.5.2
    * postgresql13-llvmjit-devel-13.20-150600.14.5.2
    * postgresql13-debugsource-13.20-150600.14.5.2
    * postgresql13-pltcl-13.20-150600.14.5.2
    * postgresql13-server-devel-debuginfo-13.20-150600.14.5.2
    * postgresql13-pltcl-debuginfo-13.20-150600.14.5.2
    * postgresql13-server-13.20-150600.14.5.2
    * postgresql13-test-13.20-150600.14.5.2
    * postgresql13-13.20-150600.14.5.2
    * postgresql13-devel-13.20-150600.14.5.2
    * postgresql13-contrib-debuginfo-13.20-150600.14.5.2
    * postgresql13-server-devel-13.20-150600.14.5.2
    * postgresql13-llvmjit-debuginfo-13.20-150600.14.5.2
    * postgresql13-server-debuginfo-13.20-150600.14.5.2
    * postgresql13-plperl-13.20-150600.14.5.2
    * postgresql13-contrib-13.20-150600.14.5.2
    * postgresql13-plperl-debuginfo-13.20-150600.14.5.2
    * postgresql13-llvmjit-13.20-150600.14.5.2
    * postgresql13-devel-debuginfo-13.20-150600.14.5.2
    * postgresql13-debuginfo-13.20-150600.14.5.2
    * postgresql13-plpython-debuginfo-13.20-150600.14.5.2
  * openSUSE Leap 15.6 (noarch)
    * postgresql13-docs-13.20-150600.14.5.2

## References:

  * https://www.suse.com/security/cve/CVE-2025-1094.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237093

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250228/9b1b3a95/attachment.htm>

From null at suse.de  Fri Feb 28 16:30:01 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 28 Feb 2025 16:30:01 -0000
Subject: SUSE-RU-2025:0745-1: moderate: Recommended update for
 apache-commons-cli
Message-ID: <174076020132.31718.12310353438070814144@smelt2.prg2.suse.org>



# Recommended update for apache-commons-cli

Announcement ID: SUSE-RU-2025:0745-1  
Release Date: 2025-02-28T14:55:01Z  
Rating: moderate  
References:

  
Affected Products:

  * Development Tools Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Manager Server 4.3
  * SUSE Manager Server 4.3 Module

  
  
An update that can now be installed.

## Description:

This update for apache-commons-cli fixes the following issues:

  * Update to 1.9.0:
  * New features:
    * Add OptionGroup.isSelected().
    * You can now extend HelpFormatter.Builder.
    * Add 'since' attribute to Option to track when an Option was introduced
  * Fixed bugs:
    * Fix Javadoc pathing
    * Updated properties documentation #285.
    * Deprecation not always reported #284.
    * Replace internal StringBuffer with StringBuilder.
  * Updates:
    * Bump org.apache.commons:commons-parent from 70 to 72
  * Update to 1.8.0:
  * Fix Javadoc pathing
  * Updated apache-commons-cli-build.xml to new version.
  * Update to 1.7:
  * New features:
    * Add and use a Converter interface and implementations without using BeanUtils
    * Add Maven property project.build.outputTimestamp for build reproducibility.
    * Add '-' as an option char and implemented extensive tests
    * Make adding OptionGroups and Options to existing Options easier
    * Added Supplier; defaults for getParsedOptionValue
    * Make Option.getKey() public
    * Add builder factory CommandLine#builder().
  * Fixes:
    * Inconsistent behavior in key/value pairs (Java property style). Util.stripLeadingAndTrailingQuotes(String).
    * Awkward behavior of Option.builder() for multiple optional args.
    * Properties from multiple arguments with value separator.
    * Fix for expected textual date values.
    * Option.Builder.option("") should throw IllegalArgumentException instead of ArrayIndexOutOfBoundsException.
    * Avoid NullPointerException in CommandLine.getOptionValues(Option|String).
  * Updates:
    * Bump commons-parent from 64 to 69
    * Update the tests to JUnit 5
    * Bump tests commons-io:commons-io from 2.16.0 to 2.16.1
  * Includes changes from version 1.6:
  * Fixes:
    * [StepSecurity] ci: Harden GitHub Actions
    * Inconsistent date format in changes report.
    * Fix NPE in CommandLine.resolveOption(String).
    * CommandLine.addOption(Option) should not allow a null Option.
    * CommandLine.addArgs(String) should not allow a null String.
    * Site docs: "Usage Scenarios" refers to deprecated methods.
    * NullPointerException thrown by CommandLineParser.parse().
    * StringIndexOutOfBoundsException thrown by CommandLineParser.parse().
  * Updates:
    * Fix SpotBugs Error: Medium: Method intentionally throws RuntimeException. [org.apache.commons.cli.Option] At Option.java:[lines 417-423] THROWS_METHOD_THROWS_RUNTIMEEXCEPTION
    * Fix SpotBugs Error: Medium: Method intentionally throws RuntimeException. [org.apache.commons.cli.Option] At Option.java:[lines 446-450] THROWS_METHOD_THROWS_RUNTIMEEXCEPTION
    * Fix SpotBugs Error: Medium: Method intentionally throws RuntimeException. [org.apache.commons.cli.Option] At Option.java:[lines 474-478] THROWS_METHOD_THROWS_RUNTIMEEXCEPTION
    * Use EMPTY_STRING_ARRAY constant.
    * Fix site links that are broken
    * Add github/codeql-action.
  * Use %patch -P N instead of deprecated %patchN.
  * Build with java source/target levels 8

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-745=1

  * Development Tools Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-745=1

  * SUSE Manager Server 4.3 Module  
    zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2025-745=1

## Package List:

  * openSUSE Leap 15.6 (noarch)
    * apache-commons-cli-1.9.0-150200.3.9.1
    * apache-commons-cli-javadoc-1.9.0-150200.3.9.1
  * Development Tools Module 15-SP6 (noarch)
    * apache-commons-cli-1.9.0-150200.3.9.1
  * SUSE Manager Server 4.3 Module (noarch)
    * apache-commons-cli-1.9.0-150200.3.9.1

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250228/dd22e855/attachment.htm>

From null at suse.de  Fri Feb 28 16:30:14 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 28 Feb 2025 16:30:14 -0000
Subject: SUSE-SU-2025:0744-1: moderate: Security update for openssh8.4
Message-ID: <174076021476.31718.2737870825975478489@smelt2.prg2.suse.org>



# Security update for openssh8.4

Announcement ID: SUSE-SU-2025:0744-1  
Release Date: 2025-02-28T14:39:39Z  
Rating: moderate  
References:

  * bsc#1186673
  * bsc#1213004
  * bsc#1213008
  * bsc#1214788
  * bsc#1216474
  * bsc#1218871
  * bsc#1221123
  * bsc#1222831
  * bsc#1237040

  
Cross-References:

  * CVE-2025-26465

  
CVSS scores:

  * CVE-2025-26465 ( SUSE ):  6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
  * CVE-2025-26465 ( NVD ):  6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves one vulnerability and has eight security fixes can now be
installed.

## Description:

This update for openssh8.4 fixes the following issues:

  * CVE-2025-26465: Fixed a MitM attack against OpenSSH's VerifyHostKeyDNS-
    enabled client (bsc#1237040).

Other bugfixes:

  * Fix usage of local accelerator cards via openssl-ibmca (bsc#1216474,
    bsc#1218871).
  * Add patches from upstream to change the default value of UpdateHostKeys to
    Yes (unless VerifyHostKeyDNS is enabled) (bsc#1222831).
  * Fix hostbased ssh login failing occasionally with "signature unverified:
    incorrect signature" by fixing a typo in patch (bsc#1221123).
  * For now we don't ship the ssh-keycat command, but we need the patch for the
    other SELinux infrastructure (bsc#1214788).
  * Attempts to mitigate instances of secrets lingering in memory after a
    session exits (bsc#1213004, bsc#1213008, bsc#1186673).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-744=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-744=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * openssh8.4-fips-8.4p1-8.16.1
    * openssh8.4-helpers-8.4p1-8.16.1
    * openssh8.4-server-8.4p1-8.16.1
    * openssh8.4-clients-debuginfo-8.4p1-8.16.1
    * openssh8.4-common-debuginfo-8.4p1-8.16.1
    * openssh8.4-helpers-debuginfo-8.4p1-8.16.1
    * openssh8.4-server-debuginfo-8.4p1-8.16.1
    * openssh8.4-8.4p1-8.16.1
    * openssh8.4-common-8.4p1-8.16.1
    * openssh8.4-clients-8.4p1-8.16.1
    * openssh8.4-debugsource-8.4p1-8.16.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * openssh8.4-fips-8.4p1-8.16.1
    * openssh8.4-helpers-8.4p1-8.16.1
    * openssh8.4-server-8.4p1-8.16.1
    * openssh8.4-clients-debuginfo-8.4p1-8.16.1
    * openssh8.4-common-debuginfo-8.4p1-8.16.1
    * openssh8.4-helpers-debuginfo-8.4p1-8.16.1
    * openssh8.4-server-debuginfo-8.4p1-8.16.1
    * openssh8.4-8.4p1-8.16.1
    * openssh8.4-common-8.4p1-8.16.1
    * openssh8.4-clients-8.4p1-8.16.1
    * openssh8.4-debugsource-8.4p1-8.16.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-26465.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1186673
  * https://bugzilla.suse.com/show_bug.cgi?id=1213004
  * https://bugzilla.suse.com/show_bug.cgi?id=1213008
  * https://bugzilla.suse.com/show_bug.cgi?id=1214788
  * https://bugzilla.suse.com/show_bug.cgi?id=1216474
  * https://bugzilla.suse.com/show_bug.cgi?id=1218871
  * https://bugzilla.suse.com/show_bug.cgi?id=1221123
  * https://bugzilla.suse.com/show_bug.cgi?id=1222831
  * https://bugzilla.suse.com/show_bug.cgi?id=1237040

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250228/6142d9ec/attachment.htm>

From null at suse.de  Fri Feb 28 16:30:17 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 28 Feb 2025 16:30:17 -0000
Subject: SUSE-RU-2025:0743-1: moderate: Recommended update for kubevirt,
 virt-api-container, virt-controller-container, virt-exportproxy-container,
 virt-exportserver-container, virt-handler-container, virt-launcher-container, 
 virt-libguestf
Message-ID: <174076021793.31718.15489069891553422689@smelt2.prg2.suse.org>



# Recommended update for kubevirt, virt-api-container, virt-controller-
container, virt-exportproxy-container, virt-exportserver-container, virt-
handler-container, virt-launcher-container, virt-libguestf

Announcement ID: SUSE-RU-2025:0743-1  
Release Date: 2025-02-28T14:39:26Z  
Rating: moderate  
References:

  * bsc#1237270

  
Affected Products:

  * Containers Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that has one fix can now be installed.

## Description:

This update for kubevirt, virt-api-container, virt-controller-container, virt-
exportproxy-container, virt-exportserver-container, virt-handler-container,
virt-launcher-container, virt-libguestfs-tools-container, virt-operator-
container, virt-pr-helper-container fixes the following issues:

  * Fix missing virtio-gpu packages missing from the aarch64 images
    (bsc#1237270)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-743=1 openSUSE-SLE-15.6-2025-743=1

  * Containers Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-743=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 x86_64)
    * kubevirt-virt-exportserver-debuginfo-1.4.0-150600.5.15.1
    * kubevirt-virt-launcher-debuginfo-1.4.0-150600.5.15.1
    * kubevirt-tests-debuginfo-1.4.0-150600.5.15.1
    * kubevirt-virt-controller-debuginfo-1.4.0-150600.5.15.1
    * kubevirt-virt-exportproxy-1.4.0-150600.5.15.1
    * kubevirt-manifests-1.4.0-150600.5.15.1
    * obs-service-kubevirt_containers_meta-1.4.0-150600.5.15.1
    * kubevirt-container-disk-debuginfo-1.4.0-150600.5.15.1
    * kubevirt-tests-1.4.0-150600.5.15.1
    * kubevirt-virt-api-debuginfo-1.4.0-150600.5.15.1
    * kubevirt-virtctl-debuginfo-1.4.0-150600.5.15.1
    * kubevirt-virt-exportproxy-debuginfo-1.4.0-150600.5.15.1
    * kubevirt-virt-operator-1.4.0-150600.5.15.1
    * kubevirt-virt-handler-1.4.0-150600.5.15.1
    * kubevirt-virt-handler-debuginfo-1.4.0-150600.5.15.1
    * kubevirt-virt-exportserver-1.4.0-150600.5.15.1
    * kubevirt-container-disk-1.4.0-150600.5.15.1
    * kubevirt-virt-launcher-1.4.0-150600.5.15.1
    * kubevirt-virt-api-1.4.0-150600.5.15.1
    * kubevirt-virt-operator-debuginfo-1.4.0-150600.5.15.1
    * kubevirt-virtctl-1.4.0-150600.5.15.1
    * kubevirt-pr-helper-conf-1.4.0-150600.5.15.1
    * kubevirt-virt-controller-1.4.0-150600.5.15.1
  * Containers Module 15-SP6 (aarch64 x86_64)
    * kubevirt-manifests-1.4.0-150600.5.15.1
    * kubevirt-virtctl-debuginfo-1.4.0-150600.5.15.1
    * kubevirt-virtctl-1.4.0-150600.5.15.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1237270

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250228/a0a3c0db/attachment.htm>

From null at suse.de  Fri Feb 28 20:30:05 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 28 Feb 2025 20:30:05 -0000
Subject: SUSE-SU-2025:0758-1: moderate: Security update for libxkbfile
Message-ID: <174077460543.31458.14866472308390908582@smelt2.prg2.suse.org>



# Security update for libxkbfile

Announcement ID: SUSE-SU-2025:0758-1  
Release Date: 2025-02-28T18:23:41Z  
Rating: moderate  
References:

  * bsc#1237429

  
Cross-References:

  * CVE-2025-26595

  
CVSS scores:

  * CVE-2025-26595 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26595 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2025-26595 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for libxkbfile fixes the following issues:

  * CVE-2025-26595: Fixed buffer overflow in XkbVModMaskText() (bsc#1237429).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-758=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-758=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-758=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-758=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-758=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-758=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-758=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-758=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-758=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-758=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-758=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-758=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-758=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-758=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-758=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-758=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-758=1

## Package List:

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * libxkbfile-devel-1.0.9-150000.3.3.1
    * libxkbfile1-1.0.9-150000.3.3.1
    * libxkbfile1-debuginfo-1.0.9-150000.3.3.1
    * libxkbfile-debugsource-1.0.9-150000.3.3.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * libxkbfile-devel-1.0.9-150000.3.3.1
    * libxkbfile1-1.0.9-150000.3.3.1
    * libxkbfile1-debuginfo-1.0.9-150000.3.3.1
    * libxkbfile-debugsource-1.0.9-150000.3.3.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * libxkbfile-devel-1.0.9-150000.3.3.1
    * libxkbfile1-1.0.9-150000.3.3.1
    * libxkbfile1-debuginfo-1.0.9-150000.3.3.1
    * libxkbfile-debugsource-1.0.9-150000.3.3.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * libxkbfile-devel-1.0.9-150000.3.3.1
    * libxkbfile1-1.0.9-150000.3.3.1
    * libxkbfile1-debuginfo-1.0.9-150000.3.3.1
    * libxkbfile-debugsource-1.0.9-150000.3.3.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * libxkbfile-devel-1.0.9-150000.3.3.1
    * libxkbfile1-1.0.9-150000.3.3.1
    * libxkbfile1-debuginfo-1.0.9-150000.3.3.1
    * libxkbfile-debugsource-1.0.9-150000.3.3.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * libxkbfile-devel-1.0.9-150000.3.3.1
    * libxkbfile1-1.0.9-150000.3.3.1
    * libxkbfile1-debuginfo-1.0.9-150000.3.3.1
    * libxkbfile-debugsource-1.0.9-150000.3.3.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * libxkbfile-devel-1.0.9-150000.3.3.1
    * libxkbfile1-1.0.9-150000.3.3.1
    * libxkbfile1-debuginfo-1.0.9-150000.3.3.1
    * libxkbfile-debugsource-1.0.9-150000.3.3.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * libxkbfile-devel-1.0.9-150000.3.3.1
    * libxkbfile1-1.0.9-150000.3.3.1
    * libxkbfile1-debuginfo-1.0.9-150000.3.3.1
    * libxkbfile-debugsource-1.0.9-150000.3.3.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * libxkbfile-devel-1.0.9-150000.3.3.1
    * libxkbfile1-1.0.9-150000.3.3.1
    * libxkbfile1-debuginfo-1.0.9-150000.3.3.1
    * libxkbfile-debugsource-1.0.9-150000.3.3.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * libxkbfile-devel-1.0.9-150000.3.3.1
    * libxkbfile1-1.0.9-150000.3.3.1
    * libxkbfile1-debuginfo-1.0.9-150000.3.3.1
    * libxkbfile-debugsource-1.0.9-150000.3.3.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * libxkbfile-devel-1.0.9-150000.3.3.1
    * libxkbfile1-1.0.9-150000.3.3.1
    * libxkbfile1-debuginfo-1.0.9-150000.3.3.1
    * libxkbfile-debugsource-1.0.9-150000.3.3.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * libxkbfile-devel-1.0.9-150000.3.3.1
    * libxkbfile1-1.0.9-150000.3.3.1
    * libxkbfile1-debuginfo-1.0.9-150000.3.3.1
    * libxkbfile-debugsource-1.0.9-150000.3.3.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * libxkbfile-devel-1.0.9-150000.3.3.1
    * libxkbfile1-1.0.9-150000.3.3.1
    * libxkbfile1-debuginfo-1.0.9-150000.3.3.1
    * libxkbfile-debugsource-1.0.9-150000.3.3.1
  * openSUSE Leap 15.6 (x86_64)
    * libxkbfile1-32bit-debuginfo-1.0.9-150000.3.3.1
    * libxkbfile1-32bit-1.0.9-150000.3.3.1
    * libxkbfile-devel-32bit-1.0.9-150000.3.3.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * libxkbfile-devel-1.0.9-150000.3.3.1
    * libxkbfile1-1.0.9-150000.3.3.1
    * libxkbfile1-debuginfo-1.0.9-150000.3.3.1
    * libxkbfile-debugsource-1.0.9-150000.3.3.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * libxkbfile-devel-1.0.9-150000.3.3.1
    * libxkbfile1-1.0.9-150000.3.3.1
    * libxkbfile1-debuginfo-1.0.9-150000.3.3.1
    * libxkbfile-debugsource-1.0.9-150000.3.3.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * libxkbfile-devel-1.0.9-150000.3.3.1
    * libxkbfile1-1.0.9-150000.3.3.1
    * libxkbfile1-debuginfo-1.0.9-150000.3.3.1
    * libxkbfile-debugsource-1.0.9-150000.3.3.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * libxkbfile-devel-1.0.9-150000.3.3.1
    * libxkbfile1-1.0.9-150000.3.3.1
    * libxkbfile1-debuginfo-1.0.9-150000.3.3.1
    * libxkbfile-debugsource-1.0.9-150000.3.3.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-26595.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237429

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250228/4718821d/attachment.htm>

From null at suse.de  Fri Feb 28 20:30:09 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 28 Feb 2025 20:30:09 -0000
Subject: SUSE-SU-2025:0757-1: moderate: Security update for libX11
Message-ID: <174077460933.31458.7052843531249085386@smelt2.prg2.suse.org>



# Security update for libX11

Announcement ID: SUSE-SU-2025:0757-1  
Release Date: 2025-02-28T16:40:50Z  
Rating: moderate  
References:

  * bsc#1237431

  
Cross-References:

  * CVE-2025-26597

  
CVSS scores:

  * CVE-2025-26597 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2025-26597 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
  * CVE-2025-26597 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Micro for Rancher 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for libX11 fixes the following issues:

  * CVE-2025-26597: improper resizing of key actions when nGroups is 0 can lead
    to buffer overflows in XkbChangeTypesOfKey() (bsc#1237431).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-757=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-757=1

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-757=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-757=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-757=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-757=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-757=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-757=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-757=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-757=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-757=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-757=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-757=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-757=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-757=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-757=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-757=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-757=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-757=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-757=1

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-757=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-757=1

## Package List:

  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch)
    * libX11-data-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Micro 5.3 (noarch)
    * libX11-data-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch)
    * libX11-data-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Micro 5.4 (noarch)
    * libX11-data-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Micro 5.5 (noarch)
    * libX11-data-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-devel-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * libX11-data-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64)
    * libX11-6-32bit-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-1.6.5-150000.3.36.1
    * libX11-6-32bit-debuginfo-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-devel-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
    * libX11-data-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
    * libX11-6-32bit-1.6.5-150000.3.36.1
    * libX11-6-32bit-debuginfo-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-devel-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
    * libX11-data-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
    * libX11-6-32bit-1.6.5-150000.3.36.1
    * libX11-6-32bit-debuginfo-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-devel-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
    * libX11-data-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64)
    * libX11-xcb1-32bit-1.6.5-150000.3.36.1
    * libX11-6-32bit-debuginfo-1.6.5-150000.3.36.1
    * libX11-6-32bit-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-devel-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
    * libX11-data-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64)
    * libX11-xcb1-32bit-1.6.5-150000.3.36.1
    * libX11-6-32bit-debuginfo-1.6.5-150000.3.36.1
    * libX11-6-32bit-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-devel-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * libX11-data-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (x86_64)
    * libX11-6-32bit-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-1.6.5-150000.3.36.1
    * libX11-6-32bit-debuginfo-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-devel-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
    * libX11-data-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64)
    * libX11-6-32bit-1.6.5-150000.3.36.1
    * libX11-6-32bit-debuginfo-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-devel-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
    * libX11-data-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64)
    * libX11-xcb1-32bit-1.6.5-150000.3.36.1
    * libX11-6-32bit-debuginfo-1.6.5-150000.3.36.1
    * libX11-6-32bit-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-devel-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * libX11-data-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64)
    * libX11-6-32bit-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-1.6.5-150000.3.36.1
    * libX11-6-32bit-debuginfo-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-devel-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
    * libX11-data-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
    * libX11-6-32bit-1.6.5-150000.3.36.1
    * libX11-6-32bit-debuginfo-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-devel-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
    * libX11-data-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64)
    * libX11-xcb1-32bit-1.6.5-150000.3.36.1
    * libX11-6-32bit-debuginfo-1.6.5-150000.3.36.1
    * libX11-6-32bit-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-debuginfo-1.6.5-150000.3.36.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * libX11-6-32bit-debuginfo-1.6.5-150000.3.36.1
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-6-32bit-1.6.5-150000.3.36.1
    * libX11-devel-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-debuginfo-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Manager Proxy 4.3 (noarch)
    * libX11-data-1.6.5-150000.3.36.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * libX11-6-32bit-debuginfo-1.6.5-150000.3.36.1
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-6-32bit-1.6.5-150000.3.36.1
    * libX11-devel-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-debuginfo-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Manager Retail Branch Server 4.3 (noarch)
    * libX11-data-1.6.5-150000.3.36.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-devel-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Manager Server 4.3 (noarch)
    * libX11-data-1.6.5-150000.3.36.1
  * SUSE Manager Server 4.3 (x86_64)
    * libX11-6-32bit-1.6.5-150000.3.36.1
    * libX11-6-32bit-debuginfo-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-debuginfo-1.6.5-150000.3.36.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-devel-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Enterprise Storage 7.1 (noarch)
    * libX11-data-1.6.5-150000.3.36.1
  * SUSE Enterprise Storage 7.1 (x86_64)
    * libX11-6-32bit-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-1.6.5-150000.3.36.1
    * libX11-6-32bit-debuginfo-1.6.5-150000.3.36.1
    * libX11-xcb1-32bit-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Micro 5.2 (noarch)
    * libX11-data-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
    * libX11-xcb1-1.6.5-150000.3.36.1
    * libX11-xcb1-debuginfo-1.6.5-150000.3.36.1
    * libX11-debugsource-1.6.5-150000.3.36.1
    * libX11-6-1.6.5-150000.3.36.1
    * libX11-6-debuginfo-1.6.5-150000.3.36.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch)
    * libX11-data-1.6.5-150000.3.36.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-26597.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237431

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250228/12908788/attachment.htm>

From null at suse.de  Fri Feb 28 20:30:13 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 28 Feb 2025 20:30:13 -0000
Subject: SUSE-SU-2025:0756-1: moderate: Security update for python
Message-ID: <174077461369.31458.11309407112169630744@smelt2.prg2.suse.org>



# Security update for python

Announcement ID: SUSE-SU-2025:0756-1  
Release Date: 2025-02-28T16:38:14Z  
Rating: moderate  
References:

  * bsc#1223694
  * bsc#1236705

  
Cross-References:

  * CVE-2025-0938

  
CVSS scores:

  * CVE-2025-0938 ( SUSE ):  6.3
    CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N
  * CVE-2025-0938 ( SUSE ):  4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
  * CVE-2025-0938 ( NVD ):  6.3
    CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

  
Affected Products:

  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Package Hub 15 15-SP6

  
  
An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for python fixes the following issues:

  * Reference to no longer used 'bracketed_host' variable in the fix for
    CVE-2025-0938 (bsc#1236705, bsc#1223694).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-756=1

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-756=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * python-curses-debuginfo-2.7.18-150000.74.1
    * python-tk-2.7.18-150000.74.1
    * python-base-2.7.18-150000.74.1
    * python-demo-2.7.18-150000.74.1
    * python-2.7.18-150000.74.1
    * python-idle-2.7.18-150000.74.1
    * libpython2_7-1_0-2.7.18-150000.74.1
    * python-gdbm-2.7.18-150000.74.1
    * python-xml-2.7.18-150000.74.1
    * python-base-debuginfo-2.7.18-150000.74.1
    * python-xml-debuginfo-2.7.18-150000.74.1
    * python-curses-2.7.18-150000.74.1
    * libpython2_7-1_0-debuginfo-2.7.18-150000.74.1
    * python-debuginfo-2.7.18-150000.74.1
    * python-devel-2.7.18-150000.74.1
    * python-tk-debuginfo-2.7.18-150000.74.1
    * python-gdbm-debuginfo-2.7.18-150000.74.1
    * python-base-debugsource-2.7.18-150000.74.1
    * python-debugsource-2.7.18-150000.74.1
  * openSUSE Leap 15.6 (x86_64)
    * python-32bit-2.7.18-150000.74.1
    * python-base-32bit-debuginfo-2.7.18-150000.74.1
    * python-32bit-debuginfo-2.7.18-150000.74.1
    * python-base-32bit-2.7.18-150000.74.1
    * libpython2_7-1_0-32bit-debuginfo-2.7.18-150000.74.1
    * libpython2_7-1_0-32bit-2.7.18-150000.74.1
  * openSUSE Leap 15.6 (noarch)
    * python-doc-2.7.18-150000.74.1
    * python-doc-pdf-2.7.18-150000.74.1
  * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64)
    * python-curses-debuginfo-2.7.18-150000.74.1
    * python-base-2.7.18-150000.74.1
    * python-2.7.18-150000.74.1
    * libpython2_7-1_0-2.7.18-150000.74.1
    * python-gdbm-2.7.18-150000.74.1
    * python-xml-2.7.18-150000.74.1
    * python-base-debuginfo-2.7.18-150000.74.1
    * python-xml-debuginfo-2.7.18-150000.74.1
    * python-curses-2.7.18-150000.74.1
    * libpython2_7-1_0-debuginfo-2.7.18-150000.74.1
    * python-debuginfo-2.7.18-150000.74.1
    * python-gdbm-debuginfo-2.7.18-150000.74.1
    * python-base-debugsource-2.7.18-150000.74.1
    * python-debugsource-2.7.18-150000.74.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-0938.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1223694
  * https://bugzilla.suse.com/show_bug.cgi?id=1236705

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250228/b8573c45/attachment.htm>

From null at suse.de  Fri Feb 28 20:30:17 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 28 Feb 2025 20:30:17 -0000
Subject: SUSE-SU-2025:0755-1: moderate: Security update for u-boot
Message-ID: <174077461704.31458.6008090678682848667@smelt2.prg2.suse.org>



# Security update for u-boot

Announcement ID: SUSE-SU-2025:0755-1  
Release Date: 2025-02-28T16:37:12Z  
Rating: moderate  
References:

  * bsc#1237284
  * bsc#1237287

  
Cross-References:

  * CVE-2024-57256
  * CVE-2024-57258

  
CVSS scores:

  * CVE-2024-57256 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57256 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
  * CVE-2024-57256 ( NVD ):  7.1 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
  * CVE-2024-57258 ( SUSE ):  6.7
    CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-57258 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
  * CVE-2024-57258 ( NVD ):  7.1 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.6

  
  
An update that solves two vulnerabilities can now be installed.

## Description:

This update for u-boot fixes the following issues:

  * CVE-2024-57256: integer overflow in U-Boot's ext4 symlink resolution
    function (bsc#1237284).
  * CVE-2024-57258: multiple integer overflows in U-Boot's memory allocator
    (bsc#1237287).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-755=1

## Package List:

  * openSUSE Leap 15.6 (aarch64)
    * u-boot-xilinxzynqmpgeneric-2020.01-150200.10.18.1
    * u-boot-xilinxzynqmpgeneric-doc-2020.01-150200.10.18.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-57256.html
  * https://www.suse.com/security/cve/CVE-2024-57258.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237284
  * https://bugzilla.suse.com/show_bug.cgi?id=1237287

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250228/32e19495/attachment.htm>

From null at suse.de  Fri Feb 28 20:30:20 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 28 Feb 2025 20:30:20 -0000
Subject: SUSE-SU-2025:0754-1: important: Security update for wireshark
Message-ID: <174077462030.31458.7655988138137915726@smelt2.prg2.suse.org>



# Security update for wireshark

Announcement ID: SUSE-SU-2025:0754-1  
Release Date: 2025-02-28T16:31:33Z  
Rating: important  
References:

  * bsc#1237414

  
Cross-References:

  * CVE-2025-1492

  
CVSS scores:

  * CVE-2025-1492 ( SUSE ):  7.1
    CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2025-1492 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2025-1492 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * Desktop Applications Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for wireshark fixes the following issues:

Update to version 4.2.11:

  * CVE-2025-1492: uncontrolled recursion leading to a stack buffer overflow can
    cause Bundle Protocol and CBOR dissector to crash (bsc#1237414).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-754=1 openSUSE-SLE-15.6-2025-754=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-754=1

  * Desktop Applications Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-754=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * libwiretap14-debuginfo-4.2.11-150600.18.20.1
    * libwsutil15-4.2.11-150600.18.20.1
    * libwsutil15-debuginfo-4.2.11-150600.18.20.1
    * wireshark-ui-qt-4.2.11-150600.18.20.1
    * wireshark-ui-qt-debuginfo-4.2.11-150600.18.20.1
    * libwireshark17-4.2.11-150600.18.20.1
    * wireshark-4.2.11-150600.18.20.1
    * wireshark-debuginfo-4.2.11-150600.18.20.1
    * wireshark-debugsource-4.2.11-150600.18.20.1
    * wireshark-devel-4.2.11-150600.18.20.1
    * libwiretap14-4.2.11-150600.18.20.1
    * libwireshark17-debuginfo-4.2.11-150600.18.20.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * libwiretap14-debuginfo-4.2.11-150600.18.20.1
    * libwsutil15-4.2.11-150600.18.20.1
    * libwsutil15-debuginfo-4.2.11-150600.18.20.1
    * libwireshark17-4.2.11-150600.18.20.1
    * wireshark-4.2.11-150600.18.20.1
    * wireshark-debuginfo-4.2.11-150600.18.20.1
    * wireshark-debugsource-4.2.11-150600.18.20.1
    * libwiretap14-4.2.11-150600.18.20.1
    * libwireshark17-debuginfo-4.2.11-150600.18.20.1
  * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * wireshark-ui-qt-4.2.11-150600.18.20.1
    * wireshark-ui-qt-debuginfo-4.2.11-150600.18.20.1
    * wireshark-debugsource-4.2.11-150600.18.20.1
    * wireshark-debuginfo-4.2.11-150600.18.20.1
    * wireshark-devel-4.2.11-150600.18.20.1

## References:

  * https://www.suse.com/security/cve/CVE-2025-1492.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237414

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250228/cf6a28c2/attachment-0001.htm>

From null at suse.de  Fri Feb 28 20:30:25 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 28 Feb 2025 20:30:25 -0000
Subject: SUSE-SU-2025:0753-1: moderate: Security update for tiff
Message-ID: <174077462514.31458.7040102727882317079@smelt2.prg2.suse.org>



# Security update for tiff

Announcement ID: SUSE-SU-2025:0753-1  
Release Date: 2025-02-28T16:30:46Z  
Rating: moderate  
References:

  * bsc#1212607
  * bsc#1219213
  * bsc#1236834

  
Cross-References:

  * CVE-2023-25435
  * CVE-2023-52356

  
CVSS scores:

  * CVE-2023-25435 ( SUSE ):  6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L
  * CVE-2023-25435 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2023-25435 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2023-52356 ( SUSE ):  5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
  * CVE-2023-52356 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-52356 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Package Hub 15 15-SP6

  
  
An update that solves two vulnerabilities and has one security fix can now be
installed.

## Description:

This update for tiff fixes the following issues:

  * CVE-2023-25435: Heap-buffer-overflow in extractContigSamplesShifted8bits()
    in tiffcrop.c (bsc#1212607).
  * CVE-2023-52356: Segment fault in libtiff in TIFFReadRGBATileExt() leading to
    denial of service (bsc#1219213).

Other bugfixes:

  * Fixed tiff build issue on s390x as test 12 test_directory fails
    (bsc#1236834).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Package Hub 15 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-753=1

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-753=1 openSUSE-SLE-15.6-2025-753=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-753=1

## Package List:

  * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64)
    * tiff-debugsource-4.7.0-150600.3.8.1
    * tiff-4.7.0-150600.3.8.1
    * tiff-debuginfo-4.7.0-150600.3.8.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * tiff-4.7.0-150600.3.8.1
    * tiff-debuginfo-4.7.0-150600.3.8.1
    * libtiff6-4.7.0-150600.3.8.1
    * libtiff6-debuginfo-4.7.0-150600.3.8.1
    * libtiff-devel-4.7.0-150600.3.8.1
    * tiff-debugsource-4.7.0-150600.3.8.1
  * openSUSE Leap 15.6 (noarch)
    * tiff-docs-4.7.0-150600.3.8.1
    * libtiff-devel-docs-4.7.0-150600.3.8.1
  * openSUSE Leap 15.6 (x86_64)
    * libtiff6-32bit-debuginfo-4.7.0-150600.3.8.1
    * libtiff-devel-32bit-4.7.0-150600.3.8.1
    * libtiff6-32bit-4.7.0-150600.3.8.1
  * openSUSE Leap 15.6 (aarch64_ilp32)
    * libtiff6-64bit-debuginfo-4.7.0-150600.3.8.1
    * libtiff6-64bit-4.7.0-150600.3.8.1
    * libtiff-devel-64bit-4.7.0-150600.3.8.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * tiff-debuginfo-4.7.0-150600.3.8.1
    * libtiff6-4.7.0-150600.3.8.1
    * libtiff6-debuginfo-4.7.0-150600.3.8.1
    * libtiff-devel-4.7.0-150600.3.8.1
    * tiff-debugsource-4.7.0-150600.3.8.1
  * Basesystem Module 15-SP6 (x86_64)
    * libtiff6-32bit-debuginfo-4.7.0-150600.3.8.1
    * libtiff6-32bit-4.7.0-150600.3.8.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-25435.html
  * https://www.suse.com/security/cve/CVE-2023-52356.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1212607
  * https://bugzilla.suse.com/show_bug.cgi?id=1219213
  * https://bugzilla.suse.com/show_bug.cgi?id=1236834

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250228/d0e57260/attachment-0001.htm>

From null at suse.de  Fri Feb 28 20:30:32 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 28 Feb 2025 20:30:32 -0000
Subject: SUSE-SU-2025:0752-1: important: Security update for ovmf
Message-ID: <174077463218.31458.7643038810379982248@smelt2.prg2.suse.org>



# Security update for ovmf

Announcement ID: SUSE-SU-2025:0752-1  
Release Date: 2025-02-28T16:27:49Z  
Rating: important  
References:

  * bsc#1218879
  * bsc#1218880
  * bsc#1218881
  * bsc#1218882
  * bsc#1218883
  * bsc#1218884
  * bsc#1218885

  
Cross-References:

  * CVE-2023-45229
  * CVE-2023-45230
  * CVE-2023-45231
  * CVE-2023-45232
  * CVE-2023-45233
  * CVE-2023-45234
  * CVE-2023-45235

  
CVSS scores:

  * CVE-2023-45229 ( SUSE ):  6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-45229 ( NVD ):  6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-45230 ( SUSE ):  8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
  * CVE-2023-45230 ( NVD ):  8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-45230 ( NVD ):  8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
  * CVE-2023-45231 ( SUSE ):  6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-45231 ( NVD ):  6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  * CVE-2023-45232 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-45232 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-45232 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-45233 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-45233 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-45233 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-45234 ( SUSE ):  8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
  * CVE-2023-45234 ( NVD ):  8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-45234 ( NVD ):  8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
  * CVE-2023-45235 ( SUSE ):  8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
  * CVE-2023-45235 ( NVD ):  8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-45235 ( NVD ):  8.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H

  
Affected Products:

  * openSUSE Leap 15.3
  * SUSE Enterprise Storage 7.1
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.2
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP3 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3

  
  
An update that solves seven vulnerabilities can now be installed.

## Description:

This update for ovmf fixes the following issues:

  * CVE-2023-45229: out-of-bounds read in edk2 when processing IA_NA/IA_TA
    options in DHCPv6 Advertise messages. (bsc#1218879)
  * CVE-2023-45230: buffer overflow in the DHCPv6 client in edk2 via a long
    Server ID option. (bsc#1218880)
  * CVE-2023-45231: out-of-bounds read in edk2 when handling a ND Redirect
    message with truncated options. (bsc#1218881)
  * CVE-2023-45232: infinite loop in edk2 when parsing unknown options in the
    Destination Options header. (bsc#1218882)
  * CVE-2023-45233: infinite loop in edk2 when parsing PadN options in the
    Destination Options header. (bsc#1218883)
  * CVE-2023-45234: buffer overflow in edk2 when processing DNS Servers options
    in a DHCPv6 Advertise message. (bsc#1218884)
  * CVE-2023-45235: buffer overflow in edk2 when handling the Server ID option
    in a DHCPv6 proxy Advertise message. (bsc#1218885)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.3  
    zypper in -t patch SUSE-2025-752=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-752=1

  * SUSE Linux Enterprise Server 15 SP3 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-752=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP3  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-752=1

  * SUSE Enterprise Storage 7.1  
    zypper in -t patch SUSE-Storage-7.1-2025-752=1

  * SUSE Linux Enterprise Micro 5.1  
    zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-752=1

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-752=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-752=1

## Package List:

  * openSUSE Leap 15.3 (aarch64 x86_64)
    * ovmf-202008-150300.10.26.1
    * ovmf-tools-202008-150300.10.26.1
  * openSUSE Leap 15.3 (noarch)
    * qemu-uefi-aarch32-202008-150300.10.26.1
    * qemu-uefi-aarch64-202008-150300.10.26.1
    * qemu-ovmf-x86_64-202008-150300.10.26.1
    * qemu-ovmf-ia32-202008-150300.10.26.1
  * openSUSE Leap 15.3 (x86_64)
    * qemu-ovmf-x86_64-debug-202008-150300.10.26.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
    x86_64)
    * ovmf-202008-150300.10.26.1
    * ovmf-tools-202008-150300.10.26.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
    * qemu-ovmf-x86_64-202008-150300.10.26.1
    * qemu-uefi-aarch64-202008-150300.10.26.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 x86_64)
    * ovmf-202008-150300.10.26.1
    * ovmf-tools-202008-150300.10.26.1
  * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
    * qemu-ovmf-x86_64-202008-150300.10.26.1
    * qemu-uefi-aarch64-202008-150300.10.26.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64)
    * ovmf-202008-150300.10.26.1
    * ovmf-tools-202008-150300.10.26.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
    * qemu-ovmf-x86_64-202008-150300.10.26.1
  * SUSE Enterprise Storage 7.1 (aarch64 x86_64)
    * ovmf-202008-150300.10.26.1
    * ovmf-tools-202008-150300.10.26.1
  * SUSE Enterprise Storage 7.1 (noarch)
    * qemu-ovmf-x86_64-202008-150300.10.26.1
    * qemu-uefi-aarch64-202008-150300.10.26.1
  * SUSE Linux Enterprise Micro 5.1 (noarch)
    * qemu-ovmf-x86_64-202008-150300.10.26.1
    * qemu-uefi-aarch64-202008-150300.10.26.1
  * SUSE Linux Enterprise Micro 5.2 (noarch)
    * qemu-ovmf-x86_64-202008-150300.10.26.1
    * qemu-uefi-aarch64-202008-150300.10.26.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch)
    * qemu-ovmf-x86_64-202008-150300.10.26.1
    * qemu-uefi-aarch64-202008-150300.10.26.1

## References:

  * https://www.suse.com/security/cve/CVE-2023-45229.html
  * https://www.suse.com/security/cve/CVE-2023-45230.html
  * https://www.suse.com/security/cve/CVE-2023-45231.html
  * https://www.suse.com/security/cve/CVE-2023-45232.html
  * https://www.suse.com/security/cve/CVE-2023-45233.html
  * https://www.suse.com/security/cve/CVE-2023-45234.html
  * https://www.suse.com/security/cve/CVE-2023-45235.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1218879
  * https://bugzilla.suse.com/show_bug.cgi?id=1218880
  * https://bugzilla.suse.com/show_bug.cgi?id=1218881
  * https://bugzilla.suse.com/show_bug.cgi?id=1218882
  * https://bugzilla.suse.com/show_bug.cgi?id=1218883
  * https://bugzilla.suse.com/show_bug.cgi?id=1218884
  * https://bugzilla.suse.com/show_bug.cgi?id=1218885

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250228/481a33ce/attachment.htm>

From null at suse.de  Fri Feb 28 20:30:34 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 28 Feb 2025 20:30:34 -0000
Subject: SUSE-SU-2025:0751-1: important: Security update for azure-cli
Message-ID: <174077463491.31458.6474794425619653733@smelt2.prg2.suse.org>



# Security update for azure-cli

Announcement ID: SUSE-SU-2025:0751-1  
Release Date: 2025-02-28T16:26:27Z  
Rating: important  
References:

  * bsc#1231971

  
Cross-References:

  * CVE-2024-43591

  
CVSS scores:

  * CVE-2024-43591 ( SUSE ):  8.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H
  * CVE-2024-43591 ( NVD ):  8.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H
  * CVE-2024-43591 ( NVD ):  9.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * openSUSE Leap 15.6
  * Public Cloud Module 15-SP4
  * Public Cloud Module 15-SP5
  * Public Cloud Module 15-SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for azure-cli fixes the following issues:

  * CVE-2024-43591: improper neutralization of special elements could allow
    users to run Azure CLI commands that result in certain service management
    operations being performed with System level permissions in Azure Defender
    for Cloud (bsc#1231971).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-751=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-751=1

  * Public Cloud Module 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-751=1

  * Public Cloud Module 15-SP5  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2025-751=1

  * Public Cloud Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-751=1

## Package List:

  * openSUSE Leap 15.4 (noarch)
    * azure-cli-2.58.0-150400.14.12.1
  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * azure-cli-test-2.58.0-150400.14.12.1
  * openSUSE Leap 15.6 (noarch)
    * azure-cli-2.58.0-150400.14.12.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * azure-cli-test-2.58.0-150400.14.12.1
  * Public Cloud Module 15-SP4 (noarch)
    * azure-cli-2.58.0-150400.14.12.1
  * Public Cloud Module 15-SP5 (noarch)
    * azure-cli-2.58.0-150400.14.12.1
  * Public Cloud Module 15-SP6 (noarch)
    * azure-cli-2.58.0-150400.14.12.1
  * Public Cloud Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * azure-cli-test-2.58.0-150400.14.12.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-43591.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1231971

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250228/89ffedb6/attachment.htm>

From null at suse.de  Fri Feb 28 20:30:37 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 28 Feb 2025 20:30:37 -0000
Subject: SUSE-SU-2025:0750-1: moderate: Security update for
 python-azure-identity
Message-ID: <174077463771.31458.8932908260128038840@smelt2.prg2.suse.org>



# Security update for python-azure-identity

Announcement ID: SUSE-SU-2025:0750-1  
Release Date: 2025-02-28T16:25:48Z  
Rating: moderate  
References:

  * bsc#1230100

  
Cross-References:

  * CVE-2024-35255

  
CVSS scores:

  * CVE-2024-35255 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
  * CVE-2024-35255 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

  
Affected Products:

  * openSUSE Leap 15.6
  * Public Cloud Module 15-SP3
  * Public Cloud Module 15-SP4
  * Public Cloud Module 15-SP5
  * Public Cloud Module 15-SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP3
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise Server 15 SP3
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP3
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6
  * SUSE Manager Proxy 4.2
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.2
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.2
  * SUSE Manager Server 4.3

  
  
An update that solves one vulnerability can now be installed.

## Description:

This update for python-azure-identity fixes the following issues:

  * CVE-2024-35255: race condition leading to privilege escalation and
    unauthorized access to sensitive information in Azure Identity libraries
    (bsc#1230100).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-750=1

  * Public Cloud Module 15-SP3  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2025-750=1

  * Public Cloud Module 15-SP4  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-750=1

  * Public Cloud Module 15-SP5  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2025-750=1

  * Public Cloud Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-750=1

## Package List:

  * openSUSE Leap 15.6 (noarch)
    * python3-azure-identity-1.10.0.0-150200.6.7.1
  * Public Cloud Module 15-SP3 (noarch)
    * python3-azure-identity-1.10.0.0-150200.6.7.1
  * Public Cloud Module 15-SP4 (noarch)
    * python3-azure-identity-1.10.0.0-150200.6.7.1
  * Public Cloud Module 15-SP5 (noarch)
    * python3-azure-identity-1.10.0.0-150200.6.7.1
  * Public Cloud Module 15-SP6 (noarch)
    * python3-azure-identity-1.10.0.0-150200.6.7.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-35255.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1230100

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250228/c9eadec7/attachment.htm>

From null at suse.de  Fri Feb 28 20:30:41 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 28 Feb 2025 20:30:41 -0000
Subject: SUSE-RU-2025:0749-1: moderate: Recommended update for samba
Message-ID: <174077464180.31458.10621442009587643706@smelt2.prg2.suse.org>



# Recommended update for samba

Announcement ID: SUSE-RU-2025:0749-1  
Release Date: 2025-02-28T16:23:32Z  
Rating: moderate  
References:

  * bsc#1215212
  * bsc#1233880
  * bsc#1236803

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Availability Extension 15 SP6
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that has three fixes can now be installed.

## Description:

This update for samba fixes the following issues:

  * Fix crossing automounter mount points (bsc#1215212, bsc#1236803).
  * Update shipped /etc/samba/smb.conf to point to smb.conf man page
    (bsc#1233880).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.6  
    zypper in -t patch SUSE-2025-749=1 openSUSE-SLE-15.6-2025-749=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-749=1

  * SUSE Linux Enterprise High Availability Extension 15 SP6  
    zypper in -t patch SUSE-SLE-Product-HA-15-SP6-2025-749=1

## Package List:

  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
    * samba-tool-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-debugsource-4.19.8+git.404.38b26805d4-150600.3.12.2
    * libsamba-policy0-python3-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2
    * ctdb-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-winbind-4.19.8+git.404.38b26805d4-150600.3.12.2
    * libsamba-policy0-python3-4.19.8+git.404.38b26805d4-150600.3.12.2
    * libsamba-policy-devel-4.19.8+git.404.38b26805d4-150600.3.12.2
    * libsamba-policy-python3-devel-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-libs-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-client-libs-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-libs-python3-4.19.8+git.404.38b26805d4-150600.3.12.2
    * ctdb-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-dcerpc-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-winbind-libs-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-devel-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-python3-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-ldb-ldap-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-client-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2
    * ctdb-pcp-pmda-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-winbind-libs-4.19.8+git.404.38b26805d4-150600.3.12.2
    * ctdb-pcp-pmda-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-python3-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-libs-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-client-libs-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-winbind-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-dcerpc-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-test-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-libs-python3-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-gpupdate-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-ldb-ldap-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-client-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-test-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2
  * openSUSE Leap 15.6 (x86_64)
    * libsamba-policy0-python3-32bit-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-devel-32bit-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-winbind-libs-32bit-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-libs-python3-32bit-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-client-libs-32bit-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-libs-32bit-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-client-32bit-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2
    * libsamba-policy0-python3-32bit-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-client-libs-32bit-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-libs-32bit-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-winbind-libs-32bit-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-client-32bit-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-libs-python3-32bit-4.19.8+git.404.38b26805d4-150600.3.12.2
  * openSUSE Leap 15.6 (noarch)
    * samba-doc-4.19.8+git.404.38b26805d4-150600.3.12.2
  * openSUSE Leap 15.6 (aarch64 x86_64)
    * samba-ceph-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-ceph-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2
  * openSUSE Leap 15.6 (aarch64_ilp32)
    * samba-winbind-libs-64bit-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-client-64bit-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-devel-64bit-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-client-64bit-4.19.8+git.404.38b26805d4-150600.3.12.2
    * libsamba-policy0-python3-64bit-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2
    * libsamba-policy0-python3-64bit-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-libs-64bit-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-libs-64bit-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-libs-python3-64bit-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-client-libs-64bit-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-winbind-libs-64bit-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-libs-python3-64bit-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-client-libs-64bit-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * samba-tool-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-debugsource-4.19.8+git.404.38b26805d4-150600.3.12.2
    * libsamba-policy0-python3-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-winbind-4.19.8+git.404.38b26805d4-150600.3.12.2
    * libsamba-policy0-python3-4.19.8+git.404.38b26805d4-150600.3.12.2
    * libsamba-policy-devel-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-libs-4.19.8+git.404.38b26805d4-150600.3.12.2
    * libsamba-policy-python3-devel-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-client-libs-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-libs-python3-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-dcerpc-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-winbind-libs-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-devel-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-python3-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-ldb-ldap-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-client-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-python3-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-libs-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-client-libs-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-winbind-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-dcerpc-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-libs-python3-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-gpupdate-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-ldb-ldap-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-client-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-winbind-libs-4.19.8+git.404.38b26805d4-150600.3.12.2
  * Basesystem Module 15-SP6 (aarch64 x86_64)
    * samba-ceph-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-ceph-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2
  * Basesystem Module 15-SP6 (x86_64)
    * samba-winbind-libs-32bit-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-client-libs-32bit-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-libs-32bit-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-client-libs-32bit-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-libs-32bit-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-winbind-libs-32bit-4.19.8+git.404.38b26805d4-150600.3.12.2
  * SUSE Linux Enterprise High Availability Extension 15 SP6 (aarch64 ppc64le
    s390x x86_64)
    * samba-debugsource-4.19.8+git.404.38b26805d4-150600.3.12.2
    * ctdb-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2
    * ctdb-4.19.8+git.404.38b26805d4-150600.3.12.2
    * samba-debuginfo-4.19.8+git.404.38b26805d4-150600.3.12.2

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1215212
  * https://bugzilla.suse.com/show_bug.cgi?id=1233880
  * https://bugzilla.suse.com/show_bug.cgi?id=1236803

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250228/5cd224ca/attachment.htm>

From null at suse.de  Fri Feb 28 20:30:46 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 28 Feb 2025 20:30:46 -0000
Subject: SUSE-SU-2025:0748-1: important: Security update for libxml2
Message-ID: <174077464610.31458.9244376657141141255@smelt2.prg2.suse.org>



# Security update for libxml2

Announcement ID: SUSE-SU-2025:0748-1  
Release Date: 2025-02-28T16:14:28Z  
Rating: important  
References:

  * bsc#1237363
  * bsc#1237370
  * bsc#1237418

  
Cross-References:

  * CVE-2024-56171
  * CVE-2025-24928
  * CVE-2025-27113

  
CVSS scores:

  * CVE-2024-56171 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56171 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-56171 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
  * CVE-2025-24928 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-24928 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L
  * CVE-2025-24928 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
  * CVE-2025-27113 ( SUSE ):  5.1
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-27113 ( SUSE ):  4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2025-27113 ( NVD ):  2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2025-27113 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * openSUSE Leap 15.4
  * SUSE Linux Enterprise High Performance Computing 15 SP4
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  * SUSE Linux Enterprise Micro 5.3
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro for Rancher 5.3
  * SUSE Linux Enterprise Micro for Rancher 5.4
  * SUSE Linux Enterprise Server 15 SP4
  * SUSE Linux Enterprise Server 15 SP4 LTSS
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4
  * SUSE Manager Proxy 4.3
  * SUSE Manager Retail Branch Server 4.3
  * SUSE Manager Server 4.3

  
  
An update that solves three vulnerabilities can now be installed.

## Description:

This update for libxml2 fixes the following issues:

  * CVE-2024-56171: use-after-free in xmlSchemaIDCFillNodeTables and
    xmlSchemaBubbleIDCNodeTables in xmlschemas.c (bsc#1237363).
  * CVE-2025-24928: stack-based buffer overflow in xmlSnprintfElements in
    valid.c (bsc#1237370).
  * CVE-2025-27113: NULL pointer dereference in xmlPatMatch in pattern.c
    (bsc#1237418).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-748=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2025-748=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-748=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-748=1

  * SUSE Linux Enterprise Server 15 SP4 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-748=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP4  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-748=1

  * SUSE Manager Proxy 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-748=1

  * SUSE Manager Retail Branch Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2025-748=1

  * SUSE Manager Server 4.3  
    zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-748=1

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2025-748=1

  * SUSE Linux Enterprise Micro for Rancher 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-748=1

  * SUSE Linux Enterprise Micro 5.3  
    zypper in -t patch SUSE-SLE-Micro-5.3-2025-748=1

## Package List:

  * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
    * libxml2-2-2.9.14-150400.5.38.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-2.9.14-150400.5.38.1
    * libxml2-python-debugsource-2.9.14-150400.5.38.1
    * libxml2-debugsource-2.9.14-150400.5.38.1
    * libxml2-tools-2.9.14-150400.5.38.1
    * libxml2-2-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.38.1
  * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
    * libxml2-2-2.9.14-150400.5.38.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-2.9.14-150400.5.38.1
    * libxml2-python-debugsource-2.9.14-150400.5.38.1
    * libxml2-debugsource-2.9.14-150400.5.38.1
    * libxml2-tools-2.9.14-150400.5.38.1
    * libxml2-2-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.38.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
    x86_64)
    * libxml2-2-2.9.14-150400.5.38.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-2.9.14-150400.5.38.1
    * python311-libxml2-2.9.14-150400.5.38.1
    * libxml2-devel-2.9.14-150400.5.38.1
    * python311-libxml2-debuginfo-2.9.14-150400.5.38.1
    * libxml2-debugsource-2.9.14-150400.5.38.1
    * libxml2-tools-2.9.14-150400.5.38.1
    * libxml2-2-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.38.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
    * libxml2-2-32bit-debuginfo-2.9.14-150400.5.38.1
    * libxml2-2-32bit-2.9.14-150400.5.38.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
    x86_64)
    * libxml2-2-2.9.14-150400.5.38.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-2.9.14-150400.5.38.1
    * python311-libxml2-2.9.14-150400.5.38.1
    * libxml2-devel-2.9.14-150400.5.38.1
    * python311-libxml2-debuginfo-2.9.14-150400.5.38.1
    * libxml2-debugsource-2.9.14-150400.5.38.1
    * libxml2-tools-2.9.14-150400.5.38.1
    * libxml2-2-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.38.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
    * libxml2-2-32bit-debuginfo-2.9.14-150400.5.38.1
    * libxml2-2-32bit-2.9.14-150400.5.38.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
    * libxml2-2-2.9.14-150400.5.38.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-2.9.14-150400.5.38.1
    * python311-libxml2-2.9.14-150400.5.38.1
    * libxml2-devel-2.9.14-150400.5.38.1
    * python311-libxml2-debuginfo-2.9.14-150400.5.38.1
    * libxml2-debugsource-2.9.14-150400.5.38.1
    * libxml2-tools-2.9.14-150400.5.38.1
    * libxml2-2-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.38.1
  * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64)
    * libxml2-2-32bit-debuginfo-2.9.14-150400.5.38.1
    * libxml2-2-32bit-2.9.14-150400.5.38.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
    * libxml2-2-2.9.14-150400.5.38.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-2.9.14-150400.5.38.1
    * python311-libxml2-2.9.14-150400.5.38.1
    * libxml2-devel-2.9.14-150400.5.38.1
    * python311-libxml2-debuginfo-2.9.14-150400.5.38.1
    * libxml2-debugsource-2.9.14-150400.5.38.1
    * libxml2-tools-2.9.14-150400.5.38.1
    * libxml2-2-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.38.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
    * libxml2-2-32bit-debuginfo-2.9.14-150400.5.38.1
    * libxml2-2-32bit-2.9.14-150400.5.38.1
  * SUSE Manager Proxy 4.3 (x86_64)
    * libxml2-2-32bit-debuginfo-2.9.14-150400.5.38.1
    * libxml2-2-2.9.14-150400.5.38.1
    * libxml2-2-32bit-2.9.14-150400.5.38.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-2.9.14-150400.5.38.1
    * libxml2-devel-2.9.14-150400.5.38.1
    * libxml2-debugsource-2.9.14-150400.5.38.1
    * libxml2-tools-2.9.14-150400.5.38.1
    * libxml2-2-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.38.1
  * SUSE Manager Retail Branch Server 4.3 (x86_64)
    * libxml2-2-32bit-debuginfo-2.9.14-150400.5.38.1
    * libxml2-2-2.9.14-150400.5.38.1
    * libxml2-2-32bit-2.9.14-150400.5.38.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-2.9.14-150400.5.38.1
    * libxml2-devel-2.9.14-150400.5.38.1
    * libxml2-debugsource-2.9.14-150400.5.38.1
    * libxml2-tools-2.9.14-150400.5.38.1
    * libxml2-2-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.38.1
  * SUSE Manager Server 4.3 (ppc64le s390x x86_64)
    * libxml2-2-2.9.14-150400.5.38.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-2.9.14-150400.5.38.1
    * libxml2-devel-2.9.14-150400.5.38.1
    * libxml2-debugsource-2.9.14-150400.5.38.1
    * libxml2-tools-2.9.14-150400.5.38.1
    * libxml2-2-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.38.1
  * SUSE Manager Server 4.3 (x86_64)
    * libxml2-2-32bit-debuginfo-2.9.14-150400.5.38.1
    * libxml2-2-32bit-2.9.14-150400.5.38.1
  * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
    * libxml2-2-2.9.14-150400.5.38.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-2.9.14-150400.5.38.1
    * python311-libxml2-2.9.14-150400.5.38.1
    * libxml2-devel-2.9.14-150400.5.38.1
    * libxml2-python-debugsource-2.9.14-150400.5.38.1
    * python311-libxml2-debuginfo-2.9.14-150400.5.38.1
    * libxml2-debugsource-2.9.14-150400.5.38.1
    * libxml2-tools-2.9.14-150400.5.38.1
    * libxml2-2-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.38.1
  * openSUSE Leap 15.4 (x86_64)
    * libxml2-2-32bit-debuginfo-2.9.14-150400.5.38.1
    * libxml2-devel-32bit-2.9.14-150400.5.38.1
    * libxml2-2-32bit-2.9.14-150400.5.38.1
  * openSUSE Leap 15.4 (noarch)
    * libxml2-doc-2.9.14-150400.5.38.1
  * openSUSE Leap 15.4 (aarch64_ilp32)
    * libxml2-2-64bit-debuginfo-2.9.14-150400.5.38.1
    * libxml2-devel-64bit-2.9.14-150400.5.38.1
    * libxml2-2-64bit-2.9.14-150400.5.38.1
  * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
    * libxml2-2-2.9.14-150400.5.38.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-2.9.14-150400.5.38.1
    * libxml2-python-debugsource-2.9.14-150400.5.38.1
    * libxml2-debugsource-2.9.14-150400.5.38.1
    * libxml2-tools-2.9.14-150400.5.38.1
    * libxml2-2-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.38.1
  * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
    * libxml2-2-2.9.14-150400.5.38.1
    * libxml2-tools-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-2.9.14-150400.5.38.1
    * libxml2-python-debugsource-2.9.14-150400.5.38.1
    * libxml2-debugsource-2.9.14-150400.5.38.1
    * libxml2-tools-2.9.14-150400.5.38.1
    * libxml2-2-debuginfo-2.9.14-150400.5.38.1
    * python3-libxml2-debuginfo-2.9.14-150400.5.38.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-56171.html
  * https://www.suse.com/security/cve/CVE-2025-24928.html
  * https://www.suse.com/security/cve/CVE-2025-27113.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237363
  * https://bugzilla.suse.com/show_bug.cgi?id=1237370
  * https://bugzilla.suse.com/show_bug.cgi?id=1237418

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250228/68b59e1d/attachment.htm>

From null at suse.de  Fri Feb 28 20:30:50 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 28 Feb 2025 20:30:50 -0000
Subject: SUSE-SU-2025:0747-1: important: Security update for libxml2
Message-ID: <174077465004.31458.9218137414138915165@smelt2.prg2.suse.org>



# Security update for libxml2

Announcement ID: SUSE-SU-2025:0747-1  
Release Date: 2025-02-28T16:11:50Z  
Rating: important  
References:

  * bsc#1237363
  * bsc#1237370
  * bsc#1237418

  
Cross-References:

  * CVE-2024-56171
  * CVE-2025-24928
  * CVE-2025-27113

  
CVSS scores:

  * CVE-2024-56171 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56171 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-56171 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
  * CVE-2025-24928 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-24928 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L
  * CVE-2025-24928 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
  * CVE-2025-27113 ( SUSE ):  5.1
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-27113 ( SUSE ):  4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2025-27113 ( NVD ):  2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2025-27113 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Server 12 SP5
  * SUSE Linux Enterprise Server 12 SP5 LTSS
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  * SUSE Linux Enterprise Server for SAP Applications 12 SP5

  
  
An update that solves three vulnerabilities can now be installed.

## Description:

This update for libxml2 fixes the following issues:

  * CVE-2024-56171: use-after-free in xmlSchemaIDCFillNodeTables and
    xmlSchemaBubbleIDCNodeTables in xmlschemas.c (bsc#1237363).
  * CVE-2025-24928: stack-based buffer overflow in xmlSnprintfElements in
    valid.c (bsc#1237370).
  * CVE-2025-27113: NULL pointer dereference in xmlPatMatch in pattern.c
    (bsc#1237418).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Server 12 SP5 LTSS  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-747=1

  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security  
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-747=1

## Package List:

  * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * libxml2-tools-debuginfo-2.9.4-46.81.1
    * libxml2-2-2.9.4-46.81.1
    * libxml2-2-debuginfo-2.9.4-46.81.1
    * python-libxml2-2.9.4-46.81.1
    * python-libxml2-debuginfo-2.9.4-46.81.1
    * python-libxml2-debugsource-2.9.4-46.81.1
    * libxml2-tools-2.9.4-46.81.1
    * libxml2-devel-2.9.4-46.81.1
    * libxml2-debugsource-2.9.4-46.81.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch)
    * libxml2-doc-2.9.4-46.81.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64)
    * libxml2-2-32bit-2.9.4-46.81.1
    * libxml2-2-debuginfo-32bit-2.9.4-46.81.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64)
    * libxml2-tools-debuginfo-2.9.4-46.81.1
    * libxml2-2-2.9.4-46.81.1
    * libxml2-2-debuginfo-2.9.4-46.81.1
    * python-libxml2-2.9.4-46.81.1
    * python-libxml2-debuginfo-2.9.4-46.81.1
    * python-libxml2-debugsource-2.9.4-46.81.1
    * libxml2-tools-2.9.4-46.81.1
    * libxml2-devel-2.9.4-46.81.1
    * libxml2-2-32bit-2.9.4-46.81.1
    * libxml2-2-debuginfo-32bit-2.9.4-46.81.1
    * libxml2-debugsource-2.9.4-46.81.1
  * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch)
    * libxml2-doc-2.9.4-46.81.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-56171.html
  * https://www.suse.com/security/cve/CVE-2025-24928.html
  * https://www.suse.com/security/cve/CVE-2025-27113.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237363
  * https://bugzilla.suse.com/show_bug.cgi?id=1237370
  * https://bugzilla.suse.com/show_bug.cgi?id=1237418

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250228/bbb7e27c/attachment.htm>

From null at suse.de  Fri Feb 28 20:30:54 2025
From: null at suse.de (SLE-UPDATES)
Date: Fri, 28 Feb 2025 20:30:54 -0000
Subject: SUSE-SU-2025:0746-1: important: Security update for libxml2
Message-ID: <174077465418.31458.13170157322304620572@smelt2.prg2.suse.org>



# Security update for libxml2

Announcement ID: SUSE-SU-2025:0746-1  
Release Date: 2025-02-28T16:10:45Z  
Rating: important  
References:

  * bsc#1237363
  * bsc#1237370
  * bsc#1237418

  
Cross-References:

  * CVE-2024-56171
  * CVE-2025-24928
  * CVE-2025-27113

  
CVSS scores:

  * CVE-2024-56171 ( SUSE ):  7.3
    CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  * CVE-2024-56171 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
  * CVE-2024-56171 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
  * CVE-2025-24928 ( SUSE ):  6.8
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-24928 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L
  * CVE-2025-24928 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
  * CVE-2025-27113 ( SUSE ):  5.1
    CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
  * CVE-2025-27113 ( SUSE ):  4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2025-27113 ( NVD ):  2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
  * CVE-2025-27113 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * Basesystem Module 15-SP6
  * openSUSE Leap 15.5
  * openSUSE Leap 15.6
  * Python 3 Module 15-SP6
  * SUSE Linux Enterprise Desktop 15 SP6
  * SUSE Linux Enterprise High Performance Computing 15 SP5
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  * SUSE Linux Enterprise Micro 5.5
  * SUSE Linux Enterprise Real Time 15 SP6
  * SUSE Linux Enterprise Server 15 SP5
  * SUSE Linux Enterprise Server 15 SP5 LTSS
  * SUSE Linux Enterprise Server 15 SP6
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5
  * SUSE Linux Enterprise Server for SAP Applications 15 SP6

  
  
An update that solves three vulnerabilities can now be installed.

## Description:

This update for libxml2 fixes the following issues:

  * CVE-2024-56171: use-after-free in xmlSchemaIDCFillNodeTables and
    xmlSchemaBubbleIDCNodeTables in xmlschemas.c (bsc#1237363).
  * CVE-2025-24928: stack-based buffer overflow in xmlSnprintfElements in
    valid.c (bsc#1237370).
  * CVE-2025-27113: NULL pointer dereference in xmlPatMatch in pattern.c
    (bsc#1237418).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.5  
    zypper in -t patch SUSE-2025-746=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2025-746=1

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2025-746=1

  * Basesystem Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-746=1

  * Python 3 Module 15-SP6  
    zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2025-746=1

  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-746=1

  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5  
    zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-746=1

  * SUSE Linux Enterprise Server 15 SP5 LTSS  
    zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-746=1

  * SUSE Linux Enterprise Server for SAP Applications 15 SP5  
    zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-746=1

## Package List:

  * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
    * libxml2-tools-2.10.3-150500.5.23.1
    * libxml2-tools-debuginfo-2.10.3-150500.5.23.1
    * libxml2-2-debuginfo-2.10.3-150500.5.23.1
    * libxml2-debugsource-2.10.3-150500.5.23.1
    * libxml2-2-2.10.3-150500.5.23.1
    * python3-libxml2-debuginfo-2.10.3-150500.5.23.1
    * libxml2-python-debugsource-2.10.3-150500.5.23.1
    * python3-libxml2-2.10.3-150500.5.23.1
    * libxml2-devel-2.10.3-150500.5.23.1
    * python311-libxml2-debuginfo-2.10.3-150500.5.23.1
    * python311-libxml2-2.10.3-150500.5.23.1
  * openSUSE Leap 15.5 (x86_64)
    * libxml2-devel-32bit-2.10.3-150500.5.23.1
    * libxml2-2-32bit-2.10.3-150500.5.23.1
    * libxml2-2-32bit-debuginfo-2.10.3-150500.5.23.1
  * openSUSE Leap 15.5 (noarch)
    * libxml2-doc-2.10.3-150500.5.23.1
  * openSUSE Leap 15.5 (aarch64_ilp32)
    * libxml2-2-64bit-debuginfo-2.10.3-150500.5.23.1
    * libxml2-2-64bit-2.10.3-150500.5.23.1
    * libxml2-devel-64bit-2.10.3-150500.5.23.1
  * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
    * libxml2-tools-2.10.3-150500.5.23.1
    * libxml2-tools-debuginfo-2.10.3-150500.5.23.1
    * libxml2-2-debuginfo-2.10.3-150500.5.23.1
    * libxml2-debugsource-2.10.3-150500.5.23.1
    * libxml2-2-2.10.3-150500.5.23.1
    * python3-libxml2-debuginfo-2.10.3-150500.5.23.1
    * libxml2-python-debugsource-2.10.3-150500.5.23.1
    * python3-libxml2-2.10.3-150500.5.23.1
    * libxml2-devel-2.10.3-150500.5.23.1
    * python311-libxml2-debuginfo-2.10.3-150500.5.23.1
    * python311-libxml2-2.10.3-150500.5.23.1
  * openSUSE Leap 15.6 (x86_64)
    * libxml2-devel-32bit-2.10.3-150500.5.23.1
    * libxml2-2-32bit-2.10.3-150500.5.23.1
    * libxml2-2-32bit-debuginfo-2.10.3-150500.5.23.1
  * openSUSE Leap 15.6 (noarch)
    * libxml2-doc-2.10.3-150500.5.23.1
  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * libxml2-tools-2.10.3-150500.5.23.1
    * libxml2-tools-debuginfo-2.10.3-150500.5.23.1
    * libxml2-2-debuginfo-2.10.3-150500.5.23.1
    * libxml2-debugsource-2.10.3-150500.5.23.1
    * libxml2-2-2.10.3-150500.5.23.1
    * python3-libxml2-debuginfo-2.10.3-150500.5.23.1
    * libxml2-python-debugsource-2.10.3-150500.5.23.1
    * python3-libxml2-2.10.3-150500.5.23.1
  * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * libxml2-tools-2.10.3-150500.5.23.1
    * libxml2-tools-debuginfo-2.10.3-150500.5.23.1
    * libxml2-2-debuginfo-2.10.3-150500.5.23.1
    * libxml2-debugsource-2.10.3-150500.5.23.1
    * libxml2-2-2.10.3-150500.5.23.1
    * python3-libxml2-debuginfo-2.10.3-150500.5.23.1
    * libxml2-python-debugsource-2.10.3-150500.5.23.1
    * python3-libxml2-2.10.3-150500.5.23.1
    * libxml2-devel-2.10.3-150500.5.23.1
  * Basesystem Module 15-SP6 (x86_64)
    * libxml2-2-32bit-2.10.3-150500.5.23.1
    * libxml2-2-32bit-debuginfo-2.10.3-150500.5.23.1
  * Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64)
    * libxml2-python-debugsource-2.10.3-150500.5.23.1
    * python311-libxml2-debuginfo-2.10.3-150500.5.23.1
    * python311-libxml2-2.10.3-150500.5.23.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
    x86_64)
    * libxml2-tools-2.10.3-150500.5.23.1
    * libxml2-tools-debuginfo-2.10.3-150500.5.23.1
    * libxml2-2-debuginfo-2.10.3-150500.5.23.1
    * libxml2-debugsource-2.10.3-150500.5.23.1
    * libxml2-2-2.10.3-150500.5.23.1
    * python3-libxml2-debuginfo-2.10.3-150500.5.23.1
    * libxml2-python-debugsource-2.10.3-150500.5.23.1
    * python3-libxml2-2.10.3-150500.5.23.1
    * libxml2-devel-2.10.3-150500.5.23.1
    * python311-libxml2-debuginfo-2.10.3-150500.5.23.1
    * python311-libxml2-2.10.3-150500.5.23.1
  * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64)
    * libxml2-2-32bit-2.10.3-150500.5.23.1
    * libxml2-2-32bit-debuginfo-2.10.3-150500.5.23.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
    x86_64)
    * libxml2-tools-2.10.3-150500.5.23.1
    * libxml2-tools-debuginfo-2.10.3-150500.5.23.1
    * libxml2-2-debuginfo-2.10.3-150500.5.23.1
    * libxml2-debugsource-2.10.3-150500.5.23.1
    * libxml2-2-2.10.3-150500.5.23.1
    * python3-libxml2-debuginfo-2.10.3-150500.5.23.1
    * libxml2-python-debugsource-2.10.3-150500.5.23.1
    * python3-libxml2-2.10.3-150500.5.23.1
    * libxml2-devel-2.10.3-150500.5.23.1
    * python311-libxml2-debuginfo-2.10.3-150500.5.23.1
    * python311-libxml2-2.10.3-150500.5.23.1
  * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64)
    * libxml2-2-32bit-2.10.3-150500.5.23.1
    * libxml2-2-32bit-debuginfo-2.10.3-150500.5.23.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
    * libxml2-tools-2.10.3-150500.5.23.1
    * libxml2-tools-debuginfo-2.10.3-150500.5.23.1
    * libxml2-2-debuginfo-2.10.3-150500.5.23.1
    * libxml2-debugsource-2.10.3-150500.5.23.1
    * libxml2-2-2.10.3-150500.5.23.1
    * python3-libxml2-debuginfo-2.10.3-150500.5.23.1
    * libxml2-python-debugsource-2.10.3-150500.5.23.1
    * python3-libxml2-2.10.3-150500.5.23.1
    * libxml2-devel-2.10.3-150500.5.23.1
    * python311-libxml2-debuginfo-2.10.3-150500.5.23.1
    * python311-libxml2-2.10.3-150500.5.23.1
  * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64)
    * libxml2-2-32bit-2.10.3-150500.5.23.1
    * libxml2-2-32bit-debuginfo-2.10.3-150500.5.23.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
    * libxml2-tools-2.10.3-150500.5.23.1
    * libxml2-tools-debuginfo-2.10.3-150500.5.23.1
    * libxml2-2-debuginfo-2.10.3-150500.5.23.1
    * libxml2-debugsource-2.10.3-150500.5.23.1
    * libxml2-2-2.10.3-150500.5.23.1
    * python3-libxml2-debuginfo-2.10.3-150500.5.23.1
    * libxml2-python-debugsource-2.10.3-150500.5.23.1
    * python3-libxml2-2.10.3-150500.5.23.1
    * libxml2-devel-2.10.3-150500.5.23.1
    * python311-libxml2-debuginfo-2.10.3-150500.5.23.1
    * python311-libxml2-2.10.3-150500.5.23.1
  * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64)
    * libxml2-2-32bit-2.10.3-150500.5.23.1
    * libxml2-2-32bit-debuginfo-2.10.3-150500.5.23.1

## References:

  * https://www.suse.com/security/cve/CVE-2024-56171.html
  * https://www.suse.com/security/cve/CVE-2025-24928.html
  * https://www.suse.com/security/cve/CVE-2025-27113.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1237363
  * https://bugzilla.suse.com/show_bug.cgi?id=1237370
  * https://bugzilla.suse.com/show_bug.cgi?id=1237418

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250228/5865934e/attachment.htm>